Infected with svchost, spoolsv and explorer exe virus

So Farrare

whenever I delete this malware in safe mode using cmd and regedit, it always came back after the next restart.   Malwarebytes is not helpful at all. I also did reinstall windows and choosing keep all my files and this virus keeps on running after every restart.   C:WindowsResourcesThemes –> […]

whenever I delete this malware in safe mode using cmd and regedit, it always came back after the next restart.

 

Malwarebytes is not helpful at all. I also did reinstall windows and choosing keep all my files

and this virus keeps on running after every restart.

 

C:WindowsResourcesThemes –> explorer.exe, (icsys.icn.exe – I don’t know if this one is also a virus. Its copying the icon of the latest software I installed.)

C:WindowsResources  –> spoolsv.exe and svchost.exe

 

HKLMSoftwareMicrosoftWindowsCurrentVersionRun

HKLMSoftwareMicrosoftWindowsCurrentVersionRun

HKCUSoftwareMicrosoftWindowsCurrentVersionRunOnce

 

———————————————————————————————————————————-

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19-05-2021

Ran by MeepMerp (administrator) on MEEPMERP (Gigabyte Technology Co., Ltd. X570 AORUS ULTRA) (21-05-2021 05:35:42)

Running from c:UsersMeepMerpDesktop

Loaded Profiles: MeepMerp

Platform: Windows 10 Pro Version 2004 19041.985 (X64) Language: English (United States)

Default browser: Brave

Boot Mode: Normal

 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

() [File not signed] C:WindowsResourcessvchost.exe

() [File not signed] C:WindowsResourcesThemesexplorer.exe

(Brave Software, Inc. -> Brave Software, Inc.) C:Program FilesBraveSoftwareBrave-BrowserApplicationbrave.exe <23>

(Discord Inc. -> Discord Inc.) C:UsersMeepMerpAppDataLocalDiscordapp-1.0.9001Discord.exe <6>

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32dllhost.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32rundll32.exe <2>

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32wlanext.exe

(Microsoft Windows Publisher -> Microsoft Corporation) C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2104.14-0MsMpEng.exe

(Microsoft Windows Publisher -> Microsoft Corporation) C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2104.14-0NisSrv.exe

(MICRO-STAR INTERNATIONAL CO., LTD. -> ) C:Program Files (x86)MSI AfterburnerMSIAfterburner.exe

(NVIDIA Corporation -> Node.js) C:Program Files (x86)NVIDIA CorporationNvNodeNVIDIA Web Helper.exe

(NVIDIA Corporation -> NVIDIA Corporation) C:Program FilesNVIDIA CorporationNvBroadcast.NvContainerNvBroadcast.Container.exe <2>

(NVIDIA Corporation -> NVIDIA Corporation) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe <3>

(NVIDIA Corporation -> NVIDIA Corporation) C:Program FilesNVIDIA CorporationNVIDIA BroadcastNVIDIA Broadcast.exe

(NVIDIA Corporation -> NVIDIA Corporation) C:Program FilesNVIDIA CorporationNVIDIA BroadcastNvVirtualCameraNVIDIA Virtual Camera.exe

(NVIDIA Corporation -> NVIDIA Corporation) C:Program FilesNVIDIA CorporationNVIDIA GeForce ExperienceNVIDIA Share.exe <3>

(NVIDIA Corporation -> NVIDIA Corporation) C:Program FilesNVIDIA CorporationShadowPlaynvsphelper64.exe

(NVIDIA Corporation -> NVIDIA Corporation) C:WindowsSystem32DriverStoreFileRepositorynv_dispi.inf_amd64_d71d3f5ea7618cbbDisplay.NvContainerNVDisplay.Container.exe <2>

(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:WindowsSystem32DriverStoreFileRepositoryrealtekservice.inf_amd64_7b66b6662cf6d72bRtkAudUService64.exe <2>

(Riot Games, Inc. -> Riot Games, Inc.) C:Program FilesRiot Vanguardvgtray.exe

(Tonec Inc. -> Internet Download Manager, Tonec Inc.) C:Program Files (x86)Internet Download ManagerIDMIntegrator64.exe

(Tonec Inc. -> Tonec Inc.) C:Program Files (x86)Internet Download ManagerIEMonitor.exe

(Tonec Inc.) [File not signed] C:Program Files (x86)Internet Download ManagerIDMan.exe

(Vincent Burel -> VB-AUDIO Software) C:Program Files (x86)VBVoicemeetervoicemeeter.exe 

 

==================== Registry (Whitelisted) ===================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM…Run: [RtkAudUService] => C:WINDOWSSystem32DriverStoreFileRepositoryrealtekservice.inf_amd64_7b66b6662cf6d72bRtkAudUService64.exe [1220312 2021-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)

HKLM…Run: [Riot Vanguard] => C:Program FilesRiot Vanguardvgtray.exe [564096 2021-05-05] (Riot Games, Inc. -> Riot Games, Inc.)

HKLM-x32…RunOnce: [Explorer] => c:windowsresourcesthemesexplorer.exe RO <==== ATTENTION

HKLM-x32…RunOnce: [Svchost] => c:windowsresourcessvchost.exe [138488 2021-05-20] () [File not signed] <==== ATTENTION

HKUS-1-5-21-185054945-3502447639-2721202950-1001 DisallowedCertificates: 90404C8CCE68BEA6729A204A85E9E6C6CC7FD59F (U)

HKUS-1-5-21-185054945-3502447639-2721202950-1001…Run: [IDMan] => C:Program Files (x86)Internet Download ManagerIDMan.exe [5445120 2020-08-02] (Tonec Inc.) [File not signed]

HKUS-1-5-21-185054945-3502447639-2721202950-1001…Run: [Discord] => C:UsersMeepMerpAppDataLocalDiscordUpdate.exe [1512040 2021-03-18] (Discord Inc. -> GitHub)

HKLMSoftwareMicrosoftActive SetupInstalled Components: [AFE6A462-C574-4B8A-AF43-4CC60DF4563B] -> C:Program FilesBraveSoftwareBrave-BrowserApplication90.1.24.85Installerchrmstp.exe [2021-05-20] (Brave Software, Inc. -> Brave Software, Inc.)

Startup: C:UsersMeepMerpAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupVoicemeeter (VB-Audio).LNK [2021-05-20]

ShortcutTarget: Voicemeeter (VB-Audio).LNK -> C:Program Files (x86)VBVoicemeetervoicemeeter.exe  (Vincent Burel -> VB-AUDIO Software)

 

==================== Scheduled Tasks (Whitelisted) ============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

Task: 13FCA777-9ED3-4C84-BB56-5F970B52C2FB – System32TasksNvDriverUpdateCheckDaily_B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe [874472 2020-09-29] (NVIDIA Corporation -> NVIDIA Corporation) -> -d “C:Program FilesNVIDIA CorporationNvDriverUpdateCheck” -l 3 -f C:ProgramDataNVIDIANvContainerDriverUpdateCheck.log

Task: 170493E9-4979-4141-A9C3-273C5EBE1B8C – System32TasksNvProfileUpdaterDaily_B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C:Program FilesNVIDIA CorporationUpdate CoreNvProfileUpdater64.exe [905584 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)

Task: 25881C76-20EB-478A-8A52-8C5CFA35CB75 – System32TasksNvBroadcast_B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C:Program FilesNVIDIA CorporationNVIDIA BroadcastNVIDIA Broadcast.exe [9214320 2021-04-30] (NVIDIA Corporation -> NVIDIA Corporation)

Task: 36271663-E76A-40E3-8BD2-A3FBB431470C – System32TasksMSIAfterburner => C:Program Files (x86)MSI AfterburnerMSIAfterburner.exe [792120 2021-05-13] (MICRO-STAR INTERNATIONAL CO., LTD. -> )

Task: 531D8941-9524-4CBC-87B4-98334CB9E727 – System32TasksNvBatteryBoostCheckOnLogon_B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe [874472 2020-09-29] (NVIDIA Corporation -> NVIDIA Corporation) -> -d “C:Program FilesNVIDIA CorporationNvBackendNvBatteryBoostCheck” -l 3 -f C:ProgramDataNVIDIANvContainerBatteryBoostCheck.log

Task: 6982E073-488D-46FB-9833-4CCE3ED6D9DB – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Verification => C:ProgramDataMicrosoftWindows Defenderplatform4.18.2104.14-0MpCmdRun.exe [595288 2021-05-20] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: 7539240C-D8E6-4927-BD96-F36036B86A09 – System32TasksNvTmRep_CrashReport1_B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C:Program FilesNVIDIA CorporationNvBackendNvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)

Task: 812A1CA5-E312-4FB5-9DD1-D57CED44253D – System32TasksNvTmRep_CrashReport2_B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C:Program FilesNVIDIA CorporationNvBackendNvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)

Task: 867143DC-2A84-4B1F-B8F3-B27796CCB709 – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Cache Maintenance => C:ProgramDataMicrosoftWindows Defenderplatform4.18.2104.14-0MpCmdRun.exe [595288 2021-05-20] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: 9427F1E5-B61B-449A-BEE9-E992C515D2F6 – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Scheduled Scan => C:ProgramDataMicrosoftWindows Defenderplatform4.18.2104.14-0MpCmdRun.exe [595288 2021-05-20] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: 9C426FA5-6D37-4BBD-A895-A91EBADC1E9F – System32TasksNVIDIA GeForce Experience SelfUpdate_B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C:Program FilesNVIDIA CorporationNVIDIA GeForce ExperienceNVIDIA GeForce Experience.exe [3336560 2021-04-08] (NVIDIA Corporation -> NVIDIA Corporation)

Task: 9C61DC3C-364F-477D-BD29-F3EAE813A675 – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Cleanup => C:ProgramDataMicrosoftWindows Defenderplatform4.18.2104.14-0MpCmdRun.exe [595288 2021-05-20] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: 9F3EAABA-E45B-4EB6-9DE5-1E26364C8485 – System32TasksNvNodeLauncher_B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C:Program Files (x86)NVIDIA CorporationNvNodenvnodejslauncher.exe [645488 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)

Task: A4BA79E4-8C1F-47C5-809F-847C0154AEE0 – System32TasksBraveSoftwareUpdateTaskMachineUA => C:Program Files (x86)BraveSoftwareUpdateBraveUpdate.exe [162400 2021-05-20] (Brave Software, Inc. -> BraveSoftware Inc.)

Task: AFA2F36B-220D-4A51-8B46-1378EE5E8B57 – System32TasksNvTmRep_CrashReport3_B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C:Program FilesNVIDIA CorporationNvBackendNvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)

Task: B8711EEE-0024-4AA1-8577-A538904248EA – System32TasksNvProfileUpdaterOnLogon_B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C:Program FilesNVIDIA CorporationUpdate CoreNvProfileUpdater64.exe [905584 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)

Task: E2939005-ED43-475D-A4A6-9F1B14753891 – System32TasksBraveSoftwareUpdateTaskMachineCore => C:Program Files (x86)BraveSoftwareUpdateBraveUpdate.exe [162400 2021-05-20] (Brave Software, Inc. -> BraveSoftware Inc.)

Task: F5BDA3DC-2B27-463D-8389-AE15121907E5 – System32TasksNvTmRep_CrashReport4_B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C:Program FilesNVIDIA CorporationNvBackendNvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)

 

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

 

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

TcpipParameters: [DhcpNameServer] 192.168.254.254

Tcpip..Interfacesea4b4955-f4dd-40df-8c9a-1db0d8175cf1: [DhcpNameServer] 192.168.254.254

 

Edge: 

=======

Edge DefaultProfile: Default

Edge Profile: C:UsersMeepMerpAppDataLocalMicrosoftEdgeUser DataDefault [2021-05-20]

Edge Extension: (IDM Integration Module) – C:UsersMeepMerpAppDataLocalMicrosoftEdgeUser DataDefaultExtensionsllbjbkhnmlidjebalopleeepgdfgcpec [2021-05-20]

Edge HKUS-1-5-21-185054945-3502447639-2721202950-1001SOFTWAREMicrosoftEdgeExtensions…EdgeExtension: [llbjbkhnmlidjebalopleeepgdfgcpec] – C:Program Files (x86)Internet Download ManagerIDMEdgeExt.crx [2020-08-02]

 

FireFox:

========

FF HKUS-1-5-21-185054945-3502447639-2721202950-1001…SeaMonkeyExtensions: [[email protected]] – C:UsersMeepMerpAppDataRoamingIDMidmmzcc5

FF Extension: (IDM CC) – C:UsersMeepMerpAppDataRoamingIDMidmmzcc5 [2021-05-20] [Legacy] [not signed]

FF HKUS-1-5-21-185054945-3502447639-2721202950-1001…SeaMonkeyExtensions: [[email protected]] – C:Program Files (x86)Internet Download Manageridmmzcc2.xpi

FF Extension: (IDM integration) – C:Program Files (x86)Internet Download Manageridmmzcc2.xpi [2017-12-20] [Legacy]

 

Chrome: 

=======

CHR HKLM…ChromeExtension: [ngpampappnmepgilojfohadhhmbhlaek] – C:Program Files (x86)Internet Download ManagerIDMGCExt.crx [2020-08-02]

CHR HKLM-x32…ChromeExtension: [ngpampappnmepgilojfohadhhmbhlaek] – C:Program Files (x86)Internet Download ManagerIDMGCExt.crx [2020-08-02]

 

Brave: 

=======

BRA Profile: C:UsersMeepMerpAppDataLocalBraveSoftwareBrave-BrowserUser DataDefault [2021-05-21]

BRA Extension: (IDM Integration Module) – C:UsersMeepMerpAppDataLocalBraveSoftwareBrave-BrowserUser DataDefaultExtensionsngpampappnmepgilojfohadhhmbhlaek [2021-05-20]

BRA Extension: (Brave Local Data Files Updater) – C:UsersMeepMerpAppDataLocalBraveSoftwareBrave-BrowserUser Dataafalakplffnnnlkncjhbmahjfjhmlkal [2021-05-20]

BRA Extension: (Brave Ad Block Updater (Default)) – C:UsersMeepMerpAppDataLocalBraveSoftwareBrave-BrowserUser Datacffkpbalmllkdoenhmdmpbkajipdjfam [2021-05-20]

BRA Extension: (Brave NTP sponsored images) – C:UsersMeepMerpAppDataLocalBraveSoftwareBrave-BrowserUser Datagccbbckogglekeggclmmekihdgdpdgoe [2021-05-20]

BRA Extension: (Brave SpeedReader Updater) – C:UsersMeepMerpAppDataLocalBraveSoftwareBrave-BrowserUser Datajicbkmdloagakknpihibphagfckhjdih [2021-05-20]

BRA Extension: (Brave HTTPS Everywhere Updater) – C:UsersMeepMerpAppDataLocalBraveSoftwareBrave-BrowserUser Dataoofiananboodjbbmdelgdommihjbkfag [2021-05-20]

 

==================== Services (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

S2 brave; C:Program Files (x86)BraveSoftwareUpdateBraveUpdate.exe [162400 2021-05-20] (Brave Software, Inc. -> BraveSoftware Inc.)

