Is this a virus?

madmaxed45 · Aug 7, 2024

I have windows 11 , something keeps refreshing or opening or refreshing in my background that makes a task called Antimalware service executable run which causes a horrible FPS drop
(this happens every 3-5 seconds)
please help.

NaderHussain · Aug 7, 2024

What are the specs of your computer or laptop?
The service, Antimalware Service Executable, should be turned off. It uses a lot of system resources since it is constantly scanning the system for malware. As long as you have a good antivirus app running, your computer system should be protected. Now, if you use it for streaming and games a lot, you may want to consider running malware scans on it once in a while to ensure that the system is free of malware. Here is how to disable or turn off Antimalware Service Executable.

See the below link for the instructions.
How to Turn Off Antimalware Service Executable on ...

This service is a part of Windows 11 and is not a virus.

Macboatmaster · Aug 7, 2024

NaderHussain said:
The service, Antimalware Service Executable, should be turned off. It uses a lot of system resources since it is constantly scanning the system for malware. As long as you have a good antivirus app running, your computer system should be protected.

1. This is BAD ADVICE
If the system is protected by the free included Windows Security and Microsoft Defender Anti Virus which is just ONE part of the Windows Security package, then turning OFF
Antimalware Service Executable
(Microsoft Malware Protection Engine and it controls more or less ALL aspects of security on windows 11)

will leave the system unprotected.

2. You need to establish WHY the antimalware service exe is running so often - it will more than likely be a scan - initiated by what the system sees as a PUP (potentially unwanted program) OR a PUA (potentially unwanted application) which may be part of a program - app - often from free software and especially from
Torrents - P2P etc.

3. WHEN you reply and please include the specs as here
Please click the link below for your operating system to download the TSG SysInfo Utility. Click on "Save File" then double-click the file to run it. Copy and paste the report in your initial post. Windows 7 and later (downloads a file named tsginfo.exe)
as shown in the banner above where you typed your post

we WILL offer further ADVICE

4. FINALLY I repeat DO NOT follow the link advice to TURN OFF Antimalware Service Executable IF as explained in the link, if you read carefully, you are using Windows security as your protection.

NaderHussain · Aug 8, 2024

It is important to note that if another antivirus app is running on the computer, Antimalware Service Executable can be turned off. That is if Windows Security is running at the same time as the third-party antivirus app. However, we need to know more about the specs of your computer in order to determine why Antimalware Service Executable is slowing down your computer and which antivirus app is running on it before we can advise you on how to resolve the speed issue involving FPS drops every 3 to 5 seconds.

madmaxed45 · Aug 8, 2024

and it is a laptop

madmaxed45 · Aug 8, 2024

I do not really know why it keeps refreshing so often when i scanned with many softwares it says that there are no suspicious files

NaderHussain · Aug 8, 2024

Which antivirus app are you using on the laptop?

madmaxed45 · Aug 8, 2024

none just microsoft defender

NaderHussain · Aug 8, 2024

In Task Manager, check to see how much CPU and RAM is being utilized. Let us know what the readings are.

madmaxed45 · Aug 8, 2024

when nothing is open it goes from 2% to 10-14% every 3-5 secs

Macboatmaster · Aug 9, 2024

Although you have reset, the system needs checking for malware
I have referred to a colleague who is a qualified malware expert.
Please be patient he will post on your discussion.
You will have to uninstall all cracked software before he will proceed, but he will guide you.

madmaxed45 · Aug 9, 2024

@Macboatmaster Thank you friend for the help even though im a complete stranger to you
i hope i solve my problem

DR M · Aug 9, 2024

Hello.

I can check your computer for malware, but first, as Macboatmaster advised, you must remove the cracked software, since it is a severe threat for your system's security/safety.

When you do that:

Download Farbar Recovery Scan Tool and save it to your desktop. --> IMPORTANT

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

If your antivirus software detects the tool as malicious, it’s safe to allow FRST to run. It is a false-positive detection.

