Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-03-2022
- Ran by hp (administrator) on HPPAVILLION (HP HP Pavilion Gaming Laptop 15-ec0xxx) (14-03-2022 14:04:12)
- Running from E:\
- Loaded Profiles: hp
- Platform: Microsoft Windows 10 Home Single Language Version 21H2 19044.1586 (X64) Language: English (United States)
- Default browser: Chrome
- Boot Mode: Safe Mode (with Networking)
- ==================== Processes (Whitelisted) =================
- (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
- (C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
- (explorer.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
- (services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
- (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MsMpEng.exe
- (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\HelpPane.exe
- (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe
- (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\smartscreen.exe
- ==================== Registry (Whitelisted) ===================
- (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
- HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [971256 2019-09-11] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
- HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [1675680 2021-09-24] (Logitech Inc -> Logitech, Inc.)
- HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech)
- HKLM\...\Run: [XMouseButtonControl] => C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe [1684216 2020-05-13] (Open Source Developer, Phillip Gibbons -> Highresolution Enterprises)
- HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [157464 2022-03-13] (Avast Software s.r.o. -> AVAST Software)
- HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
- HKLM-x32\...\Run: [Genshin Impact_launcher_mihoyo_1_0] => [X]
- HKLM-x32\...\Run: [Genshin Impact_launcher__1_1] => [X]
- HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [707256 2021-12-15] (Oracle America, Inc. -> Oracle Corporation)
- HKLM-x32\...\Run: [ClamWin] => C:\Program Files (x86)\ClamWin\bin\ClamTray.exe [86016 2021-06-07] (alch) [File not signed]
- HKLM\...\RunOnce: [AvRepair] => C:\Program Files\Avast Software\Avast\setup\instup.exe [3518792 2022-03-08] (Avast Software s.r.o. -> AVAST Software)
- HKU\S-1-5-21-2113894074-3168776188-2620891215-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\hp\AppData\Local\Microsoft\Teams\Update.exe [2459304 2021-12-27] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
- HKU\S-1-5-21-2113894074-3168776188-2620891215-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4279208 2022-03-09] (Valve Corp. -> Valve Corporation)
- HKU\S-1-5-21-2113894074-3168776188-2620891215-1001\...\Run: [Gaijin.Net Updater] => C:\Users\hp\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2374376 2020-12-03] (Gaijin Network LTD -> Gaijin)
- HKU\S-1-5-21-2113894074-3168776188-2620891215-1001\...\Run: [Discord] => C:\Users\hp\AppData\Local\Discord\Update.exe [1512104 2021-05-24] (Discord Inc. -> GitHub)
- HKU\S-1-5-21-2113894074-3168776188-2620891215-1001\...\Run: [PrivadoVPN] => C:\Program Files (x86)\PrivadoVPN\PrivadoVPN.exe [5021360 2022-01-27] (Privado Networks LLC -> Privado Networks AG)
- HKU\S-1-5-21-2113894074-3168776188-2620891215-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1802072 2022-03-02] (Overwolf Ltd -> Overwolf Ltd.)
- HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\99.0.4844.51\Installer\chrmstp.exe [2022-03-04] (Google LLC -> Google LLC)
- Startup: C:\Users\hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Luminar AI.lnk [2021-11-03]
- ShortcutTarget: Luminar AI.lnk -> C:\Program Files\Skylum\Luminar AI\Luminar AI.exe (Skylum Software USA, Inc. -> Skylum)
- GroupPolicy: Restriction ? <==== ATTENTION
- GroupPolicy\User: Restriction ? <==== ATTENTION
- Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
- HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
- ==================== Scheduled Tasks (Whitelisted) ============
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- Task: {0AE550CF-804E-4FEB-86B9-4B018724852C} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [647376 2022-01-28] (Nvidia Corporation -> NVIDIA Corporation)
- Task: {0CA684CC-FB66-4688-9EDA-5F2C14F3FC58} - System32\Tasks\BlueStacksHelper_nxt => C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe [275136 2022-02-22] (Bluestack Systems, Inc -> BlueStack Systems, Inc.)
- Task: {21CDF0A9-4060-446C-909D-BFD73CD9E44A} - System32\Tasks\Opera scheduled Autoupdate 1633436364 => C:\Users\hp\AppData\Local\Programs\Opera\launcher.exe [2470608 2022-03-03] (Opera Software AS -> Opera Software)
- Task: {24055AC9-3D0A-43C8-BF63-54E32A672FF8} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe (No File)
- Task: {2A7F5BBE-93BC-4ECE-9023-7597D1B05454} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1148080 2021-10-27] (HP Inc. -> HP Inc.)
- Task: {347DD35B-569A-48A4-9177-198CD250B310} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe /s (No File)
- Task: {37AF52B8-FF96-4DAF-8E6B-48B7ACD8A54A} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1709048 2022-01-18] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
- Task: {433192F6-5953-4FD6-80A6-289D8086E955} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (No File)
- Task: {46D7A624-BE6E-4C0F-A64B-08FFE699B4D7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MpCmdRun.exe [925848 2022-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
- Task: {60D9C46B-05FB-4259-9ADC-5097595357FF} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
- Task: {6680FD6A-88C2-452F-8C86-F4E5478854A2} - System32\Tasks\Opera scheduled Autoupdate 1644690153 => C:\Users\hp\AppData\Local\Programs\Opera\launcher.exe [2470608 2022-03-03] (Opera Software AS -> Opera Software)
- Task: {6C485E76-8A8E-44AA-8F04-9901EC43B825} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [314032 2021-10-27] (HP Inc. -> HP Inc.)
- Task: {6DF2D759-4A49-4FF9-B64F-D6968949DAB3} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1656320 2022-01-28] (Nvidia Corporation -> NVIDIA Corporation)
- Task: {71453500-937E-4229-8F0F-23307518AA38} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1709048 2022-01-18] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
- Task: {721912F8-9F51-49BD-B6FC-3FB08A7C93F5} - System32\Tasks\StartCNBM => C:\Program Files\AMD\CNext\CNext\cncmd.exe [63448 2021-06-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
- Task: {7587E479-20DE-49A6-A6FF-05E9BDBA57D2} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (No File)
- Task: {7851960F-DC19-40E7-9994-EB09DC55C885} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MpCmdRun.exe [925848 2022-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
- Task: {86CA5A4D-FAF7-4283-ACF5-8AE0E9A8A301} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-08-11] (Google LLC -> Google LLC)
- Task: {8BB455EF-1FBE-4B5E-ABF8-3CD9961C1049} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MpCmdRun.exe [925848 2022-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
- Task: {8BC25BDE-6A9D-4B2C-8467-2D0EA128B808} - System32\Tasks\StartAUEP => C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe [652792 2022-01-18] (Advanced Micro Devices Inc. -> AMD)
- Task: {8DD4BF67-31B3-445D-AB06-C8390308576A} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2540376 2022-03-02] (Overwolf Ltd -> Overwolf LTD)
- Task: {90F1699E-8DF1-4788-BD0A-F254456DB0E1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-08-11] (Google LLC -> Google LLC)
- Task: {A62C8B57-D923-4ABE-BC49-C572093FF208} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [136368 2021-10-27] (HP Inc. -> HP Inc.)
