Jump to content

Build Theme!
  •  
  • Unreplied Topics
  • Downloads
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 93101 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

Computer acting weird. Is it malware?

Started by lisavvvv , Oct 11 2022 08:09 PM

  • Please log in to reply
2 replies to this topic

#1 lisavvvv

lisavvvv

    Authentic Member

  • Authentic Member
  • PipPip
  • 57 posts

Posted 11 October 2022 - 08:09 PM

My computer is acting weird lately. Stored passwords aren't correct anymore for some sites that I've just used. Just running weird. My FRST.txt ie below ... thanks in advance!
 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-10-2022
Ran by lisav (administrator) on MSI (Micro-Star International Co., Ltd. Summit E13FlipEvo A11MT) (11-10-2022 22:00:41)
Running from C:\Users\lisav\Downloads
Loaded Profiles: lisav
Platform: Microsoft Windows 11 Home Version 21H2 22000.1042 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(A-Volute SAS -> A-Volute) C:\Users\lisav\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe
(C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\MSI.CentralServer.exe
(C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(C:\Program Files\WindowsApps\AppleInc.iCloud_13.4.101.0_x86__nzyj5cx40ttqa\iCloud\iCloudServices.exe ->) (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_13.4.101.0_x86__nzyj5cx40ttqa\iCloud\iCloudCKKS.exe
(C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20070.685.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\106.0.1370.42\msedgewebview2.exe <6>
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCopyAccelerator.exe
(C:\Windows\UUS\amd64\MoUsoCoreWorker.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoNotificationUx.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_12ed482042e0dee5\igfxCUIServiceN.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_12ed482042e0dee5\igfxEMN.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <90>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\EoAExperiences.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) C:\Program Files (x86)\MSI\MSI Pen\MSI Pen.exe
(Mooii Tech) C:\Program Files\WindowsApps\MooiiTech.PhotoScapeXPro_4.2.1.0_x64__f5eddttrpssna\PhotoScapeXPro\PhotoScapeXPro.exe <3>
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_12ed482042e0dee5\igfxCUIServiceN.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_4ce8bafd96682424\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_003a6d3c4c50c291\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_01a84de97d1d352c\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_625d5a9ea859462f\AS\IAS\IntelAudioService.exe
(services.exe ->) (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\NisSrv.exe
(services.exe ->) (Micro-Star International CO., LTD. -> ) C:\Program Files (x86)\MSI\MSI NBFoundation Service\Sendevsvc.exe
(services.exe ->) (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) C:\Program Files (x86)\MSI\MSI NBFoundation Service\MSIAPService.exe
(services.exe ->) (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) C:\Windows\SysWOW64\MSIService.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Mystic_Light_Service.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_5fb296660a9719a9\RtkAudUService64.exe <2>
(services.exe ->) (Shenzhen Goodix Technology Co., Ltd. -> Goodix) C:\Windows\System32\drivers\GoodixSessionService.exe
(sihost.exe ->) (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_13.4.101.0_x86__nzyj5cx40ttqa\iCloud\ApplePhotoStreams.exe
(sihost.exe ->) (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_13.4.101.0_x86__nzyj5cx40ttqa\iCloud\iCloudDrive.exe
(sihost.exe ->) (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_13.4.101.0_x86__nzyj5cx40ttqa\iCloud\iCloudPhotos.exe
(sihost.exe ->) (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_13.4.101.0_x86__nzyj5cx40ttqa\iCloud\iCloudServices.exe
(sihost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22072.207.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_13.4.101.0_x86__nzyj5cx40ttqa\iCloud\APSDaemon.exe
(svchost.exe ->) (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_13.4.101.0_x86__nzyj5cx40ttqa\iCloud\secd.exe
(svchost.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicSvc64.exe
(svchost.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\SysWOW64\NahimicSvc32.exe
(svchost.exe ->) (A-Volute) C:\Program Files\WindowsApps\A-Volute.Nahimic_1.9.10.0_x64__w2gh52qy24etm\Nahimic3.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Office.OneNote_16001.14326.21146.0_x64__8wekyb3d8bbwe\onenoteim.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20970.0_x64__8wekyb3d8bbwe\HxAccounts.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20970.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20970.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <4>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\amd64\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20070.685.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> ) C:\Program Files (x86)\MSI\One Dragon Center\Base Module\Start_HDR.exe
(svchost.exe ->) (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) C:\Program Files (x86)\MSI\MSI NBFoundation Service\OmApSvcBroker.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\Sound Tune\SoundTune.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_5fb296660a9719a9\RtkAudUService64.exe [3498408 2022-07-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [MSI Pen] => C:\Program Files (x86)\MSI\MSI Pen\MSI Pen.exe [372096 2021-02-23] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [339000 2021-10-26] (Apple Inc. -> Apple Inc.)
HKLM\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Program Files\Microsoft OneDrive\Update\OneDriveSetup.exe" (No File)
HKLM\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Program Files\Microsoft OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKLM\...\RunOnce: [msedge_cleanup_{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}] => C:\Program Files (x86)\Microsoft\EdgeWebView\Application\106.0.1370.42\Installer\setup.exe [3350984 2022-10-11] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1539540075-3642159966-2234323943-1002\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2630024 2022-10-11] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1539540075-3642159966-2234323943-1002\...\Run: [btweb] => "C:\Users\lisav\AppData\Roaming\BitTorrent Web\btweb.exe" /MINIMIZED (No File)
HKU\S-1-5-21-1539540075-3642159966-2234323943-1002\...\Run: [vidnotifier.exe] => C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\vidnotifier\vidnotifier.exe (No File)
HKU\S-1-5-21-1539540075-3642159966-2234323943-1002\...\Run: [MicrosoftEdgeAutoLaunch_82F480B4236B90D55CDCC8044C9CDC65] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3852200 2022-10-06] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\106.0.5249.103\Installer\chrmstp.exe [2022-10-11] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] -> 
HKLM\Software\...\Authentication\Credential Providers: [{f64945df-4fa9-4068-a2fb-61af319edd33}] -> C:\WINDOWS\system32\rdpcredentialprovider.dll [2022-09-26] (Microsoft Windows -> Microsoft Corporation)
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {133ACEFD-B182-49AD-B5E8-9327EAEFDA04} - System32\Tasks\MSI Task Host - LEDKeeper2_Host => C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LEDKeeper2.exe [688880 2022-05-23] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {1BF0A841-79F6-46E0-A99B-105C3D271075} - System32\Tasks\MSI Task Host - Duet => C:\Program Files (x86)\MSI\One Dragon Center\Duet\MSI_Duet.exe (No File)
Task: {29D2E16D-B31B-474E-812D-BFF94ED8008E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-09-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2F6BBEAA-3A8A-4200-AEFE-CF6931A8B009} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26166200 2022-09-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {31F8F128-4176-494E-B919-E8594E7850AB} - System32\Tasks\MicrosoftEdgeShadowStackRollbackTask => C:\Program Files (x86)\Microsoft\Edge\Application\106.0.1370.37\Installer\setup.exe [3350952 2022-10-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {3B651138-A45C-4BBD-900B-A3D2FFB592A0} - System32\Tasks\MSI Task Host - DisplayID => C:\Program Files (x86)\MSI\One Dragon Center\MSI.NotifyServer.exe [100592 2022-05-23] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {52B5FFDA-F5D4-486D-A74A-5DEA96548298} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143248 2022-09-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {5D25A82A-88F4-426D-93B3-48AEBEB05F3D} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [65448 2022-09-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {62A28D8B-EFA4-4959-A91E-199B093B511A} - System32\Tasks\NahimicTask32 => C:\WINDOWS\system32\..\SysWOW64\NahimicSvc32.exe [834760 2022-04-11] (A-Volute SAS -> Nahimic)
Task: {705A0FEB-1328-4541-8A11-B98DB387F738} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1539540075-3642159966-2234323943-1002 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4165504 2022-10-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {705B27A7-0623-42F4-93BC-5763B0AC4647} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-09-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {97B0452E-AA15-4BDF-A60E-815D671FD1F8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-09-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {985B1809-320F-437E-8A9D-4E657682CA5A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-09-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9ADB99C7-AC6A-4ACD-9AA0-847027BFDA2B} - System32\Tasks\NahimicSvc64Run => C:\Windows\system32\NahimicSvc64.exe [1095880 2022-04-11] (A-Volute SAS -> Nahimic)
Task: {9DAE4A62-D674-41A7-A8C6-F1A611523E68} - System32\Tasks\GoogleUpdateTaskMachineUA{DD1B1B2F-CECE-4D20-99F6-0B916934A037} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [168632 2022-06-16] (Google LLC -> Google LLC)
Task: {A9A48678-325C-4C3B-8293-8B3207CB4D1A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {AC35E9F6-8C75-4242-9144-F246D7F2AA8C} - System32\Tasks\OmApSvcBroker => C:\Program Files (x86)\MSI\MSI NBFoundation Service\OmApSvcBroker.exe [719328 2022-06-09] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (No File)
Task: {D79F64CA-4461-4034-A79B-6ACED5AE968A} - System32\Tasks\NahimicSvc32Run => C:\Windows\SysWOW64\NahimicSvc32.exe [834760 2022-04-11] (A-Volute SAS -> Nahimic)
Task: {D99A89A2-8DB5-438A-9D84-0ABFC7C993D5} - System32\Tasks\MSI Task Host - Detect_Monitor => C:\Program Files (x86)\MSI\One Dragon Center\MSI.NotifyServer.exe [100592 2022-05-23] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {DF5FDD03-A3F6-4A53-82E8-39EB8C048364} - System32\Tasks\OneDC_Updater => C:\Users\lisav\OneDrive\Documents\temp\OneDC_Updater\OneDC_Updater.exe [654248 2022-02-21] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) <==== ATTENTION
Task: {E3865976-9D7E-4EE8-B8F4-C348125AD6BD} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143248 2022-09-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {E3C37C9D-A635-45A3-B20A-7E924D0AB0FC} - System32\Tasks\GoogleUpdateTaskMachineCore{5F7E723B-FBD6-497D-83C5-B37C45026E08} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [168632 2022-06-16] (Google LLC -> Google LLC)
Task: {EC809847-4633-495C-A8EA-AF81599B3C0C} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4165504 2022-10-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {F7F097A3-60C7-4EE4-B9FD-CD8AA7445652} - System32\Tasks\NahimicTask64 => C:\WINDOWS\system32\.\NahimicSvc64.exe [1095880 2022-04-11] (A-Volute SAS -> Nahimic)
Task: {FD6E5D49-1574-4D90-BA48-BEF925034676} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26166200 2022-09-22] (Microsoft Corporation -> Microsoft Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{bab438e0-e802-4bf1-ad8a-2ba703327c6a}: [DhcpNameServer] 192.168.1.254
 