S3 bravem; C:Program Files (x86)BraveSoftwareUpdateBraveUpdate.exe [162400 2021-05-20] (Brave Software, Inc. -> BraveSoftware Inc.)

S3 FvSvc; C:Program FilesNVIDIA CorporationFrameViewSDKnvfvsdksvc_x64.exe [409456 2021-03-30] (NVIDIA Corporation -> NVIDIA)

R2 NvBroadcast.ContainerLocalSystem; C:Program FilesNVIDIA CorporationNvBroadcast.NvContainerNvBroadcast.Container.exe [873272 2021-02-11] (NVIDIA Corporation -> NVIDIA Corporation)

R2 RtkAudioUniversalService; C:WINDOWSSystem32DriverStoreFileRepositoryrealtekservice.inf_amd64_7b66b6662cf6d72bRtkAudUService64.exe [1220312 2021-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)

S3 Sense; C:Program FilesWindows Defender Advanced Threat ProtectionMsSense.exe [5393288 2021-05-14] (Microsoft Windows Publisher -> Microsoft Corporation)

S3 vgc; C:Program FilesRiot Vanguardvgc.exe [10316656 2021-05-05] (Riot Games, Inc. -> Riot Games, Inc.)

R3 WdNisSvc; C:ProgramDataMicrosoftWindows Defenderplatform4.18.2104.14-0NisSrv.exe [2599328 2021-05-20] (Microsoft Windows Publisher -> Microsoft Corporation)

R2 WinDefend; C:ProgramDataMicrosoftWindows Defenderplatform4.18.2104.14-0MsMpEng.exe [128376 2021-05-20] (Microsoft Windows Publisher -> Microsoft Corporation)

R2 NVDisplay.ContainerLocalSystem; C:WINDOWSSystem32DriverStoreFileRepositorynv_dispi.inf_amd64_d71d3f5ea7618cbbDisplay.NvContainerNVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%NVIDIANVDisplay.ContainerLocalSystem.log -l 3 -d C:WINDOWSSystem32DriverStoreFileRepositorynv_dispi.inf_amd64_d71d3f5ea7618cbbDisplay.NvContainerpluginsLocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystemLocalSystem

 

===================== Drivers (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

S3 AmdTools64; C:WINDOWSSystem32driversAmdTools64.sys [58216 2018-03-23] (Advanced Micro Devices Inc. -> Advanced Micro Devices)

S3 AppleKmdfFilter; C:WINDOWSSystem32driversAppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)

S3 AppleLowerFilter; C:WINDOWSSystem32driversAppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)

S3 CorsairVBusDriver; C:WINDOWSSystem32driversCorsairVBusDriver.sys [45984 2021-01-11] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)

S3 CorsairVHidDriver; C:WINDOWSSystem32driversCorsairVHidDriver.sys [21920 2021-01-11] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)

S3 dg_ssudbus; C:WINDOWSSystem32driversssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)

R3 MpKsl19ebd187; C:ProgramDataMicrosoftWindows DefenderDefinition UpdatesF665A12C-A721-456C-A9D4-460B2A6106F9MpKslDrv.sys [47336 2021-05-21] (Microsoft Windows -> Microsoft Corporation)

S3 NDivert; C:WINDOWSSystem32driversNDivert.sys [105184 2021-02-01] (TEFINCOM S.A. -> )

R3 RTCore64; C:Program Files (x86)MSI AfterburnerRTCore64.sys [36824 2020-07-14] (MICRO-STAR INTERNATIONAL CO., LTD. -> )

R3 RtkUsbAD; C:WINDOWSsystem32driversRtUsbA64.213.sys [409888 2020-07-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)

R3 RzCommon; C:WINDOWSSystem32driversRzCommon.sys [54632 2021-03-31] (Razer USA Ltd. -> Razer Inc)

S3 RzDev_0061; C:WINDOWSSystem32driversRzDev_0061.sys [56200 2020-08-24] (Razer USA Ltd. -> Razer Inc)

S3 RzDev_0062; C:WINDOWSSystem32driversRzDev_0062.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc)

S3 RzDev_006c; C:WINDOWSSystem32driversRzDev_006c.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc)

R3 RzDev_008a; C:WINDOWSSystem32driversRzDev_008a.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc)

S3 RzDev_0221; C:WINDOWSSystem32driversRzDev_0221.sys [54168 2020-08-24] (Razer USA Ltd. -> Razer Inc)

R3 RzDev_0243; C:WINDOWSSystem32driversRzDev_0243.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc)

S3 RzDev_0306; C:WINDOWSSystem32driversRzDev_0306.sys [54168 2020-08-24] (Razer USA Ltd. -> Razer Inc)

S3 RzDev_0517; C:WINDOWSSystem32driversRzDev_0517.sys [54168 2020-08-24] (Razer USA Ltd. -> Razer Inc)

S3 RzDev_0520; C:WINDOWSSystem32driversRzDev_0520.sys [53144 2020-08-24] (Razer USA Ltd. -> Razer Inc)

S3 RzDev_0C00; C:WINDOWSSystem32driversRzDev_0C00.sys [54168 2020-08-24] (Razer USA Ltd. -> Razer Inc)

R3 RzDev_0c02; C:WINDOWSSystem32driversRzDev_0c02.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc)

R3 sRZVAD; C:WINDOWSSystem32driversRZSurround.sys [172208 2019-11-11] (Razer USA Ltd. -> Windows ® Win 7 DDK provider)

S3 ssudqcfilter; C:WINDOWSSystem32driversssudqcfilter.sys [64880 2020-11-11] (Samsung Electronics Co., Ltd. -> QUALCOMM Incorporated)

R3 sTHXVAD; C:WINDOWSSystem32driversTHXVAD.sys [162184 2019-09-17] (Razer USA Ltd. -> Windows ® Win 7 DDK provider)

R3 VBAudioVMVAIOMME; C:WINDOWSSystem32driversvbaudio_vmvaio64_win10.sys [71712 2020-12-13] (Vincent Burel -> Windows ® Win 7 DDK provider)

R1 vgk; C:Program FilesRiot Vanguardvgk.sys [8144352 2021-05-05] (Riot Games, Inc. -> Riot Games, Inc.)

S0 WdBoot; C:WINDOWSSystem32driverswdWdBoot.sys [49560 2021-05-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)

R0 WdFilter; C:WINDOWSSystem32driverswdWdFilter.sys [421112 2021-05-20] (Microsoft Windows -> Microsoft Corporation)

R3 WdNisDrv; C:WINDOWSSystem32driverswdWdNisDrv.sys [73960 2021-05-20] (Microsoft Windows -> Microsoft Corporation)

 

==================== NetSvcs (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

 

==================== One month (created) (Whitelisted) =========

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2021-05-21 13:01 – 2021-05-20 21:12 – 000000000 ____D C:WINDOWSPanther

2021-05-21 13:00 – 2021-05-21 13:00 – 000000000 ____D C:WINDOWSServiceProfiles

2021-05-21 13:00 – 2021-05-20 21:12 – 000000000 ____D C:Windows.old

2021-05-21 12:59 – 2021-05-21 12:59 – 000008192 _____ C:WINDOWSsystem32configuserdiff

2021-05-21 12:59 – 2021-05-20 21:12 – 000000000 ____D C:Program Files (x86)Razer

2021-05-21 12:58 – 2021-05-21 12:58 – 000000000 ____D C:WINDOWSSysWOW64winrm

2021-05-21 12:58 – 2021-05-21 12:58 – 000000000 ____D C:WINDOWSSysWOW64WCN

2021-05-21 12:58 – 2021-05-21 12:58 – 000000000 ____D C:WINDOWSSysWOW64sysprep

2021-05-21 12:58 – 2021-05-21 12:58 – 000000000 ____D C:WINDOWSSysWOW64slmgr

2021-05-21 12:58 – 2021-05-21 12:58 – 000000000 ____D C:WINDOWSSysWOW64Printing_Admin_Scripts

2021-05-21 12:58 – 2021-05-21 12:58 – 000000000 ____D C:WINDOWSSysWOW64MailContactsCalendarSync

2021-05-21 12:58 – 2021-05-21 12:58 – 000000000 ____D C:WINDOWSSysWOW64FxsTmp

2021-05-21 12:58 – 2021-05-21 12:58 – 000000000 ____D C:WINDOWSSysWOW64409

2021-05-21 12:58 – 2021-05-21 12:58 – 000000000 ____D C:WINDOWSsystem32winrm

2021-05-21 12:58 – 2021-05-21 12:58 – 000000000 ____D C:WINDOWSsystem32WCN

2021-05-21 12:58 – 2021-05-21 12:58 – 000000000 ____D C:WINDOWSsystem32slmgr

2021-05-21 12:58 – 2021-05-21 12:58 – 000000000 ____D C:WINDOWSsystem32Printing_Admin_Scripts

2021-05-21 12:58 – 2021-05-21 12:58 – 000000000 ____D C:WINDOWSsystem32OpenSSH

2021-05-21 12:58 – 2021-05-21 12:58 – 000000000 ____D C:WINDOWSsystem32MailContactsCalendarSync

2021-05-21 12:58 – 2021-05-21 12:58 – 000000000 ____D C:WINDOWSsystem32409

2021-05-21 12:58 – 2021-05-21 12:58 – 000000000 ____D C:WINDOWSSetup

2021-05-21 12:58 – 2021-05-21 12:58 – 000000000 ____D C:WINDOWSOCR

2021-05-21 12:58 – 2021-05-21 12:58 – 000000000 ____D C:WINDOWSDigitalLocker

2021-05-21 12:58 – 2021-05-21 12:58 – 000000000 ____D C:WINDOWSaddins

2021-05-21 12:58 – 2021-05-21 12:58 – 000000000 ____D C:ProgramDatassh

2021-05-21 12:58 – 2021-05-21 12:58 – 000000000 ____D C:Program FilesReference Assemblies

2021-05-21 12:58 – 2021-05-21 12:58 – 000000000 ____D C:Program FilesMSBuild

2021-05-21 12:58 – 2021-05-21 12:58 – 000000000 ____D C:Program Files (x86)Reference Assemblies

2021-05-21 12:58 – 2021-05-21 12:58 – 000000000 ____D C:Program Files (x86)MSBuild

2021-05-21 12:58 – 2021-05-20 21:12 – 000000000 ____D C:WINDOWSsystem32FxsTmp

2021-05-21 12:56 – 2021-05-21 13:01 – 000000000 ____D C:WINDOWSContainers

2021-05-21 12:56 – 2021-05-21 13:00 – 000028672 _____ C:WINDOWSsystem32configBCD-Template

2021-05-21 12:56 – 2021-05-21 13:00 – 000000000 __RHD C:UsersPublicLibraries

2021-05-21 12:56 – 2021-05-21 13:00 – 000000000 ____D C:WINDOWSsystem32WinBioDatabase

2021-05-21 12:56 – 2021-05-21 13:00 – 000000000 ____D C:WINDOWSCSC

2021-05-21 12:56 – 2021-05-21 12:58 – 000000000 ___SD C:WINDOWSSysWOW64F12

2021-05-21 12:56 – 2021-05-21 12:58 – 000000000 ___SD C:WINDOWSSysWOW64DiagSvcs

2021-05-21 12:56 – 2021-05-21 12:58 – 000000000 ___SD C:WINDOWSsystem32F12

2021-05-21 12:56 – 2021-05-21 12:58 – 000000000 ___SD C:WINDOWSsystem32dsc

2021-05-21 12:56 – 2021-05-21 12:58 – 000000000 ___SD C:WINDOWSsystem32DiagSvcs

2021-05-21 12:56 – 2021-05-21 12:58 – 000000000 ____D C:WINDOWSSysWOW64setup

2021-05-21 12:56 – 2021-05-21 12:58 – 000000000 ____D C:WINDOWSSysWOW64oobe

2021-05-21 12:56 – 2021-05-21 12:58 – 000000000 ____D C:WINDOWSSysWOW64MUI

2021-05-21 12:56 – 2021-05-21 12:58 – 000000000 ____D C:WINDOWSSysWOW64Dism

2021-05-21 12:56 – 2021-05-21 12:58 – 000000000 ____D C:WINDOWSSysWOW64Com

2021-05-21 12:56 – 2021-05-21 12:58 – 000000000 ____D C:WINDOWSSystemResources

2021-05-21 12:56 – 2021-05-21 12:58 – 000000000 ____D C:WINDOWSsystem32WinBioPlugIns

2021-05-21 12:56 – 2021-05-21 12:58 – 000000000 ____D C:WINDOWSsystem32SystemResetPlatform

2021-05-21 12:56 – 2021-05-21 12:58 – 000000000 ____D C:WINDOWSsystem32Sysprep

2021-05-21 12:56 – 2021-05-21 12:58 – 000000000 ____D C:WINDOWSsystem32setup

2021-05-21 12:56 – 2021-05-21 12:58 – 000000000 ____D C:WINDOWSsystem32PerceptionSimulation

