Hello, Welcome to BleepingComputer.
I’m nasdaq and will be helping you.
If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===
You either got hid by a Ransomware or the attack was blocked.
If you are able to open most of your documents then you were hacked.
Navigate to this topic.
Submit a sample of the compromised files for their review.
They will reply and let you know what you are dealing with.
From what we know now, your files are not recoverable.
Your only solution would be to restore the files from a good backup if you have one.
The compromised files can be transferred to a CD or Flash drive.
Should a solution be found in the future you may be able to restore them.
It’s never to late to use common sense to guard against being infected.
Tips on how to prevent ransomware attacks
Good luck.
p.s.
If you have any other issues with this computer please run this program.
Download the Farbar Recovery Scan Tool (FRST).
and save it to a folder on your computer’s Desktop.
Ensure that you are in an Administrator Account
Double-click to run it. When the tool opens click Yes to disclaimer.
Check the boxes as seen here:
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
How to attach a file to your reply:
In the Reply section in the bottom of the topic Click the “more reply Options” button.
Attach the file(s). A 2 Steps process.
Reply to this topic.
Select the “Choose a File” navigate to the location of the File.
Click the file you wish to Attach. <- Step 1.
Click Attach this file. <- Step 2.
Click the Add reply button.
Please post the logs for my review.
Let me know what problems persists.
Wait for further instructions
p.s.
The Farbar program is updated often.
If it’s identified as suspicious by your Anti-Virus program trust it if Downloaded from the link I provided.
You should restore the program from the Quarantine folder.
====
Hello Nasdaq! Thanks for your reply, the file that is in quarantine now is not defined by the site you sent me. By the way i can access everything, what did you mean by “your files are not recoverable” ? Should i go offline and back up everything?
Here’s the attachment and the log
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-12-2021
Ran by archb (administrator) on DESKTOP-13V6LJR (01-12-2021 18:22:38)
Running from C:UsersarchbAppDataLocalTempscoped_dir9948_1178866890
Loaded Profiles: archb
Platform: Microsoft Windows 10 Pro Version 20H2 19042.1348 (X64) Language: English (United Kingdom)
Default browser: Opera
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:Program Files (x86)CoolerMasterPORTALCMService.exe
(Alexey Nicolaychuk -> ) C:Program Files (x86)RivaTuner Statistics ServerEncoderServer.exe
(Alexey Nicolaychuk -> ) C:Program Files (x86)RivaTuner Statistics ServerRTSS.exe
(Alexey Nicolaychuk -> ) C:Program Files (x86)RivaTuner Statistics ServerRTSSHooksLoader64.exe
(Apple Inc. -> Apple Inc.) C:Program FilesBonjourmDNSResponder.exe
(Apple Inc.) C:Program FilesWindowsAppsAppleInc.iCloud_12.5.74.0_x86__nzyj5cx40ttqaiCloudAPSDaemon.exe
(Apple Inc.) C:Program FilesWindowsAppsAppleInc.iCloud_12.5.74.0_x86__nzyj5cx40ttqaiCloudiCloudDrive.exe
(Apple Inc.) C:Program FilesWindowsAppsAppleInc.iCloud_12.5.74.0_x86__nzyj5cx40ttqaiCloudiCloudServices.exe
(Apple Inc.) C:Program FilesWindowsAppsAppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqaAMDS64AppleMobileDeviceProcess.exe
(ASUSTeK Computer Inc. -> ) C:Program Files (x86)ASUSAI Suite IIIDIP4DIPAwayModeDipAwayMode.exe
(ASUSTeK Computer Inc. -> ) C:Program Files (x86)ASUSAI Suite IIIEZ UpdateEzUpdt.exe
(ASUSTeK Computer Inc. -> ASUS) C:Program Files (x86)ASUSArmouryDevicedllArmourySocketServerArmourySocketServer.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:Program Files (x86)ASUSAI Suite IIIAISuite3.exe
(ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.) C:Program Files (x86)ASUSAsusCertServiceAsusCertService.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:Program Files (x86)ASUSAsusFanControlService2.00.92AsusFanControlService.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:Program Files (x86)ASUSAXSP4.00.46atkexComSvc.exe
(Autodesk, Inc. -> Autodesk Inc.) C:Program Files (x86)AutodeskAutodesk Desktop AppAdAppMgrSvc.exe
(Autodesk, Inc. -> Autodesk Inc.) C:WindowsTempAdAppMgrUpdater.exe
(Autodesk, Inc. -> Autodesk) C:Program Files (x86)Common FilesAutodesk SharedAdskLicensing9.2.2.2501AdskLicensingServiceAdskLicensingService.exe
(A-Volute SAS -> A-Volute) C:UsersarchbAppDataLocalNhNotifSyssonicstudioasusns.exe
(A-Volute SAS -> Nahimic) C:WindowsSystem32NahimicService.exe
(A-Volute SAS -> Nahimic) C:WindowsSystem32NahimicSvc64.exe <2>
(A-Volute SAS -> Nahimic) C:WindowsSysWOW64NahimicSvc32.exe <2>
(Brio) [File not signed] C:Program FilesFolderSizeFolderSizeSvc.exe
(Canon Inc. -> ) C:Program Files (x86)CanonIJPLMijplmsvc.exe
(Cooler Master Technology Inc. -> ) C:Program Files (x86)CoolerMasterPORTALcm-blackhawk.exe
(Digital Wave Ltd -> Digital Wave Ltd.) C:Program Files (x86)Common FilesDVDVideoSoftlibapp_updater.exe
(Electronic Arts, Inc. -> Electronic Arts) C:Program FilesElectronic ArtsEA DesktopEA DesktopEABackgroundService.exe
(Flexera Software LLC -> Flexera) C:Program Files (x86)Common FilesMacrovision SharedFlexNet PublisherFNPLicensingService.exe
(Focusrite Audio Engineering Ltd.) [File not signed] C:Program FilesFocusriteFocusrite ControlServerControlServer.exe
(Intel Corporation -> ) C:Program FilesIntelSURQUEENCREEKSurSvc.exe
(Intel Corporation -> ) C:Program FilesIntelSURQUEENCREEKx64esrv_svc.exe
(Intel Corporation -> Intel® Corporation) C:WindowsSysWOW64XtuService.exe
(Intel Corporation -> Intel) C:Program Files (x86)IntelDriver and Support AssistantDSAService.exe
(Intel Corporation -> Intel) C:Program Files (x86)IntelDriver and Support AssistantDSATray.exe
(Intel Corporation -> Intel) C:Program Files (x86)IntelDriver and Support AssistantDSAUpdateService.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:WindowsSystem32DriverStoreFileRepositorydal.inf_amd64_ffc75848a6342fdfjhi_service.exe
(Malwarebytes Inc -> Malwarebytes) C:Program FilesMalwarebytesAnti-MalwareMbamBgNativeMsg.exe
(Malwarebytes Inc -> Malwarebytes) C:Program FilesMalwarebytesAnti-MalwareMBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:Program FilesMalwarebytesAnti-Malwarembamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:Program FilesCommon Filesmicrosoft sharedClickToRunOfficeClickToRun.exe
(Microsoft Corporation) C:Program FilesWindowsAppsMicrosoft.GamingServices_3.59.11001.0_x64__8wekyb3d8bbwegamingservices.exe
(Microsoft Corporation) C:Program FilesWindowsAppsMicrosoft.GamingServices_3.59.11001.0_x64__8wekyb3d8bbwegamingservicesnet.exe
(Microsoft Corporation) C:Program FilesWindowsAppsMicrosoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbweCalculator.exe
(Microsoft Windows -> Microsoft Corporation) C:WindowsImmersiveControlPanelSystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32SecurityHealthHost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:WindowsSystemAppsMicrosoft.Windows.SecHealthUI_cw5n1h2txyewySecHealthUI.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2110.6-0MpCopyAccelerator.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2110.6-0MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2110.6-0NisSrv.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> ) C:Program Files (x86)MSI AfterburnerMSIAfterburner.exe
(NVIDIA Corporation -> Node.js) C:Program Files (x86)NVIDIA CorporationNvNodeNVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:Program FilesNVIDIA CorporationNVIDIA GeForce ExperienceNVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:Program FilesNVIDIA CorporationShadowPlaynvsphelper64.exe
(Nvidia Corporation -> NVIDIA Corporation) C:WindowsSystem32DriverStoreFileRepositorynvmdi.inf_amd64_9dda6a81a12e6ac4Display.NvContainerNVDisplay.Container.exe <2>
(Opera Software AS -> Opera Software) C:UsersarchbAppDataLocalProgramsOpera GX81.0.4196.61opera_crashreporter.exe
(Opera Software AS -> Opera Software) C:UsersarchbAppDataLocalProgramsOpera GXopera.exe <18>
(Oracle America, Inc. -> Oracle Corporation) C:Program Files (x86)Common FilesJavaJava Updatejucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:Program Files (x86)Common FilesJavaJava Updatejusched.exe
(Razer USA Ltd. -> ) C:Program Files (x86)RazerSynapse3UserProcessRazer Synapse Service Process.exe
(Razer USA Ltd. -> Razer Inc) C:Program Files (x86)RazerRazer ServicesGMSGameManagerService.exe
(Razer USA Ltd. -> Razer Inc.) C:Program Files (x86)Razer Chroma SDKbinRzChromaStreamServer.exe
(Razer USA Ltd. -> Razer Inc.) C:Program Files (x86)Razer Chroma SDKbinRzSDKServer.exe
(Razer USA Ltd. -> Razer Inc.) C:Program Files (x86)Razer Chroma SDKbinRzSDKService.exe
(Razer USA Ltd. -> Razer Inc.) C:Program Files (x86)RazerRazer ServicesRazer CentralRazer Central.exe
(Razer USA Ltd. -> Razer Inc.) C:Program Files (x86)RazerRazer ServicesRazer CentralRazerCentralService.exe
(Razer USA Ltd. -> Razer Inc.) C:Program Files (x86)RazerSynapse3ServiceRazer Synapse Service.exe
(Razer USA Ltd. -> Razer Inc.) C:Program Files (x86)RazerSynapse3WPFUIFrameworkRazer Synapse 3 HostRazer Synapse 3.exe
(Razer USA Ltd. -> The CefSharp Authors) C:Program Files (x86)RazerRazer ServicesRazer CentralCefSharp.BrowserSubprocess.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:WindowsSystem32RtkAudUService64.exe <2>
(Riot Games, Inc. -> Riot Games, Inc.) C:Program FilesRiot Vanguardvgtray.exe
(Slack Technologies, Inc. -> Slack Technologies Inc.) C:UsersarchbAppDataLocalslackapp-4.22.0slack.exe <6>
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:Program Files (x86)TeamViewerTeamViewer_Service.exe
(TODO: <Company name>) [File not signed] C:Program Files (x86)ASUSArmouryDevicedllAIOFanSDKArmouryAIOFanServer.exe
(VMware, Inc. -> VMware, Inc.) C:Program Files (x86)Common FilesVMwareUSBvmware-usbarbitrator64.exe
(VMware, Inc. -> VMware, Inc.) C:Program Files (x86)VMwareVMware Playervmware-authd.exe
(VMware, Inc. -> VMware, Inc.) C:WindowsSysWOW64vmnat.exe
(VMware, Inc. -> VMware, Inc.) C:WindowsSysWOW64vmnetdhcp.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM…Run: [AdobeAAMUpdater-1.0] => C:Program Files (x86)Common FilesAdobeOOBEPDAppUWAUpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM…Run: [RtkAudUService] => C:WindowsSystem32RtkAudUService64.exe [1139488 2020-08-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM…Run: [Focusrite Notifier] => C:Program FilesFocusriteusbFocusrite Notifier.exe [5029376 2020-06-02] (Focusrite Audio Engineering, Ltd.) [File not signed]
HKLM…Run: [Riot Vanguard] => C:Program FilesRiot Vanguardvgtray.exe [3180256 2021-08-31] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM-x32…Run: [Acrobat Assistant 8.0] => C:Program Files (x86)AdobeAcrobat DCAcrobatAcrotray.exe [5641776 2020-05-04] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32…Run: [] => [X]
HKLM-x32…Run: [TeamsMachineInstaller] => C:Program Files (x86)Teams InstallerTeams.exe [97229056 2020-04-02] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32…Run: [Autodesk Desktop App] => C:Program Files (x86)AutodeskAutodesk Desktop AppAutodeskDesktopApp.exe [664872 2020-03-04] (Autodesk, Inc. -> Autodesk, Inc.)