Edge: 
=======
Edge Profile: C:\Users\lisav\AppData\Local\Microsoft\Edge\User Data\Default [2022-10-11]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\lisav\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-10-11]
Edge Extension: (VidyoWebConnector) - C:\Users\lisav\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mmedphfiemffkinodeemalghecnicmnh [2022-02-08]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
 
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-07-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-07-09] (Microsoft Corporation -> Microsoft Corporation)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\lisav\AppData\Local\Google\Chrome\User Data\Default [2022-10-11]
CHR Notifications: Default -> hxxps://app.impact.com; hxxps://www.facebook.com; hxxps://www.pinterest.com
CHR DefaultSearchURL: Default -> hxxps://duckduckgo.com/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> duckduckgo.com
CHR DefaultSuggestURL: Default -> hxxps://duckduckgo.com/ac/?q={searchTerms}&type=list
CHR Extension: (Earth View from Google Earth) - C:\Users\lisav\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhloflhklmhfpedakmangadcdofhnnoh [2022-06-16]
CHR Extension: (DuckDuckGo) - C:\Users\lisav\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkdgflcldnnnapblkhphbgpggdiikppg [2022-09-01]
CHR Extension: (Google Docs Offline) - C:\Users\lisav\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-09-01]
CHR Extension: (Tailwind Publisher) - C:\Users\lisav\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkbhgdhhefdphpikedbinecandoigdel [2022-09-14]
CHR Extension: (Pinterest Save Button) - C:\Users\lisav\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2022-10-07]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\lisav\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-10-11]
CHR Extension: (WhatFont) - C:\Users\lisav\AppData\Local\Google\Chrome\User Data\Default\Extensions\jabopobgcpjmedljpbcaablpmlmfcogm [2022-06-16]
CHR Extension: (Grammarly: Grammar Checker and Writing App) - C:\Users\lisav\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2022-10-11]
CHR Extension: (Tag Assistant Legacy (by Google)) - C:\Users\lisav\AppData\Local\Google\Chrome\User Data\Default\Extensions\kejbdjndbnbjgmefkgdddjlbokphdefk [2022-06-16]
CHR Extension: (Capital One Shopping: Add to Chrome for Free) - C:\Users\lisav\AppData\Local\Google\Chrome\User Data\Default\Extensions\nenlahapcbofgnanklpelkaejcehkggg [2022-10-08]
CHR Extension: (Wordtune - AI-powered Writing Companion) - C:\Users\lisav\AppData\Local\Google\Chrome\User Data\Default\Extensions\nllcnknpjnininklegdoijpljgdjkijc [2022-10-03]
CHR Extension: (Chrome Web Store Payments) - C:\Users\lisav\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-06-16]
CHR Extension: (Earth 3D Maps) - C:\Users\lisav\AppData\Local\Google\Chrome\User Data\Default\Extensions\opmibphegngmljhikklndacjdpkmhocp [2022-06-16]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [99104 2021-08-20] (Apple Inc. -> Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12477392 2022-09-22] (Microsoft Corporation -> Microsoft Corporation)
S3 dcsvc; C:\WINDOWS\system32\dcsvc.dll [831488 2022-09-14] (Microsoft Windows -> Microsoft Corporation)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncHelper.exe [3383704 2022-10-11] (Microsoft Corporation -> Microsoft Corporation)
R2 IntelAudioService; C:\WINDOWS\System32\DriverStore\FileRepository\intcoed.inf_amd64_625d5a9ea859462f\\AS\\IAS\\IntelAudioService.exe [532648 2021-11-30] (Intel Corporation -> Intel)
R2 Micro Star SCM; C:\WINDOWS\SysWOW64\MSIService.exe [168416 2022-05-24] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.)
R2 MSI Foundation Service; C:\Program Files (x86)\MSI\MSI NBFoundation Service\MSIAPService.exe [90080 2022-05-13] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.)
R2 MSI Sendevsvc; C:\Program Files (x86)\MSI\MSI NBFoundation Service\Sendevsvc.exe [307624 2021-04-16] (Micro-Star International CO., LTD. -> )
R2 MSI_Central_Service; C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe [147696 2022-05-23] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 Mystic_Light_Service; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Mystic_Light_Service.exe [37616 2022-05-23] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 NahimicService; C:\WINDOWS\system32\NahimicService.exe [1921224 2022-04-11] (A-Volute SAS -> Nahimic)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\22.196.0918.0001\OneDriveUpdaterService.exe [3804040 2022-10-11] (Microsoft Corporation -> Microsoft Corporation)
R2 SessionSvc; C:\WINDOWS\System32\drivers\GoodixSessionService.exe [44176 2021-08-06] (Shenzhen Goodix Technology Co., Ltd. -> Goodix)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\NisSrv.exe [3125112 2022-09-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe [133560 2022-09-07] (Microsoft Windows Publisher -> Microsoft Corporation)
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [507904 2022-02-11] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [180224 2022-02-11] (Microsoft Corporation) [File not signed]
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [98304 2021-06-05] (Microsoft Corporation) [File not signed]
R3 duetbus; C:\WINDOWS\System32\DriverStore\FileRepository\duetbus.inf_amd64_66e44262fc0dd065\duetbus.sys [41736 2020-11-17] (Duet, Inc. -> Duet, Inc.)
R3 iaLPSS2_GPIO2_TGL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_gpio2_tgl.inf_amd64_d0e63c4e3754f42f\iaLPSS2_GPIO2_TGL.sys [128152 2020-08-09] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_I2C_TGL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_i2c_tgl.inf_amd64_ab87bf17a571e523\iaLPSS2_I2C_TGL.sys [197272 2020-08-09] (Intel Corporation -> Intel Corporation)
R3 IntcUSB; C:\WINDOWS\System32\DriverStore\FileRepository\intcusb.inf_amd64_2f4c83f014ffdaee\IntcUSB.sys [882848 2021-11-30] (Intel Corporation -> Intel® Corporation)
R3 IntelGNA; C:\WINDOWS\System32\DriverStore\FileRepository\gna.inf_amd64_689d3d5fefeef458\gna.sys [84880 2021-03-18] (Gaussian Mixture Models and Neural Networks Accelerator -> Intel Corporation)
R3 MpKsld5757113; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CA9B9CAB-F337-42F1-B27F-14F9150945EC}\MpKslDrv.sys [228632 2022-10-11] (Microsoft Windows -> Microsoft Corporation)
R3 Nahimic_Mirroring; C:\WINDOWS\System32\drivers\Nahimic_Mirroring.sys [94784 2022-06-03] (A-Volute SAS -> Windows ® Win 7 DDK provider)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2015-11-05] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-11-05] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49576 2022-09-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [453904 2022-09-07] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [94480 2022-09-07] (Microsoft Windows -> Microsoft Corporation)
R3 WINIO; C:\Program Files (x86)\MSI\MSI NBFoundation Service\KernCoreLib64.sys [25656 2018-11-15] (Micro-Star International CO., LTD. -> )
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
NETSVC: DcSvc -> C:\Windows\system32\dcsvc.dll (Microsoft Corporation)
 
