• Hi there and welcome to PC Help Forum (PCHF), a more effective way to get the Tech Support you need!
    We have Experts in all areas of Tech, including Malware Removal, Crash Fixing and BSOD's , Microsoft Windows, Computer DIY and PC Hardware, Networking, Gaming, Tablets and iPads, General and Specific Software Support and so much more.

    Why not Click Here To Sign Up and start enjoying great FREE Tech Support.

    This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Solved URGENT! Sophisticated Trojan infection!

Status
Not open for further replies.
ex0LL

ex0LL

PCHF Member
Oct 23, 2021
53
2
30
#1
Hello!

I'm in huge troubles.

Yesterday the Valheim Discord was hijacked by hackers, and do not ask me how since I'm embarassed enough, I downloaded the malware and ran the executable.
It was a .ZIP folder with some assets inside, it looked like a game Irongate studio released to Valheim playerbase to try it out.

I ran the executable, the Unity logo appeared, then a black square with "DOWNLOADING LIBRARIES....".
It didn't work, so as stupid as I am, I ran it multiple times. Then the server exploded and they called the hacker attack.

I was devastated, so I tried to run Windows Security FULL SCAN and no threates were found.
Then under some panic achieved suggestion, I ran Malwarebytes: something like 3x Trojans were found, quarantined and deleted.

But lots of people mock Malwarebytes, so I still didn't feel safe and no more news/information/countermeasures were still dispensed: so I went and restarted the PC in Safe Mode.
I tried to run multiple scans of Malwarebytes, nothing was found.
Windows Security won't open in Safe Mode, for some reason, so again I restarted my PC and awaited while panic was eating me alive some instructions until this came:

1706625206428.png


Needless to say, this put me on a severe state of anxiety. My brain was slowly melting into scrambled eggs.
I was panicking, because I already restarted the PC.

After checking the process tab, I found the culprit: WindowsBootManager.exe and some other affiliated processes parasiting all over.
I tried to open the file location and get rid of them, but I was unable to. It was probably too late and irreversible.

And so I yanked my network connection right away, entered Safe Mode and prepared myself to go through scorched earth: I backupped into an external drive my ( D: ) drive, which is a folder with sub-folders inside full of drawings, video editing projects, family media and .txt files containing my passwords (I'm hella worried about them).

Then I transfered all this sensitive data in my sister's PC and ran an antivirus scan: no threats were found by either Windows Security nor Malwarebytes in there either.

Meanwhile, I nuke-formatted all my 3 drives supposedly infected with the Trojan, and fresh-reinstalled Windows.
After doing so, my next moves were to FULLY change password to:
  • Discord
  • Steam
  • Epic Games
  • Google Mails
  • Reddit
  • League of Legends
  • Battle.net
  • Amazon
  • Spotify
I also want to clarify that yes, I did keep some auto-login in some sites: for example, whenever I log into Reddit or YouTube, it would never ask me credentials each time);

1706626216900.png


but I NEVER allowed passwords to be store in Google's extension or request. I always declined such actions.
So I think I should be good?

Anyway, people uploaded the Malware some time later to study it, uploading on VirusTotal its properties (which I am unable to read or interprete):

VirusTotal

VirusTotal
www.virustotal.com www.virustotal.com

One user in particular truly TERRIFIED me:

1706625817169.png


The things he says makes me feel uneasy and unsafe.
Does a Virus that spreads like this and infect everything irreversibly as described even exist?

Is he telling the truth?
What else could I do to be 100% safe of my sensitive data?
 
#4
I'll move this to the Malware forum.

For future reference, if you think your machine is infected - DO NOT start backing up then, and DO NOT copy files to another PC. In all likelihood you have just transferred malware to the very devices that may have held clean data.

Removing the network cable should have been the very first thing you did - as soon as you became even slightly anxious.

@Malnutrition will be with you as soon as he can. (y)
 
#6
First of all, thanks for assisting me in this.

Please note, just as a premise, that I already factory resetted all my drives and fresh re-installed Win11 with the official Media Creation Tool (downloaded from another safe PC) and booted via USB drive.

Other safety steps I've taken include clearing all browsing data & cookies as my Google account Sync is turned on, and I chnaged every single password of every sensitive account I own.

Here's the contents of FRST.txt
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27.01.2024 01
Ran by elias (administrator) on EPC (02-02-2024 10:41:15)
Running from C:\Users\elias\Desktop\FRST64.exe
Loaded Profiles: elias
Platform: Microsoft Windows 11 Pro Version 23H2 22631.3085 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\TITANWOLF GAUNTLET Gaming Mouse\hid.exe
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzAppManager
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzDiagnostic
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzIoTDeviceManager
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSmartlightingDeviceManager
(C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe ->) (Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe <5>
(C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe
(C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe ->) (Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\Program Files\SteelSeries\GG\apps\engine\SteelSeriesEngine.exe ->) (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\GG\apps\engine\prism\SteelSeriesPrism.exe
(C:\Program Files\SteelSeries\GG\apps\engine\SteelSeriesEngine.exe ->) (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\GG\apps\moments\SteelSeriesSvcLauncher.exe
(C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe ->) (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\GG\apps\engine\SteelSeriesEngine.exe
(C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe ->) (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\GG\apps\sonar\SteelSeriesSonar.exe
(C:\Program Files\Tablet\Wacom\WacomHost.exe ->) (Wacom Co., Ltd. -> Wacom Co. Ltd.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(C:\Program Files\Tablet\Wacom\WTabletServicePro.exe ->) (Wacom Co., Ltd. -> ) C:\Program Files\Tablet\Wacom\Wacom_UpdateUtil.exe
(C:\Program Files\Tablet\Wacom\WTabletServicePro.exe ->) (Wacom Co., Ltd. -> Wacom Co. Ltd.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(C:\Program Files\Tablet\Wacom\WTabletServicePro.exe ->) (Wacom Co., Ltd. -> Wacom Co. Ltd.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(C:\Program Files\Tablet\Wacom\WTabletServicePro.exe ->) (Wacom Technology Corp. -> Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(C:\Program Files\WindowsApps\MicrosoftTeams_24004.1403.2634.2418_x64__8wekyb3d8bbwe\msteams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\121.0.2277.83\msedgewebview2.exe <7>
(Discord Inc. -> Discord Inc.) C:\Users\elias\AppData\Local\Discord\app-1.0.9032\Discord.exe <6>
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <13>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <11>
(explorer.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
(explorer.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) F:\Riot Games\Riot Client\RiotClientServices.exe
(explorer.exe ->) (Skutta, Kristjan -> ) F:\Steam\steamapps\common\wallpaper_engine\wallpaper64.exe
(explorer.exe ->) (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe
(explorer.exe ->) (Valve Corp. -> Valve Corporation) F:\Steam\steam.exe
(F:\Overwolf\Overwolf.exe ->) (Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.241.0.10\OverwolfHelper.exe
(F:\Overwolf\Overwolf.exe ->) (Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.241.0.10\OverwolfHelper64.exe
(F:\Overwolf\Overwolf.exe ->) (Overwolf Ltd -> Overwolf LTD) C:\Users\elias\AppData\Local\Overwolf\ProcessCache\0.241.0.10\cchhcaiapeikjbdbpfplgmpobbcdkdaphclbmkbj\curseforge.exe
(F:\Overwolf\Overwolf.exe ->) (Overwolf Ltd -> Overwolf LTD) F:\Overwolf\0.241.0.10\OverwolfBrowser.exe <4>
(F:\Riot Games\Riot Client\RiotClientServices.exe ->) () [File not signed] F:\Riot Games\Riot Client\RiotClientCrashHandler.exe
(F:\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) F:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <6>
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Overwolf Ltd -> Overwolf LTD) F:\Overwolf\Overwolf.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_2fe7c165c5dd3267\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
(services.exe ->) (Samsung Electronics Co., Ltd. -> Clonix & CottonCandy) C:\Program Files (x86)\Samsung\Samsung Magician\MigrationService\MigrationService.exe
(services.exe ->) (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagicianSVC.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(services.exe ->) (Wacom Co., Ltd. -> Wacom Co. Ltd.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(services.exe ->) (Wondershare Technology Group Co.,Ltd -> Wondershare) C:\Users\elias\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2401.5.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe <4>
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SteelSeriesGG] => C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe [13931856 2024-01-22] (SteelSeries ApS -> SteelSeries ApS)
HKLM-x32\...\Run: [TITANWOLF GAUNTLET Gaming Mouse] => C:\Program Files (x86)\TITANWOLF GAUNTLET Gaming Mouse\hid.exe [949248 2021-01-22] () [File not signed]
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKU\S-1-5-21-1583233846-1445360947-1681163233-1001\...\Run: [MicrosoftEdgeAutoLaunch_2690D777BB60E66B250964D5DABE5D33] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3788224 2024-01-25] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1583233846-1445360947-1681163233-1001\...\Run: [RiotClient] => F:\Riot Games\Riot Client\RiotClientServices.exe [70920704 2024-01-30] (Riot Games, Inc. -> Riot Games, Inc.)
HKU\S-1-5-21-1583233846-1445360947-1681163233-1001\...\Run: [Steam] => F:\Steam\steam.exe [4388200 2024-01-13] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-1583233846-1445360947-1681163233-1001\...\Run: [Overwolf] => F:\Overwolf\OverwolfLauncher.exe [1785864 2024-01-07] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-1583233846-1445360947-1681163233-1001\...\Run: [WallpaperEngine] => F:\Steam\steamapps\common\wallpaper_engine\wallpaper64.exe [3938912 2024-01-30] (Skutta, Kristjan -> )
HKU\S-1-5-21-1583233846-1445360947-1681163233-1001\...\Run: [Discord] => C:\Users\elias\AppData\Local\Discord\Update.exe [1525016 2024-01-22] (Discord Inc. -> GitHub)
HKU\S-1-5-21-1583233846-1445360947-1681163233-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3572488 2024-01-10] (Razer USA Ltd. -> Razer Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\121.0.6167.140\Installer\chrmstp.exe [2024-02-02] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {6901BF34-AF0A-4CB1-B548-FEC5571EFE29} - System32\Tasks\AMDAutoUpdate => C:\Program Files\AMD\AutoUpdate\AMDAutoUpdate.exe [667808 2021-07-16] (Advanced Micro Devices INC. -> )
Task: {BF7E5CBC-865A-4740-B69E-DDA639CD4B79} - System32\Tasks\GoogleUpdateTaskMachineCore{C79ADBC7-A740-42F1-86CB-6F98C4B06410} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2024-01-29] (Google LLC -> Google LLC)
Task: {C7744916-13F9-4B41-BD9F-6705E7BCA017} - System32\Tasks\GoogleUpdateTaskMachineUA{18A00942-7BD1-484F-BB0A-1AC614D5A832} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2024-01-29] (Google LLC -> Google LLC)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {DA8B70FA-E5B8-4B80-A364-3910597A4BC7} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1005096 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {067DF89B-C189-493E-AC97-E8F6F18C5C99} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3345448 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {682A192B-345F-4EED-85B9-791A6674A0C5} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {27E4EBE1-A9B7-4548-A2E0-610A517EB1DC} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7932105F-2F28-4E32-9BDF-374F86A1667E} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5D6501D2-5743-4DAD-A120-1604E802DF7F} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7D411DF4-6CC5-4581-B595-5B7F4EF7D81A} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1D36EED6-8765-42DA-82FE-7C0D8E19F25A} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B71FFC4A-213B-490C-8464-D8F2447A6536} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {58D65A09-18F5-45E1-BDEA-5AD1E000CC0B} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2641928 2024-01-07] (Overwolf Ltd -> Overwolf LTD)
Task: {BFA28ACF-CD15-495A-BC80-61E70ABAC3A7} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [138741568 2023-11-22] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8bc9453e-45ee-4953-b4be-ecaf26e91c39}: [DhcpNameServer] 192.168.1.1