HKLM-x32…Run: [SunJavaUpdateSched] => C:Program Files (x86)Common FilesJavaJava Updatejusched.exe [706680 2020-12-09] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32…Run: [Intel Driver & Support Assistant] => C:Program Files (x86)IntelDriver and Support AssistantDSATray.exe [288184 2021-11-10] (Intel Corporation -> Intel)
HKUS-1-5-19…Run: [GoogleDriveFS] => C:Program FilesGoogleDrive File Stream53.0.6.0GoogleDriveFS.exe –startup_mode (No File)
HKUS-1-5-20…Run: [GoogleDriveFS] => C:Program FilesGoogleDrive File Stream53.0.6.0GoogleDriveFS.exe –startup_mode (No File)
HKUS-1-5-21-326162776-1522220037-409783998-1001…Run: [AdobeBridge] => [X]
HKUS-1-5-21-326162776-1522220037-409783998-1001…Run: [CCXProcess] => C:Program FilesAdobeAdobe Creative Cloud ExperienceCCXProcess.exe [648328 2020-03-09] (Adobe Inc. -> Adobe Systems Incorporated)
HKUS-1-5-21-326162776-1522220037-409783998-1001…Run: [Synapse3] => C:Program Files (x86)RazerSynapse3WPFUIFrameworkRazer Synapse 3 HostRazer Synapse 3.exe [3523704 2021-11-12] (Razer USA Ltd. -> Razer Inc.)
HKUS-1-5-21-326162776-1522220037-409783998-1001…Run: [NZXT.CAM] => C:Program FilesNZXT CAMNZXT CAM.exe [110721160 2021-01-07] (NZXT, Inc. -> NZXT, Inc.)
HKUS-1-5-21-326162776-1522220037-409783998-1001…Run: [GogGalaxy] => C:Program Files (x86)GOG GalaxyGalaxyClient.exe /launchViaAutoStart (No File)
HKUS-1-5-21-326162776-1522220037-409783998-1001…Run: [Opera Browser Assistant] => C:UsersarchbAppDataLocalProgramsOperaassistantbrowser_assistant.exe [4105424 2021-10-14] (Opera Software AS -> Opera Software)
HKUS-1-5-21-326162776-1522220037-409783998-1001…Run: [Opera GX Browser Assistant] => C:UsersarchbAppDataLocalProgramsOpera GXassistantbrowser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software)
HKUS-1-5-21-326162776-1522220037-409783998-1001…Run: [com.squirrel.slack.slack] => C:UsersarchbAppDataLocalslackslack.exe [309568 2021-11-12] (Slack Technologies, Inc. -> Slack Technologies Inc.)
HKUS-1-5-18…Run: [GoogleDriveFS] => C:Program FilesGoogleDrive File Stream53.0.6.0GoogleDriveFS.exe –startup_mode (No File)
HKUS-1-5-18…Run: [Synapse3] => C:Program Files (x86)RazerSynapse3WPFUIFrameworkRazer Synapse 3 HostRazer Synapse 3.exe [3523704 2021-11-12] (Razer USA Ltd. -> Razer Inc.)
HKLM…Windows x64Print ProcessorsCanon E410 series Print Processor: C:WindowsSystem32spoolprtprocsx64CNMPDDJ.DLL [30720 2016-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM…PrintMonitorsAdobe PDF Port Monitor: C:Windowssystem32AdobePDF.dll [65488 2020-05-04] (Adobe Inc. -> Adobe Systems Inc)
HKLM…PrintMonitorsCanon BJ Language Monitor E410 series: C:Windowssystem32CNMLMDJ.DLL [484352 2016-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
Startup: C:UsersarchbAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupEvernoteClipper.lnk [2020-08-17]
ShortcutTarget: EvernoteClipper.lnk -> C:UsersarchbAppDataLocalAppsEvernoteEvernoteEvernoteClipper.exe (Evernote Corporation -> Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BootExecute: autocheck autochk /k:C *
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:ProgramDataNTUSER.pol: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {05D028D0-15CD-4856-B684-B2DEC53594AF} – System32TasksMicrosoftOfficeOffice Automatic Updates 2.0 => C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeC2RClient.exe [22654872 2021-11-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {06379EDD-6EDD-4795-9A3A-92F1DED3446E} – System32TasksNvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationUpdate CoreNvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {07566989-20C0-4ECB-B8F9-0B7036F96D5D} – System32TasksASUSAcPowerNotification => C:Program Files (x86)ASUSArmouryDevicedllAcPowerNotificationAcPowerNotification.exe (No File)
Task: {0C3606F6-014D-4D27-A76B-80CC83FCBF6D} – System32TasksNvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvBackendNvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0D086DBC-5FC5-4C55-B5F0-5058EF233834} – System32TasksMicrosoftOfficeOffice Feature Updates => C:Program FilesMicrosoft OfficerootOffice16sdxhelper.exe [138600 2021-11-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {122941bd-5d24-4e32-9d2c-81231404520d} – no filepath
Task: {182000b6-9559-4abf-9b86-be3573b381c9} – no filepath
Task: {189B63EC-E7C7-4222-9FA3-47B2B4D57F9E} – System32TasksASUSNoiseCancelingEngine.exe => C:Program Files (x86)ASUSArmouryDevicedllMBLedSDKNoiseCancelingEngine.exe [1238328 2021-01-21] (ASUSTeK Computer Inc. -> ASUS)
Task: {1B143931-57E1-4D1F-AD14-0F98DE4EDC52} – System32TasksIUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:Program Files (x86)IntelIntel® Update Managerbiniumsvc.exe –automatic (No File)
Task: {1C255EBE-6950-4C89-B00B-3C806758FD06} – System32TasksIntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:Program FilesIntelSURQUEENCREEKUpdaterbinIntelSoftwareAssetManagerService.exe [3075936 2021-09-13] (Intel Corporation -> Intel Corporation)
Task: {213BFCF5-CCB7-451D-9753-765F47A37A58} – System32TasksIntel PTT EK Recertification => C:WindowsSystem32DriverStoreFileRepositoryiclsclient.inf_amd64_75ffca5eec865b4blibIntelPTTEKRecertification.exe [918288 2020-06-11] (Intel® Trust Services -> Intel® Corporation)
Task: {23C185E9-5E3E-4091-94C6-8C9E61E0F376} – System32TasksMozillaFirefox Background Update 308046B0AF4A39CB => C:Program FilesMozilla Firefoxfirefox.exe –MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 –MOZ_LOG_FILE C:ProgramDataMozillaupdates308046B0AF4A39CBbackgroundupdate.moz_log –backgroundtask backgroundupdate
Task: {23C36F6A-A675-49A3-A237-E65E72DAF854} – System32TasksNahimicSvc32Run => C:WindowsSysWOW64NahimicSvc32.exe [829568 2021-05-27] (A-Volute SAS -> Nahimic)
Task: {24fdc4ea-0c1f-405e-b103-9d689abd506f} – no filepath
Task: {25BF32C3-8690-4A6C-969F-919665C0BF96} – System32TasksMicrosoftOfficeOffice ClickToRun Service Monitor => C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeC2RClient.exe [22654872 2021-11-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {26c9e568-bf7f-4166-84a9-e2c3b30e59f6} – no filepath
Task: {280FBF87-9EAC-4BC5-A066-B4EC344BBFC1} – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Cleanup => C:ProgramDataMicrosoftWindows Defenderplatform4.18.2110.6-0MpCmdRun.exe [901056 2021-11-21] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2861A4B4-95B8-4214-8C43-00C0A3B28DA7} – System32TasksNvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationUpdate CoreNvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {29599F24-97F8-475F-9A2E-67A3AA37F28F} – System32TasksG2MUploadTask-S-1-5-21-326162776-1522220037-409783998-1001 => C:UsersarchbAppDataLocalGoToMeeting19932g2mupload.exe [31176 2021-11-12] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {2A14BFCF-A7C3-4A15-B2A0-2ADA7C369ADA} – System32Tasksupdate-sys => C:Program Files (x86)SkillbrainsUpdaterUpdater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {2C8713B3-818B-480E-8486-7CD55B7EA576} – System32TasksMicrosoftOfficeOfficeTelemetryAgentLogOn2016 => C:Program FilesMicrosoft OfficerootOffice16msoia.exe [8314824 2021-11-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {34554038-5ed9-44de-bd0c-d3fd788bde14} – no filepath
Task: {378267e6-5f58-41ed-9e74-371e36b5f125} – no filepath
Task: {37C257A3-A733-4BE7-A4AC-F23DE6132B56} – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Cache Maintenance => C:ProgramDataMicrosoftWindows Defenderplatform4.18.2110.6-0MpCmdRun.exe [901056 2021-11-21] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3c20f2cd-4e01-44ce-b3d3-62676e7c0f4d} – no filepath
Task: {3F2C8D59-3D31-4FD8-B790-3B380262CA80} – System32TasksMicrosoftOfficeOffice Feature Updates Logon => C:Program FilesMicrosoft OfficerootOffice16sdxhelper.exe [138600 2021-11-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {4589AE9A-ABD5-4B3A-BA88-CE50E894FDBF} – System32TasksNVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNVIDIA GeForce ExperienceNVIDIA GeForce Experience.exe [3339120 2021-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {45AA3228-8D1E-456A-8D19-C2E10DD4A8CB} – System32TasksG2MUpdateTask-S-1-5-21-326162776-1522220037-409783998-1001 => C:UsersarchbAppDataLocalGoToMeeting19932g2mupdate.exe [31176 2021-11-12] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {47d7e253-377f-4af8-802e-ade1abb58964} – no filepath