==================== One month (created) (Whitelisted) =========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2022-10-11 22:00 - 2022-10-11 22:01 - 000028371 _____ C:\Users\lisav\Downloads\FRST.txt
2022-10-11 21:59 - 2022-10-11 22:01 - 000000000 ____D C:\FRST
2022-10-11 21:58 - 2022-10-11 21:58 - 002373120 _____ (Farbar) C:\Users\lisav\Downloads\FRST64 (1).exe
2022-10-11 21:43 - 2022-10-11 21:43 - 002373120 _____ (Farbar) C:\Users\lisav\Downloads\FRST64.exe
2022-10-11 07:33 - 2022-10-11 07:33 - 000001591 _____ C:\Users\lisav\Downloads\New Subscribers-10_11_2022, 7_33_53 AM.csv
2022-10-09 09:42 - 2022-10-09 09:42 - 000000588 _____ C:\Users\lisav\Downloads\New Subscribers-10_9_2022, 9_42_17 AM.csv
2022-10-08 09:44 - 2022-10-08 09:44 - 000000268 _____ C:\Users\lisav\Downloads\New Subscribers-10_8_2022, 9_44_50 AM.csv
2022-10-07 23:27 - 2022-10-07 23:27 - 000001129 _____ C:\Users\lisav\Downloads\New Subscribers-10_7_2022, 11_27_23 PM.csv
2022-10-07 00:17 - 2022-10-07 00:17 - 000000899 _____ C:\Users\lisav\Downloads\New Subscribers-10_7_2022, 12_17_29 AM.csv
2022-10-06 22:26 - 2022-10-06 22:27 - 440633969 _____ C:\Users\lisav\Downloads\iCloud Photos (66).zip
2022-10-06 22:26 - 2022-10-06 22:26 - 148475931 _____ C:\Users\lisav\Downloads\iCloud Photos (65).zip
2022-10-06 22:18 - 2022-10-06 22:19 - 440633969 _____ C:\Users\lisav\Downloads\iCloud Photos (64).zip
2022-10-06 19:34 - 2022-10-06 19:38 - 934118257 _____ C:\Users\lisav\Downloads\iCloud Photos (63).zip
2022-10-06 19:31 - 2022-10-06 19:31 - 053439027 _____ C:\Users\lisav\Downloads\iCloud Photos (62).zip
2022-10-06 10:13 - 2022-10-06 10:16 - 521551758 _____ C:\Users\lisav\Downloads\exploding-block-wall-transitions-2022-08-01-21-25-59-utc.zip
2022-10-06 10:13 - 2022-10-06 10:15 - 289684082 _____ C:\Users\lisav\Downloads\glass-screen-breaking-50-transitions-2022-08-12-00-04-02-utc.zip
2022-10-05 14:02 - 2022-10-05 14:03 - 433969362 _____ C:\Users\lisav\Downloads\iCloud Photos (61).zip
2022-10-05 12:32 - 2022-10-05 12:32 - 000000925 _____ C:\Users\lisav\Downloads\New Subscribers-10_5_2022, 12_32_35 PM.csv
2022-10-04 07:51 - 2022-10-04 07:51 - 000000778 _____ C:\Users\lisav\Downloads\New Subscribers-10_4_2022, 7_51_34 AM.csv
2022-10-03 16:53 - 2022-10-03 16:53 - 000000818 _____ C:\Users\lisav\Downloads\New Subscribers-10_3_2022, 4_53_36 PM.csv
2022-10-03 12:13 - 2022-10-03 12:14 - 004211427 _____ C:\Users\lisav\Downloads\vector-set-of-different-halloween-elements-2022-07-30-08-37-28-utc.zip
2022-10-03 12:13 - 2022-10-03 12:13 - 002874607 _____ C:\Users\lisav\Downloads\vector-seamless-pattern-with-halloween-characters-2021-08-29-07-31-27-utc.zip
2022-10-03 12:12 - 2022-10-03 12:12 - 005015055 _____ C:\Users\lisav\Downloads\vector-seamless-pattern-with-cartoon-crazy-monster-2022-07-15-17-26-19-utc.zip
2022-10-03 12:07 - 2022-10-03 12:07 - 000000000 ____D C:\Users\lisav\Downloads\halloween-illustrations-vector-graphics-pack-2022-08-29-19-46-23-utc
2022-10-03 12:04 - 2022-10-03 12:04 - 000000000 ____D C:\Users\lisav\Downloads\halloween-vector-illustrations-2022-08-23-22-33-43-utc
2022-10-03 12:02 - 2022-10-03 12:03 - 293557947 _____ C:\Users\lisav\Downloads\halloween-illustrations-vector-graphics-pack-2022-08-29-19-46-23-utc.zip
2022-10-03 12:02 - 2022-10-03 12:02 - 164278778 _____ C:\Users\lisav\Downloads\halloween-vector-illustrations-2022-08-23-22-33-43-utc.zip
2022-10-03 12:01 - 2022-10-03 12:01 - 011115791 _____ C:\Users\lisav\Downloads\the-red-scarf-portrait-of-a-vampire-2021-10-11-00-13-43-utc.zip
2022-10-03 08:43 - 2022-10-03 08:43 - 000000421 _____ C:\Users\lisav\Downloads\New Subscribers-10_3_2022, 8_43_00 AM.csv
2022-10-02 10:32 - 2022-10-02 10:32 - 000015596 _____ C:\Users\lisav\Downloads\keywords-48e4fadd-dc22-4e09-849b-8a4884c2e5e4.csv
2022-10-02 06:40 - 2022-10-02 06:40 - 000000461 _____ C:\Users\lisav\Downloads\New Subscribers-10_2_2022, 6_40_51 AM.csv
2022-10-01 22:45 - 2022-10-01 22:45 - 000000310 _____ C:\Users\lisav\Downloads\New Subscribers-10_1_2022, 10_45_58 PM.csv
2022-10-01 10:11 - 2022-10-01 10:18 - 310336777 _____ C:\Users\lisav\Downloads\watercolor-christmas-houses-and-trees-clipart-2021-11-09-02-38-50-utc.zip
2022-10-01 07:16 - 2022-10-01 07:16 - 000001950 _____ C:\Users\lisav\Downloads\New Subscribers-10_1_2022, 7_16_54 AM.csv
2022-09-28 13:39 - 2022-09-28 13:39 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2022-09-28 13:22 - 2022-09-28 13:23 - 000029723 _____ C:\Users\lisav\OneDrive\Documents\Presentation 3.pptx
2022-09-28 13:20 - 2022-09-28 13:21 - 000029326 _____ C:\Users\lisav\OneDrive\Documents\Presentation 2.pptx
2022-09-28 13:20 - 2022-09-28 13:19 - 000029543 _____ C:\Users\lisav\OneDrive\Documents\Presentation 1.pptx
2022-09-28 13:19 - 2022-09-28 13:19 - 000029543 _____ C:\Users\lisav\OneDrive\Documents\Presentation.pptx
2022-09-28 12:33 - 2022-09-28 12:33 - 043904977 _____ C:\Users\lisav\Downloads\pumpkin-autumn-watercolor-2021-08-30-02-57-08-utc.zip
2022-09-28 12:31 - 2022-09-28 12:31 - 001382101 _____ C:\Users\lisav\Downloads\halloween-hand-drawn-2021-08-30-02-52-49-utc.zip
2022-09-28 12:24 - 2022-09-28 12:24 - 062697847 _____ C:\Users\lisav\Downloads\wedding-backgrounds-textures-and-patterns-2021-08-26-21-42-02-utc.zip
2022-09-28 12:23 - 2022-09-28 12:24 - 257171007 _____ C:\Users\lisav\Downloads\cheerful-christmas-backgrounds-2021-12-09-05-50-23-utc.zip
2022-09-28 12:00 - 2022-09-28 12:00 - 062708469 _____ C:\Users\lisav\Downloads\SKULLM_1.mp4
2022-09-28 11:53 - 2022-09-28 11:53 - 000167878 _____ C:\Users\lisav\Downloads\All Subscribers-9_28_2022, 11_53_13 AM.csv
2022-09-28 11:52 - 2022-09-28 11:52 - 000001128 _____ C:\Users\lisav\Downloads\New Subscribers-9_28_2022, 11_52_14 AM.csv
2022-09-28 11:51 - 2022-09-28 11:51 - 000000158 _____ C:\Users\lisav\Downloads\All Subscribers-9_28_2022, 11_51_15 AM.csv
2022-09-28 11:48 - 2022-09-28 11:48 - 000000158 _____ C:\Users\lisav\Downloads\New Subscribers-9_28_2022, 11_48_56 AM.csv
2022-09-28 06:42 - 2022-09-28 06:42 - 038228718 _____ C:\Users\lisav\Downloads\big-set-of-autumn-icons-and-illustrations-2021-09-24-16-28-55-utc.zip
2022-09-28 06:42 - 2022-09-28 06:42 - 004388971 _____ C:\Users\lisav\Downloads\wildlife-avatar-flat-outline-icons-2021-10-21-03-02-41-utc.zip
2022-09-28 06:40 - 2022-09-28 06:40 - 010182704 _____ C:\Users\lisav\Downloads\handsketched-roosters-vector-illustartion-2021-08-28-21-05-39-utc.zip
2022-09-28 06:40 - 2022-09-28 06:40 - 006493697 _____ C:\Users\lisav\Downloads\organic-production-set-isolated-elements-2021-09-01-02-26-15-utc.zip
2022-09-28 06:39 - 2022-09-28 06:40 - 484971096 _____ C:\Users\lisav\Downloads\watercolor-eco-village-2021-08-29-11-55-21-utc.zip
2022-09-28 06:39 - 2022-09-28 06:39 - 004618995 _____ C:\Users\lisav\Downloads\agriculture-illustration-2022-02-14-21-36-09-utc.zip
2022-09-28 06:37 - 2022-09-28 06:38 - 285580433 _____ C:\Users\lisav\Downloads\farm-watercolor-illustration-pack-2022-06-20-21-14-19-utc.zip
2022-09-28 06:36 - 2022-09-28 06:36 - 010533320 _____ C:\Users\lisav\Downloads\set-of-scandinavian-animals-flowers-2021-12-09-13-57-12-utc.zip
2022-09-26 18:35 - 2022-09-26 18:35 - 000335872 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-09-26 18:35 - 2022-09-26 18:35 - 000315392 _____ C:\WINDOWS\system32\EsclScan.dll
2022-09-26 18:35 - 2022-09-26 18:35 - 000192512 _____ C:\WINDOWS\system32\EsclProtocol.dll
2022-09-26 18:35 - 2022-09-26 18:35 - 000015667 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-09-26 18:33 - 2022-09-26 18:33 - 000000000 ___HD C:\$WinREAgent
2022-09-26 18:05 - 2022-09-26 18:05 - 000000000 ____D C:\Users\lisav\OneDrive\Documents\Blackmagic Design
2022-09-26 18:03 - 2022-09-26 18:03 - 000000000 ____D C:\Users\lisav\AppData\Roaming\Blackmagic Design
2022-09-26 16:48 - 2022-09-26 18:37 - 000000000 ___RD C:\Users\lisav\Downloads\MicrosoftWindows.Client.CBS_cw5n1h2txyewy!InputApp
2022-09-26 15:01 - 2022-09-26 15:01 - 000000000 ____D C:\Users\lisav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blackmagic Design