Edge:
=======
Edge Profile: C:\Users\elias\AppData\Local\Microsoft\Edge\User Data\Default [2024-02-02]
Edge Extension: (Google Docs Offline) - C:\Users\elias\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-29]
Edge Extension: (Edge relevant text changes) - C:\Users\elias\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-29]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\elias\AppData\Local\Google\Chrome\User Data\Default [2024-02-02]
CHR Extension: (uBlock Origin) - C:\Users\elias\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2024-01-29]
CHR Extension: (Tampermonkey) - C:\Users\elias\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2024-01-29]
CHR Extension: (Google Docs Offline) - C:\Users\elias\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-29]
CHR Extension: (Shazam: Find song names from your browser) - C:\Users\elias\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmioliijnhnoblpgimnlajmefafdfilb [2024-01-29]
CHR Extension: (Chrome Web Store Payments) - C:\Users\elias\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-01-29]
CHR Profile: C:\Users\elias\AppData\Local\Google\Chrome\User Data\Profile 1 [2024-01-29]
CHR StartupUrls: Profile 1 -> "hxxp://www.google.it/"
CHR Extension: (Google Docs Offline) - C:\Users\elias\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-29]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\elias\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-01-29]
CHR Extension: (Chrome Web Store Payments) - C:\Users\elias\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-01-29]
CHR Profile: C:\Users\elias\AppData\Local\Google\Chrome\User Data\System Profile [2024-01-30]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AsusUpdateCheck; C:\Windows\System32\AsusUpdateCheck.exe [845256 2024-02-01] (ASUSTeK Computer Inc. -> )
R2 CMigrationService; C:\Program Files (x86)\Samsung\Samsung Magician\MigrationService\MigrationService.exe [761664 2023-11-22] (Samsung Electronics Co., Ltd. -> Clonix & CottonCandy)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9410296 2024-01-30] (Malwarebytes Inc. -> Malwarebytes)
R2 NativePushService; C:\Users\elias\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe [595352 2023-08-22] (Wondershare Technology Group Co.,Ltd -> Wondershare)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_2fe7c165c5dd3267\Display.NvContainer\NVDisplay.Container.exe [1275528 2024-01-19] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2641928 2024-01-07] (Overwolf Ltd -> Overwolf LTD)
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [2165168 2023-11-15] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [305072 2023-11-15] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma Stream Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe [1361360 2023-03-06] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [256264 2023-02-10] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [297736 2024-01-09] (Razer USA Ltd. -> Razer Inc.)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [538424 2023-11-09] (Razer USA Ltd. -> Razer Inc.)
R2 SamsungMagicianSVC; C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagicianSVC.exe [424768 2023-11-22] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [534592 2023-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 SteelSeriesGGUpdateServiceProxy; C:\Program Files\SteelSeries\GG\SteelSeriesGGUpdateServiceProxy.exe [1500608 2023-09-18] (SteelSeries ApS -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe [3174840 2024-01-30] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe [133592 2024-01-30] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [File not signed]
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [158640 2024-01-30] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R2 mbamchameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [223296 2024-01-30] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2024-01-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt11.sys [233704 2024-01-30] (Malwarebytes Inc. -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [78400 2024-01-30] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239576 2024-01-30] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [188784 2024-01-30] (Malwarebytes Inc. -> Malwarebytes)
R3 NvModuleTracker; C:\Windows\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
R3 rtcx21; C:\Windows\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_516e5c9b75c49dc2\rtcx21x64.sys [539648 2022-05-06] (Microsoft Windows -> Realtek)
R3 RzCommon; C:\Windows\System32\drivers\RzCommon.sys [64168 2022-08-18] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0228; C:\Windows\System32\drivers\RzDev_0228.sys [56136 2021-03-22] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_022b; C:\Windows\System32\drivers\RzDev_022b.sys [64688 2022-08-18] (Razer USA Ltd. -> Razer Inc)
R3 ssdevfactory; C:\Windows\System32\drivers\ssdevfactory.sys [43456 2023-12-19] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries ApS)
R3 SteelSeries_Sonar_VAD; C:\Windows\System32\DriverStore\FileRepository\steelseries-sonar-vad.inf_amd64_da15ab44a6216a8e\SteelSeries-Sonar-VAD.sys [95440 2023-03-17] (SteelSeries ApS -> Windows (R) Win 7 DDK provider)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [55856 2024-01-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [594304 2024-01-30] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105856 2024-01-30] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-02-02 10:41 - 2024-02-02 10:41 - 000023720 _____ C:\Users\elias\Desktop\FRST.txt
2024-02-02 10:40 - 2024-02-02 10:41 - 000000000 ____D C:\FRST
2024-02-01 23:46 - 2024-02-01 23:46 - 005103464 _____ C:\Users\elias\Documents\Amazonit__pc_gamin_1202746777669730304.mp4
2024-02-01 23:46 - 2024-02-01 23:46 - 005102646 _____ C:\Users\elias\Documents\Amazonit__pc_gamin_1202746817796636672.mp4
2024-02-01 23:46 - 2024-02-01 23:46 - 005083962 _____ C:\Users\elias\Documents\Amazonit__pc_gamin_1202746808393007104.mp4
2024-02-01 23:46 - 2024-02-01 23:46 - 005071200 _____ C:\Users\elias\Documents\Amazonit__pc_gamin_1202746816039223296.mp4
2024-02-01 23:46 - 2024-02-01 23:46 - 005053244 _____ C:\Users\elias\Documents\Amazonit__pc_gamin_1202746829628768256.mp4
2024-02-01 23:46 - 2024-02-01 23:46 - 004967009 _____ C:\Users\elias\Documents\Amazonit__pc_gamin_1202746797697531904.mp4
2024-02-01 23:46 - 2024-02-01 23:46 - 004956852 _____ C:\Users\elias\Documents\Amazonit__pc_gamin_1202746818509668352.mp4
2024-02-01 22:50 - 2024-02-01 22:50 - 000000000 ____D C:\Users\elias\AppData\Local\OneDrive
2024-02-01 18:26 - 2024-02-01 18:26 - 000000000 ____D C:\Users\elias\AppData\Local\DBG
2024-02-01 18:23 - 2024-02-02 10:40 - 002389504 _____ (Farbar) C:\Users\elias\Desktop\FRST64.exe
2024-02-01 14:37 - 2024-02-01 14:37 - 000000000 ___HD C:\OneDriveTemp
2024-01-31 21:12 - 2024-01-31 21:12 - 000001052 _____ C:\Users\elias\Desktop\Wondershare Filmora 13.lnk
2024-01-31 21:12 - 2024-01-31 21:12 - 000000000 ____D C:\Users\elias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wondershare
2024-01-30 23:23 - 2024-01-30 23:23 - 000000000 ____D C:\Users\elias\Downloads\Telegram Desktop
2024-01-30 21:47 - 2024-01-30 21:47 - 000000842 _____ C:\Users\elias\Desktop\LeagueEZ - Shortcut.lnk
2024-01-30 21:47 - 2024-01-30 21:47 - 000000000 ____D C:\Users\elias\Documents\SYSTEMAX Software Development
2024-01-30 21:47 - 2024-01-30 21:47 - 000000000 ____D C:\Users\elias\AppData\Local\SYSTEMAX Software Development
2024-01-30 21:42 - 2024-01-30 21:42 - 000233704 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt11.sys
2024-01-30 21:42 - 2024-01-30 21:42 - 000188784 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2024-01-30 21:38 - 2024-02-02 10:37 - 000000000 ____D C:\Users\elias\AppData\Roaming\WTablet
2024-01-30 21:38 - 2024-01-30 21:38 - 000000000 ____D C:\Users\elias\AppData\Local\IsolatedStorage
2024-01-30 21:34 - 2024-01-30 21:34 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom Tablet
2024-01-30 21:33 - 2024-01-30 21:33 - 000000000 ____D C:\Program Files\Tablet
2024-01-30 21:33 - 2024-01-24 22:33 - 000142728 _____ (Wacom Co. Ltd.) C:\Windows\system32\Drivers\wachidrouter.sys
2024-01-30 21:33 - 2024-01-24 22:33 - 000041968 _____ (Wacom Co. Ltd.) C:\Windows\system32\Drivers\wacomrouterfilter.sys
2024-01-30 21:33 - 2024-01-24 22:32 - 002653120 _____ (Wacom Co. Ltd.) C:\Windows\system32\Wacom_Tablet.dll
2024-01-30 21:33 - 2024-01-24 22:32 - 002646464 _____ (Wacom Co. Ltd.) C:\Windows\system32\Wacom_Touch_Tablet.dll
2024-01-30 21:33 - 2024-01-24 22:32 - 002489280 _____ (Wacom Co. Ltd.) C:\Windows\system32\WacomMT.dll
2024-01-30 21:33 - 2024-01-24 22:32 - 002449856 _____ (Wacom Co. Ltd.) C:\Windows\system32\Wintab32.dll
2024-01-30 21:33 - 2024-01-24 22:32 - 002191296 _____ (Wacom Co. Ltd.) C:\Windows\SysWOW64\Wacom_Tablet.dll
2024-01-30 21:33 - 2024-01-24 22:32 - 002184128 _____ (Wacom Co. Ltd.) C:\Windows\SysWOW64\Wacom_Touch_Tablet.dll
2024-01-30 21:33 - 2024-01-24 22:32 - 002018752 _____ (Wacom Co. Ltd.) C:\Windows\SysWOW64\WacomMT.dll
2024-01-30 21:33 - 2024-01-24 22:32 - 001974208 _____ (Wacom Co. Ltd.) C:\Windows\SysWOW64\Wintab32.dll
2024-01-30 21:32 - 2024-01-30 21:32 - 140401008 _____ (Wacom Technology, Corp.) C:\Users\elias\Downloads\WacomTablet_6.4.5-5.exe
2024-01-30 18:34 - 2024-01-30 18:34 - 000001226 _____ C:\Users\elias\Desktop\Report Full Scan MB.txt
2024-01-30 16:07 - 2024-02-02 10:37 - 000000000 ____D C:\Users\elias\AppData\Local\Malwarebytes
2024-01-30 16:07 - 2024-01-30 16:07 - 000000000 ____D C:\Users\elias\AppData\Local\mbam
2024-01-30 16:06 - 2024-01-30 16:06 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2024-01-30 16:06 - 2024-01-30 16:06 - 000000000 ____D C:\ProgramData\Malwarebytes
2024-01-30 16:06 - 2024-01-30 16:06 - 000000000 ____D C:\Program Files\Malwarebytes
2024-01-30 16:05 - 2024-01-30 16:05 - 002582384 _____ (Malwarebytes) C:\Users\elias\Downloads\MBSetup.exe
2024-01-30 12:45 - 2024-01-30 16:48 - 000000000 ____D C:\Users\elias\Desktop\Health & Monitoring Utilities
2024-01-30 12:45 - 2024-01-30 12:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WhoCrashed
2024-01-30 12:45 - 2024-01-30 12:45 - 000000000 ____D C:\Program Files\WhoCrashed
2024-01-30 12:44 - 2024-01-30 12:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2024-01-30 12:44 - 2024-01-30 12:44 - 000000000 ____D C:\Program Files\CPUID
2024-01-30 12:41 - 2024-01-30 12:42 - 013568760 _____ (Resplendence Software Projects Sp. ) C:\Users\elias\Downloads\whocrashedSetup.exe
2024-01-30 12:39 - 2024-01-30 12:39 - 001717944 _____ ( ) C:\Users\elias\Downloads\cpu-z_1.79-en.exe
2024-01-30 12:39 - 2024-01-30 12:39 - 001512448 _____ (CPUID, Inc. ) C:\Users\elias\Downloads\hwmonitor_1.52.exe
2024-01-30 12:39 - 2024-01-30 12:39 - 001084390 _____ C:\Users\elias\Downloads\[Guru3D.com]-DDU.zip
2024-01-30 12:34 - 2024-01-30 12:34 - 000000000 ____D C:\Users\elias\AppData\Local\AWSToolkit
2024-01-30 12:33 - 2024-01-30 12:36 - 000000000 ____D C:\Users\elias\AppData\Local\Razer
2024-01-30 12:33 - 2024-01-30 12:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2024-01-30 12:32 - 2024-01-30 12:32 - 000000000 ____D C:\Program Files\Razer Chroma SDK
2024-01-30 12:32 - 2024-01-30 12:32 - 000000000 ____D C:\Program Files\Razer
2024-01-30 12:32 - 2024-01-30 12:32 - 000000000 ____D C:\Program Files (x86)\Razer Chroma SDK
2024-01-30 12:20 - 2024-01-30 12:20 - 009048840 _____ (Razer Inc.) C:\Users\elias\Downloads\RazerSynapseInstaller_V1.15.0.504.exe
2024-01-30 12:15 - 2024-02-02 10:37 - 000000000 ____D C:\Users\elias\AppData\Roaming\discord
2024-01-30 12:15 - 2024-02-02 10:37 - 000000000 ____D C:\Users\elias\AppData\Local\Discord
2024-01-30 12:15 - 2024-02-01 00:39 - 000002231 _____ C:\Users\elias\Desktop\Discord.lnk
2024-01-30 12:15 - 2024-01-31 15:59 - 000000000 ____D C:\Users\elias\AppData\Local\SquirrelTemp
2024-01-30 12:15 - 2024-01-30 12:15 - 000000000 ____D C:\Users\elias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2024-01-30 12:14 - 2024-01-30 12:15 - 096195352 _____ (Discord Inc.) C:\Users\elias\Downloads\DiscordSetup.exe
2024-01-30 11:32 - 2024-01-30 11:32 - 000000017 _____ C:\Users\elias\AppData\Local\resmon.resmoncfg
2024-01-30 11:25 - 2024-01-30 11:25 - 000000000 ____D C:\Users\elias\AppData\Roaming\EldenRing
2024-01-30 11:25 - 2024-01-30 11:25 - 000000000 ____D C:\Users\elias\AppData\LocalLow\Stunlock Studios
2024-01-30 11:24 - 2024-01-30 11:24 - 000000000 ____D C:\Users\elias\AppData\LocalLow\IronGate
2024-01-30 11:05 - 2024-01-30 11:05 - 000000000 ____H C:\Users\elias\Documents\Default.rdp
2024-01-30 10:54 - 2024-01-30 10:54 - 000000639 _____ C:\Users\elias\Desktop\Telegram.lnk
2024-01-30 10:54 - 2024-01-30 10:54 - 000000000 ____D C:\Users\elias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop
2024-01-30 10:53 - 2024-01-30 10:53 - 043011288 _____ (Telegram FZ-LLC ) C:\Users\elias\Downloads\tsetup-x64.4.14.9.exe
2024-01-30 10:47 - 2024-01-30 10:47 - 000000862 _____ C:\Users\elias\Desktop\LeagueLORE.lnk
2024-01-30 09:43 - 2024-02-02 10:37 - 000001864 _____ C:\Users\elias\Desktop\Warcraft Logs Companion.lnk
2024-01-30 09:43 - 2024-01-30 09:43 - 002106792 _____ (Overwolf Ltd.) C:\Users\elias\Downloads\Warcraft Logs Companion - Installer.exe
2024-01-30 09:36 - 2024-01-30 15:18 - 000000000 ____D C:\Users\elias\AppData\Roaming\steelseries-gg-client
2024-01-30 09:36 - 2024-01-30 09:36 - 000000000 ____D C:\ProgramData\obs-studio-hook
2024-01-30 09:35 - 2024-02-02 10:37 - 000001864 _____ C:\Users\elias\Desktop\CurseForge.lnk
2024-01-30 09:35 - 2024-01-30 09:43 - 000000000 ____D C:\Users\elias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2024-01-30 09:35 - 2024-01-30 09:35 - 000004368 _____ C:\Windows\system32\Tasks\Overwolf Updater Task
2024-01-30 09:35 - 2024-01-30 09:35 - 000000000 ____D C:\ProgramData\Overwolf
2024-01-30 09:34 - 2024-01-30 09:34 - 000001583 _____ C:\Users\elias\Desktop\SAI2.lnk
2024-01-30 09:31 - 2024-02-02 10:37 - 000000000 ____D C:\Users\elias\AppData\Local\Overwolf
2024-01-30 09:31 - 2024-01-30 09:31 - 000000000 ____D C:\Users\elias\AppData\Local\ElevatedDiagnostics
2024-01-30 09:31 - 2024-01-30 09:31 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2024-01-30 09:22 - 2024-01-30 09:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SteelSeries
2024-01-30 09:21 - 2024-01-31 00:20 - 000000681 _____ C:\Users\elias\Desktop\Mio.lnk
2024-01-30 09:21 - 2024-01-30 09:21 - 000000000 ____D C:\Program Files\SteelSeries
2024-01-30 09:20 - 2024-01-30 09:21 - 000000000 ____D C:\ProgramData\SteelSeries
2024-01-30 09:18 - 2024-01-30 09:19 - 000000000 ____D C:\Windows\system32\MRT
2024-01-30 09:17 - 2024-02-01 18:20 - 000000000 ____D C:\Users\elias\AppData\Local\CrashDumps
2024-01-30 08:34 - 2024-01-30 08:34 - 000000000 ____D C:\Windows\CSC
2024-01-30 08:32 - 2024-02-01 14:10 - 000000000 ____D C:\ProgramData\Packages
2024-01-30 08:32 - 2024-01-30 08:32 - 000000000 _SHDL C:\Documents and Settings
2024-01-30 08:30 - 2024-02-01 17:59 - 000901328 _____ () C:\Windows\system32\wpbbin.exe
2024-01-30 08:30 - 2024-02-01 17:59 - 000845256 _____ C:\Windows\system32\AsusUpdateCheck.exe
2024-01-30 08:30 - 2024-02-01 17:59 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-01-30 08:30 - 2024-02-01 17:59 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-01-30 08:30 - 2024-01-30 21:38 - 000012288 ___SH C:\DumpStack.log.tmp
2024-01-30 08:30 - 2024-01-30 09:18 - 000000000 ____D C:\Windows\system32\Drivers\wd
2024-01-30 08:30 - 2024-01-30 09:16 - 000295328 _____ C:\Windows\system32\FNTCACHE.DAT
2024-01-30 08:30 - 2024-01-30 08:30 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2024-01-30 08:30 - 2024-01-30 08:30 - 000000000 ____D C:\Windows\system32\config\BFS
2024-01-30 08:30 - 2024-01-30 08:30 - 000000000 ____D C:\Windows\ServiceProfiles
2024-01-30 08:30 - 2024-01-30 08:30 - 000000000 ____D C:\ProgramData\ASUS
2024-01-30 08:30 - 2024-01-29 23:49 - 000003534 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-01-30 08:30 - 2024-01-29 23:49 - 000003410 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-01-30 08:30 - 2024-01-29 23:35 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-01-30 08:30 - 2024-01-29 23:35 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2024-01-30 08:29 - 2024-02-01 16:08 - 000000000 ____D C:\Windows\Panther
2024-01-30 01:35 - 2024-01-30 01:35 - 000019222 _____ C:\Windows\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-01-30 01:34 - 2024-01-30 01:34 - 000019222 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json
2024-01-30 01:32 - 2024-01-30 01:33 - 000000000 ___HD C:\$WinREAgent
2024-01-30 00:58 - 2024-01-30 00:58 - 000000000 ____D C:\Users\elias\AppData\Local\Backup
2024-01-30 00:47 - 2024-01-30 00:47 - 000000000 ____D C:\Users\elias\AppData\Roaming\RtSubscribe
2024-01-30 00:46 - 2024-01-30 00:46 - 000000016 _____ C:\ProgramData\mntemp
2024-01-30 00:46 - 2024-01-30 00:46 - 000000000 ____D C:\Users\elias\AppData\Roaming\NVIDIA
2024-01-30 00:37 - 2024-01-30 00:37 - 000000000 ____D C:\Users\elias\AppData\Local\PeerDistRepub
2024-01-30 00:36 - 2024-01-31 21:26 - 000000000 ____D C:\ProgramData\Wondershare Filmora
2024-01-30 00:36 - 2024-01-30 00:47 - 000000000 ____D C:\Users\elias\AppData\Local\Wondershare
2024-01-30 00:36 - 2024-01-30 00:47 - 000000000 ____D C:\ProgramData\Wondershare
2024-01-30 00:36 - 2024-01-30 00:46 - 000000000 ____D C:\Users\elias\AppData\Roaming\Wondershare
2024-01-30 00:35 - 2024-01-30 00:35 - 000000000 ____D C:\ProgramData\Blizzard Entertainment
2024-01-30 00:34 - 2024-02-01 22:50 - 000000000 ____D C:\Users\elias\AppData\Local\Battle.net
2024-01-30 00:34 - 2024-01-30 00:35 - 000000000 ____D C:\Users\elias\AppData\Roaming\Battle.net
2024-01-30 00:30 - 2024-01-31 21:12 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2024-01-30 00:29 - 2024-01-30 00:29 - 002100728 _____ C:\Users\elias\Downloads\filmora_setup_full846.exe
2024-01-30 00:26 - 2024-01-30 00:26 - 001502431 _____ C:\Windows\unins000.exe
2024-01-30 00:26 - 2024-01-30 00:26 - 000052932 _____ C:\Windows\unins000.dat
2024-01-30 00:26 - 2024-01-30 00:26 - 000000000 ____D C:\Users\elias\Documents\TITANWOLF GAUNTLET Gaming Mouse
2024-01-30 00:26 - 2024-01-30 00:26 - 000000000 ____D C:\Users\elias\Documents\League of Legends
2024-01-30 00:26 - 2024-01-30 00:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TITANWOLF GAUNTLET Gaming Mouse
2024-01-30 00:26 - 2024-01-30 00:26 - 000000000 ____D C:\Program Files (x86)\TITANWOLF GAUNTLET Gaming Mouse
2024-01-30 00:26 - 2023-12-04 19:28 - 005191848 _____ (Intel Corporation) C:\Windows\system32\Drivers\Netwtw10.sys
2024-01-30 00:26 - 2023-12-04 19:28 - 001472168 _____ (Intel Corporation) C:\Windows\system32\IntelIHVRouter10.dll
2024-01-30 00:25 - 2024-01-30 00:25 - 000000453 _____ C:\Users\Public\Desktop\Battle.net.lnk
2024-01-30 00:25 - 2024-01-30 00:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2024-01-30 00:20 - 2024-01-30 00:20 - 000000000 ____D C:\Users\elias\AppData\Local\SongOfNunu
2024-01-30 00:20 - 2024-01-30 00:20 - 000000000 ____D C:\Users\elias\AppData\Local\Hk_project
2024-01-30 00:19 - 2024-01-31 00:23 - 000000465 _____ C:\Users\elias\Desktop\New Passwords.txt
2024-01-30 00:18 - 2024-01-30 00:18 - 000000000 ____D C:\Program Files\Reference Assemblies
2024-01-30 00:18 - 2024-01-30 00:18 - 000000000 ____D C:\Program Files\MSBuild
2024-01-30 00:18 - 2024-01-30 00:18 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2024-01-30 00:18 - 2024-01-30 00:18 - 000000000 ____D C:\Program Files (x86)\MSBuild
2024-01-30 00:16 - 2024-01-30 11:24 - 000000000 ____D C:\Users\elias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2024-01-30 00:15 - 2024-01-30 00:15 - 000000000 ____D C:\Users\elias\AppData\Local\Comms
2024-01-30 00:14 - 2024-01-30 11:22 - 000000000 ____D C:\Users\elias\AppData\Local\Steam
2024-01-30 00:14 - 2024-01-30 00:14 - 000000000 ____D C:\Windows\system32\SteelSeries
2024-01-30 00:13 - 2024-01-30 00:13 - 000003480 _____ C:\Windows\system32\Tasks\AMDAutoUpdate
2024-01-30 00:13 - 2024-01-30 00:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD
2024-01-30 00:13 - 2024-01-30 00:13 - 000000000 ____D C:\ProgramData\AMD AutoUpdate
2024-01-30 00:12 - 2024-01-30 16:13 - 000000000 ____D C:\Users\elias\AppData\Local\cache
2024-01-30 00:12 - 2024-01-30 10:30 - 000000000 ____D C:\Users\elias\AppData\Local\AMD
2024-01-30 00:12 - 2024-01-30 10:30 - 000000000 ____D C:\AMD
2024-01-30 00:12 - 2024-01-30 00:13 - 000000000 ____D C:\Program Files\AMD
2024-01-30 00:12 - 2024-01-30 00:12 - 000000000 ____D C:\Users\elias\AppData\Local\Blizzard Entertainment
2024-01-30 00:11 - 2024-01-30 00:11 - 000000559 _____ C:\Users\Public\Desktop\Steam.lnk
2024-01-30 00:11 - 2024-01-30 00:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2024-01-30 00:11 - 2024-01-30 00:11 - 000000000 ____D C:\ProgramData\Battle.net
2024-01-30 00:09 - 2024-01-30 09:17 - 000000605 _____ C:\Users\Public\Desktop\Riot Client.lnk
2024-01-30 00:09 - 2024-01-30 00:09 - 000001583 _____ C:\Users\Public\Desktop\League of Legends.lnk
2024-01-30 00:08 - 2024-02-01 18:35 - 000000000 ____D C:\ProgramData\Riot Games
2024-01-30 00:08 - 2024-01-30 00:26 - 000000000 ____D C:\Users\elias\AppData\Local\Riot Games
2024-01-30 00:08 - 2024-01-30 00:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
2024-01-30 00:08 - 2024-01-30 00:08 - 000000000 ____D C:\Users\elias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Riot Games
2024-01-30 00:07 - 2024-01-30 00:07 - 003429839 _____ C:\Users\elias\Downloads\Driver-Titanwolf-Maus_USB_optisch_V2_schwarz-305384.zip
2024-01-30 00:07 - 2024-01-30 00:07 - 000000000 ____D C:\Users\elias\AppData\LocalLow\NVIDIA
2024-01-30 00:06 - 2024-01-30 00:06 - 004925568 _____ (Blizzard Entertainment) C:\Users\elias\Downloads\Battle.net-Setup.exe
2024-01-30 00:06 - 2024-01-30 00:06 - 002296488 _____ C:\Users\elias\Downloads\SteamSetup.exe
2024-01-30 00:06 - 2024-01-30 00:06 - 002131032 _____ (Overwolf Ltd.) C:\Users\elias\Downloads\CurseForge - Installer.exe
2024-01-30 00:05 - 2024-01-30 00:06 - 071456512 _____ (Riot Games, Inc.) C:\Users\elias\Downloads\Install League of Legends euw.exe
2024-01-30 00:04 - 2024-01-19 00:25 - 002095360 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2024-01-30 00:04 - 2024-01-19 00:25 - 002095360 _____ C:\Windows\system32\vulkaninfo.exe
2024-01-30 00:04 - 2024-01-19 00:25 - 001655656 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2024-01-30 00:04 - 2024-01-19 00:25 - 001655656 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2024-01-30 00:04 - 2024-01-19 00:25 - 001487376 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2024-01-30 00:04 - 2024-01-19 00:25 - 001434480 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2024-01-30 00:04 - 2024-01-19 00:25 - 001434480 _____ C:\Windows\system32\vulkan-1.dll
2024-01-30 00:04 - 2024-01-19 00:25 - 001278720 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2024-01-30 00:04 - 2024-01-19 00:25 - 001278720 _____ C:\Windows\SysWOW64\vulkan-1.dll
2024-01-30 00:04 - 2024-01-19 00:25 - 001226872 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2024-01-30 00:04 - 2024-01-19 00:22 - 001040400 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll
2024-01-30 00:04 - 2024-01-19 00:22 - 000670240 _____ (NVIDIA Corporation) C:\Windows\system32\nvofapi64.dll
2024-01-30 00:04 - 2024-01-19 00:22 - 000505992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvofapi.dll
2024-01-30 00:04 - 2024-01-19 00:21 - 002173984 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2024-01-30 00:04 - 2024-01-19 00:21 - 001625632 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2024-01-30 00:04 - 2024-01-19 00:21 - 001542280 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2024-01-30 00:04 - 2024-01-19 00:21 - 001199112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2024-01-30 00:04 - 2024-01-19 00:21 - 000841848 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe
2024-01-30 00:04 - 2024-01-19 00:20 - 016032888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2024-01-30 00:04 - 2024-01-19 00:20 - 012928120 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2024-01-30 00:04 - 2024-01-19 00:20 - 006780960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2024-01-30 00:04 - 2024-01-19 00:20 - 003721224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2024-01-30 00:04 - 2024-01-19 00:20 - 001023608 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2024-01-30 00:04 - 2024-01-19 00:20 - 000787064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2024-01-30 00:04 - 2024-01-19 00:20 - 000459912 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe
2024-01-30 00:04 - 2024-01-19 00:19 - 005907464 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2024-01-30 00:04 - 2024-01-19 00:19 - 005772816 _____ (NVIDIA Corporation) C:\Windows\system32\nvcudadebugger.dll
2024-01-30 00:04 - 2024-01-19 00:18 - 006030584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2024-01-30 00:04 - 2024-01-19 00:18 - 000853000 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe
2024-01-30 00:04 - 2024-01-18 12:32 - 000120271 _____ C:\Windows\system32\nvinfo.pb
2024-01-30 00:01 - 2024-01-30 12:44 - 000000000 ____D C:\Users\elias\Desktop\Drive & Hardware Utilities
2024-01-30 00:01 - 2024-01-30 10:30 - 000000000 ____D C:\Users\elias\ansel
2024-01-30 00:01 - 2024-01-30 09:19 - 000000000 ____D C:\Users\elias\AppData\Local\NVIDIA Corporation
2024-01-30 00:01 - 2024-01-30 00:01 - 000000000 ____D C:\Users\elias\AppData\Local\VirtualStore
2024-01-30 00:01 - 2024-01-30 00:01 - 000000000 ____D C:\Users\elias\AppData\Local\CEF
2024-01-30 00:00 - 2024-02-02 10:37 - 000000000 ____D C:\Users\elias\AppData\Roaming\Samsung Magician
2024-01-30 00:00 - 2024-01-30 09:22 - 000000000 ____D C:\ProgramData\Package Cache
2024-01-30 00:00 - 2024-01-30 00:08 - 000000000 ____D C:\Users\elias\AppData\Local\NVIDIA
2024-01-30 00:00 - 2024-01-30 00:07 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2024-01-30 00:00 - 2024-01-30 00:00 - 000004308 _____ C:\Windows\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-01-30 00:00 - 2024-01-30 00:00 - 000003976 _____ C:\Windows\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-01-30 00:00 - 2024-01-30 00:00 - 000003940 _____ C:\Windows\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-01-30 00:00 - 2024-01-30 00:00 - 000003894 _____ C:\Windows\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-01-30 00:00 - 2024-01-30 00:00 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-01-30 00:00 - 2024-01-30 00:00 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-01-30 00:00 - 2024-01-30 00:00 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-01-30 00:00 - 2024-01-30 00:00 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-01-30 00:00 - 2024-01-30 00:00 - 000003654 _____ C:\Windows\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-01-30 00:00 - 2024-01-30 00:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2024-01-30 00:00 - 2023-11-02 03:55 - 002905128 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2024-01-30 00:00 - 2023-11-02 03:55 - 002235944 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2024-01-30 00:00 - 2023-11-02 03:54 - 001296936 _____ (NVIDIA Corporation) C:\Windows\system32\NvRtmpStreamer64.dll
2024-01-30 00:00 - 2023-11-02 03:27 - 000086568 _____ C:\Windows\system32\FvSDK_x64.dll
2024-01-30 00:00 - 2023-11-02 03:27 - 000075304 _____ C:\Windows\SysWOW64\FvSDK_x86.dll
2024-01-30 00:00 - 2023-03-10 09:28 - 000170040 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2024-01-30 00:00 - 2023-03-10 09:28 - 000149048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2024-01-30 00:00 - 2022-10-14 08:06 - 000059928 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2024-01-30 00:00 - 2022-07-14 00:32 - 000060112 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys
2024-01-29 23:57 - 2024-01-29 23:57 - 076229610 _____ C:\Users\elias\Downloads\AMD_StoreMI.zip
2024-01-29 23:57 - 2024-01-29 23:57 - 000003328 _____ C:\Windows\system32\Tasks\SamsungMagician
2024-01-29 23:57 - 2024-01-29 23:57 - 000000000 ____D C:\Users\elias\AppData\Local\Publishers
2024-01-29 23:57 - 2024-01-29 23:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician
2024-01-29 23:56 - 2024-01-29 23:57 - 131933552 _____ (NVIDIA Corporation) C:\Users\elias\Downloads\GeForce_Experience_v3.27.0.120.exe
2024-01-29 23:56 - 2024-01-29 23:56 - 000000000 ____D C:\Users\elias\AppData\Local\Sabrent
2024-01-29 23:56 - 2024-01-29 23:56 - 000000000 ____D C:\ProgramData\Samsung
2024-01-29 23:56 - 2024-01-29 23:56 - 000000000 ____D C:\Program Files (x86)\Samsung
2024-01-29 23:52 - 2024-02-01 18:21 - 000000000 ____D C:\Users\elias\AppData\Roaming\Microsoft\MMC
2024-01-29 23:48 - 2024-02-02 00:11 - 000002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-01-29 23:48 - 2024-02-02 00:11 - 000002204 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2024-01-29 23:48 - 2024-01-29 23:48 - 000000000 ____D C:\Users\elias\AppData\Local\Google
2024-01-29 23:47 - 2024-02-02 10:37 - 000000000 ____D C:\Program Files (x86)\Google
2024-01-29 23:47 - 2024-02-01 14:06 - 000003790 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA{18A00942-7BD1-484F-BB0A-1AC614D5A832}
2024-01-29 23:47 - 2024-02-01 14:06 - 000003666 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore{C79ADBC7-A740-42F1-86CB-6F98C4B06410}
2024-01-29 23:47 - 2024-01-29 23:47 - 000000000 ____D C:\Program Files\Google
2024-01-29 23:44 - 2024-02-01 23:30 - 000000000 ____D C:\Users\elias\AppData\Local\D3DSCache
2024-01-29 23:43 - 2024-02-02 10:37 - 000000000 ___RD C:\Users\elias\OneDrive
2024-01-29 23:43 - 2024-02-01 14:37 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1583233846-1445360947-1681163233-1001
2024-01-29 23:43 - 2024-02-01 14:37 - 000003356 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1583233846-1445360947-1681163233-1001
2024-01-29 23:43 - 2024-02-01 14:37 - 000002383 _____ C:\Users\elias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-01-29 23:43 - 2024-01-30 21:38 - 000000000 ____D C:\Users\elias\AppData\Local\PlaceholderTileLogoFolder
2024-01-29 23:43 - 2024-01-29 23:43 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2024-01-29 23:41 - 2024-02-01 14:10 - 000000000 ____D C:\Users\elias\AppData\Local\Packages
2024-01-29 23:41 - 2024-01-30 09:17 - 000000000 ____D C:\Users\elias\AppData\Local\ConnectedDevicesPlatform
2024-01-29 23:41 - 2024-01-29 23:43 - 000000000 __RHD C:\Users\Public\AccountPictures
2024-01-29 23:41 - 2024-01-29 23:41 - 000338040 _____ () C:\Windows\system32\AsusDownLoadLicense.exe
2024-01-29 23:41 - 2024-01-29 23:41 - 000000000 ___SD C:\Users\elias\AppData\Roaming\Microsoft\Crypto
2024-01-29 23:41 - 2024-01-29 23:41 - 000000000 ____D C:\Users\elias\AppData\Roaming\Microsoft\Vault
2024-01-29 23:41 - 2024-01-29 23:41 - 000000000 ____D C:\Users\elias\AppData\Roaming\Microsoft\Network
2024-01-29 23:41 - 2024-01-29 23:41 - 000000000 ____D C:\Users\elias\AppData\Roaming\Adobe
2024-01-29 23:40 - 2024-01-30 12:43 - 000000000 ____D C:\ProgramData\Razer
2024-01-29 23:40 - 2024-01-30 12:32 - 000000000 ____D C:\Program Files (x86)\Razer
2024-01-29 23:40 - 2024-01-29 23:40 - 000000000 ___SD C:\Users\elias\AppData\Roaming\Microsoft\SystemCertificates
2024-01-29 23:40 - 2023-06-16 16:33 - 000161920 _____ (Razer Inc) C:\Windows\system32\RazerS3CoinstallerEx.dll
2024-01-29 23:39 - 2024-02-02 00:29 - 000000000 ____D C:\Users\elias
2024-01-29 23:39 - 2024-01-29 23:44 - 000000000 ____D C:\Users\elias\AppData\Roaming\Microsoft\Spelling
2024-01-29 23:39 - 2024-01-29 23:41 - 000000000 ____D C:\Users\elias\AppData\Roaming\Microsoft\Windows
2024-01-29 23:39 - 2024-01-29 23:39 - 000000020 ___SH C:\Users\elias\ntuser.ini
2024-01-29 23:39 - 2024-01-29 23:39 - 000000000 ___SD C:\Users\elias\AppData\Roaming\Microsoft\Protect
2024-01-29 23:39 - 2024-01-29 23:39 - 000000000 ___SD C:\Users\elias\AppData\Roaming\Microsoft\Credentials
2024-01-29 23:38 - 2024-02-02 10:37 - 000000000 ____D C:\ProgramData\NVIDIA
2024-01-29 23:38 - 2024-02-01 18:03 - 000850316 _____ C:\Windows\system32\PerfStringBackup.INI
2024-01-29 23:38 - 2024-01-30 02:07 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2024-01-29 23:38 - 2024-01-30 00:07 - 000000000 ____D C:\Windows\system32\Drivers\NVIDIA Corporation
2024-01-29 23:38 - 2024-01-30 00:00 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2024-01-29 23:37 - 2024-01-19 00:18 - 006942920 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2024-01-29 23:37 - 2024-01-18 12:32 - 000121880 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2024-01-29 23:37 - 2020-10-07 22:34 - 000670616 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2024-01-29 23:37 - 2020-10-07 22:34 - 000555248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2024-01-29 23:37 - 2020-10-07 22:33 - 000047232 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhdap64.dll