- Task: {B96C553B-C65C-4C1D-A82C-E03C9FB0E1E6} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-01-28] (Nvidia Corporation -> NVIDIA Corporation)
- Task: {BA6667EF-7B04-4978-A338-41AC3EC8C08E} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1656320 2022-01-28] (Nvidia Corporation -> NVIDIA Corporation)
- Task: {C30F890A-1852-4A09-AFFD-78C7A3F59DA8} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1709048 2022-01-18] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
- Task: {C6F4E515-B04B-441B-9776-9CB3F96BE796} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339472 2022-02-03] (Nvidia Corporation -> NVIDIA Corporation)
- Task: {C7757D8E-F124-4CEF-8F5D-8608B225A229} - System32\Tasks\Opera scheduled assistant Autoupdate 1633436367 => C:\Users\hp\AppData\Local\Programs\Opera\launcher.exe [2470608 2022-03-03] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\hp\AppData\Local\Programs\Opera\assistant" $(Arg0)
- Task: {C7909DE8-CE8A-4E33-8438-3B16CA9C5609} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1009872 2021-11-03] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
- Task: {C8B361B1-96D0-444B-A87B-57938490C89A} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [260600 2021-12-01] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
- Task: {C91D0070-9F2E-43AA-ACA1-983CABDB223F} - System32\Tasks\AMDRyzenMasterSDKTask => C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe [358912 2022-01-18] (Advanced Micro Devices, Inc.) [File not signed]
- Task: {CD80C61D-FD4F-403A-A9FA-65860CACC0FE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1148080 2021-10-27] (HP Inc. -> HP Inc.)
- Task: {D2AF121A-3975-4507-B17B-1D8819679147} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1656320 2022-01-28] (Nvidia Corporation -> NVIDIA Corporation)
- Task: {D6D71F8B-6014-48ED-809E-7F4B0F77422A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MpCmdRun.exe [925848 2022-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
- Task: {D9A1101B-E005-44D1-AC85-DEA3516FC3B9} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1656320 2022-01-28] (Nvidia Corporation -> NVIDIA Corporation)
- Task: {E392BC75-563C-4CFF-B62D-063C9C24796F} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-01-28] (Nvidia Corporation -> NVIDIA Corporation)
- Task: {F720DB6F-E4E8-4196-B08A-121044713D0B} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [63448 2021-06-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
- (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
- Task: C:\WINDOWS\Tasks\Avast Emergency Update.job => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe
- Task: C:\WINDOWS\Tasks\Avast SecureLine VPN Update.job => C:\Program Files\Avast Software\SecureLine VPN\VpnUpdate.exe
- Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
- ==================== Internet (Whitelisted) ====================
- (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
- Hosts: 51.77.11.177 s.optifine.net
- Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
- Tcpip\..\Interfaces\{2979fbf3-fd93-4718-a058-7572f4603f92}: [DhcpNameServer] 192.168.1.1
- Tcpip\..\Interfaces\{8c6fd4c6-485b-4a6a-b856-8dcfa8e1b942}: [NameServer] 1.1.1.1,1.0.0.1
- Tcpip\..\Interfaces\{8c6fd4c6-485b-4a6a-b856-8dcfa8e1b942}: [DhcpNameServer] 192.168.1.1
- Tcpip\..\Interfaces\{91bffd2b-74e0-4b0a-8374-553c8a72418f}: [DhcpNameServer] 198.18.0.1 198.18.0.2
- Edge:
- =======
- Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
- Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
- Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
- Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
- Edge Profile: C:\Users\hp\AppData\Local\Microsoft\Edge\User Data\Default [2022-03-14]
- FireFox:
- ========
- FF DefaultProfile: higjfhw8.default
- FF ProfilePath: C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\higjfhw8.default [2021-09-20]
- FF ProfilePath: C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\s8cqre9q.default-release [2022-03-11]
- FF DownloadDir: D:\Youtube\Actual Videos
- FF Extension: (AdBlock — best ad blocker) - C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\s8cqre9q.default-release\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2022-02-15]
- FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt => not found
- FF Plugin: @java.com/DTPlugin,version=11.321.2 -> C:\Program Files\Java\jre1.8.0_321\bin\dtplugin\npDeployJava1.dll [2022-02-19] (Oracle America, Inc. -> Oracle Corporation)
- FF Plugin: @java.com/JavaPlugin,version=11.321.2 -> C:\Program Files\Java\jre1.8.0_321\bin\plugin2\npjp2.dll [2022-02-19] (Oracle America, Inc. -> Oracle Corporation)
- FF Plugin-x32: @java.com/DTPlugin,version=11.321.2 -> C:\Program Files (x86)\Java\jre1.8.0_321\bin\dtplugin\npDeployJava1.dll [2022-02-26] (Oracle America, Inc. -> Oracle Corporation)
- FF Plugin-x32: @java.com/JavaPlugin,version=11.321.2 -> C:\Program Files (x86)\Java\jre1.8.0_321\bin\plugin2\npjp2.dll [2022-02-26] (Oracle America, Inc. -> Oracle Corporation)
- Chrome:
- =======
- CHR DefaultProfile: Default
- CHR Profile: C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default [2022-03-14]
- CHR DownloadDir: E:\
- CHR Extension: (Slides) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-08-11]
- CHR Extension: (Docs) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-08-11]
- CHR Extension: (Google Drive) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-08-11]
- CHR Extension: (YouTube) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-08-11]
- CHR Extension: (Sheets) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-08-11]
- CHR Extension: (Google Docs Offline) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-02-17]
- CHR Extension: (Volume Master) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\jghecgabfgfdldnmbfkhmffcabddioke [2022-01-07]
- CHR Extension: (Free VPN for Chrome - VPN Proxy VeePN) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\majdfhpaihoncoakbjgbdhglocklcgno [2022-03-08]
- CHR Extension: (Chrome Web Store Payments) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-08-11]
- CHR Extension: (Gmail) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-08-11]
- CHR Profile: C:\Users\hp\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-03-01]
- CHR Profile: C:\Users\hp\AppData\Local\Google\Chrome\User Data\Profile 1 [2022-03-12]
- CHR Extension: (Slides) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-08-11]
- CHR Extension: (Docs) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2021-08-11]
- CHR Extension: (Google Drive) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-08-11]
- CHR Extension: (YouTube) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-08-11]
- CHR Extension: (Honey) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2022-03-12]
- CHR Extension: (Sheets) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-08-11]
- CHR Extension: (Google Docs Offline) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-02-19]
- CHR Extension: (AdBlock — best ad blocker) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-03-08]
- CHR Extension: (Chrome Web Store Payments) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-08-11]
- CHR Extension: (Gmail) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-08-11]
- CHR Profile: C:\Users\hp\AppData\Local\Google\Chrome\User Data\System Profile [2022-01-04]
- CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
- Opera:
- =======
- OPR Profile: C:\Users\hp\AppData\Roaming\Opera Software\Opera Stable [2022-02-18]
- OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
- OPR Extension: (Rich Hints Agent) - C:\Users\hp\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-02-18]
- OPR Extension: (Amazon Assistant Promotion) - C:\Users\hp\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2022-02-12]
- ==================== Services (Whitelisted) ===================
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- S3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8483920 2022-03-13] (Avast Software s.r.o. -> AVAST Software)
- S2 AUEPLauncher; C:\Program Files\AMD\CIM\..\Performance Profile Client\AUEPDU.exe [504824 2022-01-18] (Advanced Micro Devices Inc. -> AMD)
- S2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [564504 2022-03-13] (Avast Software s.r.o. -> AVAST Software)
- S2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [1957144 2022-03-14] (Avast Software s.r.o. -> AVAST Software)
- S2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [563992 2022-03-13] (Avast Software s.r.o. -> AVAST Software)
- S2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2022-03-13] (Avast Software s.r.o. -> AVAST Software)
- S2 cexecsvc; C:\WINDOWS\system32\cexecsvc.exe [237368 2021-12-01] (Microsoft Windows -> Microsoft Corporation)
- S2 CleanupPSvc; C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe [13738776 2022-03-14] (Avast Software s.r.o. -> AVAST Software)
- S2 DPMService; C:\Program Files\Dell\Dell Peripheral Manager\DPMService.exe [1688624 2021-09-21] (IndiLogic LLC -> Dell Inc.)
