Windows security opening fully blanked - Virus, Trojan, Spyware, and Malware Removal Help (2023)

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-08-2022

Ran by keshav (administrator) on LAPTOP-Q9OJL611 (HP HP Pavilion Gaming Laptop 15-ec0xxx) (25-09-2022 21:32:22)

Running from C:\Users\kesha\Desktop

Loaded Profiles: keshav

Platform: Microsoft Windows 11 Home Single Language Version 22H2 22621.521 (X64) Language: English (United States)

Default browser: Edge

Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe

(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe

(C:\Program Files\Google\Chrome\Application\chrome.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe

(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe

(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>

(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe

(C:\Program Files\Quick Heal\Quick Heal Total Security\QUHLPSVC.EXE ->) (Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.) C:\Program Files\Quick Heal\Quick Heal Total Security\SCANNER.EXE

(C:\Program Files\Quick Heal\Quick Heal Total Security\SCSECSVC.EXE ->) (Quick Heal Technologies Limited -> ) C:\Program Files\Quick Heal\Quick Heal Total Security\BSSISS.EXE

(cmd.exe ->) (Tonec Inc. -> Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMMsgHost.exe

(DriverStore\FileRepository\hpanalyticscomp.inf_amd64_29c6c876bdaf5af9\x64\TouchpointAnalyticsClientService.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_29c6c876bdaf5af9\x64\TouchpointGpuInfo.exe

(DriverStore\FileRepository͖148.inf_amd64_49a476cb3d4116cb\B355990\atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository͖148.inf_amd64_49a476cb3d4116cb\B355990\atieclxx.exe

(ETDService.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrl.exe

(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <14>

(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <9>

(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe

(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe

(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe

(Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.) C:\Program Files\Quick Heal\Quick Heal Total Security\ONLINENT.EXE

(Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.) C:\Program Files\Quick Heal\Quick Heal Total Security\QHPISVR.EXE

(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository͖148.inf_amd64_49a476cb3d4116cb\B355990\atiesrxx.exe

(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(services.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDService.exe

(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe

(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_29c6c876bdaf5af9\x64\TouchpointAnalyticsClientService.exe

(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_ca8cb2046afa6b22\x64\AppHelperCap.exe

(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_ca8cb2046afa6b22\x64\DiagsCap.exe

(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_ca8cb2046afa6b22\x64\NetworkCap.exe

(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_ca8cb2046afa6b22\x64\SysInfoCap.exe

(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpomencustomcapcomp.inf_amd64_0e3fe4680158c746\x64\OmenCap\OmenCap.exe

(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe

(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_6.69.19001.0_x64__8wekyb3d8bbwe\gamingservices.exe

(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_6.69.19001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe

(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Locator.exe

(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>

(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvhm.inf_amd64_4a2f8a62d5686839\Display.NvContainer\NVDisplay.Container.exe <2>

(services.exe ->) (Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.) C:\Program Files\Quick Heal\Quick Heal Total Security\ARWSRVC.EXE

(services.exe ->) (Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.) C:\Program Files\Quick Heal\Quick Heal Total Security\bdssvc.exe

(services.exe ->) (Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.) C:\Program Files\Quick Heal\Quick Heal Total Security\EMLPROXY.EXE

(services.exe ->) (Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.) C:\Program Files\Quick Heal\Quick Heal Total Security\OPSSVC.EXE

(services.exe ->) (Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.) C:\Program Files\Quick Heal\Quick Heal Total Security\QUHLPSVC.EXE

(services.exe ->) (Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.) C:\Program Files\Quick Heal\Quick Heal Total Security\REPRSVC.EXE

(services.exe ->) (Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.) C:\Program Files\Quick Heal\Quick Heal Total Security\SAPISSVC.EXE

(services.exe ->) (Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.) C:\Program Files\Quick Heal\Quick Heal Total Security\SCSECSVC.EXE

(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe

(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe

(services.exe ->) (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOMN64.exe

(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

(services.exe ->) (WildTangent, Inc. -> ) C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe

(sihost.exe ->) (McAfee LLC.) C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\Win32\mcafee-security-ft.exe

(svchost.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe

(svchost.exe ->) (McAfee LLC.) C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\mcafee-security.exe

(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22072.207.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe

(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe

(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [331064 2020-10-16] (Apple Inc. -> Apple Inc.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)

HKLM\...\Run: [Quick Heal Core UI] => C:\Program Files\Quick Heal\Quick Heal Total Security\strtupap.exe [256760 2021-07-26] (Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1080552 2020-02-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor)

HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION

HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-07] (Microsoft Corporation -> Microsoft Corporation)

HKU\S-1-5-19\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HpseuHostLauncher.exe [536152 2022-08-13] (HP Inc. -> HP Inc.)

HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-07] (Microsoft Corporation -> Microsoft Corporation)

HKU\S-1-5-20\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HpseuHostLauncher.exe [536152 2022-08-13] (HP Inc. -> HP Inc.)

HKU\S-1-5-21-3193408149-1104093482-4191083156-1001\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HpseuHostLauncher.exe [536152 2022-08-13] (HP Inc. -> HP Inc.)

HKU\S-1-5-21-3193408149-1104093482-4191083156-1001\...\Run: [Discord] => C:\Users\kesha\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)

HKU\S-1-5-21-3193408149-1104093482-4191083156-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [5464376 2020-11-05] (Tonec Inc. -> Tonec Inc.) [File not signed]

HKU\S-1-5-21-3193408149-1104093482-4191083156-1001\...\Run: [BingWallpaperApp] => C:\Users\kesha\AppData\Local\Microsoft\BingWallpaperApp\BingWallpaperApp.exe [8537992 2021-08-23] (Microsoft Corporation -> Microsoft Corporation)

HKU\S-1-5-21-3193408149-1104093482-4191083156-1001\...\Run: [MicrosoftEdgeAutoLaunch_B8E5D947D3967B0BFD48B53E8E70FE4C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3795360 2022-09-22] (Microsoft Corporation -> Microsoft Corporation)

HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\105.0.5195.127\Installer\chrmstp.exe [2022-09-16] (Google LLC -> Google LLC)

HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\105.1.43.93\Installer\chrmstp.exe [2022-09-14] (Brave Software, Inc. -> Brave Software, Inc.)

HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->

HKLM\Software\...\Authentication\Credential Providers: [{f64945df-4fa9-4068-a2fb-61af319edd33}] -> C:\WINDOWS\system32\rdpcredentialprovider.dll [2022-09-22] (Microsoft Windows -> Microsoft Corporation)

Lsa: [Notification Packages] scecli C:\WINDOWS\system32\ScSecAuth.Dll

Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {03A99903-0719-41F5-B6A2-E4A5E8952551} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23709120 2022-09-18] (Microsoft Corporation -> Microsoft Corporation)

Task: {055144C0-F0D9-4991-9B63-633628D18E15} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23709120 2022-09-18] (Microsoft Corporation -> Microsoft Corporation)

Task: {0600DD45-FAF2-4131-A006-0B17509B9F78} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => %windir%\system32\sc.exe start InventorySvc

Task: {08BD09F4-BBD5-4759-9418-2A6680D41823} - System32\Tasks\Microsoft\Windows\PI\SecureBootEncodeUEFI => C:\WINDOWS\system32\SecureBootEncodeUEFI.exe [49152 2022-05-07] (Microsoft Windows -> )

Task: {0A5CB1E7-F6DA-4027-A17D-F7BD07D8CB15} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)

Task: {1301E595-15D2-4C5E-8E73-79372680EAF6} - System32\Tasks\Windows Service Task => C:\Users\kesha\AppData\Local\Updates\WindowsService.exe (No File) <==== ATTENTION

Task: {1924C62F-E087-476A-99B2-945A95905536} - System32\Tasks\Hewlett-Packard\HP Diagnostics\ABO => cmd /c start hpdiags://ABO

Task: {1EB94A25-7F86-40F3-B259-1DBD69A9212B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-10-24] (Google LLC -> Google LLC)

Task: {23B376E9-BC41-4464-86F4-BF755E609E0C} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BHM1 => cmd /c start hpdiags://BHM1

Task: {26EB1671-26A8-4E19-969B-97485C4B8CDB} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)

"C:\Windows\System32\Tasks\Microsoft\Windows\Security\Pwdless\IntelligentPwdlessTask" could not be unlocked. <==== ATTENTION

Task: {27CE9D59-9D48-4D29-99BC-64657AEBA494} - System32\Tasks\Microsoft\Windows\Security\Pwdless\IntelligentPwdlessTask

Task: {312F3504-F1B2-4BCB-A0DA-DC5949448896} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [142208 2022-09-18] (Microsoft Corporation -> Microsoft Corporation)

Task: {3726CBB4-6332-4A8A-8F41-C02F2086C271} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BatteryStatusError => cmd /c start hpdiags://BatteryStatusError

Task: {3821A0A8-7835-41DD-B004-E707F41B8CFE} - System32\Tasks\Quick Heal AntiMalware Scan => C:\Program Files\Quick Heal\Quick Heal Total Security\ASMAIN.EXE [402168 2021-07-18] (Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.)