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-02-02 10:37 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-02-02 10:37 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SystemTemp
2024-02-02 10:37 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\AppReadiness
2024-02-02 10:37 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-02-01 18:03 - 2022-05-07 06:22 - 000000000 ____D C:\Windows\INF
2024-02-01 17:59 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\LiveKernelReports
2024-01-31 21:12 - 2022-05-07 06:24 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2024-01-30 21:44 - 2022-05-07 06:17 - 000032768 _____ C:\Windows\system32\config\ELAM
2024-01-30 21:41 - 2022-05-07 06:17 - 000524288 _____ C:\Windows\system32\config\BBI
2024-01-30 16:06 - 2022-05-07 06:24 - 000000000 ___HD C:\Windows\ELAMBKUP
2024-01-30 12:48 - 2022-05-07 06:17 - 000000000 ____D C:\Windows\CbsTemp
2024-01-30 09:32 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-01-30 09:18 - 2022-05-07 06:24 - 000000000 ____D C:\Program Files\Windows Defender
2024-01-30 09:15 - 2023-12-04 07:30 - 000000000 ____D C:\Windows\system32\Microsoft-Edge-WebView
2024-01-30 09:15 - 2022-05-07 08:39 - 000000000 ___SD C:\Windows\system32\AppV
2024-01-30 09:15 - 2022-05-07 06:24 - 000000000 ___SD C:\Windows\SysWOW64\DiagSvcs
2024-01-30 09:15 - 2022-05-07 06:24 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2024-01-30 09:15 - 2022-05-07 06:24 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2024-01-30 09:15 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\UUS
2024-01-30 09:15 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2024-01-30 09:15 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SysWOW64\setup
2024-01-30 09:15 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SystemResources
2024-01-30 09:15 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\WinMetadata
2024-01-30 09:15 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\setup
2024-01-30 09:15 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2024-01-30 09:15 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\oobe
2024-01-30 09:15 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\appraiser
2024-01-30 09:15 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\ShellExperiences
2024-01-30 09:15 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\ShellComponents
2024-01-30 09:15 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\Provisioning
2024-01-30 09:15 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\PolicyDefinitions
2024-01-30 09:15 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\BrowserCore
2024-01-30 09:15 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\bcastdvr
2024-01-30 08:34 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\spool
2024-01-30 08:34 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\AppLocker
2024-01-30 08:32 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\WinBioDatabase
2024-01-30 08:32 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\ServiceState
2024-01-30 08:29 - 2022-05-07 06:24 - 000028672 _____ C:\Windows\system32\config\BCD-Template
2024-01-30 00:54 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\appcompat
2024-01-29 23:57 - 2022-05-07 06:24 - 000000000 ___RD C:\Windows\PrintDialog
2024-01-29 23:57 - 2022-05-07 06:17 - 000000000 ____D C:\Windows\servicing
2024-01-29 23:50 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\WebThreatDefSvc

==================== Files in the root of some directories ========

2024-01-30 11:32 - 2024-01-30 11:32 - 000000017 _____ () C:\Users\elias\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
Click to expand...

Here you have the content of Addition.txt:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27.01.2024 01
Ran by elias (02-02-2024 10:41:55)
Running from C:\Users\elias\Desktop
Microsoft Windows 11 Pro Version 23H2 22631.3085 (X64) (2024-01-30 07:32:46)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1583233846-1445360947-1681163233-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1583233846-1445360947-1681163233-503 - Limited - Disabled)
elias (S-1-5-21-1583233846-1445360947-1681163233-1001 - Administrator - Enabled) => C:\Users\elias
Guest (S-1-5-21-1583233846-1445360947-1681163233-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1583233846-1445360947-1681163233-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AMD StoreMI (HKLM\...\{03554C1E-FCBE-4CC3-8EC9-D2FD236842FC}) (Version: 2.1.0.218 - Advanced Micro Devices, Inc.) Hidden
AMD StoreMI (HKLM\...\AMD_StoreMI) (Version: 2.1.0.218 - Advanced Micro Devices, Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
CPUID CPU-Z 1.79.1 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) <==== ATTENTION
CPUID HWMonitor 1.52 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.52 - CPUID, Inc.)
CurseForge (HKU\S-1-5-21-1583233846-1445360947-1681163233-1001\...\Overwolf_cchhcaiapeikjbdbpfplgmpobbcdkdaphclbmkbj) (Version: 0.244.4.1 - Overwolf app)
Discord (HKU\S-1-5-21-1583233846-1445360947-1681163233-1001\...\Discord) (Version: 1.0.9031 - Discord Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 121.0.6167.140 - Google LLC)
League of Legends (HKU\S-1-5-21-1583233846-1445360947-1681163233-1001\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc)
Malwarebytes version 4.6.8.311 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.6.8.311 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 121.0.2277.83 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 121.0.2277.83 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1583233846-1445360947-1681163233-1001\...\OneDriveSetup.exe) (Version: 24.010.0114.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.34.31938 (HKLM-x32\...\{d92971ab-f030-43c8-8545-c66c818d0e05}) (Version: 14.34.31938.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.34.31938 (HKLM-x32\...\{4f84f2dc-3f70-433a-8f50-8293e0089b0f}) (Version: 14.34.31938.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.34.31938 (HKLM\...\{7DA37AE3-D8AE-49B1-9BDC-23CA0AB9FF22}) (Version: 14.34.31938 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.34.31938 (HKLM\...\{0AE39060-F209-4D05-ABC7-54B8F9CFA32E}) (Version: 14.34.31938 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.34.31938 (HKLM-x32\...\{080D8397-60F4-44B3-BB95-FBB950CB0B4E}) (Version: 14.34.31938 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.34.31938 (HKLM-x32\...\{8DE5B0D4-A6D8-4F72-B8EF-28776A2EE5D5}) (Version: 14.34.31938 - Microsoft Corporation) Hidden
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.27.0.120 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.120 - NVIDIA Corporation)
NVIDIA Graphics Driver 551.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 551.23 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.40.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.40.14 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.241.0.10 - Overwolf Ltd.)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.9.0109.011015 - Razer Inc.)
Riot Client (HKU\S-1-5-21-1583233846-1445360947-1681163233-1001\...\Riot Game Riot_Client.) (Version: - Riot Games, Inc)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 8.0.1.1000 - Samsung Electronics)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteelSeries GG 55.0.0 (HKLM\...\SteelSeries GG) (Version: 55.0.0 - SteelSeries ApS)
Telegram Desktop (HKU\S-1-5-21-1583233846-1445360947-1681163233-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 4.14.9 - Telegram FZ-LLC)
TITANWOLF GAUNTLET Gaming Mouse (HKLM-x32\...\{1B99311C-56B0-418A-910D-BFAECA2472DE}}_is1) (Version: 1.01.CF - TITANWOLF)
Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.4.5-5 - Wacom Technology Corp.)
Warcraft Logs Companion (HKU\S-1-5-21-1583233846-1445360947-1681163233-1001\...\Overwolf_ecboebafnpgnolnpgppohegbpjbhffiahodgijdp) (Version: 8.2.2 - Overwolf app)
WhoCrashed 7.06 (HKLM\...\WhoCrashed_is1) (Version: 7.06 - Resplendence Software Projects Sp.)
Wondershare Filmora 13(Build 13.1.8.5648) (HKU\S-1-5-21-1583233846-1445360947-1681163233-1001\...\Wondershare Filmora 13_is1) (Version: - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
Wondershare NativePush(Build 1.0.1.0) (HKU\S-1-5-21-1583233846-1445360947-1681163233-1001\...\Wondershare NativePush_is1) (Version: - Wondershare Software)

Packages:
=========
Dev Home -> C:\Program Files\WindowsApps\Microsoft.Windows.DevHome_0.1000.389.0_x64__8wekyb3d8bbwe [2024-02-01] (Microsoft Corporation)
Ink.Handwriting.en-US.1.0 -> C:\Program Files\WindowsApps\Microsoft.Ink.Handwriting.en-US.1.0_0.237.110.0_x64__8wekyb3d8bbwe [2024-01-30] (Microsoft Corporation)
Ink.Handwriting.en-US.1.0 -> C:\Program Files\WindowsApps\Microsoft.Ink.Handwriting.en-US.1.0_0.237.110.0_x86__8wekyb3d8bbwe [2024-01-30] (Microsoft Corporation)
Ink.Handwriting.Main.en-US.1.0 -> C:\Program Files\WindowsApps\Microsoft.Ink.Handwriting.Main.en-US.1.0.1_0.237.110.0_x64__8wekyb3d8bbwe [2024-01-30] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.3171.0_x64__8wekyb3d8bbwe [2024-01-29] (Microsoft Studios) [MS Ad]
Microsoft.WindowsAppRuntime.CBS -> C:\Windows\SystemApps\Microsoft.WindowsAppRuntime.CBS_8wekyb3d8bbwe [2024-01-29] (Microsoft Corporation)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2024-02-01] (NVIDIA Corp.)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0 [2024-01-30] (Spotify AB) [Startup Task]
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2401.5.0_x64__cv1g1gvanyjgm [2024-01-30] (WhatsApp Inc.) [Startup Task]
Windows Feature Experience Pack -> C:\Windows\SystemApps\MicrosoftWindows.Client.FileExp_cw5n1h2txyewy [2024-01-30] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1583233846-1445360947-1681163233-1001_Classes\CLSID\{14100442-9664-1407-2647-000000000000}\localserver32 -> C:\Users\elias\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe (Wondershare Technology Group Co.,Ltd -> Wondershare)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-01-30] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_2fe7c165c5dd3267\nvshext.dll [2024-01-19] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-01-30] (Malwarebytes Inc. -> Malwarebytes)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2023-11-09 10:59 - 2023-02-27 21:39 - 001393152 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.Core.Runtime.dll
2024-01-30 00:37 - 2016-07-21 10:54 - 000137728 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2024-01-30 00:37 - 2017-09-12 10:34 - 001506304 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2024-01-29 23:56 - 2023-11-22 14:42 - 002569216 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung Magician\ffmpeg.dll
2024-01-29 23:56 - 2023-11-22 14:42 - 000376320 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung Magician\libegl.dll
2024-01-29 23:56 - 2023-11-22 14:42 - 006620160 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung Magician\libglesv2.dll
2024-01-29 23:56 - 2023-11-22 14:41 - 000143360 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung Magician\resources\app\dist\magutils-napi.node
2024-01-29 23:56 - 2023-11-22 14:41 - 000087040 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung Magician\resources\app\dist\magvibrancy-napi.node
2024-01-29 23:56 - 2023-11-22 14:41 - 000608768 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung Magician\resources\app\dist\uimpewrapper-napi.node
2024-01-29 23:56 - 2023-11-22 14:42 - 004618752 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung Magician\vk_swiftshader.dll
2024-01-29 23:56 - 2023-11-22 14:42 - 000797184 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung Magician\vulkan-1.dll
2024-01-30 00:26 - 2019-06-27 23:02 - 000012800 _____ () [File not signed] C:\Program Files (x86)\TITANWOLF GAUNTLET Gaming Mouse\hidapi.dll
2024-01-30 00:37 - 2017-09-12 10:36 - 000708608 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\elias\Desktop\FRST64.exe:MBAM.Zone.Identifier [135]
AlternateDataStreams: C:\Users\elias\Downloads\MSTeamsSetup_c_l_.exe:MBAM.Zone.Identifier [326]
AlternateDataStreams: C:\Users\elias\Downloads\WacomTablet_6.4.5-5.exe:MBAM.Zone.Identifier [159]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2022-05-07 06:24 - 2022-05-07 06:22 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1583233846-1445360947-1681163233-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{6E0E9D8A-7FBF-48D5-8292-C2E95FB3DA24}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\121.0.2277.83\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EF19CBD3-2154-47F1-939F-AAECBE3939BD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{742AC0EE-6D3B-420F-8DE9-9945F18B5FAF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7EE171F4-2774-4280-BFE1-789B198B15CD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A85EDF09-0C3C-4613-BA60-CB8B8155319B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0CA199BC-1AB9-4303-8BE1-20912954615B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{119F0EF7-9CB4-4E63-82AE-03E9148876C4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D14601D2-CFE4-4822-BF76-AD22390BA935}] => (Allow) F:\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{C2AF90AB-67ED-4293-843F-129AFAB274D1}] => (Allow) F:\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{587443CE-251E-48C2-965C-35FC6228CF5D}] => (Allow) F:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{2F9D7117-C09F-4B55-9F41-BC9910BE21CC}] => (Allow) F:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{6BAB351D-AA71-44FE-A208-B26E61BF17EE}] => (Allow) C:\Users\elias\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe (Wondershare Technology Group Co.,Ltd -> Wondershare)
FirewallRules: [{C9FB849C-5C29-4617-85F3-7FC1FC6BD697}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{FD313F5B-F8CF-4BC5-9A11-8F2CBFB3F128}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{DED2A540-536E-4405-A2A3-DE78A8E492DB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{974A0EDE-53AD-427D-BA5A-7CF41A6BC1E1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{870389A0-D7DE-4219-977B-7F9384F1B7B3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{648565FD-822A-4893-A4D9-ED7DBD00C208}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{2773F25A-9121-40AC-8F2E-6292C59F2C2D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{95FEFFDC-DB65-40C9-BD55-1D176740448F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{762D9BA3-5957-4169-83DA-2856D862A7E6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F422FB34-DBB5-467C-8102-679F966A0E3C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{C1D73ECD-DAD0-4E83-89B4-DE4D61ADA475}] => (Allow) F:\Steam\steamapps\common\SongOfNunu\SongOfNunu.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{7230A31E-DAC6-4D78-9E27-9B28A43903D9}] => (Allow) F:\Steam\steamapps\common\SongOfNunu\SongOfNunu.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{35EA3152-352E-4E69-9812-381380A6CA4D}] => (Allow) F:\Steam\steamapps\common\Stray\Stray.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{628AB30E-A2FF-4B54-8DC0-1DD521292C0D}] => (Allow) F:\Steam\steamapps\common\Stray\Stray.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{11339FA3-7077-4ADF-9D6D-A4A84C889352}] => (Allow) F:\Steam\steamapps\common\Stream Avatars\StreamAvatars.exe () [File not signed]
FirewallRules: [{7AE2C4A8-923F-446C-8056-CEAF16BB156D}] => (Allow) F:\Steam\steamapps\common\Stream Avatars\StreamAvatars.exe () [File not signed]
FirewallRules: [{577C5E3E-CCD8-48FB-A45B-19ED6D99BF57}] => (Allow) F:\Steam\steamapps\common\wallpaper_engine\launcher.exe (Skutta, Kristjan -> )
FirewallRules: [{F98CDB3F-922D-4A97-BA24-9355246F85A7}] => (Allow) F:\Steam\steamapps\common\wallpaper_engine\launcher.exe (Skutta, Kristjan -> )
FirewallRules: [{002D5A30-B609-4A93-AB8B-E303C5D17247}] => (Allow) F:\Overwolf\0.241.0.10\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{39F9293E-97D0-4674-9A16-2CFCCABB68DE}] => (Allow) F:\Overwolf\0.241.0.10\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{56134AB4-4366-4DDD-A2E8-F7D16E2A0E5A}] => (Block) F:\Overwolf\0.241.0.10\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{48761DBE-6D8B-47B6-9E65-8EAAF848D131}] => (Block) F:\Overwolf\0.241.0.10\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{699AD74A-9580-4921-83C5-EB316430B9B4}] => (Allow) F:\Steam\steamapps\common\Valheim\valheim.exe () [File not signed]
FirewallRules: [{2ACD2344-BAB8-4D0D-B519-7FD912FF4021}] => (Allow) F:\Steam\steamapps\common\Valheim\valheim.exe () [File not signed]
FirewallRules: [{F2482FEC-4115-4E01-8286-E6C3197FAEF8}] => (Allow) F:\Steam\steamapps\common\ELDEN RING\Game\start_protected_game.exe (EasyAntiCheat Oy -> Epic Games, Inc.)
FirewallRules: [{8FD2AABD-B329-433D-BA28-C7E9772F7235}] => (Allow) F:\Steam\steamapps\common\ELDEN RING\Game\start_protected_game.exe (EasyAntiCheat Oy -> Epic Games, Inc.)
FirewallRules: [{0BD41F72-9C8F-48BF-B167-DAEEBF2182FE}] => (Allow) F:\Steam\steamapps\common\VRising\VRising.exe (Stunlock Studios AB -> )
FirewallRules: [{97E9EF91-A1DE-495E-AA9D-DD655C3661FB}] => (Allow) F:\Steam\steamapps\common\VRising\VRising.exe (Stunlock Studios AB -> )
FirewallRules: [{405C2014-EBEB-4E9F-A820-4B23B2784C04}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24004.1403.2634.2418_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E1ADCAC6-86D8-45C0-92C4-1975B53918DA}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24004.1403.2634.2418_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{67122470-7EEE-42AB-B055-B2AF3AB25D50}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================


