Non classé

Je pense que je viens de télécharger un logiciel malveillant sur mon PC – Un serveur de qualité

Le 3 avril 2021 - 74 minutes de lecture

[bzkshopping keyword= »Minecraft » count= »8″ template= »grid »]

Je suis allé sur ce site https://www.softpedia.com/get/System/System-Miscellaneous/Local-Cooling.shtml pour télécharger ce logiciel qui serait censé vous dire quelle est la consommation d'énergie de votre PC. Le téléchargement est LocalCooling2.msi. Lorsque vous l'exécutez, il télécharge quelque chose et vous demande de donner la permission d'exécuter deux fichiers (voir ci-joint). En tant qu'idiot, j'ai cliqué sur autoriser les deux. Après avoir cliqué sur autoriser les deux, il ne s'est absolument rien passé. Aucun programme de ce type appelé Local Cooling n'a été installé sur mon PC. Par curiosité, j'ai de nouveau exécuté le package .msi, et il a demandé la permission d'installer l'un des fichiers .exe, mais cette fois il avait un nom complètement différent. Même style, même type de nom de fichier (même nombre de chiffres suivis d'un trait d'union, et 2 parenthèses sur chaque page) Les captures d'écran que vous voyez ne sont PAS celles que j'ai téléchargées. Je n'ai pas protégé les fichiers que j'exécutais.

Jusqu'à présent, j'ai exécuté un scan avast, malwarebytes anti-malware et malwarebytes anti-rootkit scan et je n'ai rien trouvé. Je ne sais pas pourquoi, mais je suis convaincu qu'il s'agissait d'un logiciel malveillant ou d'un virus, il fallait bien. De plus, je les ai trouvés dans mon dossier Temp (voir capture d'écran ci-jointe), et lorsque j'essaie de les supprimer, je reçois ce message (voir capture d'écran ci-jointe).

Fichier FRST.txt passable

Résultat de l'analyse de l'outil d'analyse de récupération passable (FRST) (x64) Version: 31-03-2021

Piloté par PC (administrateur) sur DESKTOP-OTUPJS9 (Micro-Star International Co., Ltd. MS-7C84) (03-04-2021 02:27:58)

Exécution à partir de C: Users PC Downloads

Profils chargés: PC

Plate-forme: Windows 10 Home Version 1909 18363.1441 (X64) Langue: Anglais (États-Unis)

Navigateur par défaut: Chrome

Mode de démarrage: normal

===================== Processus (approuvés) ==================

(Si une entrée est incluse dans la liste des correctifs, le processus se ferme. Le fichier n'est pas déplacé.)

(Avast Software s.r.o. -> Logiciel AVAST) C: Program Files Avast Software Avast aswEngSrv.exe

(Avast Software s.r.o. -> Logiciel AVAST) C: Program Files Avast Software Avast aswidsagent.exe

(Avast Software s.r.o. -> Logiciel AVAST) C: Program Files Avast Software Avast aswToolsSvc.exe

(Avast Software s.r.o. -> Logiciel AVAST) C: Program Files Avast Software Avast AvastSvc.exe

(Avast Software s.r.o. -> Logiciel AVAST) C: Program Files Avast Software Avast AvastUI.exe <4>

(Avast Software s.r.o. -> Logiciel AVAST) C: Program Files Avast Software Avast wsc_proxy.exe

(Charles Milette) C: Program Files WindowsApps 28017CharlesMilette.TranslucentTB_9.0.0.0_x86__v826wp6bftszj TranslucentTB TranslucentTB.exe

(G.SKILL International Enterprise Co., Ltd. -> G.SKILL Inc.) C: Program Files (x86) G.SKILL Trident Z Lighting Control hid.exe

(Google LLC ->) C: Program Files Google Drive googledrivesync.exe <2>

(Google LLC -> Google LLC) C: Program Files (x86) Google Update 1.3.36.72 GoogleCrashHandler.exe

(Google LLC -> Google LLC) C: Program Files (x86) Google Update 1.3.36.72 GoogleCrashHandler64.exe

(Google LLC -> Google LLC) C: Program Files Google Chrome Application chrome.exe <67>

(Logitech Inc. -> Logitech Inc.) C: Program Files Logitech Gaming Software Drivers APOService LogiRegistryService.exe

(Logitech Inc. -> Logitech Inc.) C: Program Files Logitech Gaming Software LCore.exe

(Logitech Inc -> Logitech) C: ProgramData Logishrd LogiOptions Software Current LogiOverlay.exe

(Logitech Inc. -> Logitech, Inc.) C: Program Files Logitech LogiOptions LogiOptions.exe

(Logitech Inc -> Logitech, Inc.) C: ProgramData Logishrd LogiOptions Software Current LogiOptionsMgr.exe

(Malwarebytes Inc -> Malwarebytes) C: Program Files Malwarebytes Anti-Malware MBAMService.exe

(Malwarebytes Inc -> Malwarebytes) C: Program Files Malwarebytes Anti-Malware mbamtray.exe

(Microsoft Corporation -> Microsoft Corporation) C: Program Files Common Files microsoft shared ClickToRun OfficeClickToRun.exe

(Microsoft Corporation -> Microsoft Corporation) C: Users PC AppData Local Microsoft Teams current Teams.exe <9>

(Microsoft Corporation) C: Program Files WindowsApps Microsoft.WindowsCalculator_10.2101.10.0_x64__8wekyb3d8bbwe Calculator.exe

(Microsoft Corporation) C: Program Files WindowsApps Microsoft.WindowsStore_12101.1001.14.0_x64__8wekyb3d8bbwe WinStore.App.exe

(Microsoft Windows -> Microsoft Corporation) C: Windows ImmersiveControlPanel SystemSettings.exe

(Microsoft Windows -> Microsoft Corporation) C: Windows System32 dllhost.exe <2>

(Microsoft Windows -> Microsoft Corporation) C: Windows System32 rundll32.exe

(Microsoft Windows -> Microsoft Corporation) C: Windows System32 smartscreen.exe

(Microsoft Windows -> Microsoft Corporation) C: Windows System32 wlanext.exe

(Microsoft Windows -> Microsoft Corporation) C: Windows WinSxS amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.18362.1430_none_16f0726f2a33ac55 TiWorker.exe

(NVIDIA Corporation -> Node.js) C: Program Files (x86) NVIDIA Corporation NvNode NVIDIA Web Helper.exe

(NVIDIA Corporation -> NVIDIA Corporation) C: Program Files NVIDIA Corporation NvContainer nvcontainer.exe <3>

(NVIDIA Corporation -> NVIDIA Corporation) C: Program Files NVIDIA Corporation NVIDIA GeForce Experience NVIDIA Share.exe <3>

(NVIDIA Corporation -> NVIDIA Corporation) C: Program Files NVIDIA Corporation ShadowPlay nvsphelper64.exe

(NVIDIA Corporation -> NVIDIA Corporation) C: Windows System32 DriverStore FileRepository nv_dispi.inf_amd64_5be8de9f3373beaf Display.NvContainer NVDisplay.Container.exe <2>

(Riot Games, Inc. -> Riot Games, Inc.) C: Program Files Riot Vanguard vgtray.exe

(Spotify AB) C: Program Files WindowsApps SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0 Spotify.exe <5>

(Swift Media Entertainment, Inc. -> Blitz, Inc.) C: Users PC AppData Local Programs Blitz Blitz.exe <6>

(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C: Program Files (x86) TeamViewer TeamViewer_Service.exe

===================== Inscription (approuvée) ====================

(Si une entrée est incluse dans la liste de correctifs, l'entrée de registre est restaurée par défaut ou supprimée. Le fichier n'est pas déplacé.)

HKLM … Exécuter: [Logitech Download Assistant] => C: Windows System32 LogiLDA.dll [3942864 2016-10-13] (Logitech -> Logitech, Inc.)

HKLM … Exécuter: [Riot Vanguard] => C: Program Files Riot Vanguard vgtray.exe [353400 2021-03-25] (Riot Games, Inc. -> Riot Games, Inc.)

HKLM … Exécuter: [LogiOptions] => C: Program Files Logitech LogiOptions LogiOptions.exe [1667208 2020-11-24] (Logitech Inc. -> Logitech, Inc.)

HKLM … Exécuter: [Launch LCore] => C: Program Files Logitech Gaming Software LCore.exe [18727048 2018-10-05] (Logitech Inc. -> Logitech Inc.)

HKLM … Exécuter: [Wondershare Helper Compact.exe] => C: Program Files Common Files Wondershare Wondershare Helper Compact WSHelper.exe

HKLM … Exécuter: [AvastUI.exe] => C: Program Files Avast Software Avast AvLaunch.exe [117472 2021-04-02] (Avast Software s.r.o. -> Logiciel AVAST)

HKLM-x32 … Exécuter: [Wondershare Helper Compact.exe] => C: Program Files (x86) Common Files Wondershare Wondershare Helper Compact WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co., Ltd -> Wondershare)

HKLM-x32 … Exécuter: [Spectrum] => C: Program Files (x86) G.SKILL Trident Z Lighting Control HID.exe [1753104 2020-11-25] (G.SKILL International Enterprise Co., Ltd. -> G.SKILL Inc.)

HKU S-1-5-21-2018598786-54766760-3354375963-1001 … Exécuter: [Discord] => C: Users PC AppData Local Discord Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)

HKU S-1-5-21-2018598786-54766760-3354375963-1001 … Exécuter: [com.squirrel.Teams.Teams] => C: Users PC AppData Local Microsoft Teams Update.exe [2453704 2021-03-25] (Composant d'application tiers Microsoft -> Microsoft Corporation)

HKU S-1-5-21-2018598786-54766760-3354375963-1001 … Exécuter: [GoogleDriveSync] => C: Program Files Google Drive googledrivesync.exe [50041472 2021-03-12] (Google LLC ->)

HKU S-1-5-21-2018598786-54766760-3354375963-1001 … Exécuter: [com.blitz.app] => C: Users PC AppData Local Applications Blitz Blitz.exe [109893896 2021-04-01] (Swift Media Entertainment, Inc. -> Blitz, Inc.)

HKLM Software Microsoft Active Setup Composants installés: [8A69D345-D564-463c-AFF1-A69D9E530F96] -> C: Program Files Google Chrome Application 89.0.4389.114 Installer chrmstp.exe [2021-03-31] (Google LLC -> Google LLC)

HKLM SOFTWARE Politics Mozilla Firefox: Restriction <==== REMARQUE

======================= Tâches planifiées (approuvées) =============

(Si une entrée est incluse dans la liste des correctifs, elle sera supprimée du registre. Le fichier ne sera pas déplacé sauf s'il est répertorié séparément.)

Tâche: 06DD544B-0159-462D-977A-4ED7896919E0 – System32 Tasks Microsoft Office Office ClickToRun Service Monitor => C: Program Files Common Files Microsoft Shared ClickToRun OfficeC2RClient.exe [23080824 2021-03-09] (Microsoft Corporation -> Microsoft Corporation)

Tâche: 45801A3D-A4CE-42A9-AD62-718734184A73 – System32 Tasks Avast Emergency Update => C: Program Files Avast Software Avast AvEmUpdate.exe [4686560 2021-04-02] (Avast Software s.r.o. -> Logiciel AVAST)

Tâche: 59AB339E-DAC0-4C34-ADE1-DC19EA114A08 – System32 Tasks Microsoft Office Office Feature Updates Logon => C: Program Files (x86) Microsoft Office root Office16 sdxhelper.exe [114024 2021-03-22] (Microsoft Corporation -> Microsoft Corporation)

Tâche: 5F8ED159-5927-490E-A117-A652738B2B5C – System32 Tasks NvDriverUpdateCheckDaily_ B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C: Program Files NVIDIA Corporation nv [874472 2021-01-11] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C: Program Files NVIDIA Corporation NvDriverUpdateCheck" -l 3 -f C: ProgramData NVIDIA NvContainerDriverUpdateCheck.log

Tâche: 72512C48-B92D-42F8-8CF9-54BE68A8951F – System32 Tasks Avast Software Overseer => C: Program Files Common Files Avast Software Overseer overseer.exe [1791712 2021-04-02] (Avast Software s.r.o. -> Avast Software)

Tâche: 7AF1BA99-6D77-4A5B-905D-6D7D1015A6D7 – System32 Tasks NvNodeLauncher_ B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C: Program Files (x86) NVIDIA Corporation [646896 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)

Tâche: 85E27C6D-653E-487B-9E8C-D06F82C60EBB – Agent de navigateur par défaut System32 Tasks Mozilla Firefox 308046B0AF4A39CB => C: Program Files Mozilla Firefox default-browser-agent.exe [694256 2021-03-10] (Mozilla Corporation -> Fondation Mozilla)

Tâche: 8E0A31A1-726D-453B-8477-3C32634D7696 – System32 Tasks NvTmRep_CrashReport2_ B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C: Program Files NVIDIA Corporation [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)

Tâche: A36F7B28-8CAF-4684-8C65-A8B9DADA8EBD – System32 Tasks NVIDIA GeForce Experience SelfUpdate_ B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C: Program Files NVIDF Corporation [3302128 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)

Tâche: ADA88009-F7BC-4CD9-8451-5FFF035338CC – System32 Tasks NvTmRep_CrashReport4_ B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C: Program Files NVIDIA Corporation N [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)

Tâche: AE6378CD-9F2D-4BAD-AF2F-E5578B2ED6A3 – System32 Tasks Microsoft Office Office Automatic Updates 2.0 => C: Program Files Common Files Microsoft Shared ClickToRun OfficeC2RClient.exe [23080824 2021-03-09] (Microsoft Corporation -> Microsoft Corporation)

Tâche: B96F6FB2-48C8-4B06-9979-34621CB06081 – System32 Tasks NvProfileUpdaterDaily_ B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C: Program Files NVIDIA Corporation Update Core [906480 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)

Tâche: BBF90885-37B9-47A8-B2C9-5967AF09812A – System32 Tasks GoogleUpdateTaskMachineUA => C: Program Files (x86) Google Update GoogleUpdate.exe [154440 2021-03-16] (Google LLC -> Google LLC)

Tâche: BCE837CD-5E86-4866-B64D-CBEECC0453EE – System32 Tasks Microsoft Office Office Feature Updates => C: Program Files (x86) Microsoft Office root Office16 sdxhelper.exe [114024 2021-03-22] (Microsoft Corporation -> Microsoft Corporation)

Tâche: D1AAB812-56ED-4103-B9E4-E4948FF42D31 – System32 Tasks NvProfileUpdaterOnLogon_ B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C: Program Files NVIDIA Corporation Update [906480 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)

Tâche: D26D8727-1120-485A-AD3B-670C48D52E1F – System32 Tasks NvTmRep_CrashReport1_ B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C: Program Files NVIDIA Corporation Nv [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)

Tâche: DB0FDAF6-D364-4C2B-9FB8-49F79F2A22BD – System32 Tasks NvTmRep_CrashReport3_ B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C: Program Files NVID [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)

Tâche: E9C72F10-1A7D-4A19-AC6A-4DE1FE90A8C1 – System32 Tasks NvBatteryBoostCheckOnLogon_ B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C: Program Files c [874472 2021-01-11] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C: Program Files NVIDIA Corporation NvBackend NvBatteryBoostCheck" -l 3 -f C: ProgramData NVIDIA NvContainerBatteryBoostCheck.log

Tâche: F02B3F0E-D93F-475D-8217-B463BE28E280 – System32 Tasks GoogleUpdateTaskMachineCore => C: Program Files (x86) Google Update GoogleUpdate.exe [154440 2021-03-16] (Google LLC -> Google LLC)

(Si une entrée est incluse dans la liste de correctifs, le fichier de tâche (.job) est déplacé. Le fichier exécuté par la tâche n'est pas déplacé.)

Tâche: C: Windows Tasks CreateExplorerShellUnelevatedTask.job => C: Windows explorer.exe

===================== Internet (approuvé) =====================

(Si un élément est inclus dans la liste de correctifs, s'il s'agit d'un élément de registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip Paramètres: [DhcpNameServer] 192.168.0.1 24.200.241.37 24.202.72.13

Tcpip .. Interface 959d512b-b307-4fbd-8659-9d1ca1a23daa: [DhcpNameServer] 192.168.0.1 24.200.241.37 24.202.72.13

Tcpip .. Interface e5e38001-6f7d-47da-8f54-7f3175094d09: [DhcpNameServer] 192.168.0.1 24.200.241.37 24.202.72.13

Bord:

=======

Profil Edge: C: Users PC AppData Local Microsoft Edge User Data Default [2021-04-03]

Renard de feu:

========

Profil par défaut FF: objn5mx8.default

FF ProfilePath: C: Users PC AppData Roaming Mozilla Firefox Profiles objn5mx8.default [2021-03-20]

FF ProfilePath: C: Users PC AppData Roaming Mozilla Firefox Profiles j3c83l00.default-release [2021-04-02]

Alertes FF: Mozilla Firefox Profiles j3c83l00.default-release -> hxxps: //app.gohighlevel.com

Plugin FF: @ videolan.org / vlc, version = 3.0.12 -> C: Program Files VideoLAN VLC npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)

FF Plugin-x32: @ microsoft.com/SharePoint, version = 14.0 -> C: Program Files (x86) Microsoft Office root Office16 NPSPWRAP.DLL [2021-03-19] (Microsoft Corporation -> Microsoft Corporation)

Chrome:

=======

Profil CHR: C: Users PC AppData Local Google Chrome User Data Default [2021-04-03]

Alertes CHR: Par défaut -> hxxps: //meet.google.com

CHR StartupUrls: Par défaut -> "hxxp: //www.google.com/"

CHR DefaultSearchURL: Par défaut -> hxxps: //snapdrop.net/images/android-chrome-192×192.png

Restauration de session CHR: Par défaut -> est activé.

