Weird redirect – Virus, Trojan, Spyware, and Malware Removal Help | #firefox | #chrome | #microsoftedge | #education | #technology | #infosec



Hello and thx for responding. I am now running the scan. I left all the checkboxes as they were. Is that ok?List BCD,SignCheck Ext, Shortcut.txt and 90 days files are not checked by default so im gonna leave them as they are. Anyways im gonna take some screenshots and post them in a second.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-11-2021

Ran by Alex (administrator) on ALEX (LENOVO 82B5) (04-11-2021 08:51:11)

Running from C:UsersAlexDesktop

Loaded Profiles: Alex

: Microsoft Windows 10 Pro Version 20H2 19042.1288 (X64) Language: English (United States)

Default browser: Chrome

Boot Mode: Normal

 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

() [File not signed] C:ProgramDataDolbyDAX3RADARHOSTDSRHost.exe

(Advanced Micro Devices Inc.) C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4mradeonsoftwareAMDRSServ.exe

(Advanced Micro Devices Inc.) C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4mradeonsoftwareRadeonSoftware.exe

(Advanced Micro Devices, Inc. -> AMD) C:WindowsSystem32DriverStoreFileRepository͙763.inf_amd64_cbe903b159d3b969B359805atieclxx.exe

(Advanced Micro Devices, Inc. -> AMD) C:WindowsSystem32DriverStoreFileRepository͙763.inf_amd64_cbe903b159d3b969B359805atiesrxx.exe

(Brave Software, Inc. -> BraveSoftware Inc.) C:Program Files (x86)BraveSoftwareUpdateBraveUpdate.exe

(Dolby Laboratories, Inc. -> Dolby Laboratories) C:WindowsSystem32DriverStoreFileRepositoryDAX3_S~1.INFDAX3API.exe

(Dolby Laboratories, Inc. -> Dolby Laboratories) C:WindowsSystem32DriverStoreFileRepositorydax3_swc_aposvc.inf_amd64_fe9531bca29258f3DAX3API.exe

(Google LLC -> Google LLC) C:Program Files (x86)GoogleUpdate1.3.36.112GoogleCrashHandler.exe

(Google LLC -> Google LLC) C:Program Files (x86)GoogleUpdate1.3.36.112GoogleCrashHandler64.exe

(Google LLC -> Google LLC) C:Program Files (x86)GoogleUpdateGoogleUpdate.exe

(Google LLC -> Google LLC) C:Program FilesGoogleChromeApplicationchrome.exe <14>

(Huawei Technologies Co., Ltd. -> ) C:Program Files (x86)HiSuiteHandSetServiceHuaweiHiSuiteService64.exe

(Intel® Wireless Connectivity Solutions -> Intel Corporation) C:WindowsSystem32ibtsiva.exe

(Lenovo (Beijing) Limited -> Lenovo Group Limited) C:UsersAlexAppDataLocalProgramsLenovoLenovo Service BridgeLSB.exe

(Lenovo -> Lenovo(beijing) Limited) C:WindowsSystem32DriverStoreFileRepositorylenovofnandfunctionkeys.inf_amd64_b9fd1528982e300fLenovoUtilityService.exe

(Malwarebytes Inc -> Malwarebytes) C:Program FilesMalwarebytesAnti-MalwareMBAMService.exe

(Malwarebytes Inc -> Malwarebytes) C:Program FilesMalwarebytesAnti-Malwarembamtray.exe

(Microsoft Corporation -> Microsoft Corporation) C:Program Files (x86)MicrosoftEdgeUpdateMicrosoftEdgeUpdate.exe

(Microsoft Corporation -> Microsoft Corporation) C:Program FilesCommon Filesmicrosoft sharedOfficeSoftwareProtectionPlatformOSPPSVC.EXE

(Microsoft Corporation) C:Program FilesWindowsAppsMicrosoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbweWinStore.App.exe

(Microsoft Corporation) C:Program FilesWindowsAppsMicrosoft.ZuneMusic_10.20122.11121.0_x64__8wekyb3d8bbweMusic.UI.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsImmersiveControlPanelSystemSettings.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32cmd.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32dllhost.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32MoUsoCoreWorker.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32smartscreen.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32wlanext.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsWinSxSamd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1220_none_7e21bc567c7ed16bTiWorker.exe

(Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:WindowsSystem32amdfendrsr.exe

(Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:WindowsSystem32FMService64.exe

(NVIDIA Corporation -> Node.js) C:Program Files (x86)NVIDIA CorporationNvNodeNVIDIA Web Helper.exe

(NVIDIA Corporation -> NVIDIA Corporation) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe <3>

(NVIDIA Corporation -> NVIDIA Corporation) C:Program FilesNVIDIA CorporationNVIDIA GeForce ExperienceNVIDIA Share.exe <3>

(NVIDIA Corporation -> NVIDIA Corporation) C:Program FilesNVIDIA CorporationShadowPlaynvsphelper64.exe

(NVIDIA Corporation -> NVIDIA Corporation) C:WindowsSystem32DriverStoreFileRepositorynvlt.inf_amd64_01ef36ba3f9e7237Display.NvContainerNVDisplay.Container.exe <2>

(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:WindowsSystem32RtkAudUService64.exe <2>

 

==================== Registry (Whitelisted) ===================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM…Run: [RtkAudUService] => C:WINDOWSSystem32RtkAudUService64.exe [1082672 2020-06-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)

HKLM…Run: [Riot Vanguard] => C:Program FilesRiot Vanguardvgtray.exe [3180256 2021-08-30] (Riot Games, Inc. -> Riot Games, Inc.)

HKLM-x32…Run: [SunJavaUpdateSched] => C:Program Files (x86)Common FilesJavaJava Updatejusched.exe [334896 2015-06-08] (Oracle America, Inc. -> Oracle Corporation)

HKUS-1-5-21-274093857-217602951-3633155144-1001…Run: [EpicGamesLauncher] => N:Epic GamesLauncherPortalBinariesWin64EpicGamesLauncher.exe [33526752 2021-10-28] (Epic Games Inc. -> Epic Games, Inc.)

HKUS-1-5-21-274093857-217602951-3633155144-1001…Run: [Discord] => C:UsersAlexAppDataLocalDiscordUpdate.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)

HKUS-1-5-21-274093857-217602951-3633155144-1001…Run: [Steam] => N:cs gosteam.exe [4267928 2021-10-13] (Valve -> Valve Corporation)

HKUS-1-5-21-274093857-217602951-3633155144-1001…Run: [Opera Browser Assistant] => C:UsersAlexAppDataLocalProgramsOperaassistantbrowser_assistant.exe [4105424 2021-10-14] (Opera Software AS -> Opera Software)

HKUS-1-5-21-274093857-217602951-3633155144-1001…Run: [Gaijin.Net Updater] => C:UsersAlexAppDataLocalGaijinProgram Files (x86)NetAgentgjagent.exe [2374376 2020-12-03] (Gaijin Network LTD -> Gaijin)

HKUS-1-5-21-274093857-217602951-3633155144-1001…Run: [IDMan] => C:Program Files (x86)Internet Download ManagerIDMan.exe [5665696 2021-10-22] (Tonec Inc. -> Tonec Inc.)

HKUS-1-5-21-274093857-217602951-3633155144-1001…RunOnce: [Delete Cached Update Binary] => C:WINDOWSsystem32cmd.exe /q /c del /q “C:UsersAlexAppDataLocalMicrosoftOneDriveUpdateOneDriveSetup.exe”

HKUS-1-5-21-274093857-217602951-3633155144-1001…RunOnce: [Delete Cached Standalone Update Binary] => C:WINDOWSsystem32cmd.exe /q /c del /q “C:UsersAlexAppDataLocalMicrosoftOneDriveStandaloneUpdaterOneDriveSetup.exe”

HKUS-1-5-21-274093857-217602951-3633155144-1001…RunOnce: [Uninstall 21.196.0921.0007] => C:WINDOWSsystem32cmd.exe /q /c rmdir /s /q “C:UsersAlexAppDataLocalMicrosoftOneDrive21.196.0921.0007”

HKUS-1-5-21-274093857-217602951-3633155144-1001…MountPoints2: {7ce69f74-1e18-11ec-8557-5405db6dbf96} – “D:HiSuiteDownLoader.exe” 

HKUS-1-5-21-274093857-217602951-3633155144-1001…MountPoints2: {7ce69fa1-1e18-11ec-8557-5405db6dbf96} – “D:HiSuiteDownLoader.exe” 

HKLMSoftwareMicrosoftActive SetupInstalled Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:Program FilesGoogleChromeApplication95.0.4638.69Installerchrmstp.exe [2021-10-29] (Google LLC -> Google LLC)

HKLMSoftwareMicrosoftActive SetupInstalled Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:Program FilesBraveSoftwareBrave-BrowserApplication95.1.31.88Installerchrmstp.exe [2021-11-03] (Brave Software, Inc. -> Brave Software, Inc.)

HKLMSOFTWAREPoliciesMozillaFirefox: Restriction <==== ATTENTION

 

==================== Scheduled Tasks (Whitelisted) ============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

Task: {0519F1F8-6E9E-41E8-8D2E-24FF41EAF711} – System32TasksNvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program Files (x86)NVIDIA CorporationNvNodenvnodejslauncher.exe [645488 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {06CC618E-214D-4DD6-8D03-BBF1A13E2570} – System32TasksNvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationUpdate CoreNvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {13208BB9-AB7C-4DB6-94E1-C37D993759DC} – System32TasksNvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvBackendNvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {2FDB7C0F-3F82-4B3F-B98F-116220247A95} – System32TasksGoogleUpdateTaskMachineUA => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [155592 2020-11-18] (Google LLC -> Google LLC)

Task: {57E2CA8D-BCD0-4A77-B4F8-2A3E34FA3C5A} – System32TasksOpera scheduled Autoupdate 1605693483 => C:UsersAlexAppDataLocalProgramsOperalauncher.exe [46227664 2021-10-20] (Opera Software AS -> Opera Software)

Task: {60D34953-FE67-4CD4-89C6-43EAFF701565} – System32TasksBraveSoftwareUpdateTaskMachineUA => C:Program Files (x86)BraveSoftwareUpdateBraveUpdate.exe [162456 2021-11-03] (Brave Software, Inc. -> BraveSoftware Inc.)

Task: {60E51F0B-80EC-4CB7-A659-02818BE1D29F} – System32TasksLenovoLenovo Service BridgeS-1-5-21-274093857-217602951-3633155144-1001 => C:UsersAlexAppDataLocalProgramsLenovoLenovo Service BridgeLSBUpdater.exe [87896 2021-10-30] (Lenovo (Beijing) Limited -> Lenovo Group Limited)

Task: {69B7DAF9-72D5-47D7-9F9E-AF6E2BC94DA9} – System32TasksNvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvBackendNvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {7A42A060-EA9F-4F71-B5E5-A7981491B0ED} – System32TasksTVTTVSUUpdateTask => C:Program Files (x86)LenovoSystem UpdatetvsuShim.exe [1758792 2021-09-22] (Lenovo -> )

Task: {836E2F5F-C090-4A73-8F59-B860EC1DF881} – System32TasksNvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d “C:Program FilesNVIDIA CorporationNvBackendNvBatteryBoostCheck” -l 3 -f C:ProgramDataNVIDIANvContainerBatteryBoostCheck.log

Task: {84EACB1F-DD54-463F-9B38-970A9598F52F} – System32TasksMicrosoftWindowstermsrvRemoteFXRemoteFXvGPUDisableTask => C:WINDOWSSystem32RemoteFXvGPUDisablement.exe

Task: {93073F1C-F45D-4DF3-ACD6-FFCF703ACE62} – System32TasksNvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationUpdate CoreNvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {AA590A6C-7DC6-4365-8A1A-0555D1DB41EC} – System32TasksMicrosoftWindowstermsrvRemoteFXRemoteFXWarningTask => C:WINDOWSSystem32RemoteFXvGPUDisablement.exe

Task: {AB14D51A-E12F-4039-810F-BCDE6FAD69C7} – System32TasksNvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvBackendNvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {AC3C25C9-F94B-4FB6-B6BB-87F4F424503D} – System32TasksOpera scheduled assistant Autoupdate 1605693484 => C:UsersAlexAppDataLocalProgramsOperalauncher.exe [46227664 2021-10-20] (Opera Software AS -> Opera Software) -> –scheduledautoupdate –component-name=assistant –component-path=”C:UsersAlexAppDataLocalProgramsOperaassistant” $(Arg0)

Task: {AC8BF827-B0E5-4201-BA56-676F2970C33F} – System32TasksLenovoLenovo MigrationAssistant start event task => C:Program FilesLenovoLenovo Migration AssistantLenovo Migration Assistant Srv.exe [290744 2020-08-18] (Lenovo -> )

Task: {BB16D342-94C3-4685-970B-B95D2E36E1FA} – System32TasksNvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d “C:Program FilesNVIDIA CorporationNvDriverUpdateCheck” -l 3 -f C:ProgramDataNVIDIANvContainerDriverUpdateCheck.log

Task: {D68B4A22-798D-4397-BF9A-398C91260B3F} – System32TasksNVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNVIDIA GeForce ExperienceNVIDIA GeForce Experience.exe [3339120 2021-06-15] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {DAB70EF5-20D5-4500-ADF1-A3A312F81117} – System32TasksNvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvBackendNvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {E034CE2B-9079-4E81-A248-B1210103E0FA} – System32TasksBraveSoftwareUpdateTaskMachineCore => C:Program Files (x86)BraveSoftwareUpdateBraveUpdate.exe [162456 2021-11-03] (Brave Software, Inc. -> BraveSoftware Inc.)