==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (02/01/2024 06:20:07 PM) (Source: Application Error) (EventID: 1000) (User: EPC)
Description: Faulting application name: WindowsPackageManagerServer.exe, version: 1.17.2203.10001, time stamp: 0x622a8641
Faulting module name: WindowsPackageManager.dll, version: 1.17.2203.10001, time stamp: 0x622a8613
Exception code: 0xc0000005
Fault offset: 0x0000000000089bf3
Faulting process id: 0x0x4324
Faulting application start time: 0x0x1da5532e69f9e47
Faulting application path: C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.17.10691.0_x64__8wekyb3d8bbwe\WindowsPackageManagerServer.exe
Faulting module path: C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.17.10691.0_x64__8wekyb3d8bbwe\WindowsPackageManager.dll
Report Id: 07a02f3b-678b-4b3b-b9da-a10df10c4c8a
Faulting package full name: Microsoft.DesktopAppInstaller_1.17.10691.0_x64__8wekyb3d8bbwe
Faulting package-relative application ID: winget

Error: (02/01/2024 02:07:07 PM) (Source: Application Error) (EventID: 1000) (User: EPC)
Description: Faulting application name: WindowsPackageManagerServer.exe, version: 1.17.2203.10001, time stamp: 0x622a8641
Faulting module name: WindowsPackageManager.dll, version: 1.17.2203.10001, time stamp: 0x622a8613
Exception code: 0xc0000005
Fault offset: 0x0000000000089bf3
Faulting process id: 0x0x2258
Faulting application start time: 0x0x1da550f8e808682
Faulting application path: C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.17.10691.0_x64__8wekyb3d8bbwe\WindowsPackageManagerServer.exe
Faulting module path: C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.17.10691.0_x64__8wekyb3d8bbwe\WindowsPackageManager.dll
Report Id: 7d78798b-d900-4f33-8dcf-71ad3efe9914
Faulting package full name: Microsoft.DesktopAppInstaller_1.17.10691.0_x64__8wekyb3d8bbwe
Faulting package-relative application ID: winget

Error: (01/31/2024 03:59:11 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 13) (User: EPC)
Description: C:\Users\elias\AppData\Local\Publishers\8wekyb3d8bbwe\TeamsSharedConfigMicrosoftTeams_8wekyb3d8bbwe-2147024894

Error: (01/31/2024 09:02:39 AM) (Source: Application Error) (EventID: 1000) (User: EPC)
Description: Faulting application name: WindowsPackageManagerServer.exe, version: 1.17.2203.10001, time stamp: 0x622a8641
Faulting module name: WindowsPackageManager.dll, version: 1.17.2203.10001, time stamp: 0x622a8613
Exception code: 0xc0000005
Fault offset: 0x0000000000089bf3
Faulting process id: 0x0x48cc
Faulting application start time: 0x0x1da541bdbcde753
Faulting application path: C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.17.10691.0_x64__8wekyb3d8bbwe\WindowsPackageManagerServer.exe
Faulting module path: C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.17.10691.0_x64__8wekyb3d8bbwe\WindowsPackageManager.dll
Report Id: 049caf55-af97-450b-9efb-c55c15b36899
Faulting package full name: Microsoft.DesktopAppInstaller_1.17.10691.0_x64__8wekyb3d8bbwe
Faulting package-relative application ID: winget

Error: (01/30/2024 09:42:37 PM) (Source: Application Error) (EventID: 1000) (User: EPC)
Description: Faulting application name: WindowsPackageManagerServer.exe, version: 1.17.2203.10001, time stamp: 0x622a8641
Faulting module name: WindowsPackageManager.dll, version: 1.17.2203.10001, time stamp: 0x622a8613
Exception code: 0xc0000005
Fault offset: 0x0000000000089bf3
Faulting process id: 0x0x49e4
Faulting application start time: 0x0x1da53bcdc010cfa
Faulting application path: C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.17.10691.0_x64__8wekyb3d8bbwe\WindowsPackageManagerServer.exe
Faulting module path: C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.17.10691.0_x64__8wekyb3d8bbwe\WindowsPackageManager.dll
Report Id: 0ce579f5-2894-4327-8b76-e9fab5756da3
Faulting package full name: Microsoft.DesktopAppInstaller_1.17.10691.0_x64__8wekyb3d8bbwe
Faulting package-relative application ID: winget

Error: (01/30/2024 09:38:38 PM) (Source: Application Error) (EventID: 1000) (User: EPC)
Description: Faulting application name: WindowsPackageManagerServer.exe, version: 1.17.2203.10001, time stamp: 0x622a8641
Faulting module name: WindowsPackageManager.dll, version: 1.17.2203.10001, time stamp: 0x622a8613
Exception code: 0xc0000005
Fault offset: 0x0000000000089bf3
Faulting process id: 0x0x4650
Faulting application start time: 0x0x1da53bc4db6c6f6
Faulting application path: C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.17.10691.0_x64__8wekyb3d8bbwe\WindowsPackageManagerServer.exe
Faulting module path: C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.17.10691.0_x64__8wekyb3d8bbwe\WindowsPackageManager.dll
Report Id: 0d5499be-f50b-42d4-a977-93e52b7c588e
Faulting package full name: Microsoft.DesktopAppInstaller_1.17.10691.0_x64__8wekyb3d8bbwe
Faulting package-relative application ID: winget

Error: (01/30/2024 12:35:52 PM) (Source: Application Error) (EventID: 1000) (User: EPC)
Description: Faulting application name: WindowsPackageManagerServer.exe, version: 1.17.2203.10001, time stamp: 0x622a8641
Faulting module name: WindowsPackageManager.dll, version: 1.17.2203.10001, time stamp: 0x622a8613
Exception code: 0xc0000005
Fault offset: 0x0000000000089bf3
Faulting process id: 0x0x3e24
Faulting application start time: 0x0x1da53707a8bdf5f
Faulting application path: C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.17.10691.0_x64__8wekyb3d8bbwe\WindowsPackageManagerServer.exe
Faulting module path: C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.17.10691.0_x64__8wekyb3d8bbwe\WindowsPackageManager.dll
Report Id: 63f1debd-9003-44e4-b35f-7582dc70a2d5
Faulting package full name: Microsoft.DesktopAppInstaller_1.17.10691.0_x64__8wekyb3d8bbwe
Faulting package-relative application ID: winget

Error: (01/30/2024 09:17:35 AM) (Source: Application Error) (EventID: 1000) (User: EPC)
Description: Faulting application name: WindowsPackageManagerServer.exe, version: 1.17.2203.10001, time stamp: 0x622a8641
Faulting module name: WindowsPackageManager.dll, version: 1.17.2203.10001, time stamp: 0x622a8613
Exception code: 0xc0000005
Fault offset: 0x0000000000089bf3
Faulting process id: 0x0x2ab4
Faulting application start time: 0x0x1da5354c7c5a861
Faulting application path: C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.17.10691.0_x64__8wekyb3d8bbwe\WindowsPackageManagerServer.exe
Faulting module path: C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.17.10691.0_x64__8wekyb3d8bbwe\WindowsPackageManager.dll
Report Id: af8648a7-4f92-40d3-b102-244b8f40e0ee
Faulting package full name: Microsoft.DesktopAppInstaller_1.17.10691.0_x64__8wekyb3d8bbwe
Faulting package-relative application ID: winget


System errors:
=============
Error: (02/02/2024 10:41:03 AM) (Source: DCOM) (EventID: 10010) (User: EPC)
Description: The server {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} did not register with DCOM within the required timeout.

Error: (02/01/2024 07:45:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The cpuz143 service failed to start due to the following error:
A certificate was explicitly revoked by its issuer.

Error: (02/01/2024 06:21:46 PM) (Source: DCOM) (EventID: 10010) (User: EPC)
Description: The server {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} did not register with DCOM within the required timeout.

Error: (02/01/2024 05:59:17 PM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: NT AUTHORITY)
Description: A fatal hardware error has occurred.

Reported by component: Processor Core
Error Source: 3
Error Type: 9
Processor APIC ID: 25

The details view of this entry contains further information.

Error: (02/01/2024 05:59:17 PM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: NT AUTHORITY)
Description: A fatal hardware error has occurred.

Reported by component: Processor Core
Error Source: 3
Error Type: 9
Processor APIC ID: 24

The details view of this entry contains further information.

Error: (02/01/2024 05:59:16 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 5:47:44 PM on ‎2/‎1/‎2024 was unexpected.

Error: (02/01/2024 02:09:11 PM) (Source: DCOM) (EventID: 10010) (User: EPC)
Description: The server {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} did not register with DCOM within the required timeout.

Error: (02/01/2024 02:08:21 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9NBLGGH4NNS1-Microsoft.DesktopAppInstaller.


CodeIntegrity:
===============
Date: 2024-02-02 10:39:52
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. 5003 10/07/2023
Motherboard: ASUSTeK COMPUTER INC. ROG STRIX X570-E GAMING
Processor: AMD Ryzen 9 5900X 12-Core Processor
Percentage of memory in use: 30%
Total physical RAM: 32678.98 MB
Available physical RAM: 22641.57 MB
Total Virtual: 67494.98 MB
Available Virtual: 54298.14 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.02 GB) (Free:175.92 GB) (Model: Samsung SSD 850 SCSI Disk Device) NTFS
Drive d: (New Volume) (Fixed) (Total:1863.02 GB) (Free:1758.58 GB) (Model: ST2000DM006-2DM1 SCSI Disk Device) NTFS
Drive f: (New Volume) (Fixed) (Total:1863.02 GB) (Free:1651.03 GB) (Model: Sabrent Rocket 4 SCSI Disk Device) NTFS

\\?\Volume{5012481d-713e-4412-92bb-5b393365d482}\ () (Fixed) (Total:0.75 GB) (Free:0.08 GB) NTFS
\\?\Volume{388a7537-5b9a-43c1-a616-cffb43b6846d}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 232.9 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 2 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================
Click to expand...
 
#7
Ok, sorry for the delay.

Download Kaspersky Virus Removal Tool (KVRT) and save it to your Desktop.
Very important to save this to your desktop!!
Select the Windows Key and R Key together, the Run box should open.
Copy and paste the following into the run box.

C:\Users\elias\Desktop\KVRT.exe -dontencrypt
Click to expand...


Select „Ok“ in the Run box.
If the „Windows protected your PC“ window opens, select „More info“. A new windows will open, select „Run anyway“.
An EULA window from KVRT will open, tick all confirmation boxes then select "Accept".
A window from KVRT will open, select "Change Parameters".
In the new window ensure the following boxes are ticked:



  • System memory
  • Startup objects
  • Boot sectors
  • System drive
  • All volumes.
Then select "OK" and „Start scan“.
When completed: If entries are found, there will be options to choose. If "Cure" is offered, leave as it is. For any other options change to "Delete", then select "Continue".
Usually, your system needs a reboot to finish the removal process.
Logfiles can be found on your systemdrive (usually C: ), similar like this:


C:\KVRT2020_Data\Reports\report_<data>_<time>.klr


Right click direct onto those reports, select > open with > Notepad.
Save the files and attach them with your next reply.
 
#10
Hello!

Thanks for your patience, I followed your instructions and ran Kaspersky.

Here's the report you asked:
Ó½ŠŸ€›ÑâåÏÏÏÏÓ¢Š›Ž‹Ž›ŽÏ¹Šœ†€ÒÍÞÍÏ¿¬¦«ÒÍ”®Ý©«ÝÛÚÝÂÜݩݬ«ÛÝ«ڪ¬Â®ØÝØÛÜØÖßÛÞ×’ÍÏ£Žœ›¢€‹†‰†ŒŽ›†€ÒÍÝßÝÛÁßÝÁß×ÏÞÙÕÜØÕÚÙÁß×ÙÍÏÀÑâåÏÏÏÏÓª™Š›ƒ€Œ„œÑâåÏÏÏÏÏÏÏÏÓƒ€Œ„ßÏ»–ŸŠÒͼŒŽÍÏ¿€ŒŠœœŠ‹ÒÍÚßßÚÚ×ÍÏ©€š‹ÒÍßÍÏ¡Šš›Žƒ†•Š‹ÒÍßÍÑâåÏÏÏÏÏÏÏÏÏÏÏÏÓª™Š›ßÏ®Œ›†€ÒͼŒŽÍÏ»†‚ŠÒÍÞÜÜÚÞ×Ø×ÖÝÛÚÝÖÜÙÙßÍÏ …ŠŒ›ÒÍÍϦ‰€Òͼ›Ž›Š‹ÍÏÀÑâåÏÏÏÏÏÏÏÏÏÏÏÏÓª™Š›ÞÏ®Œ›†€ÒͼŒŽÍÏ»†‚ŠÒÍÞÜÜÚÞ××ßÝØÙß×Þ×ØÙÚÍÏ …ŠŒ›ÒÍÍϦ‰€ÒÍ©††œ‡Š‹ÍÏÀÑâåÏÏÏÏÏÏÏÏÓÀƒ€Œ„ßÑâåÏÏÏÏÓÀª™Š›ƒ€Œ„œÑâåÓÀ½ŠŸ€›Ñâå
Click to expand...

I have no idea why these are shown this way.
These are the result from the .exe, if it can be of any help:

1707407030314.png


And these are the details:

1707406973170.png
 
#12
No worries!
Also, thanks go to you guys for your amazing and altruistic job.

Here's the FRST log:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03.02.2024 01
Ran by elias (administrator) on EPC (09-02-2024 17:01:38)
Running from C:\Users\elias\Desktop\Health & Monitoring Utilities\FRST64.exe
Loaded Profiles: elias
Platform: Microsoft Windows 11 Pro Version 23H2 22631.3085 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\TITANWOLF GAUNTLET Gaming Mouse\hid.exe
(Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.8574\Agent.exe
(Blizzard Entertainment, Inc. -> Blizzard Entertainment) F:\Battle.net\Battle.net.exe <6>
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzAppManager
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzDiagnostic
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzIoTDeviceManager
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSmartlightingDeviceManager
(C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe ->) (Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe <5>
(C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe
(C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe ->) (Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\Program Files\SteelSeries\GG\apps\engine\SteelSeriesEngine.exe ->) (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\GG\apps\engine\prism\SteelSeriesPrism.exe
(C:\Program Files\SteelSeries\GG\apps\engine\SteelSeriesEngine.exe ->) (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\GG\apps\moments\SteelSeriesSvcLauncher.exe
(C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe ->) (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\GG\apps\engine\SteelSeriesEngine.exe
(C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe ->) (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\GG\apps\sonar\SteelSeriesSonar.exe
(C:\Program Files\Tablet\Wacom\WacomHost.exe ->) (Wacom Co., Ltd. -> Wacom Co. Ltd.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(C:\Program Files\Tablet\Wacom\WTabletServicePro.exe ->) (Wacom Co., Ltd. -> ) C:\Program Files\Tablet\Wacom\Wacom_UpdateUtil.exe
(C:\Program Files\Tablet\Wacom\WTabletServicePro.exe ->) (Wacom Co., Ltd. -> Wacom Co. Ltd.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(C:\Program Files\Tablet\Wacom\WTabletServicePro.exe ->) (Wacom Co., Ltd. -> Wacom Co. Ltd.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(C:\Program Files\Tablet\Wacom\WTabletServicePro.exe ->) (Wacom Technology Corp. -> Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(C:\Program Files\WindowsApps\MicrosoftTeams_24004.1403.2634.2418_x64__8wekyb3d8bbwe\msteams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\121.0.2277.106\msedgewebview2.exe <13>
(C:\Users\elias\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe ->) (Wondershare Technology Group Co.,Ltd -> Wondershare) C:\Users\elias\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe
(Discord Inc. -> Discord Inc.) C:\Users\elias\AppData\Local\Discord\app-1.0.9032\Discord.exe <6>
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <11>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE
(explorer.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
(explorer.exe ->) (Skutta, Kristjan -> ) F:\Steam\steamapps\common\wallpaper_engine\wallpaper64.exe
(explorer.exe ->) (SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe
(explorer.exe ->) (Valve Corp. -> Valve Corporation) F:\Steam\steam.exe
(F:\Overwolf\Overwolf.exe ->) (Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.241.0.10\OverwolfHelper.exe
(F:\Overwolf\Overwolf.exe ->) (Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.241.0.10\OverwolfHelper64.exe
(F:\Overwolf\Overwolf.exe ->) (Overwolf Ltd -> Overwolf LTD) C:\Users\elias\AppData\Local\Overwolf\ProcessCache\0.241.0.10\cchhcaiapeikjbdbpfplgmpobbcdkdaphclbmkbj\curseforge.exe
(F:\Overwolf\Overwolf.exe ->) (Overwolf Ltd -> Overwolf LTD) F:\Overwolf\0.241.0.10\OverwolfBrowser.exe <4>
(F:\Riot Games\League of Legends\LeagueClient.exe ->) (Riot Games, Inc. -> ) F:\Riot Games\League of Legends\LeagueCrashHandler64.exe
(F:\Riot Games\League of Legends\LeagueClient.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) F:\Riot Games\League of Legends\LeagueClientUx.exe
(F:\Riot Games\League of Legends\LeagueClientUx.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) F:\Riot Games\League of Legends\LeagueClientUxRender.exe <6>
(F:\Riot Games\Riot Client\RiotClientServices.exe ->) () [File not signed] F:\Riot Games\Riot Client\RiotClientCrashHandler.exe
(F:\Riot Games\Riot Client\RiotClientServices.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) F:\Riot Games\League of Legends\LeagueClient.exe
(F:\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) F:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <6>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <6>
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Overwolf Ltd -> Overwolf LTD) F:\Overwolf\Overwolf.exe
(Riot Games, Inc. -> Riot Games, Inc.) F:\Riot Games\Riot Client\RiotClientServices.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_2fe7c165c5dd3267\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
(services.exe ->) (Samsung Electronics Co., Ltd. -> Clonix & CottonCandy) C:\Program Files (x86)\Samsung\Samsung Magician\MigrationService\MigrationService.exe
(services.exe ->) (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagicianSVC.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(services.exe ->) (Wacom Co., Ltd. -> Wacom Co. Ltd.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(services.exe ->) (Wondershare Technology Group Co.,Ltd -> Wondershare) C:\Users\elias\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2401.5.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> ) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.230.1135.0_x64__zpdnekdrzrea0\XboxGameBarSpotify.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2312.1001.18.0_x64__8wekyb3d8bbwe\XboxGameBarWidgets.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2312.1001.18.0_x64__8wekyb3d8bbwe\XboxPcAppFT.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\elias\AppData\Local\Microsoft\OneDrive\24.015.0121.0003\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.1301.40.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\GameBarPresenceWriter.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\Packages\Preview\amd64\MoUsoCoreWorker.exe
(svchost.exe ->) (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe <4>
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SteelSeriesGG] => C:\Program Files\SteelSeries\GG\SteelSeriesGG.exe [13932880 2024-02-06] (SteelSeries ApS -> SteelSeries ApS)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18381792 2017-06-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [TITANWOLF GAUNTLET Gaming Mouse] => C:\Program Files (x86)\TITANWOLF GAUNTLET Gaming Mouse\hid.exe [949248 2021-01-22] () [File not signed]
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKU\S-1-5-21-1583233846-1445360947-1681163233-1001\...\Run: [MicrosoftEdgeAutoLaunch_2690D777BB60E66B250964D5DABE5D33] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3788736 2024-02-05] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1583233846-1445360947-1681163233-1001\...\Run: [RiotClient] => F:\Riot Games\Riot Client\RiotClientServices.exe [70920704 2024-02-09] (Riot Games, Inc. -> Riot Games, Inc.)
HKU\S-1-5-21-1583233846-1445360947-1681163233-1001\...\Run: [Steam] => F:\Steam\steam.exe [4388200 2024-01-13] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-1583233846-1445360947-1681163233-1001\...\Run: [Overwolf] => F:\Overwolf\OverwolfLauncher.exe [1785864 2024-01-07] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-1583233846-1445360947-1681163233-1001\...\Run: [WallpaperEngine] => F:\Steam\steamapps\common\wallpaper_engine\wallpaper64.exe [3938912 2024-01-30] (Skutta, Kristjan -> )
HKU\S-1-5-21-1583233846-1445360947-1681163233-1001\...\Run: [Discord] => C:\Users\elias\AppData\Local\Discord\Update.exe [1525016 2024-01-22] (Discord Inc. -> GitHub)
HKU\S-1-5-21-1583233846-1445360947-1681163233-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3572488 2024-01-10] (Razer USA Ltd. -> Razer Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\121.0.6167.161\Installer\chrmstp.exe [2024-02-09] (Google LLC -> Google LLC)
Startup: C:\Users\elias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2024-02-08]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {6901BF34-AF0A-4CB1-B548-FEC5571EFE29} - System32\Tasks\AMDAutoUpdate => C:\Program Files\AMD\AutoUpdate\AMDAutoUpdate.exe [667808 2021-07-16] (Advanced Micro Devices INC. -> )
Task: {BF7E5CBC-865A-4740-B69E-DDA639CD4B79} - System32\Tasks\GoogleUpdateTaskMachineCore{C79ADBC7-A740-42F1-86CB-6F98C4B06410} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2024-01-29] (Google LLC -> Google LLC)
Task: {C7744916-13F9-4B41-BD9F-6705E7BCA017} - System32\Tasks\GoogleUpdateTaskMachineUA{18A00942-7BD1-484F-BB0A-1AC614D5A832} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2024-01-29] (Google LLC -> Google LLC)
Task: {D2ED7350-1C85-4B38-97BE-1DFE51518A31} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28371568 2024-01-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {B3367559-D7D7-4CCA-94CE-F0E878676168} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28371568 2024-01-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {68DF82E4-CA39-4ABD-86D9-F0DA8AAF5E7D} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [306352 2024-02-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {8DAEFDB0-6447-4F76-8301-9C2ECE285EAC} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [306352 2024-02-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {E88B12D5-6EE2-4B26-B324-F05FE6EA83BB} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [170128 2024-02-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {DA8B70FA-E5B8-4B80-A364-3910597A4BC7} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1005096 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {067DF89B-C189-493E-AC97-E8F6F18C5C99} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3345448 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {682A192B-345F-4EED-85B9-791A6674A0C5} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {27E4EBE1-A9B7-4548-A2E0-610A517EB1DC} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7932105F-2F28-4E32-9BDF-374F86A1667E} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5D6501D2-5743-4DAD-A120-1604E802DF7F} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7D411DF4-6CC5-4581-B595-5B7F4EF7D81A} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1D36EED6-8765-42DA-82FE-7C0D8E19F25A} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B71FFC4A-213B-490C-8464-D8F2447A6536} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {58D65A09-18F5-45E1-BDEA-5AD1E000CC0B} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2641928 2024-01-07] (Overwolf Ltd -> Overwolf LTD)
Task: {BFA28ACF-CD15-495A-BC80-61E70ABAC3A7} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [138741568 2023-11-22] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8bc9453e-45ee-4953-b4be-ecaf26e91c39}: [DhcpNameServer] 192.168.1.1

