Categories
News

Windows command processor is requesting permission | #firefox | #chrome | #microsoftedge | #education | #technology | #infosec



Okay, I did all that and here are the logs =)

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-09-2021

Ran by henri (administrator) on DESKTOP-GRGC1LB (13-09-2021 14:15:17)

Running from C:UsershenriOneDriveTyöpöytä

Loaded Profiles: henri

Platform: Windows 10 Home Version 21H1 19043.1165 (X64) Language: suomi (Suomi)

Default browser: Edge

Boot Mode: Normal

 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

(Avast Software s.r.o. -> AVAST Software s.r.o.) C:Program Files (x86)Avast SoftwareAvastAntiTrackPremiumAvastAntiTrackPremiumFilter.exe

(Avast Software s.r.o. -> AVAST Software) C:Program Files (x86)Avast SoftwareAvastAntiTrackPremiumAvastAntiTrackPremium.exe

(Avast Software s.r.o. -> AVAST Software) C:Program FilesAVAST SoftwareAvastaswEngSrv.exe

(Avast Software s.r.o. -> AVAST Software) C:Program FilesAVAST SoftwareAvastaswidsagent.exe

(Avast Software s.r.o. -> AVAST Software) C:Program FilesAVAST SoftwareAvastaswToolsSvc.exe

(Avast Software s.r.o. -> AVAST Software) C:Program FilesAVAST SoftwareAvastAvastSvc.exe

(Avast Software s.r.o. -> AVAST Software) C:Program FilesAVAST SoftwareAvastAvastUI.exe

(Avast Software s.r.o. -> AVAST Software) C:Program FilesAVAST SoftwareAvastwsc_proxy.exe

(Avast Software s.r.o. -> AVAST Software) C:Program FilesAVAST SoftwareBreachGuardbgsvc.exe

(Avast Software s.r.o. -> AVAST Software) C:Program FilesAVAST SoftwareBreachGuardbgui.exe <3>

(Avast Software s.r.o. -> Software Security System) C:Program Files (x86)Avast SoftwareAvastAntiTrackPremiumEkag20nt.exe

(Avast Software s.r.o. -> The CefSharp Authors) C:Program Files (x86)Avast SoftwareAvastAntiTrackPremiumCefSharp.BrowserSubprocess.exe <3>

(Discord Inc. -> Discord Inc.) C:UsershenriAppDataLocalDiscordapp-1.0.9002Discord.exe <6>

(Google LLC -> Google LLC) C:Program Files (x86)GoogleChromeApplicationchrome.exe <19>

(Google LLC -> Google LLC) C:Program Files (x86)GoogleUpdate1.3.36.102GoogleCrashHandler.exe

(Google LLC -> Google LLC) C:Program Files (x86)GoogleUpdate1.3.36.102GoogleCrashHandler64.exe

(Logitech Inc -> Logitech, Inc.) C:Program FilesLGHUBlghub.exe <3>

(Logitech Inc -> Logitech, Inc.) C:Program FilesLGHUBlghub_agent.exe

(Logitech Inc -> Logitech, Inc.) C:Program FilesLGHUBlghub_updater.exe

(Malwarebytes Inc -> Malwarebytes) C:Program FilesMalwarebytesAnti-MalwareMBAMService.exe

(Malwarebytes Inc -> Malwarebytes) C:Program FilesMalwarebytesAnti-Malwarembamtray.exe

(Microsoft Corporation -> Microsoft Corporation) C:Program Files (x86)MicrosoftEdgeApplicationmsedge.exe <5>

(Microsoft Corporation -> Microsoft Corporation) C:UsershenriAppDataLocalMicrosoftOneDriveOneDrive.exe

(Microsoft Corporation) C:Program FilesWindowsAppsMicrosoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbweCalculator.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsImmersiveControlPanelSystemSettings.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32dllhost.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32oobeUserOOBEBroker.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32smartscreen.exe

(Nota Inc. -> Nota Inc.) C:Program Files (x86)GyazoGyStation.exe

(NVIDIA Corporation -> Node.js) C:Program Files (x86)NVIDIA CorporationNvNodeNVIDIA Web Helper.exe

(NVIDIA Corporation -> NVIDIA Corporation) C:Program FilesNVIDIA CorporationDisplay.NvContainerNVDisplay.Container.exe <2>

(NVIDIA Corporation -> NVIDIA Corporation) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe <2>

(Piriform Software Ltd -> Piriform Software Ltd) C:Program FilesCCleanerCCleaner64.exe

(Razer USA Ltd. -> ) C:Program Files (x86)RazerSynapse3UserProcessRazer Synapse Service Process.exe

(Razer USA Ltd. -> Razer Inc) C:Program Files (x86)RazerRazer ServicesGMSGameManagerService.exe

(Razer USA Ltd. -> Razer Inc.) C:Program Files (x86)Razer Chroma SDKbinRzSDKServer.exe

(Razer USA Ltd. -> Razer Inc.) C:Program Files (x86)Razer Chroma SDKbinRzSDKService.exe

(Razer USA Ltd. -> Razer Inc.) C:Program Files (x86)RazerRazer ServicesRazer CentralRazer Central.exe

(Razer USA Ltd. -> Razer Inc.) C:Program Files (x86)RazerRazer ServicesRazer CentralRazerCentralService.exe

(Razer USA Ltd. -> Razer Inc.) C:Program Files (x86)RazerSynapse3ServiceRazer Synapse Service.exe

(Razer USA Ltd. -> Razer Inc.) C:Program Files (x86)RazerSynapse3WPFUIFrameworkRazer Synapse 3 HostRazer Synapse 3.exe

(Razer USA Ltd. -> The CefSharp Authors) C:Program Files (x86)RazerRazer ServicesRazer CentralCefSharp.BrowserSubprocess.exe <2>

(Spotify AB) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.167.586.0_x86__zpdnekdrzrea0Spotify.exe <6>

 

==================== Registry (Whitelisted) ===================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM…Run: [RTHDVCPL] => C:Program FilesRealtekAudioHDARtkNGUI64.exe [9228800 2017-06-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)

HKLM…Run: [AvastUI.exe] => C:Program FilesAVAST SoftwareAvastAvLaunch.exe [124184 2021-09-07] (Avast Software s.r.o. -> AVAST Software)

HKLM…Run: [Avast BreachGuard] => C:Program FilesAvast SoftwareBreachGuardbgui.exe [5490968 2021-08-15] (Avast Software s.r.o. -> AVAST Software)

HKLMSOFTWAREPoliciesMicrosoftWindows Defender: Restriction <==== ATTENTION

HKUS-1-5-21-1057236013-670151578-2365807831-1003…Run: [Steam] => C:Program Files (x86)Steamsteam.exe [4110568 2021-07-21] (Valve -> Valve Corporation)

HKUS-1-5-21-1057236013-670151578-2365807831-1003…Run: [Gyazo] => C:Program Files (x86)GyazoGyStation.exe [915848 2020-03-30] (Nota Inc. -> Nota Inc.)

HKUS-1-5-21-1057236013-670151578-2365807831-1003…Run: [electron.app.BetBlocker] => C:Program FilesBetBlockerBetBlocker.exe [71359488 2019-08-27] (Kombleepa) [File not signed]

HKUS-1-5-21-1057236013-670151578-2365807831-1003…Run: [Synapse3] => C:Program Files (x86)RazerSynapse3WPFUIFrameworkRazer Synapse 3 HostRazer Synapse 3.exe [3522168 2021-08-23] (Razer USA Ltd. -> Razer Inc.)

HKUS-1-5-21-1057236013-670151578-2365807831-1003…Run: [CCleaner Smart Cleaning] => C:Program FilesCCleanerCCleaner64.exe [35145856 2021-08-27] (Piriform Software Ltd -> Piriform Software Ltd)

HKUS-1-5-21-1057236013-670151578-2365807831-1003…Run: [Discord] => C:UsershenriAppDataLocalDiscordUpdate.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)

HKUS-1-5-21-1057236013-670151578-2365807831-1003…Run: [Overwolf] => C:Program Files (x86)OverwolfOverwolfLauncher.exe [1806680 2021-09-09] (Overwolf Ltd -> Overwolf Ltd.)

HKUS-1-5-21-1057236013-670151578-2365807831-1003…Run: [LGHUB] => C:Program FilesLGHUBlghub.exe [136443296 2021-08-04] (Logitech Inc -> Logitech, Inc.)

HKUS-1-5-21-1057236013-670151578-2365807831-1003…Run: [MicrosoftEdgeAutoLaunch_EBD02BA88B5997EF3B8E7628A571F907] => “C:Program Files (x86)MicrosoftEdgeApplicationmsedge.exe” –no-startup-window –win-session-start /prefetch:5

HKUS-1-5-21-1057236013-670151578-2365807831-1003…MountPoints2: {7e6c061a-4a2b-11eb-a311-04d9f5cdd399} – “D:OnePlus_setup.exe” /s

HKUS-1-5-21-1057236013-670151578-2365807831-1003…MountPoints2: {8dd7fbe1-c623-11eb-a321-04d9f5cdd399} – “D:OnePlus_setup.exe” /s

HKUS-1-5-21-1057236013-670151578-2365807831-1003…MountPoints2: {b1ceb79f-edce-11eb-a333-04d9f5cdd399} – “D:OnePlus_setup.exe” /s

HKUS-1-5-18…Run: [Synapse3] => C:Program Files (x86)RazerSynapse3WPFUIFrameworkRazer Synapse 3 HostRazer Synapse 3.exe [3522168 2021-08-23] (Razer USA Ltd. -> Razer Inc.)

HKLMSoftwareMicrosoftActive SetupInstalled Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:Program Files (x86)GoogleChromeApplication93.0.4577.63Installerchrmstp.exe [2021-09-08] (Google LLC -> Google LLC)

Startup: C:UsershenriAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupTwitch.lnk [2020-10-02]

ShortcutTarget: Twitch.lnk -> C:UsershenriAppDataRoamingTwitchBinTwitch.exe (Twitch Interactive, Inc. -> Twitch Interactive, Inc.)