Task: {E3485877-5E72-4366-BDE2-E33688A4F018} – System32TasksGoogleUpdateTaskMachineCore => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [155592 2020-11-18] (Google LLC -> Google LLC)

Task: {EDD797A8-AA4B-4DAE-AC73-320D3037A736} – System32TasksTVTTVSUUpdateTask_UserLogOn => C:Program Files (x86)LenovoSystem UpdatetvsuShim.exe [1758792 2021-09-22] (Lenovo -> )

 

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

 

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

TcpipParameters: [DhcpNameServer] 192.168.1.1

Tcpip..Interfaces{5d1697ef-e787-4ebb-b931-e0920466506f}: [DhcpNameServer] 192.168.1.1

Tcpip..Interfaces{8c82387b-c2c5-4bbd-a879-d1cff8cb0b96}: [DhcpNameServer] 192.168.1.1

Tcpip..Interfaces{ab4bd44b-1402-47d6-922a-c87b9f34bd78}: [DhcpNameServer] 192.168.1.1

 

Edge: 

=======

Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:WindowsSystemAppsMicrosoft.MicrosoftEdge_8wekyb3d8bbweAssetsHostExtensionsAutoFormFill [not found]

Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:WindowsSystemAppsMicrosoft.MicrosoftEdge_8wekyb3d8bbweAssetsHostExtensionsLearningTools [not found]

Edge DefaultProfile: Default

Edge Profile: C:UsersAlexAppDataLocalMicrosoftEdgeUser DataDefault [2021-11-03]

Edge Extension: (IDM Integration Module) – C:UsersAlexAppDataLocalMicrosoftEdgeUser DataDefaultExtensionsllbjbkhnmlidjebalopleeepgdfgcpec [2021-11-03]

Edge HKUS-1-5-21-274093857-217602951-3633155144-1001SOFTWAREMicrosoftEdgeExtensions…EdgeExtension: [llbjbkhnmlidjebalopleeepgdfgcpec] – C:Program Files (x86)Internet Download ManagerIDMEdgeExt.crx [2021-10-25]

Edge HKLM-x32…EdgeExtension: [ihcjicgdanjaechkgeegckofjjedodee]

 

FireFox:

========

FF HKUS-1-5-21-274093857-217602951-3633155144-1001…SeaMonkeyExtensions: [mozilla_cc@internetdownloadmanager.com] – C:UsersAlexAppDataRoamingIDMidmmzcc5

FF Extension: (IDM CC) – C:UsersAlexAppDataRoamingIDMidmmzcc5 [2021-10-29] [Legacy] [not signed]

FF HKUS-1-5-21-274093857-217602951-3633155144-1001…SeaMonkeyExtensions: [mozilla_cc2@internetdownloadmanager.com] – C:Program Files (x86)Internet Download Manageridmmzcc2.xpi

FF Extension: (IDM integration) – C:Program Files (x86)Internet Download Manageridmmzcc2.xpi [2017-12-20] [Legacy]

FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:Program FilesJavajre1.8.0_51bindtpluginnpDeployJava1.dll [2021-06-13] (Oracle America, Inc. -> Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:Program FilesJavajre1.8.0_51binplugin2npjp2.dll [2021-06-13] (Oracle America, Inc. -> Oracle Corporation)

FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:PROGRA~1MICROS~1Office14NPAUTHZ.DLL [2010-01-10] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:PROGRA~2MICROS~2Office14NPAUTHZ.DLL [2010-01-10] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:PROGRA~2MICROS~2Office14NPSPWRAP.DLL [2010-01-10] (Microsoft Corporation -> Microsoft Corporation)

 

Chrome: 

=======

CHR Profile: C:UsersAlexAppDataLocalGoogleChromeUser DataDefault [2021-11-04]

CHR Notifications: Default -> hxxps://aternos.org; hxxps://meet.google.com

CHR Extension: (Slides) – C:UsersAlexAppDataLocalGoogleChromeUser DataDefaultExtensionsaapocclcgogkmnckokdopfmhonfmgoek [2020-11-18]

CHR Extension: (Docs) – C:UsersAlexAppDataLocalGoogleChromeUser DataDefaultExtensionsaohghmighlieiainnegkcijnfilokake [2020-11-18]

CHR Extension: (Google Drive) – C:UsersAlexAppDataLocalGoogleChromeUser DataDefaultExtensionsapdfllckaahabafndbhieahigkjlhalf [2020-11-18]

CHR Extension: (YouTube) – C:UsersAlexAppDataLocalGoogleChromeUser DataDefaultExtensionsblpcfgokakmgnkcojhhkbfbldkacnbeo [2020-11-18]

CHR Extension: (Sheets) – C:UsersAlexAppDataLocalGoogleChromeUser DataDefaultExtensionsfelcaaldnbdncclmgdcncolpebgiejap [2020-11-18]

CHR Extension: (Google Docs Offline) – C:UsersAlexAppDataLocalGoogleChromeUser DataDefaultExtensionsghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-10-14]

CHR Extension: (AdBlock — best ad blocker) – C:UsersAlexAppDataLocalGoogleChromeUser DataDefaultExtensionsgighmmpiobklfepjocnamgkkbiglidom [2021-10-28]

CHR Extension: (Malwarebytes Browser Guard) – C:UsersAlexAppDataLocalGoogleChromeUser DataDefaultExtensionsihcjicgdanjaechkgeegckofjjedodee [2021-11-03]

CHR Extension: (IDM Integration Module) – C:UsersAlexAppDataLocalGoogleChromeUser DataDefaultExtensionsngpampappnmepgilojfohadhhmbhlaek [2021-10-29]

CHR Extension: (Chrome Web Store Payments) – C:UsersAlexAppDataLocalGoogleChromeUser DataDefaultExtensionsnmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]

CHR Extension: (Gmail) – C:UsersAlexAppDataLocalGoogleChromeUser DataDefaultExtensionspjkljhegncpnkpknbcohdijeoejaedia [2020-11-18]

CHR HKLM…ChromeExtension: [ngpampappnmepgilojfohadhhmbhlaek] – C:Program Files (x86)Internet Download ManagerIDMGCExt.crx [2021-10-25]

CHR HKUS-1-5-21-274093857-217602951-3633155144-1001SOFTWAREGoogleChromeExtensions…ChromeExtension: [ngpampappnmepgilojfohadhhmbhlaek] – C:Program Files (x86)Internet Download ManagerIDMGCExt.crx [2021-10-25]

CHR HKLM-x32…ChromeExtension: [ihcjicgdanjaechkgeegckofjjedodee]

CHR HKLM-x32…ChromeExtension: [ngpampappnmepgilojfohadhhmbhlaek] – C:Program Files (x86)Internet Download ManagerIDMGCExt.crx [2021-10-25]

 

Opera: 

=======

OPR Profile: C:UsersAlexAppDataRoamingOpera SoftwareOpera Stable [2021-11-03]

OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}

OPR Extension: (Rich Hints Agent) – C:UsersAlexAppDataRoamingOpera SoftwareOpera StableExtensionsenegjkbbakeegngfapepobipndnebkdk [2021-11-03]

OPR Extension: (Amazon Assistant Promotion) – C:UsersAlexAppDataRoamingOpera SoftwareOpera StableExtensionskbmoiomgmchbpihhdpabemajcbjpcijk [2021-09-14]

 

Brave: 

=======

BRA Profile: C:UsersAlexAppDataLocalBraveSoftwareBrave-BrowserUser DataDefault [2021-11-03]

BRA Extension: (Malwarebytes Browser Guard) – C:UsersAlexAppDataLocalBraveSoftwareBrave-BrowserUser DataDefaultExtensionsihcjicgdanjaechkgeegckofjjedodee [2021-11-03]

BRA Extension: (IDM Integration Module) – C:UsersAlexAppDataLocalBraveSoftwareBrave-BrowserUser DataDefaultExtensionsngpampappnmepgilojfohadhhmbhlaek [2021-11-03]

BRA Extension: (Brave Local Data Files Updater) – C:UsersAlexAppDataLocalBraveSoftwareBrave-BrowserUser Dataafalakplffnnnlkncjhbmahjfjhmlkal [2021-11-03]

BRA Extension: (Brave Ad Block Updater (Default)) – C:UsersAlexAppDataLocalBraveSoftwareBrave-BrowserUser Datacffkpbalmllkdoenhmdmpbkajipdjfam [2021-11-03]

BRA Extension: (Brave NTP sponsored images) – C:UsersAlexAppDataLocalBraveSoftwareBrave-BrowserUser Datagccbbckogglekeggclmmekihdgdpdgoe [2021-11-03]

BRA Extension: (Brave SpeedReader Updater) – C:UsersAlexAppDataLocalBraveSoftwareBrave-BrowserUser Datajicbkmdloagakknpihibphagfckhjdih [2021-11-03]

BRA Extension: (Brave HTTPS Everywhere Updater) – C:UsersAlexAppDataLocalBraveSoftwareBrave-BrowserUser Dataoofiananboodjbbmdelgdommihjbkfag [2021-11-03]

 

==================== Services (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

S3 BEService; C:Program Files (x86)Common FilesBattlEyeBEService.exe [8901968 2021-02-28] (BattlEye Innovations e.K. -> )

S2 brave; C:Program Files (x86)BraveSoftwareUpdateBraveUpdate.exe [162456 2021-11-03] (Brave Software, Inc. -> BraveSoftware Inc.)

S3 bravem; C:Program Files (x86)BraveSoftwareUpdateBraveUpdate.exe [162456 2021-11-03] (Brave Software, Inc. -> BraveSoftware Inc.)

R2 DolbyDAXAPI; C:WINDOWSSystem32DriverStoreFileRepositorydax3_swc_aposvc.inf_amd64_fe9531bca29258f3DAX3API.exe [1928648 2020-05-20] (Dolby Laboratories, Inc. -> Dolby Laboratories)

S3 EasyAntiCheat; C:Program Files (x86)EasyAntiCheatEasyAntiCheat.exe [818304 2020-12-03] (EasyAntiCheat Oy -> Epic Games, Inc)

R2 FMAPOService; C:WINDOWSSystem32FMService64.exe [390400 2020-05-22] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)

R2 HuaweiHiSuiteService64.exe; C:Program Files (x86)HiSuiteHandSetServiceHuaweiHiSuiteService64.exe [236864 2021-06-03] (Huawei Technologies Co., Ltd. -> )

R2 LenovoFnAndFunctionKeys; C:WINDOWSSystem32DriverStoreFileRepositorylenovofnandfunctionkeys.inf_amd64_b9fd1528982e300fLenovoUtilityService.exe [539128 2021-08-26] (Lenovo -> Lenovo(beijing) Limited)

R2 MBAMService; C:Program FilesMalwarebytesAnti-MalwareMBAMService.exe [7826104 2021-11-03] (Malwarebytes Inc -> Malwarebytes)

S3 Rockstar Service; R:daLauncherRockstarService.exe [2332976 2021-10-22] (Rockstar Games, Inc. -> Rockstar Games)

S3 Sense; C:Program FilesWindows Defender Advanced Threat ProtectionMsSense.exe [5414976 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)

S3 vgc; C:Program FilesRiot Vanguardvgc.exe [10202040 2021-08-30] (Riot Games, Inc. -> Riot Games, Inc.)