Task: {4D771BAB-2BD9-489D-ADEC-3D998C2C5C9D} – System32TasksOpera scheduled assistant Autoupdate 1593551641 => C:UsersarchbAppDataLocalProgramsOperalauncher.exe [2265296 2021-11-23] (Opera Software AS -> Opera Software) -> –scheduledautoupdate –component-name=assistant –component-path=”C:UsersarchbAppDataLocalProgramsOperaassistant” $(Arg0)
Task: {4EA2D54C-6F31-412E-A322-2598EF165445} – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Scheduled Scan => C:ProgramDataMicrosoftWindows Defenderplatform4.18.2110.6-0MpCmdRun.exe [901056 2021-11-21] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4eb8a8d3-f97e-4469-8b85-218e08998d66} – no filepath
Task: {4FA056D4-D39F-4A6B-B574-827C68242C4D} – System32TasksOpera scheduled Autoupdate 1593551638 => C:UsersarchbAppDataLocalProgramsOperalauncher.exe [2265296 2021-11-23] (Opera Software AS -> Opera Software)
Task: {56BA1ECF-E56C-4E73-83CF-5045650A29A0} – System32TasksUSER_ESRV_SVC_QUEENCREEK => “C:WindowsSystem32Wscript.exe” //B //NoLogo “C:Program FilesIntelSURQUEENCREEKx64task.vbs”
Task: {57876406-1D07-4FD5-B4E6-9BFA73228350} – System32TasksNahimicSvc64Run => C:Windowssystem32NahimicSvc64.exe [1088640 2021-05-27] (A-Volute SAS -> Nahimic)
Task: {61EC45DC-7E36-47B7-AB08-7705ECABBC82} – System32TasksASUSASUS DIPAwayMode => C:Program Files (x86)ASUSAI Suite IIIDIP4DIPAwayModeDipAwayMode.exe [1469288 2020-05-18] (ASUSTeK Computer Inc. -> )
Task: {62e02ba0-d355-48cc-be59-843ee3ebcb14} – no filepath
Task: {63ab5132-42c9-4351-9f22-26d8a11ca6ca} – no filepath
Task: {77f0511b-09b8-4f19-8704-724261ba02db} – no filepath
Task: {796dd24a-a79d-425c-ac67-67feecc18895} – no filepath
Task: {81A0B702-CD60-4D1E-9725-FB7ADF83A59C} – System32TasksASUSP508PowerAgent_sdk => C:Program Files (x86)ASUSArmouryDevicedllShareFromArmouryIIIMouseROG STRIX CARRYP508PowerAgent.exe (No File)
Task: {828CE79F-1D6E-4603-AB3B-06DBBE4A9CB7} – System32TasksNvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvBackendNvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {83E6BD10-CB13-4829-93AC-BE8ACFFCB3A4} – System32TasksOverwolf Updater Task => C:Program Files (x86)OverwolfOverwolfUpdater.exe [2484568 2021-10-31] (Overwolf Ltd -> Overwolf LTD)
Task: {9EA85FFA-8325-47DC-ADA5-B1C2645802DC} – System32TasksIntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:Program FilesIntelSURQUEENCREEKUpdaterbinIntelSoftwareAssetManagerService.exe [3075936 2021-09-13] (Intel Corporation -> Intel Corporation)
Task: {A64E836D-0BE1-44C8-AC1A-9790E14279D7} – System32TasksMozillaFirefox Default Browser Agent 308046B0AF4A39CB => C:Program FilesMozilla Firefoxdefault-browser-agent.exe do-task “308046B0AF4A39CB” <==== ATTENTION
Task: {A95816AA-BBAC-47FE-9AFA-24CA902E2EE4} – System32TasksASUSArmouryAIOFanServer => C:Program Files (x86)ASUSArmouryDevicedllAIOFanSDKArmouryAIOFanServer.exe [1039360 2020-11-10] (TODO: <Company name>) [File not signed]
Task: {AF8378B3-33EB-4D2E-9010-EF25D59A803F} – System32TasksASUSASUS AISuiteIII => C:Program Files (x86)ASUSAI Suite IIIAISuite3.exe [2113072 2020-05-28] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {afbd125b-06bb-41b3-9030-c4d31b63b62e} – no filepath
Task: {b062a5f6-df00-4e1a-99c5-2e29fc655d80} – no filepath
Task: {B26E3797-317B-4A53-B061-2C7E8E56E1B2} – System32TasksASUSGpuFanHelper => C:Program Files (x86)ASUSAI Suite IIIDIP4GpuFanHelper.exe [4329008 2020-04-29] (ASUSTeK Computer Inc. -> TODO: <Company name>)
Task: {B67FBC9A-B11F-4E0A-A46F-7C95AD456D2C} – System32TasksNvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program Files (x86)NVIDIA CorporationNvNodenvnodejslauncher.exe [645488 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B916E261-2BAF-4768-8561-4BFD4B0DBF94} – System32TasksMSIAfterburner => C:Program Files (x86)MSI AfterburnerMSIAfterburner.exe [791608 2021-03-01] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
Task: {BBCF39F0-E1EE-4BB2-9410-889CCF66EE3F} – System32TasksMicrosoftOfficeOfficeTelemetryAgentFallBack2016 => C:Program FilesMicrosoft OfficerootOffice16msoia.exe [8314824 2021-11-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {C41E59BD-2ED5-4F4B-BB0C-35E4850AB011} – System32TasksIntelIntel Telemetry 2 (x86) => C:Program Files (x86)IntelTelemetry 2.0lrio.exe [1652536 2018-11-05] (Intel® Software -> Intel Corporation)
Task: {CCA95B66-9DC3-4D53-BAB3-D441B97943D5} – System32TasksOpera GX scheduled assistant Autoupdate 1638286777 => C:UsersarchbAppDataLocalProgramsOpera GXlauncher.exe [2201808 2021-11-24] (Opera Software AS -> Opera Software) -> –scheduledautoupdate –component-name=assistant –component-path=”C:UsersarchbAppDataLocalProgramsOpera GXassistant” $(Arg0)
Task: {cf9775c0-4a88-479a-9545-b492994d478f} – no filepath
Task: {D2BC4DD3-030B-4B13-8416-BBBE023DE95A} – System32TasksOpera GX scheduled Autoupdate 1637277098 => C:UsersarchbAppDataLocalProgramsOpera GXlauncher.exe [2201808 2021-11-24] (Opera Software AS -> Opera Software)
Task: {d54f6fe4-beae-4766-a9b7-fbe76f04480e} – no filepath
Task: {D592BD67-2B92-4A4A-A110-21712093A59C} – System32TasksASUSArmourySocketServer => C:Program Files (x86)ASUSArmouryDevicedllArmourySocketServerArmourySocketServer.exe [2025488 2021-01-22] (ASUSTeK Computer Inc. -> ASUS)
Task: {D7078531-B6F5-4C04-9B4B-68BCC67243BA} – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Verification => C:ProgramDataMicrosoftWindows Defenderplatform4.18.2110.6-0MpCmdRun.exe [901056 2021-11-21] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D714048E-4502-47D5-85A6-F3E22C1481A6} – System32TasksNvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d “C:Program FilesNVIDIA CorporationNvBackendNvBatteryBoostCheck” -l 3 -f C:ProgramDataNVIDIANvContainerBatteryBoostCheck.log
Task: {d89687b2-4b5e-4292-ace9-9b00cfc828ac} – no filepath
Task: {D9F77F61-D83D-4424-B3C1-129F17F06D07} – System32TasksNvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d “C:Program FilesNVIDIA CorporationNvDriverUpdateCheck” -l 3 -f C:ProgramDataNVIDIANvContainerDriverUpdateCheck.log
Task: {DB228A16-C360-48FC-BFDE-A2C31938A28D} – System32TasksBitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:Program FilesBitdefender Agent26.0.1.198WatchDog.exe repair (No File)
Task: {DEC7BEA2-E096-4BE5-996A-67C0D1AA2DFB} – System32TasksASUSEz Update => C:Program Files (x86)ASUSAI Suite IIIEZ UpdateEzUpdt.exe [1509424 2020-03-31] (ASUSTeK Computer Inc. -> )
Task: {E086EF34-6CF2-4893-876B-582C8FD72A83} – System32TasksAdobe Acrobat Update Task => C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe (No File)
Task: {E60BE7D9-DEAE-4014-A97F-2F69524A4184} – System32TasksNvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvBackendNvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E6FEFFD8-F85A-4A69-87F7-DC94F478D110} – System32TasksNahimicTask32 => C:Windowssystem32..SysWOW64NahimicSvc32.exe [829568 2021-05-27] (A-Volute SAS -> Nahimic)
Task: {E7C01CA7-E393-4B00-9226-0CDE1632BBF6} – System32TasksNahimicTask64 => C:Windowssystem32.NahimicSvc64.exe [1088640 2021-05-27] (A-Volute SAS -> Nahimic)
Task: {ed72f5bc-c228-459e-bc4f-9df0acf6760b} – no filepath
Task: {FA571D29-DF19-422C-9C61-B834BBB40958} – System32TasksRTSS => C:Program Files (x86)RivaTuner Statistics ServerRTSS.exe [420560 2021-03-10] (Alexey Nicolaychuk -> )
Task: {FB19B07F-61C1-49BF-A90E-686668AC5574} – System32Tasksupdate-S-1-5-21-326162776-1522220037-409783998-1001 => C:Program Files (x86)SkillbrainsUpdaterUpdater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {fc29d604-bbc4-484b-b746-4cd81a85f133} – no filepath
Task: {fc5e8b81-5a0e-4c68-b1ef-30116c86923a} – no filepath
Task: {FDA51B97-33F0-41CD-9D9D-5D43B91D31DC} – System32TasksNvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvBackendNvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:WindowsTasksCreateExplorerShellUnelevatedTask.job => C:Windowsexplorer.exe
Task: C:WindowsTasksG2MUpdateTask-S-1-5-21-326162776-1522220037-409783998-1001.job => C:UsersarchbAppDataLocalGoToMeeting19932g2mupdate.exe
Task: C:WindowsTasksG2MUploadTask-S-1-5-21-326162776-1522220037-409783998-1001.job => C:UsersarchbAppDataLocalGoToMeeting19932g2mupload.exe
Task: C:WindowsTasksupdate-S-1-5-21-326162776-1522220037-409783998-1001.job => C:Program Files (x86)SkillbrainsUpdaterUpdater.exe