Edge:
=======
Edge Profile: C:\Users\elias\AppData\Local\Microsoft\Edge\User Data\Default [2024-02-09]
Edge Extension: (Google Docs Offline) - C:\Users\elias\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-29]
Edge Extension: (Edge relevant text changes) - C:\Users\elias\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-29]

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-02-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-02-06] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\elias\AppData\Local\Google\Chrome\User Data\Default [2024-02-09]
CHR Extension: (uBlock Origin) - C:\Users\elias\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2024-01-29]
CHR Extension: (Tampermonkey) - C:\Users\elias\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2024-01-29]
CHR Extension: (Google Docs Offline) - C:\Users\elias\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-29]
CHR Extension: (Shazam: Find song names from your browser) - C:\Users\elias\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmioliijnhnoblpgimnlajmefafdfilb [2024-01-29]
CHR Extension: (Chrome Web Store Payments) - C:\Users\elias\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-01-29]
CHR Profile: C:\Users\elias\AppData\Local\Google\Chrome\User Data\Profile 1 [2024-01-29]
CHR StartupUrls: Profile 1 -> "hxxp://www.google.it/"
CHR Extension: (Google Docs Offline) - C:\Users\elias\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-29]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\elias\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-01-29]
CHR Extension: (Chrome Web Store Payments) - C:\Users\elias\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-01-29]
CHR Profile: C:\Users\elias\AppData\Local\Google\Chrome\User Data\System Profile [2024-01-30]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AsusUpdateCheck; C:\Windows\System32\AsusUpdateCheck.exe [845256 2024-02-09] (ASUSTeK Computer Inc. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14045768 2024-01-29] (Microsoft Corporation -> Microsoft Corporation)
R2 CMigrationService; C:\Program Files (x86)\Samsung\Samsung Magician\MigrationService\MigrationService.exe [761664 2023-11-22] (Samsung Electronics Co., Ltd. -> Clonix & CottonCandy)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9410296 2024-01-30] (Malwarebytes Inc. -> Malwarebytes)
R2 NativePushService; C:\Users\elias\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe [595352 2023-08-22] (Wondershare Technology Group Co.,Ltd -> Wondershare)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_2fe7c165c5dd3267\Display.NvContainer\NVDisplay.Container.exe [1275528 2024-01-19] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2641928 2024-01-07] (Overwolf Ltd -> Overwolf LTD)
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [2165168 2023-11-15] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [305072 2023-11-15] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma Stream Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe [1361360 2023-03-06] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [256264 2023-02-10] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [297736 2024-01-09] (Razer USA Ltd. -> Razer Inc.)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [538424 2023-11-09] (Razer USA Ltd. -> Razer Inc.)
R2 SamsungMagicianSVC; C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagicianSVC.exe [424768 2023-11-22] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [534592 2023-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 SteelSeriesGGUpdateServiceProxy; C:\Program Files\SteelSeries\GG\SteelSeriesGGUpdateServiceProxy.exe [1500608 2023-09-18] (SteelSeries ApS -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe [3174840 2024-01-30] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe [133592 2024-01-30] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [158640 2024-01-30] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R2 mbamchameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [223296 2024-01-30] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2024-01-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt11.sys [233704 2024-02-03] (Malwarebytes Inc. -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [78400 2024-02-03] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239576 2024-01-30] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [188784 2024-02-03] (Malwarebytes Inc. -> Malwarebytes)
R3 NvModuleTracker; C:\Windows\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
R3 rtcx21; C:\Windows\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_516e5c9b75c49dc2\rtcx21x64.sys [539648 2022-05-06] (Microsoft Windows -> Realtek)
R3 RzCommon; C:\Windows\System32\drivers\RzCommon.sys [64168 2022-08-18] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0228; C:\Windows\System32\drivers\RzDev_0228.sys [56136 2021-03-22] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_022b; C:\Windows\System32\drivers\RzDev_022b.sys [64688 2022-08-18] (Razer USA Ltd. -> Razer Inc)
R3 ssdevfactory; C:\Windows\System32\drivers\ssdevfactory.sys [43456 2023-12-19] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries ApS)
R3 SteelSeries_Sonar_VAD; C:\Windows\System32\DriverStore\FileRepository\steelseries-sonar-vad.inf_amd64_da15ab44a6216a8e\SteelSeries-Sonar-VAD.sys [95440 2023-03-17] (SteelSeries ApS -> Windows (R) Win 7 DDK provider)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [55856 2024-01-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [594304 2024-01-30] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105856 2024-01-30] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-02-09 10:45 - 2024-02-09 10:45 - 000000000 ___HD C:\OneDriveTemp
2024-02-08 18:30 - 2024-02-08 18:30 - 000001052 _____ C:\Users\elias\Desktop\Wondershare Filmora 13.lnk
2024-02-08 18:30 - 2024-02-08 18:30 - 000000000 ____D C:\Users\elias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wondershare
2024-02-08 16:14 - 2024-02-08 16:14 - 000000000 ____D C:\KVRT2020_Data
2024-02-06 18:39 - 2024-02-06 18:39 - 000000000 ____D C:\Users\elias\AppData\LocalLow\Temp
2024-02-06 18:02 - 2024-02-06 18:02 - 000000000 ____D C:\Users\elias\AppData\Roaming\Microsoft\UProof
2024-02-06 18:01 - 2024-02-06 18:01 - 000000000 ____D C:\Users\elias\AppData\Roaming\Microsoft\OneNote
2024-02-06 18:01 - 2024-02-06 18:01 - 000000000 ____D C:\Users\elias\AppData\Roaming\Microsoft\AddIns
2024-02-06 18:00 - 2024-02-06 18:14 - 000000000 ____D C:\Users\elias\AppData\Roaming\Microsoft\Office
2024-02-06 18:00 - 2024-02-06 18:00 - 000000000 ____D C:\Users\elias\Documents\OneNote Notebooks
2024-02-06 17:57 - 2024-02-06 17:57 - 000002393 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
2024-02-06 17:57 - 2024-02-06 17:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2024-02-06 17:57 - 2024-02-06 17:57 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-02-06 17:54 - 2024-02-06 17:57 - 000000000 ____D C:\Program Files\Microsoft Office
2024-02-06 17:54 - 2024-02-06 17:54 - 000000000 ____D C:\Program Files\Microsoft Office 15
2024-02-04 22:25 - 2024-02-04 22:25 - 000000000 ____D C:\Users\elias\AppData\Local\UnrealEngine
2024-02-03 11:57 - 2024-02-03 11:57 - 000233704 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt11.sys
2024-02-03 11:56 - 2024-02-03 11:56 - 000188784 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2024-02-03 11:55 - 2024-02-03 11:55 - 000000000 ____H C:\ProgramData\DP45977C.lfl
2024-02-03 11:55 - 2024-02-03 11:55 - 000000000 ____D C:\Windows\SysWOW64\RTCOM
2024-02-03 11:55 - 2024-02-03 11:55 - 000000000 ____D C:\Windows\system32\DAX3
2024-02-03 11:55 - 2024-02-03 11:55 - 000000000 ____D C:\Windows\system32\DAX2
2024-02-03 11:55 - 2024-02-03 11:55 - 000000000 ____D C:\ProgramData\Audyssey Labs
2024-02-03 11:55 - 2024-02-03 11:55 - 000000000 ____D C:\Program Files\Realtek
2024-02-03 11:54 - 2024-02-03 11:55 - 000000000 ___HD C:\Program Files (x86)\Temp
2024-02-03 11:54 - 2024-02-03 11:54 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2024-02-03 11:54 - 2024-02-03 11:54 - 000000000 ____D C:\Program Files (x86)\Realtek
2024-02-03 11:54 - 2017-06-29 18:55 - 015202032 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE3.dll
2024-02-03 11:54 - 2017-06-29 18:55 - 013122576 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO3064.dll
2024-02-03 11:54 - 2017-06-29 18:55 - 012988336 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO4064.dll
2024-02-03 11:54 - 2017-06-29 18:55 - 006410088 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICV3apo.dll
2024-02-03 11:54 - 2017-06-29 18:55 - 005938904 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICV2apo.dll
2024-02-03 11:54 - 2017-06-29 18:55 - 005593608 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll
2024-02-03 11:54 - 2017-06-29 18:55 - 003509256 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2024-02-03 11:54 - 2017-06-29 18:55 - 003507688 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2024-02-03 11:54 - 2017-06-29 18:55 - 003410832 _____ (DTS, Inc.) C:\Windows\system32\slcnt64.dll
2024-02-03 11:54 - 2017-06-29 18:55 - 003299816 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE2.dll
2024-02-03 11:54 - 2017-06-29 18:55 - 003122656 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2024-02-03 11:54 - 2017-06-29 18:55 - 003092336 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RltkAPO.dll
2024-02-03 11:54 - 2017-06-29 18:55 - 002190976 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE.dll
2024-02-03 11:54 - 2017-06-29 18:55 - 001435136 _____ (Synopsys, Inc.) C:\Windows\system32\SRRPTR64.dll
2024-02-03 11:54 - 2017-06-29 18:55 - 001382232 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2024-02-03 11:54 - 2017-06-29 18:55 - 001347136 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2024-02-03 11:54 - 2017-06-29 18:55 - 001337640 _____ (Toshiba Client Solutions Co., Ltd.) C:\Windows\system32\tossaeapo64.dll
2024-02-03 11:54 - 2017-06-29 18:55 - 001016928 _____ (Sound Research, Corp.) C:\Windows\system32\SEHDHF64.dll
2024-02-03 11:54 - 2017-06-29 18:55 - 000984912 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2024-02-03 11:54 - 2017-06-29 18:55 - 000965024 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2024-02-03 11:54 - 2017-06-29 18:55 - 000923736 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
2024-02-03 11:54 - 2017-06-29 18:55 - 000877424 _____ (Sound Research, Corp.) C:\Windows\SysWOW64\SEHDHF32.dll
2024-02-03 11:54 - 2017-06-29 18:55 - 000873456 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2024-02-03 11:54 - 2017-06-29 18:55 - 000868176 _____ (Sound Research, Corp.) C:\Windows\system32\SECOMN64.dll
2024-02-03 11:54 - 2017-06-29 18:55 - 000866640 _____ (Sound Research, Corp.) C:\Windows\system32\SEHDRA64.dll
2024-02-03 11:54 - 2017-06-29 18:55 - 000852128 _____ (Toshiba Client Solutions Co., Ltd.) C:\Windows\system32\tosasfapo64.dll
2024-02-03 11:54 - 2017-06-29 18:55 - 000737960 _____ (Sound Research, Corp.) C:\Windows\SysWOW64\SECOMN32.dll
2024-02-03 11:54 - 2017-06-29 18:55 - 000691680 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2024-02-03 11:54 - 2017-06-29 18:55 - 000677664 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2024-02-03 11:54 - 2017-06-29 18:55 - 000604792 _____ (Toshiba Client Solutions Co., Ltd.) C:\Windows\system32\tossaemaxapo64.dll
2024-02-03 11:54 - 2017-06-29 18:55 - 000568256 _____ (Intel Corporation) C:\Windows\system32\tbb_waves.dll
2024-02-03 11:54 - 2017-06-29 18:55 - 000532376 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2024-02-03 11:54 - 2017-06-29 18:55 - 000525768 _____ (Sound Research, Corp.) C:\Windows\system32\SEAPO64.dll
2024-02-03 11:54 - 2017-06-29 18:55 - 000467152 _____ (Synopsys, Inc.) C:\Windows\system32\SRAPO64.dll
2024-02-03 11:54 - 2017-06-29 18:55 - 000447712 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2024-02-03 11:54 - 2017-06-29 18:55 - 000447176 _____ (Toshiba Client Solutions Co., Ltd.) C:\Windows\system32\toseaeapo64.dll
2024-02-03 11:54 - 2017-06-29 18:55 - 000387312 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2024-02-03 11:54 - 2017-06-29 18:55 - 000381408 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM64.dll
2024-02-03 11:54 - 2017-06-29 18:55 - 000343704 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2024-02-03 11:54 - 2017-06-29 18:55 - 000341144 _____ (Synopsys, Inc.) C:\Windows\SysWOW64\SRCOM.dll
2024-02-03 11:54 - 2017-06-29 18:55 - 000341144 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM.dll
2024-02-03 11:54 - 2017-06-29 18:55 - 000321712 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2024-02-03 11:54 - 2017-06-29 18:55 - 000321712 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2024-02-03 11:54 - 2017-06-29 18:55 - 000231912 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2024-02-03 11:54 - 2017-06-29 18:55 - 000221960 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2024-02-03 11:54 - 2017-06-29 18:55 - 000214832 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2024-02-03 11:54 - 2017-06-29 18:55 - 000209528 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2024-02-03 11:54 - 2017-06-29 18:55 - 000192976 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2024-02-03 11:54 - 2017-06-29 18:55 - 000166200 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2024-02-03 11:54 - 2017-06-29 18:55 - 000158696 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2024-02-03 11:54 - 2017-06-29 18:55 - 000151784 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2024-02-03 11:54 - 2017-06-29 18:55 - 000134200 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2024-02-03 11:54 - 2017-06-29 18:55 - 000110976 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2024-02-03 11:54 - 2017-06-29 18:55 - 000090912 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2024-02-03 11:54 - 2017-06-29 18:55 - 000088344 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2024-02-03 11:54 - 2017-06-29 18:55 - 000088312 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2024-02-03 11:54 - 2017-06-29 18:55 - 000084608 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2024-02-03 11:54 - 2017-06-29 18:55 - 000083624 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2024-02-03 11:54 - 2017-06-29 18:55 - 000075536 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2024-02-03 11:54 - 2017-06-29 18:54 - 024608272 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioCapture64.dll
2024-02-03 11:54 - 2017-06-29 18:54 - 023863048 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRenderAVX64.dll
2024-02-03 11:54 - 2017-06-29 18:54 - 023764392 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRender64.dll
2024-02-03 11:54 - 2017-06-29 18:54 - 010536152 _____ (Intel Corporation) C:\Windows\system32\IntelSSTAPO.dll
2024-02-03 11:54 - 2017-06-29 18:54 - 004059960 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2024-02-03 11:54 - 2017-06-29 18:54 - 002291304 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO7064.dll
2024-02-03 11:54 - 2017-06-29 18:54 - 001780616 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2024-02-03 11:54 - 2017-06-29 18:54 - 001591056 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2024-02-03 11:54 - 2017-06-29 18:54 - 001422920 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO6064.dll
2024-02-03 11:54 - 2017-06-29 18:54 - 001334376 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO64.dll
2024-02-03 11:54 - 2017-06-29 18:54 - 001213656 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2024-02-03 11:54 - 2017-06-29 18:54 - 001166152 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2024-02-03 11:54 - 2017-06-29 18:54 - 000999848 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll
2024-02-03 11:54 - 2017-06-29 18:54 - 000727432 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2024-02-03 11:54 - 2017-06-29 18:54 - 000708312 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2024-02-03 11:54 - 2017-06-29 18:54 - 000680544 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO64.dll
2024-02-03 11:54 - 2017-06-29 18:54 - 000678176 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2024-02-03 11:54 - 2017-06-29 18:54 - 000618184 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2024-02-03 11:54 - 2017-06-29 18:54 - 000514520 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2024-02-03 11:54 - 2017-06-29 18:54 - 000500552 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2024-02-03 11:54 - 2017-06-29 18:54 - 000428224 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2024-02-03 11:54 - 2017-06-29 18:54 - 000406448 _____ (Dolby Laboratories) C:\Windows\system32\HiFiDAX2APIPCLL.dll
2024-02-03 11:54 - 2017-06-29 18:54 - 000366120 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\HMAPO.dll
2024-02-03 11:54 - 2017-06-29 18:54 - 000360344 _____ (Harman) C:\Windows\system32\HMClariFi.dll
2024-02-03 11:54 - 2017-06-29 18:54 - 000330552 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2024-02-03 11:54 - 2017-06-29 18:54 - 000203840 _____ (Harman) C:\Windows\system32\HMHVS.dll
2024-02-03 11:54 - 2017-06-29 18:54 - 000190928 _____ (Harman) C:\Windows\system32\HMEQ_Voice.dll
2024-02-03 11:54 - 2017-06-29 18:54 - 000190928 _____ (Harman) C:\Windows\system32\HMEQ.dll
2024-02-03 11:54 - 2017-06-29 18:54 - 000179592 _____ (Harman) C:\Windows\system32\HMLimiter.dll
2024-02-03 11:54 - 2017-06-29 18:53 - 005346992 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv211.dll
2024-02-03 11:54 - 2017-06-29 18:53 - 002444680 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv201.dll
2024-02-03 11:54 - 2017-06-29 18:53 - 001965808 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2024-02-03 11:54 - 2017-06-29 18:53 - 001959600 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64AF3.dll
2024-02-03 11:54 - 2017-06-29 18:53 - 001616680 _____ (Conexant Systems Inc.) C:\Windows\system32\CX64APO.dll
2024-02-03 11:54 - 2017-06-29 18:53 - 001554600 _____ (Dolby Laboratories) C:\Windows\system32\DAX3APOProp.dll
2024-02-03 11:54 - 2017-06-29 18:53 - 001529136 _____ (Conexant Systems Inc.) C:\Windows\system32\CX64Proxy.dll
2024-02-03 11:54 - 2017-06-29 18:53 - 001508928 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2024-02-03 11:54 - 2017-06-29 18:53 - 001326424 _____ (Dolby Laboratories) C:\Windows\system32\DAX3APOv251.dll
2024-02-03 11:54 - 2017-06-29 18:53 - 001170872 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOvlldp.dll
2024-02-03 11:54 - 2017-06-29 18:53 - 000743960 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2024-02-03 11:54 - 2017-06-29 18:53 - 000609392 _____ (Conexant Systems, Inc.) C:\Windows\system32\CAF64APO2.dll
2024-02-03 11:54 - 2017-06-29 18:53 - 000504304 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2024-02-03 11:54 - 2017-06-29 18:53 - 000445392 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2024-02-03 11:54 - 2017-06-29 18:53 - 000441264 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2024-02-03 11:54 - 2017-06-29 18:53 - 000362048 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64AF3.dll
2024-02-03 11:54 - 2017-06-29 18:53 - 000327448 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2024-02-03 11:54 - 2017-06-29 18:53 - 000310416 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64F3.dll
2024-02-03 11:54 - 2017-06-29 18:53 - 000272712 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2024-02-03 11:54 - 2017-06-29 18:53 - 000253896 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2024-02-03 11:54 - 2017-06-29 18:53 - 000253864 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2024-02-03 11:54 - 2017-06-29 18:53 - 000252872 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2024-02-03 11:54 - 2017-06-29 18:53 - 000115120 _____ (Conexant System, Inc.) C:\Windows\system32\Caf64api.dll
2024-02-03 11:54 - 2017-06-29 18:52 - 005826560 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2024-02-03 11:54 - 2017-06-29 18:52 - 003677160 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2024-02-03 11:54 - 2017-06-29 18:52 - 003205120 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2024-02-03 11:54 - 2017-06-29 18:52 - 002993720 _____ (Audyssey Labs) C:\Windows\system32\AudysseyEfx.dll
2024-02-03 11:54 - 2017-06-29 18:52 - 002110592 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2024-02-03 11:54 - 2017-06-29 18:52 - 000574752 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2024-02-03 11:54 - 2017-06-29 18:52 - 000258856 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2024-02-03 11:54 - 2017-06-29 18:52 - 000118592 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2024-02-03 11:54 - 2017-06-29 18:51 - 014057248 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2024-02-03 11:54 - 2017-06-29 18:51 - 007172912 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2024-02-03 11:54 - 2017-06-29 18:51 - 007096184 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2024-02-03 11:54 - 2017-06-29 18:51 - 006264632 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64AF3.dll
2024-02-03 11:54 - 2017-06-29 18:51 - 002210304 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2024-02-03 11:54 - 2017-06-29 18:51 - 002050176 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2024-02-03 11:54 - 2017-06-29 18:51 - 001186832 _____ (Intel Corporation) C:\Windows\system32\IntelSstCApoPropPage.dll
2024-02-03 11:54 - 2017-06-29 18:51 - 001133064 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOProp.dll
2024-02-03 11:54 - 2017-06-29 18:51 - 001003856 _____ (Nahimic Inc) C:\Windows\system32\NahimicAPONSControl.dll
2024-02-03 11:54 - 2017-06-29 18:51 - 000931616 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2024-02-03 11:54 - 2017-06-29 18:51 - 000416504 _____ (Harman) C:\Windows\system32\HMUI.dll
2024-02-03 11:54 - 2017-06-29 18:51 - 000378384 _____ (Dolby Laboratories) C:\Windows\system32\HiFiDAX2API.dll
2024-02-03 11:54 - 2017-06-29 18:51 - 000154360 _____ (Harman) C:\Windows\system32\HarmanAudioInterface.dll
2024-02-03 11:54 - 2017-06-29 18:51 - 000023688 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2024-02-03 11:54 - 2017-06-29 18:50 - 000122320 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2024-02-03 11:54 - 2017-06-29 18:50 - 000118584 _____ C:\Windows\system32\AcpiServiceVnA64.dll
2024-02-03 11:54 - 2017-06-29 18:50 - 000105304 _____ C:\Windows\system32\audioLibVc.dll
2024-02-03 11:54 - 2017-06-29 03:05 - 000005604 _____ C:\Windows\system32\cxapo.lncs
2024-02-03 11:54 - 2017-06-29 03:05 - 000000864 _____ C:\Windows\system32\cxapo.prop
2024-02-03 11:54 - 2016-09-22 14:55 - 002839520 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2024-02-03 11:53 - 2024-02-03 11:54 - 264424269 _____ (Realtek Semiconductor Corp.) C:\Users\elias\Downloads\0009-64bit_Win7_Win8_Win81_Win10_R282.exe
2024-02-03 11:23 - 2024-02-09 16:30 - 000000000 ____D C:\Users\elias\AppData\Roaming\obs-studio
2024-02-03 11:23 - 2024-02-03 11:23 - 000000774 _____ C:\Users\Public\Desktop\OBS Studio.lnk
2024-02-03 11:23 - 2024-02-03 11:23 - 000000000 ____D C:\ProgramData\obs-studio
2024-02-03 11:23 - 2024-02-03 11:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
2024-02-03 11:22 - 2024-02-03 11:22 - 136048416 _____ (OBS Project) C:\Users\elias\Downloads\OBS-Studio-30.0.2-Full-Installer-x64.exe
2024-02-03 10:57 - 2024-02-03 10:57 - 189846024 _____ C:\Users\elias\Downloads\AnimazeLauncherInstaller.exe
2024-02-03 00:04 - 2024-02-03 17:53 - 000001046 _____ C:\Users\elias\Desktop\Veadotube Mini.lnk
2024-02-03 00:04 - 2024-02-03 00:04 - 000000000 ____D C:\Users\elias\AppData\LocalLow\olmewe
2024-02-03 00:03 - 2024-02-03 00:03 - 000002002 _____ C:\Users\elias\Downloads\veadotubemini-1.4-win64-20220625.zip
2024-02-02 10:40 - 2024-02-09 17:01 - 000000000 ____D C:\FRST
2024-02-01 23:46 - 2024-02-01 23:46 - 005103464 _____ C:\Users\elias\Documents\Amazonit__pc_gamin_1202746777669730304.mp4
2024-02-01 23:46 - 2024-02-01 23:46 - 005102646 _____ C:\Users\elias\Documents\Amazonit__pc_gamin_1202746817796636672.mp4
2024-02-01 23:46 - 2024-02-01 23:46 - 005083962 _____ C:\Users\elias\Documents\Amazonit__pc_gamin_1202746808393007104.mp4
2024-02-01 23:46 - 2024-02-01 23:46 - 005071200 _____ C:\Users\elias\Documents\Amazonit__pc_gamin_1202746816039223296.mp4
2024-02-01 23:46 - 2024-02-01 23:46 - 005053244 _____ C:\Users\elias\Documents\Amazonit__pc_gamin_1202746829628768256.mp4
2024-02-01 23:46 - 2024-02-01 23:46 - 004967009 _____ C:\Users\elias\Documents\Amazonit__pc_gamin_1202746797697531904.mp4
2024-02-01 23:46 - 2024-02-01 23:46 - 004956852 _____ C:\Users\elias\Documents\Amazonit__pc_gamin_1202746818509668352.mp4
2024-02-01 22:50 - 2024-02-01 22:50 - 000000000 ____D C:\Users\elias\AppData\Local\OneDrive
2024-02-01 18:26 - 2024-02-01 18:26 - 000000000 ____D C:\Users\elias\AppData\Local\DBG
2024-01-30 23:23 - 2024-02-06 12:14 - 000000000 ____D C:\Users\elias\Downloads\Telegram Desktop
2024-01-30 21:47 - 2024-01-30 21:47 - 000000842 _____ C:\Users\elias\Desktop\LeagueEZ.lnk
2024-01-30 21:47 - 2024-01-30 21:47 - 000000000 ____D C:\Users\elias\Documents\SYSTEMAX Software Development