HKLMSOFTWAREPoliciesMozillaFirefox: Restriction <==== ATTENTION

 

==================== Scheduled Tasks (Whitelisted) ============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

Task: {0B003929-F377-410F-9F66-DE56A3B74D57} – System32TasksNvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationUpdate CoreNvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {11548CC4-2701-4FA5-9C42-AE10BF0FA5D0} – System32TasksCCleanerSkipUAC => C:Program FilesCCleanerCCleaner.exe [29212288 2021-08-27] (Piriform Software Ltd -> Piriform Software Ltd)

Task: {21E8BFE9-4F2E-4084-84AD-E69D971E0929} – System32TasksAvast SoftwareOverseer => C:Program FilesCommon FilesAVAST SoftwareOverseeroverseer.exe [1790184 2021-04-29] (Avast Software s.r.o. -> Avast Software)

Task: {2B7D3BF6-D888-4C22-BC95-29BF265DAF79} – System32TasksAvast SoftwareAvast BreachGuard Update => C:Program FilesCommon FilesAvast SoftwareIcarusavast-bgicarus.exe [6098200 2021-08-11] (Avast Software s.r.o. -> Avast Software)

Task: {36642C16-0E2B-4862-8332-7AD8DC05AC6A} – System32TasksMicrosoftWindowsAvastAntiTrackPremiumAvastAntiTrackPremiumStart => C:Program Files (x86)Avast SoftwareAvastAntiTrackPremiumAvastAntiTrackPremium.exe [839368 2021-09-06] (Avast Software s.r.o. -> AVAST Software)

Task: {391FC8D4-5BB9-4BFA-92E1-5CD7E85A41F3} – System32TasksCCleanerSkipUAC – henri => C:Program FilesCCleanerCCleaner.exe [29212288 2021-08-27] (Piriform Software Ltd -> Piriform Software Ltd)

Task: {3F911552-34A3-4160-8FBA-26D899FDBC35} – System32TasksNvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d “C:Program FilesNVIDIA CorporationNvBackendNvBatteryBoostCheck” -l 3 -f C:ProgramDataNVIDIANvContainerBatteryBoostCheck.log

Task: {48209113-D499-40C0-883B-5A5284250962} – System32TasksAvast SoftwareAvast BreachGuard Crash Reporter => C:Program FilesAvast SoftwareBreachGuardAvBugReport.exe [4760856 2021-08-15] (Avast Software s.r.o. -> AVAST Software) -> –send “dumps|report” –silent –product 135 –path “C:ProgramDataAvast SoftwareBreachGuardlog” –configpath “C:Program FilesAvast SoftwareBreachGuardSetup” –programpath “C:Program FilesAvast SoftwareBreachGuard” –guid 8e30076c-31bb-4714-b3b8-aa920175f05b

Task: {5F766BE8-553B-4D2D-9251-37CF1F754997} – System32TasksGoogleUpdateTaskMachineUA => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [156104 2019-12-17] (Google LLC -> Google LLC)

Task: {66B352D9-2AB9-4801-81BC-73616B00E32A} – System32TasksNVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNVIDIA GeForce ExperienceNVIDIA GeForce Experience.exe [3339120 2021-06-15] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {6DEEEAD2-D6CB-40E9-9658-A733D9E3EC9C} – System32TasksNvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d “C:Program FilesNVIDIA CorporationNvDriverUpdateCheck” -l 3 -f C:ProgramDataNVIDIANvContainerDriverUpdateCheck.log

Task: {80BA941B-5AA0-4D17-8254-635B1BA68CB8} – System32TasksCCleaner Update => C:Program FilesCCleanerCCUpdate.exe [684976 2021-08-27] (Piriform Software Ltd -> Piriform)

Task: {9F0D37E9-0461-49DC-A9B2-2947FDF193B1} – System32TasksNvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvBackendNvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {B1175339-7C18-4344-86C5-10FFCCE295FE} – System32TasksNvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program Files (x86)NVIDIA CorporationNvNodenvnodejslauncher.exe [645488 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {B34213DE-FD8A-48E5-9EA7-49AD1529518A} – System32TasksGyazoUpdateTaskMachine => C:Program Files (x86)GyazoGyazoUpdate.exe [6785448 2020-03-30] (Nota Inc. -> Nota Inc.)

Task: {B97017AB-9CE1-4EEE-9C2F-E6C62418AD85} – System32TasksNvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvBackendNvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {BDDF6B6E-8D60-4FCB-81CC-2C79781A715B} – System32TasksNvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationUpdate CoreNvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {D1B55F64-43F6-42DB-A6E8-B1F9480FE327} – System32TasksGyazoUpdateTaskMachineDaily => C:Program Files (x86)GyazoGyazoUpdate.exe [6785448 2020-03-30] (Nota Inc. -> Nota Inc.)

Task: {D3BDA5CF-281C-4127-BF46-9ECEE02B1D9C} – System32TasksAvast Emergency Update => C:Program FilesAVAST SoftwareAvastAvEmUpdate.exe [4917528 2021-09-07] (Avast Software s.r.o. -> AVAST Software)

Task: {E3BEFBF3-198D-434C-BCD2-AFEB4CB74924} – System32TasksNvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvBackendNvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {E6ED2F95-0579-421D-8F2C-A356BE9735E3} – System32TasksOverwolf Updater Task => C:Program Files (x86)OverwolfOverwolfUpdater.exe [2483032 2021-09-09] (Overwolf Ltd -> Overwolf LTD)

Task: {EFB23807-4823-4B7F-AA66-5F5D105C8812} – System32TasksNvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvBackendNvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {FAE01DAE-FA96-40B6-807E-29DCD7C91B2C} – System32TasksGoogleUpdateTaskMachineCore => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [156104 2019-12-17] (Google LLC -> Google LLC)

 

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

 

Task: C:WINDOWSTasksCreateExplorerShellUnelevatedTask.job => C:WINDOWSexplorer.exe

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

TcpipParameters: [DhcpNameServer] 62.241.198.246 62.241.198.245

Tcpip..Interfaces{95687193-b8fa-43f2-a431-9966cd2ce45b}: [DhcpNameServer] 62.241.198.246 62.241.198.245

Tcpip..Interfaces{c4ddeb5a-42db-4ea9-9366-bf063bcb9bbc}: [DhcpNameServer] 192.168.73.186

 

Edge: 

=======

Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:WindowsSystemAppsMicrosoft.MicrosoftEdge_8wekyb3d8bbweAssetsHostExtensionsAutoFormFill [not found]

Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:WindowsSystemAppsMicrosoft.MicrosoftEdge_8wekyb3d8bbweAssetsBookViewer [not found]

Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:WindowsSystemAppsMicrosoft.MicrosoftEdge_8wekyb3d8bbweAssetsHostExtensionsLearningTools [not found]

Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:WindowsSystemAppsMicrosoft.MicrosoftEdge_8wekyb3d8bbweAssetsHostExtensionsPinJSAPI [not found]

Edge DefaultProfile: Default

Edge Profile: C:UsershenriAppDataLocalMicrosoftEdgeUser DataDefault [2021-09-13]

 

Chrome: 

=======

CHR DefaultProfile: Default

CHR Profile: C:UsershenriAppDataLocalGoogleChromeUser DataDefault [2021-09-13]

CHR Notifications: Default -> hxxps://na.op.gg; hxxps://www.facebook.com; hxxps://www.filehorse.com; hxxps://www.ginx.tv; hxxps://www.reddit.com; hxxps://www.vietnamairlines.com

CHR Extension: (Slides) – C:UsershenriAppDataLocalGoogleChromeUser DataDefaultExtensionsaapocclcgogkmnckokdopfmhonfmgoek [2019-12-17]

CHR Extension: (Docs) – C:UsershenriAppDataLocalGoogleChromeUser DataDefaultExtensionsaohghmighlieiainnegkcijnfilokake [2019-12-17]

CHR Extension: (Google Drive) – C:UsershenriAppDataLocalGoogleChromeUser DataDefaultExtensionsapdfllckaahabafndbhieahigkjlhalf [2020-11-03]

CHR Extension: (WhatsChrome) – C:UsershenriAppDataLocalGoogleChromeUser DataDefaultExtensionsbgkodfmeijboinjdegggmkbkjfiagaan [2019-12-25]

CHR Extension: (YouTube) – C:UsershenriAppDataLocalGoogleChromeUser DataDefaultExtensionsblpcfgokakmgnkcojhhkbfbldkacnbeo [2019-12-17]

CHR Extension: (uBlock Origin) – C:UsershenriAppDataLocalGoogleChromeUser DataDefaultExtensionscjpalhdlnbpafiamejdnhcphjbkeiagm [2021-07-29]

CHR Extension: (Do Not Track) – C:UsershenriAppDataLocalGoogleChromeUser DataDefaultExtensionsckdcpbflcbeillmamogkpmdhnbeggfja [2020-01-14]

CHR Extension: (Search by Image (by Google)) – C:UsershenriAppDataLocalGoogleChromeUser DataDefaultExtensionsdajedkncpodkggklbegccjpmnglmnflm [2020-01-14]

CHR Extension: (Sheets) – C:UsershenriAppDataLocalGoogleChromeUser DataDefaultExtensionsfelcaaldnbdncclmgdcncolpebgiejap [2019-12-17]

CHR Extension: (IBA Opt-out (by Google)) – C:UsershenriAppDataLocalGoogleChromeUser DataDefaultExtensionsgbiekjoijknlhijdjbaadobpkdhmoebb [2020-01-14]

CHR Extension: (Google Docsin offline-tila) – C:UsershenriAppDataLocalGoogleChromeUser DataDefaultExtensionsghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-27]

CHR Extension: (AdBlock — best ad blocker) – C:UsershenriAppDataLocalGoogleChromeUser DataDefaultExtensionsgighmmpiobklfepjocnamgkkbiglidom [2021-09-09]

CHR Extension: (Avast Online Security) – C:UsershenriAppDataLocalGoogleChromeUser DataDefaultExtensionsgomekmidlodglbbmalcneegieacbdmki [2021-08-15]

CHR Extension: (Chrome Web Storen maksut) – C:UsershenriAppDataLocalGoogleChromeUser DataDefaultExtensionsnmmhkkegccagdldgiimedpiccmgmieda [2021-02-10]

CHR Extension: (Gmail) – C:UsershenriAppDataLocalGoogleChromeUser DataDefaultExtensionspjkljhegncpnkpknbcohdijeoejaedia [2020-11-03]

CHR Extension: (Avast AntiTrack Premium) – C:UsershenriAppDataLocalGoogleChromeUser DataDefaultExtensionsppdidpcihajhihmghhhkfnpklgdehold [2021-08-15]

 

==================== Services (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

R3 aswbIDSAgent; C:Program FilesAVAST SoftwareAvastaswidsagent.exe [8303184 2021-09-07] (Avast Software s.r.o. -> AVAST Software)

R2 Avast BreachGuard Service; C:Program FilesAvast SoftwareBreachGuardbgsvc.exe [5159192 2021-08-15] (Avast Software s.r.o. -> AVAST Software)

R2 avast! Antivirus; C:Program FilesAVAST SoftwareAvastAvastSvc.exe [630040 2021-09-07] (Avast Software s.r.o. -> AVAST Software)

R2 avast! Tools; C:Program FilesAVAST SoftwareAvastaswToolsSvc.exe [377624 2021-09-07] (Avast Software s.r.o. -> AVAST Software)

R2 AvastWscReporter; C:Program FilesAVAST SoftwareAvastwsc_proxy.exe [56912 2021-06-03] (Avast Software s.r.o. -> AVAST Software)

S4 BEService; C:Program Files (x86)Common FilesBattlEyeBEService.exe [8402648 2019-12-18] (BattlEye Innovations e.K. -> )

S4 EasyAntiCheat; C:Program Files (x86)EasyAntiCheatEasyAntiCheat.exe [820352 2020-04-02] (EasyAntiCheat Oy -> Epic Games, Inc)

R2 LGHUBUpdaterService; C:Program FilesLGHUBlghub_updater.exe [10787232 2021-08-04] (Logitech Inc -> Logitech, Inc.)

R2 MBAMService; C:Program FilesMalwarebytesAnti-MalwareMBAMService.exe [7785656 2021-09-13] (Malwarebytes Inc -> Malwarebytes)

S4 OverwolfUpdater; C:Program Files (x86)OverwolfOverwolfUpdater.exe [2483032 2021-09-09] (Overwolf Ltd -> Overwolf LTD)

R2 Razer Chroma SDK Server; C:Program Files (x86)Razer Chroma SDKbinRzSDKServer.exe [1134616 2021-05-20] (Razer USA Ltd. -> Razer Inc.)

R2 Razer Chroma SDK Service; C:Program Files (x86)Razer Chroma SDKbinRzSDKService.exe [356376 2021-09-07] (Razer USA Ltd. -> Razer Inc.)

R2 Razer Game Manager Service; C:Program Files (x86)RazerRazer ServicesGMSGameManagerService.exe [254224 2021-03-22] (Razer USA Ltd. -> Razer Inc)

R2 Razer Synapse Service; C:Program Files (x86)RazerSynapse3ServiceRazer Synapse Service.exe [294520 2021-08-23] (Razer USA Ltd. -> Razer Inc.)