Task: {4B8DE004-0E5A-45EB-B489-E0AC2B818F89} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1149512 2022-08-17] (HP Inc. -> HP Inc.)

Task: {5E90AAE6-767B-4E29-BC7C-73A976693151} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1644472 2019-06-21] (HP Inc. -> HP Inc.)

Task: {67676B65-963E-41F2-9D28-3EF468C63046} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [142208 2022-09-18] (Microsoft Corporation -> Microsoft Corporation)

Task: {6F457EC5-E6E7-4E4E-8412-736AE4566CD1} - System32\Tasks\Hewlett-Packard\HP Diagnostics\LaunchUI => cmd /c start hpdiags://LaunchUI

Task: {71C378B6-AD21-4368-AFC6-3BF912BC9C4D} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342080 2022-03-31] (Nvidia Corporation -> NVIDIA Corporation)

Task: {74F5751F-50B1-4D29-B441-7CABDEAB972F} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => C:\WINDOWS\system32\MusNotification.exe /RunOnBattery ReadyToReboot (No File)

Task: {7A61D54F-4564-44FA-8C82-6B87DC0D798F} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BatteryStatusTest => cmd /c start hpdiags://BatteryStatusTest

Task: {7C18180A-63B1-4F31-A4C0-1E8958F96D0A} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [64408 2022-09-08] (Microsoft Corporation -> Microsoft Corporation)

Task: {83904930-1910-4377-8D7C-AAFC3FA34EFA} - System32\Tasks\Hewlett-Packard\HP Diagnostics\ShowUI => cmd /c start hpdiags:

Task: {87C4F138-7B3A-4979-9342-C0FA59B4D68D} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => C:\WINDOWS\system32\MusNotification.exe /RunOnAC ReadyToReboot (No File)

Task: {8F88FF9B-B298-4385-A48A-225D213BA521} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-10-24] (Google LLC -> Google LLC)

Task: {92D0A0B3-CAD6-4C1C-905D-9786B644AB34} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-01] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log

Task: {A274BA5C-5847-497C-B7BD-B0A64517DB37} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162456 2021-06-19] (Brave Software, Inc. -> BraveSoftware Inc.)

(Video) How to remove computer virus, malware, spyware, full computer clean and maintenance 2021

Task: {A4CB2BAF-D02A-4056-AABE-A1A637C16554} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)

Task: {A777C08B-5B10-411F-9683-7AF406862BD8} - System32\Tasks\Window Update => C:\Users\kesha\AppData\Local\Updates\Run.vbs [1015 2022-05-09] () [File not signed] <==== ATTENTION

Task: {AE635EED-3B37-4A0F-AF65-B6A0CF9168E8} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [68280 2019-08-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

Task: {AE8EB524-FC54-4B3E-83C3-7486156289F6} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [60088 2019-08-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

Task: {B2475BF3-88CA-4BEC-9F36-1C10AF652C5C} - System32\Tasks\Resume Quickup Download => C:\Program Files\Quick Heal\Quick Heal Total Security\ACAPPAA.EXE [389368 2021-07-26] (Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.)

Task: {B507593C-3DCD-44CF-B10A-5E01E3ED8697} - System32\Tasks\S-1-5-21-3193408149-1104093482-4191083156-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe (No File)

Task: {B66B92CD-B18D-4C79-83E0-C7B128767236} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)

Task: {BA4141A0-90A6-4883-83B6-5A0093817AE0} - System32\Tasks\HP\Consent Manager Launcher => sc start hptouchpointanalyticsservice

Task: {BA709CDD-314D-4B0B-A9CB-9FCC47E4AC33} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)

Task: {BEE9753A-4C03-4613-929C-03B89D50D792} - System32\Tasks\Microsoft\Windows\CloudRestore\Restore => {B4BCFA6F-948D-46B8-BF27-E8B1117E23B3} C:\WINDOWS\system32\CloudRestoreLauncher.dll [245760 2022-09-22] (Microsoft Windows -> Microsoft Corporation)

Task: {C375B8E7-1D4F-4E57-90E7-3BEFD0DFCE06} - System32\Tasks\Microsoft\Windows\WlanSvc\MoProfileManagement => {085EDA12-CF4A-4944-8222-8ADCADE137CB} C:\Windows\System32\WlanMediaManager.dll [897024 2022-09-22] (Microsoft Windows -> Microsoft Corporation)

Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (No File)

Task: {CF335439-0EC2-4AEC-9190-356B18026C02} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [138328 2022-08-17] (HP Inc. -> HP Inc.)

Task: {D5E23834-65A1-43EC-A288-F822FACEA796} - System32\Tasks\Hewlett-Packard\HP Diagnostics\SmartCheckError => cmd /c start hpdiags://SmartCheckError

Task: {DC06BD1E-8B84-457D-B043-FE2755B992F1} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)

Task: {DF806A16-77E9-4465-9D24-BCC06CC02D3F} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BHM2 => cmd /c start hpdiags://BHM2

Task: {E09DAFEB-940B-496E-B925-11E5E4754DEE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1149512 2022-08-17] (HP Inc. -> HP Inc.)

Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => C:\WINDOWS\system32\MusNotification.exe (No File)

Task: {E7DD90A0-D965-430A-AA91-34DCB6B9B9AE} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_UpdateInterval => C:\WINDOWS\system32\MusNotification.exe Display (No File)

Task: {E887C1B5-28A4-45EF-BD3A-82D15854A4A8} - System32\Tasks\Hewlett-Packard\HP Diagnostics\SmartCheckTest => cmd /c start hpdiags://SmartCheckTest

Task: {EC10E115-4995-4D25-9CA1-E839DD97646D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [847392 2022-08-17] (HP Inc. -> HP Inc.)

Task: {F077B6A8-E47A-4E64-9620-B0134C0499CB} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646344 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)

Task: {F87BAE91-2470-40AB-9F94-A437578A5E4D} - System32\Tasks\Microsoft\Windows\Application Experience\SdbinstMergeDbTask => C:\WINDOWS\system32\sdbinst.exe [217088 2022-09-22] (Microsoft Windows -> Microsoft Corporation)

Task: {F8F3A0E7-D2E4-4BB7-9E4C-14B7E974FEBD} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162456 2021-06-19] (Brave Software, Inc. -> BraveSoftware Inc.)

Task: {FA6BA0EB-893F-4F47-8D12-C15538731A0A} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)

Task: {FF76BCD3-22A5-4F82-BADB-5B5507804A39} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BCF => cmd /c start hpdiags://BCF

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Quick Heal AntiMalware Scan.job => C:\Program Files\Quick Heal\Quick Heal Total Security\ASMAIN.EXE

Task: C:\WINDOWS\Tasks\Resume Quickup Download.job => C:\Program Files\Quick Heal\Quick Heal Total Security\ACAPPAA.EXE

See Also
Teach English in South Korea27 wichtige Social Media Tools, die Du kennen musstTop 10 Physical Therapy Schools in California for Aspiring StudentsBEST Private Instagram Downloader 2022 (Videos & Stories) » WP Dev Shed

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.29.1

Tcpip\..\Interfaces\{a4e312c0-d1ab-47fe-a85a-15a0663fc666}: [DhcpNameServer] 192.168.29.1

Tcpip\..\Interfaces\{bdbef1e2-83ca-4dae-8bf9-52cf6a59d343}: [DhcpNameServer] 192.168.0.1 0.0.0.0

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION

Edge:

=======

Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]

Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]

Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]

Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]

Edge DefaultProfile: Default

Edge Profile: C:\Users\kesha\AppData\Local\Microsoft\Edge\User Data\Default [2022-09-25]

Edge Extension: (IDM Integration Module) - C:\Users\kesha\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\llbjbkhnmlidjebalopleeepgdfgcpec [2022-05-20]

Edge Extension: (AdBlock — best ad blocker) - C:\Users\kesha\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ndcileolkflehcjpmjnfbnaibdcgglog [2022-08-31]