2022-09-26 15:01 - 2022-09-26 15:01 - 000000000 ____D C:\ProgramData\Blackmagic Design
2022-09-26 15:01 - 2022-09-26 15:01 - 000000000 ____D C:\Program Files\Blackmagic Design
2022-09-26 15:00 - 2022-09-26 15:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blackmagic Design
2022-09-26 15:00 - 2022-09-26 15:00 - 000000000 ____D C:\Program Files (x86)\Blackmagic Design
2022-09-26 14:48 - 2022-09-26 14:59 - 3176511913 _____ C:\Users\lisav\Downloads\DaVinci_Resolve_18.0.3_Windows.zip
2022-09-26 12:22 - 2022-09-26 12:22 - 000001903 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shotcut.lnk
2022-09-26 12:22 - 2022-09-26 12:22 - 000000000 ____D C:\Program Files\Shotcut
2022-09-26 12:16 - 2022-09-26 12:18 - 103250880 _____ C:\Users\lisav\Downloads\shotcut-win64-220923 (2).exe
2022-09-26 12:01 - 2022-09-26 12:01 - 061361492 _____ C:\Users\lisav\Downloads\group-black-bat-with-yellow-eyes-flying-on-dark-ba-2022-08-10-14-00-16-utc.mov
2022-09-26 11:59 - 2022-09-26 12:00 - 050303988 _____ C:\Users\lisav\Downloads\funny-sheet-ghost-transparent-transition-2022-08-04-17-24-08-utc.mov
2022-09-26 11:58 - 2022-09-26 12:03 - 402609524 _____ C:\Users\lisav\Downloads\skeleton-dance-2022-08-21-06-19-56-utc.mov
2022-09-26 11:56 - 2022-09-26 11:57 - 098643485 _____ C:\Users\lisav\Downloads\shater-skeleton-2022-08-03-03-44-24-utc.zip
2022-09-26 11:55 - 2022-09-26 12:03 - 678531348 _____ C:\Users\lisav\Downloads\dancing-skeleton-loop-2022-08-21-06-17-51-utc.mov
2022-09-26 11:54 - 2022-09-26 12:00 - 569232900 _____ C:\Users\lisav\Downloads\skeletons-ovation-loop-2022-08-21-06-16-49-utc.mov
2022-09-26 11:53 - 2022-09-26 11:54 - 100056756 _____ C:\Users\lisav\Downloads\skeleton-moonwalk-2022-08-21-06-21-55-utc.mov
2022-09-26 11:52 - 2022-09-26 11:52 - 047935784 _____ C:\Users\lisav\Downloads\skeleton-dance-2022-08-03-03-49-48-utc.zip
2022-09-26 11:51 - 2022-09-26 12:03 - 1730598749 _____ C:\Users\lisav\Downloads\skeleton-pack-2022-08-03-02-19-51-utc.zip
2022-09-26 11:32 - 2022-09-26 11:33 - 506917567 _____ C:\Users\lisav\Downloads\happy-halloween-bunting-flag-with-spider-web-2022-08-10-08-59-02-utc.zip
2022-09-26 11:25 - 2022-09-26 11:26 - 157052999 _____ C:\Users\lisav\Downloads\halloween-forest-background-2022-08-04-16-15-20-utc.mov
2022-09-26 11:25 - 2022-09-26 11:26 - 108219142 _____ C:\Users\lisav\Downloads\halloween-2022-08-03-03-39-57-utc.zip
2022-09-26 10:06 - 2022-09-26 10:06 - 000000856 _____ C:\Users\lisav\Downloads\New Subscribers-9_26_2022, 10_06_43 AM.csv
2022-09-25 23:20 - 2022-09-26 19:23 - 000000000 ____D C:\Users\lisav\.openshot_qt
2022-09-25 23:20 - 2022-09-25 23:20 - 000000978 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenShot Video Editor.lnk
2022-09-25 23:20 - 2022-09-25 23:20 - 000000966 _____ C:\Users\Public\Desktop\OpenShot Video Editor.lnk
2022-09-25 23:20 - 2022-09-25 23:20 - 000000000 ____D C:\Program Files\OpenShot Video Editor
2022-09-25 23:17 - 2022-09-25 23:21 - 007911757 _____ C:\Users\lisav\Downloads\Unconfirmed 832813.crdownload
2022-09-25 23:16 - 2022-09-25 23:21 - 035109210 _____ C:\Users\lisav\Downloads\funny-sheet-ghost-transparent-transition-2022-08-04-17-24-08-utc.mov.crdownload
2022-09-25 23:14 - 2022-09-25 23:21 - 118454039 _____ C:\Users\lisav\Downloads\Unconfirmed 151164.crdownload
2022-09-25 23:13 - 2022-09-25 23:21 - 168209099 _____ C:\Users\lisav\Downloads\Unconfirmed 409514.crdownload
2022-09-25 23:11 - 2022-09-25 23:19 - 174584920 _____ (OpenShot Studios, LLC ) C:\Users\lisav\Downloads\OpenShot-v2.6.1-x86_64.exe
2022-09-25 22:53 - 2022-09-25 22:57 - 103250880 _____ C:\Users\lisav\Downloads\shotcut-win64-220923 (1).exe
2022-09-25 21:50 - 2022-09-25 21:50 - 103250880 _____ C:\Users\lisav\Downloads\shotcut-win64-220923.exe
2022-09-25 21:45 - 2022-09-25 21:45 - 025833905 _____ C:\Users\lisav\Downloads\for-halloween-2022-09-02-13-37-36-utc.zip
2022-09-25 21:38 - 2022-09-25 21:40 - 045552397 _____ C:\Users\lisav\Downloads\a-halloween-2022-03-31-00-54-33-utc (1).zip
2022-09-25 21:38 - 2022-09-25 21:39 - 025300103 _____ C:\Users\lisav\Downloads\halloween-2022-03-30-23-37-50-utc.zip
2022-09-25 21:36 - 2022-09-25 21:37 - 030690208 _____ C:\Users\lisav\Downloads\this-is-halloween-2022-09-22-14-43-48-utc.zip
2022-09-25 21:34 - 2022-09-25 21:34 - 019887667 _____ C:\Users\lisav\Downloads\horror-glitch-trailer-2022-03-31-10-09-24-utc.zip
2022-09-25 21:33 - 2022-09-25 21:33 - 001263853 _____ C:\Users\lisav\Downloads\halloween-creepy-musical-transition-2022-08-29-16-14-30-utc.zip
2022-09-25 21:31 - 2022-09-25 21:31 - 001604745 _____ C:\Users\lisav\Downloads\halloween-spooky-fun-transition-2022-08-22-23-52-54-utc.zip
2022-09-25 21:28 - 2022-09-25 21:28 - 000881171 _____ C:\Users\lisav\Downloads\haunted-halloween-horror-d-2022-03-31-13-25-20-utc.zip
2022-09-25 21:27 - 2022-09-25 21:27 - 000945890 _____ C:\Users\lisav\Downloads\vibraphone-halloween-melody-2022-03-30-23-58-38-utc (1).zip
2022-09-25 20:31 - 2022-09-25 20:32 - 182465160 _____ C:\Users\lisav\Downloads\hawe-halloween-vector-toolkit-2022-02-08-22-34-19-utc.zip
2022-09-25 19:44 - 2022-09-25 19:49 - 1581080336 _____ C:\Users\lisav\Downloads\iCloud Photos (60).zip
2022-09-25 19:27 - 2022-09-25 19:27 - 006246922 _____ C:\Users\lisav\Downloads\iCloud Photos (59).zip
2022-09-25 19:21 - 2022-09-25 19:25 - 940794088 _____ C:\Users\lisav\Downloads\iCloud Photos (58).zip
2022-09-25 19:20 - 2022-09-25 19:20 - 065693302 _____ C:\Users\lisav\Downloads\iCloud Photos (57).zip
2022-09-25 19:18 - 2022-09-25 19:20 - 058316635 _____ C:\Users\lisav\Downloads\iCloud Photos (56).zip
2022-09-24 21:09 - 2022-09-24 21:09 - 000088748 _____ C:\Users\lisav\Downloads\Apple-Bread-Muffins-Gluten-Free-Vegan-Recipe-from-Planted365-17-864x1536.jpg (1).webp
2022-09-24 21:08 - 2022-09-24 21:08 - 000088748 _____ C:\Users\lisav\Downloads\Apple-Bread-Muffins-Gluten-Free-Vegan-Recipe-from-Planted365-17-864x1536.jpg.webp
2022-09-24 20:47 - 2022-09-24 20:47 - 000000562 _____ C:\Users\lisav\Downloads\New Subscribers-9_24_2022, 8_47_57 PM.csv
2022-09-24 06:40 - 2022-09-24 06:40 - 000003056 _____ C:\Users\lisav\Downloads\New Subscribers-9_24_2022, 6_40_04 AM.csv
2022-09-22 10:58 - 2022-09-22 10:58 - 000209918 _____ C:\Users\lisav\Downloads\easy-vegan-weekend-menu-pin-it-01cs-841x1536.jpg.webp
2022-09-22 10:54 - 2022-09-22 10:54 - 000000740 _____ C:\Users\lisav\Downloads\New Subscribers-9_22_2022, 10_54_03 AM.csv
2022-09-22 10:23 - 2022-09-22 10:23 - 000045590 _____ C:\Users\lisav\Downloads\Pumpkin-Bread-Bundt-Cake-from-Planted365-Vegan-Gluten-Free-Recipe-03-768x584.jpg.webp
2022-09-21 07:56 - 2022-09-21 07:56 - 000000741 _____ C:\Users\lisav\Downloads\New Subscribers-9_21_2022, 7_56_45 AM.csv
2022-09-20 18:36 - 2022-09-20 18:36 - 000068608 _____ C:\Users\lisav\Downloads\bathroom1.webp
2022-09-20 15:52 - 2022-09-20 15:52 - 000002417 _____ C:\Users\lisav\Downloads\New Subscribers-9_20_2022, 3_52_27 PM.csv
2022-09-18 12:15 - 2022-09-18 12:15 - 000000761 _____ C:\Users\lisav\Downloads\New Subscribers-9_18_2022, 12_15_49 PM.csv
2022-09-17 14:36 - 2022-09-17 14:36 - 000000451 _____ C:\Users\lisav\Downloads\New Subscribers-9_17_2022, 2_36_01 PM.csv
2022-09-17 00:11 - 2022-09-17 00:11 - 000000547 _____ C:\Users\lisav\Downloads\New Subscribers-9_17_2022, 12_11_25 AM.csv
2022-09-16 09:47 - 2022-09-16 09:47 - 000002433 _____ C:\Users\lisav\Downloads\New Subscribers-9_16_2022, 9_47_39 AM.csv
2022-09-14 15:48 - 2022-09-14 15:48 - 056191017 _____ C:\Users\lisav\Downloads\halloween-2022-03-31-00-52-45-utc.zip
2022-09-14 15:48 - 2022-09-14 15:48 - 044901504 _____ C:\Users\lisav\Downloads\this-is-halloween-2022-04-09-15-04-19-utc.zip
2022-09-14 15:47 - 2022-09-14 15:47 - 045552397 _____ C:\Users\lisav\Downloads\a-halloween-2022-03-31-00-54-33-utc.zip
2022-09-14 15:45 - 2022-09-14 15:45 - 001209232 _____ C:\Users\lisav\Downloads\object-toy-halloween-toy-vocal-distortion-03-2022-03-31-12-39-36-utc.zip
2022-09-14 15:43 - 2022-09-14 15:43 - 001092689 _____ C:\Users\lisav\Downloads\halloween-kid-scream-2022-03-30-23-49-56-utc.zip