2024-01-30 21:47 - 2024-01-30 21:47 - 000000000 ____D C:\Users\elias\AppData\Local\SYSTEMAX Software Development
2024-01-30 21:38 - 2024-02-09 10:45 - 000000000 ____D C:\Users\elias\AppData\Roaming\WTablet
2024-01-30 21:38 - 2024-01-30 21:38 - 000000000 ____D C:\Users\elias\AppData\Local\IsolatedStorage
2024-01-30 21:34 - 2024-01-30 21:34 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom Tablet
2024-01-30 21:33 - 2024-01-30 21:33 - 000000000 ____D C:\Program Files\Tablet
2024-01-30 21:33 - 2024-01-24 22:33 - 000142728 _____ (Wacom Co. Ltd.) C:\Windows\system32\Drivers\wachidrouter.sys
2024-01-30 21:33 - 2024-01-24 22:33 - 000041968 _____ (Wacom Co. Ltd.) C:\Windows\system32\Drivers\wacomrouterfilter.sys
2024-01-30 21:33 - 2024-01-24 22:32 - 002653120 _____ (Wacom Co. Ltd.) C:\Windows\system32\Wacom_Tablet.dll
2024-01-30 21:33 - 2024-01-24 22:32 - 002646464 _____ (Wacom Co. Ltd.) C:\Windows\system32\Wacom_Touch_Tablet.dll
2024-01-30 21:33 - 2024-01-24 22:32 - 002489280 _____ (Wacom Co. Ltd.) C:\Windows\system32\WacomMT.dll
2024-01-30 21:33 - 2024-01-24 22:32 - 002449856 _____ (Wacom Co. Ltd.) C:\Windows\system32\Wintab32.dll
2024-01-30 21:33 - 2024-01-24 22:32 - 002191296 _____ (Wacom Co. Ltd.) C:\Windows\SysWOW64\Wacom_Tablet.dll
2024-01-30 21:33 - 2024-01-24 22:32 - 002184128 _____ (Wacom Co. Ltd.) C:\Windows\SysWOW64\Wacom_Touch_Tablet.dll
2024-01-30 21:33 - 2024-01-24 22:32 - 002018752 _____ (Wacom Co. Ltd.) C:\Windows\SysWOW64\WacomMT.dll
2024-01-30 21:33 - 2024-01-24 22:32 - 001974208 _____ (Wacom Co. Ltd.) C:\Windows\SysWOW64\Wintab32.dll
2024-01-30 21:32 - 2024-01-30 21:32 - 140401008 _____ (Wacom Technology, Corp.) C:\Users\elias\Downloads\WacomTablet_6.4.5-5.exe
2024-01-30 16:07 - 2024-02-09 10:46 - 000000000 ____D C:\Users\elias\AppData\Local\Malwarebytes
2024-01-30 16:07 - 2024-01-30 16:07 - 000000000 ____D C:\Users\elias\AppData\Local\mbam
2024-01-30 16:06 - 2024-01-30 16:06 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2024-01-30 16:06 - 2024-01-30 16:06 - 000000000 ____D C:\ProgramData\Malwarebytes
2024-01-30 16:06 - 2024-01-30 16:06 - 000000000 ____D C:\Program Files\Malwarebytes
2024-01-30 16:05 - 2024-01-30 16:05 - 002582384 _____ (Malwarebytes) C:\Users\elias\Downloads\MBSetup.exe
2024-01-30 12:45 - 2024-02-09 17:01 - 000000000 ____D C:\Users\elias\Desktop\Health & Monitoring Utilities
2024-01-30 12:45 - 2024-01-30 12:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WhoCrashed
2024-01-30 12:45 - 2024-01-30 12:45 - 000000000 ____D C:\Program Files\WhoCrashed
2024-01-30 12:44 - 2024-01-30 12:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2024-01-30 12:44 - 2024-01-30 12:44 - 000000000 ____D C:\Program Files\CPUID
2024-01-30 12:41 - 2024-01-30 12:42 - 013568760 _____ (Resplendence Software Projects Sp. ) C:\Users\elias\Downloads\whocrashedSetup.exe
2024-01-30 12:39 - 2024-01-30 12:39 - 001717944 _____ ( ) C:\Users\elias\Downloads\cpu-z_1.79-en.exe
2024-01-30 12:39 - 2024-01-30 12:39 - 001512448 _____ (CPUID, Inc. ) C:\Users\elias\Downloads\hwmonitor_1.52.exe
2024-01-30 12:39 - 2024-01-30 12:39 - 001084390 _____ C:\Users\elias\Downloads\[Guru3D.com]-DDU.zip
2024-01-30 12:34 - 2024-01-30 12:34 - 000000000 ____D C:\Users\elias\AppData\Local\AWSToolkit
2024-01-30 12:33 - 2024-01-30 12:36 - 000000000 ____D C:\Users\elias\AppData\Local\Razer
2024-01-30 12:33 - 2024-01-30 12:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2024-01-30 12:32 - 2024-01-30 12:32 - 000000000 ____D C:\Program Files\Razer Chroma SDK
2024-01-30 12:32 - 2024-01-30 12:32 - 000000000 ____D C:\Program Files\Razer
2024-01-30 12:32 - 2024-01-30 12:32 - 000000000 ____D C:\Program Files (x86)\Razer Chroma SDK
2024-01-30 12:20 - 2024-01-30 12:20 - 009048840 _____ (Razer Inc.) C:\Users\elias\Downloads\RazerSynapseInstaller_V1.15.0.504.exe
2024-01-30 12:15 - 2024-02-09 16:46 - 000000000 ____D C:\Users\elias\AppData\Local\Discord
2024-01-30 12:15 - 2024-02-09 10:46 - 000000000 ____D C:\Users\elias\AppData\Roaming\discord
2024-01-30 12:15 - 2024-02-01 00:39 - 000002231 _____ C:\Users\elias\Desktop\Discord.lnk
2024-01-30 12:15 - 2024-01-31 15:59 - 000000000 ____D C:\Users\elias\AppData\Local\SquirrelTemp
2024-01-30 12:15 - 2024-01-30 12:15 - 000000000 ____D C:\Users\elias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2024-01-30 12:14 - 2024-01-30 12:15 - 096195352 _____ (Discord Inc.) C:\Users\elias\Downloads\DiscordSetup.exe
2024-01-30 11:32 - 2024-01-30 11:32 - 000000017 _____ C:\Users\elias\AppData\Local\resmon.resmoncfg
2024-01-30 11:25 - 2024-01-30 11:25 - 000000000 ____D C:\Users\elias\AppData\Roaming\EldenRing
2024-01-30 11:25 - 2024-01-30 11:25 - 000000000 ____D C:\Users\elias\AppData\LocalLow\Stunlock Studios
2024-01-30 11:24 - 2024-01-30 11:24 - 000000000 ____D C:\Users\elias\AppData\LocalLow\IronGate
2024-01-30 11:05 - 2024-01-30 11:05 - 000000000 ____H C:\Users\elias\Documents\Default.rdp
2024-01-30 10:54 - 2024-01-30 10:54 - 000000639 _____ C:\Users\elias\Desktop\Telegram.lnk
2024-01-30 10:54 - 2024-01-30 10:54 - 000000000 ____D C:\Users\elias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop
2024-01-30 10:53 - 2024-01-30 10:53 - 043011288 _____ (Telegram FZ-LLC ) C:\Users\elias\Downloads\tsetup-x64.4.14.9.exe
2024-01-30 10:47 - 2024-01-30 10:47 - 000000862 _____ C:\Users\elias\Desktop\LeagueLORE.lnk
2024-01-30 09:43 - 2024-02-09 10:46 - 000001864 _____ C:\Users\elias\Desktop\Warcraft Logs Companion.lnk
2024-01-30 09:43 - 2024-01-30 09:43 - 002106792 _____ (Overwolf Ltd.) C:\Users\elias\Downloads\Warcraft Logs Companion - Installer.exe
2024-01-30 09:36 - 2024-02-08 10:13 - 000000000 ____D C:\Users\elias\AppData\Roaming\steelseries-gg-client
2024-01-30 09:36 - 2024-01-30 09:36 - 000000000 ____D C:\ProgramData\obs-studio-hook
2024-01-30 09:35 - 2024-02-09 10:46 - 000001864 _____ C:\Users\elias\Desktop\CurseForge.lnk
2024-01-30 09:35 - 2024-01-30 09:43 - 000000000 ____D C:\Users\elias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2024-01-30 09:35 - 2024-01-30 09:35 - 000004368 _____ C:\Windows\system32\Tasks\Overwolf Updater Task
2024-01-30 09:35 - 2024-01-30 09:35 - 000000000 ____D C:\ProgramData\Overwolf
2024-01-30 09:34 - 2024-01-30 09:34 - 000001583 _____ C:\Users\elias\Desktop\SAI2.lnk
2024-01-30 09:31 - 2024-02-09 10:46 - 000000000 ____D C:\Users\elias\AppData\Local\Overwolf
2024-01-30 09:31 - 2024-01-30 09:31 - 000000000 ____D C:\Users\elias\AppData\Local\ElevatedDiagnostics
2024-01-30 09:31 - 2024-01-30 09:31 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2024-01-30 09:22 - 2024-01-30 09:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SteelSeries
2024-01-30 09:21 - 2024-02-07 21:47 - 000000681 _____ C:\Users\elias\Desktop\Mio.lnk
2024-01-30 09:21 - 2024-01-30 09:21 - 000000000 ____D C:\Program Files\SteelSeries
2024-01-30 09:20 - 2024-02-08 10:12 - 000000000 ____D C:\ProgramData\SteelSeries
2024-01-30 09:18 - 2024-01-30 09:19 - 000000000 ____D C:\Windows\system32\MRT
2024-01-30 09:17 - 2024-02-04 22:25 - 000000000 ____D C:\Users\elias\AppData\Local\CrashDumps
2024-01-30 08:34 - 2024-01-30 08:34 - 000000000 ____D C:\Windows\CSC
2024-01-30 08:32 - 2024-02-05 14:05 - 000000000 ____D C:\ProgramData\Packages
2024-01-30 08:32 - 2024-01-30 08:32 - 000000000 _SHDL C:\Documents and Settings
2024-01-30 08:30 - 2024-02-09 10:45 - 000901328 _____ () C:\Windows\system32\wpbbin.exe
2024-01-30 08:30 - 2024-02-09 10:45 - 000845256 _____ C:\Windows\system32\AsusUpdateCheck.exe
2024-01-30 08:30 - 2024-02-09 10:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-01-30 08:30 - 2024-02-09 10:45 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-01-30 08:30 - 2024-02-07 10:19 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-01-30 08:30 - 2024-02-07 10:19 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2024-01-30 08:30 - 2024-02-06 21:55 - 000331992 _____ C:\Windows\system32\FNTCACHE.DAT
2024-01-30 08:30 - 2024-02-06 10:56 - 000003536 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-01-30 08:30 - 2024-02-06 10:56 - 000003412 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-01-30 08:30 - 2024-01-30 21:38 - 000012288 ___SH C:\DumpStack.log.tmp
2024-01-30 08:30 - 2024-01-30 09:18 - 000000000 ____D C:\Windows\system32\Drivers\wd
2024-01-30 08:30 - 2024-01-30 08:30 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2024-01-30 08:30 - 2024-01-30 08:30 - 000000000 ____D C:\Windows\system32\config\BFS
2024-01-30 08:30 - 2024-01-30 08:30 - 000000000 ____D C:\Windows\ServiceProfiles
2024-01-30 08:30 - 2024-01-30 08:30 - 000000000 ____D C:\ProgramData\ASUS
2024-01-30 08:29 - 2024-02-01 16:08 - 000000000 ____D C:\Windows\Panther
2024-01-30 01:35 - 2024-01-30 01:35 - 000019222 _____ C:\Windows\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-01-30 01:34 - 2024-01-30 01:34 - 000019222 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json
2024-01-30 01:32 - 2024-01-30 01:33 - 000000000 ___HD C:\$WinREAgent
2024-01-30 00:58 - 2024-01-30 00:58 - 000000000 ____D C:\Users\elias\AppData\Local\Backup
2024-01-30 00:47 - 2024-02-09 10:47 - 000000000 ____D C:\Users\elias\AppData\Roaming\RtSubscribe
2024-01-30 00:46 - 2024-01-30 00:46 - 000000016 _____ C:\ProgramData\mntemp
2024-01-30 00:46 - 2024-01-30 00:46 - 000000000 ____D C:\Users\elias\AppData\Roaming\NVIDIA
2024-01-30 00:37 - 2024-01-30 00:37 - 000000000 ____D C:\Users\elias\AppData\Local\PeerDistRepub
2024-01-30 00:36 - 2024-02-09 16:59 - 000000000 ____D C:\ProgramData\Wondershare Filmora
2024-01-30 00:36 - 2024-01-30 00:47 - 000000000 ____D C:\Users\elias\AppData\Local\Wondershare
2024-01-30 00:36 - 2024-01-30 00:47 - 000000000 ____D C:\ProgramData\Wondershare
2024-01-30 00:36 - 2024-01-30 00:46 - 000000000 ____D C:\Users\elias\AppData\Roaming\Wondershare
2024-01-30 00:35 - 2024-01-30 00:35 - 000000000 ____D C:\ProgramData\Blizzard Entertainment
2024-01-30 00:34 - 2024-02-09 16:57 - 000000000 ____D C:\Users\elias\AppData\Local\Battle.net
2024-01-30 00:34 - 2024-01-30 00:35 - 000000000 ____D C:\Users\elias\AppData\Roaming\Battle.net
2024-01-30 00:30 - 2024-02-08 18:30 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2024-01-30 00:29 - 2024-01-30 00:29 - 002100728 _____ C:\Users\elias\Downloads\filmora_setup_full846.exe
2024-01-30 00:26 - 2024-01-30 00:26 - 001502431 _____ C:\Windows\unins000.exe
2024-01-30 00:26 - 2024-01-30 00:26 - 000052932 _____ C:\Windows\unins000.dat
2024-01-30 00:26 - 2024-01-30 00:26 - 000000000 ____D C:\Users\elias\Documents\TITANWOLF GAUNTLET Gaming Mouse
2024-01-30 00:26 - 2024-01-30 00:26 - 000000000 ____D C:\Users\elias\Documents\League of Legends
2024-01-30 00:26 - 2024-01-30 00:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TITANWOLF GAUNTLET Gaming Mouse
2024-01-30 00:26 - 2024-01-30 00:26 - 000000000 ____D C:\Program Files (x86)\TITANWOLF GAUNTLET Gaming Mouse
2024-01-30 00:26 - 2023-12-04 19:28 - 005191848 _____ (Intel Corporation) C:\Windows\system32\Drivers\Netwtw10.sys
2024-01-30 00:26 - 2023-12-04 19:28 - 001472168 _____ (Intel Corporation) C:\Windows\system32\IntelIHVRouter10.dll
2024-01-30 00:25 - 2024-01-30 00:25 - 000000453 _____ C:\Users\Public\Desktop\Battle.net.lnk
2024-01-30 00:25 - 2024-01-30 00:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2024-01-30 00:20 - 2024-01-30 00:20 - 000000000 ____D C:\Users\elias\AppData\Local\SongOfNunu
2024-01-30 00:20 - 2024-01-30 00:20 - 000000000 ____D C:\Users\elias\AppData\Local\Hk_project
2024-01-30 00:19 - 2024-02-05 15:17 - 000000560 _____ C:\Users\elias\Desktop\New Passwords.txt
2024-01-30 00:18 - 2024-01-30 00:18 - 000000000 ____D C:\Program Files\Reference Assemblies
2024-01-30 00:18 - 2024-01-30 00:18 - 000000000 ____D C:\Program Files\MSBuild
2024-01-30 00:18 - 2024-01-30 00:18 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2024-01-30 00:18 - 2024-01-30 00:18 - 000000000 ____D C:\Program Files (x86)\MSBuild
2024-01-30 00:16 - 2024-01-30 11:24 - 000000000 ____D C:\Users\elias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2024-01-30 00:15 - 2024-01-30 00:15 - 000000000 ____D C:\Users\elias\AppData\Local\Comms
2024-01-30 00:14 - 2024-01-30 11:22 - 000000000 ____D C:\Users\elias\AppData\Local\Steam
2024-01-30 00:14 - 2024-01-30 00:14 - 000000000 ____D C:\Windows\system32\SteelSeries
2024-01-30 00:13 - 2024-01-30 00:13 - 000003480 _____ C:\Windows\system32\Tasks\AMDAutoUpdate
2024-01-30 00:13 - 2024-01-30 00:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD
2024-01-30 00:13 - 2024-01-30 00:13 - 000000000 ____D C:\ProgramData\AMD AutoUpdate
2024-01-30 00:12 - 2024-01-30 16:13 - 000000000 ____D C:\Users\elias\AppData\Local\cache
2024-01-30 00:12 - 2024-01-30 10:30 - 000000000 ____D C:\Users\elias\AppData\Local\AMD
2024-01-30 00:12 - 2024-01-30 10:30 - 000000000 ____D C:\AMD
2024-01-30 00:12 - 2024-01-30 00:13 - 000000000 ____D C:\Program Files\AMD
2024-01-30 00:12 - 2024-01-30 00:12 - 000000000 ____D C:\Users\elias\AppData\Local\Blizzard Entertainment
2024-01-30 00:11 - 2024-01-30 00:11 - 000000559 _____ C:\Users\Public\Desktop\Steam.lnk
2024-01-30 00:11 - 2024-01-30 00:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2024-01-30 00:11 - 2024-01-30 00:11 - 000000000 ____D C:\ProgramData\Battle.net
2024-01-30 00:09 - 2024-01-30 09:17 - 000000605 _____ C:\Users\Public\Desktop\Riot Client.lnk
2024-01-30 00:09 - 2024-01-30 00:09 - 000001583 _____ C:\Users\Public\Desktop\League of Legends.lnk
2024-01-30 00:08 - 2024-02-09 10:47 - 000000000 ____D C:\ProgramData\Riot Games
2024-01-30 00:08 - 2024-01-30 00:26 - 000000000 ____D C:\Users\elias\AppData\Local\Riot Games
2024-01-30 00:08 - 2024-01-30 00:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
2024-01-30 00:08 - 2024-01-30 00:08 - 000000000 ____D C:\Users\elias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Riot Games
2024-01-30 00:07 - 2024-01-30 00:07 - 003429839 _____ C:\Users\elias\Downloads\Driver-Titanwolf-Maus_USB_optisch_V2_schwarz-305384.zip
2024-01-30 00:07 - 2024-01-30 00:07 - 000000000 ____D C:\Users\elias\AppData\LocalLow\NVIDIA
2024-01-30 00:06 - 2024-01-30 00:06 - 004925568 _____ (Blizzard Entertainment) C:\Users\elias\Downloads\Battle.net-Setup.exe
2024-01-30 00:06 - 2024-01-30 00:06 - 002296488 _____ C:\Users\elias\Downloads\SteamSetup.exe
2024-01-30 00:06 - 2024-01-30 00:06 - 002131032 _____ (Overwolf Ltd.) C:\Users\elias\Downloads\CurseForge - Installer.exe
2024-01-30 00:05 - 2024-01-30 00:06 - 071456512 _____ (Riot Games, Inc.) C:\Users\elias\Downloads\Install League of Legends euw.exe
2024-01-30 00:04 - 2024-01-19 00:25 - 002095360 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2024-01-30 00:04 - 2024-01-19 00:25 - 002095360 _____ C:\Windows\system32\vulkaninfo.exe
2024-01-30 00:04 - 2024-01-19 00:25 - 001655656 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2024-01-30 00:04 - 2024-01-19 00:25 - 001655656 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2024-01-30 00:04 - 2024-01-19 00:25 - 001487376 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2024-01-30 00:04 - 2024-01-19 00:25 - 001434480 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2024-01-30 00:04 - 2024-01-19 00:25 - 001434480 _____ C:\Windows\system32\vulkan-1.dll
2024-01-30 00:04 - 2024-01-19 00:25 - 001278720 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2024-01-30 00:04 - 2024-01-19 00:25 - 001278720 _____ C:\Windows\SysWOW64\vulkan-1.dll
2024-01-30 00:04 - 2024-01-19 00:25 - 001226872 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2024-01-30 00:04 - 2024-01-19 00:22 - 001040400 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll
2024-01-30 00:04 - 2024-01-19 00:22 - 000670240 _____ (NVIDIA Corporation) C:\Windows\system32\nvofapi64.dll
2024-01-30 00:04 - 2024-01-19 00:22 - 000505992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvofapi.dll
2024-01-30 00:04 - 2024-01-19 00:21 - 002173984 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2024-01-30 00:04 - 2024-01-19 00:21 - 001625632 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2024-01-30 00:04 - 2024-01-19 00:21 - 001542280 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2024-01-30 00:04 - 2024-01-19 00:21 - 001199112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2024-01-30 00:04 - 2024-01-19 00:21 - 000841848 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe
2024-01-30 00:04 - 2024-01-19 00:20 - 016032888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2024-01-30 00:04 - 2024-01-19 00:20 - 012928120 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2024-01-30 00:04 - 2024-01-19 00:20 - 006780960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2024-01-30 00:04 - 2024-01-19 00:20 - 003721224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2024-01-30 00:04 - 2024-01-19 00:20 - 001023608 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2024-01-30 00:04 - 2024-01-19 00:20 - 000787064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2024-01-30 00:04 - 2024-01-19 00:20 - 000459912 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe
2024-01-30 00:04 - 2024-01-19 00:19 - 005907464 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2024-01-30 00:04 - 2024-01-19 00:19 - 005772816 _____ (NVIDIA Corporation) C:\Windows\system32\nvcudadebugger.dll
2024-01-30 00:04 - 2024-01-19 00:18 - 006030584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2024-01-30 00:04 - 2024-01-19 00:18 - 000853000 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe
2024-01-30 00:04 - 2024-01-18 12:32 - 000120271 _____ C:\Windows\system32\nvinfo.pb
2024-01-30 00:01 - 2024-01-30 12:44 - 000000000 ____D C:\Users\elias\Desktop\Drive & Hardware Utilities
2024-01-30 00:01 - 2024-01-30 10:30 - 000000000 ____D C:\Users\elias\ansel
2024-01-30 00:01 - 2024-01-30 09:19 - 000000000 ____D C:\Users\elias\AppData\Local\NVIDIA Corporation
2024-01-30 00:01 - 2024-01-30 00:01 - 000000000 ____D C:\Users\elias\AppData\Local\VirtualStore
2024-01-30 00:01 - 2024-01-30 00:01 - 000000000 ____D C:\Users\elias\AppData\Local\CEF
2024-01-30 00:00 - 2024-02-09 10:46 - 000000000 ____D C:\Users\elias\AppData\Roaming\Samsung Magician
2024-01-30 00:00 - 2024-02-04 22:24 - 000000000 ____D C:\ProgramData\Package Cache
2024-01-30 00:00 - 2024-01-30 00:08 - 000000000 ____D C:\Users\elias\AppData\Local\NVIDIA
2024-01-30 00:00 - 2024-01-30 00:07 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2024-01-30 00:00 - 2024-01-30 00:00 - 000004308 _____ C:\Windows\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-01-30 00:00 - 2024-01-30 00:00 - 000003976 _____ C:\Windows\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-01-30 00:00 - 2024-01-30 00:00 - 000003940 _____ C:\Windows\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-01-30 00:00 - 2024-01-30 00:00 - 000003894 _____ C:\Windows\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-01-30 00:00 - 2024-01-30 00:00 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-01-30 00:00 - 2024-01-30 00:00 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-01-30 00:00 - 2024-01-30 00:00 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-01-30 00:00 - 2024-01-30 00:00 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-01-30 00:00 - 2024-01-30 00:00 - 000003654 _____ C:\Windows\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-01-30 00:00 - 2024-01-30 00:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2024-01-30 00:00 - 2023-11-02 03:55 - 002905128 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2024-01-30 00:00 - 2023-11-02 03:55 - 002235944 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2024-01-30 00:00 - 2023-11-02 03:54 - 001296936 _____ (NVIDIA Corporation) C:\Windows\system32\NvRtmpStreamer64.dll
2024-01-30 00:00 - 2023-11-02 03:27 - 000086568 _____ C:\Windows\system32\FvSDK_x64.dll
2024-01-30 00:00 - 2023-11-02 03:27 - 000075304 _____ C:\Windows\SysWOW64\FvSDK_x86.dll
2024-01-30 00:00 - 2023-03-10 09:28 - 000170040 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2024-01-30 00:00 - 2023-03-10 09:28 - 000149048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2024-01-30 00:00 - 2022-10-14 08:06 - 000059928 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2024-01-30 00:00 - 2022-07-14 00:32 - 000060112 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys
2024-01-29 23:57 - 2024-01-29 23:57 - 076229610 _____ C:\Users\elias\Downloads\AMD_StoreMI.zip
2024-01-29 23:57 - 2024-01-29 23:57 - 000003328 _____ C:\Windows\system32\Tasks\SamsungMagician
2024-01-29 23:57 - 2024-01-29 23:57 - 000000000 ____D C:\Users\elias\AppData\Local\Publishers
2024-01-29 23:57 - 2024-01-29 23:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician
2024-01-29 23:56 - 2024-01-29 23:57 - 131933552 _____ (NVIDIA Corporation) C:\Users\elias\Downloads\GeForce_Experience_v3.27.0.120.exe
2024-01-29 23:56 - 2024-01-29 23:56 - 000000000 ____D C:\Users\elias\AppData\Local\Sabrent
2024-01-29 23:56 - 2024-01-29 23:56 - 000000000 ____D C:\ProgramData\Samsung
2024-01-29 23:56 - 2024-01-29 23:56 - 000000000 ____D C:\Program Files (x86)\Samsung
2024-01-29 23:52 - 2024-02-01 18:21 - 000000000 ____D C:\Users\elias\AppData\Roaming\Microsoft\MMC
2024-01-29 23:48 - 2024-02-09 01:11 - 000002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-01-29 23:48 - 2024-02-09 01:11 - 000002204 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2024-01-29 23:48 - 2024-01-29 23:48 - 000000000 ____D C:\Users\elias\AppData\Local\Google
2024-01-29 23:47 - 2024-02-09 16:11 - 000000000 ____D C:\Program Files (x86)\Google
2024-01-29 23:47 - 2024-02-01 14:06 - 000003790 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA{18A00942-7BD1-484F-BB0A-1AC614D5A832}
2024-01-29 23:47 - 2024-02-01 14:06 - 000003666 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore{C79ADBC7-A740-42F1-86CB-6F98C4B06410}
2024-01-29 23:47 - 2024-01-29 23:47 - 000000000 ____D C:\Program Files\Google
2024-01-29 23:44 - 2024-02-09 12:11 - 000000000 ____D C:\Users\elias\AppData\Local\D3DSCache
2024-01-29 23:43 - 2024-02-09 10:45 - 000000000 ___RD C:\Users\elias\OneDrive
2024-01-29 23:43 - 2024-02-08 15:14 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1583233846-1445360947-1681163233-1001
2024-01-29 23:43 - 2024-02-08 15:14 - 000003356 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1583233846-1445360947-1681163233-1001
2024-01-29 23:43 - 2024-02-08 15:14 - 000002383 _____ C:\Users\elias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-01-29 23:43 - 2024-02-04 22:25 - 000000000 ____D C:\Users\elias\AppData\Local\PlaceholderTileLogoFolder
2024-01-29 23:43 - 2024-01-29 23:43 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2024-01-29 23:41 - 2024-02-04 22:25 - 000000000 ____D C:\Users\elias\AppData\Local\Packages
2024-01-29 23:41 - 2024-01-30 09:17 - 000000000 ____D C:\Users\elias\AppData\Local\ConnectedDevicesPlatform
2024-01-29 23:41 - 2024-01-29 23:43 - 000000000 __RHD C:\Users\Public\AccountPictures
2024-01-29 23:41 - 2024-01-29 23:41 - 000338040 _____ () C:\Windows\system32\AsusDownLoadLicense.exe
2024-01-29 23:41 - 2024-01-29 23:41 - 000000000 ___SD C:\Users\elias\AppData\Roaming\Microsoft\Crypto
2024-01-29 23:41 - 2024-01-29 23:41 - 000000000 ____D C:\Users\elias\AppData\Roaming\Microsoft\Vault
2024-01-29 23:41 - 2024-01-29 23:41 - 000000000 ____D C:\Users\elias\AppData\Roaming\Microsoft\Network
2024-01-29 23:41 - 2024-01-29 23:41 - 000000000 ____D C:\Users\elias\AppData\Roaming\Adobe
2024-01-29 23:40 - 2024-01-30 12:43 - 000000000 ____D C:\ProgramData\Razer
2024-01-29 23:40 - 2024-01-30 12:32 - 000000000 ____D C:\Program Files (x86)\Razer
2024-01-29 23:40 - 2024-01-29 23:40 - 000000000 ___SD C:\Users\elias\AppData\Roaming\Microsoft\SystemCertificates
2024-01-29 23:40 - 2023-06-16 16:33 - 000161920 _____ (Razer Inc) C:\Windows\system32\RazerS3CoinstallerEx.dll
2024-01-29 23:39 - 2024-02-07 00:31 - 000000000 ____D C:\Users\elias
2024-01-29 23:39 - 2024-02-06 10:56 - 000000000 ___SD C:\Users\elias\AppData\Roaming\Microsoft\Protect
2024-01-29 23:39 - 2024-01-29 23:44 - 000000000 ____D C:\Users\elias\AppData\Roaming\Microsoft\Spelling
2024-01-29 23:39 - 2024-01-29 23:41 - 000000000 ____D C:\Users\elias\AppData\Roaming\Microsoft\Windows
2024-01-29 23:39 - 2024-01-29 23:39 - 000000020 ___SH C:\Users\elias\ntuser.ini
2024-01-29 23:39 - 2024-01-29 23:39 - 000000000 ___SD C:\Users\elias\AppData\Roaming\Microsoft\Credentials
2024-01-29 23:38 - 2024-02-09 12:25 - 000000000 ____D C:\ProgramData\NVIDIA
2024-01-29 23:38 - 2024-02-09 10:52 - 000850316 _____ C:\Windows\system32\PerfStringBackup.INI
2024-01-29 23:38 - 2024-01-30 02:07 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2024-01-29 23:38 - 2024-01-30 00:07 - 000000000 ____D C:\Windows\system32\Drivers\NVIDIA Corporation
2024-01-29 23:38 - 2024-01-30 00:00 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2024-01-29 23:37 - 2024-01-19 00:18 - 006942920 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2024-01-29 23:37 - 2024-01-18 12:32 - 000121880 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2024-01-29 23:37 - 2020-10-07 22:33 - 000047232 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhdap64.dll