Extension CHR: (Slides) – C: Users PC AppData Local Google Chrome User Data Default Extensions aapocclcgogkmnckokdopfmhonfmgoek [2021-03-16]

Extension CHR: (SEOquake) – C: Users PC AppData Local Google Chrome User Data Standard Extensions akdgnmcogleenhbclghghlkkdndkjdjc [2021-03-24]

Extension CHR: (Dropified Dropshipping) – C: Users PC AppData Local Google Chrome User Data Standard Extensions aogkkekoinpipjlolpcicigndjlcpdcn [2021-03-19]

Extension CHR: (Docs) – C: Users PC AppData Local Google Chrome User Data Default Extensions aohghmighlieiainnegkcijnfilokake [2021-03-16]

Extension CHR: (Google Drive) – C: Users PC AppData Local Google Chrome User Data Default Extensions apdfllckaahabafndbhieahigkjlhalf [2021-03-16]

Extension CHR: (Keyword Surfer) – C: Users PC AppData Local Google Chrome User Data Default Extensions bafijghppfhdpldihckdcadbcobikaca [2021-04-01]

Extension CHR: (YouTube) – C: Users PC AppData Local Google Chrome User Data Standard Extensions blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-03-16]

Extension CHR: (Honey) – C: Users PC AppData Local Google Chrome User Data Standard Extensions bmnlcjabgnpnenekpadlanbbkooimhnj [2021-03-22]

Extension CHR: (SignNow pour Google Drive) – C: Users PC AppData Local Google Chrome User Data Standard Extensions dhlbeaeiefgnljkodggicafjppjcbgmj [2021-03-25]

Extension CHR: (MozBar) – C: Users PC AppData Local Google Chrome User Data Default Extensions eakacpaijcpapndcfffdgphdiccmpknp [2021-03-16]

Extension CHR: (Facebook Pixel Helper) – C: Users PC AppData Local Google Chrome User Data Standard Extensions fdgfkebogiimcoedlicjlajpkdmockpc [2021-03-16]

Extension CHR: (GoFullPage – Capture d'écran pleine page) – C: Users PC AppData Local Google Chrome User Data Standard Extensions fdpohaocaechififmbbbbbbknoalclacl [2021-03-19]

Extension CHR: (Feuille) – C: Users PC AppData Local Google Chrome User Data Default Extensions felcaaldnbdncclmgdcncolpebgiejap [2021-03-16]

Extension CHR: (Google Docs hors ligne) – C: Users PC AppData Local Google Chrome User Data Default Extensions ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-16]

Extension CHR: (Keywords Everywhere – Keyword Tool) – C: Users PC AppData Local Google Chrome User Data Default Extensions hbapdpeemoojbophdfndmlgdhppljgmp [2021-03-16]

Extension CHR: (Eye Dropper) – C: Users PC AppData Local Google Chrome User Data Standard Extensions hmdcmlfkchdmnmnmheododdhjedfccka [2021-03-22]

Extension CHR: (SimilarWeb – Classement du trafic et analyse du site Web) – C: Users PC AppData Local Google Chrome User Data Default Extensions hoklmmgfnpapgjgcpechhaamimifchmp [2021-03-16]

Extension CHR: (Snapdrop) – C: Users PC AppData Local Google Chrome User Data Standard Extensions ikpmlgdcejalmjnfbahhijemkcgljabf [2021-03-23]

Extension CHR: (Tag Assistant Legacy (par Google)) – C: Users PC AppData Local Google Chrome User Data Standard Extensions kejbdjndbnbjgmefkgdddjlbokphdefk [2021-03-16]

Extension CHR: (MetaMask) – C: Users PC AppData Local Google Chrome User Data Standard Extensions nkbihfbeogaeaoehlefnkodbefgpgknn [2021-03-31]

Extension CHR: (Enregistrer l'image au format PNG) – C: Users PC AppData Local Google Chrome User Data Default Extensions nkokmeaibnajheohncaamjggkanfbphi [2021-03-16]

Extension CHR: (Paiements Chrome Web Store) – C: Users PC AppData Local Google Chrome User Data Standard Extensions nmmhkkegccagdldgiimedpiccmgmieda [2021-03-16]

Extension CHR: (Extension SEO détaillée) – C: Users PC AppData Local Google Chrome User Data Default Extensions pfjdepjjfjjahkjfpkcgfmfhmnakjfba [2021-03-16]

Extension CHR: (Gmail) – C: Users PC AppData Local Google Chrome User Data Default Extensions pjkljhegncpnkpknbcohdijeoejaedia [2021-03-16]

Extension CHR: (Chrome Media Router) – C: Users PC AppData Local Google Chrome User Data Standard Extensions pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-16]

Extension CHR: (seotoolsland Extension 1) – C: Users PC Downloads seotoolsland new Extentions [2021-01-19]

Extension CHR: (Seotoolsland Extension 2) – C: Users PC Downloads seotoolsland new Extentions [2021-01-19]

CHR HKU S-1-5-21-2018598786-54766760-3354375963-1001 SOFTWARE Google Chrome Extensions … Chrome Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]

======================= Services (approuvés) ====================

(Si une entrée est incluse dans la liste des correctifs, elle sera supprimée du registre. Le fichier ne sera pas déplacé sauf s'il est répertorié séparément.)

R3 aswbIDSAgent; C: Program Files Avast Software Avast aswidsagent.exe [7888408 2021-04-02] (Avast Software s.r.o. -> Logiciel AVAST)

R2 avast! Antivirus; C: Program Files Avast Software Avast AvastSvc.exe [623216 2021-04-02] (Avast Software s.r.o. -> Logiciel AVAST)

R2 avast! Outil; C: Program Files Avast Software Avast aswToolsSvc.exe [353504 2021-04-02] (Avast Software s.r.o. -> Logiciel AVAST)

R2 AvastWscReporter; C: Program Files Avast Software Avast wsc_proxy.exe [56920 2021-04-02] (Avast Software s.r.o. -> Logiciel AVAST)

R2 ClickToRunSvc; C: Program Files Common Files Microsoft Shared ClickToRun OfficeClickToRun.exe [8990072 2021-03-11] (Microsoft Corporation -> Microsoft Corporation)

S3 FvSvc; C: Program Files NVIDIA Corporation FrameViewSDK nvfvsdksvc_x64.exe [410864 2021-01-24] (NVIDIA Corporation -> NVIDIA)

R2 LogiRegistryService; C: Program Files Logitech Gaming Software Drivers APOService LogiRegistryService.exe [206472 2018-10-05] (Logitech Inc. -> Logitech Inc.)

R2 MBAMService; C: Program Files Malwarebytes Anti-Malware MBAMService.exe [7456464 2021-04-02] (Malwarebytes Inc -> Malwarebytes)

R2 TeamViewer; C: Program Files (x86) TeamViewer TeamViewer_Service.exe [12849960 2021-03-15] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

S3 vgc; C: Program Files Riot Vanguard vgc.exe [10359000 2021-03-25] (Riot Games, Inc. -> Riot Games, Inc.)

S3 WdNisSvc; C: ProgramData Microsoft Windows Defender Platform 4.18.2102.4-0 NisSrv.exe [2483616 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)

S3 WinDefend; C: ProgramData Microsoft Windows Defender Platform 4.18.2102.4-0 MsMpEng.exe [128376 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)

R2 NVDisplay.ContainerLocalSystem; C: Windows System32 DriverStore FileRepository nv_dispi.inf_amd64_5be8de9f3373beaf Display.NvContainer NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f% ProgramData% NVIDIA NVContainSystem. Windows System32 DriverStore FileRepository nv_dispi.inf_amd64_5be8de9f3373beaf Display.NvContainer plugins LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem LocalSystem

======================= Pilotes (approuvés) ====================

(Si une entrée est incluse dans la liste des correctifs, elle sera supprimée du registre. Le fichier ne sera pas déplacé sauf s'il est répertorié séparément.)

R0 aswArDisk; C: Windows System32 drivers aswArDisk.sys [35680 2021-04-02] (Avast Software s.r.o. -> Logiciel AVAST)

R1 aswArPot; C: Windows System32 drivers aswArPot.sys [208552 2021-04-02] (Avast Software s.r.o. -> Logiciel AVAST)

R1 aswbidsdriver; C: Windows System32 drivers aswbidsdriver.sys [365520 2021-04-02] (Avast Software s.r.o. -> Logiciel AVAST)

R0 aswbidsh; C: Windows System32 drivers aswbidsh.sys [250328 2021-04-02] (Avast Software s.r.o. -> Logiciel AVAST)

R0 aswbuniv; C: Windows System32 drivers aswbuniv.sys [99288 2021-04-02] (Avast Software s.r.o. -> Logiciel AVAST)

R0 aswElam; C: Windows System32 drivers aswElam.sys [16832 2021-04-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Logiciel AVAST)

R1 aswKbd; C: Windows System32 drivers aswKbd.sys [41304 2021-04-02] (Avast Software s.r.o. -> Logiciel AVAST)

R1 aswMonFlt; C: Windows System32 drivers aswMonFlt.sys [177872 2021-04-02] (Avast Software s.r.o. -> Logiciel AVAST)

R1 aswNetHub; C: Windows System32 drivers aswNetHub.sys [524416 2021-04-02] (Avast Software s.r.o. -> Logiciel AVAST)

R1 aswRdr; C: Windows System32 drivers aswRdr2.sys [107808 2021-04-02] (Avast Software s.r.o. -> Logiciel AVAST)

R0 aswRvrt; C: Windows System32 drivers aswRvrt.sys [83368 2021-04-02] (Avast Software s.r.o. -> Logiciel AVAST)

R1 aswSnx; C: Windows System32 drivers aswSnx.sys [850120 2021-04-02] (Avast Software s.r.o. -> Logiciel AVAST)

R1 aswSP; C: Windows System32 drivers aswSP.sys [466696 2021-04-02] (Avast Software s.r.o. -> Logiciel AVAST)

R2 aswStm; C: Windows System32 drivers aswStm.sys [216376 2021-04-02] (Avast Software s.r.o. -> Logiciel AVAST)

R0 aswVmm; C: Windows System32 drivers aswVmm.sys [326976 2021-04-02] (Avast Software s.r.o. -> Logiciel AVAST)

R1 EneTechIo; C: Windows system32 drivers ene.sys [20992 2020-05-12] (Éditeur de compatibilité matérielle Microsoft Windows ->)

R1 ESProtectionDriver; C: Windows system32 drivers mbae64.sys [199128 2021-04-02] (Malwarebytes Inc -> Malwarebytes)

R2 LGCoreTemp; C: Program Files Logitech Gaming Software Drivers LgCoreTemp lgcoretemp.sys [14184 2015-06-21] (Logitech -> Logitech)

R3 LGJoyXlCore; C: Windows system32 drivers LGJoyXlCore.sys [67736 2018-10-05] (Logitech Inc. -> Logitech Inc.)

R2 MBAMChameleon; C: Windows System32 Drivers MbamChameleon.sys [220616 2021-04-02] (Malwarebytes Inc -> Malwarebytes)

S0 MbamElam; C: Windows System32 DRIVERS MbamElam.sys [19912 2021-04-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)

R3 MBAMFarflt; C: Windows System32 DRIVERS farflt.sys [198248 2021-04-03] (Malwarebytes Inc -> Malwarebytes)

R3 MBAMProtection; C: Windows system32 DRIVERS mbam.sys [77496 2021-04-03] (Malwarebytes Inc -> Malwarebytes)

R3 MBAMSwissArmy; C: Windows System32 Drivers mbamswissarmy.sys [248992 2021-04-02] (Malwarebytes Inc -> Malwarebytes)

Protection R3 MBAMWeb; C: Windows system32 DRIVERS mwac.sys [155360 2021-04-03] (Malwarebytes Inc -> Malwarebytes)

R1 MS10; C: Windows system32 drivers MsIo64.sys [17424 2020-01-19] (Éditeur de compatibilité matérielle Microsoft Windows -> MICSYS Technology Co., LTd)

R1 vgk; C: Program Files Riot Vanguard vgk.sys [6436768 2021-03-25] (Riot Games, Inc. -> Riot Games, Inc.)

S3 WdBoot; C: Windows system32 drivers wd WdBoot.sys [49560 2021-03-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)

S3 WdFilter; C: Windows system32 drivers wd WdFilter.sys [420072 2021-03-16] (Microsoft Windows -> Microsoft Corporation)

S3 WdNisDrv; C: Windows System32 drivers wd WdNisDrv.sys [72952 2021-03-16] (Microsoft Windows -> Microsoft Corporation)

U1 aswbdisk; pas d'ImagePath

S3 cpuz150; ?? C: Windows temp cpuz150 cpuz150_x64.sys [X]

===================== NetSvcs (approuvé) =====================

(Si une entrée est incluse dans la liste des correctifs, elle sera supprimée du registre. Le fichier ne sera pas déplacé sauf s'il est répertorié séparément.)

====================== Un mois (créé) (approuvé) =========

(Si une entrée est incluse dans la liste de correctifs, le fichier / dossier est déplacé.)

2021-04-03 02:27 – 2021-04-03 02:28 – 000024699 _____ C: Users PC Downloads FRST.txt

2021-04-03 02:27 – 2021-04-03 02:28 – 000000000 ____D C: FRST

2021-04-03 02:27 – 2021-04-03 02:27 – 002298368 _____ (Passable) C: Users PC Downloads FRST64.exe

2021-04-03 02:11 – 2021-04-03 02:11 – 000198248 _____ (Malwarebytes) C: Windows system32 Drivers farflt.sys

2021-04-03 02:11 – 2021-04-03 02:11 – 000155360 _____ (Malwarebytes) C: Windows system32 Drivers mwac.sys

2021-04-03 02:11 – 2021-04-03 02:11 – 000077496 _____ (Malwarebytes) C: Windows system32 Drivers mbam.sys

2021-04-03 02:11 – 2021-04-03 02:11 – 000000000 ____D C: Users PC AppData LocalLow IGDump

2021-04-03 01:55 – 2021-04-03 01:55 – 000448512 _____ (OldTimer Tools) C: Users PC Downloads TFC.exe

2021-04-02 22:07 – 2021-04-03 01:20 – 000000000 ____D C: Windows system32 Tasks Avast Software

2021-04-02 22:07 – 2021-04-02 22:07 – 000850120 _____ (logiciel AVAST) C: Windows system32 Drivers aswSnx.sys

2021-04-02 22:07 – 2021-04-02 22:07 – 000524416 _____ (logiciel AVAST) C: Windows system32 Drivers aswNetHub.sys

2021-04-02 22:07 – 2021-04-02 22:07 – 000466696 _____ (logiciel AVAST) C: Windows system32 Drivers aswSP.sys

2021-04-02 22:07 – 2021-04-02 22:07 – 000365520 _____ (logiciel AVAST) C: Windows system32 Drivers aswbidsdriver.sys

2021-04-02 22:07 – 2021-04-02 22:07 – 000339680 _____ (logiciel AVAST) C: Windows system32 aswBoot.exe

2021-04-02 22:07 – 2021-04-02 22:07 – 000326976 _____ (logiciel AVAST) C: Windows system32 Drivers aswVmm.sys

2021-04-02 22:07 – 2021-04-02 22:07 – 000250328 _____ (logiciel AVAST) C: Windows system32 Drivers aswbidsh.sys

2021-04-02 22:07 – 2021-04-02 22:07 – 000216376 _____ (logiciel AVAST) C: Windows system32 Drivers aswStm.sys

2021-04-02 22:07 – 2021-04-02 22:07 – 000208552 _____ (logiciel AVAST) C: Windows system32 Drivers aswArPot.sys

2021-04-02 22:07 – 2021-04-02 22:07 – 000177872 _____ (logiciel AVAST) C: Windows system32 Drivers aswMonFlt.sys

2021-04-02 22:07 – 2021-04-02 22:07 – 000107808 _____ (logiciel AVAST) C: Windows system32 Drivers aswRdr2.sys

2021-04-02 22:07 – 2021-04-02 22:07 – 000099288 _____ (logiciel AVAST) C: Windows system32 Drivers aswbuniv.sys

2021-04-02 22:07 – 2021-04-02 22:07 – 000083368 _____ (AVAST-programvare) C: Windows system32 Drivers aswRvrt.sys

2021-04-02 22:07 – 2021-04-02 22:07 – 000041304 _____ (AVAST-programvare) C: Windows system32 Drivers aswKbd.sys

2021-04-02 22:07 – 2021-04-02 22:07 – 000035680 _____ (AVAST-programvare) C: Windows system32 Drivers aswArDisk.sys

2021-04-02 22:07 – 2021-04-02 22:07 – 000016832 _____ (AVAST-programvare) C: Windows system32 Drivers aswElam.sys

2021-04-02 22:07 – 2021-04-02 22:07 – 000003990 _____ C: Windows system32 Tasks Avast Emergency Update

2021-04-02 22:07 – 2021-04-02 22:07 – 000002160 _____ C: ProgramData Microsoft Windows Startmeny Programmer Avast Free Antivirus.lnk

2021-04-02 22:07 – 2021-04-02 22:07 – 000002148 _____ C: ProgramData Desktop Avast Free Antivirus.lnk

2021-04-02 22:07 – 2021-04-02 22:07 – 000000000 ____D C: Users PC AppData Roaming Avast Software

2021-04-02 22:07 – 2021-04-02 22:07 – 000000000 ____D C: Program Files Common Files Avast Software

2021-04-02 22:07 – 2021-04-02 22:07 – 000000000 ____D C: Program Files Avast Software