2022-09-14 15:42 - 2022-09-14 15:42 - 001325598 _____ C:\Users\lisav\Downloads\halloween-wolf-ghost-2022-03-31-00-58-35-utc.zip
2022-09-14 15:42 - 2022-09-14 15:42 - 000896674 _____ C:\Users\lisav\Downloads\scary-halloween-musical-transition-2022-08-29-16-14-33-utc.zip
2022-09-14 15:42 - 2022-09-14 15:42 - 000392786 _____ C:\Users\lisav\Downloads\halloween-witch-laughing-2022-03-31-16-11-12-utc.zip
2022-09-14 15:42 - 2022-09-14 15:42 - 000219865 _____ C:\Users\lisav\Downloads\halloween-zombie-2022-03-31-10-17-36-utc.zip
2022-09-14 15:41 - 2022-09-14 15:41 - 000945890 _____ C:\Users\lisav\Downloads\vibraphone-halloween-melody-2022-03-30-23-58-38-utc.zip
2022-09-14 15:41 - 2022-09-14 15:41 - 000838927 _____ C:\Users\lisav\Downloads\halloween-ghost-laughing-2022-03-31-16-11-12-utc.zip
2022-09-13 16:54 - 2022-09-13 16:54 - 000000000 ___HD C:\ProgramData\CyberLink
2022-09-13 16:44 - 2022-09-13 16:44 - 017643742 _____ C:\Users\lisav\Downloads\iCloud Photos (55).zip
2022-09-13 13:12 - 2022-09-13 13:23 - 3732587798 _____ C:\Users\lisav\Downloads\iCloud Photos (54).zip
2022-09-13 11:53 - 2022-09-13 12:16 - 2008413135 _____ C:\Users\lisav\Downloads\iCloud Photos (53).zip
2022-09-13 11:36 - 2022-09-13 11:36 - 093767517 _____ C:\Users\lisav\Downloads\iCloud Photos (52).zip
2022-09-13 11:33 - 2022-09-13 11:33 - 007788330 _____ C:\Users\lisav\Downloads\iCloud Photos (51).zip
2022-09-13 11:28 - 2022-09-13 11:28 - 037063200 _____ C:\Users\lisav\Downloads\iCloud Photos (50).zip
2022-09-12 19:18 - 2022-09-12 19:18 - 000000594 _____ C:\Users\lisav\Downloads\New Subscribers-9_12_2022, 7_18_18 PM.csv
2022-09-11 22:53 - 2022-09-11 22:53 - 000001290 _____ C:\Users\lisav\Downloads\New Subscribers-9_11_2022, 10_53_43 PM.csv
2022-09-11 18:45 - 2022-09-11 18:45 - 000000000 ____D C:\Users\lisav\OneDrive\Documents\Freemake
2022-09-11 18:45 - 2022-09-11 18:45 - 000000000 ____D C:\Users\lisav\AppData\Local\FreemakeVideoConverter
2022-09-11 18:45 - 2022-09-11 18:45 - 000000000 ____D C:\ProgramData\Freemake
2022-09-11 18:44 - 2022-09-25 22:52 - 000000000 ____D C:\Program Files (x86)\Freemake
2022-09-11 18:43 - 2022-09-11 18:43 - 001017928 _____ (Mixbyte Inc. ) C:\Users\lisav\Downloads\FreemakeVideoDownloaderSetup.exe
2022-09-11 18:40 - 2022-09-11 18:40 - 000000000 ____D C:\Program Files (x86)\FreeCodecPack
2022-09-11 18:39 - 2022-09-11 18:42 - 000000000 ____D C:\Users\lisav\AppData\Roaming\DVDVideoSoft
2022-09-11 18:38 - 2022-09-11 18:39 - 063109656 _____ (Digital Wave Ltd ) C:\Users\lisav\Downloads\FreeYouTubeDownload_4.3.80.705_r_5aec8c92-cc47-4e2e-ba45-4f877476182d.exe
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2022-10-11 21:59 - 2021-06-05 08:09 - 000000000 ____D C:\WINDOWS\INF
2022-10-11 21:55 - 2022-07-22 13:34 - 000000000 ____D C:\Users\lisav\OneDrive\Documents\Outlook Files
2022-10-11 21:27 - 2022-02-08 22:46 - 000000000 ____D C:\Program Files (x86)\Google
2022-10-11 21:19 - 2021-03-19 18:38 - 000000000 ____D C:\ProgramData\Common
2022-10-11 20:53 - 2022-02-11 13:02 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-10-11 16:32 - 2021-06-05 08:10 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-10-11 15:31 - 2021-06-05 08:10 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-10-11 15:25 - 2022-06-16 17:47 - 000002254 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-10-11 15:25 - 2022-06-16 17:47 - 000002213 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-10-11 06:56 - 2022-02-11 13:05 - 000003596 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1539540075-3642159966-2234323943-1002
2022-10-11 06:56 - 2022-02-11 13:05 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2022-10-11 06:56 - 2022-02-10 07:45 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2022-10-11 06:56 - 2022-02-09 01:02 - 000002139 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-10-11 06:56 - 2022-02-08 22:45 - 000000000 ___RD C:\Users\lisav\OneDrive
2022-10-11 06:56 - 2021-06-05 08:10 - 000000000 ___HD C:\Program Files\WindowsApps
2022-10-11 06:56 - 2021-06-05 08:10 - 000000000 ____D C:\WINDOWS\SystemTemp
2022-10-11 06:55 - 2022-08-01 00:16 - 000000000 ____D C:\ProgramData\OmApSvcBroker
2022-10-08 23:08 - 2022-02-11 08:25 - 000000000 ____D C:\Users\lisav\AppData\Local\CrashDumps
2022-10-08 09:45 - 2022-02-11 13:05 - 000004784 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeShadowStackRollbackTask
2022-10-08 09:45 - 2020-11-19 03:32 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-10-07 23:00 - 2021-06-05 08:10 - 000000000 ____D C:\WINDOWS\system32\NDF
2022-10-06 21:41 - 2022-02-08 22:43 - 000000000 ____D C:\Users\lisav\AppData\Local\D3DSCache
2022-10-04 09:23 - 2022-02-08 22:43 - 000000000 ____D C:\Users\lisav\AppData\Local\Packages
2022-10-04 09:23 - 2020-11-19 03:33 - 000000000 ____D C:\ProgramData\Packages
2022-10-02 08:39 - 2021-03-19 17:13 - 000000000 ____D C:\ProgramData\Goodix
2022-09-28 13:39 - 2021-06-05 08:10 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2022-09-28 13:38 - 2020-12-08 05:13 - 000000000 ____D C:\Program Files\Microsoft Office
2022-09-26 18:47 - 2022-02-11 13:10 - 000803404 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-09-26 18:39 - 2022-07-22 13:34 - 000000000 ___RD C:\Users\lisav\iCloudDrive
2022-09-26 18:39 - 2022-07-22 13:33 - 000000000 ___RD C:\Users\lisav\iCloudPhotos
2022-09-26 18:39 - 2022-02-11 13:05 - 000003112 _____ C:\WINDOWS\system32\Tasks\NahimicTask32
2022-09-26 18:39 - 2022-02-11 13:05 - 000003092 _____ C:\WINDOWS\system32\Tasks\NahimicTask64
2022-09-26 18:39 - 2022-02-08 22:43 - 000000000 __SHD C:\Users\lisav\IntelGraphicsProfiles
2022-09-26 18:38 - 2022-02-11 13:05 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-09-26 18:38 - 2022-02-11 13:02 - 000606760 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-09-26 18:38 - 2021-06-05 08:10 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-09-26 18:38 - 2021-06-05 08:10 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-09-26 18:38 - 2021-06-05 08:10 - 000000000 ____D C:\WINDOWS\SystemResources
2022-09-26 18:38 - 2021-06-05 08:10 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-09-26 18:38 - 2021-06-05 08:10 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-09-26 18:38 - 2021-06-05 08:10 - 000000000 ____D C:\WINDOWS\system32\appraiser
2022-09-26 18:38 - 2021-06-05 08:10 - 000000000 ____D C:\WINDOWS\ServiceState
2022-09-26 18:38 - 2021-06-05 08:10 - 000000000 ____D C:\WINDOWS\Provisioning
2022-09-26 18:38 - 2021-06-05 08:10 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-09-26 18:38 - 2021-06-05 08:10 - 000000000 ____D C:\WINDOWS\BrowserCore
2022-09-26 18:38 - 2021-06-05 08:10 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-09-26 18:38 - 2021-06-05 08:01 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-09-26 18:38 - 2021-03-19 17:10 - 000000000 ____D C:\Intel
2022-09-26 18:38 - 2020-12-08 04:38 - 000012288 ___SH C:\DumpStack.log.tmp
2022-09-26 18:37 - 2021-06-05 08:01 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-09-26 18:35 - 2022-02-11 13:05 - 003104256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-09-26 15:01 - 2021-03-19 17:07 - 000000000 ____D C:\ProgramData\Package Cache
2022-09-26 12:22 - 2022-02-08 23:11 - 000001891 _____ C:\Users\Public\Desktop\Shotcut.lnk
2022-09-26 11:19 - 2021-06-05 08:10 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-09-26 11:13 - 2022-02-08 22:45 - 000000000 ____D C:\Users\lisav\AppData\Local\PlaceholderTileLogoFolder
2022-09-25 23:20 - 2022-02-11 13:03 - 000000000 ____D C:\Users\lisav
2022-09-15 04:15 - 2021-06-05 08:10 - 000000000 ____D C:\WINDOWS\system32\setup
2022-09-15 04:15 - 2021-06-05 08:10 - 000000000 ____D C:\WINDOWS\system32\DDFs
2022-09-14 16:30 - 2022-02-10 07:48 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-09-14 16:29 - 2022-02-10 07:48 - 141646296 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-09-14 16:28 - 2021-06-05 08:08 - 000249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2022-09-14 16:28 - 2021-06-05 08:08 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ========================