Edge Extension: (Microsoft Power Automate) - C:\Users\kesha\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\njjljiblognghfjfpcdpdbpbfcmhgafg [2022-08-07]

Edge HKU\S-1-5-21-3193408149-1104093482-4191083156-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [llbjbkhnmlidjebalopleeepgdfgcpec] - C:\Program Files (x86)\Internet Download Manager\IDMEdgeExt.crx [2020-10-31]

Edge HKU\S-1-5-21-3193408149-1104093482-4191083156-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [njjljiblognghfjfpcdpdbpbfcmhgafg]

FireFox:

========

FF HKU\S-1-5-21-3193408149-1104093482-4191083156-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\kesha\AppData\Roaming\IDM\idmmzcc5

FF Extension: (IDM CC) - C:\Users\kesha\AppData\Roaming\IDM\idmmzcc5 [2020-11-05] [Legacy] [not signed]

FF HKU\S-1-5-21-3193408149-1104093482-4191083156-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi

FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-12-20] [Legacy]

FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-07-10] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-07-10] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)

FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)

FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)

Chrome:

=======

CHR DefaultProfile: Profile 1

CHR Profile: C:\Users\kesha\AppData\Local\Google\Chrome\User Data\Default [2021-07-10]

CHR Notifications: Default -> hxxps://drive.google.com; hxxps://www.ntsehelpline.com

CHR Extension: (Slides) - C:\Users\kesha\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-10-24]

CHR Extension: (Safe Torrent Scanner) - C:\Users\kesha\AppData\Local\Google\Chrome\User Data\Default\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2021-03-01]

CHR Extension: (Docs) - C:\Users\kesha\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-10-24]

CHR Extension: (IDM Integration Module) - C:\Users\kesha\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2021-03-10]

CHR Extension: (Chrome Web Store Payments) - C:\Users\kesha\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-03]

CHR Extension: (Chrome Media Router) - C:\Users\kesha\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-27]

CHR Profile: C:\Users\kesha\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-05-26]

CHR Profile: C:\Users\kesha\AppData\Local\Google\Chrome\User Data\Profile 1 [2022-09-25]

CHR Extension: (Google Docs Offline) - C:\Users\kesha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-08-31]

CHR Extension: (IDM Integration Module) - C:\Users\kesha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2022-07-14]

CHR Extension: (Chrome Web Store Payments) - C:\Users\kesha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-05-26]

CHR Profile: C:\Users\kesha\AppData\Local\Google\Chrome\User Data\System Profile [2021-05-26]

CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2020-10-31]

CHR HKU\S-1-5-21-3193408149-1104093482-4191083156-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gjgfobnenmnljakmhboildkafdkicala]

CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]

CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2020-10-31]

Brave:

=======

BRA Profile: C:\Users\kesha\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2022-07-14]

BRA Extension: (Safe Torrent Scanner) - C:\Users\kesha\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2022-07-14]

BRA Extension: (IDM Integration Module) - C:\Users\kesha\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2022-07-14]

BRA Extension: (Brave Local Data Files Updater) - C:\Users\kesha\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2022-07-14]

BRA Extension: (Brave NTP background images) - C:\Users\kesha\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2022-07-14]

BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\kesha\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2022-07-14]

BRA Extension: (Brave NTP sponsored images) - C:\Users\kesha\AppData\Local\BraveSoftware\Brave-Browser\User Data\ckcgdbohephpcbegllbicpadgbifppfo [2022-07-14]

BRA Extension: (Brave SpeedReader Updater) - C:\Users\kesha\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2022-07-14]

BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\kesha\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2022-07-14]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2020-09-24] (Apple Inc. -> Apple Inc.)

R2 arwsrvc; C:\Program Files\Quick Heal\Quick Heal Total Security\arwsrvc.exe [77040 2022-09-24] (Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.)

R2 Behavior Detection System; C:\Program Files\Quick Heal\Quick Heal Total Security\bdssvc.exe [53880 2022-09-24] (Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.)

S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162456 2021-06-19] (Brave Software, Inc. -> BraveSoftware Inc.)

S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162456 2021-06-19] (Brave Software, Inc. -> BraveSoftware Inc.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12131256 2022-09-18] (Microsoft Corporation -> Microsoft Corporation)

R2 Core Mail Protection; C:\Program Files\Quick Heal\Quick Heal Total Security\EMLPROXY.EXE [129784 2021-07-26] (Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.)

S2 Core Scanning Server; C:\Program Files\Quick Heal\Quick Heal Total Security\SAPISSVC.EXE [329976 2021-07-19] (Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.)

R3 Core Scanning ServerEx; C:\Program Files\Quick Heal\Quick Heal Total Security\SAPISSVC.EXE [329976 2021-07-19] (Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.)

S3 dcsvc; C:\WINDOWS\system32\dcsvc.dll [802816 2022-05-07] (Microsoft Windows -> Microsoft Corporation)

R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [905080 2020-03-18] (HP Inc. -> HP Inc.)

R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_ca8cb2046afa6b22\x64\AppHelperCap.exe [771072 2022-07-31] (HP Inc. -> HP Inc.)

R2 HPDiagsCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_ca8cb2046afa6b22\x64\DiagsCap.exe [769536 2022-07-31] (HP Inc. -> HP Inc.)

R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_ca8cb2046afa6b22\x64\NetworkCap.exe [766464 2022-07-31] (HP Inc. -> HP Inc.)

R2 HPOmenCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpomencustomcapcomp.inf_amd64_0e3fe4680158c746\x64\OmenCap\OmenCap.exe [744016 2022-06-14] (HP Inc. -> HP Inc.)

S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1149480 2018-06-07] (HP Inc. -> HP)

R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_ca8cb2046afa6b22\x64\SysInfoCap.exe [770048 2022-07-31] (HP Inc. -> HP Inc.)

R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_29c6c876bdaf5af9\x64\TouchpointAnalyticsClientService.exe [489696 2022-05-26] (HP Inc. -> HP Inc.)

R3 InventorySvc; C:\WINDOWS\system32\inventorysvc.dll [304496 2022-09-22] (Microsoft Windows -> Microsoft Corporation)

R2 Online Protection System; C:\Program Files\Quick Heal\Quick Heal Total Security\opssvc.exe [148216 2021-07-26] (Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.)

R2 Quick Update Service; C:\Program Files\Quick Heal\Quick Heal Total Security\quhlpsvc.exe [253688 2021-07-26] (Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.)

R2 RepairService; C:\Program Files\Quick Heal\Quick Heal Total Security\reprsvc.exe [81656 2021-07-26] (Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.)

S2 ScanWscS; C:\Program Files\Quick Heal\Quick Heal Total Security\SCANWSCS.EXE [432536 2022-06-29] (Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.)

R2 ScSecSvc; C:\Program Files\Quick Heal\Quick Heal Total Security\ScSecSvc.exe [643832 2021-11-12] (Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.)

R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [14718784 2022-08-14] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

(Video) This Will Clean Your Computer Viruses (Malware)

R2 TextInputManagementService; C:\WINDOWS\System32\TabSvc.dll [266240 2022-09-22] (Microsoft Windows -> Microsoft Corporation)

R3 webthreatdefsvc; C:\WINDOWS\System32\webthreatdefsvc.dll [163840 2022-05-07] (Microsoft Windows -> Microsoft Corporation)

R2 WildTangentHelper; C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe [1689984 2022-03-29] (WildTangent, Inc. -> )

S3 wuauserv; C:\WINDOWS\system32\wuauserv.dll [137568 2022-09-22] (Microsoft Windows -> Microsoft Corporation)

R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvhm.inf_amd64_4a2f8a62d5686839\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvhm.inf_amd64_4a2f8a62d5686839\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

S2 PEFService; "C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe" [X]

S3 Rockstar Service; "C:\Program Files\Rockstar Games\Launcher\RockstarService.exe" [X]

S4 WdNisSvc; "%ProgramData%\Microsoft\Windows Defender\Platform\4.18.2207.7-0\NisSrv.exe" [X]

S4 WinDefend; "C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aftap0901; C:\WINDOWS\System32\drivers\aftap0901.sys [48624 2018-12-18] (AnchorFree Inc -> The OpenVPN Project)

S3 AmUStor; C:\WINDOWS\system32\drivers\AmUStorU.sys [127936 2019-05-22] (Alcorlink Corp. -> )

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)

S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)

R3 arwflt; C:\WINDOWS\System32\DRIVERS\arwflt.sys [181032 2022-09-24] (Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.)

R3 atkldrvr; C:\WINDOWS\System32\DRIVERS\atkldrvr.sys [57144 2021-07-18] (Quick Heal Technologies Private Limited -> Quick Heal Technologies Ltd.)