- S2 DriverUpdSvc; C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe [7207192 2022-03-14] (Avast Software s.r.o. -> AVAST Software)
- S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [805488 2021-11-22] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
- S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029472 2021-10-15] (Epic Games Inc. -> Epic Games, Inc.)
- S2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [905080 2020-03-18] (HP Inc. -> HP Inc.)
- S2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_28a78a8b4b54e457\x64\AppHelperCap.exe [762920 2022-01-19] (HP Inc. -> HP Inc.)
- S2 HPDiagsCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_28a78a8b4b54e457\x64\DiagsCap.exe [759800 2022-01-19] (HP Inc. -> HP Inc.)
- S2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_28a78a8b4b54e457\x64\NetworkCap.exe [756736 2022-01-19] (HP Inc. -> HP Inc.)
- S2 HPOmenCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpomencustomcapcomp.inf_amd64_847b260ab5f9550b\x64\OmenCap\OmenCap.exe [690168 2021-10-21] (HP Inc. -> HP Inc.)
- S2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_28a78a8b4b54e457\x64\SysInfoCap.exe [760304 2022-01-19] (HP Inc. -> HP Inc.)
- S2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_54a828a51f6769c8\x64\TouchpointAnalyticsClientService.exe [494672 2021-11-21] (HP Inc. -> HP Inc.)
- R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8019640 2022-03-14] (Malwarebytes Inc -> Malwarebytes)
- S2 NbfcService; C:\Program Files (x86)\NoteBook FanControl\NbfcService.exe [8704 2019-04-14] (StagWare) [File not signed]
- S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2540376 2022-03-02] (Overwolf Ltd -> Overwolf LTD)
- S2 PrivadoVPN.Service; C:\Program Files (x86)\PrivadoVPN\PrivadoVPN.Service.exe [58032 2022-01-27] (Privado Networks LLC -> Privado Networks AG)
- S3 ProtonVPN Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe [119912 2022-02-03] (Proton Technologies AG -> )
- S3 ProtonVPN Update Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.UpdateService.exe [65640 2022-02-03] (Proton Technologies AG -> )
- S3 ProtonVPN WireGuard; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.WireGuardService.exe [50792 2022-02-03] (Proton Technologies AG -> )
- S2 SecureLine; C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe [9608984 2022-03-14] (Avast Software s.r.o. -> AVAST Software)
- S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [746728 2021-11-22] (Oracle Corporation -> Oracle Corporation)
- S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\NisSrv.exe [2909208 2022-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
- R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MsMpEng.exe [128376 2022-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
- S3 WireGuardTunnel$PrivadoVPN; C:\Program Files (x86)\PrivadoVPN\PrivadoVPN.Wireguard.Service.exe [19120 2022-01-27] (Privado Networks LLC -> Privado Networks AG)
- S2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvhm.inf_amd64_d745ea92fee8ab77\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvhm.inf_amd64_d745ea92fee8ab77\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
- ===================== Drivers (Whitelisted) ===================
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- R3 Accelerometer; C:\WINDOWS\System32\drivers\Accelerometer.sys [50616 2021-11-24] (WDKTestCert VssAdministrator,132811656475919983 -> HP)
- R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [33216 2021-12-02] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
- S2 AMDRyzenMasterDriverV19; C:\WINDOWS\system32\AMDRyzenMasterDriver.sys [43336 2021-07-07] (Advanced Micro Devices INC. -> Advanced Micro Devices)
- R3 AMDSAFD; C:\WINDOWS\System32\DriverStore\FileRepository\amdsafd.inf_amd64_edd3335a4253bf6d\amdsafd.sys [109520 2021-11-05] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
- S3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0376032.inf_amd64_1a2e19f1369fd940\B375758\amdkmdag.sys [82950024 2022-01-25] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
- R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [65168 2021-08-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
- R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [36784 2022-03-13] (Avast Software s.r.o. -> AVAST Software)
- S1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [228928 2022-03-13] (Avast Software s.r.o. -> AVAST Software)
- S1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [370752 2022-03-13] (Avast Software s.r.o. -> AVAST Software)
- S0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [252992 2022-03-13] (Avast Software s.r.o. -> AVAST Software)
- S0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [100416 2022-03-13] (Avast Software s.r.o. -> AVAST Software)
- S0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [21936 2022-03-13] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
- R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42416 2022-03-13] (Avast Software s.r.o. -> AVAST Software)
- S1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [269440 2022-03-13] (Avast Software s.r.o. -> AVAST Software)
- R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [546320 2022-03-13] (Avast Software s.r.o. -> AVAST Software)
- R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108912 2022-03-13] (Avast Software s.r.o. -> AVAST Software)
- S0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83976 2022-03-13] (Avast Software s.r.o. -> AVAST Software)
- S1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [855336 2022-03-13] (Avast Software s.r.o. -> AVAST Software)
- S1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [551920 2022-03-13] (Avast Software s.r.o. -> AVAST Software)
- S2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215920 2022-03-13] (Avast Software s.r.o. -> AVAST Software)
- S0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [318760 2022-03-13] (Avast Software s.r.o. -> AVAST Software)
- S3 aswVpnRdr; C:\WINDOWS\System32\drivers\aswVpnRdr.sys [59008 2022-03-14] (Avast Software s.r.o. -> Avast Software)
- S2 BlueStacksDrv_nxt; C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys [320728 2022-02-22] (Bluestack Systems, Inc -> Bluestack System Inc.)