2021-05-21 12:56 – 2021-05-21 12:58 – 000000000 ____D C:WINDOWSsystem32MUI

2021-05-21 12:56 – 2021-05-21 12:58 – 000000000 ____D C:WINDOWSsystem32migwiz

2021-05-21 12:56 – 2021-05-21 12:58 – 000000000 ____D C:WINDOWSsystem32Dism

2021-05-21 12:56 – 2021-05-21 12:58 – 000000000 ____D C:WINDOWSsystem32Com

2021-05-21 12:56 – 2021-05-21 12:58 – 000000000 ____D C:WINDOWSPolicyDefinitions

2021-05-21 12:56 – 2021-05-21 12:58 – 000000000 ____D C:WINDOWSIME

2021-05-21 12:56 – 2021-05-21 12:58 – 000000000 ____D C:WINDOWSHelp

2021-05-21 12:56 – 2021-05-21 12:58 – 000000000 ____D C:Program FilesWindows Photo Viewer

2021-05-21 12:56 – 2021-05-21 12:58 – 000000000 ____D C:Program FilesWindows NT

2021-05-21 12:56 – 2021-05-21 12:58 – 000000000 ____D C:Program FilesWindows Defender Advanced Threat Protection

2021-05-21 12:56 – 2021-05-21 12:58 – 000000000 ____D C:Program FilesCommon FilesSystem

2021-05-21 12:56 – 2021-05-21 12:58 – 000000000 ____D C:Program Files (x86)Windows Photo Viewer

2021-05-21 12:56 – 2021-05-21 12:58 – 000000000 ____D C:Program Files (x86)Windows NT

2021-05-21 12:56 – 2021-05-21 12:58 – 000000000 ____D C:Program Files (x86)Windows Defender

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 __SHD C:WINDOWSBitLockerDiscoveryVolumeContents

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 __SHD C:Program FilesWindows Sidebar

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 __SHD C:Program Files (x86)Windows Sidebar

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 __RSD C:WINDOWSMedia

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ___SD C:WINDOWSSysWOW64Nui

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ___SD C:WINDOWSSysWOW64Configuration

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ___SD C:WINDOWSsystem32UNP

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ___SD C:WINDOWSsystem32Nui

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ___SD C:WINDOWSsystem32Configuration

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ___SD C:WINDOWSsystem32AppV

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ___SD C:WINDOWSDownloaded Program Files

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ___RD C:WINDOWSOffline Web Pages

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ___HD C:WINDOWSLanguageOverlayCache

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ___HD C:WINDOWSELAMBKUP

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSWeb

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSWaaS

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSVss

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWStracing

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSTAPI

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSSysWOW64WinMetadata

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSSysWOW64SMI

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSSysWOW64ras

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSSysWOW64PerceptionSimulation

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSSysWOW64NDF

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSSysWOW64Msdtc

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSSysWOW64migwiz

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSSysWOW64Keywords

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSSysWOW64Ipmi

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSSysWOW64InputMethod

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSSysWOW64inetsrv

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSSysWOW64IME

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSSysWOW64icsxml

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSSysWOW64GroupPolicyUsers

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSSysWOW64GroupPolicy

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSSysWOW64downlevel

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSSysWOW64Bthprops

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSSysWOW64AppLocker

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSSysWOW64AdvancedInstallers

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSSystemApps

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSsystem32WinMetadata

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSsystem32winevt

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSsystem32ti-et

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSsystem32ta-lk

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSsystem32ta-in

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSsystem32si-lk

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSsystem32ShellExperiences

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSsystem32Sgrm

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSsystem32SecureBootUpdates

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSsystem32ras

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSsystem32ProximityToast

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSsystem32PointOfService

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSsystem32osa-Osge-001

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSsystem32NDF

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSsystem32my-mm

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSsystem32MsDtc

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSsystem32Keywords

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSsystem32Ipmi

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSsystem32InputMethod

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSsystem32inetsrv

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSsystem32IME

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSsystem32icsxml

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSsystem32ias

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSsystem32Hydrogen

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSsystem32GroupPolicyUsers

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSsystem32GroupPolicy

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSsystem32ff-Adlm-SN

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSsystem32DriverState

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSsystem32DriversDriverData

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSsystem32downlevel

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSsystem32DDFs

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSsystem32ContainerSettingsProviders

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSsystem32configTxR

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSsystem32configsystemprofile

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSsystem32configRegBack

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSsystem32configJournal

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSsystem32Bthprops

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSsystem32appraiser

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSsystem32AppLocker

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSsystem32am-et

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSsystem32AdvancedInstallers

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSSystem

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSSKB

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSShellExperiences

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSShellComponents

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSsecurity

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSschemas

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSSchCache

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSrescache

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSRemotePackages

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSRegistration

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSProvisioning

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSPLA

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSPerformance

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSModemLogs

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSLiveKernelReports

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSL2Schemas

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSInputMethod

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSIdentityCRL

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSGlobalization

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSGameBarPresenceWriter

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSDiagTrack

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSCursors

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSBranding

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSbcastdvr

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:ProgramDataWindowsHolographicDevices

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:ProgramDataUSOShared

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:Program FilesWindows Security

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:Program FilesWindows Portable Devices

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:Program FilesWindows Multimedia Platform

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:Program FilesModifiableWindowsApps

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:Program FilesCommon FilesServices

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:Program Files (x86)Windows Portable Devices

2021-05-21 12:56 – 2021-05-21 12:56 – 000000000 ____D C:Program Files (x86)Windows Multimedia Platform

2021-05-21 12:56 – 2021-05-21 12:55 – 000215943 _____ C:WINDOWSSysWOW64dssec.dat

2021-05-21 12:56 – 2021-05-21 12:55 – 000215943 _____ C:WINDOWSsystem32dssec.dat

2021-05-21 12:56 – 2021-05-21 12:55 – 000020908 _____ C:WINDOWSsystem32OEMDefaultAssociations.xml

2021-05-21 12:56 – 2021-05-21 12:55 – 000017635 _____ C:WINDOWSsystem32Driversetcservices

2021-05-21 12:56 – 2021-05-21 12:55 – 000003683 _____ C:WINDOWSsystem32Driversetclmhosts.sam

2021-05-21 12:56 – 2021-05-21 12:55 – 000003103 _____ C:WINDOWSSysWOW64mmc.exe.config

2021-05-21 12:56 – 2021-05-21 12:55 – 000003103 _____ C:WINDOWSsystem32mmc.exe.config

2021-05-21 12:56 – 2021-05-21 12:55 – 000001358 _____ C:WINDOWSsystem32Driversetcprotocol

2021-05-21 12:56 – 2021-05-21 12:55 – 000000858 _____ C:WINDOWSsystem32DefaultQuestions.json

2021-05-21 12:56 – 2021-05-21 12:55 – 000000741 _____ C:WINDOWSSysWOW64NOISE.DAT

2021-05-21 12:56 – 2021-05-21 12:55 – 000000741 _____ C:WINDOWSsystem32NOISE.DAT

2021-05-21 12:56 – 2021-05-21 12:55 – 000000407 _____ C:WINDOWSsystem32Driversetcnetworks

2021-05-21 12:56 – 2021-05-21 12:55 – 000000219 _____ C:WINDOWSsystem.ini

2021-05-21 12:56 – 2021-05-21 12:55 – 000000092 _____ C:WINDOWSwin.ini

2021-05-21 12:56 – 2021-05-21 05:32 – 000000000 ____D C:ProgramDataregid.1991-06.com.microsoft

2021-05-21 12:56 – 2021-05-21 03:57 – 000000000 ____D C:WINDOWSAppReadiness

2021-05-21 12:56 – 2021-05-21 03:00 – 000000000 ____D C:WINDOWSappcompat

2021-05-21 12:56 – 2021-05-21 02:15 – 000000000 ____D C:WINDOWSINF

2021-05-21 12:56 – 2021-05-20 23:19 – 000000000 ___RD C:Program Files (x86)

2021-05-21 12:56 – 2021-05-20 23:19 – 000000000 ____D C:Program FilesCommon Filesmicrosoft shared

2021-05-21 12:56 – 2021-05-20 23:15 – 000000000 ____D C:Program FilesWindows Defender

2021-05-21 12:56 – 2021-05-20 21:47 – 000000000 ___HD C:Program FilesWindowsApps

2021-05-21 12:56 – 2021-05-20 21:28 – 000000000 ___RD C:WINDOWSPrintDialog

2021-05-21 12:56 – 2021-05-20 21:21 – 000000000 ____D C:WINDOWSResources

2021-05-21 12:56 – 2021-05-20 21:12 – 000000000 ___RD C:WINDOWSImmersiveControlPanel

2021-05-21 12:56 – 2021-05-20 21:12 – 000000000 ____D C:WINDOWSsystem32spool

2021-05-21 12:56 – 2021-05-20 21:12 – 000000000 ____D C:WINDOWSsystem32oobe

2021-05-21 12:56 – 2021-05-20 21:12 – 000000000 ____D C:ProgramDataUSOPrivate

2021-05-21 12:56 – 2021-05-20 21:02 – 000000000 ____D C:WINDOWSServiceState

2021-05-21 12:54 – 2021-05-20 21:27 – 000000000 ____D C:WINDOWSCbsTemp

2021-05-21 12:53 – 2021-05-21 12:56 – 000000000 ____D C:WINDOWSsystem32SMI

2021-05-21 12:53 – 2021-05-21 02:08 – 072351744 _____ C:WINDOWSsystem32configSOFTWARE

2021-05-21 12:53 – 2021-05-21 02:08 – 014155776 _____ C:WINDOWSsystem32configSYSTEM

2021-05-21 12:53 – 2021-05-21 02:08 – 000524288 _____ C:WINDOWSsystem32configDEFAULT

2021-05-21 12:53 – 2021-05-21 02:08 – 000131072 _____ C:WINDOWSsystem32configSAM

2021-05-21 12:53 – 2021-05-21 02:08 – 000065536 _____ C:WINDOWSsystem32configSECURITY

2021-05-21 12:53 – 2021-05-21 02:08 – 000065536 _____ C:WINDOWSsystem32configBBI

2021-05-21 12:53 – 2021-05-20 21:27 – 000000000 ____D C:WINDOWSservicing

2021-05-21 12:53 – 2021-05-20 21:08 – 000032768 _____ C:WINDOWSsystem32configELAM

2021-05-21 05:35 – 2021-05-21 05:36 – 000019329 _____ C:UsersMeepMerpDesktopFRST.txt

2021-05-21 05:35 – 2021-05-21 05:35 – 002299904 ___SH (Farbar) C:UsersMeepMerpDesktopfrst64.exe 

2021-05-21 05:34 – 2021-05-21 05:35 – 000000000 ____D C:FRST

2021-05-21 05:33 – 2021-05-21 05:33 – 002438355 _____ C:UsersMeepMerpDesktopFRST64.exe

2021-05-21 02:12 – 2021-05-21 02:12 – 000003134 _____ C:WINDOWSsystem32TasksMSIAfterburner

2021-05-21 01:02 – 2021-05-21 02:16 – 000000000 ____D C:UsersMeepMerpAppDataLocalCrashDumps

2021-05-20 23:19 – 2021-05-20 23:20 – 000000000 ____D C:WINDOWSSysWOW64directx

2021-05-20 23:19 – 2021-05-20 23:19 – 000000000 ___HD C:WINDOWSmsdownld.tmp

2021-05-20 23:19 – 2021-05-20 23:19 – 000000000 ____D C:Program Files (x86)RivaTuner Statistics Server

2021-05-20 23:18 – 2021-05-20 23:23 – 000000000 ____D C:Program Files (x86)MSI Afterburner

2021-05-20 23:18 – 2021-05-20 23:18 – 000001155 _____ C:UsersMeepMerpDesktopMSI Afterburner.lnk

2021-05-20 23:09 – 2021-05-21 02:17 – 000006103 _____ C:UsersMeepMerpAppDataRoamingVoiceMeeterDefault.xml

2021-05-20 23:07 – 2021-05-21 02:06 – 000000000 ____D C:UsersMeepMerpAppDataLocalPlaceholderTileLogoFolder

2021-05-20 23:04 – 2021-05-20 23:04 – 000000000 ____D C:Program FilesVB

2021-05-20 23:04 – 2021-05-20 23:04 – 000000000 ____D C:Program Files (x86)VB

2021-05-20 23:02 – 2021-05-21 03:58 – 000000000 ____D C:UsersMeepMerpAppDataLocalD3DSCache

2021-05-20 23:02 – 2021-05-20 23:02 – 000003662 _____ C:WINDOWSsystem32TasksNvBroadcast_B2FE1952-0186-46C3-BAEC-A80AA35AC5B8

2021-05-20 23:02 – 2021-05-20 23:02 – 000002271 _____ C:UsersPublicDesktopNVIDIA Broadcast.lnk

2021-05-20 23:02 – 2021-05-20 23:02 – 000002271 _____ C:ProgramDataDesktopNVIDIA Broadcast.lnk

2021-05-20 23:02 – 2021-05-20 23:02 – 000000000 ____D C:UsersMeepMerpAppDataRoamingNVIDIA

2021-05-20 23:02 – 2021-05-20 23:02 – 000000000 ____D C:UsersMeepMerpAppDataLocalVALORANT

2021-05-20 23:02 – 2021-05-20 23:02 – 000000000 ____D C:UsersMeepMerpAppDataLocalUnrealEngine

2021-05-20 22:59 – 2020-08-10 14:58 – 000177904 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvrtxaudcap64v.dll

2021-05-20 22:59 – 2020-08-10 14:58 – 000153840 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64nvrtxaudcap32v.dll

2021-05-20 22:59 – 2020-08-10 14:58 – 000054512 _____ (NVIDIA Corporation) C:WINDOWSsystem32Driversnvrtxvad64v.sys

2021-05-20 22:56 – 2021-05-21 02:18 – 000000001 _____ C:WINDOWSvgkbootstatus.dat

2021-05-20 21:44 – 2021-05-20 21:44 – 000000000 ____D C:UsersMeepMerpDesktopEaseUS Data Recovery Wizard _

2021-05-20 21:39 – 2021-05-21 05:30 – 000000000 ____D C:UsersMeepMerpAppDataRoamingdiscord