2021-04-02 22:06 – 2021-04-03 02:18 – 000000000 ____D C: ProgramData Avast Software

2021-04-02 22:06 – 2021-04-02 22:06 – 000220392 _____ (AVAST-programvare) C: Brukere PC Nedlastinger avast_free_antivirus_setup_online.exe

2021-04-02 21:58 – 2021-04-02 22:03 – 000000000 ____D C: Brukere PC Desktop mbar

2021-04-02 21:58 – 2021-04-02 22:03 – 000000000 ____D C: ProgramData Malwarebytes &#39;Anti-Malware (bærbar)

2021-04-02 21:58 – 2021-04-02 21:58 – 014178840 _____ (Malwarebytes Corp.) C: Users PC Downloads mbar-1.10.3.1001.exe

2021-04-02 21:58 – 2021-04-02 21:58 – 000255928 _____ (Malwarebytes) C: Windows system32 Drivers 7179159B.sys

2021-04-02 20:53 – 2021-04-02 21:58 – 000000000 ____D C: ProgramData Malwarebytes

2021-04-02 20:53 – 2021-04-02 20:53 – 002084016 _____ (Malwarebytes) C:UsersPCDownloadsMBSetup.exe

2021-04-02 20:53 – 2021-04-02 20:53 – 002084016 _____ (Malwarebytes) C:UsersPCDownloadsMBSetup (1).exe

2021-04-02 20:53 – 2021-04-02 20:53 – 000248992 _____ (Malwarebytes) C:Windowssystem32Driversmbamswissarmy.sys

2021-04-02 20:53 – 2021-04-02 20:53 – 000220616 _____ (Malwarebytes) C:Windowssystem32DriversMbamChameleon.sys

2021-04-02 20:53 – 2021-04-02 20:53 – 000199128 _____ (Malwarebytes) C:Windowssystem32Driversmbae64.sys

2021-04-02 20:53 – 2021-04-02 20:53 – 000019912 _____ (Malwarebytes) C:Windowssystem32DriversMbamElam.sys

2021-04-02 20:53 – 2021-04-02 20:53 – 000002033 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsMalwarebytes.lnk

2021-04-02 20:53 – 2021-04-02 20:53 – 000002021 _____ C:ProgramDataDesktopMalwarebytes.lnk

2021-04-02 20:53 – 2021-04-02 20:53 – 000000000 ____D C:UsersPCAppDataLocalmbam

2021-04-02 20:53 – 2021-04-02 20:53 – 000000000 ____D C:Program FilesMalwarebytes

2021-04-02 20:51 – 2021-04-02 20:51 – 000000000 ____D C:UsersPCAppDataRoamingTeams

2021-04-02 20:16 – 2021-04-02 20:16 – 001444374 _____ C:UsersPCDownloadsSearch Engine Optimization PowerPoint Templates.pptx

2021-04-02 18:05 – 2021-04-02 18:05 – 000314680 _____ C:UsersPCDownloads1617273526876022271_Order__LE1616549610166661.zip

2021-04-02 18:05 – 2021-04-02 18:05 – 000000000 ____D C:UsersPCDownloads1617273526876022271_Order__LE1616549610166661

2021-04-02 13:19 – 2021-04-02 13:19 – 000332822 _____ C:UsersPCDownloadsSCORE_Financial_Projections_Spreadsheet_Feb2020.xlsx

2021-04-02 13:07 – 2021-04-02 13:07 – 000000000 ____D C:UsersPCAppDataRoamingG.SKILL

2021-04-02 13:05 – 2021-04-02 13:05 – 003657432 _____ C:UsersPCDownloadsG.SKILL-Trident-Z-Lighting-Control-v1.00.22.zip

2021-04-02 13:05 – 2021-04-02 13:05 – 000001320 _____ C:ProgramDataDesktopG.SKILL Trident Z Lighting Control.lnk

2021-04-02 13:05 – 2021-04-02 13:05 – 000000000 ____D C:UsersPCDownloadsG.SKILL-Trident-Z-Lighting-Control-v1.00.22

2021-04-02 13:05 – 2021-04-02 13:05 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsG.SKILL

2021-04-02 13:05 – 2021-04-02 13:05 – 000000000 ____D C:Program FilesENE

2021-04-02 13:05 – 2021-04-02 13:05 – 000000000 ____D C:Program Files (x86)G.SKILL

2021-04-02 13:05 – 2021-04-02 13:05 – 000000000 ____D C:Program Files (x86)ENE

2021-04-02 13:05 – 2020-05-12 01:28 – 000020992 _____ C:Windowssystem32Driversene.sys

2021-04-02 01:24 – 2021-04-02 01:25 – 000000000 ____D C:ProgramDataWondershare

2021-04-02 01:24 – 2021-04-02 01:24 – 000000016 _____ C:ProgramDatamntemp

2021-04-02 01:23 – 2021-04-02 01:29 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsWondershare

2021-04-02 01:23 – 2021-04-02 01:23 – 000000000 ____D C:UsersPCAppDataLocalWondershare

2021-04-02 01:22 – 2021-04-02 01:29 – 000000000 ____D C:Program FilesWondershare

2021-04-02 01:22 – 2021-04-02 01:23 – 000000000 ____D C:ProgramDataDocumentsWondershare

2021-04-02 01:22 – 2021-04-02 01:22 – 001113520 _____ C:UsersPCDownloadsfilmora_setup_full846.exe

2021-04-02 01:22 – 2021-04-02 01:22 – 000000000 ____D C:UsersPCDocumentsWondershare

2021-04-02 01:19 – 2021-04-02 01:19 – 001105549 _____ C:UsersPCDownloadsheadphone-doughnut-cream-cartoon-illustration-flat-cartoon-style.zip

2021-04-02 01:19 – 2021-04-02 01:19 – 000000000 ____D C:UsersPCDownloadsheadphone-doughnut-cream-cartoon-illustration-flat-cartoon-style

2021-03-31 16:01 – 2021-03-31 16:01 – 001319136 _____ (CPUID, Inc. ) C:UsersPCDownloadshwmonitor_1.43.exe

2021-03-31 16:01 – 2021-03-31 16:01 – 000000975 _____ C:ProgramDataDesktopCPUID HWMonitor.lnk

2021-03-31 16:01 – 2021-03-31 16:01 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsCPUID

2021-03-31 16:01 – 2021-03-31 16:01 – 000000000 ____D C:Program FilesCPUID

2021-03-31 15:51 – 2021-03-31 15:51 – 000000000 ____D C:UsersPCAppDataLocalcFos

2021-03-31 15:45 – 2021-03-31 15:49 – 000524168 _____ C:Windowsntbtlog.txt

2021-03-31 15:45 – 2021-03-31 15:45 – 000000214 _____ C:WindowsTasksCreateExplorerShellUnelevatedTask.job

2021-03-29 17:50 – 2021-03-29 17:50 – 000012579 _____ C:UsersPCDownloads1616151780373415690_DUE_20th_L_cashflow___LE1614900459162742.xlsx

2021-03-29 17:30 – 2021-03-29 17:30 – 000012735 _____ C:UsersPCDownloads1616151724731154133_DUE_20th_L_cashflow___LE1614894344162577.xlsx

2021-03-27 20:59 – 2021-03-27 20:59 – 000343225 _____ C:UsersPCDownloadsmna.xlsx

2021-03-27 16:53 – 2021-03-27 16:53 – 000044058 _____ C:UsersPCDownloadsmnaquality.com-organic-keywords-subdomains-CA-27-Mar-2021_20-52-39-7fb2f2d0af2b37018de7f6548304562d.csv

2021-03-26 23:51 – 2021-03-27 00:06 – 000000000 ____D C:UsersPCAppDataLocalLogitech

2021-03-26 23:49 – 2021-03-26 23:50 – 000000000 ____D C:Program FilesLogitech Gaming Software

2021-03-26 23:48 – 2021-03-26 23:49 – 125871888 _____ (Logitech Inc.) C:UsersPCDownloadsLGS_9.02.65_x64_Logitech.exe

2021-03-26 23:42 – 2021-03-26 23:42 – 001304160 _____ (Google LLC) C:UsersPCDownloadsChromeSetup.exe

2021-03-26 20:15 – 2021-03-26 20:15 – 000003212 _____ C:UsersPCDownloadsincompleteImages.csv

2021-03-25 12:36 – 2021-03-25 12:36 – 000001685 _____ C:UsersPCDownloadshttp___www.mnaquality.com_-Performance-on-Search-2021-03-25.zip

2021-03-24 20:34 – 2021-03-24 20:36 – 000000000 ____D C:UsersPCAppDataRoamingvlc

2021-03-24 20:34 – 2021-03-24 20:34 – 019038148 _____ C:UsersPCDownloadsRE26498addba26b37dfcdc768619ce9695.wav

2021-03-24 16:00 – 2021-04-03 02:11 – 000000000 ____D C:Program Files (x86)TeamViewer

2021-03-24 16:00 – 2021-03-24 16:06 – 000000000 ____D C:UsersPCAppDataRoamingTeamViewer

2021-03-24 16:00 – 2021-03-24 16:00 – 000001112 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsTeamViewer.lnk

2021-03-24 16:00 – 2021-03-24 16:00 – 000001100 _____ C:ProgramDataDesktopTeamViewer.lnk

2021-03-24 16:00 – 2021-03-24 16:00 – 000000000 ____D C:UsersPCAppDataLocalTeamViewer

2021-03-24 15:59 – 2021-03-24 16:00 – 029028008 _____ (TeamViewer Germany GmbH) C:UsersPCDownloadsTeamViewer_Setup.exe

2021-03-24 13:03 – 2021-03-24 13:03 – 013189337 _____ C:UsersPCDownloadsMARK453_Ch13_PublicRelations-S.pptx

2021-03-24 13:03 – 2021-03-24 13:03 – 006221265 _____ C:UsersPCDownloadsMARK453_Ch11_DirectRepsonse.pptx

2021-03-23 20:58 – 2021-03-23 20:58 – 000362695 _____ C:UsersPCDownloadsColor-revisionv5.ai

2021-03-23 20:16 – 2021-03-23 20:16 – 013182874 _____ C:UsersPCDownloadsColor-revisionv5.eps

2021-03-23 20:11 – 2021-03-23 20:11 – 000000000 ____D C:UsersPCDocumentsCustom Office Templates

2021-03-23 19:37 – 2021-03-23 19:37 – 000000380 _____ C:UsersPCDownloadsagile consulting services.txt

2021-03-23 19:21 – 2021-03-23 19:21 – 000000000 ____D C:UsersPCDownloadsseotoolsland new

2021-03-23 19:20 – 2021-03-23 19:20 – 000262792 _____ C:UsersPCDownloadsseotoolsland new.zip

2021-03-23 18:51 – 2021-03-26 22:04 – 000000079 _____ C:UsersPCDocumentsMM PW.txt

2021-03-23 16:39 – 2021-03-23 16:39 – 000327750 _____ C:UsersPCDownloads6A5D4B28-5E7A-4C7E-8CDF-756A446EAB7A.jpeg

2021-03-23 16:39 – 2021-03-23 16:39 – 000002637 _____ C:UsersPCDesktopSnapdrop.lnk

2021-03-23 16:39 – 2021-03-23 16:39 – 000000000 ____D C:UsersPCAppDataRoamingMicrosoftWindowsStart MenuProgramsChrome Apps

2021-03-23 15:00 – 2021-03-23 15:00 – 000000000 ____D C:UsersPCDocumentsZoom

2021-03-23 14:59 – 2021-04-02 20:52 – 000000000 ____D C:UsersPCAppDataRoamingZoom

2021-03-23 14:59 – 2021-03-23 14:59 – 000000000 ____D C:UsersPCAppDataRoamingMicrosoftWindowsStart MenuProgramsZoom

2021-03-22 21:43 – 2021-03-22 21:43 – 000031500 _____ C:UsersPCDownloads2962016 IndustriTAG by GA International – Month 1 – updated .xlsx

2021-03-22 21:41 – 2021-03-22 21:41 – 000113683 _____ C:UsersPCDownloads2965699 IndustriTAG by GA International – BRAND LINKS  .xlsx

2021-03-22 21:39 – 2021-03-22 21:39 – 000030858 _____ C:UsersPCDownloads2969165 PIXCELL-Brand Links.xlsx

2021-03-22 21:01 – 2021-03-22 21:01 – 000138340 _____ C:UsersPCDownloads16161735182085462362_LE1614896902162556_DFN_Social_Signals_Report_532.pdf

2021-03-22 21:00 – 2021-03-22 21:00 – 000138624 _____ C:UsersPCDownloads16161735182101573722_LE1614896902162556_DFN_Social_Signals_Report_535.pdf

2021-03-21 22:10 – 2021-03-31 16:43 – 000000000 ____D C:UsersPCAppDataLocalCrashDumps

2021-03-21 00:50 – 2021-04-03 02:12 – 000000000 ____D C:UsersPCAppDataRoamingBlitz

2021-03-21 00:50 – 2021-03-25 11:22 – 000000000 ____D C:UsersPCAppDataLocalblitz-updater

2021-03-21 00:50 – 2021-03-21 00:50 – 000002230 _____ C:UsersPCAppDataRoamingMicrosoftWindowsStart MenuProgramsBlitz.lnk

2021-03-21 00:50 – 2021-03-21 00:50 – 000002222 _____ C:UsersPCDesktopBlitz.lnk

2021-03-21 00:49 – 2021-03-21 00:50 – 064373632 _____ (Blitz, Inc.) C:UsersPCDownloadsBlitz-1.13.141.exe

2021-03-21 00:16 – 2021-03-21 00:16 – 127203936 _____ (NVIDIA Corporation New) C:UsersPCDownloadsGeForce_Experience_v3.21.0.36.exe

2021-03-21 00:14 – 2021-01-24 23:38 – 000070896 _____ C:Windowssystem32FvSDK_x64.dll

2021-03-21 00:14 – 2021-01-24 23:38 – 000059632 _____ C:WindowsSysWOW64FvSDK_x86.dll

2021-03-21 00:11 – 2021-03-26 23:49 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsLogitech

2021-03-21 00:11 – 2021-03-21 00:11 – 000000000 ____D C:UsersPCAppDataLocalDeployment

2021-03-21 00:11 – 2021-03-21 00:11 – 000000000 ____D C:UsersPCAppDataLocalApps2.0

2021-03-21 00:11 – 2021-03-21 00:11 – 000000000 ____D C:Program FilesLogitech

2021-03-21 00:11 – 2021-03-21 00:11 – 000000000 ____D C:Program FilesCommon FilesAdobe

2021-03-21 00:11 – 2021-03-21 00:11 – 000000000 ____D C:Program FilesAdobe

2021-03-20 22:37 – 2021-04-02 20:49 – 000000000 ____D C:UsersPCAppDataRoamingobs-studio

2021-03-20 22:37 – 2021-03-20 22:37 – 000001052 _____ C:ProgramDataDesktopOBS Studio.lnk

2021-03-20 22:37 – 2021-03-20 22:37 – 000000000 ____D C:ProgramDataobs-studio-hook

2021-03-20 22:37 – 2021-03-20 22:37 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsOBS Studio

2021-03-20 22:37 – 2021-03-20 22:37 – 000000000 ____D C:Program Filesobs-studio

2021-03-20 22:36 – 2021-03-20 22:36 – 075607864 _____ (obsproject.com) C:UsersPCDownloadsOBS-Studio-26.1.1-Full-Installer-x64.exe

2021-03-20 16:34 – 2021-04-02 20:49 – 000000000 ____D C:UsersPCAppDataRoamingMozilla

2021-03-20 16:34 – 2021-04-02 13:32 – 000000000 ____D C:UsersPCAppDataLocalLowMozilla

2021-03-20 16:34 – 2021-04-02 13:26 – 000000000 ____D C:ProgramDataMozilla

2021-03-20 16:34 – 2021-03-20 16:34 – 000332960 _____ (Mozilla) C:UsersPCDownloadsFirefox Installer.exe

2021-03-20 16:34 – 2021-03-20 16:34 – 000001005 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsFirefox.lnk

2021-03-20 16:34 – 2021-03-20 16:34 – 000000993 _____ C:ProgramDataDesktopFirefox.lnk

2021-03-20 16:34 – 2021-03-20 16:34 – 000000000 ____D C:Windowssystem32TasksMozilla

2021-03-20 16:34 – 2021-03-20 16:34 – 000000000 ____D C:UsersPCAppDataLocalMozilla

2021-03-20 16:34 – 2021-03-20 16:34 – 000000000 ____D C:Program FilesMozilla Firefox

2021-03-20 16:34 – 2021-03-20 16:34 – 000000000 ____D C:Program Files (x86)Mozilla Maintenance Service

2021-03-20 01:18 – 2021-03-20 01:18 – 007391632 _____ (TechPowerUp (www.techpowerup.com)) C:UsersPCDownloadsGPU-Z.2.38.0.exe

2021-03-20 01:18 – 2021-03-20 01:18 – 000001044 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsTechPowerUp GPU-Z.lnk

2021-03-20 01:18 – 2021-03-20 01:18 – 000001032 _____ C:ProgramDataDesktopTechPowerUp GPU-Z.lnk

2021-03-20 01:18 – 2021-03-20 01:18 – 000000000 ____D C:UsersPCAppDataRoamingNVIDIA

2021-03-20 01:18 – 2021-03-20 01:18 – 000000000 ____D C:Program Files (x86)GPU-Z

2021-03-20 01:13 – 2021-03-20 01:13 – 000000000 ___HD C:OneDriveTemp

2021-03-19 21:55 – 2021-03-19 21:55 – 001768263 _____ C:UsersPCDownloadsAd Creatives-20210317T040936Z-001.zip