- S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2021-09-03] (Microsoft Corporation) [File not signed]
- S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
- R1 dokan1; C:\WINDOWS\System32\DRIVERS\dokan1.sys [138760 2021-01-14] (ADAPP SASU -> Dokan Project)
- R3 DPMDriver; C:\WINDOWS\System32\drivers\DPMDriver.sys [133864 2020-10-02] (IndiLogic LLC -> Dell Inc.)
- R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_a955fa431e522f5e\x64\hpcustomcapdriver.sys [25592 2021-09-16] (HP Inc. -> HP Inc.)
- R0 hpdskflt; C:\WINDOWS\System32\drivers\hpdskflt.sys [60448 2021-11-24] (WDKTestCert VssAdministrator,132811656475919983 -> HP)
- R3 HPOmenCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpomencustomcapdriver.inf_amd64_326f2e1d16385daf\x64\hpomencustomcapdriver.sys [33464 2018-12-20] (HP Inc. -> HP Inc.)
- S2 HpReadHWData; C:\WINDOWS\system32\drivers\HpReadHWData.sys [42392 2021-10-20] (WDKTestCert liaow,132675391035378460 -> Windows (R) Win 7 DDK provider)
- S2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [221096 2022-03-14] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
- S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2022-03-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
- R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2022-03-14] (Malwarebytes Inc -> Malwarebytes)
- R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48552 2021-11-01] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
- S3 ProtonVPNCallout; C:\Program Files (x86)\Proton Technologies\ProtonVPN\x64\Win10\ProtonVPN.CalloutDriver.sys [34176 2021-05-28] (Microsoft Windows Hardware Compatibility Publisher -> Proton Technologies AG)
- R1 rtf64; C:\WINDOWS\system32\DRIVERS\rtf64x64.sys [62352 2019-03-19] (Realtek Semiconductor Corp. -> Realtek)
- S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
- R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2021-09-13] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
- R3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49024 2021-05-28] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
- R3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [239672 2021-11-22] (Oracle Corporation -> Oracle Corporation)
- R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [249584 2021-11-22] (Oracle Corporation -> Oracle Corporation)
- R3 ViGEmBus; C:\WINDOWS\System32\DriverStore\FileRepository\vigembus.inf_amd64_e84845c70c38fbe7\x64\ViGEmBus.sys [74648 2018-08-01] (HP Inc. -> Benjamin Höglinger-Stelzer)
- R3 vmulti; C:\WINDOWS\System32\drivers\vmulti.sys [10752 2017-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
- S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2022-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
- S0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [438520 2022-02-10] (Microsoft Windows -> Microsoft Corporation)
- S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90360 2022-02-10] (Microsoft Windows -> Microsoft Corporation)
- S1 WinRing0_1_2_0; C:\Program Files (x86)\NoteBook FanControl\WinRing0x64.sys [14544 2021-08-11] (Noriyuki MIYAZAKI -> OpenLibSys.org)
- R3 wintun; C:\WINDOWS\system32\DRIVERS\wintun.sys [29680 2021-11-17] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
- S3 WireGuard; C:\WINDOWS\System32\drivers\wireguard.sys [489368 2022-02-24] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
- R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [37280 2021-11-23] (HP Inc. -> HP)
- S3 wacomrouterfilter; \SystemRoot\System32\drivers\wacomrouterfilter.sys [X]
- ==================== NetSvcs (Whitelisted) ===================
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- ==================== One month (created) (Whitelisted) =========
- (If an entry is included in the fixlist, the file/folder will be moved.)
- 2022-03-15 02:08 - 2022-03-15 02:32 - 000000000 _____ C:\Recovery.txt
- 2022-03-14 14:03 - 2022-03-14 14:03 - 000000000 ____D C:\Users\hp\AppData\LocalLow\IGDump
- 2022-03-14 13:59 - 2022-03-14 14:04 - 000000000 ____D C:\FRST
- 2022-03-14 13:52 - 2022-03-14 13:52 - 000000000 ____D C:\Users\hp\Desktop\mbar
- 2022-03-14 13:52 - 2022-03-14 13:52 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
- 2022-03-14 13:48 - 2022-03-14 13:48 - 000000000 ____D C:\AdwCleaner
- 2022-03-14 13:46 - 2022-03-14 13:48 - 000002014 _____ C:\Users\hp\Desktop\Rkill.txt
- 2022-03-14 13:43 - 2022-03-14 13:43 - 000059008 _____ (Avast Software) C:\WINDOWS\system32\Drivers\aswVpnRdr.sys
- 2022-03-14 13:43 - 2022-03-14 13:43 - 000036120 _____ (Avast Software) C:\WINDOWS\system32\icarus_rvrt.exe
- 2022-03-14 13:43 - 2022-03-14 13:43 - 000002161 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast One.lnk
- 2022-03-14 13:43 - 2022-03-14 13:43 - 000002149 _____ C:\Users\Public\Desktop\Avast One.lnk
- 2022-03-14 13:43 - 2022-03-14 13:43 - 000000368 ____H C:\WINDOWS\Tasks\Avast SecureLine VPN Update.job
- 2022-03-14 13:42 - 2022-03-13 22:35 - 000340760 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
- 2022-03-14 13:35 - 2022-03-14 14:02 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
- 2022-03-14 13:35 - 2022-03-14 14:02 - 000221096 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
- 2022-03-14 13:35 - 2022-03-14 13:35 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
- 2022-03-14 13:35 - 2022-03-14 13:35 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
- 2022-03-14 13:35 - 2022-03-14 13:35 - 000002028 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
- 2022-03-14 13:35 - 2022-03-14 13:34 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
- 2022-03-14 13:22 - 2022-03-14 13:27 - 000000000 ____D C:\KVRT2020_Data
- 2022-03-14 13:20 - 2022-03-14 13:21 - 000000000 ____D C:\Users\hp\AppData\Roaming\.clamwin
- 2022-03-14 13:20 - 2022-03-14 13:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClamWin Antivirus
- 2022-03-14 13:20 - 2022-03-14 13:20 - 000000000 ____D C:\ProgramData\.clamwin
- 2022-03-14 13:20 - 2022-03-14 13:20 - 000000000 ____D C:\Program Files (x86)\ClamWin
- 2022-03-14 13:09 - 2022-03-14 13:09 - 000000000 ____D C:\ProgramData\Emsisoft
- 2022-03-14 13:08 - 2022-03-14 13:13 - 000000000 ____D C:\EEK