S3 WdNisSvc; C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2110.6-0NisSrv.exe [2872024 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)

S3 WinDefend; C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2110.6-0MsMpEng.exe [128376 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)

R2 NVDisplay.ContainerLocalSystem; C:WINDOWSSystem32DriverStoreFileRepositorynvlt.inf_amd64_01ef36ba3f9e7237Display.NvContainerNVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%NVIDIANVDisplay.ContainerLocalSystem.log -l 3 -d C:WINDOWSSystem32DriverStoreFileRepositorynvlt.inf_amd64_01ef36ba3f9e7237Display.NvContainerpluginsLocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystemLocalSystem

 

===================== Drivers (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

R3 AMDXE; C:WINDOWSSystem32driversamdxe.sys [62056 2020-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

R1 ESProtectionDriver; C:WINDOWSsystem32driversmbae64.sys [160176 2021-11-03] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)

S3 ew_usbccgpfilter; C:WINDOWSSystem32driversew_usbccgpfilter.sys [18944 2021-06-03] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)

U5 hw_usbdev; C:WindowsSystem32Drivershw_usbdev.sys [116864 2021-06-03] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)

R2 MBAMChameleon; C:WINDOWSSystem32DriversMbamChameleon.sys [210352 2021-11-03] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)

S0 MbamElam; C:WINDOWSSystem32DRIVERSMbamElam.sys [19912 2021-11-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)

R3 MBAMFarflt; C:WINDOWSSystem32DRIVERSfarflt.sys [193448 2021-11-03] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)

R3 MBAMProtection; C:WINDOWSsystem32DRIVERSmbam.sys [69040 2021-11-03] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)

R3 MBAMSwissArmy; C:WINDOWSSystem32Driversmbamswissarmy.sys [248992 2021-11-03] (Malwarebytes Inc -> Malwarebytes)

R3 MBAMWebProtection; C:WINDOWSsystem32DRIVERSmwac.sys [149424 2021-11-03] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)

R1 vgk; C:Program FilesRiot Vanguardvgk.sys [8234240 2021-08-30] (Riot Games, Inc. -> Riot Games, Inc.)

S3 WdBoot; C:WINDOWSsystem32driverswdWdBoot.sys [48520 2021-11-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)

S3 WdFilter; C:WINDOWSsystem32driverswdWdFilter.sys [435424 2021-11-03] (Microsoft Windows -> Microsoft Corporation)

S3 WdNisDrv; C:WINDOWSSystem32driverswdWdNisDrv.sys [86240 2021-11-03] (Microsoft Windows -> Microsoft Corporation)

S3 MpKsl93a2f8b2; ??C:ProgramDataMicrosoftWindows DefenderDefinition Updates{2F92CD10-1926-4F3D-946B-2EA882E55D73}MpKslDrv.sys [X]

 

==================== NetSvcs (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

 

==================== One month (created) (Whitelisted) =========

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2021-11-04 08:51 – 2021-11-04 08:51 – 000026304 _____ C:UsersAlexDesktopFRST.txt

2021-11-04 08:51 – 2021-11-04 08:51 – 000000000 ____D C:UsersAlexAppDataLocalLowIGDump

2021-11-04 08:48 – 2021-11-04 08:51 – 000000000 ____D C:FRST

2021-11-04 08:47 – 2021-11-04 08:47 – 002311168 _____ (Farbar) C:UsersAlexDesktopFRST64.exe

2021-11-04 01:16 – 2021-11-04 01:16 – 000000000 ____D C:UsersAlexAppDataRoamingDMCache

2021-11-03 23:02 – 2021-11-03 23:02 – 000003438 _____ C:WINDOWSsystem32TasksBraveSoftwareUpdateTaskMachineUA

2021-11-03 23:02 – 2021-11-03 23:02 – 000003314 _____ C:WINDOWSsystem32TasksBraveSoftwareUpdateTaskMachineCore

2021-11-03 23:02 – 2021-11-03 23:02 – 000002443 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsBrave.lnk

2021-11-03 23:02 – 2021-11-03 23:02 – 000000000 ____D C:Program FilesBraveSoftware

2021-11-03 23:02 – 2021-11-03 23:02 – 000000000 ____D C:Program Files (x86)BraveSoftware

2021-11-03 23:01 – 2021-11-03 23:02 – 000000000 ____D C:UsersAlexAppDataLocalBraveSoftware

2021-11-03 22:10 – 2021-11-03 22:10 – 000248992 _____ (Malwarebytes) C:WINDOWSsystem32Driversmbamswissarmy.sys

2021-11-03 22:10 – 2021-11-03 22:10 – 000210352 _____ (Malwarebytes) C:WINDOWSsystem32DriversMbamChameleon.sys

2021-11-03 22:10 – 2021-11-03 22:10 – 000193448 _____ (Malwarebytes) C:WINDOWSsystem32Driversfarflt.sys

2021-11-03 22:10 – 2021-11-03 22:10 – 000160176 _____ (Malwarebytes) C:WINDOWSsystem32Driversmbae64.sys

2021-11-03 22:10 – 2021-11-03 22:10 – 000149424 _____ (Malwarebytes) C:WINDOWSsystem32Driversmwac.sys

2021-11-03 22:10 – 2021-11-03 22:10 – 000069040 _____ (Malwarebytes) C:WINDOWSsystem32Driversmbam.sys

2021-11-03 22:10 – 2021-11-03 22:10 – 000019912 _____ (Malwarebytes) C:WINDOWSsystem32DriversMbamElam.sys

2021-11-03 22:10 – 2021-11-03 22:10 – 000002040 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsMalwarebytes.lnk

2021-11-03 22:10 – 2021-11-03 22:10 – 000002028 _____ C:UsersPublicDesktopMalwarebytes.lnk

2021-11-03 22:10 – 2021-11-03 22:10 – 000000000 ____D C:UsersAlexAppDataLocalmbam

2021-11-03 22:10 – 2021-11-03 22:10 – 000000000 ____D C:ProgramDataMalwarebytes

2021-11-03 22:10 – 2021-11-03 22:10 – 000000000 ____D C:Program FilesMalwarebytes

2021-11-03 18:41 – 2021-11-03 18:41 – 000203264 _____ C:WINDOWSsystem32uwfcfgmgmt.dll

2021-11-03 18:41 – 2021-11-03 18:41 – 000158208 _____ C:WINDOWSsystem32uwfcsp.dll

2021-11-03 18:41 – 2021-11-03 18:41 – 000040960 _____ C:WINDOWSsystem32uwfservicingapi.dll

2021-11-03 18:40 – 2021-11-03 18:40 – 000706536 _____ C:WINDOWSsystem32TextShaping.dll

2021-11-03 18:40 – 2021-11-03 18:40 – 000611960 _____ C:WINDOWSSysWOW64TextShaping.dll

2021-11-03 18:40 – 2021-11-03 18:40 – 000570368 _____ (Microsoft Corporation) C:WINDOWSsystem32inetcpl.cpl

2021-11-03 18:40 – 2021-11-03 18:40 – 000452096 _____ (Microsoft Corporation) C:WINDOWSSysWOW64inetcpl.cpl

2021-11-03 18:40 – 2021-11-03 18:40 – 000288768 _____ C:WINDOWSsystem32Windows.Management.InprocObjects.dll

2021-11-03 18:40 – 2021-11-03 18:40 – 000098304 _____ C:WINDOWSsystem32Driverscimfs.sys

2021-11-03 18:40 – 2021-11-03 18:40 – 000011495 _____ C:WINDOWSsystem32DrtmAuthTxt.wim

2021-11-03 18:36 – 2021-11-03 18:36 – 000001153 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsPC Health Check.lnk

2021-11-03 18:36 – 2021-11-03 18:36 – 000000000 ___HD C:$WinREAgent

2021-11-03 18:36 – 2021-11-03 18:36 – 000000000 ____D C:Program FilesPCHealthCheck

2021-10-29 09:40 – 2021-10-29 11:20 – 000000000 ____D C:UsersAlexAppDataRoamingIDM

2021-10-29 09:40 – 2021-10-29 09:40 – 000000000 ____D C:ProgramDataIDM

2021-10-29 09:39 – 2021-10-29 09:40 – 000000000 ____D C:Program Files (x86)Internet Download Manager

2021-10-29 09:39 – 2021-10-29 09:39 – 000001085 _____ C:UsersAlexDesktopInternet Download Manager.lnk

2021-10-29 09:39 – 2021-10-29 09:39 – 000000000 ____D C:UsersAlexAppDataRoamingMicrosoftWindowsStart MenuProgramsInternet Download Manager

2021-10-29 09:39 – 2021-10-29 09:39 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsInternet Download Manager

2021-10-28 19:10 – 2021-10-28 19:10 – 000000000 ____D C:UsersPublicDocumentsOnlineFix

2021-10-25 20:08 – 2018-12-20 01:05 – 000229296 _____ (Tonec Inc.) C:WINDOWSsystem32Driversidmwfp.sys

2021-10-22 18:36 – 2021-10-22 18:36 – 000000000 ____D C:UsersAlexDocumentsAudiotonic

2021-10-21 14:26 – 2021-10-21 14:26 – 000000000 ____D C:WINDOWSsystem32TasksAgent Activation Runtime

2021-10-15 20:50 – 2021-10-15 20:52 – 000000000 ____D C:UsersAlexAppDataLocalenlisted

2021-10-15 20:50 – 2021-10-15 20:50 – 000000000 ____D C:UsersAlexAppDataRoamingEasyAntiCheat

2021-10-15 20:50 – 2021-10-15 20:50 – 000000000 ____D C:ProgramDataenlisted

2021-10-15 20:34 – 2021-10-15 20:34 – 000000000 ____D C:UsersAlexAppDataLocalGaijin

2021-10-15 20:34 – 2021-10-15 20:34 – 000000000 ____D C:ProgramDataGaijin

2021-10-15 20:33 – 2021-10-15 20:33 – 000000763 _____ C:UsersAlexDesktopEnlisted.lnk

2021-10-15 20:33 – 2021-10-15 20:33 – 000000000 ____D C:UsersAlexDocumentsMy Games

2021-10-15 20:33 – 2021-10-15 20:33 – 000000000 ____D C:UsersAlexAppDataRoamingMicrosoftWindowsStart MenuProgramsEnlisted

2021-10-07 06:39 – 2021-10-07 06:39 – 002111488 _____ (Digimarc) C:WINDOWSSysWOW64DMRCDecoder.dll

2021-10-07 06:39 – 2021-10-07 06:39 – 001333760 _____ C:WINDOWSSysWOW64TextInputMethodFormatter.dll

2021-10-07 06:39 – 2021-10-07 06:39 – 001164288 _____ C:WINDOWSsystem32MBR2GPT.EXE

2021-10-07 06:39 – 2021-10-07 06:39 – 000672768 _____ C:WINDOWSsystem32FsNVSDeviceSource.dll

2021-10-07 06:39 – 2021-10-07 06:39 – 000223744 _____ C:WINDOWSSysWOW64TpmTool.exe

2021-10-07 06:39 – 2021-10-07 06:39 – 000170496 _____ C:WINDOWSsystem32DeviceUpdateCenterCsp.dll

2021-10-07 06:38 – 2021-10-07 06:38 – 002295296 _____ (Digimarc) C:WINDOWSsystem32DMRCDecoder.dll

2021-10-07 06:38 – 2021-10-07 06:38 – 002260992 _____ C:WINDOWSsystem32TextInputMethodFormatter.dll

2021-10-07 06:38 – 2021-10-07 06:38 – 000272384 _____ C:WINDOWSsystem32TpmTool.exe

2021-10-07 06:38 – 2021-10-07 06:38 – 000162816 _____ C:WINDOWSsystem32DataStoreCacheDumpTool.exe

 

==================== One month (modified) ==================

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2021-11-04 08:50 – 2019-12-07 11:13 – 000000000 ____D C:WINDOWSINF

2021-11-04 08:48 – 2021-06-29 13:48 – 000003352 _____ C:WINDOWSsystem32TasksOneDrive Standalone Update Task-S-1-5-21-274093857-217602951-3633155144-1001

2021-11-04 08:48 – 2021-06-29 13:43 – 000002383 _____ C:UsersAlexAppDataRoamingMicrosoftWindowsStart MenuProgramsOneDrive.lnk

2021-11-04 08:48 – 2020-11-18 16:48 – 000000000 ____D C:Program Files (x86)Google

2021-11-04 08:47 – 2020-11-18 14:45 – 000000000 ____D C:ProgramDataNVIDIA

2021-11-04 01:16 – 2019-12-07 11:14 – 000000000 ____D C:ProgramDataregid.1991-06.com.microsoft

2021-11-04 00:22 – 2020-11-19 08:45 – 000000000 ____D C:UsersAlexAppDataRoamingdiscord

2021-11-04 00:19 – 2021-02-23 10:05 – 000000000 ____D C:UsersAlexAppDataLocalDiscord

2021-11-03 23:04 – 2021-01-03 12:44 – 000000000 ____D C:UsersAlexAppDataLocalCrashDumps

2021-11-03 22:10 – 2019-12-07 11:14 – 000000000 ___HD C:WINDOWSELAMBKUP

2021-11-03 19:06 – 2019-12-07 11:14 – 000000000 ____D C:WINDOWSRegistration

2021-11-03 18:52 – 2021-06-29 13:53 – 000840598 _____ C:WINDOWSsystem32PerfStringBackup.INI