2021-05-20 21:39 – 2021-05-21 05:09 – 000000000 ____D C:UsersMeepMerpAppDataLocalDiscord

2021-05-20 21:39 – 2021-05-20 21:39 – 000002244 _____ C:UsersMeepMerpDesktopDiscord.lnk

2021-05-20 21:39 – 2021-05-20 21:39 – 000000000 ____D C:UsersMeepMerpAppDataLocalSquirrelTemp

2021-05-20 21:35 – 2021-05-20 21:35 – 000000000 ____D C:Program FilesRiot Vanguard

2021-05-20 21:34 – 2021-05-21 02:17 – 000000000 ____D C:ProgramDataRiot Games

2021-05-20 21:34 – 2021-05-20 23:02 – 000000000 ____D C:UsersMeepMerpAppDataLocalRiot Games

2021-05-20 21:30 – 2021-05-20 21:30 – 000000000 ____D C:UsersMeepMerpAppDataLocalOneDrive

2021-05-20 21:29 – 2021-05-21 05:34 – 000000000 ____D C:UsersMeepMerpAppDataRoamingDMCache

2021-05-20 21:29 – 2021-05-20 22:18 – 000000000 ____D C:UsersMeepMerpAppDataRoamingIDM

2021-05-20 21:29 – 2021-05-20 21:29 – 000001078 _____ C:UsersMeepMerpDesktopInternet Download Manager.lnk

2021-05-20 21:29 – 2021-05-20 21:29 – 000000000 ____D C:ProgramDataIDM

2021-05-20 21:28 – 2021-05-20 21:29 – 000000000 ____D C:Program Files (x86)Internet Download Manager

2021-05-20 21:28 – 2021-05-20 21:28 – 000000000 ____D C:UsersMeepMerpAppDataRoamingWinRAR

2021-05-20 21:28 – 2021-05-20 21:28 – 000000000 ____D C:UsersMeepMerpAppDataLocalComms

2021-05-20 21:27 – 2021-05-20 21:27 – 000001044 _____ C:UsersPublicDesktopWinRAR.lnk

2021-05-20 21:27 – 2021-05-20 21:27 – 000001044 _____ C:ProgramDataDesktopWinRAR.lnk

2021-05-20 21:27 – 2021-05-20 21:27 – 000000000 ____D C:Program FilesWinRAR

2021-05-20 21:22 – 2021-05-20 22:59 – 000000000 ____D C:ProgramDataPackage Cache

2021-05-20 21:22 – 2021-05-20 22:59 – 000000000 ____D C:Program Files (x86)NVIDIA Corporation

2021-05-20 21:22 – 2021-05-20 22:58 – 000000000 ____D C:UsersMeepMerpAppDataLocalNVIDIA Corporation

2021-05-20 21:22 – 2021-05-20 22:18 – 086964531 ____N C:UsersMeepMerpDownloadsCyberfox-52.9.1.en-US.win64-x86_64.intel.exe

2021-05-20 21:22 – 2021-05-20 21:22 – 000004308 _____ C:WINDOWSsystem32TasksNvDriverUpdateCheckDaily_B2FE1952-0186-46C3-BAEC-A80AA35AC5B8

2021-05-20 21:22 – 2021-05-20 21:22 – 000004106 _____ C:WINDOWSsystem32TasksNvBatteryBoostCheckOnLogon_B2FE1952-0186-46C3-BAEC-A80AA35AC5B8

2021-05-20 21:22 – 2021-05-20 21:22 – 000003976 _____ C:WINDOWSsystem32TasksNVIDIA GeForce Experience SelfUpdate_B2FE1952-0186-46C3-BAEC-A80AA35AC5B8

2021-05-20 21:22 – 2021-05-20 21:22 – 000003940 _____ C:WINDOWSsystem32TasksNvNodeLauncher_B2FE1952-0186-46C3-BAEC-A80AA35AC5B8

2021-05-20 21:22 – 2021-05-20 21:22 – 000003894 _____ C:WINDOWSsystem32TasksNvProfileUpdaterDaily_B2FE1952-0186-46C3-BAEC-A80AA35AC5B8

2021-05-20 21:22 – 2021-05-20 21:22 – 000003858 _____ C:WINDOWSsystem32TasksNvTmRep_CrashReport4_B2FE1952-0186-46C3-BAEC-A80AA35AC5B8

2021-05-20 21:22 – 2021-05-20 21:22 – 000003858 _____ C:WINDOWSsystem32TasksNvTmRep_CrashReport3_B2FE1952-0186-46C3-BAEC-A80AA35AC5B8

2021-05-20 21:22 – 2021-05-20 21:22 – 000003858 _____ C:WINDOWSsystem32TasksNvTmRep_CrashReport2_B2FE1952-0186-46C3-BAEC-A80AA35AC5B8

2021-05-20 21:22 – 2021-05-20 21:22 – 000003858 _____ C:WINDOWSsystem32TasksNvTmRep_CrashReport1_B2FE1952-0186-46C3-BAEC-A80AA35AC5B8

2021-05-20 21:22 – 2021-05-20 21:22 – 000003654 _____ C:WINDOWSsystem32TasksNvProfileUpdaterOnLogon_B2FE1952-0186-46C3-BAEC-A80AA35AC5B8

2021-05-20 21:22 – 2021-05-20 21:22 – 000001443 _____ C:UsersPublicDesktopGeForce Experience.lnk

2021-05-20 21:22 – 2021-05-20 21:22 – 000001443 _____ C:ProgramDataDesktopGeForce Experience.lnk

2021-05-20 21:22 – 2021-05-20 21:22 – 000000000 ____D C:UsersMeepMerpAppDataLocalNVIDIA

2021-05-20 21:22 – 2021-05-20 21:22 – 000000000 ____D C:UsersMeepMerpAppDataLocalCEF

2021-05-20 21:22 – 2021-04-07 19:38 – 002817904 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvspcap64.dll

2021-05-20 21:22 – 2021-04-07 19:38 – 002171760 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64nvspcap.dll

2021-05-20 21:22 – 2021-04-07 19:38 – 001293680 _____ (NVIDIA Corporation) C:WINDOWSsystem32NvRtmpStreamer64.dll

2021-05-20 21:22 – 2021-03-30 18:57 – 000074608 _____ C:WINDOWSsystem32FvSDK_x64.dll

2021-05-20 21:22 – 2021-03-30 18:57 – 000064880 _____ C:WINDOWSSysWOW64FvSDK_x86.dll

2021-05-20 21:22 – 2021-03-04 04:49 – 000168304 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvaudcap64v.dll

2021-05-20 21:22 – 2021-03-04 04:49 – 000144240 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64nvaudcap32v.dll

2021-05-20 21:22 – 2021-02-11 01:57 – 000001951 _____ C:WINDOWSNvContainerRecovery.bat

2021-05-20 21:21 – 2021-05-20 23:02 – 000000000 ____D C:Program FilesNVIDIA Corporation

2021-05-20 21:21 – 2021-05-20 21:21 – 129395752 ___SH (NVIDIA Corporation New) C:UsersMeepMerpDownloadsgeforce_experience_v3.22.0.32.exe 

2021-05-20 21:21 – 2021-05-20 21:21 – 000002436 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsBrave.lnk

2021-05-20 21:21 – 2021-05-20 21:21 – 000002395 _____ C:UsersPublicDesktopBrave.lnk

2021-05-20 21:21 – 2021-05-20 21:21 – 000002395 _____ C:ProgramDataDesktopBrave.lnk

2021-05-20 21:21 – 2021-05-20 21:21 – 000000000 ____D C:Program FilesBraveSoftware

2021-05-20 21:20 – 2021-05-20 21:24 – 001381970 ____N C:UsersMeepMerpDownloadsBraveBrowserSetup (2).exe

2021-05-20 21:20 – 2021-05-20 21:21 – 000000000 ____D C:UsersMeepMerpAppDataLocalBraveSoftware

2021-05-20 21:20 – 2021-05-20 21:20 – 000003438 _____ C:WINDOWSsystem32TasksBraveSoftwareUpdateTaskMachineUA

2021-05-20 21:20 – 2021-05-20 21:20 – 000003314 _____ C:WINDOWSsystem32TasksBraveSoftwareUpdateTaskMachineCore

2021-05-20 21:20 – 2021-05-20 21:20 – 000000000 ____D C:Program Files (x86)BraveSoftware

2021-05-20 21:14 – 2021-05-21 02:17 – 000000000 ____D C:ProgramDataNVIDIA

2021-05-20 21:14 – 2021-05-20 21:14 – 000000000 ____D C:ProgramDataMicrosoft OneDrive

2021-05-20 21:12 – 2021-05-21 03:57 – 000000000 ____D C:UsersMeepMerpAppDataLocalPackages

2021-05-20 21:12 – 2021-05-21 02:15 – 000840598 _____ C:WINDOWSsystem32PerfStringBackup.INI

2021-05-20 21:12 – 2021-05-20 22:56 – 000000000 ____D C:UsersMeepMerpAppDataLocalConnectedDevicesPlatform

2021-05-20 21:12 – 2021-05-20 21:29 – 000000000 ____D C:ProgramDataPackages

2021-05-20 21:12 – 2021-05-20 21:12 – 000000020 ___SH C:UsersMeepMerpntuser.ini

2021-05-20 21:12 – 2021-05-20 21:12 – 000000000 ____D C:UsersMeepMerpAppDataRoamingAdobe

2021-05-20 21:12 – 2021-05-20 21:12 – 000000000 ____D C:UsersMeepMerpAppDataLocalVirtualStore

2021-05-20 21:12 – 2021-05-20 21:12 – 000000000 ____D C:UsersMeepMerpAppDataLocalPublishers

2021-05-20 21:08 – 2021-05-20 21:08 – 000000000 _SHDL C:UsersDefault User

2021-05-20 21:08 – 2021-05-20 21:08 – 000000000 _SHDL C:UsersAll Users

2021-05-20 21:04 – 2021-05-20 21:12 – 000000000 ____D C:UsersMeepMerp

2021-05-20 21:03 – 2021-05-21 01:05 – 000000000 ____D C:ProgramDataNVIDIA Corporation

2021-05-20 21:03 – 2021-05-20 21:03 – 000000000 ____D C:WINDOWSSysWOW64RTCOM

2021-05-20 21:03 – 2021-05-20 21:03 – 000000000 ____D C:WINDOWSsystem32lxss

2021-05-20 21:03 – 2021-05-20 21:03 – 000000000 ____D C:WINDOWSsystem32DriversNVIDIA Corporation

2021-05-20 21:03 – 2021-05-20 21:03 – 000000000 ____D C:ProgramDataRazer

2021-05-20 21:02 – 2021-05-21 02:08 – 000000006 ____H C:WINDOWSTasksSA.DAT

2021-05-20 21:02 – 2021-05-21 02:06 – 000258768 _____ C:WINDOWSsystem32FNTCACHE.DAT

2021-05-20 21:02 – 2021-05-20 23:15 – 000000000 ____D C:WINDOWSsystem32Driverswd

2021-05-20 21:02 – 2021-05-20 21:03 – 000003480 _____ C:WINDOWSsystem32TasksMicrosoftEdgeUpdateTaskMachineUA

2021-05-20 21:02 – 2021-05-20 21:03 – 000003356 _____ C:WINDOWSsystem32TasksMicrosoftEdgeUpdateTaskMachineCore

2021-05-20 21:02 – 2021-05-20 21:02 – 000000000 ____D C:WINDOWSsystem32SleepStudy

2021-05-20 17:11 – 2021-05-14 02:22 – 001855184 _____ C:WINDOWSsystem32vulkaninfo-1-999-0-0-0.exe

2021-05-20 17:11 – 2021-05-14 02:22 – 001855184 _____ C:WINDOWSsystem32vulkaninfo.exe

2021-05-20 17:11 – 2021-05-14 02:22 – 001453360 _____ (Khronos Group) C:WINDOWSsystem32OpenCL.dll

2021-05-20 17:11 – 2021-05-14 02:22 – 001435880 _____ C:WINDOWSSysWOW64vulkaninfo-1-999-0-0-0.exe

2021-05-20 17:11 – 2021-05-14 02:22 – 001435880 _____ C:WINDOWSSysWOW64vulkaninfo.exe

2021-05-20 17:11 – 2021-05-14 02:22 – 001192752 _____ (Khronos Group) C:WINDOWSSysWOW64OpenCL.dll

2021-05-20 17:11 – 2021-05-14 02:22 – 001094864 _____ C:WINDOWSsystem32vulkan-1-999-0-0-0.dll

2021-05-20 17:11 – 2021-05-14 02:22 – 001094864 _____ C:WINDOWSsystem32vulkan-1.dll

2021-05-20 17:11 – 2021-05-14 02:22 – 000948968 _____ C:WINDOWSSysWOW64vulkan-1-999-0-0-0.dll

2021-05-20 17:11 – 2021-05-14 02:22 – 000948968 _____ C:WINDOWSSysWOW64vulkan-1.dll

2021-05-20 17:11 – 2021-05-14 02:19 – 001514800 _____ (NVIDIA Corporation) C:WINDOWSsystem32NvIFR64.dll

2021-05-20 17:11 – 2021-05-14 02:19 – 001166112 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64NvIFR.dll

2021-05-20 17:11 – 2021-05-14 02:19 – 000715544 _____ C:WINDOWSsystem32nvofapi64.dll

2021-05-20 17:11 – 2021-05-14 02:19 – 000675104 _____ (NVIDIA Corporation) C:WINDOWSsystem32NvIFROpenGL.dll

2021-05-20 17:11 – 2021-05-14 02:19 – 000626968 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvml.dll

2021-05-20 17:11 – 2021-05-14 02:19 – 000575768 _____ C:WINDOWSSysWOW64nvofapi.dll

2021-05-20 17:11 – 2021-05-14 02:19 – 000564000 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64NvIFROpenGL.dll

2021-05-20 17:11 – 2021-05-14 02:18 – 002106144 _____ (NVIDIA Corporation) C:WINDOWSsystem32NvFBC64.dll

2021-05-20 17:11 – 2021-05-14 02:18 – 001590576 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64NvFBC.dll