- 2022-03-13 22:44 - 2022-03-13 21:36 - 002443448 _____ (Malwarebytes) C:\Users\hp\Desktop\MBSetup.exe
- 2022-03-13 22:37 - 2022-03-13 22:37 - 000000000 ____D C:\Users\hp\AppData\Roaming\Avast Software
- 2022-03-13 22:35 - 2022-03-14 13:43 - 000000342 ____H C:\WINDOWS\Tasks\Avast Emergency Update.job
- 2022-03-13 22:35 - 2022-03-14 13:43 - 000000000 ____D C:\Program Files\Common Files\Avast Software
- 2022-03-13 22:35 - 2022-03-14 13:43 - 000000000 ____D C:\Program Files\Avast Software
- 2022-03-13 22:35 - 2022-03-13 22:35 - 000855336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
- 2022-03-13 22:35 - 2022-03-13 22:35 - 000551920 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
- 2022-03-13 22:35 - 2022-03-13 22:35 - 000546320 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
- 2022-03-13 22:35 - 2022-03-13 22:35 - 000370752 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
- 2022-03-13 22:35 - 2022-03-13 22:35 - 000318760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
- 2022-03-13 22:35 - 2022-03-13 22:35 - 000269440 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
- 2022-03-13 22:35 - 2022-03-13 22:35 - 000252992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
- 2022-03-13 22:35 - 2022-03-13 22:35 - 000228928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
- 2022-03-13 22:35 - 2022-03-13 22:35 - 000215920 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
- 2022-03-13 22:35 - 2022-03-13 22:35 - 000108912 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
- 2022-03-13 22:35 - 2022-03-13 22:35 - 000100416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
- 2022-03-13 22:35 - 2022-03-13 22:35 - 000083976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
- 2022-03-13 22:35 - 2022-03-13 22:35 - 000042416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
- 2022-03-13 22:35 - 2022-03-13 22:35 - 000036784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
- 2022-03-13 22:35 - 2022-03-13 22:35 - 000021936 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
- 2022-03-13 22:05 - 2022-03-14 13:34 - 000000000 ____D C:\ProgramData\MalwareBytes
- 2022-03-13 21:37 - 2022-03-14 13:34 - 000000000 ____D C:\Program Files\Malwarebytes
- 2022-03-13 21:23 - 2022-03-14 14:02 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
- 2022-03-13 21:23 - 2022-03-13 22:03 - 001390272 _____ C:\WINDOWS\ntbtlog.txt
- 2022-03-13 16:11 - 2022-03-13 16:11 - 000000894 _____ C:\Users\hp\AppData\Local\recently-used.xbel
- 2022-03-12 12:28 - 2022-03-12 12:28 - 035287672 _____ (Softdeluxe ) C:\Users\hp\Downloads\fdm_x64_setup (3).exe
- 2022-03-12 09:42 - 2022-03-13 22:49 - 000003072 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
- 2022-03-11 17:11 - 2022-03-11 17:11 - 000000000 ____D C:\Program Files (x86)\dotnet
- 2022-03-11 11:45 - 2022-03-11 11:45 - 000011911 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
- 2022-03-11 11:44 - 2022-03-11 11:44 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
- 2022-03-11 11:44 - 2022-03-11 11:44 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
- 2022-03-11 11:44 - 2022-03-11 11:44 - 000272896 _____ C:\WINDOWS\system32\TpmTool.exe
- 2022-03-11 11:44 - 2022-03-11 11:44 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
- 2022-03-09 15:03 - 2022-03-09 15:03 - 000000219 _____ C:\Users\hp\Desktop\Counter-Strike Global Offensive.url
- 2022-03-09 13:45 - 2022-03-11 11:34 - 000002322 _____ C:\Users\hp\Desktop\BUFF.lnk
- 2022-03-09 13:45 - 2022-03-11 11:34 - 000000000 ____D C:\Program Files (x86)\Overwolf
- 2022-03-09 13:45 - 2022-03-09 13:45 - 000004382 _____ C:\WINDOWS\system32\Tasks\Overwolf Updater Task
- 2022-03-09 13:45 - 2022-03-09 13:45 - 000000000 ____D C:\Users\hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
- 2022-03-09 13:45 - 2022-03-09 13:45 - 000000000 ____D C:\ProgramData\Overwolf
- 2022-03-09 13:41 - 2022-03-11 11:34 - 000000000 ____D C:\Users\hp\AppData\Local\Overwolf
- 2022-03-09 12:53 - 2022-03-09 12:53 - 000000015 _____ C:\Users\hp\AppData\Roaming\obs-virtualcam.txt
- 2022-03-09 11:13 - 2022-03-09 11:13 - 000000000 ___HD C:\$WinREAgent
- 2022-03-08 16:00 - 2022-03-08 16:00 - 000000000 ____D C:\Users\hp\XiaomiADBFastbootTools
- 2022-03-08 16:00 - 2022-03-08 16:00 - 000000000 ____D C:\Users\hp\.openjfx
- 2022-03-08 15:59 - 2022-03-08 15:59 - 000000000 ____D C:\Program Files\AdoptOpenJDK
- 2022-03-08 15:58 - 2022-03-08 16:00 - 022927958 _____ C:\Users\hp\Downloads\Xiaomi ADB & Fastboot Tools.jar
- 2022-03-08 15:58 - 2022-03-08 15:58 - 175759360 _____ C:\Users\hp\Downloads\JDK Windows.msi
- 2022-03-08 08:46 - 2022-03-08 08:46 - 000002237 _____ C:\Users\hp\Desktop\Discord.lnk
- 2022-03-07 21:27 - 2022-03-07 21:27 - 000000000 ____D C:\Users\hp\AppData\Local\lunar-client-qt
- 2022-03-07 21:04 - 2022-03-07 21:23 - 000000000 ____D C:\Users\hp\AppData\Roaming\lunarclient
- 2022-03-07 21:04 - 2022-03-07 21:04 - 000002342 _____ C:\Users\hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lunar Client.lnk
- 2022-03-07 21:04 - 2022-03-07 21:04 - 000000000 ____D C:\Users\hp\AppData\Local\lunarclient-updater
- 2022-03-05 12:47 - 2022-03-08 13:48 - 000000000 ____D C:\Users\hp\Documents\The Witcher 3
- 2022-03-02 22:23 - 2022-03-10 15:08 - 000000000 ____D C:\Users\hp\AppData\Local\Katana_ZERO
- 2022-03-02 13:34 - 2022-03-02 13:38 - 000000000 ____D C:\Users\hp\AppData\Roaming\EldenRing
- 2022-02-26 10:56 - 2022-02-26 10:56 - 000000000 ____D C:\Users\hp\IdeaProjects
- 2022-02-26 10:56 - 2022-02-26 10:56 - 000000000 ____D C:\Users\hp\AppData\Local\main.kts.compiled.cache
- 2022-02-26 10:51 - 2022-02-26 10:51 - 000165600 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
- 2022-02-26 10:50 - 2022-02-26 10:50 - 002254024 _____ (Oracle Corporation) C:\Users\hp\Downloads\JavaSetup8u321.exe
- 2022-02-26 10:50 - 2022-02-26 10:50 - 000000000 ____D C:\Program Files (x86)\Java
- 2022-02-25 21:29 - 2022-02-25 21:30 - 588820024 _____ C:\Users\hp\Downloads\ideaIC-2021.3.2.exe
- 2022-02-25 18:45 - 2022-02-25 18:45 - 000000000 ____D C:\Users\hp\Documents\Visual Studio 2022
- 2022-02-25 18:45 - 2022-02-25 18:45 - 000000000 ____D C:\Users\hp\AppData\Local\.IdentityService