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-02-09 16:11 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SystemTemp
2024-02-09 15:33 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-02-09 12:11 - 2022-05-07 06:22 - 000000000 ____D C:\Windows\INF
2024-02-09 11:03 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\AppReadiness
2024-02-08 18:30 - 2022-05-07 06:24 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2024-02-08 15:14 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-02-03 11:59 - 2022-05-07 06:17 - 000032768 _____ C:\Windows\system32\config\ELAM
2024-02-03 11:56 - 2022-05-07 06:17 - 000524288 _____ C:\Windows\system32\config\BBI
2024-02-01 17:59 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\LiveKernelReports
2024-01-30 16:06 - 2022-05-07 06:24 - 000000000 ___HD C:\Windows\ELAMBKUP
2024-01-30 12:48 - 2022-05-07 06:17 - 000000000 ____D C:\Windows\CbsTemp
2024-01-30 09:32 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-01-30 09:18 - 2022-05-07 06:24 - 000000000 ____D C:\Program Files\Windows Defender
2024-01-30 09:15 - 2023-12-04 07:30 - 000000000 ____D C:\Windows\system32\Microsoft-Edge-WebView
2024-01-30 09:15 - 2022-05-07 08:39 - 000000000 ___SD C:\Windows\system32\AppV
2024-01-30 09:15 - 2022-05-07 06:24 - 000000000 ___SD C:\Windows\SysWOW64\DiagSvcs
2024-01-30 09:15 - 2022-05-07 06:24 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2024-01-30 09:15 - 2022-05-07 06:24 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2024-01-30 09:15 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\UUS
2024-01-30 09:15 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2024-01-30 09:15 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SysWOW64\setup
2024-01-30 09:15 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SystemResources
2024-01-30 09:15 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\WinMetadata
2024-01-30 09:15 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\setup
2024-01-30 09:15 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2024-01-30 09:15 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\oobe
2024-01-30 09:15 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\appraiser
2024-01-30 09:15 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\ShellExperiences
2024-01-30 09:15 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\ShellComponents
2024-01-30 09:15 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\Provisioning
2024-01-30 09:15 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\PolicyDefinitions
2024-01-30 09:15 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\BrowserCore
2024-01-30 09:15 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\bcastdvr
2024-01-30 08:34 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\spool
2024-01-30 08:34 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\AppLocker
2024-01-30 08:32 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\WinBioDatabase
2024-01-30 08:32 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\ServiceState
2024-01-30 08:29 - 2022-05-07 06:24 - 000028672 _____ C:\Windows\system32\config\BCD-Template
2024-01-30 00:54 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\appcompat
2024-01-29 23:57 - 2022-05-07 06:24 - 000000000 ___RD C:\Windows\PrintDialog
2024-01-29 23:57 - 2022-05-07 06:17 - 000000000 ____D C:\Windows\servicing
2024-01-29 23:50 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\WebThreatDefSvc

==================== Files in the root of some directories ========

2024-01-30 11:32 - 2024-01-30 11:32 - 000000017 _____ () C:\Users\elias\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
Click to expand...

And here you have the Additions log instead:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03.02.2024 01
Ran by elias (09-02-2024 17:02:27)
Running from C:\Users\elias\Desktop\Health & Monitoring Utilities
Microsoft Windows 11 Pro Version 23H2 22631.3085 (X64) (2024-01-30 07:32:46)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1583233846-1445360947-1681163233-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1583233846-1445360947-1681163233-503 - Limited - Disabled)
elias (S-1-5-21-1583233846-1445360947-1681163233-1001 - Administrator - Enabled) => C:\Users\elias
Guest (S-1-5-21-1583233846-1445360947-1681163233-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1583233846-1445360947-1681163233-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AMD StoreMI (HKLM\...\{03554C1E-FCBE-4CC3-8EC9-D2FD236842FC}) (Version: 2.1.0.218 - Advanced Micro Devices, Inc.) Hidden
AMD StoreMI (HKLM\...\AMD_StoreMI) (Version: 2.1.0.218 - Advanced Micro Devices, Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
CPUID CPU-Z 1.79.1 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) <==== ATTENTION
CPUID HWMonitor 1.52 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.52 - CPUID, Inc.)
CurseForge (HKU\S-1-5-21-1583233846-1445360947-1681163233-1001\...\Overwolf_cchhcaiapeikjbdbpfplgmpobbcdkdaphclbmkbj) (Version: 0.244.4.1 - Overwolf app)
Discord (HKU\S-1-5-21-1583233846-1445360947-1681163233-1001\...\Discord) (Version: 1.0.9031 - Discord Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 121.0.6167.161 - Google LLC)
League of Legends (HKU\S-1-5-21-1583233846-1445360947-1681163233-1001\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc)
Malwarebytes version 4.6.8.311 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.6.8.311 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 121.0.2277.106 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 121.0.2277.106 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1583233846-1445360947-1681163233-1001\...\OneDriveSetup.exe) (Version: 24.015.0121.0003 - Microsoft Corporation)
Microsoft OneNote - en-us (HKLM\...\OneNoteFreeRetail - en-us) (Version: 16.0.17231.20194 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.36.32532 (HKLM-x32\...\{8bdfe669-9705-4184-9368-db9ce581e0e7}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.36.32532 (HKLM-x32\...\{410c0ee1-00bb-41b6-9772-e12c2828b02f}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.36.32532 (HKLM\...\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.36.32532 (HKLM\...\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.36.32532 (HKLM-x32\...\{C2C59CAB-8766-4ABD-A8EF-1151A36C41E5}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.36.32532 (HKLM-x32\...\{73F77E4E-5A17-46E5-A5FC-8A061047725F}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.27.0.120 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.120 - NVIDIA Corporation)
NVIDIA Graphics Driver 551.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 551.23 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.40.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.40.14 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 30.0.2 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17231.20194 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17231.20194 - Microsoft Corporation) Hidden
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.241.0.10 - Overwolf Ltd.)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.9.0109.011015 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8186 - Realtek Semiconductor Corp.)
Riot Client (HKU\S-1-5-21-1583233846-1445360947-1681163233-1001\...\Riot Game Riot_Client.) (Version: - Riot Games, Inc)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 8.0.1.1000 - Samsung Electronics)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteelSeries GG 56.0.0 (HKLM\...\SteelSeries GG) (Version: 56.0.0 - SteelSeries ApS)
Telegram Desktop (HKU\S-1-5-21-1583233846-1445360947-1681163233-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 4.14.13 - Telegram FZ-LLC)
TITANWOLF GAUNTLET Gaming Mouse (HKLM-x32\...\{1B99311C-56B0-418A-910D-BFAECA2472DE}}_is1) (Version: 1.01.CF - TITANWOLF)
Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.4.5-5 - Wacom Technology Corp.)
Warcraft Logs Companion (HKU\S-1-5-21-1583233846-1445360947-1681163233-1001\...\Overwolf_ecboebafnpgnolnpgppohegbpjbhffiahodgijdp) (Version: 8.2.6 - Overwolf app)
WhoCrashed 7.06 (HKLM\...\WhoCrashed_is1) (Version: 7.06 - Resplendence Software Projects Sp.)
Wondershare Filmora 13(Build 13.2.1.5696) (HKU\S-1-5-21-1583233846-1445360947-1681163233-1001\...\Wondershare Filmora 13_is1) (Version: - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
Wondershare NativePush(Build 1.0.1.0) (HKU\S-1-5-21-1583233846-1445360947-1681163233-1001\...\Wondershare NativePush_is1) (Version: - Wondershare Software)