If English is not your primary language, right click on FRST.exe/FRST64.exe and rename to FRSTEnglish.exe/FRST64English.exe

Double-click the FRST icon to run the tool. When the tool opens click Yes to disclaimer.
Press Scan button and wait for a while.
The scanner will produced two logs on your Desktop: FRST.txt and Addition.txt.
Please attach the content of these two logs in your next reply.

madmaxed45 · Aug 9, 2024

This is the content if FRST.txt.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-08.2024
Ran by madma (administrator) on ABDOU_MEJRI (ASUSTeK COMPUTER INC. ASUS TUF Gaming A15 FA506IHRB_FA506IHRB) (09-08-2024 13:50:23)
Running from C:\Users\madma\OneDrive\Desktop\FRST64.exe
Loaded Profiles: madma
Platform: Microsoft Windows 11 Home Single Language Version 23H2 22631.3880 (X64) Language: English (United States)
Default browser: "C:\Users\madma\AppData\Local\Programs\Opera GX\opera.exe" -noautoupdate -- "%1"
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.22.20073.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe
(ASUSACCI\ArmouryCrateControlInterface.exe ->) (ASUSTEK COMPUTER INCORPORATION -> ASUSTeK COMPUTER INC.) C:\Windows\System32\ASUSACCI\ACCIMonitor.exe
(ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSOptimization\AsusOSD.exe
(C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exe
(C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe
(C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.Service.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.UserSessionHelper.exe
(C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.UserSessionHelper.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Service\DenoiseAIPlugin\ArmouryCrate.DenoiseAI.exe
(C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, Inc. -> McAfee LLC.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.exe
(C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ModuleCore\ProtectedModuleHost.exe
(C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\MfeAV\MfeAVSvc.exe
(C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (Musarubra US LLC -> McAfee, LLC) C:\Windows\System32\mfevtps.exe
(C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.22.20073.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe ->) (0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.22.20073.0_x64__0a9344xs7nr4m\radeonsoftware\cncmd.exe
(C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_524.18500.10.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\127.0.2651.98\msedgewebview2.exe <6>
(C:\Riot Games\Riot Client\RiotClientServices.exe ->) () [File not signed] C:\Riot Games\Riot Client\RiotClientCrashHandler.exe
(C:\Users\madma\AppData\Local\Programs\Opera GX\opera.exe ->) (Opera Norway AS -> Opera Software) C:\Users\madma\AppData\Local\Programs\Opera GX\111.0.5168.99\opera_crashreporter.exe
(DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSOptimization\AsusOptimization.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSOptimization\AsusOptimizationStartupTask.exe
(DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSSoftwareManager\AsusSoftwareManager.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSSoftwareManager\AsusSoftwareManagerAgent.exe
(DriverStore\FileRepository\u0382030.inf_amd64_c27c1f19988d7c7e\B381533\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0382030.inf_amd64_c27c1f19988d7c7e\B381533\atieclxx.exe
(explorer.exe ->) (Opera Norway AS -> Opera Software) C:\Users\madma\AppData\Local\Programs\Opera GX\opera.exe <43>
(explorer.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) C:\Program Files\Riot Vanguard\vgtray.exe
(explorer.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) C:\Riot Games\Riot Client\RiotClientServices.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(services.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0382030.inf_amd64_c27c1f19988d7c7e\B381533\atiesrxx.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\LightingService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.Service.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\ASUSACCI\ArmouryCrateControlInterface.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\AsusAppService\AsusAppService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSOptimization\AsusOptimization.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSSoftwareManager\AsusSoftwareManager.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSSwitch\AsusSwitch.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSSystemAnalysis\AsusSystemAnalysis.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe
(services.exe ->) (DTS, Inc. -> DTS Inc.) C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\CSP\5.1.104.0\McCSPServiceHost.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe <3>
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\VSCore_22_2\mcapexe.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\NisSrv.exe
(services.exe ->) (Musarubra US LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_228c2297d67d3a38\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_179f26ff7cd32d0f\RtkAudUService64.exe <3>
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2429.10.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe <2>
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Display Control\ASUSSmartDisplayControl.exe
(svchost.exe ->) (ASUSTEK COMPUTER INCORPORATION -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\ASUS Hotplug Controller\AsHotplugCtrl.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_524.18500.10.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\Packages\Preview\amd64\MoUsoCoreWorker.exe
(svchost.exe ->) (Softdeluxe) [File not signed] C:\Program Files\Softdeluxe\Free Download Manager\helperservice.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3023152 2024-07-09] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM-x32\...\Run: [ASUS Smart Display Control] => C:\Program Files (x86)\ASUS\ASUS Smart Display Control\ASUSSmartDisplayControl.exe [152216 2022-07-21] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
HKU\S-1-5-21-2205670443-1818561223-1713022560-1001\...\Run: [MicrosoftEdgeAutoLaunch_91B3F846D5DDE816C7523D323CC33A9E] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3814968 2024-08-01] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2205670443-1818561223-1713022560-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4919312 2024-08-05] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2205670443-1818561223-1713022560-1001\...\Run: [Free Download Manager] => C:\Program Files\Softdeluxe\Free Download Manager\fdm.exe [7486464 2024-07-08] (Softdeluxe) [File not signed]
HKU\S-1-5-21-2205670443-1818561223-1713022560-1001\...\Run: [Opera GX Stable] => C:\Users\madma\AppData\Local\Programs\Opera GX\opera.exe [1514912 2024-07-24] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-2205670443-1818561223-1713022560-1001\...\Run: [Discord] => C:\Users\madma\AppData\Local\Discord\Update.exe [1526552 2024-07-22] (Discord Inc. -> GitHub)
HKU\S-1-5-21-2205670443-1818561223-1713022560-1001\...\Run: [RiotClient] => C:\Riot Games\Riot Client\RiotClientServices.exe [71185664 2024-07-30] (Riot Games, Inc. -> Riot Games, Inc.)
HKU\S-1-5-21-2205670443-1818561223-1713022560-1001\...\Run: [Spotify] => C:\Users\madma\AppData\Roaming\Spotify\Spotify.exe [35353416 2024-08-05] (Spotify AB -> Spotify Ltd)