- 2022-02-25 18:41 - 2019-12-06 16:35 - 000374784 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\DXCpl.exe
- 2022-02-25 18:41 - 2019-12-06 16:34 - 000417792 _____ C:\WINDOWS\system32\d3dconfig.exe
- 2022-02-25 18:41 - 2019-12-06 16:27 - 000347136 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\SysWOW64\DXCpl.exe
- 2022-02-25 18:41 - 2019-12-06 16:26 - 000365056 _____ C:\WINDOWS\SysWOW64\d3dconfig.exe
- 2022-02-25 18:39 - 2022-02-25 21:31 - 000000000 ____D C:\Program Files (x86)\Windows Kits
- 2022-02-25 18:39 - 2022-02-25 18:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2022
- 2022-02-25 18:38 - 2022-02-25 18:38 - 000000000 ____D C:\Program Files\Microsoft Visual Studio
- 2022-02-25 18:37 - 2022-02-25 21:32 - 000000000 ____D C:\Users\hp\AppData\Roaming\Visual Studio Setup
- 2022-02-25 18:37 - 2022-02-25 18:45 - 000000000 ____D C:\ProgramData\Microsoft Visual Studio
- 2022-02-25 18:37 - 2022-02-25 18:37 - 000001440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio Installer.lnk
- 2022-02-24 22:01 - 2021-11-14 21:53 - 000000000 ____D C:\mingw64
- 2022-02-24 20:38 - 2022-02-24 20:38 - 000489368 _____ (WireGuard LLC) C:\WINDOWS\system32\Drivers\wireguard.sys
- 2022-02-24 20:36 - 2022-02-24 20:41 - 000000000 ____D C:\Users\hp\AppData\Local\ProtonVPN
- 2022-02-24 20:36 - 2022-02-24 20:38 - 000000000 ____D C:\ProgramData\ProtonVPN
- 2022-02-24 20:36 - 2022-02-24 20:36 - 000001237 _____ C:\Users\Public\Desktop\ProtonVPN.lnk
- 2022-02-24 20:36 - 2022-02-24 20:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ProtonVPN
- 2022-02-24 20:04 - 2022-02-24 20:04 - 000003922 _____ C:\WINDOWS\system32\Tasks\BlueStacksHelper_nxt
- 2022-02-24 20:04 - 2022-02-24 20:04 - 000002104 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks 5.lnk
- 2022-02-24 20:04 - 2022-02-24 20:04 - 000002102 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks 5 Multi-Instance Manager.lnk
- 2022-02-24 20:04 - 2022-02-24 20:04 - 000001986 _____ C:\Users\Public\Desktop\BlueStacks 5.lnk
- 2022-02-24 20:03 - 2022-02-26 14:16 - 000000000 ____D C:\ProgramData\BlueStacks_nxt
- 2022-02-24 20:03 - 2022-02-24 20:03 - 000000000 ____D C:\Program Files\BlueStacks_nxt
- 2022-02-24 20:02 - 2022-02-24 20:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks X
- 2022-02-24 20:02 - 2022-02-24 20:02 - 000000000 ____D C:\Program Files (x86)\BlueStacks X
- 2022-02-24 20:01 - 2022-02-24 20:04 - 000000000 ____D C:\Users\hp\AppData\Local\BlueStacksSetup
- 2022-02-24 20:01 - 2022-02-24 20:03 - 000000000 ____D C:\Users\hp\AppData\Local\BlueStacks
- 2022-02-24 20:01 - 2022-02-24 20:01 - 000000000 ____D C:\Users\Public\BlueStacks
- 2022-02-21 22:08 - 2022-02-21 22:08 - 000000000 ____D C:\Python
- 2022-02-20 22:19 - 2022-02-20 22:22 - 000000000 ____D C:\Users\hp\AppData\Roaming\AnyDesk
- 2022-02-20 20:15 - 2022-02-20 22:08 - 000010560 _____ C:\Users\hp\Documents\practicetable.odb
- 2022-02-20 17:04 - 2021-12-30 18:16 - 000068936 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-64.dll
- 2022-02-19 19:17 - 2022-02-26 11:38 - 000000000 ____D C:\Users\hp\PycharmProjects
- 2022-02-19 19:17 - 2022-02-19 19:17 - 000000000 ____D C:\Users\hp\AppData\Local\pypa
- 2022-02-19 19:16 - 2022-02-26 10:47 - 000000000 ____D C:\Users\hp\AppData\Roaming\JetBrains
- 2022-02-19 19:16 - 2022-02-26 10:47 - 000000000 ____D C:\Users\hp\AppData\Local\JetBrains
- 2022-02-19 18:24 - 2022-02-26 10:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JetBrains
- 2022-02-19 18:22 - 2022-02-26 10:20 - 000000000 ____D C:\Program Files\JetBrains
- 2022-02-19 18:21 - 2022-02-19 18:22 - 377284568 _____ C:\Users\hp\Downloads\pycharm-community-2021.3.2.exe
- 2022-02-19 18:14 - 2022-02-19 18:14 - 035287672 _____ (Softdeluxe ) C:\Users\hp\Downloads\fdm_x64_setup (2).exe
- 2022-02-19 18:12 - 2022-02-19 18:12 - 000000000 ____D C:\Users\hp\AppData\Local\pip
- 2022-02-19 18:10 - 2022-02-19 18:10 - 000001012 _____ C:\Users\hp\Desktop\Firefox.lnk
- 2022-02-19 14:59 - 2022-02-20 20:15 - 000003999 _____ C:\Users\hp\Documents\New Database1.odb
- 2022-02-19 14:57 - 2022-02-19 14:59 - 000001721 _____ C:\Users\hp\Documents\New Database.odb
- 2022-02-19 14:50 - 2022-02-19 14:50 - 000000000 ____D C:\Users\hp\AppData\Roaming\OpenOffice
- 2022-02-19 14:48 - 2022-02-19 14:48 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.11
- 2022-02-19 14:48 - 2022-02-19 14:48 - 000000000 ____D C:\Program Files (x86)\OpenOffice 4
- 2022-02-19 14:47 - 2022-02-19 14:47 - 000000000 ____D C:\Users\hp\Desktop\OpenOffice 4.1.11 (en-US) Installation Files
- 2022-02-19 11:56 - 2022-02-19 11:56 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
- 2022-02-19 11:05 - 2022-03-08 14:49 - 000000000 ____D C:\ProgramData\PrivadoVPN
- 2022-02-19 11:05 - 2022-02-19 11:05 - 000001037 _____ C:\Users\Public\Desktop\PrivadoVPN.lnk
- 2022-02-19 11:05 - 2022-02-19 11:05 - 000000258 __RSH C:\ProgramData\ntuser.pol
- 2022-02-19 11:05 - 2022-02-19 11:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrivadoVPN
- 2022-02-19 11:05 - 2022-02-19 11:05 - 000000000 ____D C:\Program Files (x86)\PrivadoVPN
- 2022-02-18 21:37 - 2022-02-18 21:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
- 2022-02-18 21:37 - 2022-02-18 21:37 - 000000000 ____D C:\Program Files\qBittorrent
- 2022-02-18 21:36 - 2022-02-18 21:36 - 030298985 _____ (The qBittorrent project) C:\Users\hp\Downloads\qbittorrent_4.4.1_x64_setup.exe
- 2022-02-15 21:06 - 2022-02-15 21:06 - 000001401 _____ C:\Users\hp\Desktop\Opera Browser.lnk
- 2022-02-12 23:52 - 2022-03-07 16:43 - 000004162 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1644690153
- 2022-02-12 23:52 - 2022-03-07 16:43 - 000001407 _____ C:\Users\hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera Browser.lnk
- 2022-02-12 23:52 - 2022-02-12 23:52 - 000000000 ____D C:\Users\hp\AppData\LocalLow\AMD
- 2022-02-12 23:50 - 2022-02-12 23:51 - 002660576 _____ (Opera Software) C:\Users\hp\Downloads\OperaSetup.exe
- 2022-02-12 23:02 - 2022-02-12 23:02 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
- ==================== One month (modified) ==================
- (If an entry is included in the fixlist, the file/folder will be moved.)