2021-03-19 19:50 – 2021-03-19 19:51 – 000000000 ____D C:UsersPCDownloadsCabinets

2021-03-19 19:50 – 2021-03-19 19:50 – 003324304 _____ (Alexander Roshal) C:UsersPCDownloadswinrar-x64-600.exe

2021-03-19 19:50 – 2021-03-19 19:50 – 000000000 ____D C:UsersPCAppDataRoamingWinRAR

2021-03-19 19:50 – 2021-03-19 19:50 – 000000000 ____D C:UsersPCAppDataRoamingMicrosoftWindowsStart MenuProgramsWinRAR

2021-03-19 19:50 – 2021-03-19 19:50 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsWinRAR

2021-03-19 19:50 – 2021-03-19 19:50 – 000000000 ____D C:Program FilesWinRAR

2021-03-19 19:49 – 2021-03-19 19:50 – 041655091 _____ C:UsersPCDownloadsCabinets.zip

2021-03-19 18:45 – 2021-03-19 18:45 – 000001299 _____ C:UsersPCAppDataRoamingMicrosoftWindowsStart MenuProgramsUptimized.lnk

2021-03-19 18:44 – 2021-03-19 18:45 – 000001163 _____ C:UsersPCDesktopUptimized.lnk

2021-03-19 18:38 – 2021-04-03 02:11 – 000000000 ___RD C:UsersPCUptimized

2021-03-19 18:34 – 2021-03-19 18:34 – 000002073 _____ C:ProgramDataDesktopGoogle Slides.lnk

2021-03-19 18:34 – 2021-03-19 18:34 – 000002071 _____ C:ProgramDataDesktopGoogle Sheets.lnk

2021-03-19 18:34 – 2021-03-19 18:34 – 000002061 _____ C:ProgramDataDesktopGoogle Docs.lnk

2021-03-19 18:34 – 2021-03-19 18:34 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsBackup and Sync from Google

2021-03-19 18:33 – 2021-03-19 18:33 – 001304160 _____ (Google LLC) C:UsersPCDownloadsinstallbackupandsync.exe

2021-03-19 17:35 – 2021-03-19 17:35 – 001683576 _____ C:UsersPCDownloadsKasselwood Fabricators.zip

2021-03-19 17:28 – 2021-04-01 21:13 – 000000000 ____D C:UsersPCAppDataLocalWhatsApp

2021-03-19 17:28 – 2021-03-19 17:28 – 129598664 _____ (WhatsApp) C:UsersPCDownloadsWhatsAppSetup (1).exe

2021-03-19 17:23 – 2021-03-25 11:53 – 000002349 _____ C:UsersPCAppDataRoamingMicrosoftWindowsStart MenuProgramsMicrosoft Teams.lnk

2021-03-19 17:23 – 2021-03-25 11:53 – 000002341 _____ C:UsersPCDesktopMicrosoft Teams.lnk

2021-03-19 15:29 – 2021-03-19 15:30 – 000000000 ____D C:WindowsSysWOW64directx

2021-03-19 15:29 – 2021-03-19 15:29 – 060593608 _____ C:UsersPCDownloadsEVGA_Precision_X1_1.1.7.0.zip

2021-03-19 15:29 – 2021-03-19 15:29 – 000001018 _____ C:UsersPCDesktopEVGA Precision X1.lnk

2021-03-19 15:29 – 2021-03-19 15:29 – 000000000 ____D C:UsersPCAppDataRoamingMicrosoftWindowsStart MenuProgramsEVGA

2021-03-19 15:29 – 2021-03-19 15:29 – 000000000 ____D C:UsersPCAppDataRoamingEVGA

2021-03-19 15:29 – 2021-03-19 15:29 – 000000000 ____D C:UsersPCAppDataLocalEVGA_Co.,_Ltd

2021-03-19 15:29 – 2021-03-19 15:29 – 000000000 ____D C:Program FilesEVGA

2021-03-19 15:29 – 2021-03-19 15:29 – 000000000 ____D C:Program Files (x86)EVGA

2021-03-19 14:27 – 2021-03-19 14:27 – 000002493 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsWord.lnk

2021-03-19 14:27 – 2021-03-19 14:27 – 000002492 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsPowerPoint.lnk

2021-03-19 14:27 – 2021-03-19 14:27 – 000002455 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsExcel.lnk

2021-03-19 14:27 – 2021-03-19 14:27 – 000002449 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsOutlook.lnk

2021-03-19 14:27 – 2021-03-19 14:27 – 000002435 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsOneNote.lnk

2021-03-19 14:27 – 2021-03-19 14:27 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsMicrosoft Office Tools

2021-03-19 14:25 – 2021-03-22 20:22 – 000000000 ____D C:Program Files (x86)Microsoft Office

2021-03-19 14:25 – 2021-03-19 14:25 – 000000000 ____D C:Program FilesMicrosoft Office 15

2021-03-19 14:14 – 2021-04-02 22:39 – 000000000 ____D C:UsersPCAppDataRoamingWhatsApp

2021-03-19 14:14 – 2021-03-19 17:28 – 000002182 _____ C:UsersPCDesktopWhatsApp.lnk

2021-03-19 14:14 – 2021-03-19 17:28 – 000000000 ____D C:UsersPCAppDataRoamingMicrosoftWindowsStart MenuProgramsWhatsApp

2021-03-19 14:14 – 2021-03-19 14:14 – 129598664 _____ (WhatsApp) C:UsersPCDownloadsWhatsAppSetup.exe

2021-03-19 01:31 – 2021-03-19 01:31 – 000000000 ____D C:UsersPCDocumentsLeague of Legends

2021-03-19 01:30 – 2021-03-19 01:30 – 000000000 ____D C:Program FilesReference Assemblies

2021-03-19 01:30 – 2021-03-19 01:30 – 000000000 ____D C:Program FilesMSBuild

2021-03-19 01:30 – 2021-03-19 01:30 – 000000000 ____D C:Program Files (x86)Reference Assemblies

2021-03-19 01:30 – 2021-03-19 01:30 – 000000000 ____D C:Program Files (x86)MSBuild

2021-03-19 01:29 – 2021-03-19 01:31 – 000001681 _____ C:ProgramDataDesktopLeague of Legends.lnk

2021-03-19 01:29 – 2021-03-19 01:29 – 069423360 _____ (Riot Games, Inc.) C:UsersPCDownloadsInstall League of Legends na.exe

2021-03-17 18:16 – 2021-04-02 20:49 – 000000000 ____D C:UsersPCAppDataRoamingL-Connect

2021-03-17 18:16 – 2021-03-17 18:16 – 000001214 _____ C:ProgramDataDesktopL-Connect.lnk

2021-03-17 18:16 – 2021-03-17 18:16 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsL-Connect

2021-03-17 18:16 – 2021-03-17 18:16 – 000000000 ____D C:Program Files (x86)LIAN_LI

2021-03-17 18:15 – 2021-03-17 18:15 – 064397328 _____ C:UsersPCDownloadsL-connect.zip

2021-03-17 12:56 – 2021-03-17 12:56 – 000000000 ____D C:Program FilesUNP

2021-03-16 22:36 – 2021-04-03 02:10 – 000000000 ____D C:UsersPCAppDataRoamingdiscord

2021-03-16 22:36 – 2021-04-03 02:02 – 000000000 ____D C:UsersPCAppDataLocalDiscord

2021-03-16 22:36 – 2021-03-19 17:28 – 000000000 ____D C:UsersPCAppDataLocalSquirrelTemp

2021-03-16 22:36 – 2021-03-16 22:36 – 068822328 _____ (Discord Inc.) C:UsersPCDownloadsDiscordSetup.exe

2021-03-16 22:36 – 2021-03-16 22:36 – 000002212 _____ C:UsersPCDesktopDiscord.lnk

2021-03-16 22:36 – 2021-03-16 22:36 – 000000000 ____D C:UsersPCAppDataRoamingMicrosoftWindowsStart MenuProgramsDiscord Inc

2021-03-16 21:09 – 2021-03-26 23:51 – 000000000 ____D C:ProgramDataLogishrd

2021-03-16 21:09 – 2021-03-26 23:49 – 000000000 ____D C:UsersPCAppDataRoamingLogishrd

2021-03-16 21:09 – 2021-03-16 21:09 – 000000000 ____D C:UsersPCAppDataLocalVALORANT

2021-03-16 21:09 – 2021-03-16 21:09 – 000000000 ____D C:UsersPCAppDataLocalUnrealEngine

2021-03-16 21:08 – 2021-04-03 02:14 – 000000001 _____ C:Windowsvgkbootstatus.dat

2021-03-16 21:07 – 2021-03-16 21:07 – 024184792 _____ (Intel Corporation) C:UsersPCDownloadsWiFi_22.30.0_Driver64_Win10.exe

2021-03-16 21:07 – 2021-03-16 21:07 – 000000000 ____D C:Program FilesIntel

2021-03-16 21:02 – 2021-03-27 13:15 – 000002421 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsMicrosoft Edge.lnk

2021-03-16 21:02 – 2021-03-27 13:15 – 000002259 _____ C:ProgramDataDesktopMicrosoft Edge.lnk

2021-03-16 20:46 – 2021-04-01 23:10 – 000000000 ____D C:MSI

2021-03-16 20:46 – 2021-04-01 23:09 – 000152130 _____ C:WindowscFosSpeed_Setup_Log.txt

2021-03-16 20:46 – 2021-04-01 23:09 – 000000000 ____D C:Program FilescFosSpeed

2021-03-16 20:46 – 2021-03-16 20:46 – 000000000 ____D C:UsersPCAppDataLocalDownloaded Installations

2021-03-16 20:46 – 2021-03-16 20:46 – 000000000 ____D C:ProgramDatacFos

2021-03-16 20:46 – 2020-01-19 19:49 – 000017424 _____ (MICSYS Technology Co., LTd) C:Windowssystem32DriversMsIo64.sys

2021-03-16 20:46 – 2020-01-19 19:49 – 000017424 _____ (MICSYS Technology Co., LTd) C:Windowssystem32DriversMsIo64.old

2021-03-16 20:44 – 2021-03-16 20:47 – 000000000 ____D C:ProgramDataMSI

2021-03-16 20:36 – 2021-03-16 20:36 – 000000000 ___HD C:UsersPCMicrosoftEdgeBackups

2021-03-16 20:35 – 2021-03-16 20:37 – 549610195 _____ C:UsersPCDownloadsDragon_Center_2.0.103.0.zip

2021-03-16 20:32 – 2021-03-26 23:51 – 000000000 ____D C:Program FilesRiot Vanguard

2021-03-16 20:32 – 2021-03-19 01:29 – 000000000 ____D C:Riot Games

2021-03-16 20:32 – 2021-03-19 01:29 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsRiot Games

2021-03-16 20:32 – 2021-03-16 20:43 – 000001627 _____ C:ProgramDataDesktopVALORANT.lnk

2021-03-16 20:31 – 2021-04-03 00:06 – 000000000 ____D C:ProgramDataRiot Games

2021-03-16 20:31 – 2021-03-19 01:31 – 000000000 ____D C:UsersPCAppDataLocalRiot Games

2021-03-16 20:31 – 2021-03-16 20:31 – 068746984 _____ (Riot Games, Inc.) C:UsersPCDownloadsInstall VALORANT.exe

2021-03-16 20:15 – 2021-04-01 21:58 – 000000000 ____D C:UsersPCAppDataLocalD3DSCache

2021-03-16 11:16 – 2021-03-18 21:35 – 000000000 ____D C:WindowsPanther

2021-03-16 11:14 – 2021-03-16 11:14 – 000000315 _____ C:Windowssystem32DrtmAuth9.bin

2021-03-16 11:14 – 2021-03-16 11:14 – 000000315 _____ C:Windowssystem32DrtmAuth8.bin

2021-03-16 11:14 – 2021-03-16 11:14 – 000000315 _____ C:Windowssystem32DrtmAuth7.bin

2021-03-16 11:14 – 2021-03-16 11:14 – 000000315 _____ C:Windowssystem32DrtmAuth6.bin

2021-03-16 11:14 – 2021-03-16 11:14 – 000000315 _____ C:Windowssystem32DrtmAuth5.bin

2021-03-16 11:14 – 2021-03-16 11:14 – 000000315 _____ C:Windowssystem32DrtmAuth4.bin

2021-03-16 11:14 – 2021-03-16 11:14 – 000000315 _____ C:Windowssystem32DrtmAuth3.bin

2021-03-16 11:14 – 2021-03-16 11:14 – 000000315 _____ C:Windowssystem32DrtmAuth2.bin

2021-03-16 11:14 – 2021-03-16 11:14 – 000000315 _____ C:Windowssystem32DrtmAuth18.bin

2021-03-16 11:14 – 2021-03-16 11:14 – 000000315 _____ C:Windowssystem32DrtmAuth17.bin

2021-03-16 11:14 – 2021-03-16 11:14 – 000000315 _____ C:Windowssystem32DrtmAuth16.bin

2021-03-16 11:14 – 2021-03-16 11:14 – 000000315 _____ C:Windowssystem32DrtmAuth15.bin

2021-03-16 11:14 – 2021-03-16 11:14 – 000000315 _____ C:Windowssystem32DrtmAuth12.bin

2021-03-16 11:14 – 2021-03-16 11:14 – 000000315 _____ C:Windowssystem32DrtmAuth11.bin

2021-03-16 11:14 – 2021-03-16 11:14 – 000000315 _____ C:Windowssystem32DrtmAuth10.bin

2021-03-16 11:14 – 2021-03-16 11:14 – 000000315 _____ C:Windowssystem32DrtmAuth1.bin

2021-03-16 11:10 – 2021-03-19 18:34 – 000000000 ____D C:UsersPCAppDataLocalGoogle

2021-03-16 11:10 – 2021-03-16 11:10 – 000000000 ____D C:UsersPCansel

2021-03-16 11:08 – 2021-03-16 11:08 – 000000000 ____D C:ProgramDatassh

2021-03-16 11:08 – 2021-03-16 11:08 – 000000000 ____D C:Program FilesMicrosoft Update Health Tools

2021-03-16 11:07 – 2021-03-16 11:07 – 000000000 ____D C:Windowssystem32MRT

2021-03-16 11:03 – 2021-03-16 11:03 – 003860832 _____ (Microsoft Corporation) C:WindowsSysWOW64rtmpltfm.dll

2021-03-16 11:03 – 2021-03-16 11:03 – 002755584 _____ (Microsoft Corporation) C:WindowsSysWOW64mshtml.tlb

2021-03-16 11:03 – 2021-03-16 11:03 – 002755584 _____ (Microsoft Corporation) C:Windowssystem32mshtml.tlb

2021-03-16 11:03 – 2021-03-16 11:03 – 002045952 _____ C:Windowssystem32rdpnano.dll

2021-03-16 11:03 – 2021-03-16 11:03 – 001282360 _____ (Microsoft Corporation) C:Windowssystem32SecConfig.efi

2021-03-16 11:03 – 2021-03-16 11:03 – 000980320 _____ (Microsoft Corporation) C:WindowsSysWOW64rtmpal.dll

2021-03-16 11:03 – 2021-03-16 11:03 – 000915296 _____ (Microsoft Corporation) C:WindowsSysWOW64rtmcodecs.dll

2021-03-16 11:03 – 2021-03-16 11:03 – 000732000 _____ (Microsoft Corporation) C:WindowsSysWOW64ortcengine.dll

2021-03-16 11:03 – 2021-03-16 11:03 – 000696832 _____ (Microsoft Corporation) C:Windowssystem32hhctrl.ocx

2021-03-16 11:03 – 2021-03-16 11:03 – 000576512 _____ (Microsoft Corporation) C:WindowsSysWOW64hhctrl.ocx

2021-03-16 11:03 – 2021-03-16 11:03 – 000568320 _____ (Microsoft Corporation) C:Windowssystem32PhotoScreensaver.scr

2021-03-16 11:03 – 2021-03-16 11:03 – 000555008 _____ (Microsoft Corporation) C:Windowssystem32appwiz.cpl

2021-03-16 11:03 – 2021-03-16 11:03 – 000500736 _____ (Microsoft Corporation) C:Windowssystem32inetcpl.cpl

2021-03-16 11:03 – 2021-03-16 11:03 – 000500224 _____ (Microsoft Corporation) C:WindowsSysWOW64PhotoScreensaver.scr

2021-03-16 11:03 – 2021-03-16 11:03 – 000458240 _____ (Microsoft Corporation) C:WindowsSysWOW64mmsys.cpl

2021-03-16 11:03 – 2021-03-16 11:03 – 000455680 _____ (Microsoft Corporation) C:WindowsSysWOW64appwiz.cpl

2021-03-16 11:03 – 2021-03-16 11:03 – 000421376 _____ (Microsoft Corporation) C:WindowsSysWOW64inetcpl.cpl

2021-03-16 11:03 – 2021-03-16 11:03 – 000294912 _____ (Microsoft Corporation) C:Windowssystem32ksproxy.ax

2021-03-16 11:03 – 2021-03-16 11:03 – 000259584 _____ (Microsoft Corporation) C:Windowssystem32mpg2splt.ax

2021-03-16 11:03 – 2021-03-16 11:03 – 000249856 _____ (Gracenote, Inc.) C:WindowsSysWOW64gnsdk_fp.dll

2021-03-16 11:03 – 2021-03-16 11:03 – 000233472 _____ (Microsoft Corporation) C:WindowsSysWOW64ksproxy.ax

2021-03-16 11:03 – 2021-03-16 11:03 – 000217600 _____ (Microsoft Corporation) C:WindowsSysWOW64bthprops.cpl

2021-03-16 11:03 – 2021-03-16 11:03 – 000204800 _____ (Microsoft Corporation) C:WindowsSysWOW64mpg2splt.ax