2021-11-03 18:46 – 2021-03-22 20:50 – 000000001 _____ C:WINDOWSvgkbootstatus.dat

2021-11-03 18:45 – 2021-06-29 13:48 – 000000006 ____H C:WINDOWSTasksSA.DAT

2021-11-03 18:45 – 2021-06-29 13:42 – 000434688 _____ C:WINDOWSsystem32FNTCACHE.DAT

2021-11-03 18:45 – 2021-06-29 13:42 – 000008192 ___SH C:DumpStack.log.tmp

2021-11-03 18:45 – 2019-12-07 11:14 – 000000000 ____D C:WINDOWSAppReadiness

2021-11-03 18:43 – 2019-12-07 11:54 – 000000000 ____D C:Program FilesWindows Defender Advanced Threat Protection

2021-11-03 18:43 – 2019-12-07 11:14 – 000000000 ___SD C:WINDOWSsystem32UNP

2021-11-03 18:43 – 2019-12-07 11:14 – 000000000 ___RD C:WINDOWSImmersiveControlPanel

2021-11-03 18:43 – 2019-12-07 11:14 – 000000000 ____D C:WINDOWSSysWOW64oobe

2021-11-03 18:43 – 2019-12-07 11:14 – 000000000 ____D C:WINDOWSSystemResources

2021-11-03 18:43 – 2019-12-07 11:14 – 000000000 ____D C:WINDOWSsystem32WinBioPlugIns

2021-11-03 18:43 – 2019-12-07 11:14 – 000000000 ____D C:WINDOWSsystem32oobe

2021-11-03 18:43 – 2019-12-07 11:14 – 000000000 ____D C:WINDOWSPolicyDefinitions

2021-11-03 18:43 – 2019-12-07 11:14 – 000000000 ____D C:WINDOWSDiagTrack

2021-11-03 18:43 – 2019-12-07 11:14 – 000000000 ____D C:WINDOWSbcastdvr

2021-11-03 18:43 – 2019-12-07 11:03 – 000524288 _____ C:WINDOWSsystem32configBBI

2021-11-03 18:42 – 2021-06-29 13:43 – 000000000 ____D C:UsersAlex

2021-11-03 18:42 – 2019-12-07 11:03 – 000000000 ____D C:WINDOWSCbsTemp

2021-11-03 18:36 – 2020-11-18 13:48 – 000000000 ____D C:WINDOWSsystem32MRT

2021-11-03 18:35 – 2020-11-18 13:48 – 139806512 ____C (Microsoft Corporation) C:WINDOWSsystem32MRT.exe

2021-11-03 18:21 – 2020-11-18 11:51 – 000000000 ____D C:UsersAlexAppDataLocalPackages

2021-11-03 18:08 – 2021-06-29 13:42 – 000000000 ____D C:WINDOWSsystem32SleepStudy

2021-11-03 18:07 – 2020-11-18 11:53 – 000000000 ____D C:WINDOWSTempInst

2021-11-03 15:16 – 2020-11-18 20:57 – 000000000 ____D C:UsersAlexAppDataLocalBattle.net

2021-11-03 14:42 – 2021-06-28 07:34 – 000000000 ____D C:UsersAlexAppDataRoamingparadox-launcher-v2

2021-11-03 10:10 – 2020-11-19 08:36 – 000000000 ____D C:UsersAlexAppDataRoamingCodeBlocks

2021-11-03 09:06 – 2020-11-18 14:41 – 000000000 ____D C:WINDOWSsystem32Driverswd

2021-10-31 20:35 – 2020-11-18 11:56 – 000002445 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsMicrosoft Edge.lnk

2021-10-31 20:35 – 2019-12-07 11:14 – 000000000 ___HD C:Program FilesWindowsApps

2021-10-29 09:37 – 2020-11-18 11:59 – 000000000 ____D C:UsersAlexAppDataLocalLenovoServiceBridge

2021-10-29 09:33 – 2020-11-18 16:49 – 000002256 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle Chrome.lnk

2021-10-29 09:33 – 2020-11-18 16:49 – 000002215 _____ C:UsersPublicDesktopGoogle Chrome.lnk

2021-10-26 18:37 – 2020-11-21 18:35 – 000007590 _____ C:UsersAlexAppDataLocalResmon.ResmonCfg

2021-10-25 14:20 – 2020-12-09 08:07 – 000000000 ____D C:Program FilesRockstar Games

2021-10-25 14:20 – 2020-12-09 08:07 – 000000000 ____D C:Program Files (x86)Rockstar Games

2021-10-22 18:34 – 2020-11-18 14:42 – 000000000 ____D C:ProgramDataPackages

2021-10-22 18:34 – 2020-11-18 12:08 – 000000000 ____D C:UsersAlexAppDataLocalPlaceholderTileLogoFolder

2021-10-22 16:13 – 2021-06-29 13:48 – 000004132 _____ C:WINDOWSsystem32TasksOpera scheduled Autoupdate 1605693483

2021-10-22 16:13 – 2020-11-18 11:58 – 000001409 _____ C:UsersAlexAppDataRoamingMicrosoftWindowsStart MenuProgramsOpera Browser.lnk

2021-10-17 10:34 – 2020-12-03 16:35 – 000000000 ____D C:UsersAlexAppDataRoaming.minecraft

2021-10-17 10:33 – 2020-12-03 16:36 – 000000000 ____D C:UsersAlexAppDataRoaming.tlauncher

2021-10-16 17:50 – 2021-06-29 13:48 – 000004308 _____ C:WINDOWSsystem32TasksNvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-10-16 17:50 – 2021-06-29 13:48 – 000004106 _____ C:WINDOWSsystem32TasksNvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-10-16 17:50 – 2021-06-29 13:48 – 000003976 _____ C:WINDOWSsystem32TasksNVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-10-16 17:50 – 2021-06-29 13:48 – 000003940 _____ C:WINDOWSsystem32TasksNvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-10-16 17:50 – 2021-06-29 13:48 – 000003894 _____ C:WINDOWSsystem32TasksNvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-10-16 17:50 – 2021-06-29 13:48 – 000003858 _____ C:WINDOWSsystem32TasksNvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-10-16 17:50 – 2021-06-29 13:48 – 000003858 _____ C:WINDOWSsystem32TasksNvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-10-16 17:50 – 2021-06-29 13:48 – 000003858 _____ C:WINDOWSsystem32TasksNvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-10-16 17:50 – 2021-06-29 13:48 – 000003858 _____ C:WINDOWSsystem32TasksNvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-10-16 17:50 – 2021-06-29 13:48 – 000003654 _____ C:WINDOWSsystem32TasksNvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-10-16 17:50 – 2021-01-01 13:08 – 000000000 ____D C:Program Files (x86)NVIDIA Corporation

2021-10-16 17:50 – 2020-11-18 14:45 – 000000000 ____D C:ProgramDataNVIDIA Corporation

2021-10-16 17:50 – 2020-11-18 14:45 – 000000000 ____D C:Program FilesNVIDIA Corporation

2021-10-15 20:50 – 2021-02-28 14:45 – 000000000 ____D C:Program Files (x86)EasyAntiCheat

2021-10-15 19:08 – 2020-11-18 11:59 – 000000000 ____D C:ProgramDataLenovo

2021-10-15 10:44 – 2021-06-29 13:48 – 000000000 ____D C:WINDOWSsystem32TasksTVT

2021-10-15 10:44 – 2021-02-19 12:41 – 000001383 _____ C:WINDOWSSysWOW64InstallUtil.InstallLog

2021-10-15 10:44 – 2020-11-18 11:59 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramslenovo

2021-10-15 10:44 – 2020-11-18 11:59 – 000000000 ____D C:Program Files (x86)Lenovo

2021-10-14 18:16 – 2019-12-07 11:14 – 000000000 ____D C:WINDOWSSysWOW64WinMetadata

2021-10-14 18:16 – 2019-12-07 11:14 – 000000000 ____D C:WINDOWSSysWOW64Dism

2021-10-14 18:16 – 2019-12-07 11:14 – 000000000 ____D C:WINDOWSsystem32WinMetadata

2021-10-14 18:16 – 2019-12-07 11:14 – 000000000 ____D C:WINDOWSsystem32migwiz

2021-10-14 18:16 – 2019-12-07 11:14 – 000000000 ____D C:WINDOWSsystem32Dism

2021-10-14 18:16 – 2019-12-07 11:14 – 000000000 ____D C:WINDOWSsystem32DDFs

2021-10-14 18:16 – 2019-12-07 11:14 – 000000000 ____D C:WINDOWSsystem32appraiser

2021-10-14 18:16 – 2019-12-07 11:14 – 000000000 ____D C:WINDOWSShellComponents

2021-10-14 18:16 – 2019-12-07 11:14 – 000000000 ____D C:WINDOWSProvisioning

2021-10-14 18:16 – 2019-12-07 11:03 – 000000000 ____D C:WINDOWSservicing

2021-10-14 16:58 – 2021-06-29 13:48 – 000004384 _____ C:WINDOWSsystem32TasksOpera scheduled assistant Autoupdate 1605693484

2021-10-09 09:29 – 2021-07-29 08:43 – 000003386 _____ C:WINDOWSsystem32TasksMicrosoftEdgeUpdateTaskMachineCore1d76cdc5b37fbd4

2021-10-09 09:29 – 2021-06-29 13:48 – 000003480 _____ C:WINDOWSsystem32TasksMicrosoftEdgeUpdateTaskMachineUA

2021-10-07 06:41 – 2020-11-20 18:31 – 000000000 ____D C:Program FilesMicrosoft Update Health Tools

 

==================== Files in the root of some directories ========

 

2020-11-21 18:35 – 2021-10-26 18:37 – 000007590 _____ () C:UsersAlexAppDataLocalResmon.ResmonCfg

 

==================== SigCheck ============================

 

(There is no automatic fix for files that do not pass verification.)

 

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-11-2021

Ran by Alex (04-11-2021 08:51:59)

Running from C:UsersAlexDesktop

Microsoft Windows 10 Pro Version 20H2 19042.1288 (X64) (2021-06-29 11:48:36)

Boot Mode: Normal

==========================================================

 

 

==================== Accounts: =============================

 

 

(If an entry is included in the fixlist, it will be removed.)

 

Administrator (S-1-5-21-274093857-217602951-3633155144-500 – Administrator – Disabled)

Alex (S-1-5-21-274093857-217602951-3633155144-1001 – Administrator – Enabled) => C:UsersAlex

DefaultAccount (S-1-5-21-274093857-217602951-3633155144-503 – Limited – Disabled)

Guest (S-1-5-21-274093857-217602951-3633155144-501 – Limited – Disabled)

WDAGUtilityAccount (S-1-5-21-274093857-217602951-3633155144-504 – Limited – Disabled)

 

==================== Security Center ========================

 

(If an entry is included in the fixlist, it will be removed.)

 

AV: Windows Defender (Disabled – Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AV: Malwarebytes (Enabled – Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}

AS: Windows Defender (Enabled – Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

 

==================== Installed Programs ======================

 

(Only the adware programs with “Hidden” flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 

7-Zip 19.00 (x64) (HKLM…7-Zip) (Version: 19.00 – Igor Pavlov)

Battle.net (HKLM-x32…Battle.net) (Version:  – Blizzard Entertainment)

Brave (HKLM-x32…BraveSoftware Brave-Browser) (Version: 95.1.31.88 – Brave Software Inc)

BS.Player FREE (HKLM-x32…BSPlayerf) (Version: 2.75.1089 – AB Team, d.o.o.)

CodeBlocks (HKUS-1-5-21-274093857-217602951-3633155144-1001…CodeBlocks) (Version: 20.03 – The Code::Blocks Team)

Discord (HKUS-1-5-21-274093857-217602951-3633155144-1001…Discord) (Version: 0.0.309 – Discord Inc.)

Enlisted Launcher 1.0.3.76 (HKUS-1-5-21-274093857-217602951-3633155144-1001…{5fcad5a5-d0d8-4edf-a5ba-040b397eac31}}_is1) (Version:  – Gaijin Network)

Epic Games Launcher (HKLM-x32…{FEF3A9BA-A962-4469-AD62-04839D4BB847}) (Version: 1.1.298.0 – Epic Games, Inc.)

Epic Games Launcher Prerequisites (x64) (HKLM…{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 – Epic Games, Inc.) Hidden

Google Chrome (HKLM-x32…Google Chrome) (Version: 95.0.4638.69 – Google LLC)

Google Update Helper (HKLM-x32…{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.101.0 – Google LLC) Hidden

HiSuite (HKLM-x32…Hi Suite) (Version: 11.0.0.550 – Huawei Technologies Co., Ltd.)

Internet Download Manager (HKLM-x32…Internet Download Manager) (Version: 6.39.7 – Tonec Inc.)