- 2022-03-14 14:02 - 2021-08-11 13:01 - 000000000 ____D C:\Users\hp
- 2022-03-14 14:02 - 2021-08-11 13:00 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
- 2022-03-14 14:02 - 2020-10-01 12:51 - 000008192 ___SH C:\DumpStack.log.tmp
- 2022-03-14 13:49 - 2021-08-11 13:06 - 000840618 _____ C:\WINDOWS\system32\PerfStringBackup.INI
- 2022-03-14 13:49 - 2019-12-07 14:43 - 000000000 ____D C:\WINDOWS\INF
- 2022-03-14 13:44 - 2019-12-07 14:33 - 000524288 _____ C:\WINDOWS\system32\config\BBI
- 2022-03-14 13:42 - 2019-12-07 14:44 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
- 2022-03-14 11:21 - 2021-08-11 13:05 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
- 2022-03-14 11:21 - 2021-08-11 01:11 - 000000000 ____D C:\ProgramData\NVIDIA
- 2022-03-13 22:49 - 2021-12-17 20:30 - 000003104 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
- 2022-03-13 22:49 - 2021-08-11 11:27 - 000000000 ____D C:\Program Files (x86)\Google
- 2022-03-13 22:49 - 2019-12-07 14:44 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
- 2022-03-13 22:45 - 2021-09-17 16:26 - 000000000 ____D C:\ProgramData\Avast Software
- 2022-03-13 22:44 - 2021-12-01 12:41 - 000001607 _____ C:\WINDOWS\system32\config\VSMIDK
- 2022-03-13 22:18 - 2021-08-11 01:10 - 000000000 ____D C:\Users\hp\AppData\Local\ElevatedDiagnostics
- 2022-03-13 21:14 - 2021-08-11 12:05 - 000007599 _____ C:\Users\hp\AppData\Local\Resmon.ResmonCfg
- 2022-03-13 20:12 - 2021-08-30 15:00 - 000000000 ____D C:\Users\hp\AppData\Roaming\obs-studio
- 2022-03-13 19:46 - 2021-11-04 20:22 - 000000000 ____D C:\Users\hp\AppData\Roaming\.tlauncher
- 2022-03-13 19:46 - 2021-11-04 20:22 - 000000000 ____D C:\Users\hp\AppData\Roaming\.minecraft
- 2022-03-13 18:55 - 2021-12-01 17:27 - 000000000 ____D C:\Users\hp\.VirtualBox
- 2022-03-13 18:06 - 2021-12-01 17:27 - 000000000 ____D C:\ProgramData\VirtualBox
- 2022-03-13 16:12 - 2021-11-27 11:35 - 000000000 ____D C:\Users\hp\AppData\Local\babl-0.1
- 2022-03-13 12:19 - 2021-08-11 13:38 - 000000000 ____D C:\Users\hp\AppData\Local\CrashDumps
- 2022-03-12 19:39 - 2021-08-11 13:01 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
- 2022-03-12 19:39 - 2019-12-07 14:44 - 000000000 ___HD C:\Program Files\WindowsApps
- 2022-03-12 19:39 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\AppReadiness
- 2022-03-12 17:44 - 2021-08-11 18:19 - 000000000 ____D C:\Users\hp\AppData\Roaming\discord
- 2022-03-12 17:43 - 2021-10-07 13:00 - 000000000 ____D C:\Users\hp\AppData\Local\Discord
- 2022-03-12 16:32 - 2021-08-12 08:43 - 000000000 ____D C:\Users\hp\AppData\Local\osu!
- 2022-03-12 15:52 - 2021-08-12 08:47 - 000000000 ____D C:\Program Files (x86)\Steam
- 2022-03-12 09:44 - 2021-11-20 17:08 - 000120296 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
- 2022-03-12 09:44 - 2021-08-18 11:33 - 002258408 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
- 2022-03-12 09:44 - 2021-08-18 11:33 - 000337360 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
- 2022-03-12 09:44 - 2021-08-18 11:33 - 000217536 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
- 2022-03-12 09:44 - 2021-08-18 11:33 - 000198120 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
- 2022-03-12 09:44 - 2021-08-18 11:33 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
- 2022-03-12 09:44 - 2021-08-18 11:33 - 000061888 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemodcontrol.exe
- 2022-03-12 09:41 - 2021-08-11 13:00 - 000500192 _____ C:\WINDOWS\system32\FNTCACHE.DAT
- 2022-03-12 09:40 - 2019-12-07 14:44 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
- 2022-03-12 09:40 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\SystemResources
- 2022-03-12 09:40 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
- 2022-03-12 09:40 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\system32\oobe
- 2022-03-12 09:40 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\system32\migwiz
- 2022-03-12 09:40 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
- 2022-03-12 09:40 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\bcastdvr
- 2022-03-12 09:40 - 2019-12-07 14:33 - 000000000 ____D C:\WINDOWS\servicing
- 2022-03-11 17:11 - 2021-08-11 12:20 - 000000000 ____D C:\ProgramData\Package Cache
- 2022-03-11 16:49 - 2021-09-20 19:02 - 000000000 ____D C:\Users\hp\AppData\LocalLow\Mozilla
- 2022-03-11 16:10 - 2021-12-01 17:29 - 000000000 ____D C:\Users\hp\VirtualBox VMs
- 2022-03-11 11:48 - 2021-08-11 01:23 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
- 2022-03-11 11:47 - 2019-12-07 14:33 - 000000000 ____D C:\WINDOWS\CbsTemp
- 2022-03-11 11:44 - 2021-08-11 13:04 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
- 2022-03-11 11:36 - 2021-08-11 01:22 - 000000000 ____D C:\WINDOWS\system32\MRT
- 2022-03-11 11:34 - 2021-08-11 01:22 - 145666720 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
- 2022-03-10 10:33 - 2021-08-11 13:05 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
- 2022-03-10 10:33 - 2021-08-11 13:05 - 000003386 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d78e835857ad1c
- 2022-03-09 15:03 - 2021-08-12 08:52 - 000000000 ____D C:\Users\hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
- 2022-03-09 14:25 - 2021-12-26 11:34 - 000000000 ____D C:\Users\hp\Documents\My Games
- 2022-03-09 13:53 - 2021-08-12 10:33 - 000000000 ____D C:\Program Files\Epic Games
- 2022-03-09 13:46 - 2021-08-13 21:27 - 000000000 ____D C:\Users\hp\AppData\Local\AMD