Task: C:WindowsTasksupdate-sys.job => C:Program Files (x86)SkillbrainsUpdaterUpdater.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 08 C:Program Files (x86)BonjourmdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:Program FilesBonjourmdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
TcpipParameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip..Interfaces{a502ab08-a48a-42fc-8ae4-2288cc756b2f}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:WindowsSystemAppsMicrosoft.MicrosoftEdge_8wekyb3d8bbweAssetsHostExtensionsAutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:WindowsSystemAppsMicrosoft.MicrosoftEdge_8wekyb3d8bbweAssetsBookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:WindowsSystemAppsMicrosoft.MicrosoftEdge_8wekyb3d8bbweAssetsHostExtensionsLearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:WindowsSystemAppsMicrosoft.MicrosoftEdge_8wekyb3d8bbweAssetsHostExtensionsPinJSAPI [not found]
Edge Profile: C:UsersarchbAppDataLocalMicrosoftEdgeUser DataDefault [2021-11-30]
Edge Extension: (Universal Bypass) – C:UsersarchbAppDataLocalMicrosoftEdgeUser DataDefaultExtensionsckiidekccfgninkobmmofopbbdgdclgg [2021-03-28]
Edge Extension: (HTML5 Video Speed Control) – C:UsersarchbAppDataLocalMicrosoftEdgeUser DataDefaultExtensionsdpidphhdlkjaipgecjejekdeheeokfkf [2021-05-03]
Edge Extension: (Malwarebytes Browser Guard) – C:UsersarchbAppDataLocalMicrosoftEdgeUser DataDefaultExtensionsihcjicgdanjaechkgeegckofjjedodee [2021-11-16]
Edge HKLM-x32…EdgeExtension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: rbxvczn8.default
FF ProfilePath: C:UsersarchbAppDataRoamingMozillaFirefoxProfilesrbxvczn8.default [2021-11-19]
FF ProfilePath: C:UsersarchbAppDataRoamingMozillaFirefoxProfiles8c19sxwk.default-release [2021-11-21]
FF Extension: (Tampermonkey) – C:UsersarchbAppDataRoamingMozillaFirefoxProfiles8c19sxwk.de[email protected] [2020-12-12]
FF Extension: (500px save) – C:UsersarchbAppDataRoamingMozillaFirefoxProfiles8c19sxwk.default-releaseExtensions{bb818126-3f7a-4dd1-95ce-bf4f08bbedf8}.xpi [2020-12-12]
FF HKLM…FirefoxExtensions: [[email protected]] – C:Program Files (x86)AdobeAcrobat DCAcrobatBrowserWCFirefoxExtnWebExtnsigned_extnadobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) – C:Program Files (x86)AdobeAcrobat DCAcrobatBrowserWCFirefoxExtnWebExtnsigned_extnadobe_acrobat-1.0-windows.xpi [2020-05-03]
FF HKLM-x32…FirefoxExtensions: [[email protected]] – C:Program Files (x86)AdobeAcrobat DCAcrobatBrowserWCFirefoxExtnWebExtnsigned_extnadobe_acrobat-1.0-windows.xpi
FF Plugin: @java.com/DTPlugin,version=11.281.2 -> C:Program FilesJavajre1.8.0_281bindtpluginnpDeployJava1.dll [2021-02-06] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.281.2 -> C:Program FilesJavajre1.8.0_281binplugin2npjp2.dll [2021-02-06] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:Program FilesMicrosoft OfficerootOffice16NPSPWRAP.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Mozilla Firefoxpluginsnpmeetingjoinpluginoc.dll [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16NPSPWRAP.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:Program Files (x86)AdobeAcrobat DCAcrobatAirnppdf32.dll [2020-05-04] (Adobe Inc. -> Adobe Systems Inc.)
FF ExtraCheck: C:Program Filesmozilla firefoxdefaultsprefbd_js_config.js [2020-12-12] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:Program Filesmozilla firefoxbd_config.cfg [2020-12-12] <==== ATTENTION
Chrome:
=======
CHR HKUS-1-5-21-326162776-1522220037-409783998-1001SOFTWAREGoogleChromeExtensions…ChromeExtension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32…ChromeExtension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32…ChromeExtension: [ihcjicgdanjaechkgeegckofjjedodee]
Opera:
=======
OPR Profile: C:UsersarchbAppDataRoamingOpera SoftwareOpera Stable [2021-10-26]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) – C:UsersarchbAppDataRoamingOpera SoftwareOpera StableExtensionsenegjkbbakeegngfapepobipndnebkdk [2021-10-25]
OPR Extension: (Amazon Assistant Promotion) – C:UsersarchbAppDataRoamingOpera SoftwareOpera StableExtensionskbmoiomgmchbpihhdpabemajcbjpcijk [2021-09-11]
OPR Extension: (Amazon Assistant for Opera) – C:UsersarchbAppDataRoamingOpera SoftwareOpera StableExtensionsmmmbddcnnndpbdflpccgcknaaabgldak [2021-07-29]
StartMenuInternet: (HKUS-1-5-21-326162776-1522220037-409783998-1001) Opera GXStable – “C:UsersarchbAppDataLocalProgramsOpera GXLauncher.exe”
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdAppMgrSvc; C:Program Files (x86)AutodeskAutodesk Desktop AppAdAppMgrSvc.exe [1046904 2020-03-04] (Autodesk, Inc. -> Autodesk Inc.)
R2 AdskLicensingService; C:Program Files (x86)Common FilesAutodesk SharedAdskLicensingCurrentAdskLicensingServiceAdskLicensingService.exe [16926864 2019-08-08] (Autodesk, Inc. -> Autodesk)
R2 asComSvc; C:Program Files (x86)ASUSAXSP4.00.46atkexComSvc.exe [442416 2020-05-28] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsusCertService; C:Program Files (x86)ASUSAsusCertServiceAsusCertService.exe [313008 2020-12-17] (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.)
R2 AsusFanControlService; C:Program Files (x86)ASUSAsusFanControlService2.00.92AsusFanControlService.exe [2072624 2020-05-18] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S2 AsusROGLSLService; C:Program Files (x86)ASUSAsusROGLSLServiceAsusROGLSLService.exe [591176 2021-02-18] (ASUSTeK Computer Inc. -> )
S2 AsusUpdateCheck; C:WindowsSystem32AsusUpdateCheck.exe [1097624 2021-02-15] (ASUSTeK Computer Inc. -> )
R2 ClickToRunSvc; C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeClickToRun.exe [12034464 2021-11-04] (Microsoft Corporation -> Microsoft Corporation)
R2 CMService; C:Program Files (x86)CoolerMasterPORTALCMService.exe [123392 2020-05-11] () [File not signed]
R2 DigitalWave.Update.Service; C:Program Files (x86)Common FilesDVDVideoSoftlibapp_updater.exe [440808 2017-03-22] (Digital Wave Ltd -> Digital Wave Ltd.)
R2 DSAService; C:Program Files (x86)IntelDriver and Support AssistantDSAService.exe [39352 2021-11-10] (Intel Corporation -> Intel)
R3 DSAUpdateService; C:Program Files (x86)IntelDriver and Support AssistantDSAUpdateService.exe [177592 2021-11-10] (Intel Corporation -> Intel)
R2 EABackgroundService; C:Program FilesElectronic ArtsEA DesktopEA DesktopEABackgroundService.exe [10011544 2021-12-01] (Electronic Arts, Inc. -> Electronic Arts)
R2 Focusrite Control Server; C:Program FilesFocusriteFocusrite ControlServerControlServer.exe [1554432 2020-06-02] (Focusrite Audio Engineering Ltd.) [File not signed]
R2 FolderSize; C:Program FilesFolderSizeFolderSizeSvc.exe [163840 2013-02-13] (Brio) [File not signed]
R2 IJPLMSVC; C:Program Files (x86)CanonIJPLMIJPLMSVC.EXE [443344 2020-05-25] (Canon Inc. -> )
R2 MBAMService; C:Program FilesMalwarebytesAnti-MalwareMBAMService.exe [7901368 2021-11-21] (Malwarebytes Inc -> Malwarebytes)
R2 NahimicService; C:Windowssystem32NahimicService.exe [1675392 2021-05-27] (A-Volute SAS -> Nahimic)
S3 OverwolfUpdater; C:Program Files (x86)OverwolfOverwolfUpdater.exe [2484568 2021-10-31] (Overwolf Ltd -> Overwolf LTD)
R2 Razer Chroma SDK Server; C:Program Files (x86)Razer Chroma SDKbinRzSDKServer.exe [1142808 2021-10-19] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:Program Files (x86)Razer Chroma SDKbinRzSDKService.exe [451608 2021-10-19] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma Stream Server; C:Program Files (x86)Razer Chroma SDKbinRzChromaStreamServer.exe [1347640 2021-10-19] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Game Manager Service; C:Program Files (x86)RazerRazer ServicesGMSGameManagerService.exe [254224 2021-10-19] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; C:Program Files (x86)RazerSynapse3ServiceRazer Synapse Service.exe [294520 2021-11-12] (Razer USA Ltd. -> Razer Inc.)
R2 RzActionSvc; C:Program Files (x86)RazerRazer ServicesRazer CentralRazerCentralService.exe [533824 2021-10-21] (Razer USA Ltd. -> Razer Inc.)
S3 Sense; C:Program FilesWindows Defender Advanced Threat ProtectionMsSense.exe [6103464 2021-11-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:Program Files (x86)TeamViewerTeamViewer_Service.exe [13109264 2020-06-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 vgc; C:Program FilesRiot Vanguardvgc.exe [10202040 2021-08-31] (Riot Games, Inc. -> Riot Games, Inc.)