R1 bdsflt; C:\WINDOWS\System32\DRIVERS\bdsflt.sys [145920 2022-09-24] (Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.)

R2 bfs; C:\WINDOWS\system32\drivers\bfs.sys [91488 2022-09-22] (Microsoft Windows -> Microsoft Corporation)

R3 bsfs; C:\WINDOWS\System32\DRIVERS\bsfs.sys [96640 2021-07-18] (Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.)

R2 catflt; C:\WINDOWS\System32\DRIVERS\catflt.sys [308176 2021-05-10] (Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.)

S0 elamdrv; C:\WINDOWS\System32\DRIVERS\elamdrv.sys [36824 2021-03-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Quick Heal Technologies Ltd.)

R2 emlssx; C:\WINDOWS\system32\DRIVERS\emlssx.sys [49752 2020-09-21] (Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.)

S0 GenPass; C:\WINDOWS\System32\DriverStore\FileRepository\genpass.inf_amd64_bef88a423225ecdc\genpass.sys [62800 2022-05-07] (Microsoft Windows -> Microsoft Corporation)

R1 ggc; C:\WINDOWS\System32\DRIVERS\ggc.sys [98136 2020-03-20] (Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.)

R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_a955fa431e522f5e\x64\hpcustomcapdriver.sys [25592 2021-09-16] (HP Inc. -> HP Inc.)

R3 HPOmenCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpomencustomcapdriver.inf_amd64_326f2e1d16385daf\x64\hpomencustomcapdriver.sys [23888 2019-05-03] (HP Inc. -> HP Inc.)

R3 kbfltr; C:\WINDOWS\system32\DRIVERS\kbfltr.sys [39152 2019-11-18] (Quick Heal Technologies Private Limited -> Quick Heal Technologies Ltd.)

S3 llio; C:\WINDOWS\system32\DRIVERS\llio.sys [91200 2019-11-18] (Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.)

R0 mscank; C:\WINDOWS\System32\DRIVERS\mscank.sys [62192 2019-11-18] (Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.)

S3 MYUSB; C:\WINDOWS\System32\Drivers\MFS100.sys [84800 2018-02-20] (Cypress Semiconductor Technology India Pvt Ltd. -> Cypress Semiconductor)

R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48552 2021-11-01] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)

S0 pvscsi; C:\WINDOWS\System32\drivers\pvscsii.sys [45408 2022-05-07] (Microsoft Windows -> VMware, Inc.)

S3 RoutePolicy; C:\WINDOWS\System32\drivers\RoutePolicy.sys [98304 2022-05-07] (Microsoft Windows -> )

R3 rtcx21; C:\WINDOWS\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_516e5c9b75c49dc2\rtcx21x64.sys [539648 2022-05-06] (Microsoft Windows -> Realtek)

R1 rtf64; C:\WINDOWS\system32\DRIVERS\rtf64x64.sys [70560 2018-09-03] (Realtek Semiconductor Corp. -> Realtek)

S3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2020-06-09] (TEFINCOM S.A. -> The OpenVPN Project)

S3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49024 2021-05-28] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)

S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2020-04-15] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)

R2 vdiskdrv; C:\WINDOWS\System32\DRIVERS\vdiskdrv.sys [110560 2021-07-18] (Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.)

R3 ViGEmBus; C:\WINDOWS\System32\DriverStore\FileRepository\vigembus.inf_amd64_e84845c70c38fbe7\x64\ViGEmBus.sys [74648 2018-08-01] (HP Inc. -> Benjamin Höglinger-Stelzer)

R0 webssx; C:\WINDOWS\System32\drivers\webssx8.sys [109368 2021-07-27] (Quick Heal Technologies Limited -> Quick Heal Technologies Ltd.)

R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [40104 2022-06-17] (HP Inc. -> HP)

R2 wtd; C:\WINDOWS\System32\drivers\wtd.sys [118784 2022-09-22] (Microsoft Windows -> Microsoft Corporation)

R1 YSDrv; C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [312776 2021-01-21] (Microsoft Windows Hardware Compatibility Publisher -> Nox Limited Corporation)

U4 MsSecFlt; no ImagePath

U4 Sense; no ImagePath

U4 SgrmAgent; no ImagePath

U4 SgrmBroker; no ImagePath

S4 WdBoot; \SystemRoot\system32\drivers\wd\WdBoot.sys [X]

S4 WdFilter; \SystemRoot\system32\drivers\wd\WdFilter.sys [X]

S4 WdNisDrv; system32\drivers\wd\WdNisDrv.sys [X]

S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

NETSVC: DcSvc -> C:\Windows\system32\dcsvc.dll (Microsoft Corporation)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

See Also
Free Online Board Games To Play With Friends In 2022 Solving Problems: A Teaching on Little Problems vs. the Big Problem in LifeWhat is IPv6, and why is adoption taking so long?7 Ways Country Legend Dolly Parton Quietly Gives Back to Make the World a Better Place

2022-09-25 21:32 - 2022-09-25 21:37 - 000042468 _____ C:\Users\kesha\Desktop\FRST.txt

2022-09-25 21:29 - 2022-09-25 21:34 - 000000000 ____D C:\FRST

2022-09-25 21:26 - 2022-09-25 21:26 - 002371072 _____ (Farbar) C:\Users\kesha\Desktop\FRST64.exe

2022-09-25 21:16 - 2022-09-25 21:16 - 000000000 ___HD C:\Users\kesha\ScStore

2022-09-25 02:20 - 2022-09-25 02:20 - 000000000 ____D C:\WINDOWS\Minidump

2022-09-25 02:20 - 2022-09-25 02:20 - 000000000 _____ C:\WINDOWS\Minidump\092522-44140-01.dmp

2022-09-24 16:31 - 2022-09-24 16:31 - 000006305 _____ C:\WINDOWS\regact.dat

2022-09-24 16:28 - 2022-09-25 17:07 - 000000000 ____D C:\cfrbackup-FFAVJEMP

2022-09-24 16:28 - 2022-09-24 21:56 - 000000500 _____ C:\WINDOWS\Tasks\Quick Heal AntiMalware Scan.job

2022-09-24 16:28 - 2022-09-24 16:28 - 000003624 _____ C:\WINDOWS\system32\Tasks\Quick Heal AntiMalware Scan

2022-09-24 16:28 - 2022-09-24 16:28 - 000001306 _____ C:\Users\Public\Desktop\Quick Heal Total Security.lnk

2022-09-24 16:27 - 2022-09-24 21:56 - 000000476 _____ C:\WINDOWS\Tasks\Resume Quickup Download.job

2022-09-24 16:27 - 2022-09-24 16:38 - 000145920 _____ (Quick Heal Technologies Ltd.) C:\WINDOWS\system32\Drivers\bdsflt.sys

2022-09-24 16:27 - 2022-09-24 16:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quick Heal Total Security

2022-09-24 16:27 - 2022-09-24 16:27 - 000003564 _____ C:\WINDOWS\system32\Tasks\Resume Quickup Download

2022-09-24 16:27 - 2022-09-24 16:27 - 000001313 _____ C:\Users\Public\Desktop\Quick Heal Safe Banking.lnk

2022-09-24 16:27 - 2022-09-24 16:27 - 000001306 _____ C:\Users\Public\Desktop\Quick Heal Secure Browse.lnk

2022-09-24 16:27 - 2021-08-20 20:28 - 000123120 _____ (Quick Heal Technologies Ltd.) C:\WINDOWS\system32\atklshld64.dll

2022-09-24 16:27 - 2021-08-20 20:28 - 000107248 _____ (Quick Heal Technologies Ltd.) C:\WINDOWS\SysWOW64\atklshld32.dll

2022-09-24 16:27 - 2021-08-05 00:30 - 000303856 _____ (Quick Heal Technologies Ltd.) C:\WINDOWS\system32\ScSandboxApi.dll

2022-09-24 16:27 - 2021-08-05 00:30 - 000249072 _____ (Quick Heal Technologies Ltd.) C:\WINDOWS\SysWOW64\ScSandboxApi.dll

2022-09-24 16:27 - 2021-08-04 23:47 - 000468720 _____ (Quick Heal Technologies Ltd.) C:\WINDOWS\system32\ScDetour.Dll

2022-09-24 16:27 - 2021-08-04 23:47 - 000396528 _____ (Quick Heal Technologies Ltd.) C:\WINDOWS\SysWOW64\ScDetour.Dll

2022-09-24 16:27 - 2021-08-04 23:47 - 000215792 _____ (Quick Heal Technologies Ltd.) C:\WINDOWS\system32\ScSecAuth.Dll