2021-03-16 11:03 – 2021-03-16 11:03 – 000171008 _____ C:Windowssystem32FsNVSDeviceSource.dll

2021-03-16 11:03 – 2021-03-16 11:03 – 000168448 _____ (Microsoft Corporation) C:Windowssystem32VBICodec.ax

2021-03-16 11:03 – 2021-03-16 11:03 – 000167424 _____ (Microsoft Corporation) C:WindowsSysWOW64intl.cpl

2021-03-16 11:03 – 2021-03-16 11:03 – 000135168 _____ (Microsoft Corporation) C:WindowsSysWOW64VBICodec.ax

2021-03-16 11:03 – 2021-03-16 11:03 – 000100864 _____ (Microsoft Corporation) C:WindowsSysWOW64ncpa.cpl

2021-03-16 11:03 – 2021-03-16 11:03 – 000094720 _____ C:Windowssystem32VirtualMonitorManager.dll

2021-03-16 11:03 – 2021-03-16 11:03 – 000086016 _____ (Microsoft Corporation) C:Windowssystem32tdc.ocx

2021-03-16 11:03 – 2021-03-16 11:03 – 000083968 _____ (Microsoft Corporation) C:Windowssystem32wscui.cpl

2021-03-16 11:03 – 2021-03-16 11:03 – 000072704 _____ (Microsoft Corporation) C:WindowsSysWOW64tdc.ocx

2021-03-16 11:03 – 2021-03-16 11:03 – 000067584 _____ (Microsoft Corporation) C:WindowsSysWOW64wscui.cpl

2021-03-16 11:03 – 2021-03-16 11:03 – 000067072 _____ C:Windowssystem32BWContextHandler.dll

2021-03-16 11:03 – 2021-03-16 11:03 – 000059221 _____ C:Windowssystem32srms.dat

2021-03-16 11:03 – 2021-03-16 11:03 – 000055376 _____ (Microsoft Corporation) C:WindowsSysWOW64rtmmvrortc.dll

2021-03-16 11:03 – 2021-03-16 11:03 – 000053248 _____ C:WindowsSysWOW64BWContextHandler.dll

2021-03-16 11:03 – 2021-03-16 11:03 – 000039936 _____ (Adobe Systems) C:WindowsSysWOW64atmlib.dll

2021-03-16 11:03 – 2021-03-16 11:03 – 000005632 _____ (Microsoft Corporation) C:WindowsSysWOW64msdxm.ocx

2021-03-16 11:03 – 2021-03-16 11:03 – 000000357 _____ C:Windowssystem32DrtmAuth19.bin

2021-03-16 11:03 – 2021-03-16 11:03 – 000000357 _____ C:Windowssystem32DrtmAuth14.bin

2021-03-16 11:03 – 2021-03-16 11:03 – 000000357 _____ C:Windowssystem32DrtmAuth13.bin

2021-03-16 11:02 – 2021-03-16 11:02 – 004898144 _____ (Microsoft Corporation) C:Windowssystem32rtmpltfm.dll

2021-03-16 11:02 – 2021-03-16 11:02 – 004227116 _____ C:Windowssystem32DefaultHrtfs.bin

2021-03-16 11:02 – 2021-03-16 11:02 – 002590720 _____ C:Windowssystem32dwmscene.dll

2021-03-16 11:02 – 2021-03-16 11:02 – 001841152 _____ C:Windowssystem32TextInputMethodFormatter.dll

2021-03-16 11:02 – 2021-03-16 11:02 – 001757632 _____ (Microsoft Corporation) C:Windowssystem32winload.efi

2021-03-16 11:02 – 2021-03-16 11:02 – 001365640 _____ (Microsoft Corporation) C:Windowssystem32winresume.efi

2021-03-16 11:02 – 2021-03-16 11:02 – 001354080 _____ (Microsoft Corporation) C:Windowssystem32rtmpal.dll

2021-03-16 11:02 – 2021-03-16 11:02 – 001101312 _____ C:WindowsSysWOW64TextInputMethodFormatter.dll

2021-03-16 11:02 – 2021-03-16 11:02 – 001091936 _____ (Microsoft Corporation) C:Windowssystem32rtmcodecs.dll

2021-03-16 11:02 – 2021-03-16 11:02 – 001032544 _____ (Microsoft Corporation) C:Windowssystem32ortcengine.dll

2021-03-16 11:02 – 2021-03-16 11:02 – 000861696 _____ C:Windowssystem32MBR2GPT.EXE

2021-03-16 11:02 – 2021-03-16 11:02 – 000549888 _____ (Microsoft Corporation) C:Windowssystem32mmsys.cpl

2021-03-16 11:02 – 2021-03-16 11:02 – 000540672 _____ (Microsoft Corporation) C:Windowssystem32winspool.drv

2021-03-16 11:02 – 2021-03-16 11:02 – 000453632 _____ C:Windowssystem32ssdm.dll

2021-03-16 11:02 – 2021-03-16 11:02 – 000415744 _____ (Microsoft Corporation) C:WindowsSysWOW64winspool.drv

2021-03-16 11:02 – 2021-03-16 11:02 – 000331264 _____ C:WindowsSysWOW64ssdm.dll

2021-03-16 11:02 – 2021-03-16 11:02 – 000266752 _____ C:Windowssystem32HeatCore.dll

2021-03-16 11:02 – 2021-03-16 11:02 – 000261632 _____ (Microsoft Corporation) C:Windowssystem32bthprops.cpl

2021-03-16 11:02 – 2021-03-16 11:02 – 000235520 _____ (Microsoft Corporation) C:Windowssystem32timedate.cpl

2021-03-16 11:02 – 2021-03-16 11:02 – 000232752 _____ C:Windowssystem32containerdevicemanagement.dll

2021-03-16 11:02 – 2021-03-16 11:02 – 000208896 _____ (Microsoft Corporation) C:Windowssystem32intl.cpl

2021-03-16 11:02 – 2021-03-16 11:02 – 000208384 _____ C:WindowsSysWOW64HeatCore.dll

2021-03-16 11:02 – 2021-03-16 11:02 – 000200704 _____ C:Windowssystem32IHDS.dll

2021-03-16 11:02 – 2021-03-16 11:02 – 000186368 _____ C:Windowssystem32BthpanContextHandler.dll

2021-03-16 11:02 – 2021-03-16 11:02 – 000184320 _____ (Microsoft Corporation) C:WindowsSysWOW64timedate.cpl

2021-03-16 11:02 – 2021-03-16 11:02 – 000164864 _____ C:Windowssystem32DataStoreCacheDumpTool.exe

2021-03-16 11:02 – 2021-03-16 11:02 – 000102912 _____ (Microsoft Corporation) C:Windowssystem32ncpa.cpl

2021-03-16 11:02 – 2021-03-16 11:02 – 000061440 _____ C:Windowssystem32rdsxvmaudio.dll

2021-03-16 11:02 – 2021-03-16 11:02 – 000059392 _____ C:Windowssystem32runexehelper.exe

2021-03-16 11:02 – 2021-03-16 11:02 – 000056672 _____ (Microsoft Corporation) C:Windowssystem32rtmmvrortc.dll

2021-03-16 11:02 – 2021-03-16 11:02 – 000047616 _____ (Adobe Systems) C:Windowssystem32atmlib.dll

2021-03-16 11:02 – 2021-03-16 11:02 – 000035840 _____ C:Windowssystem32deploymentcsphelper.exe

2021-03-16 11:02 – 2021-03-16 11:02 – 000013312 _____ C:Windowssystem32agentactivationruntimestarter.exe

2021-03-16 11:02 – 2021-03-16 11:02 – 000001370 _____ C:Windowssystem32ThirdPartyNoticesBySHS.txt

2021-03-16 10:55 – 2021-03-16 10:55 – 000000916 _____ C:ProgramDataDesktopVLC media player.lnk

2021-03-16 10:55 – 2021-03-16 10:55 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsVideoLAN

2021-03-16 10:54 – 2021-03-16 10:54 – 000000000 ____D C:Program FilesVideoLAN

2021-03-16 10:51 – 2021-04-03 01:20 – 000003346 _____ C:Windowssystem32TasksGoogleUpdateTaskMachineUA

2021-03-16 10:51 – 2021-04-03 01:20 – 000003122 _____ C:Windowssystem32TasksGoogleUpdateTaskMachineCore

2021-03-16 10:51 – 2021-03-31 16:04 – 000002247 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle Chrome.lnk

2021-03-16 10:51 – 2021-03-31 16:04 – 000002206 _____ C:ProgramDataDesktopGoogle Chrome.lnk

2021-03-16 10:51 – 2021-03-19 18:34 – 000000000 ____D C:Program FilesGoogle

2021-03-16 10:51 – 2021-03-16 10:51 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuPrograms7-Zip

2021-03-16 10:51 – 2021-03-16 10:51 – 000000000 ____D C:Program Files7-Zip

2021-03-16 10:51 – 2021-03-16 10:51 – 000000000 ____D C:Program Files (x86)Google

2021-03-16 10:47 – 2021-03-16 10:47 – 000000000 ____D C:Windowssystem32DriversNVIDIA Corporation

2021-03-16 10:47 – 2021-03-12 23:57 – 007119848 _____ (NVIDIA Corporation) C:Windowssystem32nvapi64.dll

2021-03-16 10:47 – 2021-03-11 01:15 – 000135408 _____ (NVIDIA Corporation) C:Windowssystem32Driversnvhda64v.sys

2021-03-16 10:47 – 2020-11-30 08:46 – 005519600 _____ (NVIDIA Corporation) C:Windowssystem32nvcpl.dll

2021-03-16 10:46 – 2021-03-11 01:15 – 000067456 _____ (NVIDIA Corporation) C:Windowssystem32Driversnvvhci.sys

2021-03-16 10:46 – 2021-03-11 01:15 – 000038640 _____ (NVIDIA Corporation) C:Windowssystem32Driversnvhdap64.dll

2021-03-16 10:45 – 2021-03-13 00:05 – 001855184 _____ C:Windowssystem32vulkaninfo-1-999-0-0-0.exe

2021-03-16 10:45 – 2021-03-13 00:05 – 001855184 _____ C:Windowssystem32vulkaninfo.exe

2021-03-16 10:45 – 2021-03-13 00:05 – 001452304 _____ (Khronos Group) C:Windowssystem32OpenCL.dll

2021-03-16 10:45 – 2021-03-13 00:05 – 001435856 _____ C:WindowsSysWOW64vulkaninfo-1-999-0-0-0.exe

2021-03-16 10:45 – 2021-03-13 00:05 – 001435856 _____ C:WindowsSysWOW64vulkaninfo.exe

2021-03-16 10:45 – 2021-03-13 00:05 – 001191696 _____ (Khronos Group) C:WindowsSysWOW64OpenCL.dll

2021-03-16 10:45 – 2021-03-13 00:05 – 001094864 _____ C:Windowssystem32vulkan-1-999-0-0-0.dll

2021-03-16 10:45 – 2021-03-13 00:05 – 001094864 _____ C:Windowssystem32vulkan-1.dll

2021-03-16 10:45 – 2021-03-13 00:05 – 000948936 _____ C:WindowsSysWOW64vulkan-1-999-0-0-0.dll

2021-03-16 10:45 – 2021-03-13 00:05 – 000948936 _____ C:WindowsSysWOW64vulkan-1.dll

2021-03-16 10:45 – 2021-03-13 00:02 – 001511216 _____ (NVIDIA Corporation) C:Windowssystem32NvIFR64.dll

2021-03-16 10:45 – 2021-03-13 00:02 – 001163536 _____ (NVIDIA Corporation) C:WindowsSysWOW64NvIFR.dll

2021-03-16 10:45 – 2021-03-13 00:02 – 000687888 _____ (NVIDIA Corporation) C:Windowssystem32nvidia-smi.exe

2021-03-16 10:45 – 2021-03-13 00:02 – 000678704 _____ C:Windowssystem32nvofapi64.dll

2021-03-16 10:45 – 2021-03-13 00:02 – 000671512 _____ (NVIDIA Corporation) C:Windowssystem32NvIFROpenGL.dll

2021-03-16 10:45 – 2021-03-13 00:02 – 000612144 _____ (NVIDIA Corporation) C:Windowssystem32nvml.dll

2021-03-16 10:45 – 2021-03-13 00:02 – 000556848 _____ (NVIDIA Corporation) C:WindowsSysWOW64NvIFROpenGL.dll

2021-03-16 10:45 – 2021-03-13 00:02 – 000546096 _____ C:WindowsSysWOW64nvofapi.dll

2021-03-16 10:45 – 2021-03-13 00:01 – 002102560 _____ (NVIDIA Corporation) C:Windowssystem32NvFBC64.dll

2021-03-16 10:45 – 2021-03-13 00:01 – 001587488 _____ (NVIDIA Corporation) C:WindowsSysWOW64NvFBC.dll

2021-03-16 10:45 – 2021-03-13 00:01 – 000811808 _____ (NVIDIA Corporation) C:Windowssystem32nvEncodeAPI64.dll

2021-03-16 10:45 – 2021-03-13 00:01 – 000655648 _____ (NVIDIA Corporation) C:WindowsSysWOW64nvEncodeAPI.dll

2021-03-16 10:45 – 2021-03-13 00:00 – 008306456 _____ (NVIDIA Corporation) C:Windowssystem32nvcuvid.dll

2021-03-16 10:45 – 2021-03-13 00:00 – 007429904 _____ (NVIDIA Corporation) C:WindowsSysWOW64nvcuvid.dll

2021-03-16 10:45 – 2021-03-13 00:00 – 004610320 _____ (NVIDIA Corporation) C:WindowsSysWOW64nvcuda.dll

2021-03-16 10:45 – 2021-03-13 00:00 – 002729744 _____ (NVIDIA Corporation) C:Windowssystem32nvcuda.dll

2021-03-16 10:45 – 2021-03-13 00:00 – 000445200 _____ (NVIDIA Corporation) C:Windowssystem32nvdebugdump.exe

2021-03-16 10:45 – 2021-03-12 23:59 – 000848656 _____ (NVIDIA Corporation) C:Windowssystem32MCU.exe

2021-03-16 10:45 – 2021-03-12 23:57 – 006075480 _____ (NVIDIA Corporation) C:WindowsSysWOW64nvapi.dll

2021-03-16 10:45 – 2021-03-11 01:15 – 000084450 _____ C:Windowssystem32nvinfo.pb

2021-03-16 10:38 – 2021-03-31 23:44 – 000000000 ____D C:ProgramDataPackages

2021-03-16 10:32 – 2021-03-16 10:32 – 000000000 ____D C:UsersPCAppDataLocalComms

2021-03-16 10:27 – 2021-04-03 02:13 – 000000000 ____D C:ProgramDataNVIDIA

2021-03-16 10:27 – 2021-04-03 01:20 – 000003398 _____ C:Windowssystem32TasksNvDriverUpdateCheckDaily_B2FE1952-0186-46C3-BAEC-A80AA35AC5B8

2021-03-16 10:27 – 2021-04-03 01:20 – 000003196 _____ C:Windowssystem32TasksNvBatteryBoostCheckOnLogon_B2FE1952-0186-46C3-BAEC-A80AA35AC5B8

2021-03-16 10:27 – 2021-04-03 01:20 – 000003152 _____ C:Windowssystem32TasksNVIDIA GeForce Experience SelfUpdate_B2FE1952-0186-46C3-BAEC-A80AA35AC5B8

2021-03-16 10:27 – 2021-04-03 01:20 – 000002984 _____ C:Windowssystem32TasksNvProfileUpdaterDaily_B2FE1952-0186-46C3-BAEC-A80AA35AC5B8

2021-03-16 10:27 – 2021-04-03 01:20 – 000002948 _____ C:Windowssystem32TasksNvTmRep_CrashReport4_B2FE1952-0186-46C3-BAEC-A80AA35AC5B8

2021-03-16 10:27 – 2021-04-03 01:20 – 000002948 _____ C:Windowssystem32TasksNvTmRep_CrashReport3_B2FE1952-0186-46C3-BAEC-A80AA35AC5B8

2021-03-16 10:27 – 2021-04-03 01:20 – 000002948 _____ C:Windowssystem32TasksNvTmRep_CrashReport2_B2FE1952-0186-46C3-BAEC-A80AA35AC5B8

2021-03-16 10:27 – 2021-04-03 01:20 – 000002948 _____ C:Windowssystem32TasksNvTmRep_CrashReport1_B2FE1952-0186-46C3-BAEC-A80AA35AC5B8

2021-03-16 10:27 – 2021-04-03 01:20 – 000002914 _____ C:Windowssystem32TasksNvNodeLauncher_B2FE1952-0186-46C3-BAEC-A80AA35AC5B8

2021-03-16 10:27 – 2021-04-03 01:20 – 000002744 _____ C:Windowssystem32TasksNvProfileUpdaterOnLogon_B2FE1952-0186-46C3-BAEC-A80AA35AC5B8

2021-03-16 10:27 – 2021-04-02 13:05 – 000000000 ____D C:ProgramDataPackage Cache

2021-03-16 10:27 – 2021-04-02 01:24 – 000000000 ____D C:UsersPCAppDataLocalNVIDIA

2021-03-16 10:27 – 2021-03-21 00:19 – 000000000 ____D C:UsersPCAppDataLocalNVIDIA Corporation

2021-03-16 10:27 – 2021-03-21 00:17 – 000001403 _____ C:ProgramDataDesktopGeForce Experience.lnk

2021-03-16 10:27 – 2021-03-21 00:17 – 000000000 ____D C:ProgramDataNVIDIA Corporation