R2 RzActionSvc; C:Program Files (x86)RazerRazer ServicesRazer CentralRazerCentralService.exe [533824 2021-08-30] (Razer USA Ltd. -> Razer Inc.)

S4 TeamViewer; C:Program FilesTeamViewerTeamViewer_Service.exe [14676264 2021-07-01] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

S3 WdNisSvc; C:Program FilesWindows DefenderNisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)

S3 WinDefend; C:Program FilesWindows DefenderMsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)

 

===================== Drivers (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

R0 aswArDisk; C:WINDOWSSystem32driversaswArDisk.sys [35712 2021-09-07] (Avast Software s.r.o. -> AVAST Software)

R1 aswArPot; C:WINDOWSSystem32driversaswArPot.sys [221584 2021-09-07] (Avast Software s.r.o. -> AVAST Software)

R1 aswbidsdriver; C:WINDOWSSystem32driversaswbidsdriver.sys [367632 2021-09-07] (Avast Software s.r.o. -> AVAST Software)

R0 aswbidsh; C:WINDOWSSystem32driversaswbidsh.sys [250384 2021-09-07] (Avast Software s.r.o. -> AVAST Software)

R0 aswbuniv; C:WINDOWSSystem32driversaswbuniv.sys [99344 2021-09-07] (Avast Software s.r.o. -> AVAST Software)

R0 aswElam; C:WINDOWSSystem32driversaswElam.sys [17344 2021-08-15] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)

R1 aswKbd; C:WINDOWSSystem32driversaswKbd.sys [41344 2021-09-07] (Avast Software s.r.o. -> AVAST Software)

R1 aswMonFlt; C:WINDOWSSystem32driversaswMonFlt.sys [184120 2021-09-07] (Avast Software s.r.o. -> AVAST Software)

R1 aswNetHub; C:WINDOWSSystem32driversaswNetHub.sys [538464 2021-09-07] (Avast Software s.r.o. -> AVAST Software)

R1 aswRdr; C:WINDOWSSystem32driversaswRdr2.sys [107840 2021-09-07] (Avast Software s.r.o. -> AVAST Software)

R0 aswRvrt; C:WINDOWSSystem32driversaswRvrt.sys [82904 2021-09-07] (Avast Software s.r.o. -> AVAST Software)

R1 aswSnx; C:WINDOWSSystem32driversaswSnx.sys [851704 2021-09-07] (Avast Software s.r.o. -> AVAST Software)

R1 aswSP; C:WINDOWSSystem32driversaswSP.sys [553496 2021-09-07] (Avast Software s.r.o. -> AVAST Software)

R2 aswStm; C:WINDOWSSystem32driversaswStm.sys [215384 2021-09-07] (Avast Software s.r.o. -> AVAST Software)

R0 aswVmm; C:WINDOWSSystem32driversaswVmm.sys [328568 2021-09-07] (Avast Software s.r.o. -> AVAST Software)

S3 BthA2dp; C:WINDOWSSystem32driversBthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]

S3 dg_ssudbus; C:WINDOWSsystem32DRIVERSssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)

R1 ESProtectionDriver; C:WINDOWSsystem32driversmbae64.sys [160176 2021-09-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)

R2 LGHUBTemperatureService; C:Program FilesLGHUBlogi_core_temp.sys [22864 2021-08-04] (Logitech Inc -> Logitech)

R3 logi_joy_bus_enum; C:WINDOWSsystem32driverslogi_joy_bus_enum.sys [37200 2021-08-04] (Logitech Inc -> Logitech)

R3 logi_joy_vir_hid; C:WINDOWSsystem32driverslogi_joy_vir_hid.sys [25928 2021-08-04] (Logitech Inc -> Logitech)

R3 logi_joy_xlcore; C:WINDOWSsystem32driverslogi_joy_xlcore.sys [66896 2021-08-04] (Logitech Inc -> Logitech)

R2 MBAMChameleon; C:WINDOWSSystem32DriversMbamChameleon.sys [210344 2021-09-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)

S0 MbamElam; C:WINDOWSSystem32DRIVERSMbamElam.sys [19912 2021-09-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)

R3 MBAMFarflt; C:WINDOWSSystem32DRIVERSfarflt.sys [198888 2021-09-13] (Malwarebytes Inc -> Malwarebytes)

R3 MBAMProtection; C:WINDOWSsystem32DRIVERSmbam.sys [68528 2021-09-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)

R3 MBAMSwissArmy; C:WINDOWSSystem32Driversmbamswissarmy.sys [248992 2021-09-13] (Malwarebytes Inc -> Malwarebytes)

R3 MBAMWebProtection; C:WINDOWSsystem32DRIVERSmwac.sys [149424 2021-09-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)

R1 netfilter2; C:WINDOWSSystem32driversnetfilter2.sys [108872 2021-09-06] (Avast Software s.r.o. -> Windows ® Win 7 DDK provider)

R3 RzCommon; C:WINDOWSSystem32driversRzCommon.sys [54632 2021-03-30] (Razer USA Ltd. -> Razer Inc)

R3 RzDev_005c; C:WINDOWSSystem32driversRzDev_005c.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc)

R3 RzDev_0306; C:WINDOWSSystem32driversRzDev_0306.sys [54168 2020-08-24] (Razer USA Ltd. -> Razer Inc)

S3 WdBoot; C:WINDOWSsystem32driversWdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)

S3 WdFilter; C:WINDOWSsystem32driversWdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)

S3 WdNisDrv; C:WINDOWSSystem32DriversWdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)

 

==================== NetSvcs (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

 

==================== One month (created) (Whitelisted) =========

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2021-09-13 14:13 – 2021-09-13 14:15 – 000000000 ____D C:FRST

2021-09-13 12:17 – 2021-09-13 12:17 – 000580553 _____ C:UsershenriDownloadsKotitehtava2-13.9.pdf

2021-09-13 10:30 – 2021-09-13 10:30 – 000210344 _____ (Malwarebytes) C:WINDOWSsystem32DriversMbamChameleon.sys

2021-09-13 10:30 – 2021-09-13 10:30 – 000198888 _____ (Malwarebytes) C:WINDOWSsystem32Driversfarflt.sys

2021-09-13 10:30 – 2021-09-13 10:30 – 000149424 _____ (Malwarebytes) C:WINDOWSsystem32Driversmwac.sys

2021-09-13 10:30 – 2021-09-13 10:30 – 000068528 _____ (Malwarebytes) C:WINDOWSsystem32Driversmbam.sys

2021-09-13 10:25 – 2021-09-13 10:25 – 033506648 _____ C:UsershenriDownloadsRogueKiller_portable64.exe

2021-09-13 10:25 – 2021-09-13 10:25 – 000000000 ____D C:ProgramDataRogueKiller

2021-09-13 09:29 – 2021-09-13 09:51 – 000368282 _____ C:WINDOWSntbtlog.txt

2021-09-13 09:29 – 2021-09-13 09:29 – 000000214 _____ C:WINDOWSTasksCreateExplorerShellUnelevatedTask.job

2021-09-13 09:00 – 2021-09-13 09:00 – 008553680 _____ (Malwarebytes) C:UsershenriDownloadsadwcleaner_8.3.0.exe

2021-09-13 09:00 – 2021-09-13 09:00 – 000000000 ____D C:AdwCleaner

2021-09-13 08:54 – 2021-09-13 08:54 – 000000000 ____D C:UsershenriAppDataLocalmbam

2021-09-13 08:53 – 2021-09-13 09:51 – 000248992 _____ (Malwarebytes) C:WINDOWSsystem32Driversmbamswissarmy.sys

2021-09-13 08:53 – 2021-09-13 08:53 – 002101944 _____ (Malwarebytes) C:UsershenriDownloadsMBSetup-119967.119967-consumer.exe

2021-09-13 08:53 – 2021-09-13 08:53 – 000160176 _____ (Malwarebytes) C:WINDOWSsystem32Driversmbae64.sys

2021-09-13 08:53 – 2021-09-13 08:53 – 000019912 _____ (Malwarebytes) C:WINDOWSsystem32DriversMbamElam.sys

2021-09-13 08:53 – 2021-09-13 08:53 – 000002040 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsMalwarebytes.lnk

2021-09-13 08:53 – 2021-09-13 08:53 – 000000000 ____D C:ProgramDataMalwarebytes

2021-09-13 08:53 – 2021-09-13 08:53 – 000000000 ____D C:Program FilesMalwarebytes

2021-09-10 16:42 – 2021-09-10 16:42 – 000000000 ____D C:WINDOWSLastGood.Tmp

2021-09-07 06:27 – 2021-09-07 06:27 – 000340248 _____ (AVAST Software) C:WINDOWSsystem32aswBoot.exe

2021-09-07 06:27 – 2021-09-07 06:27 – 000215384 _____ (AVAST Software) C:WINDOWSsystem32DriversaswStm.sys

2021-09-02 17:33 – 2021-09-02 17:33 – 022290505 _____ C:UsershenriDownloadsVID_20210606_104804_4 (1).mp4

2021-09-02 17:33 – 2021-09-02 17:33 – 004582166 _____ C:UsershenriDownloads20200331_193431.mp4

2021-09-02 17:32 – 2021-09-02 17:32 – 022290505 _____ C:UsershenriDownloadsVID_20210606_104804_4.mp4

2021-08-19 06:00 – 2021-09-12 21:05 – 000002252 _____ C:WINDOWSsystem32TasksCCleanerSkipUAC – henri

2021-08-15 15:07 – 2021-08-15 15:07 – 000002130 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsAvast BreachGuard.lnk

2021-08-15 15:07 – 2021-08-15 15:07 – 000000000 _RSHD C:ProgramDataKey-Base

2021-08-15 15:07 – 2021-08-15 15:07 – 000000000 ____D C:ProgramData{3BA19C40-3B1F-4569-E566-380F721F5614}

2021-08-15 15:06 – 2021-09-06 20:55 – 000108872 _____ (Windows ® Win 7 DDK provider) C:WINDOWSsystem32Driversnetfilter2.sys

2021-08-15 15:06 – 2021-09-04 17:21 – 000036120 _____ (Avast Software) C:WINDOWSsystem32icarus_rvrt.exe

2021-08-15 15:06 – 2021-08-15 15:07 – 000000000 ____D C:UsershenriAppDataLocalAvastAntiTrackPremium

2021-08-15 15:06 – 2021-08-15 15:06 – 000002481 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsAvast AntiTrack Premium.lnk

2021-08-15 15:06 – 2021-08-15 15:06 – 000000000 ____D C:Program FilesMicrosoft SQL Server Compact Edition

2021-08-15 15:06 – 2021-08-15 15:06 – 000000000 ____D C:Program Files (x86)Microsoft SQL Server Compact Edition

2021-08-15 15:06 – 2021-08-15 15:06 – 000000000 ____D C:Program Files (x86)Avast Software

2021-08-14 08:51 – 2021-08-14 08:51 – 000000000 ____D C:Program Files (x86)OnePlus USB Drivers

 

==================== One month (modified) ==================

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2021-09-13 14:13 – 2019-12-17 20:29 – 000000000 ____D C:Program Files (x86)Google

2021-09-13 14:12 – 2020-01-10 21:27 – 000000000 ____D C:UsershenriAppDataRoamingbet-blocker

2021-09-13 14:09 – 2019-11-09 10:49 – 000000000 ____D C:ProgramDataNVIDIA

2021-09-13 14:08 – 2021-08-04 16:42 – 000000000 ____D C:UsershenriAppDataRoamingLGHUB