Java 8 Update 51 (64-bit) (HKLM…{26A24AE4-039D-4CA4-87B4-2F86418051F0}) (Version: 8.0.510 – Oracle Corporation)

Launcher Prerequisites (x64) (HKLM-x32…{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 – Epic Games, Inc.) Hidden

Lenovo Diagnostics Tool (HKLM…{01ADF966-E3BA-40DC-9037-E90BBA9ED50E}_is1) (Version: 4.37.0.209 – LENOVO (UNITED STATES) INC.)

Lenovo Migration Assistant (HKLM…Lenovo Migration Assistant_is1) (Version: 2.1.3.9 – Lenovo)

Lenovo Service Bridge (HKUS-1-5-21-274093857-217602951-3633155144-1001…{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 5.0.2.8 – Lenovo)

Lenovo System Update (HKLM-x32…TVSU_is1) (Version: 5.07.0131 – Lenovo)

Malwarebytes version 4.4.9.142 (HKLM…{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.9.142 – Malwarebytes)

Microsoft Edge (HKLM-x32…Microsoft Edge) (Version: 95.0.1020.40 – Microsoft Corporation)

Microsoft Office Professional Plus 2010 (HKLM-x32…Office14.PROPLUS) (Version: 14.0.4734.1000 – Microsoft Corporation)

Microsoft OneDrive (HKUS-1-5-21-274093857-217602951-3633155144-1001…OneDriveSetup.exe) (Version: 21.205.1003.0003 – Microsoft Corporation)

Microsoft Update Health Tools (HKLM…{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 – Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32…{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 – Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable – 10.0.30319 (HKLM…{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 – Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable – 10.0.40219 (HKLM-x32…{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 – Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) – 12.0.30501 (HKLM-x32…{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 – Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) – 12.0.30501 (HKLM-x32…{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 – Microsoft Corporation)

Microsoft Visual C++ 2015-2019 Redistributable (x64) – 14.28.29334 (HKLM-x32…{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 – Microsoft Corporation)

Microsoft Visual C++ 2015-2019 Redistributable (x86) – 14.28.29334 (HKLM-x32…{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 – Microsoft Corporation)

Microsoft Visual Studio Installer (HKLM…{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 2.8.3077.1211 – Microsoft Corporation)

NVIDIA FrameView SDK 1.1.4923.29968894 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29968894 – NVIDIA Corporation)

NVIDIA GeForce Experience 3.23.0.74 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.23.0.74 – NVIDIA Corporation)

NVIDIA Graphics Driver 457.49 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 457.49 – NVIDIA Corporation)

NVIDIA PhysX (HKLM-x32…{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}) (Version: 9.09.0814 – NVIDIA Corporation)

Opera Stable 80.0.4170.63 (HKUS-1-5-21-274093857-217602951-3633155144-1001…Opera 80.0.4170.63) (Version: 80.0.4170.63 – Opera Software)

Overwatch (HKLM-x32…Overwatch) (Version:  – Blizzard Entertainment)

Paradox Launcher v2 (HKLM…{A8D4AE16-519B-409D-B5B4-2647C06805AD}) (Version: 2.0.3.0 – Paradox Interactive)

Riot Vanguard (HKLM…Riot Vanguard) (Version:  – Riot Games, Inc.)

Rockstar Games Launcher (HKLM-x32…Rockstar Games Launcher) (Version: 1.0.49.529 – Rockstar Games)

Rockstar Games Social Club (HKLM-x32…Rockstar Games Social Club) (Version: 2.0.9.3 – Rockstar Games)

Steam (HKLM-x32…Steam) (Version: 2.10.91.91 – Valve Corporation)

Unity (HKLM-x32…Unity) (Version: 2020.1.14f1 – Unity Technologies ApS)

Unity Hub 2.4.2 (HKLM…{Unity Technologies – Hub}) (Version: 2.4.2 – Unity Technologies Inc.)

Update for Windows 10 for x64-based Systems (KB4023057) (HKLM…{0BAA0A93-3AD3-4B19-9105-4C8C3FA92A83}) (Version: 2.67.0.0 – Microsoft Corporation) Hidden

Update for Windows 10 for x64-based Systems (KB4480730) (HKLM…{0746492E-47B6-4251-940C-44462DFD74BB}) (Version: 2.55.0.0 – Microsoft Corporation)

VALORANT (HKUS-1-5-21-274093857-217602951-3633155144-1001…Riot Game valorant.live) (Version:  – Riot Games, Inc)

Windows PC Health Check (HKLM…{B1E7D0FD-7CFE-4E0C-A5DA-0F676499DB91}) (Version: 3.2.2110.14001 – Microsoft Corporation)

WinRAR 5.71 (64-bit) (HKLM…WinRAR archiver) (Version: 5.71.0 – win.rar GmbH)

XviD MPEG-4 Video Codec (HKLM-x32…XviD_is1) (Version: XviD-1.0.1-05062004 – XviD Team (Koepi))

 

Packages:

=========

AMD Radeon Software -> C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m [2021-06-29] (Advanced Micro Devices Inc.) [Startup Task]

Audiotonic – Audacity rebuilt for Windows 10 -> C:Program FilesWindowsAppsBluskySoftwareInc.17062EE08491F_2.2.3.0_x86__61yk12x6sxn40 [2021-10-22] (Blusky Software Inc.)

Cortana -> C:Program FilesWindowsAppsMicrosoft.549981C3F5F10_1.1911.21713.0_x64__8wekyb3d8bbwe [2021-06-29] (Microsoft Corporation)

Dolby Access -> C:Program FilesWindowsAppsDolbyLaboratories.DolbyAccess_3.7.1129.0_x64__rz1tebttyb220 [2021-02-20] (Dolby Laboratories)

Dolby Atmos for Gaming -> C:Program FilesWindowsAppsDolbyLaboratories.DolbyAtmosforGaming_3.20602.609.0_x64__rz1tebttyb220 [2020-11-18] (Dolby Laboratories)

Microsoft Solitaire Collection -> C:Program FilesWindowsAppsMicrosoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-07-22] (Microsoft Studios) [MS Ad]

Microsoft To Do -> C:Program FilesWindowsAppsMicrosoft.Todos_2.38.4482.0_x64__8wekyb3d8bbwe [2021-07-22] (Microsoft Corporation) [Startup Task]

Microsoft Whiteboard -> C:Program FilesWindowsAppsMicrosoft.Whiteboard_21.10111.5575.0_x64__8wekyb3d8bbwe [2021-02-13] (Microsoft Corporation)

NVIDIA Control Panel -> C:Program FilesWindowsAppsNVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-06-29] (NVIDIA Corp.)

Photos Add-on -> C:Program FilesWindowsAppsMicrosoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-10-23] (Microsoft Corporation)

Photos Media Engine Add-on -> C:Program FilesWindowsAppsMicrosoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-11-20] (Microsoft Corporation)

Realtek Audio Control -> C:Program FilesWindowsAppsRealtekSemiconductorCorp.RealtekAudioControl_1.14.222.0_x64__dt26b99r8h8gj [2020-11-18] (Realtek Semiconductor Corp)

WhatsApp Desktop -> C:Program FilesWindowsApps5319275A.WhatsAppDesktop_2.2126.11.0_x64__cv1g1gvanyjgm [2021-07-18] (WhatsApp Inc.)

 

==================== Custom CLSID (Whitelisted): ==============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

CustomCLSID: HKUS-1-5-21-274093857-217602951-3633155144-1001_ClassesCLSID{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive – Personal] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}

ShellExecuteHooks: Groove GFS Stub Execution Hook – {B5A7F190-DDA6-4420-B3BA-52453494E6CD} – C:Program FilesMicrosoft OfficeOffice14GROOVEEX.DLL [6723984 2010-01-22] (Microsoft Corporation -> Microsoft Corporation)

ShellExecuteHooks-x32: Groove GFS Stub Execution Hook – {B5A7F190-DDA6-4420-B3BA-52453494E6CD} – C:Program Files (x86)Microsoft OfficeOffice14GROOVEEX.DLL [4222864 2010-01-22] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:Program Files (x86)Internet Download ManagerIDMShellExt64.dll [2021-03-03] (Tonec Inc. -> Tonec FZE)

ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:Program Files7-Zip7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]

ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:Program FilesWinRARrarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:Program FilesWinRARrarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:Program FilesMalwarebytesAnti-Malwarembshlext.dll [2021-11-03] (Malwarebytes Corporation -> Malwarebytes)

ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:Program Files7-Zip7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]

ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:WINDOWSSystem32DriverStoreFileRepositorynvlt.inf_amd64_01ef36ba3f9e7237nvshext.dll [2021-06-21] (NVIDIA Corporation -> NVIDIA Corporation)

ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:Program Files7-Zip7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]

ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:Program FilesMalwarebytesAnti-Malwarembshlext.dll [2021-11-03] (Malwarebytes Corporation -> Malwarebytes)

ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:Program FilesWinRARrarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:Program FilesWinRARrarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

 

==================== Codecs (Whitelisted) ====================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM…Drivers32: [vidc.XVID] => C:WindowsSysWOW64xvidvfw.dll [155648 2004-06-06] () [File not signed]

 

==================== Shortcuts & WMI ========================

 

==================== Loaded Modules (Whitelisted) =============

 

2020-11-18 14:41 – 2020-11-18 14:41 – 000017920 _____ () [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4mradeonsoftwarelibEGL.dll

2020-11-18 14:41 – 2020-11-18 14:41 – 003567616 _____ () [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4mradeonsoftwarelibGLESv2.dll

2021-06-29 13:49 – 2021-06-29 13:49 – 000258048 _____ () [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4mradeonsoftwareWirelessVR-windesktop64.dll

2020-11-17 15:02 – 2020-11-17 15:02 – 000310272 _____ (easyhook.codeplex.com) [File not signed] C:ProgramDataDolbyDAX3RADARHOSTEasyHook64.dll

2020-11-18 11:57 – 2019-02-21 18:00 – 000078336 _____ (Igor Pavlov) [File not signed] C:Program Files7-Zip7-zip.dll

2020-11-18 14:41 – 2020-11-18 14:41 – 000031744 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4mradeonsoftwarepluginsimageformatsqgif.dll

2020-11-18 14:41 – 2020-11-18 14:41 – 000039424 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4mradeonsoftwarepluginsimageformatsqicns.dll

2020-11-18 14:41 – 2020-11-18 14:41 – 000031744 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4mradeonsoftwarepluginsimageformatsqico.dll

2020-11-18 14:41 – 2020-11-18 14:41 – 000413696 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4mradeonsoftwarepluginsimageformatsqjpeg.dll

2020-11-18 14:41 – 2020-11-18 14:41 – 000025088 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4mradeonsoftwarepluginsimageformatsqsvg.dll

2020-11-18 14:41 – 2020-11-18 14:41 – 000025088 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4mradeonsoftwarepluginsimageformatsqtga.dll

2020-11-18 14:41 – 2020-11-18 14:41 – 000023552 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4mradeonsoftwarepluginsimageformatsqwbmp.dll

2020-11-18 14:41 – 2020-11-18 14:41 – 000519168 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4mradeonsoftwarepluginsimageformatsqwebp.dll

2020-11-18 14:41 – 2020-11-18 14:41 – 001431040 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4mradeonsoftwarepluginsplatformsqwindows.dll

2020-11-18 14:41 – 2020-11-18 14:41 – 001180672 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4mradeonsoftwarepluginssqldriversqsqlite.dll

2020-11-18 14:41 – 2020-11-18 14:41 – 000135680 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4mradeonsoftwarepluginsstylesqwindowsvistastyle.dll

2020-11-18 14:41 – 2020-11-18 14:41 – 006010880 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4mradeonsoftwareQt5Core.dll

2020-11-18 14:41 – 2020-11-18 14:41 – 006345216 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4mradeonsoftwareQt5Gui.dll

2020-11-18 14:41 – 2020-11-18 14:41 – 001078272 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4mradeonsoftwareQt5Network.dll

2020-11-18 14:41 – 2020-11-18 14:41 – 000313856 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4mradeonsoftwareQt5Positioning.dll

2020-11-18 14:41 – 2020-11-18 14:41 – 004000256 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4mradeonsoftwareQt5Qml.dll

2020-11-18 14:41 – 2020-11-18 14:41 – 003802624 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4mradeonsoftwareQt5Quick.dll

2020-11-18 14:41 – 2020-11-18 14:41 – 000171008 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4mradeonsoftwareQt5QuickControls2.dll

2020-11-18 14:41 – 2020-11-18 14:41 – 001083904 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4mradeonsoftwareQt5QuickTemplates2.dll

2020-11-18 14:41 – 2020-11-18 14:41 – 000205312 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4mradeonsoftwareQt5Sql.dll

2020-11-18 14:41 – 2020-11-18 14:41 – 000329728 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4mradeonsoftwareQt5Svg.dll

2020-11-18 14:41 – 2020-11-18 14:41 – 000113152 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4mradeonsoftwareQt5WebChannel.dll