2021-03-16 10:27 – 2021-03-21 00:17 – 000000000 ____D C:Program Files (x86)NVIDIA Corporation

2021-03-16 10:27 – 2021-03-16 10:27 – 000000000 ____D C:UsersPCAppDataLocalCEF

2021-03-16 10:27 – 2021-03-16 10:27 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsNVIDIA Corporation

2021-03-16 10:27 – 2021-01-27 07:17 – 002797808 _____ (NVIDIA Corporation) C:Windowssystem32nvspcap64.dll

2021-03-16 10:27 – 2021-01-27 07:17 – 002154224 _____ (NVIDIA Corporation) C:WindowsSysWOW64nvspcap.dll

2021-03-16 10:27 – 2021-01-27 07:17 – 001295088 _____ (NVIDIA Corporation) C:Windowssystem32NvRtmpStreamer64.dll

2021-03-16 10:27 – 2021-01-11 12:26 – 000001951 _____ C:WindowsNvContainerRecovery.bat

2021-03-16 10:27 – 2020-12-02 02:48 – 000169272 _____ (NVIDIA Corporation) C:Windowssystem32nvaudcap64v.dll

2021-03-16 10:27 – 2020-12-02 02:48 – 000145208 _____ (NVIDIA Corporation) C:WindowsSysWOW64nvaudcap32v.dll

2021-03-16 10:26 – 2021-03-21 00:17 – 000000000 ____D C:Program FilesNVIDIA Corporation

2021-03-16 10:26 – 2020-03-06 06:03 – 000069840 _____ (NVIDIA Corporation) C:Windowssystem32Driversnvvad64v.sys

2021-03-16 10:26 – 2020-03-04 08:54 – 000050592 _____ (NVIDIA Corporation) C:Windowssystem32DriversNvModuleTracker.sys

2021-03-16 10:24 – 2021-03-31 23:50 – 000000000 ____D C:UsersPCAppDataLocalPlaceholderTileLogoFolder

2021-03-16 10:23 – 2021-04-03 01:20 – 000002854 _____ C:Windowssystem32TasksOneDrive Standalone Update Task-S-1-5-21-2018598786-54766760-3354375963-1001

2021-03-16 10:23 – 2021-03-30 23:35 – 000000000 ___RD C:UsersPCOneDrive

2021-03-16 10:23 – 2021-03-16 10:23 – 000000000 ____D C:UsersPCAppDataLocalMicrosoftEdge

2021-03-16 10:23 – 2021-03-16 10:23 – 000000000 ____D C:ProgramDataMicrosoft OneDrive

2021-03-16 10:22 – 2021-04-03 02:17 – 000841376 _____ C:Windowssystem32PerfStringBackup.INI

2021-03-16 10:22 – 2021-04-02 20:16 – 000000000 ____D C:UsersPCAppDataLocalPackages

2021-03-16 10:22 – 2021-03-20 01:13 – 000000000 ____D C:UsersPCAppDataLocalConnectedDevicesPlatform

2021-03-16 10:22 – 2021-03-16 11:10 – 000000000 ___RD C:UsersPC3D Objects

2021-03-16 10:22 – 2021-03-16 10:22 – 000000000 ____D C:UsersPCAppDataLocalVirtualStore

2021-03-16 10:22 – 2021-03-16 10:22 – 000000000 ____D C:UsersPCAppDataLocalPublishers

2021-03-16 10:21 – 2021-03-31 23:49 – 000000000 ____D C:UsersPC

2021-03-16 10:21 – 2021-03-16 10:24 – 000002354 _____ C:UsersPCAppDataRoamingMicrosoftWindowsStart MenuProgramsOneDrive.lnk

2021-03-16 10:21 – 2021-03-16 10:21 – 000000020 ___SH C:UsersPCntuser.ini

2021-03-16 10:20 – 2021-04-03 01:20 – 000003408 _____ C:Windowssystem32TasksMicrosoftEdgeUpdateTaskMachineUA

2021-03-16 10:20 – 2021-04-03 01:20 – 000003184 _____ C:Windowssystem32TasksMicrosoftEdgeUpdateTaskMachineCore

2021-03-16 10:18 – 2021-03-16 10:18 – 000000000 _SHDL C:Documents and Settings

2021-03-16 10:18 – 2021-03-16 10:18 – 000000000 ____D C:Windowsminidump

2021-03-16 10:17 – 2021-04-03 02:11 – 000000006 ____H C:WindowsTasksSA.DAT

2021-03-16 10:17 – 2021-04-03 00:04 – 000000000 ____D C:Windowssystem32SleepStudy

2021-03-16 10:17 – 2021-03-25 11:22 – 000303824 _____ C:Windowssystem32FNTCACHE.DAT

2021-03-16 10:17 – 2021-03-16 11:10 – 000000000 ____D C:Windowssystem32Driverswd

2021-03-16 10:17 – 2021-03-16 10:17 – 000000000 ____H C:Windowssystem32DriversMsft_User_WpdFs_01_11_00.Wdf

2021-03-16 10:17 – 2021-03-16 10:17 – 000000000 ____D C:WindowsServiceProfiles

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-04-03 02:17 – 2019-03-19 00:50 – 000000000 ____D C:WindowsINF

2021-04-03 02:11 – 2019-03-19 00:52 – 000000000 ___HD C:Program FilesWindowsApps

2021-04-03 02:11 – 2019-03-19 00:52 – 000000000 ____D C:WindowsAppReadiness

2021-04-03 02:11 – 2019-03-19 00:52 – 000000000 ____D C:ProgramDataregid.1991-06.com.microsoft

2021-04-03 02:10 – 2019-03-19 00:37 – 000524288 _____ C:Windowssystem32configBBI

2021-04-02 22:07 – 2019-03-19 00:52 – 000000000 ___HD C:WindowsELAMBKUP

2021-04-02 01:23 – 2019-03-19 00:52 – 000000000 ____D C:Program FilesCommon Filesmicrosoft shared

2021-03-20 20:14 – 2019-03-19 00:52 – 000000000 ____D C:WindowsLiveKernelReports

2021-03-19 01:30 – 2019-03-19 00:37 – 000000000 ____D C:WindowsCbsTemp

2021-03-17 12:55 – 2019-03-19 00:52 – 000000000 ____D C:Windowsappcompat

2021-03-16 11:20 – 2019-03-19 00:52 – 000000000 ____D C:Windowssystem32SecureBootUpdates

2021-03-16 11:19 – 2019-03-19 00:52 – 000000000 ____D C:WindowsShellExperiences

2021-03-16 11:19 – 2019-03-19 00:52 – 000000000 ____D C:Windowsbcastdvr

2021-03-16 11:16 – 2019-03-19 00:49 – 000028672 _____ C:Windowssystem32configBCD-Template

2021-03-16 11:10 – 2019-03-19 00:52 – 000000000 ____D C:Program FilesWindows Defender

2021-03-16 11:09 – 2019-03-19 00:52 – 000000000 ___SD C:WindowsSysWOW64F12

2021-03-16 11:09 – 2019-03-19 00:52 – 000000000 ___SD C:WindowsSysWOW64DiagSvcs

2021-03-16 11:09 – 2019-03-19 00:52 – 000000000 ___SD C:Windowssystem32UNP

2021-03-16 11:09 – 2019-03-19 00:52 – 000000000 ___SD C:Windowssystem32F12

2021-03-16 11:09 – 2019-03-19 00:52 – 000000000 ___SD C:Windowssystem32DiagSvcs

2021-03-16 11:09 – 2019-03-19 00:52 – 000000000 ____D C:WindowsTextInput

2021-03-16 11:09 – 2019-03-19 00:52 – 000000000 ____D C:WindowsSysWOW64setup

2021-03-16 11:09 – 2019-03-19 00:52 – 000000000 ____D C:WindowsSysWOW64PerceptionSimulation

2021-03-16 11:09 – 2019-03-19 00:52 – 000000000 ____D C:WindowsSysWOW64oobe

2021-03-16 11:09 – 2019-03-19 00:52 – 000000000 ____D C:WindowsSysWOW64Dism

2021-03-16 11:09 – 2019-03-19 00:52 – 000000000 ____D C:WindowsSysWOW64Com

2021-03-16 11:09 – 2019-03-19 00:52 – 000000000 ____D C:WindowsSysWOW64AdvancedInstallers

2021-03-16 11:09 – 2019-03-19 00:52 – 000000000 ____D C:WindowsSystemResources

2021-03-16 11:09 – 2019-03-19 00:52 – 000000000 ____D C:Windowssystem32WinMetadata

2021-03-16 11:09 – 2019-03-19 00:52 – 000000000 ____D C:Windowssystem32WinBioPlugIns

2021-03-16 11:09 – 2019-03-19 00:52 – 000000000 ____D C:Windowssystem32SystemResetPlatform

2021-03-16 11:09 – 2019-03-19 00:52 – 000000000 ____D C:Windowssystem32Sysprep

2021-03-16 11:09 – 2019-03-19 00:52 – 000000000 ____D C:Windowssystem32setup

2021-03-16 11:09 – 2019-03-19 00:52 – 000000000 ____D C:Windowssystem32PerceptionSimulation

2021-03-16 11:09 – 2019-03-19 00:52 – 000000000 ____D C:Windowssystem32oobe

2021-03-16 11:09 – 2019-03-19 00:52 – 000000000 ____D C:Windowssystem32migwiz

2021-03-16 11:09 – 2019-03-19 00:52 – 000000000 ____D C:Windowssystem32es-MX

2021-03-16 11:09 – 2019-03-19 00:52 – 000000000 ____D C:Windowssystem32Dism

2021-03-16 11:09 – 2019-03-19 00:52 – 000000000 ____D C:Windowssystem32Com

2021-03-16 11:09 – 2019-03-19 00:52 – 000000000 ____D C:Windowssystem32appraiser

2021-03-16 11:09 – 2019-03-19 00:52 – 000000000 ____D C:Windowssystem32AdvancedInstallers

2021-03-16 11:08 – 2019-03-19 02:20 – 000000000 ____D C:Program FilesWindows Photo Viewer

2021-03-16 11:08 – 2019-03-19 02:20 – 000000000 ____D C:Program Files (x86)Windows Photo Viewer

2021-03-16 11:08 – 2019-03-19 00:52 – 000000000 ___RD C:WindowsPrintDialog

2021-03-16 11:08 – 2019-03-19 00:52 – 000000000 ___RD C:WindowsImmersiveControlPanel

2021-03-16 11:08 – 2019-03-19 00:52 – 000000000 ____D C:WindowsShellComponents

2021-03-16 11:08 – 2019-03-19 00:52 – 000000000 ____D C:WindowsProvisioning

2021-03-16 11:08 – 2019-03-19 00:52 – 000000000 ____D C:WindowsPolicyDefinitions

2021-03-16 11:08 – 2019-03-19 00:52 – 000000000 ____D C:WindowsIME

2021-03-16 11:08 – 2019-03-19 00:52 – 000000000 ____D C:WindowsDiagTrack

2021-03-16 11:08 – 2019-03-19 00:52 – 000000000 ____D C:Program FilesCommon FilesSystem

2021-03-16 11:08 – 2019-03-19 00:52 – 000000000 ____D C:Program Files (x86)Windows Defender

2021-03-16 11:08 – 2019-03-19 00:52 – 000000000 ____D C:PerfLogs

2021-03-16 11:08 – 2019-03-19 00:37 – 000000000 ____D C:Windowsservicing

2021-03-16 11:05 – 2019-03-19 02:20 – 000022016 _____ (Microsoft Corporation) C:Windowssystem32OEMDefaultAssociations.dll

2021-03-16 11:05 – 2019-03-19 02:20 – 000019469 _____ C:Windowssystem32OEMDefaultAssociations.xml

2021-03-16 10:38 – 2019-03-19 00:52 – 000000000 ____D C:WindowsServiceState

2021-03-16 10:31 – 2019-03-19 00:52 – 000000000 ____D C:Windowssystem32WinBioDatabase

2021-03-16 10:20 – 2019-03-19 00:52 – 000000000 ____D C:Windowssystem32spool

2021-03-16 10:20 – 2019-03-19 00:52 – 000000000 ____D C:Windowssystem32FxsTmp

2021-03-16 10:19 – 2019-03-19 00:52 – 000000000 ____D C:ProgramDataUSOPrivate

2021-03-16 10:17 – 2019-03-19 00:37 – 000032768 _____ C:Windowssystem32configELAM

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Farbar Addition.txt file

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-03-2021

Ran by PC (03-04-2021 02:29:14)

Running from C:UsersPCDownloads

Windows 10 Home Version 1909 18363.1441 (X64) (2021-03-16 14:18:26)

Boot Mode: Normal

==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-2018598786-54766760-3354375963-500 – Administrator – Disabled)

DefaultAccount (S-1-5-21-2018598786-54766760-3354375963-503 – Limited – Disabled)

Guest (S-1-5-21-2018598786-54766760-3354375963-501 – Limited – Disabled)

PC (S-1-5-21-2018598786-54766760-3354375963-1001 – Administrator – Enabled) => C:UsersPC

WDAGUtilityAccount (S-1-5-21-2018598786-54766760-3354375963-504 – Limited – Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled – Up to date) D68DDC3A-831F-4fae-9E44-DA132C1ACF46

AV: Avast Antivirus (Enabled – Up to date) EB19B86E-3998-C706-90EF-92B41EB091AF

AV: Malwarebytes (Enabled – Up to date) 23007AD3-69FE-687C-2629-D584AFFAF72B

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 19.00 (x64) (HKLM…7-Zip) (Version: 19.00 – Igor Pavlov)

Avast Free Antivirus (HKLM-x32…Avast Antivirus) (Version: 21.2.2455 – Avast Software)

Backup and Sync from Google (HKLM…3CBE1074-3A4F-4BA6-95E3-7A660B54FE33) (Version: 3.55.3625.9414 – Google, Inc.)

Blitz 1.13.146 (HKUS-1-5-21-2018598786-54766760-3354375963-1001…153f8ce0-b97a-575b-ba12-4ff8b1481894) (Version: 1.13.146 – Blitz, Inc.)

CPUID HWMonitor 1.43 (HKLM…CPUID HWMonitor_is1) (Version: 1.43 – CPUID, Inc.)

Discord (HKUS-1-5-21-2018598786-54766760-3354375963-1001…Discord) (Version: 0.0.309 – Discord Inc.)

Documentation Manager (HKLM…87CA98A2-FF74-4CBE-81D8-0E9145F4A97C) (Version: 22.30.0.11 – Intel Corporation) Hidden

ENE_DRAM_RGB_AIO (HKLM…1745D314-9077-46C9-8562-1C62BAE189B7) (Version: 1.0.0.10 – Ene Tech.) Hidden

ENE_DRAM_RGB_AIO (HKLM-x32…52d1d7de-19c3-4f83-97bb-f9435dc84c5b) (Version: 1.0.0.10 – Ene Tech.) Hidden

EVGA Precision X1 (HKLM…EVGA Precision X1) (Version: 1.1.7.0 – EVGA Corporation)

Google Chrome (HKLM…F895F44D-9DFF-303A-80EC-966122E67583) (Version: 89.0.4389.114 – Google LLC)

Intel® Software Installer (HKLM-x32…469cd1ee-2994-481c-ad19-874d4d32525b) (Version: 22.30.0.11 – Intel Corporation) Hidden

L-Connect (HKLM-x32…69720AC4-DC3C-4F1A-972E-4F56579126D0_is1) (Version: 1.00.00 – L-Connect)

League of Legends (HKUS-1-5-21-2018598786-54766760-3354375963-1001…Riot Game league_of_legends.live) (Version:  – Riot Games, Inc)

LED Sync (HKLM-x32…417D2425-8783-46D4-97DF-EEF7CD17D656) (Version: 1.1.1 – EVGA)

Local Cooling Setup (HKLM-x32…79166E9D-4D2B-405A-B8F5-B43E0C795FF2) (Version: 1.0 – InstallAware Software Corporation) Hidden

Logitech Gaming Software 9.02 (HKLM…Logitech Gaming Software) (Version: 9.02.65 – Logitech Inc.)