2021-09-13 14:08 – 2021-08-04 16:42 – 000000000 ____D C:UsershenriAppDataLocalLGHUB

2021-09-13 14:08 – 2020-11-16 11:45 – 000000000 ____D C:UsershenriAppDataLocalDiscord

2021-09-13 14:08 – 2020-08-18 11:17 – 000000000 ____D C:Program FilesCCleaner

2021-09-13 14:08 – 2019-12-18 16:11 – 000000000 ____D C:UsershenriAppDataRoamingDiscord

2021-09-13 14:08 – 2019-12-17 20:24 – 000000000 ___RD C:UsershenriOneDrive

2021-09-13 13:18 – 2020-09-19 08:34 – 000000000 ____D C:WINDOWSsystem32SleepStudy

2021-09-13 13:18 – 2019-12-07 12:14 – 000000000 ____D C:ProgramDataregid.1991-06.com.microsoft

2021-09-13 12:19 – 2019-12-18 16:35 – 000000000 ____D C:ProgramDataRiot Games

2021-09-13 12:16 – 2019-12-20 19:36 – 000000000 ____D C:Usershenri.runelite

2021-09-13 11:55 – 2019-12-20 19:36 – 000000044 _____ C:Usershenrijagex_cl_oldschool_LIVE.dat

2021-09-13 11:55 – 2019-12-20 19:36 – 000000024 _____ C:Usershenrirandom.dat

2021-09-13 10:37 – 2020-09-19 08:45 – 001346474 _____ C:WINDOWSsystem32PerfStringBackup.INI

2021-09-13 10:37 – 2019-12-07 17:53 – 000437276 _____ C:WINDOWSsystem32perfh00B.dat

2021-09-13 10:37 – 2019-12-07 17:53 – 000081374 _____ C:WINDOWSsystem32perfc00B.dat

2021-09-13 10:37 – 2019-12-07 12:13 – 000000000 ____D C:WINDOWSINF

2021-09-13 10:30 – 2020-09-19 08:40 – 000000006 ____H C:WINDOWSTasksSA.DAT

2021-09-13 10:30 – 2020-09-19 08:34 – 000008192 ___SH C:DumpStack.log.tmp

2021-09-13 10:30 – 2019-12-17 20:30 – 000000000 ____D C:ProgramDataAVAST Software

2021-09-13 10:30 – 2019-12-07 12:03 – 000524288 _____ C:WINDOWSsystem32configBBI

2021-09-13 09:55 – 2021-07-14 06:16 – 000000000 ____D C:Program FilesTeamViewer

2021-09-13 09:55 – 2021-06-21 21:20 – 000000000 ____D C:UsershenriAppDataLocalOverwolf

2021-09-13 09:13 – 2019-12-20 20:10 – 000000000 ____D C:UsershenriAppDataLocalD3DSCache

2021-09-13 08:53 – 2019-12-07 12:14 – 000000000 ___HD C:WINDOWSELAMBKUP

2021-09-13 08:51 – 2021-06-21 21:22 – 000000000 ____D C:Program Files (x86)Overwolf

2021-09-13 08:51 – 2020-06-27 16:40 – 000002449 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsMicrosoft Edge.lnk

2021-09-13 08:51 – 2019-12-07 12:14 – 000000000 ___HD C:Program FilesWindowsApps

2021-09-13 08:51 – 2019-12-07 12:14 – 000000000 ____D C:WINDOWSAppReadiness

2021-09-12 21:05 – 2021-06-21 21:22 – 000003244 _____ C:WINDOWSsystem32TasksOverwolf Updater Task

2021-09-12 21:05 – 2020-09-19 08:40 – 000003474 _____ C:WINDOWSsystem32TasksMicrosoftEdgeUpdateTaskMachineUA

2021-09-12 21:05 – 2020-09-19 08:40 – 000003458 _____ C:WINDOWSsystem32TasksGoogleUpdateTaskMachineUA

2021-09-12 21:05 – 2020-09-19 08:40 – 000003398 _____ C:WINDOWSsystem32TasksNvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-09-12 21:05 – 2020-09-19 08:40 – 000003250 _____ C:WINDOWSsystem32TasksMicrosoftEdgeUpdateTaskMachineCore

2021-09-12 21:05 – 2020-09-19 08:40 – 000003234 _____ C:WINDOWSsystem32TasksGoogleUpdateTaskMachineCore

2021-09-12 21:05 – 2020-09-19 08:40 – 000003196 _____ C:WINDOWSsystem32TasksNvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-09-12 21:05 – 2020-09-19 08:40 – 000003152 _____ C:WINDOWSsystem32TasksNVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-09-12 21:05 – 2020-09-19 08:40 – 000002988 _____ C:WINDOWSsystem32TasksCCleaner Update

2021-09-12 21:05 – 2020-09-19 08:40 – 000002984 _____ C:WINDOWSsystem32TasksNvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-09-12 21:05 – 2020-09-19 08:40 – 000002948 _____ C:WINDOWSsystem32TasksNvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-09-12 21:05 – 2020-09-19 08:40 – 000002948 _____ C:WINDOWSsystem32TasksNvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-09-12 21:05 – 2020-09-19 08:40 – 000002948 _____ C:WINDOWSsystem32TasksNvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-09-12 21:05 – 2020-09-19 08:40 – 000002948 _____ C:WINDOWSsystem32TasksNvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-09-12 21:05 – 2020-09-19 08:40 – 000002914 _____ C:WINDOWSsystem32TasksNvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-09-12 21:05 – 2020-09-19 08:40 – 000002858 _____ C:WINDOWSsystem32TasksOneDrive Standalone Update Task-S-1-5-21-1057236013-670151578-2365807831-1003

2021-09-12 21:05 – 2020-09-19 08:40 – 000002854 _____ C:WINDOWSsystem32TasksOneDrive Standalone Update Task-S-1-5-21-1057236013-670151578-2365807831-500

2021-09-12 21:05 – 2020-09-19 08:40 – 000002744 _____ C:WINDOWSsystem32TasksNvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2021-09-12 21:05 – 2020-09-19 08:40 – 000002664 _____ C:WINDOWSsystem32TasksGyazoUpdateTaskMachineDaily

2021-09-12 21:05 – 2020-09-19 08:40 – 000002524 _____ C:WINDOWSsystem32TasksGyazoUpdateTaskMachine

2021-09-12 21:05 – 2020-09-19 08:40 – 000002236 _____ C:WINDOWSsystem32TasksCCleanerSkipUAC

2021-09-12 21:05 – 2020-09-19 08:40 – 000000000 ____D C:WINDOWSsystem32TasksAvast Software

2021-09-12 21:05 – 2020-09-19 08:35 – 000000000 ____D C:Usershenri

2021-09-12 21:05 – 2019-12-18 16:14 – 000000000 ____D C:Program Files (x86)Steam

2021-09-12 20:54 – 2020-01-09 17:30 – 000000000 ____D C:UsershenriAppDataLocalCrashDumps

2021-09-09 17:42 – 2021-01-26 19:16 – 000000000 ____D C:Program FilesMicrosoft Update Health Tools

2021-09-09 17:41 – 2020-02-01 23:45 – 000000000 ____D C:Program Files (x86)Razer Chroma SDK

2021-09-08 19:37 – 2019-12-17 20:29 – 000002302 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle Chrome.lnk

2021-09-07 06:27 – 2020-11-05 01:01 – 000184120 _____ (AVAST Software) C:WINDOWSsystem32DriversaswMonFlt.sys

2021-09-07 06:27 – 2020-09-19 08:40 – 000003990 _____ C:WINDOWSsystem32TasksAvast Emergency Update

2021-09-07 06:27 – 2020-05-22 13:17 – 000538464 _____ (AVAST Software) C:WINDOWSsystem32DriversaswNetHub.sys

2021-09-07 06:27 – 2019-12-17 20:30 – 000851704 _____ (AVAST Software) C:WINDOWSsystem32DriversaswSnx.sys

2021-09-07 06:27 – 2019-12-17 20:30 – 000553496 _____ (AVAST Software) C:WINDOWSsystem32DriversaswSP.sys

2021-09-07 06:27 – 2019-12-17 20:30 – 000367632 _____ (AVAST Software) C:WINDOWSsystem32Driversaswbidsdriver.sys

2021-09-07 06:27 – 2019-12-17 20:30 – 000328568 _____ (AVAST Software) C:WINDOWSsystem32DriversaswVmm.sys

2021-09-07 06:27 – 2019-12-17 20:30 – 000250384 _____ (AVAST Software) C:WINDOWSsystem32Driversaswbidsh.sys

2021-09-07 06:27 – 2019-12-17 20:30 – 000221584 _____ (AVAST Software) C:WINDOWSsystem32DriversaswArPot.sys

2021-09-07 06:27 – 2019-12-17 20:30 – 000107840 _____ (AVAST Software) C:WINDOWSsystem32DriversaswRdr2.sys

2021-09-07 06:27 – 2019-12-17 20:30 – 000099344 _____ (AVAST Software) C:WINDOWSsystem32Driversaswbuniv.sys

2021-09-07 06:27 – 2019-12-17 20:30 – 000082904 _____ (AVAST Software) C:WINDOWSsystem32DriversaswRvrt.sys

2021-09-07 06:27 – 2019-12-17 20:30 – 000041344 _____ (AVAST Software) C:WINDOWSsystem32DriversaswKbd.sys

2021-09-07 06:27 – 2019-12-17 20:30 – 000035712 _____ (AVAST Software) C:WINDOWSsystem32DriversaswArDisk.sys

2021-09-05 17:18 – 2020-09-19 08:35 – 000002408 _____ C:UsershenriAppDataRoamingMicrosoftWindowsStart MenuProgramsOneDrive.lnk

2021-09-02 17:28 – 2020-02-01 23:46 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsRazer

2021-09-02 17:26 – 2019-11-09 10:45 – 000000000 ____D C:ProgramDataPackage Cache

2021-09-01 22:00 – 2020-10-02 15:27 – 000000000 ____D C:UsershenriAppDataRoamingTwitch

2021-08-31 02:02 – 2020-06-25 15:12 – 000079840 _____ (Razer Inc) C:WINDOWSsystem32RazerS2S3Coinstaller.dll

2021-08-18 20:17 – 2019-12-17 20:22 – 000000000 ____D C:UsershenriAppDataLocalPackages

2021-08-17 01:22 – 2021-01-26 19:16 – 000740168 _____ (Microsoft Corporation) C:WINDOWSsystem32sedplugins.dll

2021-08-17 01:22 – 2021-01-26 19:16 – 000486728 _____ (Microsoft Corporation) C:WINDOWSsystem32QualityUpdateAssistant.dll

2021-08-15 22:00 – 2021-05-28 09:40 – 000017344 _____ (AVAST Software) C:WINDOWSsystem32DriversaswElam.sys

2021-08-15 15:07 – 2021-06-09 22:09 – 000000000 ____D C:UsershenriAppDataLocalAvast Software

2021-08-15 15:07 – 2019-12-17 20:30 – 000000000 ____D C:Program FilesAVAST Software

2021-08-15 15:06 – 2019-12-17 20:30 – 000000000 ____D C:Program FilesCommon FilesAVAST Software

2021-08-14 08:09 – 2019-12-07 12:14 – 000000000 ____D C:WINDOWSsystem32NDF

2021-08-14 07:54 – 2020-01-31 20:00 – 000000000 ____D C:UsershenriAppDataLocalElevatedDiagnostics

 

==================== SigCheck ============================

 

(There is no automatic fix for files that do not pass verification.)