R3 WdNisSvc; C:ProgramDataMicrosoftWindows Defenderplatform4.18.2110.6-0NisSrv.exe [2872024 2021-11-21] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:ProgramDataMicrosoftWindows Defenderplatform4.18.2110.6-0MsMpEng.exe [128376 2021-11-21] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 AfVpnService; “C:Program FilesBitdefenderBitdefender VPNhydra.sdk.windows.service.exe” [X]
S2 bdredline_agent; “C:Program FilesBitdefender Agentredlinebdredline.exe” [X]
R2 NVDisplay.ContainerLocalSystem; C:WindowsSystem32DriverStoreFileRepositorynvmdi.inf_amd64_9dda6a81a12e6ac4Display.NvContainerNVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%NVIDIANVDisplay.ContainerLocalSystem.log -l 3 -d C:WindowsSystem32DriverStoreFileRepositorynvmdi.inf_amd64_9dda6a81a12e6ac4Display.NvContainerpluginsLocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystemLocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleKmdfFilter; C:WindowsSystem32driversAppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:WindowsSystem32driversAppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R1 AsUpIO; C:WindowsSysWow64driversAsUpIO.sys [34112 2019-07-02] (ASUSTeK Computer Inc. -> )
R1 Asusgio2; C:Windowssystem32driversAsIO2.sys [33832 2019-04-09] (ASUSTeK Computer Inc. -> )
R1 Asusgio3; C:Windowssystem32driversAsIO3.sys [43920 2020-12-17] (ASUSTeK Computer Inc. -> )
S3 bduefiscan; C:Windowssystem32DRIVERSbduefiscan.sys [55864 2021-07-09] (Bitdefender SRL -> Bitdefender)
S3 BthA2dp; C:WindowsSystem32driversBthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:WindowsSystem32driversbthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 CMTAC; C:WindowsSystem32driversCMTAC.sys [3791776 2020-05-11] (Microsoft Windows Hardware Compatibility Publisher -> Cooler Master Technology)
S3 DroidCam; C:WindowsSystem32driversdroidcam.sys [32240 2020-04-10] (Microsoft Windows Hardware Compatibility Publisher -> Dev47Apps)
S3 DroidCamVideo; C:WindowsSystem32driversdroidcamvideo.sys [33784 2020-10-04] (Microsoft Windows Hardware Compatibility Publisher -> Windows ® Win 7 DDK provider)
R1 EneTechIo; C:Windowssystem32driversene.sys [20992 2020-05-12] (Microsoft Windows Hardware Compatibility Publisher -> )
R1 ESProtectionDriver; C:Windowssystem32driversmbae64.sys [160176 2021-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 FocusritePCIeSwRoot; C:WindowsSystem32driversFocusritePCIeSwRoot.sys [97480 2016-11-16] (Focusrite Audio Engineering Ltd. -> Focusrite Audio Engineering Ltd.)
S3 Focusriteusb; C:WindowsSystem32driversFocusriteusb.sys [123456 2020-06-02] (WDKTestCert builds,132265248139626354 -> Focusrite Audio Engineering Ltd.)
R3 FocusriteusbSwRoot; C:WindowsSystem32driversFocusriteusbSwRoot.sys [92568 2020-06-02] (WDKTestCert builds,132265248139626354 -> Focusrite Audio Engineering Ltd.)
S3 Focusriteusb_AUDIO; C:Windowssystem32driversFocusriteusbAudio.sys [87912 2020-06-02] (WDKTestCert builds,132265248139626354 -> Focusrite Audio Engineering Ltd.)
R1 GLCKIO2; C:Windowssystem32driversGLCKIO2.sys [29368 2019-04-24] (ASUSTeK Computer Inc. -> )
S3 Hamachi; C:Windowssystem32DRIVERSHamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
S2 inpoutx64; C:WindowsSystem32Driversinpoutx64.sys [15008 2021-02-19] (Red Fox UK Limited -> Highresolution Enterprises [www.highrez.co.uk])
R4 IOMap; C:Windowssystem32driversIOMap64.sys [34064 2020-05-26] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S3 iVCam; C:Windowssystem32DRIVERSiVCam.sys [1090536 2020-11-02] (Shanghai Yitu Information Technology Co., Ltd. -> e2eSoft)
S3 LGSHidFilt; C:Windowssystem32DRIVERSLGSHidFilt.Sys [64280 2018-08-08] (Logitech -> Logitech Inc.)
S3 LGSUsbFilt; C:Windowssystem32DRIVERSLGSUsbFilt.Sys [41752 2018-08-08] (Logitech -> Logitech Inc.)
S3 logi_joy_bus_enum; C:Windowssystem32driverslogi_joy_bus_enum.sys [38136 2020-06-12] (Logitech Inc -> Logitech)
S3 logi_joy_vir_hid; C:Windowssystem32driverslogi_joy_vir_hid.sys [26672 2020-06-12] (Logitech Inc -> Logitech)
S3 logi_joy_xlcore; C:Windowssystem32driverslogi_joy_xlcore.sys [66808 2020-06-12] (Logitech Inc -> Logitech)
R2 MBAMChameleon; C:WindowsSystem32DriversMbamChameleon.sys [210352 2021-11-30] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:WindowsSystem32DRIVERSMbamElam.sys [19912 2021-11-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:WindowsSystem32DRIVERSfarflt.sys [193448 2021-12-01] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:Windowssystem32DRIVERSmbam.sys [69040 2021-12-01] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:WindowsSystem32Driversmbamswissarmy.sys [248992 2021-12-01] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:Windowssystem32DRIVERSmwac.sys [149424 2021-12-01] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R1 MSIO; C:Windowssystem32driversMsIo64.sys [17424 2020-01-19] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R3 RTCore64; C:Program Files (x86)MSI AfterburnerRTCore64.sys [36824 2020-07-13] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
R3 RzCommon; C:WindowsSystem32driversRzCommon.sys [54632 2021-03-30] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_006c; C:WindowsSystem32driversRzDev_006c.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_025d; C:WindowsSystem32driversRzDev_025d.sys [54168 2020-08-24] (Razer USA Ltd. -> Razer Inc)
S3 RzDev_0306; C:WindowsSystem32driversRzDev_0306.sys [52504 2020-02-17] (Razer USA Ltd. -> Razer Inc)
R2 speedfan; C:WindowsSysWOW64speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 sshid; C:Windowssystem32DRIVERSsshid.sys [57440 2020-10-09] (SteelSeries ApS -> SteelSeries ApS)
S3 ssudmdm; C:Windowssystem32DRIVERSssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 tapnordvpn; C:WindowsSystem32driverstapnordvpn.sys [44896 2020-06-09] (TEFINCOM S.A. -> The OpenVPN Project)
R1 vgk; C:Program FilesRiot Vanguardvgk.sys [8234240 2021-08-30] (Riot Games, Inc. -> Riot Games, Inc.)
S4 vlflt; C:WindowsSystem32DRIVERSvlflt.sys [481696 2021-09-01] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
R1 vmkbd3; C:Windowssystem32DRIVERSvmkbd.sys [52288 2020-06-05] (VMware, Inc. -> VMware, Inc.)
R2 VMnetBridge; C:Windowssystem32DRIVERSvmnetbridge.sys [66368 2020-11-11] (VMware, Inc. -> VMware, Inc.)
R0 vsock; C:WindowsSystem32DRIVERSvsock.sys [103224 2019-08-14] (VMware, Inc. -> VMware, Inc.)
S0 WdBoot; C:WindowsSystem32driverswdWdBoot.sys [48520 2021-11-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:WindowsSystem32driverswdWdFilter.sys [435424 2021-11-21] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:WindowsSystem32driverswdWdNisDrv.sys [86240 2021-11-21] (Microsoft Windows -> Microsoft Corporation)
S3 XSpltVid; C:Windowssystem32DRIVERSXSpltVid.sys [121864 2021-03-17] (Microsoft Windows Hardware Compatibility Publisher -> SplitmediaLabs Limited)
S3 cpuz150; ??C:Windowstempcpuz150cpuz150_x64.sys [X]
S3 MpKsl45e66cd0; ??C:ProgramDataMicrosoftWindows DefenderDefinition Updates{1501FBB9-7D07-4DFE-AD82-1ED571F5DAD7}MpKslDrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-12-01 18:22 – 2021-12-01 18:23 – 000000000 ____D C:FRST
2021-12-01 18:21 – 2021-12-01 18:21 – 002311680 _____ (Farbar) C:UsersarchbDesktopFRST64.exe
2021-12-01 05:02 – 2021-12-01 05:02 – 000000000 _____ C:Usersarchb.node_repl_history
2021-12-01 05:00 – 2021-12-01 05:00 – 000000000 ____D C:UsersarchbAppDataRoamingnpm
2021-12-01 05:00 – 2021-12-01 05:00 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsNode.js
2021-12-01 05:00 – 2021-12-01 05:00 – 000000000 ____D C:Program Filesnodejs
2021-12-01 04:58 – 2021-12-01 04:59 – 028037120 _____ C:UsersarchbDesktopnode-v16.13.0-x64.msi
2021-12-01 04:35 – 2021-12-01 04:42 – 000000000 ____D C:UsersarchbDownloadsPS4 Package Sender 1.2
2021-12-01 04:31 – 2021-12-01 04:31 – 000150067 _____ C:UsersarchbDesktopsender.exe
2021-12-01 01:54 – 2021-12-01 01:54 – 000193448 _____ (Malwarebytes) C:Windowssystem32Driversfarflt.sys
2021-12-01 01:54 – 2021-12-01 01:54 – 000149424 _____ (Malwarebytes) C:Windowssystem32Driversmwac.sys