Logitech Options (HKLM…LogiOptions) (Version: 8.36.86 – Logitech)

Malwarebytes version 4.3.0.98 (HKLM…35065F43-4BB2-439A-BFF7-0F1014F2E0CD_is1) (Version: 4.3.0.98 – Malwarebytes)

Microsoft Edge (HKLM-x32…Microsoft Edge) (Version: 89.0.774.63 – Microsoft Corporation)

Microsoft Office Home and Business 2016 – en-us (HKLM…HomeBusinessRetail – en-us) (Version: 16.0.13801.20360 – Microsoft Corporation)

Microsoft OneDrive (HKUS-1-5-21-2018598786-54766760-3354375963-1001…OneDriveSetup.exe) (Version: 21.030.0211.0002 – Microsoft Corporation)

Microsoft Teams (HKUS-1-5-21-2018598786-54766760-3354375963-1001…Teams) (Version: 1.4.00.7174 – Microsoft Corporation)

Microsoft Update Health Tools (HKLM…BAB9FCC5-1506-4B4F-BFCA-EDE0BDB86C21) (Version: 2.75.0.0 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x64 9.0.30729.4148 (HKLM…4B6C7001-C7D6-3710-913E-5BC23FCE91E6) (Version: 9.0.30729.4148 – Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) – 12.0.30501 (HKLM-x32…50d4fc8-5d48-4b8f-8972-47c82c46020f) (Version: 12.0.30501.0 – Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) – 12.0.30501 (HKLM-x32…f65db027-aff3-4070-886a-0d87064aabb1) (Version: 12.0.30501.0 – Microsoft Corporation)

Microsoft Visual C++ 2017 Redistributable (x64) – 14.14.26429 (HKLM-x32…80586c77-db42-44bb-bfc8-7aebbb220c00) (Version: 14.14.26429.4 – Microsoft Corporation)

Microsoft Visual C++ 2017 Redistributable (x86) – 14.13.26020 (HKLM-x32…5c045b7f-e561-4794-91f8-c6cda0893107) (Version: 14.13.26020.0 – Microsoft Corporation)

Mozilla Firefox 86.0.1 (x64 en-CA) (HKLM…Mozilla Firefox 86.0.1 (x64 en-CA)) (Version: 86.0.1 – Mozilla)

Mozilla Maintenance Service (HKLM…MozillaMaintenanceService) (Version: 86.0.1 – Mozilla)

NVIDIA FrameView SDK 1.1.4923.29548709 (HKLM…B2FE1952-0186-46C3-BAEC-A80AA35AC5B8_FrameViewSdk) (Version: 1.1.4923.29548709 – NVIDIA Corporation)

NVIDIA GeForce Experience 3.21.0.36 (HKLM…B2FE1952-0186-46C3-BAEC-A80AA35AC5B8_Display.GFExperience) (Version: 3.21.0.36 – NVIDIA Corporation)

NVIDIA Graphics Driver 461.92 (HKLM…B2FE1952-0186-46C3-BAEC-A80AA35AC5B8_Display.Driver) (Version: 461.92 – NVIDIA Corporation)

NVIDIA HD Audio Driver 1.3.38.40 (HKLM…B2FE1952-0186-46C3-BAEC-A80AA35AC5B8_HDAudio.Driver) (Version: 1.3.38.40 – NVIDIA Corporation)

NVIDIA PhysX System Software 9.19.0218 (HKLM…B2FE1952-0186-46C3-BAEC-A80AA35AC5B8_Display.PhysX) (Version: 9.19.0218 – NVIDIA Corporation)

OBS Studio (HKLM-x32…OBS Studio) (Version: 26.1.1 – OBS Project)

Office 16 Click-to-Run Extensibility Component (HKLM-x32…90160000-008C-0000-0000-0000000FF1CE) (Version: 16.0.13801.20274 – Microsoft Corporation) Hidden

Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM…90160000-00DD-0000-1000-0000000FF1CE) (Version: 16.0.13801.20274 – Microsoft Corporation) Hidden

Office 16 Click-to-Run Licensing Component (HKLM…90160000-008F-0000-1000-0000000FF1CE) (Version: 16.0.13801.20360 – Microsoft Corporation) Hidden

Office 16 Click-to-Run Localization Component (HKLM-x32…90160000-008C-0409-0000-0000000FF1CE) (Version: 16.0.13801.20274 – Microsoft Corporation) Hidden

Riot Vanguard (HKLM…Riot Vanguard) (Version:  – Riot Games, Inc.)

TeamViewer (HKLM-x32…TeamViewer) (Version: 15.16.8 – TeamViewer)

TechPowerUp GPU-Z (HKLM-x32…8B0F211E-5846-4FB2-B0B9-4EB31546FDF9}_is1) (Version:  – TechPowerUp)

Trident Z Lighting Control (HKLM-x32…97CD7AFC-0ED3-41B8-9CCD-22717E8631D0_is1) (Version: 1.00.22 – ENG)

VALORANT (HKUS-1-5-21-2018598786-54766760-3354375963-1001…Riot Game valorant.live) (Version:  – Riot Games, Inc)

VLC media player (HKLM…VLC media player) (Version: 3.0.12 – VideoLAN)

WhatsApp (HKUS-1-5-21-2018598786-54766760-3354375963-1001…WhatsApp) (Version: 2.2110.12 – WhatsApp)

WinRAR 6.00 (64-bit) (HKLM…WinRAR archiver) (Version: 6.00.0 – win.rar GmbH)

Wondershare Helper Compact 2.6.0 (HKLM-x32…5363CE84-5F09-48A1-8B6C-6BB590FFEDF2_is1) (Version: 2.6.0 – Wondershare)

Zoom (HKUS-1-5-21-2018598786-54766760-3354375963-1001…ZoomUMX) (Version: 5.6.0 (589) – Zoom Video Communications, Inc.)

Packages:

=========

DragonCenter -> C:Program FilesWindowsApps9426MICRO-STARINTERNATION.DragonCenter_2.0.103.0_x64__kzh8wxbdkxb8p [2021-03-16] (MICRO-STAR INTERNATIONAL CO., LTD) [Startup Task]

Microsoft Advertising SDK for XAML -> C:Program FilesWindowsAppsMicrosoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-03-17] (Microsoft Corporation) [MS Ad]

Microsoft Advertising SDK for XAML -> C:Program FilesWindowsAppsMicrosoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-03-17] (Microsoft Corporation) [MS Ad]

Microsoft Solitaire Collection -> C:Program FilesWindowsAppsMicrosoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-03-18] (Microsoft Studios) [MS Ad]

NVIDIA Control Panel -> C:Program FilesWindowsAppsNVIDIACorp.NVIDIAControlPanel_8.1.960.0_x64__56jybvy8sckqj [2021-03-16] (NVIDIA Corp.)

Spotify Music -> C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0 [2021-04-03] (Spotify AB) [Startup Task]

TranslucentTB -> C:Program FilesWindowsApps28017CharlesMilette.TranslucentTB_9.0.0.0_x86__v826wp6bftszj [2021-03-31] (Charles Milette) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKUS-1-5-21-2018598786-54766760-3354375963-1001_ClassesCLSID19A6E644-14E6-4A60-B8D7-DD20610A871DInprocServer32 -> C:UsersPCAppDataLocalMicrosoftTeamsMeetingAddin1.0.20339.4x64Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> 81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42 => C:Program FilesGoogleDrivegoogledrivesync64.dll [2021-03-12] (Google LLC -> Google)

ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> 81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40 => C:Program FilesGoogleDrivegoogledrivesync64.dll [2021-03-12] (Google LLC -> Google)

ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> 81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41 => C:Program FilesGoogleDrivegoogledrivesync64.dll [2021-03-12] (Google LLC -> Google)

ShellIconOverlayIdentifiers: [00asw] -> 472083B0-C522-11CF-8763-00608CC02F24 => C:Program FilesAvast SoftwareAvastashShell.dll [2021-04-02] (Avast Software s.r.o. -> AVAST Software)

ShellIconOverlayIdentifiers-x32: [00asw] -> 472083B0-C522-11CF-8763-00608CC02F24 => C:Program FilesAvast SoftwareAvastashShell.dll [2021-04-02] (Avast Software s.r.o. -> AVAST Software)

ContextMenuHandlers1: [7-Zip] -> 23170F69-40C1-278A-1000-000100020000 => C:Program Files7-Zip7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]

ContextMenuHandlers1: [avast] -> 472083B0-C522-11CF-8763-00608CC02F24 => C:Program FilesAvast SoftwareAvastashShell.dll [2021-04-02] (Avast Software s.r.o. -> AVAST Software)

ContextMenuHandlers1: [GDContextMenu] -> BB02B294-8425-42E5-983F-41A1FA970CD6 => C:Program FilesGoogleDrivecontextmenu64.dll [2021-03-12] (Google LLC -> Google)

ContextMenuHandlers1: [WinRAR] -> B41DB860-64E4-11D2-9906-E49FADC173CA => C:Program FilesWinRARrarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)

ContextMenuHandlers1-x32: [WinRAR32] -> B41DB860-8EE4-11D2-9906-E49FADC173CA => C:Program FilesWinRARrarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)

ContextMenuHandlers3: [00asw] -> 472083B0-C522-11CF-8763-00608CC02F24 => C:Program FilesAvast SoftwareAvastashShell.dll [2021-04-02] (Avast Software s.r.o. -> AVAST Software)

ContextMenuHandlers3: [MBAMShlExt] -> 57CE581A-0CB6-4266-9CA0-19364C90A0B3 => C:Program FilesMalwarebytesAnti-Malwarembshlext.dll [2021-04-02] (Malwarebytes Corporation -> Malwarebytes)

ContextMenuHandlers4: [7-Zip] -> 23170F69-40C1-278A-1000-000100020000 => C:Program Files7-Zip7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]

ContextMenuHandlers4: [GDContextMenu] -> BB02B294-8425-42E5-983F-41A1FA970CD6 => C:Program FilesGoogleDrivecontextmenu64.dll [2021-03-12] (Google LLC -> Google)

ContextMenuHandlers5: [NvCplDesktopContext] -> 3D1975AF-48C6-4f8e-A182-BE0E08FA86A9 => C:WindowsSystem32DriverStoreFileRepositorynv_dispi.inf_amd64_5be8de9f3373beafnvshext.dll [2021-03-13] (NVIDIA Corporation -> NVIDIA Corporation)

ContextMenuHandlers6: [7-Zip] -> 23170F69-40C1-278A-1000-000100020000 => C:Program Files7-Zip7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]

ContextMenuHandlers6: [avast] -> 472083B0-C522-11CF-8763-00608CC02F24 => C:Program FilesAvast SoftwareAvastashShell.dll [2021-04-02] (Avast Software s.r.o. -> AVAST Software)

ContextMenuHandlers6: [MBAMShlExt] -> 57CE581A-0CB6-4266-9CA0-19364C90A0B3 => C:Program FilesMalwarebytesAnti-Malwarembshlext.dll [2021-04-02] (Malwarebytes Corporation -> Malwarebytes)

ContextMenuHandlers6: [WinRAR] -> B41DB860-64E4-11D2-9906-E49FADC173CA => C:Program FilesWinRARrarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)

ContextMenuHandlers6-x32: [WinRAR32] -> B41DB860-8EE4-11D2-9906-E49FADC173CA => C:Program FilesWinRARrarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:UsersPCDesktopSnapdrop.lnk -> C:Program FilesGoogleChromeApplicationchrome_proxy.exe (Google LLC) ->  –profile-directory=Default –app-id=ikpmlgdcejalmjnfbahhijemkcgljabf

ShortcutWithArgument: C:UsersPCAppDataRoamingMicrosoftWindowsStart MenuProgramsChrome AppsSnapdrop.lnk -> C:Program FilesGoogleChromeApplicationchrome_proxy.exe (Google LLC) ->  –profile-directory=Default –app-id=ikpmlgdcejalmjnfbahhijemkcgljabf

==================== Loaded Modules (Whitelisted) =============

2021-03-21 00:50 – 2021-04-01 15:59 – 000415232 _____ () [File not signed] \?C:UsersPCAppDataLocalProgramsBlitzresourcesapp.asar.unpackednode_modulesleveldownprebuildswin32-ia32node.napi.node

2021-03-21 00:50 – 2021-04-01 15:59 – 002662912 _____ () [File not signed] C:UsersPCAppDataLocalProgramsBlitzffmpeg.dll

2021-03-21 00:50 – 2021-04-01 15:59 – 000367104 _____ () [File not signed] C:UsersPCAppDataLocalProgramsBlitzlibegl.dll

2021-03-21 00:50 – 2021-04-01 15:59 – 006631936 _____ () [File not signed] C:UsersPCAppDataLocalProgramsBlitzlibglesv2.dll

2021-04-03 02:11 – 2021-04-03 02:11 – 000114176 _____ () [File not signed] C:UsersPCAppDataLocalTemp_MEI142162_ctypes.pyd

2021-04-03 02:11 – 2021-04-03 02:11 – 000172544 _____ () [File not signed] C:UsersPCAppDataLocalTemp_MEI142162_elementtree.pyd

2021-04-03 02:11 – 2021-04-03 02:11 – 002255872 _____ () [File not signed] C:UsersPCAppDataLocalTemp_MEI142162_hashlib.pyd

2021-04-03 02:11 – 2021-04-03 02:11 – 000032256 _____ () [File not signed] C:UsersPCAppDataLocalTemp_MEI142162_multiprocessing.pyd

2021-04-03 02:11 – 2021-04-03 02:11 – 000046080 _____ () [File not signed] C:UsersPCAppDataLocalTemp_MEI142162_psutil_windows.pyd

2021-04-03 02:11 – 2021-04-03 02:11 – 000047616 _____ () [File not signed] C:UsersPCAppDataLocalTemp_MEI142162_socket.pyd

2021-04-03 02:11 – 2021-04-03 02:11 – 002824704 _____ () [File not signed] C:UsersPCAppDataLocalTemp_MEI142162_ssl.pyd

2021-04-03 02:11 – 2021-04-03 02:11 – 000026112 _____ () [File not signed] C:UsersPCAppDataLocalTemp_MEI142162_yappi.pyd

2021-04-03 02:11 – 2021-04-03 02:11 – 000080896 _____ () [File not signed] C:UsersPCAppDataLocalTemp_MEI142162bz2.pyd

2021-04-03 02:11 – 2021-04-03 02:11 – 000015872 _____ () [File not signed] C:UsersPCAppDataLocalTemp_MEI142162common.time34.pyd

2021-04-03 02:11 – 2021-04-03 02:11 – 000007680 _____ () [File not signed] C:UsersPCAppDataLocalTemp_MEI142162hashobjs_ext.pyd

2021-04-03 02:11 – 2021-04-03 02:11 – 000301568 _____ () [File not signed] C:UsersPCAppDataLocalTemp_MEI142162PIL._imaging.pyd

2021-04-03 02:11 – 2021-04-03 02:11 – 000168448 _____ () [File not signed] C:UsersPCAppDataLocalTemp_MEI142162pyexpat.pyd

2021-04-03 02:11 – 2021-04-03 02:11 – 001084416 _____ () [File not signed] C:UsersPCAppDataLocalTemp_MEI142162pysqlite2._sqlite.pyd

2021-04-03 02:11 – 2021-04-03 02:11 – 000548864 _____ () [File not signed] C:UsersPCAppDataLocalTemp_MEI142162pythoncom27.dll

2021-04-03 02:11 – 2021-04-03 02:11 – 000137728 _____ () [File not signed] C:UsersPCAppDataLocalTemp_MEI142162pywintypes27.dll

2021-04-03 02:11 – 2021-04-03 02:11 – 000010752 _____ () [File not signed] C:UsersPCAppDataLocalTemp_MEI142162select.pyd

2021-04-03 02:11 – 2021-04-03 02:11 – 000020992 _____ () [File not signed] C:UsersPCAppDataLocalTemp_MEI142162thumbnails_ext.pyd

2021-04-03 02:11 – 2021-04-03 02:11 – 000689664 _____ () [File not signed] C:UsersPCAppDataLocalTemp_MEI142162unicodedata.pyd

2021-04-03 02:11 – 2021-04-03 02:11 – 000119808 _____ () [File not signed] C:UsersPCAppDataLocalTemp_MEI142162usb_ext.pyd

2021-04-03 02:11 – 2021-04-03 02:11 – 000128512 _____ () [File not signed] C:UsersPCAppDataLocalTemp_MEI142162win32api.pyd

2021-04-03 02:11 – 2021-04-03 02:11 – 000438784 _____ () [File not signed] C:UsersPCAppDataLocalTemp_MEI142162win32com.shell.shell.pyd

2021-04-03 02:11 – 2021-04-03 02:11 – 000011776 _____ () [File not signed] C:UsersPCAppDataLocalTemp_MEI142162win32crypt.pyd

2021-04-03 02:11 – 2021-04-03 02:11 – 000023040 _____ () [File not signed] C:UsersPCAppDataLocalTemp_MEI142162win32event.pyd

2021-04-03 02:11 – 2021-04-03 02:11 – 000149504 _____ () [File not signed] C:UsersPCAppDataLocalTemp_MEI142162win32file.pyd

2021-04-03 02:11 – 2021-04-03 02:11 – 000223232 _____ () [File not signed] C:UsersPCAppDataLocalTemp_MEI142162win32gui.pyd

2021-04-03 02:11 – 2021-04-03 02:11 – 000048128 _____ () [File not signed] C:UsersPCAppDataLocalTemp_MEI142162win32inet.pyd

2021-04-03 02:11 – 2021-04-03 02:11 – 000029696 _____ () [File not signed] C:UsersPCAppDataLocalTemp_MEI142162win32pdh.pyd

2021-04-03 02:11 – 2021-04-03 02:11 – 000027648 _____ () [File not signed] C:UsersPCAppDataLocalTemp_MEI142162win32pipe.pyd

2021-04-03 02:11 – 2021-04-03 02:11 – 000044032 _____ () [File not signed] C:UsersPCAppDataLocalTemp_MEI142162win32process.pyd

2021-04-03 02:11 – 2021-04-03 02:11 – 000020480 _____ () [File not signed] C:UsersPCAppDataLocalTemp_MEI142162win32profile.pyd

2021-04-03 02:11 – 2021-04-03 02:11 – 000136192 _____ () [File not signed] C:UsersPCAppDataLocalTemp_MEI142162win32security.pyd

2021-04-03 02:11 – 2021-04-03 02:11 – 000026624 _____ () [File not signed] C:UsersPCAppDataLocalTemp_MEI142162win32ts.pyd

2021-04-03 02:11 – 2021-04-03 02:11 – 000034304 _____ () [File not signed] C:UsersPCAppDataLocalTemp_MEI142162windows.conditional.pyd

2021-04-03 02:11 – 2021-04-03 02:11 – 000037888 _____ () [File not signed] C:UsersPCAppDataLocalTemp_MEI142162windows.connectivity.pyd

2021-04-03 02:11 – 2021-04-03 02:11 – 000071680 _____ () [File not signed] C:UsersPCAppDataLocalTemp_MEI142162windows.device_monitor.pyd

2021-04-03 02:11 – 2021-04-03 02:11 – 000103936 _____ () [File not signed] C:UsersPCAppDataLocalTemp_MEI142162windows.volumes.pyd