2022-09-24 16:27 - 2021-07-27 22:33 - 000109368 _____ (Quick Heal Technologies Ltd.) C:\WINDOWS\system32\Drivers\webssx8.sys

2022-09-24 16:27 - 2020-09-21 09:56 - 000049752 _____ (Quick Heal Technologies Ltd.) C:\WINDOWS\system32\Drivers\emlssx.sys

2022-09-24 16:27 - 2020-09-11 18:00 - 000124400 _____ (Quick Heal Technologies Ltd.) C:\WINDOWS\system32\Drivers\wsfilter.sys

2022-09-24 16:27 - 2019-11-18 13:37 - 000091200 _____ (Quick Heal Technologies Ltd.) C:\WINDOWS\system32\Drivers\llio.sys

2022-09-24 16:27 - 2019-11-18 13:37 - 000062192 _____ (Quick Heal Technologies Ltd.) C:\WINDOWS\system32\Drivers\mscank.sys

2022-09-24 16:05 - 2022-09-24 16:05 - 000000000 ____D C:\WINDOWS\system32\config\BFS

2022-09-24 16:00 - 2022-09-24 16:00 - 000000000 ____D C:\WINDOWS\%LOCALAPPDATA%

2022-09-24 15:51 - 2022-09-24 21:54 - 000000000 ____D C:\WINDOWS\system32\gprodat

2022-09-24 15:50 - 2022-09-24 16:27 - 000000000 ____D C:\Program Files\Common Files\Quick Heal

2022-09-24 15:50 - 2020-03-20 16:17 - 000098136 _____ (Quick Heal Technologies Ltd.) C:\WINDOWS\system32\Drivers\ggc.sys

2022-09-24 00:48 - 2018-01-15 19:55 - 000000000 ____D C:\Users\kesha\Desktop\GTA-SanAndreas

2022-09-24 00:26 - 2022-09-24 00:27 - 208303208 _____ (Quick Heal Technologies Ltd.) C:\Users\kesha\Desktop\QHTSFT64.EXE

2022-09-23 23:52 - 2022-09-24 15:50 - 000000000 ____D C:\Program Files\Quick Heal

2022-09-23 22:02 - 2022-09-23 22:05 - 000001956 _____ C:\Users\kesha\Downloads\Windows Defender.reg

2022-09-23 20:36 - 2022-09-23 22:46 - 000000000 ____D C:\Users\kesha\AppData\Local\ElevatedDiagnostics

2022-09-23 20:34 - 2022-09-23 20:35 - 000191040 _____ C:\Users\kesha\Downloads\WinSecurity.diagcab

2022-09-23 19:59 - 2022-09-23 19:59 - 000002220 _____ C:\Users\kesha\Desktop\dControl.ini

2022-09-23 19:37 - 2022-09-23 19:37 - 000000011 _____ C:\Users\kesha\start

2022-09-23 15:40 - 2022-09-25 12:59 - 000000000 ____D C:\Users\kesha\Documents\GTA San Andreas User Files

2022-09-23 15:40 - 2022-09-25 06:13 - 000000000 ____D C:\Users\kesha\AppData\Local\Updates

2022-09-23 15:40 - 2022-09-23 15:41 - 000003288 _____ C:\WINDOWS\system32\Tasks\Windows Service Task

2022-09-23 15:40 - 2022-09-23 15:41 - 000003252 _____ C:\WINDOWS\system32\Tasks\Window Update

2022-09-23 15:40 - 2022-09-23 15:40 - 000014544 _____ (OpenLibSys.org) C:\WINDOWS\system32\WinRing0x64.sys

2022-09-23 15:40 - 2022-09-23 15:40 - 000000000 ____D C:\Program Files (x86)\OceanofGames.ccom

2022-09-23 15:38 - 2022-09-23 22:44 - 000000258 __RSH C:\ProgramData\ntuser.pol

2022-09-23 15:35 - 2022-09-23 15:35 - 000000179 _____ C:\AiOLog.txt

2022-09-23 01:30 - 2022-09-23 01:30 - 000000000 ____D C:\Users\kesha\AppData\LocalLow\Sun

2022-09-23 00:44 - 2022-09-24 00:41 - 000000000 ____D C:\Program Files (x86)\Rockstar Games

2022-09-23 00:34 - 2022-09-23 00:44 - 000000000 ____D C:\Program Files\Rockstar Games

2022-09-22 21:14 - 2022-09-22 21:14 - 000000000 ____D C:\ProgramData\Microsoft OneDrive

2022-09-22 21:09 - 2022-09-22 21:09 - 000000020 ___SH C:\Users\kesha\ntuser.ini

2022-09-22 19:48 - 2022-09-25 21:15 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT

2022-09-22 19:48 - 2022-09-22 22:38 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3193408149-1104093482-4191083156-1001

2022-09-22 19:48 - 2022-09-22 22:38 - 000003382 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3193408149-1104093482-4191083156-1001

2022-09-22 19:48 - 2022-09-22 21:01 - 000003418 _____ C:\WINDOWS\system32\Tasks\BraveSoftwareUpdateTaskMachineUA

2022-09-22 19:48 - 2022-09-22 21:01 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

(Video) Windows Virus entfernen im Notfall: So löscht ihr jeden Virus!

2022-09-22 19:48 - 2022-09-22 21:01 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2022-09-22 19:48 - 2022-09-22 21:01 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2022-09-22 19:48 - 2022-09-22 21:00 - 000003464 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA

2022-09-22 19:48 - 2022-09-22 21:00 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2022-09-22 19:48 - 2022-09-22 21:00 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA

2022-09-22 19:48 - 2022-09-22 21:00 - 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2022-09-22 19:48 - 2022-09-22 21:00 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2022-09-22 19:48 - 2022-09-22 21:00 - 000002856 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3193408149-1104093482-4191083156-500

2022-09-22 19:48 - 2022-09-22 20:59 - 000003240 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore

2022-09-22 19:48 - 2022-09-22 20:59 - 000003194 _____ C:\WINDOWS\system32\Tasks\BraveSoftwareUpdateTaskMachineCore

2022-09-22 19:48 - 2022-09-22 20:59 - 000003124 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore

2022-09-22 19:48 - 2022-09-22 20:59 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2022-09-22 19:48 - 2022-09-22 20:59 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2022-09-22 19:48 - 2022-09-22 20:59 - 000002766 _____ C:\WINDOWS\system32\Tasks\HPAudioSwitch

2022-09-22 19:48 - 2022-09-22 20:59 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2022-09-22 19:48 - 2022-09-22 20:59 - 000002202 _____ C:\WINDOWS\system32\Tasks\StartCN

2022-09-22 19:48 - 2022-09-22 20:59 - 000002122 _____ C:\WINDOWS\system32\Tasks\StartDVR

2022-09-22 19:48 - 2022-09-22 19:48 - 000000000 ____D C:\WINDOWS\system32\Tasks\S-1-5-21-3193408149-1104093482-4191083156-1001

2022-09-22 19:48 - 2022-09-22 19:48 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP

2022-09-22 19:48 - 2022-09-22 19:48 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hewlett-Packard

2022-09-22 19:48 - 2022-09-22 19:48 - 000000000 ____D C:\WINDOWS\system32\Tasks\Apple

2022-09-22 19:48 - 2022-09-22 19:48 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime

2022-09-22 19:48 - 2020-08-24 19:10 - 000002856 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1861917052-1476368993-1722093692-500

2022-09-22 19:48 - 2019-12-02 18:57 - 000002856 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3801673586-3026446742-2807759128-500

2022-09-22 19:48 - 2019-04-15 21:11 - 000003390 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-913737145-1433743232-4147240673-500

2022-09-22 19:44 - 2022-09-22 19:48 - 000022863 _____ C:\WINDOWS\diagwrn.xml

2022-09-22 19:44 - 2022-09-22 19:48 - 000022863 _____ C:\WINDOWS\diagerr.xml

2022-09-22 19:36 - 2022-09-25 21:23 - 000944980 _____ C:\WINDOWS\system32\PerfStringBackup.INI

2022-09-22 19:28 - 2022-09-25 12:18 - 000000000 ____D C:\WINDOWS\system32\SleepStudy

2022-09-22 19:28 - 2022-09-22 19:29 - 000498968 _____ C:\WINDOWS\system32\FNTCACHE.DAT

2022-09-22 19:26 - 2022-09-22 21:02 - 000000000 ____D C:\Windows.old

2022-09-22 18:04 - 2022-09-22 19:27 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate

2022-09-22 18:01 - 2022-09-25 21:16 - 000000000 ____D C:\Users\kesha

2022-09-22 18:01 - 2022-09-22 19:39 - 000000000 ____D C:\Users\defaultuser100000.LAPTOP-Q9OJL611

2022-09-22 18:01 - 2022-09-22 19:38 - 000000000 ____D C:\Users\defaultuser100000

2022-09-22 18:01 - 2022-05-07 10:49 - 000001281 _____ C:\Users\kesha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools.lnk

2022-09-22 18:01 - 2022-05-07 10:49 - 000001281 _____ C:\Users\defaultuser100000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools.lnk

2022-09-22 18:01 - 2022-05-07 10:49 - 000001281 _____ C:\Users\defaultuser100000.LAPTOP-Q9OJL611\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools.lnk

2022-09-22 18:01 - 2022-05-07 10:49 - 000000407 _____ C:\Users\kesha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\File Explorer.lnk

2022-09-22 18:01 - 2022-05-07 10:49 - 000000407 _____ C:\Users\defaultuser100000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\File Explorer.lnk

2022-09-22 18:01 - 2022-05-07 10:49 - 000000407 _____ C:\Users\defaultuser100000.LAPTOP-Q9OJL611\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\File Explorer.lnk

2022-09-22 17:59 - 2022-09-22 17:59 - 000000000 ____D C:\WINDOWS\system32\AMD

2022-09-22 17:59 - 2022-09-22 17:59 - 000000000 ____D C:\WINDOWS\Firmware

2022-09-22 17:58 - 2022-09-22 18:03 - 000000000 ____D C:\WINDOWS\ServiceProfiles

2022-09-22 17:39 - 2022-09-22 17:39 - 000470528 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe

2022-09-22 17:39 - 2022-09-22 17:39 - 000133120 _____ C:\WINDOWS\SysWOW64\stordiag.exe

2022-09-22 17:37 - 2022-09-22 17:37 - 000530944 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe

2022-09-22 17:37 - 2022-09-22 17:37 - 000180224 _____ C:\WINDOWS\system32\stordiag.exe

2022-09-22 17:37 - 2022-09-22 17:37 - 000055128 _____ C:\WINDOWS\system32\SFAPE.dll

2022-09-22 17:37 - 2022-09-22 17:37 - 000016204 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim

2022-09-22 17:36 - 2022-09-22 17:36 - 002088752 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll

2022-09-22 17:35 - 2022-09-22 17:35 - 000098304 _____ C:\WINDOWS\system32\dplcsp.dll

2022-09-22 17:35 - 2022-09-22 17:35 - 000046880 _____ C:\WINDOWS\system32\wow64base.dll

2022-09-22 17:34 - 2022-09-22 17:34 - 000296448 _____ C:\WINDOWS\system32\CloudIdWxhExtension.dll

2022-09-22 17:34 - 2022-09-22 17:34 - 000192512 _____ C:\WINDOWS\system32\CloudExperienceHostRedirection.dll

2022-09-22 17:34 - 2022-09-22 17:34 - 000062800 _____ C:\WINDOWS\system32\AppInstallerBackgroundUpdate.exe

2022-09-22 17:33 - 2022-09-22 17:33 - 002575640 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll

2022-09-22 17:26 - 2022-09-22 17:26 - 000000000 ____D C:\WINDOWS\TextInput

2022-09-22 17:26 - 2022-09-22 17:26 - 000000000 ____D C:\WINDOWS\system32\en-IN

2022-09-22 17:25 - 2022-09-22 21:33 - 000000000 ____D C:\WINDOWS\HoloShell

2022-09-22 17:25 - 2022-09-22 17:25 - 001368296 _____ C:\WINDOWS\system32\PerceptionSimulationRightHandModel.glb

2022-09-22 17:25 - 2022-09-22 17:25 - 001366268 _____ C:\WINDOWS\system32\PerceptionSimulationLeftHandModel.glb

2022-09-22 17:23 - 2022-09-22 17:23 - 000000002 _____ C:\WINDOWS\system32\hologramcompositor.lock

2022-09-22 17:21 - 2022-09-22 17:21 - 000076060 _____ C:\WINDOWS\SysWOW64\xpsrchvw.xml

2022-09-22 17:21 - 2022-09-22 17:21 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml

2022-09-22 17:21 - 2022-09-22 17:21 - 000000000 ____D C:\WINDOWS\SysWOW64\FxsTmp

2022-09-22 17:21 - 2022-09-22 17:21 - 000000000 ____D C:\WINDOWS\system32\FxsTmp

2022-09-22 17:21 - 2022-09-22 17:21 - 000000000 ____D C:\WINDOWS\addins

2022-09-22 17:20 - 2022-09-22 17:20 - 000000000 ____D C:\Program Files\Reference Assemblies

2022-09-22 17:20 - 2022-09-22 17:20 - 000000000 ____D C:\Program Files\MSBuild

2022-09-22 17:20 - 2022-09-22 17:20 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies

2022-09-22 17:20 - 2022-09-22 17:20 - 000000000 ____D C:\Program Files (x86)\MSBuild

2022-09-22 16:55 - 2022-09-22 16:55 - 000008192 _____ C:\WINDOWS\system32\config\userdiff

2022-09-22 15:32 - 2022-09-22 21:10 - 000000000 ___DC C:\WINDOWS\Panther

2022-09-19 01:52 - 2022-09-19 01:52 - 004818984 _____ C:\Users\kesha\Downloads\1809JEEMAEnthusiastSIALive_IAP2JM_36803_TEST_SOL_nz9eVox6f9.pdf

2022-09-19 01:52 - 2022-09-19 01:52 - 002697556 _____ C:\Users\kesha\Downloads\1809JEEMAEnthusiastSIALive_IAP2JM_36803_TEST_PDF_b2HB9Bxtwk.pdf

2022-09-14 22:56 - 2022-09-14 22:56 - 000000000 ___HD C:\$WinREAgent

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-09-25 21:37 - 2022-05-07 10:54 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft

2022-09-25 21:35 - 2020-10-24 14:13 - 000000000 ____D C:\Program Files (x86)\Google

2022-09-25 21:30 - 2022-05-07 10:54 - 000000000 ____D C:\WINDOWS\AppReadiness

2022-09-25 21:30 - 2020-10-24 15:53 - 000000000 ____D C:\Users\kesha\AppData\Roaming\DMCache

2022-09-25 21:24 - 2020-08-24 19:24 - 000000000 ____D C:\ProgramData\NVIDIA

2022-09-25 21:23 - 2022-05-07 10:52 - 000000000 ____D C:\WINDOWS\INF

2022-09-25 21:22 - 2022-07-26 19:30 - 000000000 ____D C:\Users\kesha\Desktop\marks

2022-09-25 21:17 - 2021-02-08 19:54 - 000000000 ____D C:\Program Files (x86)\TeamViewer

See Also
20 Horrific True Crimes That Will Keep You Up At NightFashion Trends That Are Going To Take Over In 2021 - The ListThe 25 Most Viewed YouTube Videos Of All TimeBest foundation for oily skin 2022: Our top picks to keep you shine-free

2022-09-25 21:14 - 2021-03-31 22:37 - 000012288 ___SH C:\DumpStack.log.tmp

2022-09-25 18:53 - 2022-05-07 10:47 - 000524288 _____ C:\WINDOWS\system32\config\BBI

2022-09-25 09:44 - 2020-12-06 19:13 - 000000579 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics

2022-09-25 05:40 - 2022-05-07 10:54 - 000000000 ____D C:\WINDOWS\SystemTemp

2022-09-25 05:36 - 2022-05-07 10:54 - 000000000 ___HD C:\Program Files\WindowsApps

2022-09-25 05:26 - 2020-11-08 03:30 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk

2022-09-25 02:20 - 2020-11-29 16:50 - 1075318038 _____ C:\WINDOWS\MEMORY.DMP

2022-09-24 17:23 - 2020-10-24 17:52 - 000000000 ____D C:\Users\kesha\AppData\Roaming\vlc

2022-09-24 16:49 - 2022-05-07 10:47 - 000000000 ____D C:\WINDOWS\CbsTemp

2022-09-24 16:33 - 2021-07-18 17:28 - 000181032 _____ (Quick Heal Technologies Ltd.) C:\WINDOWS\system32\Drivers\ARWFLT.SYS