2021-12-01 01:54 – 2021-12-01 01:54 – 000069040 _____ (Malwarebytes) C:Windowssystem32Driversmbam.sys
2021-11-30 20:25 – 2021-11-30 20:25 – 000176059 _____ C:UsersarchbDownloadsInfographics template (3).mp4
2021-11-30 20:10 – 2021-11-30 20:40 – 000210030 _____ C:Windowsntbtlog.txt
2021-11-30 20:10 – 2021-11-30 20:10 – 000000214 _____ C:WindowsTasksCreateExplorerShellUnelevatedTask.job
2021-11-30 18:55 – 2021-11-30 20:07 – 000000000 ____D C:AdwCleaner
2021-11-30 18:54 – 2021-11-30 18:54 – 008540344 _____ (Malwarebytes) C:UsersarchbDesktopadwcleaner_8.3.1.exe
2021-11-30 18:39 – 2021-11-30 18:39 – 000004478 _____ C:Windowssystem32TasksOpera GX scheduled assistant Autoupdate 1638286777
2021-11-30 04:03 – 2021-11-30 04:03 – 000013007 _____ C:UsersarchbDownloadsThe.Last.Duel.(2021).1080p.WEBRip.DDP-5.1.H265.torrent
2021-11-29 23:07 – 2021-11-29 23:07 – 000243589 _____ C:UsersarchbDesktopdownload.jfif
2021-11-29 19:45 – 2021-11-29 19:45 – 000000000 ____D C:WindowsLastGood.Tmp
2021-11-29 12:10 – 2021-11-29 12:10 – 000977371 _____ C:UsersarchbDownloadsUntitled (4).mp4
2021-11-29 12:09 – 2021-11-29 12:09 – 001711802 _____ C:UsersarchbDownloadsUntitled (2).mp4
2021-11-29 12:09 – 2021-11-29 12:09 – 000667374 _____ C:UsersarchbDownloadsUntitled (3).mp4
2021-11-29 12:08 – 2021-11-29 12:08 – 000733105 _____ C:UsersarchbDownloadsUntitled (1).mp4
2021-11-29 11:54 – 2021-11-29 11:54 – 001167660 _____ C:UsersarchbDesktopUntitled (1).mp4
2021-11-29 11:48 – 2021-11-29 11:48 – 001167660 _____ C:UsersarchbDownloadsUntitled.mp4
2021-11-29 11:46 – 2021-11-29 11:47 – 001167660 _____ C:UsersarchbDesktopUntitled.mp4
2021-11-28 08:46 – 2021-11-28 08:46 – 000001425 _____ C:Windowssystem32default_error_stack-000020-000000.txt
2021-11-27 19:41 – 2021-11-27 19:43 – 079801314 _____ C:UsersarchbDownloadsbardak sogutucu.mp4
2021-11-27 17:41 – 2021-11-27 17:41 – 000000000 ____D C:UsersarchbDownloadswetransfer_mov-dikey-mov_2021-11-22_2011
2021-11-27 17:40 – 2021-11-27 17:41 – 057800694 _____ C:UsersarchbDownloadsFrostte Uzun Son.mp4
2021-11-27 17:40 – 2021-11-27 17:40 – 050623739 _____ C:UsersarchbDownloadswetransfer_mov-dikey-mov_2021-11-22_2011.zip
2021-11-27 17:18 – 2021-11-27 17:18 – 005552662 _____ C:UsersarchbDownloadsezgif.com-gif-maker.mp4
2021-11-27 17:02 – 2021-11-27 17:02 – 000000000 ____D C:UsersarchbDownloadswetransfer_fotograflar_2021-11-15_0019
2021-11-27 17:02 – 2021-11-27 17:02 – 000000000 ____D C:UsersarchbDownloadsFrostte Uzun
2021-11-27 16:44 – 2021-11-27 16:52 – 662449228 _____ C:UsersarchbDownloadswetransfer_fotograflar_2021-11-15_0019.zip
2021-11-27 16:44 – 2021-11-27 16:46 – 155712039 _____ C:UsersarchbDownloadsFrostte Uzun .zip
2021-11-26 16:04 – 2021-11-26 16:05 – 086704128 _____ C:UsersarchbDownloadsED1234-LAPY20001_00-0000000000000000-A0100-V0131.pkg
2021-11-26 16:04 – 2021-11-26 16:04 – 006619136 _____ C:UsersarchbDownloadsIV0000-BREW00031_00-PATCHINSTA000000.pkg
2021-11-26 16:03 – 2021-11-26 16:03 – 006619136 _____ C:UsersarchbDownloadsStore-R2.pkg
2021-11-26 15:45 – 2021-11-26 15:58 – 062892434 _____ C:UsersarchbDownloadsSNK – Neo Geo Pocket Color.zip
2021-11-26 15:44 – 2021-11-26 16:42 – 288252150 _____ C:UsersarchbDownloadsNintendo – Nintendo Entertainment System.zip
2021-11-26 15:44 – 2021-11-26 16:23 – 196105026 _____ C:UsersarchbDownloadsNintendo – Game Boy.zip
2021-11-26 15:44 – 2021-11-26 15:49 – 013054960 _____ C:UsersarchbDownloadsNintendo – Famicom Disk System.zip
2021-11-26 15:43 – 2021-11-26 15:43 – 003708705 _____ C:UsersarchbDownloadsAtari – 7800.zip
2021-11-26 15:43 – 2021-11-26 15:43 – 001069660 _____ C:UsersarchbDownloadsAtari – 5200.zip
2021-11-26 08:43 – 2021-11-26 08:44 – 1367736320 _____ C:UsersarchbDownloadsCores_Installer_r4.1.pkg
2021-11-26 08:32 – 2021-11-26 08:32 – 028835840 _____ C:UsersarchbDownloadsRetroArch_PS4_r4.pkg
2021-11-26 07:41 – 2021-11-26 07:41 – 000000000 ____D C:UsersarchbAppDataLocalSCE
2021-11-26 07:39 – 2021-11-26 07:39 – 000000000 ____D C:UsersarchbAppDataLocalAutoBackPort
2021-11-26 02:23 – 2021-11-26 02:23 – 000153739 _____ C:UsersarchbDownloads[PS4] Gran Turismo Sport (US) iNTERNAL PS4-CUSA.torrent
2021-11-25 04:46 – 2021-12-01 07:22 – 000000000 ____D C:UsersarchbAppDataRoamingps4remotepkgsender
2021-11-25 04:45 – 2021-11-25 04:45 – 000000000 ____D C:UsersarchbDownloadsps4remotepkgsender-win32-x64
2021-11-25 04:38 – 2021-11-25 04:38 – 056770211 _____ C:UsersarchbDownloadsps4remotepkgsender-win32-x64.zip
2021-11-25 04:38 – 2021-11-25 04:38 – 004259840 _____ C:UsersarchbDownloadsremote_pkg_installer.pkg
2021-11-25 04:29 – 2021-11-25 04:29 – 001543351 _____ C:UsersarchbDownloadsPS4PKGViewer.v1.5-LMAN.rar
2021-11-25 04:29 – 2021-11-25 04:29 – 000000000 ____D C:UsersarchbDownloadsPS4PKGViewer.v1.5-LMAN
2021-11-25 02:52 – 2021-11-25 02:52 – 000099879 _____ C:UsersarchbDownloadsGod.of.War.Remastered.CUSA01715.4.05.pkg.torrent
2021-11-24 21:24 – 2021-11-24 21:24 – 000159649 _____ C:UsersarchbDownloadsInfographics template (2).mp4
2021-11-24 21:23 – 2021-11-24 21:23 – 000744355 _____ C:UsersarchbDownloadsInfographics template (1).mp4
2021-11-23 13:36 – 2021-11-23 13:36 – 000001518 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsIntel Driver & Support Assistant.lnk
2021-11-22 21:13 – 2021-11-22 21:13 – 002585156 _____ C:UsersarchbDownloadsCopy of Copy of Set up your (2).zip
2021-11-22 21:12 – 2021-11-22 21:12 – 002583715 _____ C:UsersarchbDownloadsCopy of Copy of Set up your (1).zip
2021-11-22 21:08 – 2021-11-22 21:08 – 002400871 _____ C:UsersarchbDownloadsCopy of Copy of Set up your.zip
2021-11-22 20:48 – 2021-11-22 20:51 – 000000000 ____D C:UsersarchbDownloadsNew folder
2021-11-21 18:09 – 2021-11-30 20:10 – 000210352 _____ (Malwarebytes) C:Windowssystem32DriversMbamChameleon.sys
2021-11-21 17:58 – 2021-11-21 17:58 – 000000000 ____D C:Windowssystem32TasksMozilla
2021-11-21 17:57 – 2021-12-01 01:54 – 000248992 _____ (Malwarebytes) C:Windowssystem32Driversmbamswissarmy.sys
2021-11-21 17:57 – 2021-11-21 17:57 – 000160176 _____ (Malwarebytes) C:Windowssystem32Driversmbae64.sys
2021-11-21 17:57 – 2021-11-21 17:57 – 000019912 _____ (Malwarebytes) C:Windowssystem32DriversMbamElam.sys
2021-11-21 17:57 – 2021-11-21 17:57 – 000002041 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsMalwarebytes.lnk
2021-11-21 17:57 – 2021-11-21 17:57 – 000002029 _____ C:UsersPublicDesktopMalwarebytes.lnk
2021-11-21 17:56 – 2021-11-21 17:56 – 000000000 ____D C:ProgramDataMalwarebytes
2021-11-21 17:53 – 2021-11-21 17:53 – 000001425 _____ C:Windowssystem32default_error_stack-000019-000000.txt
2021-11-21 17:20 – 2021-11-21 17:20 – 000042265 _____ C:ProgramDatauninstalltool.1637504422.23012.bin
2021-11-21 17:20 – 2021-11-21 17:20 – 000002136 _____ C:ProgramDatauninstalltool.1637504422.1568.bin
2021-11-20 19:32 – 2021-11-20 19:32 – 000160880 _____ C:ProgramDatacl.1637425941.2260.v2.bin
2021-11-20 19:32 – 2021-11-20 19:32 – 000058688 _____ C:ProgramDatacl.1637425941.18076.v2.bin
2021-11-20 19:32 – 2021-11-20 19:32 – 000056220 _____ C:ProgramDataagent.uninstall.1637425927.bdinstall.v2.bin
2021-11-20 19:32 – 2021-11-20 19:32 – 000002860 _____ C:ProgramDatacl.1637425941.5964.v2.bin
2021-11-20 18:11 – 2021-11-20 18:11 – 000160880 _____ C:ProgramDatacl.1637421090.9664.v2.bin
2021-11-20 18:11 – 2021-11-20 18:11 – 000058100 _____ C:ProgramDatacl.1637421090.29228.v2.bin
2021-11-20 18:11 – 2021-11-20 18:11 – 000003112 _____ C:ProgramDatacl.1637421090.17928.v2.bin
2021-11-20 15:18 – 2021-11-20 15:18 – 000026902 _____ C:UsersarchbDownloadsCV_(2021).pdf
2021-11-20 14:39 – 2021-11-20 14:39 – 000181120 _____ C:UsersarchbDownloadsInfographics template.mp4
2021-11-19 16:12 – 2021-11-19 16:12 – 000005500 _____ C:UsersarchbDownloadscontacts.csv
2021-11-19 14:31 – 2021-11-19 14:31 – 000002252 _____ C:UsersarchbDesktopWhatsApp.lnk
2021-11-19 14:31 – 2021-11-19 14:31 – 000000000 ____D C:UsersarchbAppDataLocalWhatsApp
2021-11-19 02:26 – 2021-11-19 02:26 – 000213840 _____ C:ProgramDatavpn.1637277961.bdinstall.v2.bin