2021-05-20 17:11 – 2021-05-14 02:18 – 000811824 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvEncodeAPI64.dll

2021-05-20 17:11 – 2021-05-14 02:18 – 000689952 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvidia-smi.exe

2021-05-20 17:11 – 2021-05-14 02:18 – 000656176 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64nvEncodeAPI.dll

2021-05-20 17:11 – 2021-05-14 02:18 – 000445744 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvdebugdump.exe

2021-05-20 17:11 – 2021-05-14 02:17 – 008317232 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvcuvid.dll

2021-05-20 17:11 – 2021-05-14 02:17 – 007434032 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64nvcuvid.dll

2021-05-20 17:11 – 2021-05-14 02:17 – 005678360 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvcpl.dll

2021-05-20 17:11 – 2021-05-14 02:17 – 004795184 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64nvcuda.dll

2021-05-20 17:11 – 2021-05-14 02:17 – 002823472 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvcuda.dll

2021-05-20 17:11 – 2021-05-14 02:16 – 000848688 _____ (NVIDIA Corporation) C:WINDOWSsystem32MCU.exe

2021-05-20 17:11 – 2021-05-14 02:15 – 007212224 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvapi64.dll

2021-05-20 17:11 – 2021-05-14 02:15 – 006159152 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64nvapi.dll

2021-05-20 17:11 – 2021-05-13 18:38 – 000087164 _____ C:WINDOWSsystem32nvinfo.pb

2021-05-20 17:10 – 2021-05-13 18:38 – 000136472 _____ (NVIDIA Corporation) C:WINDOWSsystem32Driversnvhda64v.sys

2021-05-20 17:10 – 2021-05-13 18:38 – 000037656 _____ (NVIDIA Corporation) C:WINDOWSsystem32Driversnvhdap64.dll

2021-05-20 17:10 – 2020-03-12 03:26 – 000067456 _____ (NVIDIA Corporation) C:WINDOWSsystem32Driversnvvhci.sys

2021-05-20 16:47 – 2021-05-20 16:48 – 000001968 _____ C:UsersMeepMerpDesktopRkill.txt

2021-05-20 16:47 – 2021-05-20 16:47 – 000000000 ____D C:UsersMeepMerpDesktoprkill

2021-05-18 02:27 – 2021-05-20 21:36 – 000001627 _____ C:UsersMeepMerpDesktopVALORANT.lnk

2021-05-17 23:08 – 2021-05-19 16:09 – 000003870 _____ C:UsersMeepMerpDesktopasftmdred.CT

2021-05-16 03:45 – 2021-05-16 03:46 – 000000000 ____D C:UsersMeepMerpDocumentsShareX

2021-05-16 03:45 – 2021-05-16 03:45 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsShareX

2021-05-16 03:30 – 2021-05-16 03:31 – 000000000 ____D C:UsersMeepMerpDesktopccc

2021-05-16 01:50 – 2021-05-16 01:51 – 000000000 ____D C:UsersMeepMerpDesktopveno

2021-05-16 01:38 – 2021-05-16 01:45 – 000000000 ____D C:UsersMeepMerpDesktop65k

2021-05-14 18:37 – 2021-05-14 19:27 – 041895032 ___SH (Developers Team) C:UsersMeepMerpDownloadscheatengineundetected.exe 

2021-05-14 18:05 – 2021-05-14 18:05 – 002755584 _____ (Microsoft Corporation) C:WINDOWSSysWOW64mshtml.tlb

2021-05-14 18:05 – 2021-05-14 18:05 – 002755584 _____ (Microsoft Corporation) C:WINDOWSsystem32mshtml.tlb

2021-05-14 18:05 – 2021-05-14 18:05 – 001823816 _____ (Microsoft Corporation) C:WINDOWSsystem32winload.efi

2021-05-14 18:05 – 2021-05-14 18:05 – 001687040 _____ C:WINDOWSsystem32libcrypto.dll

2021-05-14 18:05 – 2021-05-14 18:05 – 001393504 _____ (Microsoft Corporation) C:WINDOWSsystem32winresume.efi

2021-05-14 18:05 – 2021-05-14 18:05 – 001314120 _____ (Microsoft Corporation) C:WINDOWSsystem32SecConfig.efi

2021-05-14 18:05 – 2021-05-14 18:05 – 001163776 _____ C:WINDOWSsystem32MBR2GPT.EXE

2021-05-14 18:05 – 2021-05-14 18:05 – 000700928 _____ C:WINDOWSsystem32FsNVSDeviceSource.dll

2021-05-14 18:05 – 2021-05-14 18:05 – 000165888 _____ C:WINDOWSsystem32DataStoreCacheDumpTool.exe

2021-05-14 18:05 – 2021-05-14 18:05 – 000157184 _____ C:WINDOWSsystem32uwfcsp.dll

2021-05-14 18:05 – 2021-05-14 18:05 – 000153600 _____ C:WINDOWSsystem32uwfcfgmgmt.dll

2021-05-14 18:05 – 2021-05-14 18:05 – 000060928 _____ C:WINDOWSsystem32runexehelper.exe

2021-05-14 18:05 – 2021-05-14 18:05 – 000013312 _____ C:WINDOWSsystem32agentactivationruntimestarter.exe

2021-05-14 18:05 – 2021-05-14 18:05 – 000011351 _____ C:WINDOWSsystem32DrtmAuthTxt.wim

2021-05-12 21:16 – 2021-05-12 21:16 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsMalwarebytes

2021-05-12 21:14 – 2021-05-12 21:14 – 000155678 _____ C:UsersPublicDesktopmbst-clean-results.txt

2021-05-12 21:14 – 2021-05-12 21:14 – 000155678 _____ C:ProgramDataDesktopmbst-clean-results.txt

2021-05-12 21:11 – 2021-05-16 19:38 – 011782748 _____ C:UsersMeepMerpDesktopmb-support-1.8.4.896.exe

2021-05-12 21:11 – 2021-05-14 18:14 – 002437934 ____N C:UsersMeepMerpDownloadsFRSTEnglish.exe

2021-05-12 21:02 – 2021-05-16 19:38 – 000997387 _____ C:UsersMeepMerpDesktopmb-clean-3.1.0.1035.exe

2021-05-12 21:02 – 2021-05-12 21:06 – 000020215 _____ C:UsersMeepMerpDesktopmb-clean-results.txt

2021-05-12 21:01 – 2021-05-16 19:38 – 002464618 _____ C:UsersMeepMerpDesktopmb-check-3.1.10.1000.exe

2021-05-12 20:53 – 2021-05-16 19:38 – 064447455 _____ C:UsersMeepMerpDesktopmb3-setup-32138.32138-3.7.1.2839-1.0.538-1.0.9074.exe

2021-05-12 20:45 – 2021-05-16 19:38 – 002216942 _____ C:UsersMeepMerpDesktopMBSetup (1).exe

2021-05-12 18:48 – 2021-05-12 18:48 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsWise System Monitor

2021-05-12 18:11 – 2021-05-12 18:11 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsRan Online Pinas

2021-05-06 19:07 – 2021-05-06 19:07 – 000000000 ____D C:UsersMeepMerpAppDataLocalLowOracle

2021-05-05 11:11 – 2021-05-14 18:14 – 163542054 ____N C:UsersMeepMerpDownloadsxampp-windows-x64-7.3.28-0-VC15-installer.exe

2021-05-04 23:54 – 2021-05-04 23:54 – 000581120 _____ (Microsoft Corporation) C:WINDOWSsystem32PhotoScreensaver.scr

2021-05-04 23:54 – 2021-05-04 23:54 – 000575488 _____ (Microsoft Corporation) C:WINDOWSSysWOW64hhctrl.ocx

2021-05-04 23:54 – 2021-05-04 23:54 – 000499200 _____ (Microsoft Corporation) C:WINDOWSSysWOW64PhotoScreensaver.scr

2021-05-04 23:54 – 2021-05-04 23:54 – 000480256 _____ C:WINDOWSsystem32AssignedAccessCsp.dll

2021-05-04 23:54 – 2021-05-04 23:54 – 000469504 _____ (Microsoft Corporation) C:WINDOWSSysWOW64appwiz.cpl

2021-05-04 23:54 – 2021-05-04 23:54 – 000234496 _____ (Microsoft Corporation) C:WINDOWSSysWOW64ksproxy.ax

2021-05-04 23:54 – 2021-05-04 23:54 – 000138056 _____ C:WINDOWSsystem32HvsiManagementApi.dll

2021-05-04 23:54 – 2021-05-04 23:54 – 000135168 _____ (Microsoft Corporation) C:WINDOWSSysWOW64VBICodec.ax

2021-05-04 23:54 – 2021-05-04 23:54 – 000101704 _____ C:WINDOWSSysWOW64HvsiManagementApi.dll

2021-05-04 23:54 – 2021-05-04 23:54 – 000095744 _____ C:WINDOWSsystem32VirtualMonitorManager.dll

2021-05-04 23:54 – 2021-05-04 23:54 – 000084992 _____ (Microsoft Corporation) C:WINDOWSsystem32wscui.cpl

2021-05-04 23:54 – 2021-05-04 23:54 – 000072704 _____ (Microsoft Corporation) C:WINDOWSSysWOW64tdc.ocx

2021-05-04 23:54 – 2021-05-04 23:54 – 000067584 _____ (Microsoft Corporation) C:WINDOWSSysWOW64wscui.cpl

2021-05-04 23:54 – 2021-05-04 23:54 – 000053760 _____ C:WINDOWSSysWOW64BWContextHandler.dll

2021-05-04 23:53 – 2021-05-04 23:53 – 002260992 _____ C:WINDOWSsystem32TextInputMethodFormatter.dll

2021-05-04 23:53 – 2021-05-04 23:53 – 002254336 _____ C:WINDOWSsystem32dwmscene.dll

2021-05-04 23:53 – 2021-05-04 23:53 – 001333760 _____ C:WINDOWSSysWOW64TextInputMethodFormatter.dll

2021-05-04 23:53 – 2021-05-04 23:53 – 000729600 _____ (Microsoft Corporation) C:WINDOWSsystem32hhctrl.ocx

2021-05-04 23:53 – 2021-05-04 23:53 – 000707016 ____N C:WINDOWSsystem32TextShaping.dll

2021-05-04 23:53 – 2021-05-04 23:53 – 000643072 _____ C:WINDOWSsystem32WindowManagementAPI.dll

2021-05-04 23:53 – 2021-05-04 23:53 – 000611952 _____ C:WINDOWSSysWOW64TextShaping.dll

2021-05-04 23:53 – 2021-05-04 23:53 – 000595968 _____ (Microsoft Corporation) C:WINDOWSsystem32appwiz.cpl

2021-05-04 23:53 – 2021-05-04 23:53 – 000562688 _____ (Microsoft Corporation) C:WINDOWSsystem32winspool.drv

2021-05-04 23:53 – 2021-05-04 23:53 – 000544768 _____ (Microsoft Corporation) C:WINDOWSsystem32mmsys.cpl

2021-05-04 23:53 – 2021-05-04 23:53 – 000455680 _____ C:WINDOWSSysWOW64WindowManagementAPI.dll

2021-05-04 23:53 – 2021-05-04 23:53 – 000455168 _____ C:WINDOWSsystem32ssdm.dll

2021-05-04 23:53 – 2021-05-04 23:53 – 000446976 _____ (Microsoft Corporation) C:WINDOWSSysWOW64mmsys.cpl

2021-05-04 23:53 – 2021-05-04 23:53 – 000422912 _____ (Microsoft Corporation) C:WINDOWSSysWOW64winspool.drv

2021-05-04 23:53 – 2021-05-04 23:53 – 000363520 _____ C:WINDOWSsystem32Windows.Internal.UI.Shell.WindowTabManager.dll

2021-05-04 23:53 – 2021-05-04 23:53 – 000330752 _____ C:WINDOWSSysWOW64ssdm.dll

2021-05-04 23:53 – 2021-05-04 23:53 – 000306688 _____ C:WINDOWSsystem32HeatCore.dll

2021-05-04 23:53 – 2021-05-04 23:53 – 000304128 _____ (Microsoft Corporation) C:WINDOWSsystem32ksproxy.ax

2021-05-04 23:53 – 2021-05-04 23:53 – 000287232 _____ C:WINDOWSsystem32CoreMas.dll

2021-05-04 23:53 – 2021-05-04 23:53 – 000266240 _____ C:WINDOWSSysWOW64Windows.Internal.UI.Shell.WindowTabManager.dll

2021-05-04 23:53 – 2021-05-04 23:53 – 000243200 _____ (Microsoft Corporation) C:WINDOWSsystem32timedate.cpl

2021-05-04 23:53 – 2021-05-04 23:53 – 000240640 _____ C:WINDOWSSysWOW64CoreMas.dll

2021-05-04 23:53 – 2021-05-04 23:53 – 000238592 _____ (Microsoft Corporation) C:WINDOWSsystem32intl.cpl

2021-05-04 23:53 – 2021-05-04 23:53 – 000235520 _____ C:WINDOWSSysWOW64HeatCore.dll

2021-05-04 23:53 – 2021-05-04 23:53 – 000231248 _____ C:WINDOWSsystem32containerdevicemanagement.dll

2021-05-04 23:53 – 2021-05-04 23:53 – 000190976 _____ C:WINDOWSsystem32BthpanContextHandler.dll

2021-05-04 23:53 – 2021-05-04 23:53 – 000182272 _____ (Microsoft Corporation) C:WINDOWSSysWOW64timedate.cpl

2021-05-04 23:53 – 2021-05-04 23:53 – 000178688 _____ (Microsoft Corporation) C:WINDOWSSysWOW64intl.cpl

2021-05-04 23:53 – 2021-05-04 23:53 – 000170496 _____ (Microsoft Corporation) C:WINDOWSsystem32VBICodec.ax

2021-05-04 23:53 – 2021-05-04 23:53 – 000152064 _____ C:WINDOWSsystem32EoAExperiences.exe

2021-05-04 23:53 – 2021-05-04 23:53 – 000102912 _____ (Microsoft Corporation) C:WINDOWSsystem32ncpa.cpl