Packages:
=========
Dev Home -> C:\Program Files\WindowsApps\Microsoft.Windows.DevHome_0.1000.389.0_x64__8wekyb3d8bbwe [2024-02-01] (Microsoft Corporation)
Ink.Handwriting.en-US.1.0 -> C:\Program Files\WindowsApps\Microsoft.Ink.Handwriting.en-US.1.0_0.237.110.0_x64__8wekyb3d8bbwe [2024-01-30] (Microsoft Corporation)
Ink.Handwriting.en-US.1.0 -> C:\Program Files\WindowsApps\Microsoft.Ink.Handwriting.en-US.1.0_0.237.110.0_x86__8wekyb3d8bbwe [2024-01-30] (Microsoft Corporation)
Ink.Handwriting.Main.en-US.1.0 -> C:\Program Files\WindowsApps\Microsoft.Ink.Handwriting.Main.en-US.1.0.1_0.237.110.0_x64__8wekyb3d8bbwe [2024-01-30] (Microsoft Corporation)
Microsoft.WindowsAppRuntime.CBS -> C:\Windows\SystemApps\Microsoft.WindowsAppRuntime.CBS_8wekyb3d8bbwe [2024-01-29] (Microsoft Corporation)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2024-02-01] (NVIDIA Corp.)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.19.1262.0_x64__8wekyb3d8bbwe [2024-02-07] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.230.1135.0_x64__zpdnekdrzrea0 [2024-02-08] (Spotify AB) [Startup Task]
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2401.5.0_x64__cv1g1gvanyjgm [2024-02-05] (WhatsApp Inc.) [Startup Task]
Windows Feature Experience Pack -> C:\Windows\SystemApps\MicrosoftWindows.Client.FileExp_cw5n1h2txyewy [2024-01-30] (Microsoft Corporation)
Xbox Accessories -> C:\Program Files\WindowsApps\Microsoft.XboxDevices_2310.2310.17002.0_x64__8wekyb3d8bbwe [2024-02-04] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1583233846-1445360947-1681163233-1001_Classes\CLSID\{14100442-9664-1407-2647-000000000000}\localserver32 -> C:\Users\elias\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe (Wondershare Technology Group Co.,Ltd -> Wondershare)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-01-30] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_2fe7c165c5dd3267\nvshext.dll [2024-01-19] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-01-30] (Malwarebytes Inc. -> Malwarebytes)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2023-11-09 10:59 - 2023-02-27 21:39 - 001393152 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.Core.Runtime.dll
2024-01-30 00:37 - 2016-07-21 10:54 - 000137728 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2024-01-30 00:37 - 2017-09-12 10:34 - 001506304 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2024-01-29 23:56 - 2023-11-22 14:42 - 002569216 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung Magician\ffmpeg.dll
2024-01-29 23:56 - 2023-11-22 14:42 - 000376320 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung Magician\libegl.dll
2024-01-29 23:56 - 2023-11-22 14:42 - 006620160 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung Magician\libglesv2.dll
2024-01-29 23:56 - 2023-11-22 14:41 - 000143360 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung Magician\resources\app\dist\magutils-napi.node
2024-01-29 23:56 - 2023-11-22 14:41 - 000087040 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung Magician\resources\app\dist\magvibrancy-napi.node
2024-01-29 23:56 - 2023-11-22 14:41 - 000608768 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung Magician\resources\app\dist\uimpewrapper-napi.node
2024-01-29 23:56 - 2023-11-22 14:42 - 004618752 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung Magician\vk_swiftshader.dll
2024-01-29 23:56 - 2023-11-22 14:42 - 000797184 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung Magician\vulkan-1.dll
2024-01-30 00:26 - 2019-06-27 23:02 - 000012800 _____ () [File not signed] C:\Program Files (x86)\TITANWOLF GAUNTLET Gaming Mouse\hidapi.dll
2024-01-30 00:13 - 2024-01-30 00:25 - 165248000 _____ () [File not signed] F:\Battle.net\Battle.net.14589\libcef.dll
2024-01-30 00:13 - 2024-01-30 00:13 - 000379392 _____ () [File not signed] F:\Battle.net\Battle.net.14589\libegl.dll
2024-01-30 00:13 - 2024-01-30 00:13 - 006679040 _____ () [File not signed] F:\Battle.net\Battle.net.14589\libglesv2.dll
2024-01-30 00:14 - 2024-01-30 00:14 - 004325888 _____ () [File not signed] F:\Battle.net\Battle.net.14589\vk_swiftshader.dll
2024-02-06 17:56 - 2024-02-06 17:56 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll
2024-02-06 17:56 - 2024-02-06 17:56 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\root\Office16\c2r64.dll
2024-01-30 00:13 - 2024-01-30 00:13 - 001166336 _____ (The Chromium Authors) [File not signed] F:\Battle.net\Battle.net.14589\chrome_elf.dll
2024-01-30 00:13 - 2024-01-30 00:13 - 000046080 _____ (The Qt Company Ltd.) [File not signed] F:\Battle.net\Battle.net.14589\audio\qtaudio_windows.dll
2024-01-30 00:13 - 2024-01-30 00:13 - 000030720 _____ (The Qt Company Ltd.) [File not signed] F:\Battle.net\Battle.net.14589\iconengines\qsvgicon.dll
2024-01-30 00:13 - 2024-01-30 00:13 - 000027136 _____ (The Qt Company Ltd.) [File not signed] F:\Battle.net\Battle.net.14589\imageformats\qgif.dll
2024-01-30 00:13 - 2024-01-30 00:13 - 000025600 _____ (The Qt Company Ltd.) [File not signed] F:\Battle.net\Battle.net.14589\imageformats\qico.dll
2024-01-30 00:13 - 2024-01-30 00:13 - 000353280 _____ (The Qt Company Ltd.) [File not signed] F:\Battle.net\Battle.net.14589\imageformats\qjpeg.dll
2024-01-30 00:13 - 2024-01-30 00:13 - 000021504 _____ (The Qt Company Ltd.) [File not signed] F:\Battle.net\Battle.net.14589\imageformats\qsvg.dll
2024-01-30 00:13 - 2024-01-30 00:13 - 000352256 _____ (The Qt Company Ltd.) [File not signed] F:\Battle.net\Battle.net.14589\imageformats\qtiff.dll
2024-01-30 00:13 - 2024-01-30 00:13 - 000423424 _____ (The Qt Company Ltd.) [File not signed] F:\Battle.net\Battle.net.14589\imageformats\qwebp.dll
2024-01-30 00:13 - 2024-01-30 00:13 - 001239552 _____ (The Qt Company Ltd.) [File not signed] F:\Battle.net\Battle.net.14589\platforms\qwindows.dll
2024-01-30 00:13 - 2024-01-30 00:13 - 005550592 _____ (The Qt Company Ltd.) [File not signed] F:\Battle.net\Battle.net.14589\Qt5Core.dll
2024-01-30 00:13 - 2024-01-30 00:13 - 005812736 _____ (The Qt Company Ltd.) [File not signed] F:\Battle.net\Battle.net.14589\Qt5Gui.dll
2024-01-30 00:13 - 2024-01-30 00:13 - 000594944 _____ (The Qt Company Ltd.) [File not signed] F:\Battle.net\Battle.net.14589\Qt5Multimedia.dll
2024-01-30 00:13 - 2024-01-30 00:13 - 000915456 _____ (The Qt Company Ltd.) [File not signed] F:\Battle.net\Battle.net.14589\Qt5Network.dll
2024-01-30 00:13 - 2024-01-30 00:13 - 003046400 _____ (The Qt Company Ltd.) [File not signed] F:\Battle.net\Battle.net.14589\Qt5Qml.dll
2024-01-30 00:13 - 2024-01-30 00:13 - 000362496 _____ (The Qt Company Ltd.) [File not signed] F:\Battle.net\Battle.net.14589\Qt5QmlModels.dll
2024-01-30 00:13 - 2024-01-30 00:14 - 003650560 _____ (The Qt Company Ltd.) [File not signed] F:\Battle.net\Battle.net.14589\Qt5Quick.dll
2024-01-30 00:14 - 2024-01-30 00:14 - 000262144 _____ (The Qt Company Ltd.) [File not signed] F:\Battle.net\Battle.net.14589\Qt5Svg.dll
2024-01-30 00:13 - 2024-01-30 00:13 - 004702208 _____ (The Qt Company Ltd.) [File not signed] F:\Battle.net\Battle.net.14589\Qt5Widgets.dll
2024-01-30 00:14 - 2024-01-30 00:14 - 000220160 _____ (The Qt Company Ltd.) [File not signed] F:\Battle.net\Battle.net.14589\Qt5WinExtras.dll
2024-01-30 00:14 - 2024-01-30 00:14 - 000165888 _____ (The Qt Company Ltd.) [File not signed] F:\Battle.net\Battle.net.14589\Qt5Xml.dll
2024-01-30 00:37 - 2017-09-12 10:36 - 000708608 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\elias\Downloads\0009-64bit_Win7_Win8_Win81_Win10_R282.exe:MBAM.Zone.Identifier [188]
AlternateDataStreams: C:\Users\elias\Downloads\MSTeamsSetup_c_l_.exe:MBAM.Zone.Identifier [326]
AlternateDataStreams: C:\Users\elias\Downloads\OBS-Studio-30.0.2-Full-Installer-x64.exe:MBAM.Zone.Identifier [157]
AlternateDataStreams: C:\Users\elias\Downloads\WacomTablet_6.4.5-5.exe:MBAM.Zone.Identifier [159]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-02-06] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2022-05-07 06:24 - 2022-05-07 06:22 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1583233846-1445360947-1681163233-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{EF19CBD3-2154-47F1-939F-AAECBE3939BD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{742AC0EE-6D3B-420F-8DE9-9945F18B5FAF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7EE171F4-2774-4280-BFE1-789B198B15CD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A85EDF09-0C3C-4613-BA60-CB8B8155319B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0CA199BC-1AB9-4303-8BE1-20912954615B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{119F0EF7-9CB4-4E63-82AE-03E9148876C4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D14601D2-CFE4-4822-BF76-AD22390BA935}] => (Allow) F:\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{C2AF90AB-67ED-4293-843F-129AFAB274D1}] => (Allow) F:\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{587443CE-251E-48C2-965C-35FC6228CF5D}] => (Allow) F:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{2F9D7117-C09F-4B55-9F41-BC9910BE21CC}] => (Allow) F:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{6BAB351D-AA71-44FE-A208-B26E61BF17EE}] => (Allow) C:\Users\elias\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe (Wondershare Technology Group Co.,Ltd -> Wondershare)
FirewallRules: [{C1D73ECD-DAD0-4E83-89B4-DE4D61ADA475}] => (Allow) F:\Steam\steamapps\common\SongOfNunu\SongOfNunu.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{7230A31E-DAC6-4D78-9E27-9B28A43903D9}] => (Allow) F:\Steam\steamapps\common\SongOfNunu\SongOfNunu.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{35EA3152-352E-4E69-9812-381380A6CA4D}] => (Allow) F:\Steam\steamapps\common\Stray\Stray.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{628AB30E-A2FF-4B54-8DC0-1DD521292C0D}] => (Allow) F:\Steam\steamapps\common\Stray\Stray.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{11339FA3-7077-4ADF-9D6D-A4A84C889352}] => (Allow) F:\Steam\steamapps\common\Stream Avatars\StreamAvatars.exe () [File not signed]
FirewallRules: [{7AE2C4A8-923F-446C-8056-CEAF16BB156D}] => (Allow) F:\Steam\steamapps\common\Stream Avatars\StreamAvatars.exe () [File not signed]
FirewallRules: [{577C5E3E-CCD8-48FB-A45B-19ED6D99BF57}] => (Allow) F:\Steam\steamapps\common\wallpaper_engine\launcher.exe (Skutta, Kristjan -> )
FirewallRules: [{F98CDB3F-922D-4A97-BA24-9355246F85A7}] => (Allow) F:\Steam\steamapps\common\wallpaper_engine\launcher.exe (Skutta, Kristjan -> )
FirewallRules: [{002D5A30-B609-4A93-AB8B-E303C5D17247}] => (Allow) F:\Overwolf\0.241.0.10\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{39F9293E-97D0-4674-9A16-2CFCCABB68DE}] => (Allow) F:\Overwolf\0.241.0.10\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{56134AB4-4366-4DDD-A2E8-F7D16E2A0E5A}] => (Block) F:\Overwolf\0.241.0.10\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{48761DBE-6D8B-47B6-9E65-8EAAF848D131}] => (Block) F:\Overwolf\0.241.0.10\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{699AD74A-9580-4921-83C5-EB316430B9B4}] => (Allow) F:\Steam\steamapps\common\Valheim\valheim.exe () [File not signed]
FirewallRules: [{2ACD2344-BAB8-4D0D-B519-7FD912FF4021}] => (Allow) F:\Steam\steamapps\common\Valheim\valheim.exe () [File not signed]
FirewallRules: [{F2482FEC-4115-4E01-8286-E6C3197FAEF8}] => (Allow) F:\Steam\steamapps\common\ELDEN RING\Game\start_protected_game.exe (EasyAntiCheat Oy -> Epic Games, Inc.)
FirewallRules: [{8FD2AABD-B329-433D-BA28-C7E9772F7235}] => (Allow) F:\Steam\steamapps\common\ELDEN RING\Game\start_protected_game.exe (EasyAntiCheat Oy -> Epic Games, Inc.)
FirewallRules: [{0BD41F72-9C8F-48BF-B167-DAEEBF2182FE}] => (Allow) F:\Steam\steamapps\common\VRising\VRising.exe (Stunlock Studios AB -> )
FirewallRules: [{97E9EF91-A1DE-495E-AA9D-DD655C3661FB}] => (Allow) F:\Steam\steamapps\common\VRising\VRising.exe (Stunlock Studios AB -> )
FirewallRules: [{405C2014-EBEB-4E9F-A820-4B23B2784C04}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24004.1403.2634.2418_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E1ADCAC6-86D8-45C0-92C4-1975B53918DA}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24004.1403.2634.2418_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2AE63957-B725-4183-88B7-7BCAF4123B7E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.230.1135.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A43EAD76-4B36-411A-8A82-6B89642168C8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.230.1135.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{7B0C542A-D087-4CF7-A11F-4AA229DBAD6D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.230.1135.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{7CA39FC4-5E56-459D-BFAB-10B24A880E20}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.230.1135.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{30D8A5A6-0371-4D42-8F04-D41118AE8F0C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.230.1135.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{3699C1F8-773B-472F-965F-9FA7F2526D51}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.230.1135.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F497AF47-17FD-4212-8D66-442DA686E807}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.230.1135.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{C4FB736C-821A-4555-8A20-B95AF18DB5A9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.230.1135.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{97E462B1-9E03-4A59-B8BB-0DA7B307BE5F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.230.1135.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{9BD167E0-FBF0-40A7-ACC3-7E065A5114BD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.230.1135.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{42E157F5-2384-417C-A42B-0BF08893AF6A}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\121.0.2277.106\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E5FEB3C7-B95B-486B-9613-089EA0D659CE}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

04-02-2024 22:24:40 Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.36.32532
07-02-2024 22:52:55 Windows Update
07-02-2024 22:52:57 Windows Update
07-02-2024 22:53:00 Windows Update

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (02/09/2024 02:06:30 PM) (Source: Application Hang) (EventID: 1002) (User: NT AUTHORITY)
Description: The program Wondershare Filmora.exe version 13.2.1.5696 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Error: (02/08/2024 10:11:52 AM) (Source: SteelSeries GG Update Service Proxy) (EventID: 0) (User: )
Description: Service cannot be started. The handle is invalid

Error: (02/04/2024 10:25:56 PM) (Source: Application Error) (EventID: 1000) (User: EPC)
Description: Faulting application name: SteelSeriesCaptureSvc.exe, version: 1.0.0.1, time stamp: 0x657ae2c9
Faulting module name: ntdll.dll, version: 10.0.22621.3085, time stamp: 0xbced4b82
Exception code: 0xc0000005
Fault offset: 0x0000000000020362
Faulting process id: 0x0x8f5c
Faulting application start time: 0x0x1da57b0b809d433
Faulting application path: C:\Program Files\SteelSeries\GG\apps\moments\SteelSeriesCaptureSvc.exe
Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report Id: d43dc445-cecf-4042-8f4b-77fa53df2473
Faulting package full name:
Faulting package-relative application ID:

Error: (02/01/2024 06:20:07 PM) (Source: Application Error) (EventID: 1000) (User: EPC)
Description: Faulting application name: WindowsPackageManagerServer.exe, version: 1.17.2203.10001, time stamp: 0x622a8641
Faulting module name: WindowsPackageManager.dll, version: 1.17.2203.10001, time stamp: 0x622a8613
Exception code: 0xc0000005
Fault offset: 0x0000000000089bf3
Faulting process id: 0x0x4324
Faulting application start time: 0x0x1da5532e69f9e47
Faulting application path: C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.17.10691.0_x64__8wekyb3d8bbwe\WindowsPackageManagerServer.exe
Faulting module path: C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.17.10691.0_x64__8wekyb3d8bbwe\WindowsPackageManager.dll
Report Id: 07a02f3b-678b-4b3b-b9da-a10df10c4c8a
Faulting package full name: Microsoft.DesktopAppInstaller_1.17.10691.0_x64__8wekyb3d8bbwe
Faulting package-relative application ID: winget

Error: (02/01/2024 02:07:07 PM) (Source: Application Error) (EventID: 1000) (User: EPC)
Description: Faulting application name: WindowsPackageManagerServer.exe, version: 1.17.2203.10001, time stamp: 0x622a8641
Faulting module name: WindowsPackageManager.dll, version: 1.17.2203.10001, time stamp: 0x622a8613
Exception code: 0xc0000005
Fault offset: 0x0000000000089bf3
Faulting process id: 0x0x2258
Faulting application start time: 0x0x1da550f8e808682
Faulting application path: C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.17.10691.0_x64__8wekyb3d8bbwe\WindowsPackageManagerServer.exe
Faulting module path: C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.17.10691.0_x64__8wekyb3d8bbwe\WindowsPackageManager.dll
Report Id: 7d78798b-d900-4f33-8dcf-71ad3efe9914
Faulting package full name: Microsoft.DesktopAppInstaller_1.17.10691.0_x64__8wekyb3d8bbwe
Faulting package-relative application ID: winget

Error: (01/31/2024 03:59:11 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 13) (User: EPC)
Description: C:\Users\elias\AppData\Local\Publishers\8wekyb3d8bbwe\TeamsSharedConfigMicrosoftTeams_8wekyb3d8bbwe-2147024894

Error: (01/31/2024 09:02:39 AM) (Source: Application Error) (EventID: 1000) (User: EPC)
Description: Faulting application name: WindowsPackageManagerServer.exe, version: 1.17.2203.10001, time stamp: 0x622a8641
Faulting module name: WindowsPackageManager.dll, version: 1.17.2203.10001, time stamp: 0x622a8613
Exception code: 0xc0000005
Fault offset: 0x0000000000089bf3
Faulting process id: 0x0x48cc
Faulting application start time: 0x0x1da541bdbcde753
Faulting application path: C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.17.10691.0_x64__8wekyb3d8bbwe\WindowsPackageManagerServer.exe
Faulting module path: C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.17.10691.0_x64__8wekyb3d8bbwe\WindowsPackageManager.dll
Report Id: 049caf55-af97-450b-9efb-c55c15b36899
Faulting package full name: Microsoft.DesktopAppInstaller_1.17.10691.0_x64__8wekyb3d8bbwe
Faulting package-relative application ID: winget

Error: (01/30/2024 09:42:37 PM) (Source: Application Error) (EventID: 1000) (User: EPC)
Description: Faulting application name: WindowsPackageManagerServer.exe, version: 1.17.2203.10001, time stamp: 0x622a8641
Faulting module name: WindowsPackageManager.dll, version: 1.17.2203.10001, time stamp: 0x622a8613
Exception code: 0xc0000005
Fault offset: 0x0000000000089bf3
Faulting process id: 0x0x49e4
Faulting application start time: 0x0x1da53bcdc010cfa
Faulting application path: C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.17.10691.0_x64__8wekyb3d8bbwe\WindowsPackageManagerServer.exe
Faulting module path: C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.17.10691.0_x64__8wekyb3d8bbwe\WindowsPackageManager.dll
Report Id: 0ce579f5-2894-4327-8b76-e9fab5756da3
Faulting package full name: Microsoft.DesktopAppInstaller_1.17.10691.0_x64__8wekyb3d8bbwe
Faulting package-relative application ID: winget


System errors:
=============
Error: (02/09/2024 10:45:35 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 12:54:27 AM on ‎2/‎9/‎2024 was unexpected.

Error: (02/09/2024 10:45:14 AM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
Description: 3221225684A fatal error occurred processing the restoration data.

Error: (02/07/2024 10:53:05 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9NCBCSZSJRSB-SpotifyAB.SpotifyMusic.

Error: (02/07/2024 06:02:30 PM) (Source: DCOM) (EventID: 10010) (User: EPC)
Description: The server Windows.Media.Capture.Internal.AppCaptureShell did not register with DCOM within the required timeout.

Error: (02/06/2024 10:25:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Razer Central Service service terminated unexpectedly. It has done this 1 time(s).

Error: (02/06/2024 09:55:53 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 9:27:57 PM on ‎2/‎6/‎2024 was unexpected.

Error: (02/06/2024 10:57:49 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Razer Synapse Service service.

Error: (02/06/2024 10:56:58 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Razer Synapse Service service.


CodeIntegrity:
===============
Date: 2024-02-09 17:01:27
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. 5003 10/07/2023
Motherboard: ASUSTeK COMPUTER INC. ROG STRIX X570-E GAMING
Processor: AMD Ryzen 9 5900X 12-Core Processor
Percentage of memory in use: 35%
Total physical RAM: 32678.98 MB
Available physical RAM: 21183.64 MB
Total Virtual: 67494.98 MB
Available Virtual: 51135.28 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.02 GB) (Free:142.37 GB) (Model: Samsung SSD 850 SCSI Disk Device) NTFS
Drive d: (New Volume) (Fixed) (Total:1863.02 GB) (Free:1754.73 GB) (Model: ST2000DM006-2DM1 SCSI Disk Device) NTFS
Drive f: (New Volume) (Fixed) (Total:1863.02 GB) (Free:1648.4 GB) (Model: Sabrent Rocket 4 SCSI Disk Device) NTFS

\\?\Volume{5012481d-713e-4412-92bb-5b393365d482}\ () (Fixed) (Total:0.75 GB) (Free:0.08 GB) NTFS
\\?\Volume{388a7537-5b9a-43c1-a616-cffb43b6846d}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 232.9 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 2 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================
Click to expand...
 
#15
We will check with one last tool to be sure.


The Microsoft Safety Scanner is a free Microsoft stand-alone virus scanner that can be used to scan for & remove malware or potentially unwanted items from a system. This tool does not install. It is run on-demand.


This link is for the 64-bit version of MSERT.exe . Be sure you save the file first

Upon completion of the save, Please make sure you Exit out of any other program you might have open so that the sole task is to run the following scan.That goes especially for web browsers, make sure all are fully exited out of and messenger programs are exited and closed as well



Launch MSERT.exe

Accept the agreement terms of Microsoft

Select CUSTOM scan

Look on Scan Options & select CUSTOM scan & then select the C drive to be scanned.

Then start the scan. Have lots of patience. Once you start the scan & you see it started, then leave it be.

Once you see it has started, take a long long break; walk away. Do not pay credence if you see some intermediate early flash messages on screen display. The only things that count are the End result at the end of the run.

Again, any on-screen display about repeat 'infection' is not to be relied on. Ignore those.

We only rely on the end result that is on the log-report-file.



This is likely to run for many hours ( depending on number of files on your machine & the speed of hardware.)

The log is named MSERT.log the log will be at

Windows\debug\msert.log
Please attach that log with your reply

It is normal for the Microsoft Safety Scanner to show 'detections' during the scan process on the screen itself.

It is scanning for basically all bread crumbs or traces of files and registry entries that "might" be or have been part of some infection or previous infection.

That DOES NOT mean the computer is infected. Once the scan has been completed it uploads the log to their Cloud service which then uses Artificial Intelligence to determine if in fact any of the traces are an infection or not.
 
#16
Malnutrition said:
That DOES NOT mean the computer is infected. Once the scan has been completed it uploads the log to their Cloud service which then uses Artificial Intelligence to determine if in fact any of the traces are an infection or not.
Click to expand...

Woah, sounds really sophisticated!
I'll give it a try ASAP and keep you posted on the results, thanks for the assistance!
 
#17
Hello!

Sorry again for the delay, just wanted to keep you updated:
I won't be able to execute the step until Monday.

Once it'll be finished, I'll post here the results of the scan.

Thanks for bearing with me :giggle:
 
#18
Here I am.
I truly apologize for being late!

Scan result of the C disk (the OS disk):

1708420782962.png


Here's the log file:

---------------------------------------------------------------------------------------
Microsoft Safety Scanner v1.403, (build 1.403.3680.0)
Started On Mon Feb 19 23:07:41 2024

Engine: 1.1.23110.2
Signatures: 1.403.3680.0
MpGear: 1.1.16330.1
Run Mode: Interactive Graphical Mode
Successfully Submitted Heartbeat Report
Microsoft Safety Scanner Finished On Mon Feb 19 23:08:36 2024


Return code: 0 (0x0)

---------------------------------------------------------------------------------------
Microsoft Safety Scanner v1.403, (build 1.403.3680.0)
Started On Tue Feb 20 09:29:06 2024

Engine: 1.1.23110.2
Signatures: 1.403.3680.0
MpGear: 1.1.16330.1
Run Mode: Interactive Graphical Mode

Results Summary:
----------------
No infection found.
Successfully Submitted MAPS Report
Successfully Submitted Heartbeat Report
Microsoft Safety Scanner Finished On Tue Feb 20 10:16:39 2024


Return code: 0 (0x0)
Click to expand...
 

Attachments

  • 1708420804093.png
    1708420804093.png
    17.3 KB · Views: 1
Status
Not open for further replies.
Top Bottom
Back
Forums
Resources
Menu