2021-11-19 02:26 – 2021-11-19 02:26 – 000000000 ____D C:ProgramDataAnchorFree_Inc
2021-11-19 02:25 – 2021-11-19 02:25 – 000594612 _____ C:ProgramDatacl.1637277635.bdinstall.v2.bin
2021-11-19 02:21 – 2021-11-21 17:18 – 000000000 ____D C:Program FilesBitdefender
2021-11-19 02:21 – 2021-07-09 01:36 – 000055864 _____ (Bitdefender) C:Windowssystem32Driversbduefiscan.sys
2021-11-19 02:11 – 2021-11-30 18:39 – 000004218 _____ C:Windowssystem32TasksOpera GX scheduled Autoupdate 1637277098
2021-11-19 02:11 – 2021-11-30 18:39 – 000001487 _____ C:UsersarchbAppDataRoamingMicrosoftWindowsStart MenuProgramsOpera GX Browser .lnk
2021-11-19 02:11 – 2021-11-19 02:11 – 000001491 _____ C:UsersarchbDesktopOpera GX Browser .lnk
2021-11-19 01:54 – 2021-09-01 12:47 – 000481696 _____ (Bitdefender) C:Windowssystem32Driversvlflt.sys
2021-11-19 01:51 – 2021-12-01 08:58 – 000000000 ____D C:Program FilesMozilla Firefox
2021-11-19 01:48 – 2021-11-21 17:56 – 000000000 ____D C:Program FilesMalwarebytes
2021-11-19 01:45 – 2021-11-19 01:45 – 000094940 _____ C:ProgramDataagent.update.1637275513.bdinstall.v2.bin
2021-11-18 23:58 – 2021-11-19 16:14 – 000000000 ____D C:UsersarchbDesktopErasmus Days
2021-11-16 12:23 – 2021-11-16 12:23 – 000001037 _____ C:UsersarchbAppDataRoaming3501f7ab-c7a1-47f8-97a1-47c792a9889a.tmp
2021-11-15 23:46 – 2021-11-19 14:31 – 000000000 ____D C:UsersarchbAppDataRoamingMicrosoftWindowsStart MenuProgramsWhatsApp
2021-11-15 23:45 – 2021-11-30 19:04 – 000000000 ____D C:UsersarchbAppDataRoamingWhatsApp
2021-11-12 14:03 – 2021-11-12 14:03 – 000223744 _____ C:WindowsSysWOW64TpmTool.exe
2021-11-12 14:03 – 2021-11-12 14:03 – 000060928 _____ C:Windowssystem32runexehelper.exe
2021-11-12 14:03 – 2021-11-12 14:03 – 000011363 _____ C:Windowssystem32DrtmAuthTxt.wim
2021-11-12 14:02 – 2021-11-12 14:02 – 000272384 _____ C:Windowssystem32TpmTool.exe
2021-11-12 13:58 – 2021-11-12 13:58 – 000000000 ___HD C:$WinREAgent
2021-11-09 18:22 – 2021-11-09 18:22 – 000091175 _____ C:UsersarchbDesktopCVFinal.pdf
2021-11-09 17:58 – 2021-11-09 17:58 – 005448425 _____ C:UsersarchbDesktopincir_kids_katalog_whatsupp.pdf
2021-11-09 17:54 – 2021-11-09 17:54 – 001740206 _____ C:UsersarchbDesktopPUP’S GARAGE’19.pdf
2021-11-08 17:22 – 2021-11-08 19:53 – 000000000 ____D C:UsersarchbDesktopjpeg retro
2021-11-08 17:22 – 2021-11-08 17:22 – 001706367 _____ C:UsersarchbDesktopjpeg retro.zip
2021-11-08 03:49 – 2021-11-08 03:53 – 605625636 _____ C:UsersarchbDesktopDexter.S09E01.Cold.Snap.1080p.10bit.WEBRip.6CH.x265.HEVC-PSA.mkv
2021-11-07 14:56 – 2021-11-07 14:56 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsLogitech
2021-11-07 14:56 – 2021-11-07 14:56 – 000000000 ____D C:Program FilesCommon FilesLogiShrd
2021-11-07 14:36 – 2021-11-07 14:36 – 013592048 _____ C:UsersarchbDesktopwebMAN_MOD_1.47.36_Installer.pkg.691.v1.47.36_brewology_com.pkg
2021-11-07 14:35 – 2021-11-07 14:35 – 036049344 _____ C:UsersarchbDesktopmultiMAN_04.85.01_BASE_(20191010).pkg.714.v04.85.01_brewology_com.pkg
2021-11-07 02:57 – 2021-11-07 02:57 – 000040413 _____ C:UsersarchbDesktopRed Dead Redemption.torrent
2021-11-07 02:54 – 2021-11-07 02:54 – 000208037 _____ C:UsersarchbDesktopGod.Of.War.3.PS3-DUPLEX.torrent
2021-11-05 20:18 – 2021-11-05 20:18 – 000131676 _____ C:UsersarchbDesktopSupports ZOOM (1).mp4
2021-11-05 16:53 – 2021-11-05 16:53 – 000172223 _____ C:UsersarchbDesktopAbdullah Kürşat Dursun.docx.pdf
2021-11-05 16:53 – 2021-11-05 16:53 – 000164447 _____ C:UsersarchbDesktopAkile Bilge Demirel.docx.pdf
2021-11-04 12:37 – 2021-11-04 12:37 – 000001154 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsPC Health Check.lnk
2021-11-04 12:37 – 2021-11-04 12:37 – 000000000 ____D C:Program FilesPCHealthCheck
2021-11-02 04:19 – 2021-11-02 04:19 – 000001488 _____ C:UsersarchbDesktopdpa_product_catalog_sample_feed.csv
2021-11-02 04:16 – 2021-11-02 04:16 – 000039742 _____ C:UsersarchbDesktopcatalog_products – Worksheet.csv
2021-11-02 04:10 – 2021-11-02 04:10 – 000009860 _____ C:UsersarchbDesktopcatalog_products.xlsx
2021-11-02 04:07 – 2021-11-02 04:07 – 000036021 _____ C:UsersarchbDesktopFINAL_FACEBOOK_LIST.csv
2021-11-01 21:40 – 2021-11-01 23:45 – 000000000 ____D C:UsersarchbDesktopNew folder (2)
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-12-01 18:18 – 2020-06-12 04:58 – 000000000 ____D C:Windowssystem32SleepStudy
2021-12-01 18:10 – 2021-04-30 01:21 – 000000000 ____D C:UsersarchbAppDataRoamingSlack
2021-12-01 17:16 – 2020-06-12 03:04 – 000845198 _____ C:Windowssystem32PerfStringBackup.INI
2021-12-01 17:16 – 2019-12-07 12:13 – 000000000 ____D C:WindowsINF
2021-12-01 17:12 – 2020-06-12 12:12 – 000000001 _____ C:Windowsvgkbootstatus.dat
2021-12-01 17:11 – 2020-06-12 03:48 – 000000000 ____D C:ProgramDataNVIDIA
2021-12-01 17:10 – 2021-10-25 22:52 – 000000000 ___RD C:UsersarchbiCloudDrive
2021-12-01 17:10 – 2020-06-22 16:03 – 000000000 ____D C:ProgramDataASUS
2021-12-01 17:10 – 2020-06-22 04:24 – 000000000 ____D C:UsersarchbAppDataLocalCrashDumps
2021-12-01 17:09 – 2021-08-12 13:37 – 000003112 _____ C:Windowssystem32TasksNahimicTask32
2021-12-01 17:09 – 2021-08-12 13:37 – 000003092 _____ C:Windowssystem32TasksNahimicTask64
2021-12-01 17:09 – 2020-10-14 02:44 – 000000000 ____D C:UsersarchbAppDataLocalLowIGDump
2021-12-01 17:09 – 2020-08-22 01:28 – 000000000 ____D C:ProgramDataAutodesk
2021-12-01 17:09 – 2020-08-17 00:10 – 000000000 ____D C:ProgramDataVMware
2021-12-01 17:09 – 2020-07-01 15:38 – 000000000 ____D C:Program Files (x86)TeamViewer
2021-12-01 17:09 – 2020-06-12 04:58 – 000008192 ___SH C:DumpStack.log.tmp
2021-12-01 17:09 – 2020-06-12 04:58 – 000000006 ____H C:WindowsTasksSA.DAT
2021-12-01 17:09 – 2020-06-12 03:03 – 000000000 ____D C:Usersarchb
2021-12-01 17:09 – 2019-12-07 12:14 – 000000000 ____D C:ProgramDataregid.1991-06.com.microsoft
2021-12-01 16:39 – 2020-06-12 03:40 – 000000000 ____D C:UsersarchbAppDataRoamingqBittorrent
2021-12-01 16:33 – 2020-06-13 13:20 – 141529560 ____C (Microsoft Corporation) C:Windowssystem32MRT.exe
2021-12-01 15:58 – 2020-12-12 17:34 – 000000000 ____D C:UsersarchbAppDataLocalLowMozilla
2021-12-01 02:39 – 2019-12-07 12:14 – 000000000 ____D C:WindowsAppReadiness
2021-12-01 02:38 – 2019-12-07 12:14 – 000000000 ___HD C:Program FilesWindowsApps
2021-12-01 01:53 – 2019-12-07 12:03 – 000524288 _____ C:Windowssystem32configBBI
2021-11-30 19:52 – 2021-03-25 00:36 – 000000000 ____D C:UsersarchbAppDataRoamingobs-studio
2021-11-30 19:05 – 2021-03-26 02:33 – 000000016 _____ C:UsersarchbAppDataRoamingobs-virtualcam.txt
2021-11-30 08:26 – 2020-06-14 18:52 – 000003142 _____ C:Windowssystem32TasksMSIAfterburner
2021-11-30 04:01 – 2021-09-08 20:50 – 000000000 ____D C:UsersarchbAppDataRoamingAsana
2021-11-30 01:03 – 2021-10-27 21:50 – 000002409 _____ C:UsersarchbDesktopMicrosoft Teams.lnk
2021-11-30 01:03 – 2020-06-12 12:13 – 000002417 _____ C:UsersarchbAppDataRoamingMicrosoftWindowsStart MenuProgramsMicrosoft Teams.lnk
2021-11-29 22:39 – 2021-09-15 18:54 – 000000000 ____D C:UsersarchbDocumentsSANOXY
2021-11-28 08:45 – 2020-06-12 03:19 – 000000000 ____D C:UsersarchbAppDataLocalBattle.net
2021-11-28 03:35 – 2020-06-12 03:14 – 000000000 ____D C:Program Files (x86)Battle.net
2021-11-25 23:06 – 2020-07-01 00:14 – 000004206 _____ C:Windowssystem32TasksOpera scheduled Autoupdate 1593551638
2021-11-25 23:06 – 2020-07-01 00:13 – 000001458 _____ C:UsersarchbAppDataRoamingMicrosoftWindowsStart MenuProgramsOpera browser.lnk
2021-11-25 13:05 – 2020-11-05 01:55 – 000002446 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsMicrosoft Edge.lnk
2021-11-25 03:01 – 2021-03-09 14:23 – 000000000 ____D C:ProgramDataGOG.com
2021-11-24 04:08 – 2020-07-25 22:55 – 000000000 ____D C:UsersarchbAppDataRoamingdiscord
2021-11-24 03:56 – 2020-07-25 22:54 – 000000000 ____D C:UsersarchbAppDataLocalDiscord
2021-11-24 00:54 – 2020-11-16 15:42 – 000000000 ____D C:UsersarchbAppDataLocalElevatedDiagnostics
2021-11-23 13:36 – 2020-06-12 03:51 – 000000000 ____D C:Program Files (x86)Intel