 

==================== End of FRST.txt ========================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-09-2021

Ran by henri (13-09-2021 14:16:00)

Running from C:UsershenriOneDriveTyöpöytä

Windows 10 Home Version 21H1 19043.1165 (X64) (2020-09-19 05:40:27)

Boot Mode: Normal

==========================================================

 

 

==================== Accounts: =============================

 

 

(If an entry is included in the fixlist, it will be removed.)

 

DefaultAccount (S-1-5-21-1057236013-670151578-2365807831-503 – Limited – Disabled)

henri (S-1-5-21-1057236013-670151578-2365807831-1003 – Administrator – Enabled) => C:Usershenri

Järjestelmänvalvoja (S-1-5-21-1057236013-670151578-2365807831-500 – Administrator – Disabled)

Vieras (S-1-5-21-1057236013-670151578-2365807831-501 – Limited – Disabled)

WDAGUtilityAccount (S-1-5-21-1057236013-670151578-2365807831-504 – Limited – Disabled)

 

==================== Security Center ========================

 

(If an entry is included in the fixlist, it will be removed.)

 

AV: Windows Defender (Disabled – Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AV: Avast Antivirus (Enabled – Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}

AV: Malwarebytes (Enabled – Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}

 

==================== Installed Programs ======================

 

(Only the adware programs with “Hidden” flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 

AMD_Chipset_Drivers (HKLM-x32…{BE074C42-5445-4619-B345-F46193F6BCD3}) (Version: 1.09.27.1033 – Advanced Micro Devices, Inc.) Hidden

AMD_Chipset_Drivers (HKLM-x32…AMD_Chipset_IODrivers) (Version: 1.09.27.1033 – Advanced Micro Devices, Inc.)

AutoHotkey 1.1.33.06 (HKLM…AutoHotkey) (Version: 1.1.33.06 – Lexikos)

Avast AntiTrack Premium (HKLM-x32…AvastAntiTrackPremium) (Version: 2.2.453.514 – Avast Software)

Avast BreachGuard (HKLM…AvastBreachGuard) (Version: 21.3.1288.4558 – Avast Software)

Avast Free Antivirus (HKLM…Avast Antivirus) (Version: 21.7.2481 – Avast Software)

Battle.net (HKLM-x32…Battle.net) (Version:  – Blizzard Entertainment)

BetBlocker 1.0.0 (HKLM…f1715420-67f8-5121-ba0f-15254f860874) (Version: 1.0.0 – Kombleepa)

Burning Crusade Classic (HKLM-x32…Burning Crusade Classic) (Version:  – Blizzard Entertainment)

CCleaner (HKLM…CCleaner) (Version: 5.84 – Piriform)

CurseForge (HKUS-1-5-21-1057236013-670151578-2365807831-1003…Overwolf_cchhcaiapeikjbdbpfplgmpobbcdkdaphclbmkbj) (Version: 0.181.2.16 – Overwolf app)

Diablo III (HKLM-x32…Diablo III) (Version:  – Blizzard Entertainment)

Diablo III Public Test (HKLM-x32…Diablo III Public Test) (Version:  – Blizzard Entertainment)

Discord (HKUS-1-5-21-1057236013-670151578-2365807831-1003…Discord) (Version: 0.0.309 – Discord Inc.)

GhostMouse (HKLM-x32…GhostMouse_is1) (Version: Free V3.2.3 – ghost-mouse.com)

Google Chrome (HKLM-x32…Google Chrome) (Version: 93.0.4577.63 – Google LLC)

Gyazo 4.1.2.0 (HKLM-x32…{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  – Nota Inc.)

Hextech Repair Tool (HKLM-x32…{7F9A97E6-E666-11E5-B582-B88687E82322}) (Version: 1.1.176 – Riot Games, Inc.)

HyperCam 2 (HKLM…HyperCam 2) (Version: 2.29.01 – Hyperionics Technology LLC)

League of Legends (HKUS-1-5-21-1057236013-670151578-2365807831-1003…Riot Game league_of_legends.live) (Version:  – Riot Games, Inc)

League of Legends PBE (HKUS-1-5-21-1057236013-670151578-2365807831-1003…Riot Game league_of_legends.pbe) (Version:  – Riot Games, Inc)

Little Fighter (HKLM-x32…Little Fighter) (Version:  – )

Logitech G HUB (HKLM…{521c89be-637f-4274-a840-baaf7460c2b2}) (Version: 2021.8.792 – Logitech)

Malwarebytes version 4.4.6.132 (HKLM…{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.6.132 – Malwarebytes)

Microsoft Edge (HKLM-x32…Microsoft Edge) (Version: 93.0.961.47 – Microsoft Corporation)

Microsoft OneDrive (HKUS-1-5-21-1057236013-670151578-2365807831-1003…OneDriveSetup.exe) (Version: 21.160.0808.0002 – Microsoft Corporation)

Microsoft SQL Server Compact 4.0 x64 ENU (HKLM…{8424B163-D1E0-48B7-88A2-C7A61767B3D7}) (Version: 4.0.8482.1 – Microsoft Corporation)

Microsoft Update Health Tools (HKLM…{7B981965-2FBC-433C-B4B3-E183EE97CD29}) (Version: 2.83.0.0 – Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) – 12.0.30501 (HKLM-x32…{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 – Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) – 12.0.30501 (HKLM-x32…{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 – Microsoft Corporation)

Microsoft Visual C++ 2015-2019 Redistributable (x64) – 14.24.28127 (HKLM-x32…{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 – Microsoft Corporation)

Microsoft Visual C++ 2015-2019 Redistributable (x86) – 14.28.29914 (HKLM-x32…{1b5476d9-ab8e-4b0d-b004-059a1bd5568b}) (Version: 14.28.29914.0 – Microsoft Corporation)

Minecraft Launcher (HKLM-x32…{E15F69FA-660D-45CC-B28F-6CBC4CAD2091}) (Version: 1.0.0.0 – Mojang)

NVIDIA FrameView SDK 1.1.4923.29968894 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29968894 – NVIDIA Corporation)

NVIDIA GeForce Experience 3.23.0.74 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.23.0.74 – NVIDIA Corporation)

NVIDIA Grafiikkaohjain 456.71 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 456.71 – NVIDIA Corporation)

NVIDIA HD-ääniohjain 1.3.38.35 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.35 – NVIDIA Corporation)

NVIDIA PhysX-järjestelmäohjelmisto 9.19.0218 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 – NVIDIA Corporation)

NVIDIA USBC Driver 1.45.831.832 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.45.831.832 – NVIDIA Corporation)

OnePlus USB Drivers 1.00 (HKLM-x32…OnePlus USB Drivers 1.00) (Version: 1.00 – OnePlus, Inc)

Overwolf (HKLM-x32…Overwolf) (Version: 0.180.0.5 – Overwolf Ltd.)

Promontory_GPIO Driver (HKLM-x32…{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 2.0.1.0 – Advanced Micro Devices, Inc.) Hidden

Razer Synapse (HKLM-x32…Razer Synapse) (Version: 3.6.0831.082317 – Razer Inc.)

Realtek High Definition Audio Driver (HKLM-x32…{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8186 – Realtek Semiconductor Corp.)

RuneLite (HKUS-1-5-21-1057236013-670151578-2365807831-1003…RuneLite Launcher_is1) (Version: 2.1.0 – RuneLite)

RuneScape Launcher 2.2.7 (HKLM…RuneScape Launcher_is1) (Version: 2.2.7 – Jagex Ltd)

Soldat 1.7.1.1 (HKLM-x32…Soldat_is1) (Version: 1.7.1.1 – Michal Marcinkowski)

Steam (HKLM-x32…Steam) (Version: 2.10.91.91 – Valve Corporation)

TeamViewer (HKLM…TeamViewer) (Version: 15.19.5 – TeamViewer)

Twitch (HKUS-1-5-21-1057236013-670151578-2365807831-1003…{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 – Twitch Interactive, Inc.)

World of Warcraft (HKLM-x32…World of Warcraft) (Version:  – Blizzard Entertainment)

 

Packages:

=========

Bubble Witch 3 Saga -> C:Program FilesWindowsAppsking.com.BubbleWitch3Saga_7.8.33.0_x86__kgqvnymyfvs32 [2021-08-26] (king.com)

Candy Crush Friends -> C:Program FilesWindowsAppsking.com.CandyCrushFriends_1.63.5.0_x86__kgqvnymyfvs32 [2021-09-01] (king.com)

Desktop Live Wallpapers -> C:Program FilesWindowsApps48405AmbientSoftware.LiveDesktopWallpapers_1.2.17.0_neutral__agy8jafheqhng [2020-09-16] (Ambient Software) [Startup Task]

Microsoft Advertising SDK for XAML -> C:Program FilesWindowsAppsMicrosoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-12-18] (Microsoft Corporation) [MS Ad]

Microsoft Advertising SDK for XAML -> C:Program FilesWindowsAppsMicrosoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-12-18] (Microsoft Corporation) [MS Ad]

Microsoft Solitaire Collection -> C:Program FilesWindowsAppsMicrosoft.MicrosoftSolitaireCollection_4.10.7290.0_x64__8wekyb3d8bbwe [2021-08-06] (Microsoft Studios) [MS Ad]

Spotify Music -> C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.167.586.0_x86__zpdnekdrzrea0 [2021-09-05] (Spotify AB) [Startup Task]

 

==================== Custom CLSID (Whitelisted): ==============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:Program FilesAVAST SoftwareAvastashShell.dll [2021-09-07] (Avast Software s.r.o. -> AVAST Software)

ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:Program FilesAVAST SoftwareAvastashShell.dll [2021-09-07] (Avast Software s.r.o. -> AVAST Software)

ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:Program FilesAVAST SoftwareAvastashShell.dll [2021-09-07] (Avast Software s.r.o. -> AVAST Software)

ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:Program FilesAVAST SoftwareAvastashShell.dll [2021-09-07] (Avast Software s.r.o. -> AVAST Software)

ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:Program FilesMalwarebytesAnti-Malwarembshlext.dll [2021-09-13] (Malwarebytes Corporation -> Malwarebytes)

ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:WINDOWSsystem32nvshext.dll [2020-10-01] (NVIDIA Corporation -> NVIDIA Corporation)

ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:Program FilesAVAST SoftwareAvastashShell.dll [2021-09-07] (Avast Software s.r.o. -> AVAST Software)

ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:Program FilesMalwarebytesAnti-Malwarembshlext.dll [2021-09-13] (Malwarebytes Corporation -> Malwarebytes)

 

==================== Codecs (Whitelisted) ====================

 

==================== Shortcuts & WMI ========================

 

(The entries could be listed to be restored or removed.)