2020-11-18 14:41 – 2020-11-18 14:41 – 000376320 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4mradeonsoftwareQt5WebEngine.dll

2020-11-18 14:41 – 2020-11-18 14:41 – 092323328 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4mradeonsoftwareQt5WebEngineCore.dll

2020-11-18 14:41 – 2020-11-18 14:41 – 005560832 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4mradeonsoftwareQt5Widgets.dll

2020-11-18 14:41 – 2020-11-18 14:41 – 000463360 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4mradeonsoftwareQt5WinExtras.dll

2020-11-18 14:41 – 2020-11-18 14:41 – 000188416 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4mradeonsoftwareQt5Xml.dll

2020-11-18 14:41 – 2020-11-18 14:41 – 002888704 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4mradeonsoftwareQt5XmlPatterns.dll

2020-11-18 14:41 – 2020-11-18 14:41 – 000053760 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4mradeonsoftwareQtGraphicalEffectsprivateqtgraphicaleffectsprivate.dll

2020-11-18 14:41 – 2020-11-18 14:41 – 000059392 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4mradeonsoftwareQtGraphicalEffectsqtgraphicaleffectsplugin.dll

2020-11-18 14:41 – 2020-11-18 14:41 – 000017408 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4mradeonsoftwareQtQuick.2qtquick2plugin.dll

2020-11-18 14:41 – 2020-11-18 14:41 – 000287232 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4mradeonsoftwareQtQuickControls.2qtquickcontrols2plugin.dll

2020-11-18 14:41 – 2020-11-18 14:41 – 000329216 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4mradeonsoftwareQtQuickControlsqtquickcontrolsplugin.dll

2020-11-18 14:41 – 2020-11-18 14:41 – 000136192 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4mradeonsoftwareQtQuickDialogsdialogplugin.dll

2020-11-18 14:41 – 2020-11-18 14:41 – 000089088 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4mradeonsoftwareQtQuickLayoutsqquicklayoutsplugin.dll

2020-11-18 14:41 – 2020-11-18 14:41 – 000312320 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4mradeonsoftwareQtQuickTemplates.2qtquicktemplates2plugin.dll

2020-11-18 14:41 – 2020-11-18 14:41 – 000017920 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4mradeonsoftwareQtQuickWindow.2windowplugin.dll

2020-11-18 14:41 – 2020-11-18 14:41 – 000085504 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesWindowsAppsAdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4mradeonsoftwareQtWebEngineqtwebengineplugin.dll

 

==================== Alternate Data Streams (Whitelisted) ========

 

==================== Safe Mode (Whitelisted) ==================

 

(If an entry is included in the fixlist, it will be removed from the registry. The “AlternateShell” will be restored.)

 

HKLMSYSTEMCurrentControlSetControlSafeBootMinimalMBAMService => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkMBAMService => “”=”Service”

 

==================== Association (Whitelisted) =================

 

==================== Internet Explorer (Whitelisted) ==========

 

BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:Program Files (x86)Internet Download ManagerIDMIECC64.dll [2020-12-12] (Tonec Inc. -> Internet Download Manager, Tonec Inc.)

BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:Program FilesMicrosoft OfficeOffice14GROOVEEX.DLL [2010-01-22] (Microsoft Corporation -> Microsoft Corporation)

BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:Program FilesJavajre1.8.0_51binssv.dll [2021-06-13] (Oracle America, Inc. -> Oracle Corporation)

BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:Program FilesMicrosoft OfficeOffice14URLREDIR.DLL [2010-01-16] (Microsoft Corporation -> Microsoft Corporation)

BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:Program FilesJavajre1.8.0_51binjp2ssv.dll [2021-06-13] (Oracle America, Inc. -> Oracle Corporation)

BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:Program Files (x86)Internet Download ManagerIDMIECC.dll [2020-12-12] (Tonec Inc. -> Internet Download Manager, Tonec Inc.)

BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:Program Files (x86)Microsoft OfficeOffice14GROOVEEX.DLL [2010-01-22] (Microsoft Corporation -> Microsoft Corporation)

BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:Program Files (x86)Microsoft OfficeOffice14URLREDIR.DLL [2010-01-16] (Microsoft Corporation -> Microsoft Corporation)

 

==================== Hosts content: =========================

 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

 

2017-09-29 15:46 – 2017-09-29 15:44 – 000000824 _____ C:WINDOWSsystem32driversetchosts

 

==================== Other Areas ===========================

 

(Currently there is no automatic fix for this section.)

 

HKLMSystemCurrentControlSetControlSession ManagerEnvironmentPath -> C:ProgramDataOracleJavajavapath;C:WINDOWSsystem32;C:WINDOWS;C:WINDOWSSystem32Wbem;C:WINDOWSSystem32WindowsPowerShellv1.0;C:WINDOWSSystem32OpenSSH;C:Program FilesNVIDIA CorporationNVIDIA NvDLISR;%SystemRoot%system32;%SystemRoot%;%SystemRoot%System32Wbem;%SYSTEMROOT%System32WindowsPowerShellv1.0;%SYSTEMROOT%System32OpenSSH

HKUS-1-5-21-274093857-217602951-3633155144-1001Control PanelDesktopWallpaper -> C:UsersAlexAppDataLocalPackagesMicrosoft.Windows.Photos_8wekyb3d8bbweLocalStatePhotosAppBackgroundposibila imagine fundal.jpg

DNS Servers: 192.168.1.1

HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorer => (SmartScreenEnabled: )

Windows Firewall is enabled.

 

==================== MSCONFIG/TASK MANAGER disabled items ==

 

(If an entry is included in the fixlist, it will be removed.)

 

HKLM…StartupApprovedRun: => “Riot Vanguard”

HKLM…StartupApprovedRun32: => “SunJavaUpdateSched”

HKUS-1-5-21-274093857-217602951-3633155144-1001…StartupApprovedRun: => “OneDrive”

HKUS-1-5-21-274093857-217602951-3633155144-1001…StartupApprovedRun: => “Opera Browser Assistant”

HKUS-1-5-21-274093857-217602951-3633155144-1001…StartupApprovedRun: => “Discord”

HKUS-1-5-21-274093857-217602951-3633155144-1001…StartupApprovedRun: => “EpicGamesLauncher”

HKUS-1-5-21-274093857-217602951-3633155144-1001…StartupApprovedRun: => “Steam”

HKUS-1-5-21-274093857-217602951-3633155144-1001…StartupApprovedRun: => “Gaijin.Net Updater”

HKUS-1-5-21-274093857-217602951-3633155144-1001…StartupApprovedRun: => “IDMan”

 

==================== FirewallRules (Whitelisted) ================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

FirewallRules: [UDP Query User{89D54D60-0C97-4F3A-A96F-1DCD8EE633D9}C:usersalexdesktophoi4 vai de capu luihearts.of.iron.iv.colliehoi4.exe] => (Allow) C:usersalexdesktophoi4 vai de capu luihearts.of.iron.iv.colliehoi4.exe => No File

FirewallRules: [TCP Query User{DE42312D-DD83-4880-A487-4E9E88B3635D}C:usersalexdesktophoi4 vai de capu luihearts.of.iron.iv.colliehoi4.exe] => (Allow) C:usersalexdesktophoi4 vai de capu luihearts.of.iron.iv.colliehoi4.exe => No File

FirewallRules: [UDP Query User{0D9E3D5B-05EA-46D4-8F4F-D633D8C4DCD3}C:usersalexdesktophoi4 nemodificathearts.of.iron.iv.colliehoi4.exe] => (Block) C:usersalexdesktophoi4 nemodificathearts.of.iron.iv.colliehoi4.exe => No File

FirewallRules: [TCP Query User{4709779F-527D-47BE-AD27-382EA15B4E74}C:usersalexdesktophoi4 nemodificathearts.of.iron.iv.colliehoi4.exe] => (Block) C:usersalexdesktophoi4 nemodificathearts.of.iron.iv.colliehoi4.exe => No File

FirewallRules: [UDP Query User{C6FAC57C-19F2-4D22-BC37-E13F045DA217}C:usersalexdesktophearts.of.iron.iv.v1.10.4hearts.of.iron.iv.colliehoi4.exe] => (Block) C:usersalexdesktophearts.of.iron.iv.v1.10.4hearts.of.iron.iv.colliehoi4.exe => No File

FirewallRules: [TCP Query User{F432B87F-D92C-4DC5-A26F-9E656D624C29}C:usersalexdesktophearts.of.iron.iv.v1.10.4hearts.of.iron.iv.colliehoi4.exe] => (Block) C:usersalexdesktophearts.of.iron.iv.v1.10.4hearts.of.iron.iv.colliehoi4.exe => No File

FirewallRules: [UDP Query User{5A4F1EDF-9E76-494D-9B59-B1B2AE30F176}C:usersalexdocumentsescapiest 2theescapists2theescapists2.exe] => (Allow) C:usersalexdocumentsescapiest 2theescapists2theescapists2.exe => No File

FirewallRules: [TCP Query User{85907206-B39C-4859-A611-7F75BD2E5E8F}C:usersalexdocumentsescapiest 2theescapists2theescapists2.exe] => (Allow) C:usersalexdocumentsescapiest 2theescapists2theescapists2.exe => No File

FirewallRules: [UDP Query User{B9986A53-229F-44B4-BA4E-FCE7121882CC}C:usersalexappdataroaming.minecraftruntimejava-runtime-alphawindowsjava-runtime-alphabinjavaw.exe] => (Block) C:usersalexappdataroaming.minecraftruntimejava-runtime-alphawindowsjava-runtime-alphabinjavaw.exe

FirewallRules: [TCP Query User{4AF64541-DABB-472F-871A-2F77E416E8E0}C:usersalexappdataroaming.minecraftruntimejava-runtime-alphawindowsjava-runtime-alphabinjavaw.exe] => (Block) C:usersalexappdataroaming.minecraftruntimejava-runtime-alphawindowsjava-runtime-alphabinjavaw.exe

FirewallRules: [UDP Query User{806195AE-225F-4057-ACB3-EAE706485EF0}C:usersalexappdataroaming.tlauncherjvmsjre1.8.0_281binjavaw.exe] => (Allow) C:usersalexappdataroaming.tlauncherjvmsjre1.8.0_281binjavaw.exe

FirewallRules: [TCP Query User{623EA8E3-6C5C-4F22-98BE-7DB28C629F05}C:usersalexappdataroaming.tlauncherjvmsjre1.8.0_281binjavaw.exe] => (Allow) C:usersalexappdataroaming.tlauncherjvmsjre1.8.0_281binjavaw.exe

FirewallRules: [UDP Query User{3D881E5D-FA3A-4E7C-9F3D-C8DC26E8A896}C:usersalexdesktophearts.of.iron.iv.v1.10.4hearts.of.iron.iv.v1.10.4hearts.of.iron.iv.colliehoi4.exe] => (Block) C:usersalexdesktophearts.of.iron.iv.v1.10.4hearts.of.iron.iv.v1.10.4hearts.of.iron.iv.colliehoi4.exe => No File

FirewallRules: [TCP Query User{BAC9844D-71D1-4122-A306-4263C476E851}C:usersalexdesktophearts.of.iron.iv.v1.10.4hearts.of.iron.iv.v1.10.4hearts.of.iron.iv.colliehoi4.exe] => (Block) C:usersalexdesktophearts.of.iron.iv.v1.10.4hearts.of.iron.iv.v1.10.4hearts.of.iron.iv.colliehoi4.exe => No File

FirewallRules: [UDP Query User{19DDAC82-AFF0-4734-9128-F30E12985005}N:amogusamongusamong us.exe] => (Block) N:amogusamongusamong us.exe => No File

FirewallRules: [TCP Query User{C5B8D01A-B96F-4746-8641-D3612F59006C}N:amogusamongusamong us.exe] => (Block) N:amogusamongusamong us.exe => No File

FirewallRules: [{1A94FFB5-6E59-457E-B0EA-79AE3CA3F41A}] => (Allow) N:cs gosteamappscommonCounter-Strike Global Offensivecsgo.exe (Valve Corp. -> )

FirewallRules: [{068F65DA-5CF1-4E88-A601-72988623923A}] => (Allow) N:cs gosteamappscommonCounter-Strike Global Offensivecsgo.exe (Valve Corp. -> )

FirewallRules: [{87B928E7-4FF0-471D-9979-03B8D1B3FE4F}] => (Allow) N:cs gobincefcef.win7x64steamwebhelper.exe (Valve -> Valve Corporation)

FirewallRules: [{DA5E0F02-0FAC-43B7-903B-231949BE200D}] => (Allow) N:cs gobincefcef.win7x64steamwebhelper.exe (Valve -> Valve Corporation)

FirewallRules: [{3AF43644-5087-4CBC-AD98-E888CD0D76C1}] => (Allow) N:cs goSteam.exe (Valve -> Valve Corporation)