2021-05-04 23:53 – 2021-05-04 23:53 – 000100864 _____ (Microsoft Corporation) C:WINDOWSSysWOW64ncpa.cpl

2021-05-04 23:53 – 2021-05-04 23:53 – 000091136 _____ C:WINDOWSsystem32Driverscimfs.sys

2021-05-04 23:53 – 2021-05-04 23:53 – 000089088 _____ C:WINDOWSsystem32windows.applicationmodel.conversationalagent.proxystub.dll

2021-05-04 23:53 – 2021-05-04 23:53 – 000087552 _____ (Microsoft Corporation) C:WINDOWSsystem32tdc.ocx

2021-05-04 23:53 – 2021-05-04 23:53 – 000074240 _____ C:WINDOWSsystem32rdsxvmaudio.dll

2021-05-04 23:53 – 2021-05-04 23:53 – 000073216 _____ C:WINDOWSsystem32windows.applicationmodel.conversationalagent.internal.proxystub.dll

2021-05-04 23:53 – 2021-05-04 23:53 – 000067072 _____ C:WINDOWSsystem32BWContextHandler.dll

2021-05-04 23:53 – 2021-05-04 23:53 – 000048640 _____ (Adobe Systems) C:WINDOWSsystem32atmlib.dll

2021-05-04 23:53 – 2021-05-04 23:53 – 000039936 _____ (Adobe Systems) C:WINDOWSSysWOW64atmlib.dll

2021-05-04 23:53 – 2021-05-04 23:53 – 000010752 _____ C:WINDOWSSysWOW64agentactivationruntimestarter.exe

2021-05-04 23:53 – 2021-05-04 23:53 – 000001370 _____ C:WINDOWSsystem32ThirdPartyNoticesBySHS.txt

2021-05-04 21:06 – 2021-05-14 18:14 – 651811438 ____N C:UsersMeepMerpDownloadsVMware-workstation-full-16.1.1-17801498.exe

2021-05-04 16:19 – 2021-05-04 22:46 – 000006102 _____ C:UsersMeepMerpDesktopzxc.xml

2021-05-04 10:25 – 2021-05-14 18:14 – 001603499 ____N C:UsersMeepMerpDownloadsvs_Community.exe

2021-05-04 10:19 – 2021-05-04 10:23 – 000000000 ____D C:UsersMeepMerpDownloadspremake-5.0.0-alpha16-windows

2021-05-04 10:19 – 2021-05-04 10:19 – 008730648 _____ C:UsersMeepMerpDownloadspremake-5.0.0-alpha16-src.zip

2021-05-04 10:19 – 2021-05-04 10:19 – 000000000 ____D C:UsersMeepMerpDownloadspremake-5.0.0-alpha16-src

2021-05-04 10:16 – 2021-05-04 10:16 – 000565653 _____ C:UsersMeepMerpDownloadspremake-5.0.0-alpha16-windows.zip

2021-05-04 10:08 – 2021-05-14 18:14 – 003148199 ____N C:UsersMeepMerpDownloadsinstall VEH Debugger.exe

2021-05-04 09:50 – 2021-05-04 09:50 – 000000663 _____ C:UsersMeepMerpDesktopstartlazarus.exe – Shortcut.lnk

2021-05-04 09:44 – 2021-05-14 18:13 – 001381514 ____N C:UsersMeepMerpDownloadsBraveBrowserSetup (1).exe

2021-05-04 09:34 – 2021-05-14 18:14 – 028515591 ____N C:UsersMeepMerpDownloadspython-3.9.5-amd64.exe

2021-05-03 18:17 – 2021-05-03 18:17 – 000001171 _____ C:UsersPublicDesktopiCUE.lnk

2021-05-03 18:17 – 2021-05-03 18:17 – 000001171 _____ C:ProgramDataDesktopiCUE.lnk

2021-05-03 18:12 – 2021-05-03 18:15 – 770695168 _____ C:UsersMeepMerpDownloadsiCUESetup_4.10.273_release.msi

2021-05-03 16:28 – 2021-05-03 16:30 – 497377280 _____ C:UsersMeepMerpDownloadsiCUESetup_3.38.61_release.msi

2021-05-03 09:33 – 2021-05-21 13:00 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsLazarus 2

2021-05-03 09:33 – 2021-05-04 10:00 – 000000000 ____D C:laz_conf

2021-05-03 09:32 – 2021-05-03 09:33 – 000000000 ____D C:lazarus2

2021-05-03 09:28 – 2021-05-14 18:14 – 190514668 ____N C:UsersMeepMerpDownloadslazarus-2.0.12-fpc-3.2.0-win64.exe

2021-05-03 09:22 – 2021-05-14 18:14 – 050009607 ____N C:UsersMeepMerpDownloadsGit-2.31.1-64-bit.exe

2021-05-03 09:17 – 2021-05-14 18:14 – 168821846 ____N C:UsersMeepMerpDownloadslazarus-2.0.10-fpc-3.2.0-win32.exe

2021-05-02 23:54 – 2021-05-02 23:54 – 000000000 ____D C:UsersMeepMerpDesktoprecoveredfiles

2021-05-02 22:50 – 2021-05-02 22:50 – 000000000 ____D C:UsersMeepMerpDocumentsMy Data Files

2021-05-02 22:45 – 2021-05-14 18:14 – 003481078 ____N C:UsersMeepMerpDownloadswinrar-x64-601.exe

2021-05-02 22:45 – 2021-05-02 22:46 – 078553103 _____ C:UsersMeepMerpDownloadsWondershare_Recoverit_Ultimate_8.3.0.12.rar

2021-05-02 21:35 – 2021-05-14 18:14 – 129534060 ____N C:UsersMeepMerpDownloadsGeForce_Experience_v3.22.0.32.exe

2021-05-02 21:30 – 2021-05-14 18:13 – 001381520 ____N C:UsersMeepMerpDownloadsBraveBrowserSetup.exe

2021-05-02 21:23 – 2021-05-14 18:14 – 245901009 ____N C:UsersMeepMerpDownloadsnvidia-broadcast-v1.1.0.21.exe

2021-05-02 21:22 – 2021-05-14 18:14 – 011651343 ____N C:UsersMeepMerpDownloadsVoicemeeterSetup.exe

2021-05-02 21:19 – 2021-05-14 18:14 – 068960823 ____N C:UsersMeepMerpDownloadsDiscordSetup.exe

2021-05-02 21:18 – 2021-05-02 21:18 – 000805386 _____ C:UsersMeepMerpDownloadsTaskbarX_1.6.9.0_x64.rmskin

2021-05-02 21:17 – 2021-05-21 13:00 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsWondershare

2021-05-02 21:17 – 2021-05-21 13:00 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsLAV Filters

2021-05-02 21:17 – 2021-05-14 18:14 – 002686656 ____N C:UsersMeepMerpDownloadsRainmeter-4.4-r3447-beta.exe

2021-05-02 21:16 – 2021-05-14 18:14 – 001528967 ____N C:UsersMeepMerpDownloadsrecoverit_setup_full4134.exe

2021-05-02 21:16 – 2021-05-02 21:17 – 000000000 ____D C:UsersPublicDocumentsWondershare

2021-05-02 21:16 – 2021-05-02 21:17 – 000000000 ____D C:ProgramDataDocumentsWondershare

2021-05-02 21:14 – 2021-05-14 18:14 – 004101545 ____N C:UsersMeepMerpDownloadsnpp.7.9.5.Installer.exe

2021-05-02 21:07 – 2021-05-20 21:14 – 000000000 ___RD C:UsersMeepMerpOneDrive

2021-05-02 20:59 – 2021-05-20 21:08 – 000024320 _____ C:UsersMeepMerpDesktopRemoved Apps.html

2021-05-02 20:54 – 2021-05-20 21:13 – 000002438 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsMicrosoft Edge.lnk

2021-05-02 20:54 – 2021-05-20 21:13 – 000002276 _____ C:UsersPublicDesktopMicrosoft Edge.lnk

2021-05-02 20:54 – 2021-05-20 21:13 – 000002276 _____ C:ProgramDataDesktopMicrosoft Edge.lnk

2021-05-02 10:39 – 2021-05-02 10:49 – 000000208 _____ C:UsersMeepMerpDesktopfavicon.py

2021-04-29 13:40 – 2021-04-29 13:40 – 000000299 _____ C:UsersMeepMerpd4ac4633ebd6440fa397b84f1bc94a3c.7z

2021-04-29 13:13 – 2021-04-29 13:13 – 000046217 _____ C:UsersMeepMerpDesktophtaccess

2021-04-27 09:39 – 2021-04-27 09:40 – 000000000 ____D C:UsersMeepMerpDesktopsitir

2021-04-26 11:24 – 2021-05-21 13:00 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsVim 8.2

2021-04-26 11:24 – 2021-05-14 18:14 – 009314564 ____N C:UsersMeepMerpDownloadsgvim82.exe

2021-04-26 11:24 – 2021-04-26 11:24 – 000000000 ____D C:UsersMeepMerpvimfiles

2021-04-25 20:52 – 2021-04-25 20:52 – 000000053 _____ C:UsersMeepMerp.git-for-windows-updater

2021-04-24 08:25 – 2021-04-24 08:25 – 000000072 _____ C:UsersMeepMerp.bash_history

2021-04-24 08:24 – 2021-05-21 13:00 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsGit

2021-04-24 00:35 – 2021-04-29 12:39 – 000000000 ____D C:UsersMeepMerp.BigNox

2021-04-24 00:35 – 2021-04-24 00:35 – 000000000 ____D C:UsersMeepMerpAppDataRoamingMicrosoftWindowsStart MenuNox

2021-04-23 23:41 – 2021-05-21 13:00 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsXAMPP

2021-04-23 23:38 – 2021-04-23 23:49 – 000000000 ____D C:xampp

2021-04-22 01:16 – 2021-04-22 01:16 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsTelerik

2021-04-21 23:28 – 2021-04-21 23:28 – 000000000 ____D C:UsersMeepMerp.nuget

 

==================== One month (modified) ==================

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2021-05-21 13:00 – 2021-04-17 00:08 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsMiniTool Partition Wizard 12

2021-05-21 13:00 – 2021-04-14 11:53 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsHxD Hex Editor

2021-05-21 13:00 – 2021-04-05 06:14 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsVMware

2021-05-21 13:00 – 2021-03-30 03:00 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsMouseMux

2021-05-21 13:00 – 2021-02-08 00:28 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsMacro Recorder

2021-05-21 13:00 – 2021-01-17 06:14 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuCorsair

2021-05-21 13:00 – 2021-01-09 14:44 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsEPSON

2021-05-21 13:00 – 2021-01-01 13:08 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsAORUS

2021-05-21 13:00 – 2020-12-13 16:58 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsVB Audio

2021-05-21 13:00 – 2020-11-13 17:33 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsGigabyte Speed

2021-05-21 13:00 – 2020-11-13 15:06 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsQuickCPU64

2021-05-21 13:00 – 2020-10-08 05:03 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsMICRO-STAR INT’L,.LTD

2021-05-21 13:00 – 2020-08-19 03:03 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsPingzapper

2021-05-21 13:00 – 2020-08-16 20:52 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsLetsView

2021-05-21 13:00 – 2020-08-16 19:21 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsApowersoft

2021-05-21 13:00 – 2020-07-30 16:34 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsCPUID

2021-05-21 13:00 – 2020-07-30 16:28 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsGeeks3D

2021-05-21 13:00 – 2020-07-29 18:21 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsTechSmith

2021-05-21 13:00 – 2020-07-29 04:09 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsSteam

2021-05-21 13:00 – 2020-07-29 03:55 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsRiot Games

2021-05-21 13:00 – 2020-07-29 03:28 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsWindows Kits

2021-05-21 13:00 – 2020-07-29 03:25 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsMicrosoft Azure

2021-05-21 13:00 – 2020-07-29 03:22 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsVisual Studio 2019

2021-05-21 13:00 – 2020-07-29 01:18 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsGIGABYTE

2021-05-21 13:00 – 2020-07-29 01:06 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsAMD Ryzen Master

2021-05-21 02:08 – 2020-07-29 00:38 – 000008192 ___SH C:DumpStack.log.tmp

2021-05-20 23:19 – 2020-08-29 00:24 – 000000000 ____D C:UsersMeepMerpAppDataRoamingMicrosoftWindowsStart MenuProgramsRivaTuner Statistics Server

2021-05-20 23:18 – 2020-08-29 00:23 – 000000000 ____D C:UsersMeepMerpAppDataRoamingMicrosoftWindowsStart MenuProgramsMSI Afterburner

2021-05-20 23:18 – 2020-07-28 22:47 – 000000000 ____D C:UsersMeepMerpDownloadsCompressed

2021-05-20 23:02 – 2021-01-01 14:23 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsNVIDIA Corporation

2021-05-20 23:02 – 2020-07-29 02:04 – 000000000 ____D C:temp

2021-05-20 21:39 – 2020-07-29 11:25 – 000000000 ____D C:UsersMeepMerpAppDataRoamingMicrosoftWindowsStart MenuProgramsDiscord Inc

2021-05-20 21:29 – 2020-07-28 22:47 – 000000000 ____D C:UsersMeepMerpAppDataRoamingMicrosoftWindowsStart MenuProgramsInternet Download Manager

2021-05-20 21:29 – 2020-07-28 22:47 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsInternet Download Manager

2021-05-20 21:27 – 2020-07-29 18:21 – 000000000 ____D C:UsersMeepMerpAppDataRoamingMicrosoftWindowsStart MenuProgramsWinRAR

2021-05-20 21:27 – 2020-07-29 18:21 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsWinRAR

2021-05-20 21:12 – 2020-07-29 00:41 – 000000000 ___RD C:UsersMeepMerp3D Objects

2021-05-20 21:12 – 2020-07-28 15:05 – 000000000 __RHD C:UsersPublicAccountPictures

2021-05-20 21:08 – 2021-04-17 11:48 – 000000000 ____D C:UsersMeepMerpAppDataRoamingMicrosoftWindowsStart MenuProgramsDiskInternals