 

ShortcutWithArgument: C:UsershenriAppDataRoamingMicrosoftWindowsStart MenuProgramsChrome-sovelluksetWhatsChrome.lnk -> C:Program Files (x86)GoogleChromeApplicationchrome_proxy.exe (Google LLC) ->  –profile-directory=Default –app-id=bgkodfmeijboinjdegggmkbkjfiagaan

ShortcutWithArgument: C:UsershenriAppDataRoamingMicrosoftInternet ExplorerQuick LaunchUser PinnedTaskBarWhatsChrome.lnk -> C:Program Files (x86)GoogleChromeApplicationchrome_proxy.exe (Google LLC) ->  –profile-directory=Default –app-id=bgkodfmeijboinjdegggmkbkjfiagaan

 

==================== Loaded Modules (Whitelisted) =============

 

2021-08-04 16:42 – 2021-08-04 16:42 – 000634880 _____ () [File not signed] ?C:Program FilesLGHUBresourcesapp.asar.unpackednode_moduleskeytarbuildReleasekeytar.node

2021-05-04 06:55 – 2021-05-04 06:55 – 001230336 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:Program Files (x86)Razer Chroma SDKbinPocoFoundation.dll

2021-05-04 06:55 – 2021-05-04 06:55 – 000207872 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:Program Files (x86)Razer Chroma SDKbinPocoJSON.dll

2021-05-04 06:55 – 2021-05-04 06:55 – 000810496 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:Program Files (x86)Razer Chroma SDKbinPocoNet.dll

2021-05-04 06:55 – 2021-05-04 06:55 – 000238592 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:Program Files (x86)Razer Chroma SDKbinPocoNetSSLWin.dll

2021-05-04 06:55 – 2021-05-04 06:55 – 000335360 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:Program Files (x86)Razer Chroma SDKbinPocoUtil.dll

2021-05-04 06:55 – 2021-05-04 06:55 – 000455168 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:Program Files (x86)Razer Chroma SDKbinPocoXML.dll

2021-08-15 15:06 – 2021-08-15 15:06 – 000180224 _____ (Software Security System) [File not signed] C:Program Files (x86)Avast SoftwareAvastAntiTrackPremiumEkc3220.dll

 

==================== Alternate Data Streams (Whitelisted) ========

 

==================== Safe Mode (Whitelisted) ==================

 

(If an entry is included in the fixlist, it will be removed from the registry. The “AlternateShell” will be restored.)

 

HKLMSYSTEMCurrentControlSetControlSafeBootMinimalaswSP.sys => “”=”Driver”

HKLMSYSTEMCurrentControlSetControlSafeBootMinimalMBAMService => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkaswSP.sys => “”=”Driver”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkMBAMService => “”=”Service”

 

==================== Association (Whitelisted) =================

 

==================== Internet Explorer (Whitelisted) ==========

 

 

==================== Hosts content: =========================

 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

 

2019-03-19 07:49 – 2019-03-19 07:49 – 000000824 _____ C:WINDOWSsystem32driversetchosts

 

==================== Other Areas ===========================

 

(Currently there is no automatic fix for this section.)

 

HKUS-1-5-21-1057236013-670151578-2365807831-1003Control PanelDesktopWallpaper -> C:UsershenriAppDataLocalPackagesMicrosoft.Windows.Photos_8wekyb3d8bbweLocalStatePhotosAppBackground145276-technology-green-Razer.jpg

DNS Servers: 62.241.198.246 – 62.241.198.245

HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorer => (SmartScreenEnabled: )

Windows Firewall is enabled.

 

==================== MSCONFIG/TASK MANAGER disabled items ==

 

(If an entry is included in the fixlist, it will be removed.)

 

MSCONFIGServices: BEService => 3

MSCONFIGServices: EasyAntiCheat => 3

MSCONFIGServices: OverwolfUpdater => 3

MSCONFIGServices: TeamViewer => 2

HKUS-1-5-21-1057236013-670151578-2365807831-1003…StartupApprovedStartupFolder: => “Twitch.lnk”

HKUS-1-5-21-1057236013-670151578-2365807831-1003…StartupApprovedRun: => “Steam”

HKUS-1-5-21-1057236013-670151578-2365807831-1003…StartupApprovedRun: => “Overwolf”

 

==================== FirewallRules (Whitelisted) ================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

FirewallRules: [{D78A86FC-1079-4CDF-A92C-05349AC671DD}] => (Allow) C:Program Files (x86)SteamsteamappscommonDestiny 2destiny2.exe (Bungie Inc. -> Bungie)

FirewallRules: [{A44A9131-EFF4-445C-A584-209AEA307FC3}] => (Allow) C:Program Files (x86)SteamsteamappscommonDestiny 2destiny2.exe (Bungie Inc. -> Bungie)

FirewallRules: [{A3128E3C-FC17-40AB-9D1B-335366AB168A}] => (Allow) C:Program Files (x86)SteamsteamappscommonBusiness TourBusinessTour.exe () [File not signed]

FirewallRules: [{DB597DA8-C1EF-489B-8532-414B2854D92C}] => (Allow) C:Program Files (x86)SteamsteamappscommonBusiness TourBusinessTour.exe () [File not signed]

FirewallRules: [UDP Query User{BDEA4C48-A005-4720-8122-71C81AF6DA2A}C:usershenridownloadssoldatserver2.8.1_1.7.1soldatserver.exe] => (Allow) C:usershenridownloadssoldatserver2.8.1_1.7.1soldatserver.exe () [File not signed]

FirewallRules: [TCP Query User{5A28A2AD-4145-4C8D-A705-10F1F42C678B}C:usershenridownloadssoldatserver2.8.1_1.7.1soldatserver.exe] => (Allow) C:usershenridownloadssoldatserver2.8.1_1.7.1soldatserver.exe () [File not signed]

FirewallRules: [{10B524AB-CBDF-43E1-A397-0A36E21324AC}] => (Allow) C:Program Files (x86)SteamsteamappscommonRustRust.exe (Facepunch Studios Ltd -> Epic Games, Inc)

FirewallRules: [{156BD264-472B-4A8A-B516-7A3C435088F9}] => (Allow) C:Program Files (x86)SteamsteamappscommonRustRust.exe (Facepunch Studios Ltd -> Epic Games, Inc)

FirewallRules: [{1CCFA55B-EEFA-4ECC-AD7C-9903734B9C76}] => (Allow) C:Program Files (x86)SteamsteamappscommonRustStagingRust.exe (Facepunch Studios Ltd -> Epic Games, Inc)

FirewallRules: [{868D6769-76A5-41F4-A870-075057547F2A}] => (Allow) C:Program Files (x86)SteamsteamappscommonRustStagingRust.exe (Facepunch Studios Ltd -> Epic Games, Inc)

FirewallRules: [UDP Query User{338F5D26-9B8D-414F-A2E4-86427D6D4372}C:program files (x86)steamsteamappscommondrunken wrestlers 2dw2.exe] => (Allow) C:program files (x86)steamsteamappscommondrunken wrestlers 2dw2.exe () [File not signed]

FirewallRules: [TCP Query User{A50E7A9A-E4A9-4211-B5D1-24CE7CED3840}C:program files (x86)steamsteamappscommondrunken wrestlers 2dw2.exe] => (Allow) C:program files (x86)steamsteamappscommondrunken wrestlers 2dw2.exe () [File not signed]

FirewallRules: [{D437C810-C2A7-4165-817E-C95AA7D6FD55}] => (Allow) C:Program Files (x86)SteamsteamappscommonDrunken Wrestlers 2DW2_DataManagedDW2LauncherDW2Launcher.exe () [File not signed]

FirewallRules: [{457C9707-2FB7-4FC7-AEB9-A9D19F894CCD}] => (Allow) C:Program Files (x86)SteamsteamappscommonDrunken Wrestlers 2DW2_DataManagedDW2LauncherDW2Launcher.exe () [File not signed]

FirewallRules: [{49590795-84A7-4213-897B-9DDC3E1DEBBF}] => (Allow) C:Program Files (x86)SteamsteamappscommonDrunken WrestlersDrunkenWrestlers.exe () [File not signed]

FirewallRules: [{3D7DAC8F-3C30-432A-84C7-1AF3200BA849}] => (Allow) C:Program Files (x86)SteamsteamappscommonDrunken WrestlersDrunkenWrestlers.exe () [File not signed]

FirewallRules: [UDP Query User{B943EE99-016F-4501-ADA1-FD9788F951CA}C:program files (x86)steamsteamappscommonpubgtslgamebinarieswin64tslgame.exe] => (Allow) C:program files (x86)steamsteamappscommonpubgtslgamebinarieswin64tslgame.exe (PUBG CORPORATION -> Bluehole GinnoGames, Inc.)

FirewallRules: [TCP Query User{4B7396B6-42B5-42EB-9732-0C8712BB8CC2}C:program files (x86)steamsteamappscommonpubgtslgamebinarieswin64tslgame.exe] => (Allow) C:program files (x86)steamsteamappscommonpubgtslgamebinarieswin64tslgame.exe (PUBG CORPORATION -> Bluehole GinnoGames, Inc.)

FirewallRules: [UDP Query User{A9C0E125-81B2-42EB-A17D-4E1A868B33D4}C:program files (x86)steamsteamappscommonpubgtslgamebinarieswin64tslgame.exe] => (Allow) C:program files (x86)steamsteamappscommonpubgtslgamebinarieswin64tslgame.exe (PUBG CORPORATION -> Bluehole GinnoGames, Inc.)

FirewallRules: [TCP Query User{3DEFB9B3-719C-4567-AB28-0B3A2E93C9F5}C:program files (x86)steamsteamappscommonpubgtslgamebinarieswin64tslgame.exe] => (Allow) C:program files (x86)steamsteamappscommonpubgtslgamebinarieswin64tslgame.exe (PUBG CORPORATION -> Bluehole GinnoGames, Inc.)

FirewallRules: [{C4B6D53B-0832-4400-B858-782A3BF4F202}] => (Allow) C:Program Files (x86)SteamsteamappscommonUnturnedUnturned.exe (Smartly Dressed Games Ltd. -> ) [File not signed]

FirewallRules: [{9E3BA78A-E042-4998-99CC-79F384B49F56}] => (Allow) C:Program Files (x86)SteamsteamappscommonUnturnedUnturned.exe (Smartly Dressed Games Ltd. -> ) [File not signed]

FirewallRules: [{EDA8BD09-6CD9-4958-8C69-BC3651EBD39B}] => (Allow) C:Program Files (x86)SteamsteamappscommonUnturnedUnturned_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)

FirewallRules: [{51CDED4F-EDAA-4405-B22D-C3A8F3E68C65}] => (Allow) C:Program Files (x86)SteamsteamappscommonUnturnedUnturned_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)

FirewallRules: [{F0C9DC97-EB4A-44AC-8C64-EBBFFFD7AAE9}] => (Allow) C:Program Files (x86)SteamsteamappscommonStickFightTheGameStickFight.exe () [File not signed]

FirewallRules: [{77B91BAB-CEC7-4D1F-90CC-DE490B8E03E9}] => (Allow) C:Program Files (x86)SteamsteamappscommonStickFightTheGameStickFight.exe () [File not signed]

FirewallRules: [{E2AE3925-D28A-4021-8B6B-CFEA5810FC9C}] => (Allow) C:Program Files (x86)Steambincefcef.win7x64steamwebhelper.exe (Valve -> Valve Corporation)

FirewallRules: [{5A9093EB-8970-4DDB-9AC3-1BC9CC7C5554}] => (Allow) C:Program Files (x86)Steambincefcef.win7x64steamwebhelper.exe (Valve -> Valve Corporation)

FirewallRules: [UDP Query User{19F50156-B1FE-4838-AA98-C1CB76A0C9A2}C:program files (x86)diablo iiix64diablo iii64.exe] => (Allow) C:program files (x86)diablo iiix64diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)

FirewallRules: [TCP Query User{3ABB9345-CA4E-41D8-9585-F928502AE993}C:program files (x86)diablo iiix64diablo iii64.exe] => (Allow) C:program files (x86)diablo iiix64diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)

FirewallRules: [{03FC66C3-838A-4700-BB85-B931F984ECAD}] => (Allow) C:Program Files (x86)SteamsteamappscommonGolf With Your FriendsGolf With Your Friends.exe () [File not signed]

FirewallRules: [{289648A5-2929-4A49-B3EF-A5C6886B63CD}] => (Allow) C:Program Files (x86)SteamsteamappscommonGolf With Your FriendsGolf With Your Friends.exe () [File not signed]

FirewallRules: [UDP Query User{CE2DE4AD-326B-4CAB-9677-725D21755A2E}C:riot gamesleague of legendsgameleague of legends.exe] => (Allow) C:riot gamesleague of legendsgameleague of legends.exe (Riot Games, Inc. -> Riot Games, Inc.)