    Advertisements

Register to Remove

#2 lisavvvv

lisavvvv

    Authentic Member

  • Authentic Member
  • PipPip
  • 57 posts

Posted 11 October 2022 - 08:12 PM

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-10-2022
Ran by lisav (11-10-2022 22:02:08)
Running from C:\Users\lisav\Downloads
Microsoft Windows 11 Home Version 21H2 22000.1042 (X64) (2022-02-11 17:05:37)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
 
(If an entry is included in the fixlist, it will be removed.)
 
Administrator (S-1-5-21-1539540075-3642159966-2234323943-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1539540075-3642159966-2234323943-503 - Limited - Disabled)
Guest (S-1-5-21-1539540075-3642159966-2234323943-501 - Limited - Disabled)
lisav (S-1-5-21-1539540075-3642159966-2234323943-1002 - Administrator - Enabled) => C:\Users\lisav
WDAGUtilityAccount (S-1-5-21-1539540075-3642159966-2234323943-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Security (Enabled - Up to date) {9E3FD331-C4C2-7AC4-0537-131EEF1B1F8A}
FW: Norton Security (Enabled) {A6045214-8EAD-7B9C-2E68-BA2B11C858F1}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Apple Mobile Device Support (HKLM\...\{527DD209-8A66-482F-8779-C7B3BACCA8F1}) (Version: 15.0.0.16 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
Blackmagic RAW Common Components (HKLM\...\{EA2A465C-C315-4C71-B3C2-87589F000DFE}) (Version: 2.6 - Blackmagic Design)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
DaVinci Resolve (HKLM\...\{2446BF6A-7629-496C-A2F0-543FF09350DA}) (Version: 18.0.30005 - Blackmagic Design)
DaVinci Resolve Control Panels (HKLM\...\{7BE44C68-BEDD-49E2-8DD9-ADAAEF48C9B3}) (Version: 2.0.4.0 - Blackmagic Design)
Dynamic Application Loader Host Interface Service (HKLM\...\{D9788A43-0D13-4259-8D9C-9D9B7E07FB18}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 106.0.5249.103 - Google LLC)
iCloud Outlook (HKLM\...\{542806EA-AFEA-49B5-BC9D-DCAE98BA393B}) (Version: 13.4.0.99 - Apple Inc.)
Intel Software Package (HKLM-x32\...\{ccdef312-4d10-481f-95cb-d4bf393ca86f}) (Version: 8.7.10401.16510 - Intel) Hidden
Intel® Chipset Device Software (HKLM\...\{368C1112-09E1-4EE3-A274-9118DF101CA9}) (Version: 10.1.18460.8229 - Intel Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{a2c684b7-4a4b-425f-a805-1e88940804b0}) (Version: 10.1.18460.8229 - Intel® Corporation)
Intel® Dynamic Tuning (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.7.10401.16510 - Intel Corporation)
Intel® HID Event Filter (HKLM-x32\...\3FB06EEC-013D-4366-9918-71B97DFB84EB) (Version: 2.2.1.384 - Intel Corporation)
Intel® LMS (HKLM\...\{747E8075-4D22-445B-BA8D-9ABADB55DA65}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2044.15.0.1941 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{421AF951-58FC-4380-AD66-A0BCCE490537}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{C6C8028F-7CB3-4CC1-B2E8-436DD941E798}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Management Engine Driver (HKLM\...\{93D06EF3-7B70-4731-9B6A-DB99FA591EC7}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Serial IO (HKLM\...\{89441E6E-F8C3-450C-A5E9-5549868CFE4F}) (Version: 30.100.2031.2 - Intel Corporation) Hidden
Intel® Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.2031.2 - Intel Corporation)
Intel® Wireless Bluetooth® (HKLM-x32\...\{00000000-0220-1033-84C8-B8D95FA3C8C3}) (Version: 22.00.0.2 - Intel Corporation)
Intel® Integrated Sensor Solution (HKLM-x32\...\{81da3767-7ece-47b7-acbe-01d003fdbe55}) (Version: 3.10.100.4446 - Intel Corporation)
ISS_Drivers_x64 (HKLM\...\{188144F0-D6CC-4A19-AF83-4BFC017233A5}) (Version: 3.10.100.4446 - Intel Corporation) Hidden
iTunes (HKLM\...\{0B3CC856-3A62-443A-B6CE-DED2D4495D56}) (Version: 12.12.2.2 - Apple Inc.)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.15629.20156 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 106.0.1370.37 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 106.0.1370.42 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 22.196.0918.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{6A2A8076-135F-4F55-BB02-DED67C8C6934}) (Version: 4.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.31.31103 (HKLM-x32\...\{2aaf1df0-eb13-4099-9992-962bb4e596d1}) (Version: 14.31.31103.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.31.31103 (HKLM-x32\...\{41d7b770-418a-43b7-95a5-f925fff05789}) (Version: 14.31.31103.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.31.31103 (HKLM\...\{A977984B-9244-49E3-BD24-43F0A8009667}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.31.31103 (HKLM\...\{A181A302-3F6D-4BAD-97A8-A426A6499D78}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.31.31103 (HKLM-x32\...\{5720EC03-F26F-40B7-980C-50B5D420B5DE}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.31.31103 (HKLM-x32\...\{799E3FFF-705C-461F-B400-6DE27398B3E5}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
MSI NBFoundation Service (HKLM-x32\...\{5D402225-6C83-4735-88C8-3FA1B1A4364B}}_is1) (Version: 1.0.2207.0801 - MSI)
MSI Pen (HKLM-x32\...\{FB244CAE-3086-42CE-B322-85BCEFDFF719}}_is1) (Version: 1.0.2102.2301 - MSI)
MSI SDK (HKLM-x32\...\{EE7D557C-3AE7-4348-8DCA-3A89790D0002}}_is1) (Version: 3.2022.0708.01 - MSI)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15629.20118 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15629.20156 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.13127.20616 - Microsoft Corporation) Hidden
OpenShot Video Editor version 2.6.1 (HKLM\...\{4BB0DCDC-BC24-49EC-8937-72956C33A470}_is1) (Version: 2.6.1 - OpenShot Studios, LLC)
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9111.1 - Realtek Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.19042.21344 - Realtek Semiconductor Corp.)
Shotcut (HKLM\...\Shotcut) (Version: 22.09.23 - Meltytech, LLC)
Windows PC Health Check (HKLM\...\{B1E7D0FD-7CFE-4E0C-A5DA-0F676499DB91}) (Version: 3.2.2110.14001 - Microsoft Corporation)
 