2021-05-20 21:08 – 2020-08-10 07:33 – 000000000 ____D C:UsersMeepMerpAppDataRoamingMicrosoftWindowsStart MenuProgramsCyberfox

2021-05-20 21:08 – 2020-08-06 18:17 – 000000000 ____D C:UsersMeepMerpAppDataRoamingMicrosoftWindowsStart MenuProgramsZoom

2021-05-20 21:07 – 2020-12-13 16:58 – 000000000 ____D C:UsersMeepMerpAppDataRoamingMicrosoftWindowsStart MenuProgramsVB Audio

2021-05-20 21:07 – 2020-12-03 18:56 – 000000000 ____D C:UsersMeepMerpAppDataRoamingMicrosoftWindowsStart MenuProgramsAMD-RAID

2021-05-20 15:52 – 2021-03-26 03:12 – 000000000 ____D C:UsersMeepMerpDocumentsVMWARE

2021-05-18 20:44 – 2020-08-10 07:33 – 000000000 ____D C:UsersMeepMerpAppDataLocalLowMozilla

2021-05-18 01:10 – 2021-04-03 08:54 – 000000000 ____D C:UsersMeepMerpDesktopFarmRAN

2021-05-16 19:38 – 2021-04-14 21:08 – 002217129 _____ C:UsersMeepMerpDesktopMBSetup.exe

2021-05-16 19:38 – 2021-03-30 04:49 – 003104719 _____ C:UsersMeepMerpDesktopSandboxie-Classic-x64-v5.49.0.exe

2021-05-16 19:38 – 2021-01-17 07:39 – 000277946 _____ C:UsersMeepMerpDesktopEmptyStandbyList.exe

2021-05-16 19:38 – 2020-10-02 11:00 – 264562741 _____ C:UsersMeepMerpDesktop009-64bit_Win7_Win8_Win81_Win10_R282.exe

2021-05-16 19:38 – 2020-08-06 19:30 – 003302263 _____ C:UsersMeepMerpDesktopjcpicker.exe

2021-05-14 18:14 – 2021-03-30 02:59 – 007249945 ____N C:UsersMeepMerpDownloadsmousemux-setup.exe

2021-05-14 18:14 – 2020-12-07 07:49 – 005263089 ____N C:UsersMeepMerpDownloadsexif_64.exe

2021-05-14 18:14 – 2020-12-07 07:49 – 004944364 ____N C:UsersMeepMerpDownloadsexif.exe

2021-05-14 18:14 – 2020-12-07 07:49 – 004944284 ____N C:UsersMeepMerpDownloadsexif(1).exe

2021-05-14 18:13 – 2021-01-01 13:50 – 000932921 _____ C:UsersMeepMerpDocumentsvibranceGUI.exe

2021-05-14 18:13 – 2020-11-22 16:42 – 075002508 _____ C:UsersMeepMerpDocumentsVoicemodSetup.exe

2021-05-14 18:13 – 2020-08-16 18:29 – 002120789 ____N C:UsersMeepMerpDownloadsapowermirror-setup-gg-b.exe

2021-05-06 19:43 – 2020-12-07 07:50 – 000000000 ____D C:w

2021-05-05 11:21 – 2020-07-29 02:04 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsRazer

2021-05-04 22:30 – 2021-03-24 16:31 – 000000000 ____D C:UsersMeepMerpDocumentsVirtual Machines

2021-05-04 18:19 – 2020-12-10 16:09 – 000000000 ____D C:UsersMeepMerpDocumentsCamtasia

2021-05-04 10:46 – 2020-08-06 22:53 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsPython 3.7

2021-05-04 10:29 – 2020-07-29 03:23 – 000000000 ____D C:UsersMeepMerp.dotnet

2021-05-04 09:34 – 2020-12-07 07:54 – 000000000 ____D C:UsersMeepMerpAppDataRoamingMicrosoftWindowsStart MenuProgramsPython 3.9

2021-05-02 20:36 – 2020-10-01 04:44 – 000029387 _____ C:CosairDram.txt

2021-05-02 20:31 – 2020-08-01 18:40 – 000000000 ___HD C:UsersPublicDocumentsAdobeGCData

2021-05-02 20:31 – 2020-08-01 18:40 – 000000000 ___HD C:ProgramDataDocumentsAdobeGCData

2021-04-29 12:40 – 2020-07-29 19:10 – 000000000 ____D C:UsersMeepMerp.android

2021-04-29 12:39 – 2020-09-23 00:39 – 000000000 ____D C:UsersMeepMerpvmlogs

2021-04-25 07:36 – 2020-07-28 22:47 – 000000000 ____D C:UsersMeepMerpDownloadsVideo

2021-04-24 03:04 – 2021-04-17 11:56 – 000000000 ____D C:UsersMeepMerpDownloadsMiniTool Partition Wizard Technician 12.3

2021-04-22 09:21 – 2020-08-11 14:47 – 000000070 _____ C:UsersMeepMerpDesktopjcpicker.txt

2021-04-21 03:58 – 2021-01-09 14:45 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsEPSON Software

2021-04-21 03:56 – 2021-04-18 12:18 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsSourceTec

 

==================== Files in the root of some directories ========

 

2021-05-20 23:09 – 2021-05-21 02:17 – 000006103 _____ () C:UsersMeepMerpAppDataRoamingVoiceMeeterDefault.xml

 

==================== SigCheck ============================

 

(There is no automatic fix for files that do not pass verification.)

 

==================== End of FRST.txt ========================

 

 

——————————————————————————————————————————————————

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-05-2021

Ran by MeepMerp (21-05-2021 05:37:17)

Running from c:UsersMeepMerpDesktop

Windows 10 Pro Version 2004 19041.985 (X64) (2021-05-20 13:12:28)

Boot Mode: Normal

==========================================================

 

 

==================== Accounts: =============================

 

Administrator (S-1-5-21-185054945-3502447639-2721202950-500 – Administrator – Disabled)

DefaultAccount (S-1-5-21-185054945-3502447639-2721202950-503 – Limited – Disabled)

Guest (S-1-5-21-185054945-3502447639-2721202950-501 – Limited – Disabled)

MeepMerp (S-1-5-21-185054945-3502447639-2721202950-1001 – Administrator – Enabled) => C:UsersMeepMerp

WDAGUtilityAccount (S-1-5-21-185054945-3502447639-2721202950-504 – Limited – Disabled)

 

==================== Security Center ========================

 

(If an entry is included in the fixlist, it will be removed.)

 

AV: Windows Defender (Enabled – Up to date) D68DDC3A-831F-4fae-9E44-DA132C1ACF46

 

==================== Installed Programs ======================

 

(Only the adware programs with “Hidden” flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 

Brave (HKLM-x32…BraveSoftware Brave-Browser) (Version: 90.1.24.85 – Brave Software Inc)

Discord (HKUS-1-5-21-185054945-3502447639-2721202950-1001…Discord) (Version: 1.0.9001 – Discord Inc.)

Google Update Helper (HKLM-x32…A92DAB39-4E2C-4304-9AB6-BC44E68B55E2) (Version: 1.3.101.0 – Google LLC) Hidden

Internet Download Manager (HKLM-x32…Internet Download Manager) (Version: 6.38.2 – Tonec Inc.)

Microsoft Edge (HKLM-x32…Microsoft Edge) (Version: 90.0.818.62 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x64 9.0.30729.6161 (HKLM…5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4) (Version: 9.0.30729.6161 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.6161 (HKLM-x32…9BE518E6-ECC6-35A9-88E4-87755C07200F) (Version: 9.0.30729.6161 – Microsoft Corporation)

Microsoft Visual C++ 2015-2019 Redistributable (x64) – 14.22.27821 (HKLM-x32…6361b579-2795-4886-b2a8-53d5239b6452) (Version: 14.22.27821.0 – Microsoft Corporation)

Microsoft Visual C++ 2015-2019 Redistributable (x86) – 14.22.27821 (HKLM-x32…5bfc1380-fd35-4b85-9715-7351535d077e) (Version: 14.22.27821.0 – Microsoft Corporation)

MSI Afterburner 4.6.4 Beta 3 (HKLM-x32…Afterburner) (Version: 4.6.4 Beta 3 – MSI Co., LTD)

NVIDIA Broadcast 1.2.0.49 (HKLM…B2FE1952-0186-46C3-BAEC-A80AA35AC5B8_NVIDIABroadcast) (Version: 1.2.0.49 – NVIDIA Corporation)

NVIDIA FrameView SDK 1.1.4923.29781331 (HKLM…B2FE1952-0186-46C3-BAEC-A80AA35AC5B8_FrameViewSdk) (Version: 1.1.4923.29781331 – NVIDIA Corporation)

NVIDIA GeForce Experience 3.22.0.32 (HKLM…B2FE1952-0186-46C3-BAEC-A80AA35AC5B8_Display.GFExperience) (Version: 3.22.0.32 – NVIDIA Corporation)

Realtek USB Audio (HKLM…A46A65D-89AC-464C-8026-3CD44960BD04) (Version: 6.3.9600.213 – Realtek Semiconductor Corp.)

Riot Vanguard (HKLM…Riot Vanguard) (Version:  – Riot Games, Inc.)

RivaTuner Statistics Server 7.3.2 Beta 2 (HKLM-x32…RTSS) (Version: 7.3.2 Beta 2 – Unwinder)

VALORANT (HKUS-1-5-21-185054945-3502447639-2721202950-1001…Riot Game valorant.live) (Version:  – Riot Games, Inc)

Voicemeeter, The Virtual Mixing Console (HKLM-x32…VB:Voicemeeter 17359A74-1236-5467) (Version:  – VB-Audio Software)

WinRAR 6.02 beta 1 (64-bit) (HKLM…WinRAR archiver) (Version: 6.02.1 – win.rar GmbH)

 

Packages:

=========

Microsoft Solitaire Collection -> C:Program FilesWindowsAppsMicrosoft.MicrosoftSolitaireCollection_4.9.5060.0_x64__8wekyb3d8bbwe [2021-05-20] (Microsoft Studios) [MS Ad]

NVIDIA Control Panel -> C:Program FilesWindowsAppsNVIDIACorp.NVIDIAControlPanel_8.1.960.0_x64__56jybvy8sckqj [2021-05-20] (NVIDIA Corp.)

Realtek Audio Control -> C:Program FilesWindowsAppsRealtekSemiconductorCorp.RealtekAudioControl_1.20.238.0_x64__dt26b99r8h8gj [2021-05-20] (Realtek Semiconductor Corp)

 

==================== Custom CLSID (Whitelisted): ==============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> CDC95B92-E27C-4745-A8C5-64A52A78855D => C:Program Files (x86)Internet Download ManagerIDMShellExt64.dll [2019-05-02] (Tonec Inc. -> Tonec Inc.)

ShellIconOverlayIdentifiers: [ OneDrive1] -> BBACC218-34EA-4666-9D7A-C78F2274A524 =>  -> No File

ShellIconOverlayIdentifiers: [ OneDrive2] -> 5AB7172C-9C11-405C-8DD5-AF20F3606282 =>  -> No File

ShellIconOverlayIdentifiers: [ OneDrive3] -> A78ED123-AB77-406B-9962-2A5D9D2F7F30 =>  -> No File

ShellIconOverlayIdentifiers: [ OneDrive4] -> F241C880-6982-4CE5-8CF7-7085BA96DA5A =>  -> No File

ShellIconOverlayIdentifiers: [ OneDrive5] -> A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E =>  -> No File

ShellIconOverlayIdentifiers: [ OneDrive6] -> 9AA2F32D-362A-42D9-9328-24A483E2CCC3 =>  -> No File

ShellIconOverlayIdentifiers: [ OneDrive7] -> C5FF006E-2AE9-408C-B85B-2DFDD5449D9C =>  -> No File

ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> BBACC218-34EA-4666-9D7A-C78F2274A524 =>  -> No File

ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> 5AB7172C-9C11-405C-8DD5-AF20F3606282 =>  -> No File

ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> A78ED123-AB77-406B-9962-2A5D9D2F7F30 =>  -> No File

ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> F241C880-6982-4CE5-8CF7-7085BA96DA5A =>  -> No File

ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E =>  -> No File

ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> 9AA2F32D-362A-42D9-9328-24A483E2CCC3 =>  -> No File

ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> C5FF006E-2AE9-408C-B85B-2DFDD5449D9C =>  -> No File

ContextMenuHandlers1: [WinRAR] -> B41DB860-64E4-11D2-9906-E49FADC173CA => C:Program FilesWinRARrarext.dll [2021-05-20] (win.rar GmbH -> Alexander Roshal)

ContextMenuHandlers1-x32: [WinRAR32] -> B41DB860-8EE4-11D2-9906-E49FADC173CA => C:Program FilesWinRARrarext32.dll [2021-05-20] (win.rar GmbH -> Alexander Roshal)

ContextMenuHandlers5: [NvCplDesktopContext] -> 3D1975AF-48C6-4f8e-A182-BE0E08FA86A9 => C:WINDOWSSystem32DriverStoreFileRepositorynv_dispi.inf_amd64_d71d3f5ea7618cbbnvshext.dll [2021-05-14] (NVIDIA Corporation -> NVIDIA Corporation)

ContextMenuHandlers6: [WinRAR] -> B41DB860-64E4-11D2-9906-E49FADC173CA => C:Program FilesWinRARrarext.dll [2021-05-20] (win.rar GmbH -> Alexander Roshal)

ContextMenuHandlers6-x32: [WinRAR32] -> B41DB860-8EE4-11D2-9906-E49FADC173CA => C:Program FilesWinRARrarext32.dll [2021-05-20] (win.rar GmbH -> Alexander Roshal)

 

==================== Codecs (Whitelisted) ====================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM…Drivers32: [VIDC.RTV1] => C:WINDOWSsystem32rtvcvfw64.dll [246272 2012-09-29] () [File not signed]

HKLM…Drivers32: [VIDC.RTV1] => C:WindowsSysWOW64rtvcvfw32.dll [247296 2012-09-29] () [File not signed]

 

==================== Shortcuts & WMI ========================

 

==================== Loaded Modules (Whitelisted) =============

 

2021-04-05 06:10 – 2021-04-05 06:10 – 000232960 _____ () [File not signed] C:Program Files (x86)MSI AfterburnerRTCore.dll

2021-04-05 06:10 – 2021-04-05 06:10 – 000057344 _____ () [File not signed] C:Program Files (x86)MSI AfterburnerRTFC.dll

2021-04-06 22:05 – 2021-04-06 22:05 – 000668672 _____ () [File not signed] C:Program Files (x86)MSI AfterburnerRTHAL.dll

2021-04-05 06:10 – 2021-04-05 06:10 – 000074240 _____ () [File not signed] C:Program Files (x86)MSI AfterburnerRTMUI.dll

2021-04-05 06:10 – 2021-04-05 06:10 – 000371712 _____ () [File not signed] C:Program Files (x86)MSI AfterburnerRTUI.dll

2021-05-21 05:35 – 2021-05-21 05:35 – 002299904 ___SH (Farbar) [File not signed] c:usersmeepmerpdesktopfrst64.exe 

 

==================== Alternate Data Streams (Whitelisted) ========

 

==================== Safe Mode (Whitelisted) ==================

 

==================== Association (Whitelisted) =================

 

==================== Internet Explorer (Whitelisted) ==========

 

BHO: IDM integration (IDMIEHlprObj Class) -> 0055C089-8582-441B-A0BF-17B458C2A3A8 -> C:Program Files (x86)Internet Download ManagerIDMIECC64.dll [2020-08-01] (Tonec Inc. -> Internet Download Manager, Tonec Inc.)