FirewallRules: [TCP Query User{14A8C696-8F0C-4F71-8270-264706298097}C:riot gamesleague of legendsgameleague of legends.exe] => (Allow) C:riot gamesleague of legendsgameleague of legends.exe (Riot Games, Inc. -> Riot Games, Inc.)

FirewallRules: [{3F0DA3FB-42FD-4EE0-9B9A-F570B410E670}] => (Allow) C:Program Files (x86)SteamsteamappscommonPUBGTslGameBinariesWin64ExecPubg.exe (PUBG CORPORATION -> PUBG Corporation)

FirewallRules: [{12FED576-E914-4D62-AF90-667C2486DB06}] => (Allow) C:Program Files (x86)SteamsteamappscommonPUBGTslGameBinariesWin64ExecPubg.exe (PUBG CORPORATION -> PUBG Corporation)

FirewallRules: [{5CA6A750-A887-43ED-89CE-AFBA15C5593C}] => (Allow) C:Program Files (x86)Steambincefcef.win7steamwebhelper.exe => No File

FirewallRules: [{704565AF-D988-4CD8-BC40-1B8E7D62FFF0}] => (Allow) C:Program Files (x86)Steambincefcef.win7steamwebhelper.exe => No File

FirewallRules: [{C02E0650-7703-4030-9628-2200DD30DB22}] => (Allow) C:Program Files (x86)SteamSteam.exe (Valve -> Valve Corporation)

FirewallRules: [{18B77D33-E1CD-49F3-AF68-870A6CAC6062}] => (Allow) C:Program Files (x86)SteamSteam.exe (Valve -> Valve Corporation)

FirewallRules: [{B415A8F2-FA40-406E-A581-6E9B9907BFC6}] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{F28E198D-3CAB-4A8B-9F09-15404AD83570}] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{F01491CB-66C0-41A5-B8AC-4F31C4D55EB2}] => (Allow) C:Program Files (x86)SteamsteamappscommonRustangeloRustangelo.exe (JaviteSoft) [File not signed]

FirewallRules: [{21214ED6-1B49-47C3-A92D-DE85D8EC64FB}] => (Allow) C:Program Files (x86)SteamsteamappscommonRustangeloRustangelo.exe (JaviteSoft) [File not signed]

FirewallRules: [TCP Query User{092F206B-DE99-4AC8-BC06-9B91AF5F24B5}C:soldatsoldat.exe] => (Allow) C:soldatsoldat.exe (Michal Marcinkowski) [File not signed]

FirewallRules: [UDP Query User{4636E7F5-FF81-40F5-8911-71A4E1BCC75F}C:soldatsoldat.exe] => (Allow) C:soldatsoldat.exe (Michal Marcinkowski) [File not signed]

FirewallRules: [{0E78C161-B66E-4F4B-9688-640FCA862A34}] => (Allow) C:Program Files (x86)SteamsteamappscommonCounter-Strike Global Offensivecsgo.exe (Valve -> )

FirewallRules: [{68A5888D-1F85-44EC-9DD7-4950D2BE1C50}] => (Allow) C:Program Files (x86)SteamsteamappscommonCounter-Strike Global Offensivecsgo.exe (Valve -> )

FirewallRules: [{877E9D89-7D27-41EA-AFE3-43466B57D111}] => (Allow) C:Program Files (x86)SteamsteamappscommonApex LegendsEasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)

FirewallRules: [{4B5FF884-1F13-4CC5-A504-0AB213FC9A45}] => (Allow) C:Program Files (x86)SteamsteamappscommonApex LegendsEasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)

FirewallRules: [TCP Query User{1065541E-921F-4677-B227-5C829553DFE8}C:program filesavast softwareavastavastui.exe] => (Allow) C:program filesavast softwareavastavastui.exe (Avast Software s.r.o. -> AVAST Software)

FirewallRules: [UDP Query User{D6D8E86F-4446-4335-936C-BB865E05A062}C:program filesavast softwareavastavastui.exe] => (Allow) C:program filesavast softwareavastavastui.exe (Avast Software s.r.o. -> AVAST Software)

FirewallRules: [{7A4F5724-0B07-4ACA-983A-15C31359EC86}] => (Allow) C:Program Files (x86)SteamsteamappscommonTitan SoulsTITAN.exe () [File not signed]

FirewallRules: [{2E4C28C4-89BE-48FC-B41F-464AE2EB20B4}] => (Allow) C:Program Files (x86)SteamsteamappscommonTitan SoulsTITAN.exe () [File not signed]

FirewallRules: [TCP Query User{5583B711-29CF-4193-8FFA-D5900925A332}C:usershenridownloadsdownloader_diablo2_lord_of_destruction_enus.exe] => (Allow) C:usershenridownloadsdownloader_diablo2_lord_of_destruction_enus.exe (Blizzard Entertainment) [File not signed]

FirewallRules: [UDP Query User{792373B0-95F6-43D4-8DAD-56C5239F813E}C:usershenridownloadsdownloader_diablo2_lord_of_destruction_enus.exe] => (Allow) C:usershenridownloadsdownloader_diablo2_lord_of_destruction_enus.exe (Blizzard Entertainment) [File not signed]

FirewallRules: [TCP Query User{EC37E2DC-B7D0-452A-BFDA-A340D6D1D5A2}C:usershenridownloadsdownloader_diablo2_enus.exe] => (Allow) C:usershenridownloadsdownloader_diablo2_enus.exe (Blizzard Entertainment) [File not signed]

FirewallRules: [UDP Query User{36BFDE98-36B1-4DFF-A445-A8C9BF2D01FD}C:usershenridownloadsdownloader_diablo2_enus.exe] => (Allow) C:usershenridownloadsdownloader_diablo2_enus.exe (Blizzard Entertainment) [File not signed]

FirewallRules: [{D1EA9085-1FF9-433B-AB0B-B983AC917B3E}] => (Allow) C:Program FilesTeamViewerTeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

FirewallRules: [{8E665D8C-828E-4926-B0F6-B568CC03A38E}] => (Allow) C:Program FilesTeamViewerTeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

FirewallRules: [{B3816F2E-049E-423D-AF5B-E7BDD7D90AE6}] => (Allow) C:Program FilesTeamViewerTeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

FirewallRules: [{F1E65546-6EFA-497F-816E-23C4A06420CB}] => (Allow) C:Program FilesTeamViewerTeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

FirewallRules: [TCP Query User{63FAA0DB-61F1-436F-B885-B40BAFFAB502}C:riot gamesriot clientriotclientservices.exe] => (Allow) C:riot gamesriot clientriotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)

FirewallRules: [UDP Query User{843E565A-930E-4E65-BBC6-8EB487F1CEAE}C:riot gamesriot clientriotclientservices.exe] => (Allow) C:riot gamesriot clientriotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)

FirewallRules: [TCP Query User{37F66B41-35A6-4663-9AA1-029A8EDFF301}C:program fileslghublghub_agent.exe] => (Allow) C:program fileslghublghub_agent.exe (Logitech Inc -> Logitech, Inc.)

FirewallRules: [UDP Query User{0DAA6F65-761C-4715-B4E7-41DB72AF620F}C:program fileslghublghub_agent.exe] => (Allow) C:program fileslghublghub_agent.exe (Logitech Inc -> Logitech, Inc.)

FirewallRules: [TCP Query User{F5397DFF-0F29-416C-B7C1-A3EDFE984871}C:program fileslghublghub_agent.exe] => (Allow) C:program fileslghublghub_agent.exe (Logitech Inc -> Logitech, Inc.)

FirewallRules: [UDP Query User{8FA555CC-7CD3-4C94-9884-F6F79048F99D}C:program fileslghublghub_agent.exe] => (Allow) C:program fileslghublghub_agent.exe (Logitech Inc -> Logitech, Inc.)

FirewallRules: [{12C217B0-525E-44ED-BC73-E146C856C8C8}] => (Allow) C:Riot GamesLeague of LegendsLeagueClient.exe (Riot Games, Inc. -> Riot Games, Inc.)

FirewallRules: [{B2250FD3-1964-470F-9B5B-F4FA867ACDB6}] => (Allow) C:Riot GamesLeague of LegendsLeagueClient.exe (Riot Games, Inc. -> Riot Games, Inc.)

FirewallRules: [{80E35C9E-AD68-47EA-A6AE-0E1F6B0B25DC}] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{B74E4ED0-30A0-454D-9D9E-9EB0A938585F}] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{27A1768D-CB08-4B7F-9D51-2852E7742479}] => (Allow) C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{13EBDA7C-769E-4286-8045-4E1A2ED861FD}] => (Allow) C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [TCP Query User{997E5163-FC9D-4CDC-8CAC-4C2ACB1060A0}C:program filesavast softwareavastavastui.exe] => (Allow) C:program filesavast softwareavastavastui.exe (Avast Software s.r.o. -> AVAST Software)

FirewallRules: [UDP Query User{BA948C57-77F7-4726-A304-74AE81606938}C:program filesavast softwareavastavastui.exe] => (Allow) C:program filesavast softwareavastavastui.exe (Avast Software s.r.o. -> AVAST Software)

FirewallRules: [{E7EB341E-2194-4DA7-97DB-6D3721C310B6}] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{77ED9AB1-1711-4088-A162-E7DE309AC793}] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{39F37661-8790-439F-A42E-0A44DB665E84}] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{9482E97B-0750-4E5F-AC5A-C8F5E62125DB}] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [TCP Query User{B5AED934-3D94-4414-AA18-6C8DADB085FE}C:riot gamesriot clientriotclientservices.exe] => (Allow) C:riot gamesriot clientriotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)

FirewallRules: [UDP Query User{5D79D9BD-2482-4CAF-8044-C41830085C71}C:riot gamesriot clientriotclientservices.exe] => (Allow) C:riot gamesriot clientriotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)

FirewallRules: [{5C55914B-A3FF-487A-B957-C798E542C58E}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.167.586.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [{A67CD354-D5CF-4C67-AAC6-1529AC44EDB9}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.167.586.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [{F718F5E8-8E9B-40D3-96BE-3F7EBD0E0E1A}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.167.586.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [{5CD59306-C185-431A-B902-9FAF30ECBC94}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.167.586.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [{E95FC504-B694-4D8C-8F25-8611751BDFB1}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.167.586.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [{6FF434CA-3949-45FA-BE5D-2FD5CC589E25}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.167.586.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [{BE3B12B8-DD54-4E3B-ABC5-BC1702AA7FAB}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.167.586.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [{81F6BCCE-BC50-4B5D-B57B-63EE4D2E72E1}] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.167.586.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [{14A9E5B7-01C4-4953-A77B-31E9BCB9E5EE}] => (Block) C:Program FilesAVAST SoftwareAvastAvastUI.exe (Avast Software s.r.o. -> AVAST Software)

FirewallRules: [{BE4EF82D-4BCE-4B0C-B3CC-B56F1BBEEDFE}] => (Block) C:Program FilesAVAST SoftwareAvastAvastUI.exe (Avast Software s.r.o. -> AVAST Software)

FirewallRules: [{3733E4B2-F80A-4106-9D32-82AC4B6541E3}] => (Allow) C:Program Files (x86)GoogleChromeApplicationchrome.exe (Google LLC -> Google LLC)