FirewallRules: [{F65E588F-BB85-47E2-B807-AF42D0BC4541}] => (Allow) N:cs goSteam.exe (Valve -> Valve Corporation)

FirewallRules: [UDP Query User{DE97F155-5C16-4317-A1F7-D34A39253EAA}C:usersalexdownloadscube.world.betacube.world.betacube worldcubeworld.exe] => (Block) C:usersalexdownloadscube.world.betacube.world.betacube worldcubeworld.exe => No File

FirewallRules: [TCP Query User{63DC8FC6-24E6-404E-B690-91B9ED642E4C}C:usersalexdownloadscube.world.betacube.world.betacube worldcubeworld.exe] => (Block) C:usersalexdownloadscube.world.betacube.world.betacube worldcubeworld.exe => No File

FirewallRules: [UDP Query User{6C8D2E2B-85E0-4562-A4F9-86F602D34AFB}C:usersalexdesktophearts.of.iron.iv.v1.10.4hearts.of.iron.iv.v1.10.4hearts.of.iron.iv.colliehoi4.exe] => (Block) C:usersalexdesktophearts.of.iron.iv.v1.10.4hearts.of.iron.iv.v1.10.4hearts.of.iron.iv.colliehoi4.exe => No File

FirewallRules: [TCP Query User{EB2399D4-4FE1-4A62-B6D5-45C9F9559DF9}C:usersalexdesktophearts.of.iron.iv.v1.10.4hearts.of.iron.iv.v1.10.4hearts.of.iron.iv.colliehoi4.exe] => (Block) C:usersalexdesktophearts.of.iron.iv.v1.10.4hearts.of.iron.iv.v1.10.4hearts.of.iron.iv.colliehoi4.exe => No File

FirewallRules: [UDP Query User{2F9E75C3-8E22-4243-BA5D-EFD1C1731974}C:usersalexdownloadshearts.of.iron.iv.v1.10.4hearts.of.iron.iv.v1.10.4hearts.of.iron.iv.colliehoi4.exe] => (Block) C:usersalexdownloadshearts.of.iron.iv.v1.10.4hearts.of.iron.iv.v1.10.4hearts.of.iron.iv.colliehoi4.exe => No File

FirewallRules: [TCP Query User{16C81526-348C-4016-AC3B-FB1B345EBE32}C:usersalexdownloadshearts.of.iron.iv.v1.10.4hearts.of.iron.iv.v1.10.4hearts.of.iron.iv.colliehoi4.exe] => (Block) C:usersalexdownloadshearts.of.iron.iv.v1.10.4hearts.of.iron.iv.v1.10.4hearts.of.iron.iv.colliehoi4.exe => No File

FirewallRules: [{39B9752F-248D-46D1-B4A6-BA7C3A5256D0}] => (Allow) C:Program FilesBlueStacksHD-Player.exe => No File

FirewallRules: [{D947F4FA-162E-4A84-864C-54F2C579D05C}] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{E0B129ED-9F65-487A-9CC7-06DB0FFF28BA}] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{09665655-15B0-496F-8C7E-5432577BAB44}] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{113FDDB6-7E74-4BB9-BA46-E6AB6EE9431F}] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [UDP Query User{117139AD-1F1C-4282-84CB-0A3BFCB8E0D6}C:program files (x86)microsoft visual studio2019communitycommon7idedevenv.exe] => (Allow) C:program files (x86)microsoft visual studio2019communitycommon7idedevenv.exe => No File

FirewallRules: [TCP Query User{A03AE650-B820-4200-A596-EA897D4C68F3}C:program files (x86)microsoft visual studio2019communitycommon7idedevenv.exe] => (Allow) C:program files (x86)microsoft visual studio2019communitycommon7idedevenv.exe => No File

FirewallRules: [{06166044-7ED0-4F41-9D29-0C9C5133C79E}] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{29E81ACD-67E4-4341-9BD0-F0F394C752DD}] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [UDP Query User{8040E71E-2E22-4DE3-BE86-5DF6DDDBF106}C:usersalexappdatalocalprogramsopera72.0.3815.400opera.exe] => (Block) C:usersalexappdatalocalprogramsopera72.0.3815.400opera.exe => No File

FirewallRules: [TCP Query User{328FAF16-983B-4E01-882D-FDC0781CD817}C:usersalexappdatalocalprogramsopera72.0.3815.400opera.exe] => (Block) C:usersalexappdatalocalprogramsopera72.0.3815.400opera.exe => No File

FirewallRules: [UDP Query User{F93273CE-9BAF-4A40-A326-F18192ED5365}R:dagtavgta5.exe] => (Allow) R:dagtavgta5.exe => No File

FirewallRules: [TCP Query User{D2471C5D-BF51-4B17-AE71-E69EBA72D3F8}R:dagtavgta5.exe] => (Allow) R:dagtavgta5.exe => No File

FirewallRules: [UDP Query User{9B04F854-2F23-483E-BECC-5060FC6815DF}C:program filesjavajre1.8.0_45binjavaw.exe] => (Allow) C:program filesjavajre1.8.0_45binjavaw.exe => No File

FirewallRules: [TCP Query User{D26EEBB3-3B62-4B2D-A9DC-2967CF2DF6F6}C:program filesjavajre1.8.0_45binjavaw.exe] => (Allow) C:program filesjavajre1.8.0_45binjavaw.exe => No File

FirewallRules: [UDP Query User{450C4DBE-7EEC-4358-AA13-FA7517D990AF}N:batmanarkhamasylumbinariesshippingpc-bmgame.exe] => (Allow) N:batmanarkhamasylumbinariesshippingpc-bmgame.exe => No File

FirewallRules: [TCP Query User{E532778B-D578-4E19-84C7-CE20436A749E}N:batmanarkhamasylumbinariesshippingpc-bmgame.exe] => (Allow) N:batmanarkhamasylumbinariesshippingpc-bmgame.exe => No File

FirewallRules: [{15A2828C-D832-4AAB-BDF9-9CF4B73F2E0D}] => (Block) N:Unity2020.1.14f1EditorUnity.exe (Unity Technologies Aps -> Unity Technologies ApS)

FirewallRules: [{B48AE178-F86A-4865-BB80-BD748C259F16}] => (Allow) N:Unity2020.1.14f1EditorUnity.exe (Unity Technologies Aps -> Unity Technologies ApS)

FirewallRules: [UDP Query User{7532603F-26CC-4C0D-B22F-8E249093B687}N:unity2019.4.15f1editorunity.exe] => (Block) N:unity2019.4.15f1editorunity.exe (Unity Technologies Aps -> Unity Technologies ApS)

FirewallRules: [TCP Query User{55A4CA07-E949-4540-B13E-6F187CA4BFA9}N:unity2019.4.15f1editorunity.exe] => (Block) N:unity2019.4.15f1editorunity.exe (Unity Technologies Aps -> Unity Technologies ApS)

FirewallRules: [{2C753D7D-1910-44ED-9B71-BFAEAC2D6621}] => (Block) N:Unity2019.4.15f1EditorUnity.exe (Unity Technologies Aps -> Unity Technologies ApS)

FirewallRules: [{85993903-9954-4773-9AF0-4093C6564A95}] => (Allow) N:Unity2019.4.15f1EditorUnity.exe (Unity Technologies Aps -> Unity Technologies ApS)

FirewallRules: [UDP Query User{29E506A1-EA0D-4AEC-8239-C7FB86D6A1A9}N:unityunity hubunity hub.exe] => (Allow) N:unityunity hubunity hub.exe (Unity Technologies SF -> Unity Technologies Inc.)

FirewallRules: [TCP Query User{8C6C2E5B-5140-4D76-BEF9-06BC11347114}N:unityunity hubunity hub.exe] => (Allow) N:unityunity hubunity hub.exe (Unity Technologies SF -> Unity Technologies Inc.)

FirewallRules: [{803EB0DF-521E-4064-9EB7-263FFC18B7F5}] => (Allow) N:UnityUnity HubUnity Hub.exe (Unity Technologies SF -> Unity Technologies Inc.)

FirewallRules: [UDP Query User{48138784-D984-4246-9D54-CB96B62B4096}C:usersalexappdatalocalprogramsopera72.0.3815.320opera.exe] => (Block) C:usersalexappdatalocalprogramsopera72.0.3815.320opera.exe => No File

FirewallRules: [TCP Query User{021AA601-A6A2-4C3A-970F-5A55F86F7952}C:usersalexappdatalocalprogramsopera72.0.3815.320opera.exe] => (Block) C:usersalexappdatalocalprogramsopera72.0.3815.320opera.exe => No File

FirewallRules: [UDP Query User{B0CE7A40-ECD6-404E-A882-86AFF45C8756}N:overwatch_retail_overwatch.exe] => (Allow) N:overwatch_retail_overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)

FirewallRules: [TCP Query User{5908F94B-3FD6-4A67-B70D-1E9350B7FF15}N:overwatch_retail_overwatch.exe] => (Allow) N:overwatch_retail_overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)

FirewallRules: [{EF448A46-53A5-4E50-84D1-5E84A309566C}] => (Allow) C:Program FilesLenovoLenovo Migration AssistantMigrationAssistant.exe (Lenovo -> )

FirewallRules: [{C2EE6722-9910-42BD-86AB-2CFC380C9DE5}] => (Allow) C:Program FilesLenovoLenovo Migration AssistantMigrationAssistant.exe (Lenovo -> )

FirewallRules: [{6A9AD8E3-91EC-4E1B-AABB-FC4F51DF7540}] => (Allow) C:Program FilesLenovoLenovo Migration AssistantLenovo Migration Assistant Srv.exe (Lenovo -> )

FirewallRules: [{0A34CD71-A92B-4BB4-A1CE-0C207A0D2912}] => (Allow) C:Program FilesLenovoLenovo Migration AssistantLenovo Migration Assistant Srv.exe (Lenovo -> )

FirewallRules: [TCP Query User{D0360955-45FB-47E9-9F5E-B0349F574F75}C:usersalexappdatalocalprogramsopera72.0.3815.320opera.exe] => (Allow) C:usersalexappdatalocalprogramsopera72.0.3815.320opera.exe => No File

FirewallRules: [UDP Query User{99D7B33A-2015-4A48-A6FB-7014D3A25F76}C:usersalexappdatalocalprogramsopera72.0.3815.320opera.exe] => (Allow) C:usersalexappdatalocalprogramsopera72.0.3815.320opera.exe => No File

FirewallRules: [TCP Query User{75186861-9788-4C5A-A44F-41871C96F591}C:usersalexdesktophoi4hearts.of.iron.iv.colliehoi4.exe] => (Block) C:usersalexdesktophoi4hearts.of.iron.iv.colliehoi4.exe => No File

FirewallRules: [UDP Query User{5A406557-7A24-487D-A118-46332A2DB6BB}C:usersalexdesktophoi4hearts.of.iron.iv.colliehoi4.exe] => (Block) C:usersalexdesktophoi4hearts.of.iron.iv.colliehoi4.exe => No File

FirewallRules: [TCP Query User{476E7A67-96CF-4E6D-8F1D-BA7306450AAE}C:usersalexappdataroaming.minecraftruntimejre-legacywindowsjre-legacybinjavaw.exe] => (Allow) C:usersalexappdataroaming.minecraftruntimejre-legacywindowsjre-legacybinjavaw.exe

FirewallRules: [UDP Query User{A25A6AAE-6F2A-44D4-BF23-DCF8DB4C9709}C:usersalexappdataroaming.minecraftruntimejre-legacywindowsjre-legacybinjavaw.exe] => (Allow) C:usersalexappdataroaming.minecraftruntimejre-legacywindowsjre-legacybinjavaw.exe

FirewallRules: [TCP Query User{72084B54-682E-44E0-B7E4-DC05FA2EDCEB}C:usersalexdesktopcube.world.betacube worldcubeworld.exe] => (Block) C:usersalexdesktopcube.world.betacube worldcubeworld.exe => No File

FirewallRules: [UDP Query User{6B6E4DF1-4A09-4232-8670-4F949BEE365A}C:usersalexdesktopcube.world.betacube worldcubeworld.exe] => (Block) C:usersalexdesktopcube.world.betacube worldcubeworld.exe => No File

FirewallRules: [TCP Query User{24ED0D56-479C-4C87-95F1-6C8CEC2E03DC}N:gtagtavgta5.exe] => (Allow) N:gtagtavgta5.exe (Rockstar Games, Inc. -> Rockstar Games)

FirewallRules: [UDP Query User{4DE323E7-35C4-420F-852E-B13B6B85B381}N:gtagtavgta5.exe] => (Allow) N:gtagtavgta5.exe (Rockstar Games, Inc. -> Rockstar Games)

FirewallRules: [TCP Query User{B525D2F7-59BF-4BDE-B22A-649535DA64B4}C:riot gamesriot clientriotclientservices.exe] => (Block) C:riot gamesriot clientriotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)