BHO-x32: IDM integration (IDMIEHlprObj Class) -> 0055C089-8582-441B-A0BF-17B458C2A3A8 -> C:Program Files (x86)Internet Download ManagerIDMIECC.dll [2020-08-01] (Tonec Inc. -> Internet Download Manager, Tonec Inc.)

 

==================== Hosts content: =========================

 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

 

2021-05-21 12:56 – 2021-05-21 12:55 – 000000824 _____ C:WINDOWSsystem32driversetchosts

 

==================== Other Areas ===========================

 

(Currently there is no automatic fix for this section.)

 

HKUS-1-5-21-185054945-3502447639-2721202950-1001Control PanelDesktopWallpaper -> C:UsersMeepMerpAppDataRoamingMicrosoftWindowsThemesTranscodedWallpaper

DNS Servers: 192.168.254.254

HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorer => (SmartScreenEnabled: Off)

Windows Firewall is enabled.

 

==================== MSCONFIG/TASK MANAGER disabled items ==

 

==================== FirewallRules (Whitelisted) ================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

FirewallRules: [D16CC061-FB93-4FFE-A80F-CC7959D4D08F] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [A67BBEFE-C59E-4CD9-ACBD-C8AA93AD5EA2] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [9D6ED280-90F6-406A-A769-BA4DC2485EE7] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [FD0701F0-9427-4F7C-B043-390ED643BB30] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [B50EEB92-2B7A-4889-A137-058259EE6CE4] => (Allow) C:Program FilesBraveSoftwareBrave-BrowserApplicationbrave.exe (Brave Software, Inc. -> Brave Software, Inc.)

FirewallRules: [467182AC-D371-4024-887A-249A8E653D1B] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [7EF94AE2-4315-4DA9-ACCE-27C1113D796D] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [9F85DF17-BAE6-47D5-BE7B-B89C07474BC4] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [2AB6B41F-E3A2-4F74-80D0-A916F5A21E5C] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [001A8474-39A5-4CAB-BF6E-8293C9214F80] => (Allow) C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [9DCAC350-658B-4F62-9C5D-95319E494CBA] => (Allow) C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)

 

==================== Restore Points =========================

 

20-05-2021 21:22:15 Microsoft Visual C++ 2017 Redistributable (x86) – 14.13.26020

 

==================== Faulty Device Manager Devices ============

 

 

==================== Event log errors: ========================

 

Application errors:

==================

Error: (05/21/2021 02:16:09 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: DllHost.exe, version: 10.0.19041.546, time stamp: 0xb850de5d

Faulting module name: combase.dll, version: 10.0.19041.928, time stamp: 0xf338dc14

Exception code: 0xc0000005

Fault offset: 0x0010c452

Faulting process id: 0x3618

Faulting application start time: 0x01d74da3767ff732

Faulting application path: C:WINDOWSSysWOW64DllHost.exe

Faulting module path: C:WINDOWSSystem32combase.dll

Report Id: 8b1381c0-07b4-48f3-8832-07a134463982

Faulting package full name: Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c

Faulting package-relative application ID: App

 

Error: (05/21/2021 02:09:00 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )

Description: License Activation (slui.exe) failed with the following error code:

hr=0x8007007B

Command-line arguments:

RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable

 

Error: (05/21/2021 02:08:57 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )

Description: License Activation (slui.exe) failed with the following error code:

hr=0x8007007B

Command-line arguments:

RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

 

Error: (05/21/2021 02:06:44 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )

Description: License Activation (slui.exe) failed with the following error code:

hr=0x8007007B

Command-line arguments:

RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable

 

Error: (05/21/2021 02:06:39 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )

Description: License Activation (slui.exe) failed with the following error code:

hr=0x8007007B

Command-line arguments:

RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

 

Error: (05/21/2021 01:02:33 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: DllHost.exe, version: 10.0.19041.546, time stamp: 0xb850de5d

Faulting module name: combase.dll, version: 10.0.19041.928, time stamp: 0xf338dc14

Exception code: 0xc0000005

Fault offset: 0x0010c452

Faulting process id: 0x1f90

Faulting application start time: 0x01d74d8cac0189b2

Faulting application path: C:WINDOWSSysWOW64DllHost.exe

Faulting module path: C:WINDOWSSystem32combase.dll

Report Id: 18e2a270-bab6-4392-85cd-5dd261ef6e28

Faulting package full name: Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c

Faulting package-relative application ID: App

 

Error: (05/20/2021 11:05:54 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )

Description: License Activation (slui.exe) failed with the following error code:

hr=0x8007007B

Command-line arguments:

RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

 

Error: (05/20/2021 11:05:51 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )

Description: License Activation (slui.exe) failed with the following error code:

hr=0x8007007B

Command-line arguments:

RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable

 

 

System errors:

=============

Error: (05/21/2021 02:08:06 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)

Description: DCOM got error “1115” attempting to start the service SecurityHealthService with arguments “Unavailable” in order to run the server:

8C9C0DB7-2CBA-40F1-AFE0-C55740DD91A0

 

Error: (05/21/2021 02:08:01 AM) (Source: DCOM) (EventID: 10010) (User: MEEPMERP)

Description: The server FD06603A-2BDF-4BB1-B7DF-5DC68F353601 did not register with DCOM within the required timeout.

 

Error: (05/21/2021 02:08:01 AM) (Source: DCOM) (EventID: 10010) (User: MEEPMERP)

Description: The server FD06603A-2BDF-4BB1-B7DF-5DC68F353601 did not register with DCOM within the required timeout.

 

Error: (05/21/2021 02:05:44 AM) (Source: DCOM) (EventID: 10010) (User: MEEPMERP)

Description: The server FD06603A-2BDF-4BB1-B7DF-5DC68F353601 did not register with DCOM within the required timeout.

 

Error: (05/21/2021 02:05:44 AM) (Source: DCOM) (EventID: 10010) (User: MEEPMERP)

Description: The server FD06603A-2BDF-4BB1-B7DF-5DC68F353601 did not register with DCOM within the required timeout.

 

Error: (05/20/2021 11:04:54 PM) (Source: DCOM) (EventID: 10010) (User: MEEPMERP)

Description: The server FD06603A-2BDF-4BB1-B7DF-5DC68F353601 did not register with DCOM within the required timeout.

 

Error: (05/20/2021 11:04:54 PM) (Source: DCOM) (EventID: 10010) (User: MEEPMERP)

Description: The server FD06603A-2BDF-4BB1-B7DF-5DC68F353601 did not register with DCOM within the required timeout.

 

Error: (05/20/2021 09:07:57 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)

Description: The server 7D096C5F-AC08-4F1F-BEB7-5C22C517CE39 did not register with DCOM within the required timeout.

 

 

Windows Defender:

================

Date: 2021-05-21 05:34:16

Description: 

Microsoft Defender Antivirus has detected malware or other potentially unwanted software.

For more information please see the following:

Name: Program:Win32/Wacapew.C!ml

Severity: Low

Category: Potentially Unwanted Software

Path: file:_C:UsersMeepMerpAppDataRoamingIDMDwnlDataMeepMerpFRST64_7FRST64.exe; file:_C:UsersMeepMerpDownloadsProgramsFRST64.exe; file:_C:UsersMeepMerpDownloadsProgramsfrst64.exe 

Detection Origin: Local machine

Detection Type: Concrete

Detection Source: Real-Time Protection

Process Name: C:UsersMeepMerpDownloadsProgramsfrst64.exe 

Security intelligence Version: AV: 1.339.1121.0, AS: 1.339.1121.0, NIS: 1.339.1121.0

Engine Version: AM: 1.1.18100.6, NIS: 1.1.18100.6

 

Date: 2021-05-21 05:34:05

Description: 

Microsoft Defender Antivirus has detected malware or other potentially unwanted software.

For more information please see the following:

Name: Program:Win32/Wacapew.C!ml

Severity: Low

Category: Potentially Unwanted Software

Path: file:_C:UsersMeepMerpAppDataRoamingIDMDwnlDataMeepMerpFRST64_7FRST64.exe; file:_C:UsersMeepMerpDownloadsProgramsFRST64.exe; file:_C:UsersMeepMerpDownloadsProgramsfrst64.exe 

Detection Origin: Local machine

Detection Type: Concrete

Detection Source: Real-Time Protection

Process Name: C:Windowsexplorer.exe

Security intelligence Version: AV: 1.339.1121.0, AS: 1.339.1121.0, NIS: 1.339.1121.0

Engine Version: AM: 1.1.18100.6, NIS: 1.1.18100.6

 

Date: 2021-05-21 05:34:04

Description: 

Microsoft Defender Antivirus has detected malware or other potentially unwanted software.

For more information please see the following:

Name: Program:Win32/Wacapew.C!ml

Severity: Low

Category: Potentially Unwanted Software

Path: file:_C:UsersMeepMerpAppDataRoamingIDMDwnlDataMeepMerpFRST64_7FRST64.exe; file:_C:UsersMeepMerpDownloadsProgramsFRST64.exe; file:_C:UsersMeepMerpDownloadsProgramsfrst64.exe 

Detection Origin: Local machine

Detection Type: Concrete

Detection Source: Real-Time Protection

Process Name: C:UsersMeepMerpDownloadsProgramsfrst64.exe 

Security intelligence Version: AV: 1.339.1121.0, AS: 1.339.1121.0, NIS: 1.339.1121.0

Engine Version: AM: 1.1.18100.6, NIS: 1.1.18100.6

 

Date: 2021-05-21 05:34:04

Description: 

Microsoft Defender Antivirus has detected malware or other potentially unwanted software.

For more information please see the following:

Name: Program:Win32/Wacapew.C!ml

Severity: Low

Category: Potentially Unwanted Software

Path: file:_C:UsersMeepMerpAppDataRoamingIDMDwnlDataMeepMerpFRST64_7FRST64.exe; file:_C:UsersMeepMerpDownloadsProgramsFRST64.exe; file:_C:UsersMeepMerpDownloadsProgramsfrst64.exe 

Detection Origin: Local machine

Detection Type: Concrete

Detection Source: Real-Time Protection

Process Name: C:UsersMeepMerpDownloadsProgramsFRST64.exe

Security intelligence Version: AV: 1.339.1121.0, AS: 1.339.1121.0, NIS: 1.339.1121.0

Engine Version: AM: 1.1.18100.6, NIS: 1.1.18100.6

 

Date: 2021-05-21 05:33:51

Description: 

Microsoft Defender Antivirus has detected malware or other potentially unwanted software.

For more information please see the following:

Name: Program:Win32/Wacapew.C!ml

Severity: Low

Category: Potentially Unwanted Software

Path: file:_C:UsersMeepMerpAppDataRoamingIDMDwnlDataMeepMerpFRST64_7FRST64.exe; file:_C:UsersMeepMerpDownloadsProgramsFRST64.exe

Detection Origin: Local machine

Detection Type: Concrete

Detection Source: Real-Time Protection

Process Name: C:WindowsResourcessvchost.exe

Security intelligence Version: AV: 1.339.1121.0, AS: 1.339.1121.0, NIS: 1.339.1121.0

Engine Version: AM: 1.1.18100.6, NIS: 1.1.18100.6



==================== Memory info =========================== 

 

BIOS: American Megatrends International, LLC. F33f 03/12/2021

Motherboard: Gigabyte Technology Co., Ltd. X570 AORUS ULTRA

Processor: AMD Ryzen 9 3900X 12-Core Processor 

Percentage of memory in use: 21%

Total physical RAM: 32709.65 MB

Available physical RAM: 25615.63 MB

Total Virtual: 37829.65 MB

Available Virtual: 27720.86 MB

 

==================== Drives ================================

 

Drive c: () (Fixed) (Total:930.37 GB) (Free:476.72 GB) NTFS

 

?Volume8c2eabe7-661a-4cc7-9439-45ec246649a3 (Recovery) (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS

?Volume4b7b78bd-c609-4e93-aa5a-f041e8723721 () (Fixed) (Total:0.51 GB) (Free:0.05 GB) NTFS

?Volume2a0e53c9-faa2-4bb8-8f88-2b90ab4b2cc5 () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

 

==================== MBR & Partition Table ====================

 

==========================================================

Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

 

Partition: GPT.

 

==================== End of Addition.txt =======================

 

Attached Files


  •  vrs.png   378.36KB
      0 downloads
  • Attached File
     1.png   26.6KB
      0 downloads

Next Post

Pink Raiders take frequent season's last series

They say that the game of baseball is all about pitching.  If which is the circumstance, the Texas Tech baseball group is rounding into type at just the suitable time of the period. Thanks in huge part to 18.1 innings of scoreless baseball from the starting rotation, head coach Tim […]