2022-09-24 16:27 - 2022-05-07 10:54 - 000000000 ___HD C:\WINDOWS\ELAMBKUP

2022-09-24 16:27 - 2022-05-07 10:47 - 000032768 _____ C:\WINDOWS\system32\config\ELAM

2022-09-24 16:07 - 2020-08-24 19:37 - 000000000 ____D C:\ProgramData\McAfee

2022-09-24 16:07 - 2020-08-24 19:37 - 000000000 ____D C:\Program Files\McAfee

2022-09-24 04:41 - 2020-10-24 12:11 - 000000000 ____D C:\Users\kesha\AppData\Local\D3DSCache

2022-09-24 01:13 - 2022-05-07 10:54 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel

2022-09-24 00:47 - 2020-10-30 00:14 - 000000000 ____D C:\Users\kesha\AppData\Local\CrashDumps

2022-09-24 00:44 - 2020-10-24 14:33 - 000000000 ____D C:\Users\kesha\Downloads\Compressed

2022-09-24 00:42 - 2020-12-14 12:48 - 000000000 ____D C:\Users\kesha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rockstar Games

2022-09-24 00:41 - 2020-12-14 12:51 - 000000000 ____D C:\Users\kesha\Documents\Rockstar Games

2022-09-24 00:41 - 2020-12-14 12:51 - 000000000 ____D C:\Users\kesha\AppData\Local\Rockstar Games

2022-09-24 00:41 - 2020-12-14 12:48 - 000000000 ____D C:\ProgramData\Rockstar Games

2022-09-24 00:25 - 2020-08-24 19:22 - 000000000 ____D C:\ProgramData\Package Cache

2022-09-23 21:12 - 2022-05-07 10:54 - 000000000 ____D C:\Program Files\Windows Defender

2022-09-23 21:12 - 2022-05-07 10:54 - 000000000 ____D C:\Program Files (x86)\Windows Defender

2022-09-23 19:52 - 2022-05-07 10:54 - 000000000 ____D C:\WINDOWS\System

2022-09-23 19:50 - 2020-10-24 12:10 - 000000000 ____D C:\Users\kesha\AppData\Local\Packages

2022-09-23 17:31 - 2020-10-24 14:14 - 000000000 ____D C:\Program Files\Google

2022-09-23 17:11 - 2022-05-07 10:54 - 000000000 ____D C:\WINDOWS\appcompat

2022-09-23 15:38 - 2019-03-19 10:22 - 000000000 ____D C:\WINDOWS\system32\GroupPolicy

2022-09-23 14:47 - 2022-07-23 15:37 - 002835944 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll

(Video) What is Malware? Virus, Trojan, Worms | Explained in Detail

2022-09-23 14:47 - 2022-07-23 15:37 - 000447976 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll

2022-09-23 14:47 - 2022-07-23 15:37 - 000234984 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll

2022-09-23 14:47 - 2022-07-23 15:37 - 000198096 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll

2022-09-23 14:47 - 2022-07-23 15:37 - 000153064 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll

2022-09-23 14:47 - 2022-07-23 15:37 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll

2022-09-23 14:47 - 2022-07-23 15:37 - 000067048 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemodcontrol.exe

2022-09-22 22:38 - 2021-03-31 22:43 - 000002390 _____ C:\Users\kesha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

2022-09-22 21:37 - 2020-08-24 19:22 - 000000000 ____D C:\ProgramData\Packages

2022-09-22 21:29 - 2022-05-07 10:54 - 000000000 ___RD C:\WINDOWS\PrintDialog

2022-09-22 21:19 - 2022-03-04 09:07 - 000000000 ____D C:\Users\kesha\Desktop\RaJ

2022-09-22 21:10 - 2019-04-15 21:09 - 000000000 __RHD C:\Users\Public\AccountPictures

2022-09-22 21:02 - 2022-05-07 10:54 - 000000000 ____D C:\WINDOWS\system32\oobe

2022-09-22 19:36 - 2021-06-19 20:38 - 000002371 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk

2022-09-22 19:36 - 2020-10-24 14:14 - 000002254 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

2022-09-22 19:34 - 2020-08-24 19:23 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation

2022-09-22 19:29 - 2022-05-07 10:54 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template

2022-09-22 19:28 - 2022-05-07 10:54 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase

2022-09-22 19:28 - 2022-05-07 10:54 - 000000000 ____D C:\WINDOWS\Registration

2022-09-22 19:28 - 2021-06-05 17:40 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated

2022-09-22 19:27 - 2022-07-19 16:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games

2022-09-22 19:27 - 2022-05-07 10:54 - 000000000 ____D C:\WINDOWS\system32\spool

2022-09-22 19:27 - 2022-05-07 10:54 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth

2022-09-22 19:27 - 2022-05-07 10:54 - 000000000 ____D C:\WINDOWS\ServiceState

2022-09-22 19:27 - 2022-05-07 10:54 - 000000000 ____D C:\WINDOWS\LiveKernelReports

2022-09-22 19:27 - 2022-05-07 10:54 - 000000000 ____D C:\Program Files\Common Files\microsoft shared

2022-09-22 19:27 - 2021-11-01 11:21 - 000000000 ____D C:\Users\kesha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bing Wallpaper

2022-09-22 19:27 - 2021-02-05 14:29 - 000000000 ____D C:\Users\kesha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop

2022-09-22 19:27 - 2021-01-11 17:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClownfishVoiceChanger

2022-09-22 19:27 - 2021-01-01 23:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JetBrains

2022-09-22 19:27 - 2021-01-01 23:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 3.9

2022-09-22 19:27 - 2020-12-11 11:24 - 000000000 ____D C:\Users\kesha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom

2022-09-22 19:27 - 2020-11-05 19:39 - 000000000 ____D C:\Users\kesha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager

2022-09-22 19:27 - 2020-11-05 19:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager

2022-09-22 19:27 - 2020-11-02 11:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

2022-09-22 19:27 - 2020-10-30 14:11 - 000000000 ____D C:\Users\kesha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc

2022-09-22 19:27 - 2020-10-24 17:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN

2022-09-22 19:27 - 2020-10-24 17:31 - 000000000 ____D C:\WINDOWS\system32\MRT

2022-09-22 19:27 - 2020-10-24 17:00 - 000000000 ____D C:\Program Files\UNP

2022-09-22 19:27 - 2020-10-24 14:30 - 000000000 ____D C:\Users\kesha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR

2022-09-22 19:27 - 2020-10-24 14:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR

2022-09-22 19:27 - 2020-08-24 19:33 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games

2022-09-22 19:27 - 2020-08-24 19:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation

2022-09-22 19:27 - 2020-08-24 19:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Settings

2022-09-22 19:27 - 2019-12-02 20:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools

2022-09-22 19:27 - 2019-03-19 10:22 - 000000000 ____D C:\WINDOWS\system32\MsDtc

2022-09-22 18:21 - 2022-05-07 10:58 - 000000000 ____D C:\WINDOWS\Setup

2022-09-22 18:14 - 2022-05-07 10:54 - 000000000 ____D C:\ProgramData\USOPrivate

2022-09-22 18:13 - 2022-05-07 10:54 - 000000000 __RHD C:\Users\Public\Libraries

2022-09-22 18:04 - 2021-07-09 23:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare

2022-09-22 18:04 - 2021-06-14 10:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ThunderSoft

2022-09-22 18:03 - 2022-07-20 00:54 - 000000000 ____D C:\Users\defaultuser100000.LAPTOP-Q9OJL611\AppData\Local\Packages

2022-09-22 18:01 - 2021-02-04 19:00 - 000000000 ____D C:\Users\defaultuser100000\AppData\Local\Packages

2022-09-22 17:54 - 2022-05-07 10:54 - 000000000 ____D C:\WINDOWS\UUS

2022-09-22 17:54 - 2022-05-07 10:54 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism

2022-09-22 17:53 - 2022-05-07 10:54 - 000000000 ___SD C:\WINDOWS\system32\UNP

2022-09-22 17:53 - 2022-05-07 10:54 - 000000000 ____D C:\WINDOWS\SystemResources

2022-09-22 17:53 - 2022-05-07 10:54 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns

2022-09-22 17:53 - 2022-05-07 10:54 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences

2022-09-22 17:53 - 2022-05-07 10:54 - 000000000 ____D C:\WINDOWS\system32\setup

2022-09-22 17:53 - 2022-05-07 10:54 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation

2022-09-22 17:53 - 2022-05-07 10:54 - 000000000 ____D C:\WINDOWS\system32\Dism

2022-09-22 17:53 - 2022-05-07 10:54 - 000000000 ____D C:\WINDOWS\system32\appraiser