Packages:
=========
AudioDirector for MSI -> C:\Program Files\WindowsApps\CyberLink.AudioDirectorforMSI_7.0.9105.0_x64__jtmmp2jxy9gb6 [2022-02-08] (CyberLink)
BusinessCenter -> C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.BusinessCenter_2.1.16.0_x64__kzh8wxbdkxb8p [2022-10-05] (MICRO-STAR INTERNATIONAL CO., LTD) [Startup Task]
ColorDirector for MSI -> C:\Program Files\WindowsApps\CyberLink.ColorDirectorforMSI_5.0.8107.0_x64__jtmmp2jxy9gb6 [2022-02-08] (CyberLink)
Disney+ -> C:\Program Files\WindowsApps\Disney.37853FC22B2CE_1.39.3.0_x64__6rarf9sa4v8jt [2022-10-06] (Disney)
HEVC Video Extensions -> C:\Program Files\WindowsApps\Microsoft.HEVCVideoExtensions_2.0.51122.0_x64__8wekyb3d8bbwe [2022-09-26] (Microsoft Corporation)
iCloud -> C:\Program Files\WindowsApps\AppleInc.iCloud_13.4.101.0_x86__nzyj5cx40ttqa [2022-08-10] (Apple Inc.) [Startup Task]
iCloud -> C:\Program Files\WindowsApps\AppleInc.iCloud_13.4.99.0_x86__nzyj5cx40ttqa [2022-07-22] (Apple Inc.) [Startup Task]
Intel® Graphics Command Center -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt [2022-09-28] (INTEL CORP) [Startup Task]
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.0.1.0_neutral__w1wdnht996qgy [2022-02-08] (LinkedIn)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2022-02-10] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2022-02-10] (Microsoft Corporation) [MS Ad]
Microsoft Remote Desktop -> C:\Program Files\WindowsApps\Microsoft.RemoteDesktop_10.2.3000.0_x64__8wekyb3d8bbwe [2022-09-28] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.14.9130.0_x64__8wekyb3d8bbwe [2022-09-16] (Microsoft Studios) [MS Ad]
Microsoft Sudoku -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSudoku_2.8.10203.0_x64__8wekyb3d8bbwe [2022-09-28] (Microsoft Studios) [MS Ad]
Microsoft Ultimate Word Games -> C:\Program Files\WindowsApps\Microsoft.Studios.Wordament_3.8.904.0_x64__8wekyb3d8bbwe [2022-09-28] (Microsoft Studios) [MS Ad]
Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_3.1.1.0_x64__a2t3txkz9j1jw [2022-02-12] (MAGIX)
Nahimic -> C:\Program Files\WindowsApps\A-Volute.Nahimic_1.9.10.0_x64__w2gh52qy24etm [2022-08-05] (A-Volute)
PhotoDirector 10 Essential for MSI -> C:\Program Files\WindowsApps\CyberLink.PhotoDirector10EssentialforMSI_10.0.2326.0_x64__jtmmp2jxy9gb6 [2022-02-08] (CyberLink)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-02-15] (Microsoft Corporation)
PhotoScape X -> C:\Program Files\WindowsApps\MooiiTech.PhotoScapeX_4.2.1.0_x64__f5eddttrpssna [2022-02-08] (Mooii Tech)
PhotoScape X Pro -> C:\Program Files\WindowsApps\MooiiTech.PhotoScapeXPro_4.2.1.0_x64__f5eddttrpssna [2022-02-16] (Mooii Tech)
PowerDirector 17 Essential for MSI -> C:\Program Files\WindowsApps\CyberLink.PowerDirector17EssentialforMSI_17.0.2712.0_x64__jtmmp2jxy9gb6 [2022-02-08] (CyberLink)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.37.275.0_x64__dt26b99r8h8gj [2022-09-03] (Realtek Semiconductor Corp)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0 [2022-09-28] (Spotify AB) [Startup Task]
Thunderbolt™ Control Center -> C:\Program Files\WindowsApps\AppUp.ThunderboltControlCenter_1.0.36.0_x64__8j3eq9eme6ctt [2022-09-28] (INTEL CORP)
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2022-09-28] (Microsoft Corporation)
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-1539540075-3642159966-2234323943-1002_Classes\CLSID\{80172dde-4e20-4df0-81a2-0a48553e80bb}\localserver32 -> C:\Users\lisav\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe (A-Volute SAS -> A-Volute)
CustomCLSID: HKU\S-1-5-21-1539540075-3642159966-2234323943-1002_Classes\CLSID\{95727F8D-D7DF-4C5C-88D8-7D4C8B3CA288} -> [iCloud Photos] => C:\Users\lisav\iCloudPhotos\Photos [2022-07-22 13:34]
CustomCLSID: HKU\S-1-5-21-1539540075-3642159966-2234323943-1002_Classes\CLSID\{D809D6FA-0FDC-4039-809F-9325DCC99CB7} -> [iCloud Drive] => C:\Users\lisav\iCloudDrive [2022-07-22 13:34]
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-11] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-11] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-11] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-11] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncShell64.dll [2022-10-11] (Microsoft Corporation -> Microsoft Corporation)
 
==================== Codecs (Whitelisted) ====================
 
==================== Shortcuts & WMI ========================
 
==================== Loaded Modules (Whitelisted) =============
 
2022-08-03 15:19 - 2022-08-03 15:20 - 020758528 _____ () [File not signed] C:\Program Files\WindowsApps\A-Volute.Nahimic_1.9.10.0_x64__w2gh52qy24etm\Nahimic3.dll
2022-02-16 10:01 - 2022-02-16 10:01 - 000081408 _____ (Khronos Group) [File not signed] C:\Program Files\WindowsApps\MooiiTech.PhotoScapeXPro_4.2.1.0_x64__f5eddttrpssna\PhotoScapeXPro\OpenCL.dll
2020-12-08 05:14 - 2020-12-08 05:14 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\root\Client\AppVIsvSubsystems64.dll
2020-12-08 05:14 - 2020-12-08 05:14 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\root\Office16\c2r64.dll
2019-07-02 15:07 - 2019-07-02 15:07 - 000014632 _____ (Micro-Star International CO., LTD. -> ) [File not signed] C:\Program Files (x86)\MSI\MSI NBFoundation Service\UEFIVaribleDll.dll
2022-02-16 10:01 - 2022-02-16 10:01 - 006159480 _____ (The Qt Company Oy -> The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\MooiiTech.PhotoScapeXPro_4.2.1.0_x64__f5eddttrpssna\PhotoScapeXPro\Qt5Core.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
==================== Safe Mode (Whitelisted) ==================
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer (Whitelisted) ==========
 
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-28] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-28] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-28] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-28] (Microsoft Corporation -> Microsoft Corporation)
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2019-12-07 05:14 - 2019-12-07 05:12 - 000000824 ____N C:\WINDOWS\system32\drivers\etc\hosts
 