2021-11-23 13:36 – 2020-06-12 03:09 – 000000000 ____D C:ProgramDataPackage Cache
2021-11-23 02:00 – 2021-06-13 11:58 – 000001026 _____ C:UsersPublicDesktopPotPlayer 64 bit.lnk
2021-11-23 01:48 – 2020-06-12 03:28 – 000000000 ____D C:Program Files (x86)Overwatch
2021-11-22 20:59 – 2020-06-12 14:51 – 000000000 ____D C:ProgramDataboost_interprocess
2021-11-22 13:32 – 2020-06-12 03:04 – 000000000 ____D C:ProgramDataPackages
2021-11-21 18:21 – 2020-06-12 04:58 – 000000000 ____D C:Windowssystem32Driverswd
2021-11-21 18:20 – 2019-12-07 12:03 – 000000000 ____D C:WindowsCbsTemp
2021-11-21 18:09 – 2020-12-12 17:34 – 000000000 ____D C:Program Files (x86)Mozilla Maintenance Service
2021-11-21 17:58 – 2020-12-12 17:34 – 000001005 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsFirefox.lnk
2021-11-21 17:58 – 2020-12-12 17:34 – 000000000 ____D C:ProgramDataMozilla
2021-11-21 17:57 – 2019-12-07 12:14 – 000000000 ___HD C:WindowsELAMBKUP
2021-11-21 17:37 – 2020-06-12 03:20 – 000000000 ____D C:UsersarchbAppDataLocalD3DSCache
2021-11-20 18:41 – 2020-06-12 03:07 – 000000000 ____D C:UsersarchbAppDataLocalPackages
2021-11-20 18:32 – 2019-12-07 12:14 – 000000000 ____D C:WindowsLiveKernelReports
2021-11-19 23:56 – 2020-12-04 21:32 – 000000000 ____D C:Program Files (x86)Razer Chroma SDK
2021-11-19 23:56 – 2020-12-02 16:50 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsRazer
2021-11-19 14:31 – 2020-06-20 18:10 – 002224592 _____ (Microsoft Corporation) C:Windowssystem32xgameruntime.dll
2021-11-19 14:31 – 2020-06-20 18:10 – 000217536 _____ (Microsoft Corporation) C:Windowssystem32gamingservicesproxy.dll
2021-11-19 14:31 – 2020-06-20 18:10 – 000131072 _____ (Microsoft Corporation) C:Windowssystem32gamingtcuihelpers.dll
2021-11-19 14:31 – 2020-06-12 12:13 – 000000000 ____D C:UsersarchbAppDataLocalSquirrelTemp
2021-11-19 14:30 – 2020-06-20 18:10 – 000332224 _____ (Microsoft Corporation) C:Windowssystem32gameplatformservices.dll
2021-11-19 14:30 – 2020-06-20 18:10 – 000197048 _____ (Microsoft Corporation) C:Windowssystem32gameconfighelper.dll
2021-11-19 14:30 – 2020-06-20 18:10 – 000061904 _____ (Microsoft Corporation) C:Windowssystem32gamemodcontrol.exe
2021-11-19 07:25 – 2020-11-24 17:54 – 000000059 _____ C:UsersarchbAppDataLocalUserProducts.xml
2021-11-19 07:25 – 2020-11-24 17:54 – 000000000 ____D C:Program Files (x86)Skillbrains
2021-11-19 03:54 – 2020-06-12 03:10 – 000000000 ____D C:Program Files (x86)Google
2021-11-19 02:47 – 2020-06-12 03:10 – 000000000 ____D C:UsersarchbAppDataLocalGoogle
2021-11-19 02:18 – 2020-06-13 13:15 – 000803176 ____N (Microsoft Corporation) C:Windowssystem32MpSigStub.exe
2021-11-19 02:14 – 2020-06-12 20:50 – 000000000 ____D C:Program Files (x86)Steam
2021-11-19 02:11 – 2020-07-01 00:14 – 000000000 ____D C:UsersarchbAppDataLocalOpera Software
2021-11-19 02:10 – 2020-07-01 00:13 – 000000000 ____D C:UsersarchbAppDataRoamingOpera Software
2021-11-19 01:50 – 2019-12-07 12:03 – 000131072 _____ C:Windowssystem32configELAM
2021-11-19 01:45 – 2020-06-20 00:45 – 000003846 _____ C:Windowssystem32TasksBitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2021-11-19 01:07 – 2020-07-26 16:54 – 000007668 _____ C:UsersarchbAppDataLocalResmon.ResmonCfg
2021-11-18 21:47 – 2020-06-12 03:08 – 000003376 _____ C:Windowssystem32TasksOneDrive Standalone Update Task-S-1-5-21-326162776-1522220037-409783998-1001
2021-11-18 21:47 – 2020-06-12 03:03 – 000002432 _____ C:UsersarchbAppDataRoamingMicrosoftWindowsStart MenuProgramsOneDrive.lnk
2021-11-18 08:59 – 2020-11-05 01:55 – 000003480 _____ C:Windowssystem32TasksMicrosoftEdgeUpdateTaskMachineUA
2021-11-18 08:59 – 2020-11-05 01:55 – 000003356 _____ C:Windowssystem32TasksMicrosoftEdgeUpdateTaskMachineCore
2021-11-16 16:45 – 2020-07-12 16:00 – 000000000 ____D C:UsersarchbAppDataRoamingMicrosoftWindowsStart MenuProgramsSteam
2021-11-16 15:47 – 2020-06-12 03:09 – 000000000 ____D C:UsersarchbAppDataLocalPlaceholderTileLogoFolder
2021-11-12 23:29 – 2020-06-12 03:19 – 000000000 ____D C:Program FilesMicrosoft Office
2021-11-12 22:47 – 2021-04-30 01:21 – 000000000 ____D C:UsersarchbAppDataLocalslack
2021-11-12 22:46 – 2021-04-30 01:21 – 000002252 _____ C:UsersarchbDesktopSlack.lnk
2021-11-12 22:46 – 2021-04-30 01:21 – 000000000 ____D C:UsersarchbAppDataRoamingMicrosoftWindowsStart MenuProgramsSlack Technologies Inc
2021-11-12 16:08 – 2021-08-17 15:01 – 000000666 _____ C:WindowsTasksG2MUploadTask-S-1-5-21-326162776-1522220037-409783998-1001.job
2021-11-12 16:08 – 2021-08-17 15:01 – 000000570 _____ C:WindowsTasksG2MUpdateTask-S-1-5-21-326162776-1522220037-409783998-1001.job
2021-11-12 16:08 – 2020-06-12 04:58 – 000476336 _____ C:Windowssystem32FNTCACHE.DAT
2021-11-12 16:07 – 2019-12-07 17:49 – 000000000 ___SD C:Windowssystem32AppV
2021-11-12 16:07 – 2019-12-07 17:49 – 000000000 ____D C:Program FilesWindows Defender Advanced Threat Protection
2021-11-12 16:07 – 2019-12-07 17:45 – 000000000 ____D C:Windowsen-GB
2021-11-12 16:07 – 2019-12-07 12:14 – 000000000 ___SD C:Windowssystem32DiagSvcs
2021-11-12 16:07 – 2019-12-07 12:14 – 000000000 ___RD C:WindowsImmersiveControlPanel
2021-11-12 16:07 – 2019-12-07 12:14 – 000000000 ____D C:WindowsSysWOW64setup
2021-11-12 16:07 – 2019-12-07 12:14 – 000000000 ____D C:WindowsSysWOW64Dism
2021-11-12 16:07 – 2019-12-07 12:14 – 000000000 ____D C:WindowsSystemResources
2021-11-12 16:07 – 2019-12-07 12:14 – 000000000 ____D C:Windowssystem32setup
2021-11-12 16:07 – 2019-12-07 12:14 – 000000000 ____D C:Windowssystem32oobe
2021-11-12 16:07 – 2019-12-07 12:14 – 000000000 ____D C:Windowssystem32Dism
2021-11-12 16:07 – 2019-12-07 12:14 – 000000000 ____D C:WindowsShellExperiences
2021-11-12 16:07 – 2019-12-07 12:14 – 000000000 ____D C:WindowsPolicyDefinitions
2021-11-12 16:07 – 2019-12-07 12:14 – 000000000 ____D C:Windowsbcastdvr
2021-11-12 16:07 – 2019-12-07 12:03 – 000000000 ____D C:Windowsservicing
2021-11-12 14:53 – 2021-08-17 15:01 – 000003832 _____ C:Windowssystem32TasksG2MUploadTask-S-1-5-21-326162776-1522220037-409783998-1001
2021-11-12 14:53 – 2021-08-17 15:01 – 000003736 _____ C:Windowssystem32TasksG2MUpdateTask-S-1-5-21-326162776-1522220037-409783998-1001
2021-11-12 14:53 – 2021-08-17 15:01 – 000000000 ____D C:UsersarchbAppDataLocalGoToMeeting
2021-11-12 13:57 – 2020-06-13 13:20 – 000000000 ____D C:Windowssystem32MRT
2021-11-10 23:05 – 2021-09-08 20:50 – 000002194 _____ C:UsersarchbDesktopAsana.lnk
2021-11-10 23:05 – 2021-09-08 20:50 – 000000000 ____D C:UsersarchbAppDataRoamingMicrosoftWindowsStart MenuProgramsAsana, Inc
2021-11-10 23:05 – 2021-09-08 20:50 – 000000000 ____D C:UsersarchbAppDataLocalAsana
2021-11-10 00:20 – 2021-02-12 04:20 – 000000000 ____D C:Program Files (x86)Overwolf
2021-11-07 14:56 – 2020-06-12 03:25 – 000000000 ____D C:UsersarchbAppDataLocalLogitech
2021-11-07 14:56 – 2020-06-12 03:25 – 000000000 ____D C:ProgramDataLogiShrd
2021-11-03 16:55 – 2021-07-23 03:47 – 000000000 ____D C:UsersarchbDocumentsİncirBebe
2021-11-01 06:07 – 2020-06-12 03:07 – 000000000 __RHD C:UsersPublicAccountPictures
==================== Files in the root of some directories ========
2021-11-16 12:23 – 2021-11-16 12:23 – 000001037 _____ () C:UsersarchbAppDataRoaming3501f7ab-c7a1-47f8-97a1-47c792a9889a.tmp
2020-08-30 01:18 – 2020-08-30 01:18 – 000028672 _____ () C:UsersarchbAppDataRoamingcrash.bin
2021-03-26 02:33 – 2021-11-30 19:05 – 000000016 _____ () C:UsersarchbAppDataRoamingobs-virtualcam.txt
2020-07-05 17:57 – 2020-11-11 15:46 – 000001456 _____ () C:UsersarchbAppDataLocalAdobe Save for Web 13.0 Prefs
2020-08-17 05:26 – 2020-08-17 05:26 – 000000731 _____ () C:UsersarchbAppDataLocalrecently-used.xbel
2020-07-26 16:54 – 2021-11-19 01:07 – 000007668 _____ () C:UsersarchbAppDataLocalResmon.ResmonCfg
2020-11-24 17:54 – 2020-11-24 17:54 – 000000003 _____ () C:UsersarchbAppDataLocalupdater.log
2020-11-24 17:54 – 2021-11-19 07:25 – 000000059 _____ () C:UsersarchbAppDataLocalUserProducts.xml
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Source: https://www.bleepingcomputer.com/forums/t/764107/i-think-i-got-viruses/