2021-04-03 02:11 – 2021-04-03 02:11 – 000019968 _____ () [File not signed] C:UsersPCAppDataLocalTemp_MEI142162windows.winwrap.pyd

2021-04-03 02:11 – 2021-04-03 02:11 – 001325056 _____ () [File not signed] C:UsersPCAppDataLocalTemp_MEI142162wx._controls_.pyd

2021-04-03 02:11 – 2021-04-03 02:11 – 001489408 _____ () [File not signed] C:UsersPCAppDataLocalTemp_MEI142162wx._core_.pyd

2021-04-03 02:11 – 2021-04-03 02:11 – 001007104 _____ () [File not signed] C:UsersPCAppDataLocalTemp_MEI142162wx._gdi_.pyd

2021-04-03 02:11 – 2021-04-03 02:11 – 000103424 _____ () [File not signed] C:UsersPCAppDataLocalTemp_MEI142162wx._html2.pyd

2021-04-03 02:11 – 2021-04-03 02:11 – 000916992 _____ () [File not signed] C:UsersPCAppDataLocalTemp_MEI142162wx._misc_.pyd

2021-04-03 02:11 – 2021-04-03 02:11 – 001039872 _____ () [File not signed] C:UsersPCAppDataLocalTemp_MEI142162wx._windows_.pyd

2021-03-31 23:44 – 2021-03-31 23:44 – 000059392 _____ (by nICO ([email protected]) – 2004. Modified by TranslucentTB devs) [File not signed] C:Program FilesWindowsApps28017CharlesMilette.TranslucentTB_9.0.0.0_x86__v826wp6bftszjTranslucentTBCPicker.dll

2021-04-03 02:11 – 2021-04-03 02:11 – 003043328 _____ (Python Software Foundation) [File not signed] C:UsersPCAppDataLocalTemp_MEI142162python27.dll

2018-04-06 14:29 – 2018-04-06 14:29 – 002286747 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:Program FilesLogitech Gaming SoftwareLIBEAY32.dll

2018-04-06 14:29 – 2018-04-06 14:29 – 000416627 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:Program FilesLogitech Gaming Softwaressleay32.dll

2021-04-03 02:11 – 2021-04-03 02:11 – 000202240 _____ (wxWidgets development team) [File not signed] C:UsersPCAppDataLocalTemp_MEI142162wxbase30u_net_vc90_x64.dll

2021-04-03 02:11 – 2021-04-03 02:11 – 002831872 _____ (wxWidgets development team) [File not signed] C:UsersPCAppDataLocalTemp_MEI142162wxbase30u_vc90_x64.dll

2021-04-03 02:11 – 2021-04-03 02:11 – 001654784 _____ (wxWidgets development team) [File not signed] C:UsersPCAppDataLocalTemp_MEI142162wxmsw30u_adv_vc90_x64.dll

2021-04-03 02:11 – 2021-04-03 02:11 – 006542336 _____ (wxWidgets development team) [File not signed] C:UsersPCAppDataLocalTemp_MEI142162wxmsw30u_core_vc90_x64.dll

2021-04-03 02:11 – 2021-04-03 02:11 – 000773632 _____ (wxWidgets development team) [File not signed] C:UsersPCAppDataLocalTemp_MEI142162wxmsw30u_html_vc90_x64.dll

2021-04-03 02:11 – 2021-04-03 02:11 – 000137216 _____ (wxWidgets development team) [File not signed] C:UsersPCAppDataLocalTemp_MEI142162wxmsw30u_webview_vc90_x64.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLMSYSTEMCurrentControlSetControlSafeBootMinimalaswSP.sys => ""="Driver"

HKLMSYSTEMCurrentControlSetControlSafeBootMinimalMBAMService => ""="Service"

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkaswSP.sys => ""="Driver"

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkMBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Skype for Business Browser Helper -> 31D09BA0-12F5-4CCE-BE8A-2923E76605DA -> C:Program Files (x86)Microsoft OfficerootVFSProgramFilesX64Microsoft OfficeOffice16OCHelper.dll [2021-03-19] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: mso-minsb-roaming.16 – 83C25742-A9F7-49FB-9138-434302C88D07 – C:Program Files (x86)Microsoft OfficerootOffice16MSOSB.DLL [2021-03-19] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: mso-minsb.16 – 42089D2D-912D-4018-9087-2B87803E93FB – C:Program Files (x86)Microsoft OfficerootOffice16MSOSB.DLL [2021-03-19] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: osf-roaming.16 – 42089D2D-912D-4018-9087-2B87803E93FB – C:Program Files (x86)Microsoft OfficerootOffice16MSOSB.DLL [2021-03-19] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: osf.16 – 5504BE45-A83B-4808-900A-3A5C36E7F77A – C:Program Files (x86)Microsoft OfficerootOffice16MSOSB.DLL [2021-03-19] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 00:49 – 2019-03-19 00:49 – 000000824 _____ C:Windowssystem32driversetchosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKUS-1-5-21-2018598786-54766760-3354375963-1001Control PanelDesktop\Wallpaper -> c:userspcpictureswallpaperscyberpunk wallpaper.jpg

DNS Servers: 192.168.0.1 – 24.200.241.37

HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorer => (SmartScreenEnabled: )

Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM…StartupApprovedRun: => "Logitech Download Assistant"

HKLM…StartupApprovedRun: => "Wondershare Helper Compact.exe"

HKLM…StartupApprovedRun32: => "Wondershare Helper Compact.exe"

HKUS-1-5-21-2018598786-54766760-3354375963-1001…StartupApprovedRun: => "OneDrive"

HKUS-1-5-21-2018598786-54766760-3354375963-1001…StartupApprovedRun: => "Discord"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [5A3B9521-817C-4AF6-9DB0-AA0ADE066C43] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [86F5972A-F372-487B-89A2-7460FEDC9EB2] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [1BA0CD1A-220B-4E9B-885B-9F0B90329926] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [68A57E2B-FDB8-4D61-A06A-A256F713CA03] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [E1DB6D51-BCC1-4028-888E-C224438BA665] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [A4B9A086-9584-49D3-93F2-232D6C43FE90] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [4C5C10AF-4C60-431E-A797-49D9910032C1] => (Allow) C:Program Files (x86)Microsoft OfficerootOffice16outlook.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [C4CAF52D-E1E7-4BF9-BA0E-3B6F8BAB80C1] => (Allow) C:Program FilesMozilla Firefoxfirefox.exe (Mozilla Corporation -> Mozilla Corporation)

FirewallRules: [21B63EB0-1B1F-4EB0-99F5-B6B338029EE8] => (Allow) C:Program FilesMozilla Firefoxfirefox.exe (Mozilla Corporation -> Mozilla Corporation)

FirewallRules: [3586F12F-EA11-47EE-820F-473D25DF8A9C] => (Allow) C:ProgramDataLogishrdLogiOptionsSoftwareCurrentLogiOptionsMgr.EXE (Logitech Inc -> Logitech, Inc.)

FirewallRules: [E7EE44BC-0AF8-4F24-9E84-D24A974B2C74] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [629B1F2B-B5C9-41ED-8771-F053153D177A] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [BD240DFC-7A69-47F2-A30D-4B4B7B342B5D] => (Allow) C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [43BA491C-14C3-4D32-A788-F10BF13C96AF] => (Allow) C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [TCP Query UserB22A7A11-BF2E-499C-BC56-ABA67DDD8D8EC:userspcappdatalocalprogramsblitzblitz.exe] => (Allow) C:userspcappdatalocalprogramsblitzblitz.exe (Swift Media Entertainment, Inc. -> Blitz, Inc.)

FirewallRules: [UDP Query UserC1DBF24A-4A3A-4B1B-9A0E-22E6EE523327C:userspcappdatalocalprogramsblitzblitz.exe] => (Allow) C:userspcappdatalocalprogramsblitzblitz.exe (Swift Media Entertainment, Inc. -> Blitz, Inc.)

FirewallRules: [7A910F17-DACD-45C7-A88F-4ED8028C5BD3] => (Allow) C:UsersPCAppDataRoamingZoombinZoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

FirewallRules: [4868E76A-8BC8-4E7E-AB9B-B682104DF54E] => (Allow) C:UsersPCAppDataRoamingZoombinairhost.exe => No File

FirewallRules: [8875A234-D529-4916-BA98-C9D209366088] => (Allow) C:UsersPCAppDataRoamingZoombinairhost.exe => No File

FirewallRules: [4F90B98B-784B-4684-9BA1-B017164BAD2D] => (Allow) C:Program Files (x86)TeamViewerTeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

FirewallRules: [B3953812-1AED-4877-9DE9-7179E5C6764A] => (Allow) C:Program Files (x86)TeamViewerTeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

FirewallRules: [8D9CF6B5-0522-42BA-A086-933A64369559] => (Allow) C:Program Files (x86)TeamViewerTeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

FirewallRules: [AB881B1D-1CB1-462F-B672-69273FA5E35A] => (Allow) C:Program Files (x86)TeamViewerTeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

FirewallRules: [TCP Query User2E116DC7-FDF0-4D7A-9F73-3F7AAA70E478C:program fileslogitech gaming softwarelcore.exe] => (Allow) C:program fileslogitech gaming softwarelcore.exe (Logitech Inc -> Logitech Inc.)

FirewallRules: [UDP Query UserB44F273D-A693-43E1-918C-BC54682B0584C:program fileslogitech gaming softwarelcore.exe] => (Allow) C:program fileslogitech gaming softwarelcore.exe (Logitech Inc -> Logitech Inc.)

FirewallRules: [3229E59F-5A9D-4828-95CE-B5C520C6B999] => (Block) C:program fileslogitech gaming softwarelcore.exe (Logitech Inc -> Logitech Inc.)

FirewallRules: [AD138A06-B154-4EE0-810C-D6414D3C4DEF] => (Block) C:program fileslogitech gaming softwarelcore.exe (Logitech Inc -> Logitech Inc.)

FirewallRules: [2D3A9FEA-96D7-4016-BF94-873415D02744] => (Allow) C:Program FilesGoogleChromeApplicationchrome.exe (Google LLC -> Google LLC)

FirewallRules: [C3EF80B6-D0AD-45C8-9FB5-7D82FA78DA05] => (Allow) LPort=32682

FirewallRules: [2E09CF1A-82D2-428D-8960-92323F3447FB] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [B6B6A146-E7B4-44D2-8F88-0E284E1BA0FB] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [38AF17A2-0972-456A-B691-B2C944DA7889] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [B238F5D2-7F93-49EC-917D-7FCB7F1D0D17] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [5DC0F001-4C46-4DBB-90F0-A634BD776AAD] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [F243E053-D3BC-44E3-82D0-341F20797C7B] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [A2B6E640-62E3-4AF2-9931-E7A4321BF987] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [3189BC68-40DC-4427-BBC4-8595CFF248E9] => (Allow) C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0Spotify.exe (Spotify AB -> Spotify Ltd)

==================== Restore Points =========================

01-04-2021 13:44:09 Scheduled Checkpoint

02-04-2021 20:47:54 Installed Local Cooling Setup

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:

==================

Error: (04/01/2021 02:04:04 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: The program svchost.exe version 10.0.18362.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: c9c

Start Time: 01d7271d19ba543f

Termination Time: 0

Application Path: C:WindowsSystem32svchost.exe

Report Id: a6630285-df40-4493-a842-16bc8406737f

Faulting package full name:

Faulting package-relative application ID:

Hang type: Cross-thread

Error: (04/01/2021 02:00:30 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: The program svchost.exe version 10.0.18362.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: c9c

Start Time: 01d7271d19ba543f

Termination Time: 4294967295

Application Path: C:WindowsSystem32svchost.exe

Report Id: 6a0d4c47-a04b-4380-a2f5-dde496bc7579

Faulting package full name:

Faulting package-relative application ID:

Hang type: Cross-process

Error: (03/31/2021 11:49:34 PM) (Source: VSS) (EventID: 13) (User: )

Description: Volume Shadow Copy Service information: The COM Server with CLSID 4e14fba2-2e22-11d1-9964-00c04fbbb345 and name CEventSystem cannot be started.[0x8007045bAsystemshutdownisinprogress[0x8007045bAsystemshutdownisinprogress[0x8007045bAsystemshutdownisinprogress[0x8007045bAsystemshutdownisinprogress

]

Error: (03/31/2021 11:49:33 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1512) (User: NT AUTHORITY)

Description: Windows cannot unload your registry file. The memory used by the registry has not been freed. This problem is often caused by services running as a user account. Try configuring services to run in either the LocalService or NetworkService account.

DETAIL – Access is denied.

Error: (03/31/2021 11:49:33 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1512) (User: NT AUTHORITY)

Description: Windows cannot unload your registry file. The memory used by the registry has not been freed. This problem is often caused by services running as a user account. Try configuring services to run in either the LocalService or NetworkService account.

DETAIL – Access is denied.

Error: (03/31/2021 04:43:49 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: SearchUI.exe, version: 10.0.18362.1350, time stamp: 0x60027f4d

Faulting module name: dcomp.dll, version: 10.0.18362.1411, time stamp: 0x0d34a06e

Exception code: 0xc0000005

Fault offset: 0x000000000000e1a2

Faulting process id: 0x1f1c

Faulting application start time: 0x01d72668720d285b

Faulting application path: C:WindowsSystemAppsMicrosoft.Windows.Cortana_cw5n1h2txyewySearchUI.exe

Faulting module path: C:WindowsSYSTEM32dcomp.dll

Report Id: 64d09e1b-591f-42e1-a434-f8943d212656

Faulting package full name: Microsoft.Windows.Cortana_1.13.0.18362_neutral_neutral_cw5n1h2txyewy

Faulting package-relative application ID: CortanaUI

Error: (03/31/2021 03:51:48 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )

Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:

AddLegacyDriverFiles: Unable to back up image of binary NTIOLib_CC_COMM.

System Error:

The system cannot find the file specified.

.

Error: (03/31/2021 03:39:24 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )

Description: License Activation (slui.exe) failed with the following error code:

hr=0xC004E028

Command-line arguments:

RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=30d469c6-a78f-4476-b5c8-af78d5b6a5fb;NotificationInterval=1440;Trigger=TimerEvent

System errors:

=============

Error: (04/03/2021 02:11:21 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-OTUPJS9)

Description: The server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.

Error: (04/03/2021 02:10:29 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-OTUPJS9)

Description: The server 2593F8B9-4EAF-457C-B68A-50F6B8EA6B54 did not register with DCOM within the required timeout.

Error: (04/03/2021 02:10:29 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-OTUPJS9)

Description: The server 2593F8B9-4EAF-457C-B68A-50F6B8EA6B54 did not register with DCOM within the required timeout.

Error: (04/03/2021 02:10:29 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-OTUPJS9)

Description: The server 2593F8B9-4EAF-457C-B68A-50F6B8EA6B54 did not register with DCOM within the required timeout.

Error: (04/03/2021 02:10:29 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-OTUPJS9)

Description: The server 2593F8B9-4EAF-457C-B68A-50F6B8EA6B54 did not register with DCOM within the required timeout.

Error: (04/03/2021 02:10:29 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-OTUPJS9)

Description: The server 2593F8B9-4EAF-457C-B68A-50F6B8EA6B54 did not register with DCOM within the required timeout.

Error: (04/03/2021 02:10:29 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-OTUPJS9)

Description: The server 2593F8B9-4EAF-457C-B68A-50F6B8EA6B54 did not register with DCOM within the required timeout.

Error: (04/03/2021 02:10:29 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-OTUPJS9)

Description: The server 2593F8B9-4EAF-457C-B68A-50F6B8EA6B54 did not register with DCOM within the required timeout.

Windows Defender:

================

Date: 2021-03-30 23:24:55.644

Description:

Windows Defender Antivirus scan has been stopped before completion.

Scan Type: Antimalware

Scan Parameters: Quick Scan

Date: 2021-03-28 21:32:37.635

Description:

Windows Defender Antivirus scan has been stopped before completion.

Scan Type: Antimalware

Scan Parameters: Quick Scan

Date: 2021-03-28 15:52:11.896

Description:

Windows Defender Antivirus scan has been stopped before completion.

Scan Type: Antimalware

Scan Parameters: Quick Scan

Date: 2021-03-25 23:43:27.280

Description:

Windows Defender Antivirus scan has been stopped before completion.

Scan Type: Antimalware

Scan Parameters: Quick Scan

Date: 2021-03-22 22:30:12.132

Description:

Windows Defender Antivirus scan has been stopped before completion.

Scan Type: Antimalware

Scan Parameters: Quick Scan

Date: 2021-03-31 15:45:07.998

Description:

Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.

Feature: On Access

Error Code: 0x8007043c

Error description: This service cannot be started in Safe Mode

Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 1.30 09/07/2020

Motherboard: Micro-Star International Co., Ltd. MAG X570 TOMAHAWK WIFI (MS-7C84)

Processor: AMD Ryzen 9 3900XT 12-Core Processor

Percentage of memory in use: 16%

Total physical RAM: 65457.07 MB

Available physical RAM: 54813.06 MB

Total Virtual: 75185.07 MB

Available Virtual: 61451.33 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.88 GB) (Free:704.27 GB) NTFS

\?Volume7c5349d2-6c4c-4722-8265-2fcf6aca4a93 (Recovery) (Fixed) (Total:0.52 GB) (Free:0.09 GB) NTFS

\?Volumecc61554a-2fc3-41a3-b1b7-cec5dd8b239f () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================

Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

exe file 1.jpeg
exe file 2.jpeg
exe file 3 show details.jpeg
temp files malware.PNG
temp files malware cant delete.PNG

Commentaires

Laisser un commentaire

Votre commentaire sera révisé par les administrateurs si besoin.