2022-06-07 12:50 - 2022-08-31 10:36 - 000000433 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1539540075-3642159966-2234323943-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\lisav\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\251809134_2273271226147070_1435674821289611735_n.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{20DB2A52-A860-4700-A18C-5BEB7F5E0A74}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{FA36F0DC-9FAF-4834-AFFC-833D11DCA822}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E63821A5-95E2-4912-A290-AD265EF1EFEB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{888FE6F8-308D-4E78-B178-854D68C42650}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{99EAAE7C-318D-495A-BF26-6EF794F3A32E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{790A4170-42FF-4179-812E-E05D9B65E5B8}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{53C8F349-58F5-4C98-8ABE-4E9B8A48A06C}C:\program files (x86)\airdroidcast\airdroidcast.exe] => (Allow) C:\program files (x86)\airdroidcast\airdroidcast.exe => No File
FirewallRules: [UDP Query User{B8AACC5C-7A7E-4B07-9F55-E767AE2B22A3}C:\program files (x86)\airdroidcast\airdroidcast.exe] => (Allow) C:\program files (x86)\airdroidcast\airdroidcast.exe => No File
FirewallRules: [{D1C674EA-8269-4B7D-8204-2899BFB0D167}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.88.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FA967C11-103C-46D3-A805-721FE111514E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.88.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B109D86C-42AC-47D8-AA05-E8876A869A58}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.88.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4034E3F8-580B-452C-B84A-06A573E3E0A4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.88.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{81D47C99-A3AD-4B61-87FC-63F70625A9B9}C:\program files\openshot video editor\openshot-qt.exe] => (Allow) C:\program files\openshot video editor\openshot-qt.exe (OpenShot Studios, LLC) [File not signed]
FirewallRules: [UDP Query User{7AD0F7A2-3059-49D3-956D-3582AFC2E51B}C:\program files\openshot video editor\openshot-qt.exe] => (Allow) C:\program files\openshot video editor\openshot-qt.exe (OpenShot Studios, LLC) [File not signed]
FirewallRules: [{143C5B43-EBBA-4195-B7B2-1B4CBB79D66A}] => (Allow) C:\Program Files\Shotcut\shotcut.exe (Meltytech, LLC -> Meltytech, LLC)
FirewallRules: [{D9C40227-27B7-4D62-A4D1-289BB5725C6B}] => (Allow) C:\Program Files\Shotcut\shotcut.exe (Meltytech, LLC -> Meltytech, LLC)
FirewallRules: [{8DF29F64-57F6-4193-BCBC-9D021F626EDE}] => (Allow) C:\Program Files\Shotcut\shotcut.exe (Meltytech, LLC -> Meltytech, LLC)
FirewallRules: [{0CC99D6A-A09B-4C3A-B6AB-0CE08E46683A}] => (Allow) C:\Program Files\Shotcut\shotcut.exe (Meltytech, LLC -> Meltytech, LLC)
FirewallRules: [{790C5C3D-7E32-41E0-986E-929000E776A9}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{42445BB8-4BAA-4F37-B883-2BA320A7A6AC}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{30A390A9-0210-4127-9C8B-295C60B3DD82}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DaVinciPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{C24B0D22-889B-41AE-B142-DE0F5CBAA379}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{4DB486E0-A53B-4A97-A8BA-28AB3F31ED3C}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{E498A16F-A348-4D88-8877-451F22104A3A}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{89146252-B7F7-47F5-A808-E3D24F1605D0}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe => No File
FirewallRules: [{8511451D-2C95-43AF-9789-E0B232ED637A}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [TCP Query User{08D81F18-CDD4-4761-A8C4-86E95A70AD03}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Block) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{FAA9AFDE-467E-481B-95E7-3EB5029DAC66}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Block) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [TCP Query User{D0DCD959-F2B6-4FB6-9BCA-BC4FDA49DEA7}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{18943428-BAEE-452F-A555-7B22CB773915}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{66DF45E5-E9BF-41C0-92A1-BC45D4B329AE}] => (Allow) LPort=32682
FirewallRules: [{6E694229-7F24-4D64-904C-3AC6F0777371}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{EB60FBD5-82D1-4DFF-9A61-A3A678AB58A4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6D3F3582-6D3B-4601-BB23-CC7F64C4814E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{25A1497D-406A-4C02-967A-6F929FD858F0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{248BD495-25BD-476E-B9C4-DCEE912C37FE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B926D50B-5E29-4CB9-9937-A6FA14DC5F8C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5740C903-F3E4-4E64-883D-60FF0A4E5BFD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8072A65B-87BD-4453-B157-3E9897E416F8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DBA8FA86-CDB6-47AE-A998-A1BEDD1F0785}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22227.300.1508.3394_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{ACC82F37-A017-43F4-9C92-7F749A36E038}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22227.300.1508.3394_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{69E44B7F-47BC-4908-A006-D5D341895F77}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\106.0.1370.42\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3AFB034B-2745-4C3D-BC96-9EB6A0DF48F5}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
 
==================== Restore Points =========================
 
ATTENTION: System Restore is disabled (Total:932.43 GB) (Free:670.73 GB) (72%)
 
==================== Faulty Device Manager Devices ============
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (10/11/2022 08:53:16 PM) (Source: DPTF) (EventID: 17) (User: NT AUTHORITY)
Description: Event-ID 17
 
Error: (10/11/2022 03:21:41 PM) (Source: DPTF) (EventID: 17) (User: NT AUTHORITY)
Description: Event-ID 17
 
Error: (10/11/2022 10:47:55 AM) (Source: DPTF) (EventID: 17) (User: NT AUTHORITY)
Description: Event-ID 17
 
Error: (10/11/2022 06:56:23 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program PhoneExperienceHost.exe version 1.22072.207.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: cb6c
 
Start Time: 01d8dd5ff6930757
 
Termination Time: 4294967295
 
Application Path: C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22072.207.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
 
Report Id: c42ea8a7-a0a0-4fd1-9c86-287ad2b04f60
 
Faulting package full name: Microsoft.YourPhone_1.22072.207.0_x64__8wekyb3d8bbwe
 
Faulting package-relative application ID: App
 
Hang type: Quiesce
 
Error: (10/11/2022 06:55:18 AM) (Source: DPTF) (EventID: 17) (User: NT AUTHORITY)
Description: Event-ID 17
 
Error: (10/09/2022 10:34:17 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 14781
 
Error: (10/09/2022 10:34:17 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 14781
 
Error: (10/09/2022 10:34:17 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
 
System errors:
=============
Error: (10/11/2022 08:53:19 PM) (Source: Server) (EventID: 2505) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{BAB438E0-E802-4BF1-AD8A-2BA703327C6A} because another computer on the network has the same name.  The server could not start.
 
Error: (10/11/2022 08:53:16 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: )
Description: Miniport Microsoft Wi-Fi Direct Virtual Adapter #4, {65f74996-46a3-40a1-b26f-5037b90dfea0}, had event 74
 
Error: (10/11/2022 03:21:48 PM) (Source: Server) (EventID: 2505) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{BAB438E0-E802-4BF1-AD8A-2BA703327C6A} because another computer on the network has the same name.  The server could not start.
 
Error: (10/11/2022 03:21:42 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: )
Description: Miniport Microsoft Wi-Fi Direct Virtual Adapter #4, {65f74996-46a3-40a1-b26f-5037b90dfea0}, had event 74
 
Error: (10/11/2022 10:47:58 AM) (Source: Server) (EventID: 2505) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{BAB438E0-E802-4BF1-AD8A-2BA703327C6A} because another computer on the network has the same name.  The server could not start.
 
Error: (10/11/2022 10:47:55 AM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: )
Description: Miniport Microsoft Wi-Fi Direct Virtual Adapter #4, {65f74996-46a3-40a1-b26f-5037b90dfea0}, had event 74
 
Error: (10/11/2022 10:04:51 AM) (Source: Server) (EventID: 2505) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{BAB438E0-E802-4BF1-AD8A-2BA703327C6A} because another computer on the network has the same name.  The server could not start.
 
Error: (10/11/2022 10:04:48 AM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: )
Description: Miniport Microsoft Wi-Fi Direct Virtual Adapter #4, {65f74996-46a3-40a1-b26f-5037b90dfea0}, had event 74
 
 
Windows Defender:
================
Date: 2022-10-11 06:55:26
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2022-10-09 23:27:32
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2022-10-09 23:27:31
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2022-10-09 12:06:18
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2022-10-07 23:38:07
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Event[0]
 
Date: 2022-09-15 04:26:29
Description: 
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.375.378.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.19600.3
Error code: 0x8024402c
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 
 
CodeIntegrity:
===============
Date: 2022-10-11 21:51:53
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
 
Date: 2022-10-11 20:53:17
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_01a84de97d1d352c\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
==================== Memory info =========================== 
 
BIOS: American Megatrends International, LLC. E13P2IMS.503 09/13/2021
Motherboard: Micro-Star International Co., Ltd. MS-13P2
Processor: 11th Gen Intel® Core™ i7-1195G7 @ 2.90GHz
Percentage of memory in use: 51%
Total physical RAM: 32469.55 MB
Available physical RAM: 15899.22 MB
Total Virtual: 37333.55 MB
Available Virtual: 14308.64 MB
 
==================== Drives ================================
 
Drive c: (Windows) (Fixed) (Total:932.43 GB) (Free:670.73 GB) (Model: Micron_3400_MTFDKBA1T0TFH) NTFS
 
\\?\Volume{fca4ca42-a275-424e-a070-0ed11f9b07ae}\ (WinRE tools) (Fixed) (Total:0.88 GB) (Free:0.14 GB) NTFS
\\?\Volume{d79d6597-adfc-4330-8f84-76c523e541d7}\ (BIOS_RVY) (Fixed) (Total:20.14 GB) (Free:0.69 GB) NTFS
\\?\Volume{b81e2576-a029-41fa-9eca-a1c511d54eee}\ (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.26 GB) FAT32
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (Size: 953.9 GB) (Disk ID: 2C1916E4)
 
Partition: GPT.
 
==================== End of Addition.txt =======================

#3 LDTate

LDTate

    Grand Poobah

  • Root Admin
  • 57,211 posts

Posted 17 October 2022 - 04:20 PM

Hello lisavvvv

 

Sorry we do not currently have anyone to help you.

 

I suggest registering at Geeks To Go, and ask for help.

http://www.geekstogo.com/forum/


The forum is run by volunteers who donate their time and expertise.

Want to help others? Join the ClassRoom and learn how.

Logs will be closed if you haven't replied within 3 days

 

If you would like to paypal.gif for the help you received.
 

Proud graduate of TC/WTT Classroom

 

Related Topics

Back to Virus, Spyware & Malware Removal · Next Unread Topic →

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. What the Tech
  2. Spyware / Malware / Virus Removal
  3. Virus, Spyware & Malware Removal
  4. Privacy Policy
  5. Terms of Use ·