2022-09-22 17:53 - 2022-05-07 10:54 - 000000000 ____D C:\WINDOWS\ShellExperiences

2022-09-22 17:53 - 2022-05-07 10:54 - 000000000 ____D C:\WINDOWS\ShellComponents

2022-09-22 17:53 - 2022-05-07 10:54 - 000000000 ____D C:\WINDOWS\Provisioning

2022-09-22 17:53 - 2022-05-07 10:54 - 000000000 ____D C:\WINDOWS\Globalization

2022-09-22 17:53 - 2022-05-07 10:54 - 000000000 ____D C:\WINDOWS\bcastdvr

2022-09-22 17:53 - 2022-05-07 10:54 - 000000000 ____D C:\Program Files\Common Files\System

2022-09-22 17:50 - 2022-05-07 10:55 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll

2022-09-22 17:50 - 2022-05-07 10:54 - 000249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll

2022-09-22 17:26 - 2022-05-07 10:54 - 000000000 ____D C:\WINDOWS\SystemApps

2022-09-22 17:23 - 2022-05-07 10:54 - 000000000 ____D C:\WINDOWS\OCR

2022-09-22 17:21 - 2022-05-07 10:54 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV

2022-09-22 17:21 - 2022-05-07 10:54 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT

2022-09-22 17:21 - 2022-05-07 10:54 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE

2022-09-22 17:21 - 2022-05-07 10:54 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX

2022-09-22 17:21 - 2022-05-07 10:54 - 000000000 ____D C:\WINDOWS\system32\lv-LV

2022-09-22 17:21 - 2022-05-07 10:54 - 000000000 ____D C:\WINDOWS\system32\lt-LT

2022-09-22 17:21 - 2022-05-07 10:54 - 000000000 ____D C:\WINDOWS\system32\et-EE

2022-09-22 17:21 - 2022-05-07 10:54 - 000000000 ____D C:\WINDOWS\system32\es-MX

2022-09-22 17:18 - 2022-05-07 11:40 - 000000000 ____D C:\Program Files\Windows Photo Viewer

2022-09-22 17:18 - 2022-05-07 11:40 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer

2022-09-22 17:18 - 2022-05-07 11:31 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN

2022-09-22 17:18 - 2022-05-07 11:31 - 000000000 ____D C:\WINDOWS\system32\WCN

2022-09-22 17:18 - 2022-05-07 10:54 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12

2022-09-22 17:18 - 2022-05-07 10:54 - 000000000 ___SD C:\WINDOWS\system32\F12

2022-09-22 17:18 - 2022-05-07 10:54 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe

2022-09-22 17:18 - 2022-05-07 10:54 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform

2022-09-22 17:18 - 2022-05-07 10:54 - 000000000 ____D C:\WINDOWS\system32\migwiz

2022-09-22 17:18 - 2022-05-07 10:54 - 000000000 ____D C:\WINDOWS\PolicyDefinitions

2022-09-22 17:18 - 2022-05-07 10:54 - 000000000 ____D C:\WINDOWS\IME

2022-09-22 17:18 - 2022-05-07 10:47 - 000000000 ____D C:\WINDOWS\servicing

2022-09-21 17:48 - 2022-07-09 14:40 - 000000000 ____D C:\Riot Games

2022-09-21 17:48 - 2020-10-30 15:25 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat

2022-09-21 15:40 - 2020-11-02 11:50 - 000002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk

2022-09-21 15:40 - 2020-08-24 19:24 - 000024289 _____ C:\ProgramData\NVDisplayContainerWatchdog.log_backup1

2022-09-21 15:40 - 2020-08-24 19:24 - 000013430 _____ C:\ProgramData\NVDisplay.ContainerLocalSystem.log_backup1

2022-09-21 15:40 - 2020-08-24 19:24 - 000006605 _____ C:\ProgramData\DisplaySessionContainer1.log_backup1

2022-09-21 15:40 - 2019-12-02 20:05 - 000002413 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk

2022-09-21 15:40 - 2019-12-02 20:05 - 000002407 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk

2022-09-21 15:40 - 2019-12-02 20:04 - 000002127 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Audio Switch.lnk

2022-09-21 15:40 - 2019-12-02 20:03 - 000002324 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Documentation.lnk

2022-09-21 15:37 - 2020-10-30 14:30 - 000000000 ____D C:\ProgramData\Riot Games

2022-09-18 19:10 - 2020-10-24 12:10 - 000008070 _____ C:\ProgramData\DisplaySessionContainer2.log_backup1

2022-09-18 19:10 - 2019-12-02 20:05 - 000002414 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk

2022-09-18 17:53 - 2019-12-02 20:05 - 000000000 ____D C:\Program Files\Microsoft Office

2022-09-14 22:30 - 2020-10-24 17:31 - 141646296 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2022-09-07 23:04 - 2021-10-31 20:12 - 000001153 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk

2022-08-26 20:33 - 2020-10-30 13:00 - 000000000 ____D C:\Users\kesha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam

==================== Files in the root of some directories ========

2021-07-15 22:25 - 2021-07-15 22:25 - 000000000 _____ () C:\Users\kesha\AppData\Local\oobelibMkey.log

2020-11-07 18:20 - 2021-05-06 13:36 - 000007609 _____ () C:\Users\kesha\AppData\Local\Resmon.ResmonCfg

==================== FLock ==============================

2022-05-07 10:49 C:\WINDOWS\system32\smartscreen.exe

2022-05-07 10:54 C:\WINDOWS\system32\WebThreatDefSvc

==================== SigCheck ============================

See Also
10 Best Online Doctorate in Social Work (DSW) - 2022 GuideThe Best Movies on NetflixBest DIY home security systems in 202212 FREE Social Media Scheduler Apps Make Posting Easier In 2022

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

(Video) 10 Arten von MALWARE


FAQs

Can Windows security Remove Trojan Virus? ›

Windows Security is a powerful scanning tool that finds and removes malware from your PC.

Tell Me More
How do I get rid of Trojan spyware? ›

The best way to clean up a Trojan infection is to use Malwarebytes' free trojan scanner, and then consider Malwarebytes Premium for proactive protection against future Trojan infections. Malwarebytes Premium will initiate a scan for Trojans and then remove Trojans so they can't cause further damage.

Discover More
How do I get rid of security warning pop up? ›

It how to remove windows security alert pop-up uninstall suspicious programs you should first

See Details
How do I get rid of Trojan Win32? ›

How to remove Win32 / Virut in 3 simple steps
  1. Download. Download our free removal tool: rmvirut.exe.
  2. Run the tool. To remove infected files, run the tool. ...
  3. Update. After your computer has restarted, make sure your antivirus is up-to-date and then run a full computer scan.

Know More
How can you tell if there is spyware on your computer? ›

How to Check for Spyware on the Computer?
  1. MSCONFIG. Check for spyware in StartUp by typing Msconfig in the Windows search bar. ...
  2. TEMP Folder. You can also check for spyware in the TEMP Folder. ...
  3. Install an Anti Malware Software. The best way to check for spyware is by scanning the computer with anti malware software.

See More
How do I know if I have a Trojan virus? ›

If you notice any new programs running on your system that you did not install, it could be a trojan. Try removing the program and restarting your computer to see if your computer's performance improves.

Get More Info Here

Videos

1. What's the Difference: Computer Virus vs Malware, vs Spyware, etc?
(ThioJoe)
2. Are Macs REALLY Safer?
(Techquickie)
3. Virus Vs Malware | Difference Between Virus and Malware Explained 🔥
(Buzz2day Tech)
4. What are the different types of viruses in a computer? [Malware] in Hindi
(Kaushal Sharma)
5. Information Security : Malware (06:07)
(Mr. Ford's Class)
6. check virus in any software|detect malware on pc|virus scanner pc
(technomoto habibi)
Top Articles
Latest Posts
Article information

Author: Aracelis Kilback

Last Updated: 12/21/2022

Views: 6509

Rating: 4.3 / 5 (64 voted)

Reviews: 95% of readers found this page helpful

Author information

Name: Aracelis Kilback

Birthday: 1994-11-22

Address: Apt. 895 30151 Green Plain, Lake Mariela, RI 98141

Phone: +5992291857476

Job: Legal Officer

Hobby: LARPing, role-playing games, Slacklining, Reading, Inline skating, Brazilian jiu-jitsu, Dance

Introduction: My name is Aracelis Kilback, I am a nice, gentle, agreeable, joyous, attractive, combative, gifted person who loves writing and wants to share my knowledge and understanding with you.