FirewallRules: [UDP Query User{80323ABB-1317-46FE-AACD-6FFF9C56B8CC}C:riot gamesriot clientriotclientservices.exe] => (Block) C:riot gamesriot clientriotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)

FirewallRules: [{680E90FB-7BF1-4AF8-9349-901AC2B8363F}] => (Allow) C:Program Files (x86)LenovoSystem Updateuncserver.exe (Lenovo -> )

FirewallRules: [{EF30D8F4-791B-459E-9F88-19C30010DD96}] => (Allow) C:Program Files (x86)LenovoSystem Updateuncserver.exe (Lenovo -> )

FirewallRules: [TCP Query User{D818369B-BAE1-43E0-BCA5-D1F914A96D81}R:enlistedenlistedlauncher.exe] => (Block) R:enlistedenlistedlauncher.exe (Gaijin Network LTD -> Gaijin)

FirewallRules: [UDP Query User{52E7C662-DA11-4AE9-9212-EDA54F70099D}R:enlistedenlistedlauncher.exe] => (Block) R:enlistedenlistedlauncher.exe (Gaijin Network LTD -> Gaijin)

FirewallRules: [TCP Query User{B4DA7B12-285A-4828-BF42-62110F2384B2}R:enlistedenlistedwin64enlisted.exe] => (Block) R:enlistedenlistedwin64enlisted.exe (Gaijin Network LTD -> Gaijin Entertainment)

FirewallRules: [UDP Query User{8BFE077E-701A-4C13-9E09-5BE3A2303814}R:enlistedenlistedwin64enlisted.exe] => (Block) R:enlistedenlistedwin64enlisted.exe (Gaijin Network LTD -> Gaijin Entertainment)

FirewallRules: [{059190EF-9A5B-4656-8729-94E0D8DC4C2B}] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{91B4C766-D835-47F7-A6D2-3178BED1A702}] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{34754EC1-5653-45DD-B66D-7656B080DDB4}] => (Allow) C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{4C535B2C-4CED-4DC0-A70C-E37297EFA91E}] => (Allow) C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{B733CF09-440F-4C16-82BE-2C40283B6E82}] => (Allow) C:Program FilesGoogleChromeApplicationchrome.exe (Google LLC -> Google LLC)

FirewallRules: [TCP Query User{04802920-4389-400C-8373-8A7BDFF12339}C:usersalexdesktophearts.of.iron.iv.v1.10.8.incl.all.dlcshearts.of.iron.iv.v1.10.8.incl.all.dlcshoi4.exe] => (Block) C:usersalexdesktophearts.of.iron.iv.v1.10.8.incl.all.dlcshearts.of.iron.iv.v1.10.8.incl.all.dlcshoi4.exe => No File

FirewallRules: [UDP Query User{A455904A-6AE6-4F39-9B1D-F07B620B9845}C:usersalexdesktophearts.of.iron.iv.v1.10.8.incl.all.dlcshearts.of.iron.iv.v1.10.8.incl.all.dlcshoi4.exe] => (Block) C:usersalexdesktophearts.of.iron.iv.v1.10.8.incl.all.dlcshearts.of.iron.iv.v1.10.8.incl.all.dlcshoi4.exe => No File

FirewallRules: [{58076B12-E9B3-4C56-B6CD-05EDB73C90FF}] => (Allow) C:Program FilesBraveSoftwareBrave-BrowserApplicationbrave.exe (Brave Software, Inc. -> Brave Software, Inc.)

 

==================== Restore Points =========================

 

14-10-2021 12:19:42 Scheduled Checkpoint

24-10-2021 21:22:27 Scheduled Checkpoint

03-11-2021 16:17:43 Scheduled Checkpoint

 

==================== Faulty Device Manager Devices ============

 

 

==================== Event log errors: ========================

 

Application errors:

==================

Error: (11/03/2021 11:04:15 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: mbamtray.exe, version: 4.0.0.1152, time stamp: 0x616ee433

Faulting module name: Qt5Core.dll, version: 5.14.1.0, time stamp: 0x603971ce

Exception code: 0xc0000005

Fault offset: 0x0000000000219dc5

Faulting process id: 0x3980

Faulting application start time: 0x01d7d0eedfd26847

Faulting application path: C:Program FilesMalwarebytesAnti-Malwarembamtray.exe

Faulting module path: C:Program FilesMalwarebytesAnti-MalwareQt5Core.dll

Report Id: d07ca808-efc7-4ebb-96e9-eb94b5c5fa69

Faulting package full name: 

Faulting package-relative application ID:

 

Error: (11/03/2021 06:45:33 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)

 

GetCACaps

GetCACaps: Not Found

{“Message”:”The authority “amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net” does not exist.”}

HTTP/1.1 404 Not Found

Date: Wed, 03 Nov 2021 16:45:32 GMT

Content-Length: 121

Content-Type: application/json; charset=utf-8

X-Content-Type-Options: nosniff

Strict-Transport-Security: max-age=31536000;includeSubDomains

x-ms-request-id: d4eb1cc0-71ff-4adb-b9ba-69286a5fc317

 

Method: GET(484ms)

Stage: GetCACaps

Not found (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

 

Error: (11/03/2021 04:07:15 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: csgo.exe, version: 0.0.0.0, time stamp: 0x6169cb85

Faulting module name: KERNELBASE.dll, version: 10.0.19041.1202, time stamp: 0x448a4f5d

Exception code: 0xc06d007f

Fault offset: 0x0012b5b2

Faulting process id: 0x63b8

Faulting application start time: 0x01d7d0bb584a0798

Faulting application path: N:cs gosteamappscommonCounter-Strike Global Offensivecsgo.exe

Faulting module path: C:WINDOWSSystem32KERNELBASE.dll

Report Id: 98e78c0e-8925-48b0-895f-f3ae1b6ad0e8

Faulting package full name: 

Faulting package-relative application ID:

 

Error: (11/03/2021 03:45:30 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: csgo.exe, version: 0.0.0.0, time stamp: 0x6169cb85

Faulting module name: KERNELBASE.dll, version: 10.0.19041.1202, time stamp: 0x448a4f5d

Exception code: 0xc06d007f

Fault offset: 0x0012b5b2

Faulting process id: 0x4b64

Faulting application start time: 0x01d7d0b728aedec5

Faulting application path: N:cs gosteamappscommonCounter-Strike Global Offensivecsgo.exe

Faulting module path: C:WINDOWSSystem32KERNELBASE.dll

Report Id: 8fe1e850-a1a4-4d50-9771-6b5d258dde38

Faulting package full name: 

Faulting package-relative application ID:

 

Error: (11/03/2021 10:45:36 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: csgo.exe, version: 0.0.0.0, time stamp: 0x6169cb85

Faulting module name: KERNELBASE.dll, version: 10.0.19041.1202, time stamp: 0x448a4f5d

Exception code: 0xc06d007f

Fault offset: 0x0012b5b2

Faulting process id: 0x56e4

Faulting application start time: 0x01d7d089f86f246e

Faulting application path: N:cs gosteamappscommonCounter-Strike Global Offensivecsgo.exe

Faulting module path: C:WINDOWSSystem32KERNELBASE.dll

Report Id: 5ce9d843-26e6-4e45-937a-de68af151dda

Faulting package full name: 

Faulting package-relative application ID:

 

Error: (11/02/2021 10:47:39 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: csgo.exe, version: 0.0.0.0, time stamp: 0x6169cb85

Faulting module name: KERNELBASE.dll, version: 10.0.19041.1202, time stamp: 0x448a4f5d

Exception code: 0xc06d007f

Fault offset: 0x0012b5b2

Faulting process id: 0x5820

Faulting application start time: 0x01d7d028c9537627

Faulting application path: N:cs gosteamappscommonCounter-Strike Global Offensivecsgo.exe

Faulting module path: C:WINDOWSSystem32KERNELBASE.dll

Report Id: a21ce3f8-5991-45ba-8a41-ced3e8ee5871

Faulting package full name: 

Faulting package-relative application ID:

 

Error: (11/02/2021 09:13:06 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: csgo.exe, version: 0.0.0.0, time stamp: 0x6169cb85

Faulting module name: KERNELBASE.dll, version: 10.0.19041.1202, time stamp: 0x448a4f5d

Exception code: 0xc06d007f

Fault offset: 0x0012b5b2

Faulting process id: 0x3bd0

Faulting application start time: 0x01d7d01d104a1e89

Faulting application path: N:cs gosteamappscommonCounter-Strike Global Offensivecsgo.exe

Faulting module path: C:WINDOWSSystem32KERNELBASE.dll

Report Id: 62352c9a-be6e-49b1-99af-42a3dca1cdab

Faulting package full name: 

Faulting package-relative application ID:

 

Error: (11/02/2021 09:05:05 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: csgo.exe, version: 0.0.0.0, time stamp: 0x6169cb85

Faulting module name: KERNELBASE.dll, version: 10.0.19041.1202, time stamp: 0x448a4f5d

Exception code: 0xc06d007f

Fault offset: 0x0012b5b2

Faulting process id: 0x4f08

Faulting application start time: 0x01d7d01707ba3851

Faulting application path: N:cs gosteamappscommonCounter-Strike Global Offensivecsgo.exe

Faulting module path: C:WINDOWSSystem32KERNELBASE.dll

Report Id: a285f55d-00a9-48de-a179-7bfd49c8e08d

Faulting package full name: 

Faulting package-relative application ID:

 

 

System errors:

=============

Error: (11/03/2021 06:09:42 PM) (Source: DCOM) (EventID: 10010) (User: ALEX)

Description: The server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.

 

Error: (11/03/2021 06:08:58 PM) (Source: DCOM) (EventID: 10010) (User: ALEX)

Description: The server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.

 

Error: (11/03/2021 06:07:02 PM) (Source: volmgr) (EventID: 161) (User: )

Description: Dump file creation failed due to error during dump creation.

 

Error: (11/03/2021 06:08:52 PM) (Source: EventLog) (EventID: 6008) (User: )

Description: The previous system shutdown at 5:42:38 PM on ‎11/‎3/‎2021 was unexpected.

 

Error: (11/03/2021 03:10:16 PM) (Source: DCOM) (EventID: 10010) (User: ALEX)

Description: The server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.

 

Error: (11/03/2021 03:04:35 PM) (Source: DCOM) (EventID: 10010) (User: ALEX)

Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

 

Error: (11/03/2021 03:04:35 PM) (Source: DCOM) (EventID: 10010) (User: ALEX)

Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

 

Error: (11/03/2021 03:04:35 PM) (Source: DCOM) (EventID: 10010) (User: ALEX)

Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

 

 

Windows Defender:

================

Date: 2021-11-03 22:10:57

Description: 

Microsoft Defender Antivirus scan has been stopped before completion.

Scan Type: Antimalware

Scan Parameters: Quick Scan

 

Date: 2021-11-02 21:40:22

Description: 

Microsoft Defender Antivirus scan has been stopped before completion.

Scan Type: Antimalware

Scan Parameters: Quick Scan

 

Date: 2021-11-01 15:24:48

Description: 

Microsoft Defender Antivirus scan has been stopped before completion.

Scan Type: Antimalware

Scan Parameters: Quick Scan

 

Date: 2021-10-30 14:03:04

Description: 

Microsoft Defender Antivirus scan has been stopped before completion.

Scan Type: Antimalware

Scan Parameters: Quick Scan

 

Date: 2021-10-29 14:02:25

Description: 

Microsoft Defender Antivirus scan has been stopped before completion.

Scan Type: Antimalware

Scan Parameters: Quick Scan



==================== Memory info =========================== 

 

BIOS: LENOVO EUCN28WW 10/20/2020

Motherboard: LENOVO LNVNB161216

Processor: AMD Ryzen 7 4800H with Radeon Graphics 

Percentage of memory in use: 34%

Total physical RAM: 15741.2 MB

Available physical RAM: 10339.72 MB

Total Virtual: 18173.2 MB

Available Virtual: 10170.16 MB

 

==================== Drives ================================

 

Drive c: (windows) (Fixed) (Total:183.37 GB) (Free:107.92 GB) NTFS

Drive n: (Files and Programs) (Fixed) (Total:184.57 GB) (Free:22.62 GB) NTFS

Drive r: (media) (Fixed) (Total:108.4 GB) (Free:67.99 GB) NTFS

 

?Volume{7a35bc92-0706-4b25-aafa-c4b2cf16bd29} () (Fixed) (Total:0.49 GB) (Free:0.06 GB) NTFS

?Volume{11b9e590-b921-4ec8-9c41-0c1658d7acdd} () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

 

==================== MBR & Partition Table ====================

 

==========================================================

Disk: 0 (Size: 476.9 GB) (Disk ID: D9FA2484)

 

Partition: GPT.

 

==================== End of Addition.txt =======================



Source link