- 2022-03-09 13:46 - 2021-08-11 01:09 - 000000000 ____D C:\Users\hp\AppData\Local\D3DSCache
- 2022-03-07 21:05 - 2021-11-22 17:06 - 000000000 ____D C:\Users\hp\.lunarclient
- 2022-03-07 20:58 - 2021-11-14 11:01 - 000000000 ____D C:\Users\hp\AppData\Roaming\Salad
- 2022-03-07 20:40 - 2021-11-14 11:00 - 000000000 ____D C:\Program Files\Salad
- 2022-03-07 16:38 - 2021-08-11 12:20 - 000000000 ____D C:\ProgramData\NbfcService
- 2022-03-05 11:17 - 2021-11-07 10:09 - 000000000 ____D C:\Users\hp\AppData\Roaming\qBittorrent
- 2022-03-04 21:27 - 2021-08-11 11:27 - 000002254 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
- 2022-03-03 14:09 - 2021-11-08 06:20 - 000000000 ____D C:\WINDOWS\SysWOW64\directx
- 2022-03-03 14:08 - 2021-11-08 06:21 - 000000000 ___HD C:\WINDOWS\msdownld.tmp
- 2022-03-01 15:42 - 2021-08-11 08:23 - 000000000 ____D C:\Users\hp\AppData\Local\Microsoft Help
- 2022-02-27 11:02 - 2021-11-29 13:04 - 000000000 ____D C:\Users\hp\Desktop\arv
- 2022-02-26 10:51 - 2021-12-30 18:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
- 2022-02-26 10:51 - 2021-11-04 20:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
- 2022-02-25 21:31 - 2021-08-11 08:26 - 000000000 ____D C:\Program Files (x86)\MSBuild
- 2022-02-25 21:31 - 2019-12-07 14:44 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
- 2022-02-25 21:28 - 2021-09-16 08:59 - 000000000 ____D C:\Users\hp\AppData\Roaming\Code
- 2022-02-25 18:38 - 2021-08-11 08:26 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
- 2022-02-24 20:36 - 2021-11-17 11:47 - 000000000 ____D C:\Users\hp\AppData\Roaming\Proton Technologies AG
- 2022-02-24 20:36 - 2021-11-17 11:47 - 000000000 ____D C:\Program Files (x86)\Proton Technologies
- 2022-02-20 20:03 - 2021-08-11 13:29 - 000000000 ____D C:\Users\hp\AppData\Local\AMD_Common
- 2022-02-19 19:15 - 2021-09-20 19:02 - 000000000 ____D C:\Program Files\Mozilla Firefox
- 2022-02-19 19:15 - 2021-09-20 19:02 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
- 2022-02-19 14:59 - 2021-11-04 20:23 - 000000000 ____D C:\Program Files\Java
- 2022-02-19 11:56 - 2021-09-20 19:02 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
- 2022-02-19 11:05 - 2019-12-07 14:44 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
- 2022-02-19 11:05 - 2019-03-19 10:22 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
- 2022-02-15 20:34 - 2021-10-31 14:50 - 000000000 ____D C:\Riot Games
- 2022-02-15 20:34 - 2021-08-12 10:02 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
- 2022-02-15 20:34 - 2021-08-12 09:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
- 2022-02-15 19:14 - 2022-01-29 16:59 - 000001993 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Feather Launcher.lnk
- 2022-02-15 19:14 - 2021-11-03 18:09 - 000001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Luminar AI.lnk
- 2022-02-15 19:14 - 2021-10-26 09:56 - 000001153 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
- 2022-02-15 19:14 - 2021-08-12 08:59 - 000001270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
- 2022-02-15 19:13 - 2021-08-12 09:55 - 000000000 ____D C:\ProgramData\Riot Games
- 2022-02-14 21:06 - 2021-08-11 01:23 - 000600944 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
- 2022-02-14 21:06 - 2021-08-11 01:23 - 000482120 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
- 2022-02-13 12:34 - 2021-11-27 11:31 - 000000953 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.10.28.lnk
- 2022-02-13 12:34 - 2021-11-14 11:01 - 000001869 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Salad.lnk
- ==================== Files in the root of some directories ========
- 2021-11-08 06:14 - 2021-11-08 06:46 - 000012288 _____ () C:\Users\hp\AppData\Roaming\emp.bin
- 2021-10-05 21:24 - 2021-10-05 21:24 - 000000000 _____ () C:\Users\hp\AppData\Roaming\MCVi2UserDetail.ini
- 2021-12-11 20:31 - 2021-12-17 20:17 - 000000758 _____ () C:\Users\hp\AppData\Roaming\mscache.lock
- 2022-03-09 12:53 - 2022-03-09 12:53 - 000000015 _____ () C:\Users\hp\AppData\Roaming\obs-virtualcam.txt
- 2021-12-11 20:30 - 2021-12-17 20:24 - 000014289 _____ () C:\Users\hp\AppData\Roaming\salwyrr.properties.backup
- 2021-12-11 20:30 - 2021-12-17 20:24 - 000014289 _____ () C:\Users\hp\AppData\Roaming\slw.saves
- 2021-11-29 10:47 - 2021-12-04 22:13 - 000002547 _____ () C:\Users\hp\AppData\Local\krita-sysinfo.log
- 2021-11-29 10:47 - 2021-12-04 22:25 - 000049865 _____ () C:\Users\hp\AppData\Local\krita.log
- 2021-12-04 22:25 - 2021-12-04 22:25 - 000000188 _____ () C:\Users\hp\AppData\Local\kritadisplayrc
- 2021-11-29 10:47 - 2021-12-04 22:25 - 000026257 _____ () C:\Users\hp\AppData\Local\kritarc
- 2022-03-13 16:11 - 2022-03-13 16:11 - 000000894 _____ () C:\Users\hp\AppData\Local\recently-used.xbel
- 2021-08-11 12:05 - 2022-03-13 21:14 - 000007599 _____ () C:\Users\hp\AppData\Local\Resmon.ResmonCfg
- 2021-08-21 18:24 - 2021-08-21 18:24 - 000000056 _____ () C:\Users\hp\AppData\Local\X-Plane 11 Preferences.prf
- 2021-08-21 18:25 - 2021-08-21 18:25 - 000000037 _____ () C:\Users\hp\AppData\Local\X-Plane Installer.prf
- ==================== SigCheck ============================
- (There is no automatic fix for files that do not pass verification.)
- safeboot: Network => The system is configured to boot to Safe Mode <==== ATTENTION
- ==================== End of FRST.txt ========================
Add Comment
Please, Sign In to add comment