FirewallRules: [TCP Query User{277AFBE4-269F-4E77-9392-CEB34854D4E2}C:soldatsoldat.exe] => (Allow) C:soldatsoldat.exe (Michal Marcinkowski) [File not signed]

FirewallRules: [UDP Query User{DFBCF196-5EF5-4734-B641-3841A85E82D1}C:soldatsoldat.exe] => (Allow) C:soldatsoldat.exe (Michal Marcinkowski) [File not signed]

FirewallRules: [{C77C7F4E-3B74-46CF-A0FB-A757F1579BCF}] => (Allow) C:Program Files (x86)Overwolf .178.0.16OverwolfBrowser.exe => No File

FirewallRules: [{08F4D430-6887-4EAD-BDC4-558E3689B707}] => (Allow) C:Program Files (x86)Overwolf .178.0.16OverwolfBrowser.exe => No File

FirewallRules: [{4A139892-A701-43EF-AC01-71C76A7BB320}] => (Block) C:Program Files (x86)Overwolf .178.0.16OverwolfBrowser.exe => No File

FirewallRules: [{805E5888-E963-4C6A-B628-13125DD9F092}] => (Block) C:Program Files (x86)Overwolf .178.0.16OverwolfBrowser.exe => No File

FirewallRules: [{C8758271-53C6-4522-9BB2-1921182766CE}] => (Allow) C:Program Files (x86)Overwolf .180.0.5OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)

FirewallRules: [{0109785C-D8F5-4FFA-9E2F-4A1F7218EC9E}] => (Allow) C:Program Files (x86)Overwolf .180.0.5OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)

FirewallRules: [{690CC198-CF53-4D02-9DEB-5F278DD29083}] => (Block) C:Program Files (x86)Overwolf .180.0.5OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)

FirewallRules: [{8978A4C9-C4FE-4936-B6D2-039517CA0ADF}] => (Block) C:Program Files (x86)Overwolf .180.0.5OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)

 

==================== Restore Points =========================

 

29-08-2021 17:30:27 Ajoitettu tarkistuspiste

02-09-2021 17:26:33 Microsoft Visual C++ 2015-2019 Redistributable (x86) – 14.28.29914

09-09-2021 17:51:07 Ajoitettu tarkistuspiste

 

==================== Faulty Device Manager Devices ============

 

 

==================== Event log errors: ========================

 

Application errors:

==================

Error: (09/12/2021 09:05:33 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Viallisen sovelluksen nimi: Razer Synapse Service Process.exe, versio: 1.0.0.0, aikaleima: 0x61231037

Viallisen moduulin nimi: KERNELBASE.dll, versio: 10.0.19041.1151, aikaleima: 0x5da51925

Poikkeuskoodi: 0xc000041d

Virhepoikkeama: 0x0012b512

Viallisen prosessin tunnus: 0x21bc

Viallisen sovelluksen käynnistysaika: 0x01d7a6e7f2f06b7f

Viallisen sovelluksen polku: C:Program Files (x86)RazerSynapse3Service..UserProcessRazer Synapse Service Process.exe

Viallisen moduulin polku: C:WINDOWSSystem32KERNELBASE.dll

Raportin tunnus: b67b6911-7d86-4ebd-91e8-e2516a86169b

Viallisen paketin koko nimi: 

Viallisen paketin suhteellinen sovellustunnus:

 

Error: (09/12/2021 09:05:32 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Viallisen sovelluksen nimi: Razer Synapse Service Process.exe, versio: 1.0.0.0, aikaleima: 0x61231037

Viallisen moduulin nimi: KERNELBASE.dll, versio: 10.0.19041.1151, aikaleima: 0x5da51925

Poikkeuskoodi: 0xc0020001

Virhepoikkeama: 0x0012b512

Viallisen prosessin tunnus: 0x21bc

Viallisen sovelluksen käynnistysaika: 0x01d7a6e7f2f06b7f

Viallisen sovelluksen polku: C:Program Files (x86)RazerSynapse3Service..UserProcessRazer Synapse Service Process.exe

Viallisen moduulin polku: C:WINDOWSSystem32KERNELBASE.dll

Raportin tunnus: 8acb8dc9-fd47-47f6-8cc5-148b54587de0

Viallisen paketin koko nimi: 

Viallisen paketin suhteellinen sovellustunnus:

 

Error: (09/12/2021 09:05:32 PM) (Source: .NET Runtime) (EventID: 1026) (User: )

Description: Sovellus: Razer Synapse Service Process.exe

Framework-versio: v4.0.30319

Kuvaus: Prosessi keskeytettiin käsittelemättömän poikkeuksen vuoksi.

Poikkeuksen tiedot: System.ObjectDisposedException

   kohteessa System.IO.__Error.FileNotOpen()

   kohteessa System.IO.FileStream.Flush(Boolean)

   kohteessa System.IO.FileStream.Flush()

   kohteessa System.IO.StreamWriter.Flush(Boolean, Boolean)

   kohteessa System.IO.StreamWriter.Flush()

   kohteessa Microsoft.VisualBasic.Logging.FileLogTraceListener+ReferencedStream.CloseStream()

   kohteessa Microsoft.VisualBasic.Logging.FileLogTraceListener.CloseCurrentStream()

   kohteessa Microsoft.VisualBasic.Logging.FileLogTraceListener.WriteLine(System.String)

   kohteessa Synapse3.UserInteractive.SynapseProcessListener.WriteLine(System.String)

   kohteessa Microsoft.VisualBasic.Logging.FileLogTraceListener.TraceEvent(System.Diagnostics.TraceEventCache, System.String, System.Diagnostics.TraceEventType, Int32, System.String)

   kohteessa System.Diagnostics.TraceInternal.TraceEvent(System.Diagnostics.TraceEventType, Int32, System.String, System.Object[])

   kohteessa Synapse3.UserInteractive.DeviceDetectionHandler.Stop()

   kohteessa Synapse3.UserInteractive.DeviceDetectionHandler.Finalize()

 

Error: (09/12/2021 06:24:05 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-GRGC1LB)

Description: Palvelinpalvelun resurssiobjektia ei voi avata. Dataosan ensimmäiset neljä tavua (DWORD) sisältävät tilakoodin.

 

Error: (09/11/2021 03:07:47 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-GRGC1LB)

Description: Palvelinpalvelun resurssiobjektia ei voi avata. Dataosan ensimmäiset neljä tavua (DWORD) sisältävät tilakoodin.

 

Error: (09/11/2021 03:07:47 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-GRGC1LB)

Description: Palvelinpalvelun resurssiobjektia ei voi avata. Dataosan ensimmäiset neljä tavua (DWORD) sisältävät tilakoodin.

 

Error: (09/11/2021 09:18:06 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT-hallinta)

Description: Toinen prosessi on ladannut käyttäjärakenteen (rekisterilukko). Prosessin nimi: C:WindowsSystem32svchost.exe, PID: 4564, ProfSvc PID: 1524.

 

Error: (09/11/2021 09:18:06 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT-hallinta)

Description: Toinen prosessi on ladannut käyttäjärakenteen (rekisterilukko). Prosessin nimi: C:Program FilesAVAST SoftwareAvastaswToolsSvc.exe, PID: 3732, ProfSvc PID: 1524.

 

 

System errors:

=============

Error: (09/13/2021 09:50:57 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-GRGC1LB)

Description: DCOM vastaanotti virheen “1084” yrittäessään käynnistää palvelun ShellHWDetection  argumenteilla “Ei käytettävissä” suorittaakseen palvelinosan: 

{DD522ACC-F821-461A-A407-50B198B896DC}

 

Error: (09/13/2021 09:50:44 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-GRGC1LB)

Description: DCOM vastaanotti virheen “1084” yrittäessään käynnistää palvelun ShellHWDetection  argumenteilla “Ei käytettävissä” suorittaakseen palvelinosan: 

{DD522ACC-F821-461A-A407-50B198B896DC}

 

Error: (09/13/2021 09:50:36 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-GRGC1LB)

Description: DCOM vastaanotti virheen “1084” yrittäessään käynnistää palvelun ShellHWDetection  argumenteilla “Ei käytettävissä” suorittaakseen palvelinosan: 

{DD522ACC-F821-461A-A407-50B198B896DC}

 

Error: (09/13/2021 09:50:31 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-GRGC1LB)

Description: DCOM vastaanotti virheen “1084” yrittäessään käynnistää palvelun ShellHWDetection  argumenteilla “Ei käytettävissä” suorittaakseen palvelinosan: 

{DD522ACC-F821-461A-A407-50B198B896DC}

 

Error: (09/13/2021 09:50:18 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-GRGC1LB)

Description: DCOM vastaanotti virheen “1084” yrittäessään käynnistää palvelun ShellHWDetection  argumenteilla “Ei käytettävissä” suorittaakseen palvelinosan: 

{DD522ACC-F821-461A-A407-50B198B896DC}

 

Error: (09/13/2021 09:50:12 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-GRGC1LB)

Description: DCOM vastaanotti virheen “1084” yrittäessään käynnistää palvelun ShellHWDetection  argumenteilla “Ei käytettävissä” suorittaakseen palvelinosan: 

{DD522ACC-F821-461A-A407-50B198B896DC}

 

Error: (09/13/2021 09:50:06 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-GRGC1LB)

Description: DCOM vastaanotti virheen “1084” yrittäessään käynnistää palvelun ShellHWDetection  argumenteilla “Ei käytettävissä” suorittaakseen palvelinosan: 

{DD522ACC-F821-461A-A407-50B198B896DC}

 

Error: (09/13/2021 09:50:03 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-GRGC1LB)

Description: DCOM vastaanotti virheen “1084” yrittäessään käynnistää palvelun WSearch  argumenteilla “Ei käytettävissä” suorittaakseen palvelinosan: 

{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

 

 

CodeIntegrity:

===============

Date: 2021-09-13 10:34:46

Description: 

Code Integrity determined that a process (DeviceHarddiskVolume3WindowsSystem32svchost.exe) attempted to load DeviceHarddiskVolume3Program FilesAVAST SoftwareAvastaswAMSI.dll that did not meet the Windows signing level requirements.

 

Date: 2021-09-13 10:31:44

Description: 

Code Integrity determined that a process (DeviceHarddiskVolume3Program FilesWindows DefenderMpCmdRun.exe) attempted to load DeviceHarddiskVolume3Program FilesAVAST SoftwareAvastaswAMSI.dll that did not meet the Microsoft signing level requirements.

 

 

==================== Memory info =========================== 

 

BIOS: American Megatrends Inc. 1820 09/12/2019

Motherboard: ASUSTeK COMPUTER INC. PRIME B450-PLUS

Processor: AMD Ryzen 5 3600 6-Core Processor 

Percentage of memory in use: 19%

Total physical RAM: 32705.98 MB

Available physical RAM: 26231.77 MB

Total Virtual: 37569.98 MB

Available Virtual: 29079.67 MB

 

==================== Drives ================================

 

Drive c: (Windows) (Fixed) (Total:475.74 GB) (Free:72.82 GB) NTFS

 

?Volume{d820214d-2e39-44da-8385-07294b728759} (Recovery tools) (Fixed) (Total:0.98 GB) (Free:0.49 GB) NTFS

?Volume{367ab8d3-033d-4e2f-8352-a48d62a95cbb} (SYSTEM) (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

 

==================== MBR & Partition Table ====================

 

==========================================================

Disk: 0 (Size: 476.9 GB) (Disk ID: 50A2CA8F)

 

Partition: GPT.

 

==================== End of Addition.txt =======================



Source link