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

"C:\Windows\System32\Tasks\McAfee\McAfee Idle Detection Task" was unlocked. <==== ATTENTION
Task: {6FB0EA3D-F0D3-4D84-AB3C-75383E7FFFCA} - System32\Tasks\ASUS Hotplug Controller => C:\Program Files\ASUS\ASUS Hotplug Controller\AsHotplugCtrl.exe [285416 2021-12-08] (ASUSTEK COMPUTER INCORPORATION -> ASUSTeK Computer Inc.)
Task: {C1F3508E-CC6F-4D05-8C42-5CEFE152EE55} - System32\Tasks\ASUS Optimization 36D18D69AFC3 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSOptimization\AsusHotkey.exe [324960 2024-06-20] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {0AC3D9C1-EE9C-4F67-85D9-B1216479A534} - System32\Tasks\ASUS Update Checker 2.0 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSSoftwareManager\AsusUpdateChecker.exe [792296 2024-06-20] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {41015EAF-FC6E-42E1-9FF9-D2EA8F323C0C} - System32\Tasks\ASUS\AcPowerNotification => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe [306456 2022-07-08] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {D62567F3-B86A-409E-AB4D-24F2590FDBD2} - System32\Tasks\ASUS\ArmourySocketServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe [1854232 2022-07-08] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {80AC912E-75D8-4760-9110-50EBB16A2607} - System32\Tasks\ASUS\ASUSUpdateTaskMachineCore => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [153112 2023-03-24] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
Task: {6F545932-DE3B-4FC8-ACA5-8F1960F0695D} - System32\Tasks\ASUS\ASUSUpdateTaskMachineUA => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [153112 2023-03-24] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
Task: {3CC38142-71CE-419E-B97A-1F41CF355A95} - System32\Tasks\ASUS\Framework Service => C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe [43509488 2022-07-09] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
Task: {6CDB5426-D373-41CF-BD19-C5DBDAFC61E1} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe (No File)
Task: {5E08B45F-93BF-4612-8C1C-E64D22B8E089} - System32\Tasks\ASUSSmartDisplayControl => C:\Program Files (x86)\ASUS\ASUS Smart Display Control\ASUSSmartDisplayControl.exe [152216 2022-07-21] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
Task: {7E0EBECF-530A-4143-910A-D294CDBA3DB2} - System32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSSystemAnalysis\AsusSystemAnalysis.exe [5097936 2024-06-20] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {56CF47D7-F9FE-4C9A-A28B-B384E7E4F929} - System32\Tasks\FreeDownloadManagerHelperService => C:\Program Files\Softdeluxe\Free Download Manager\helperservice.exe [139264 2024-07-08] (Softdeluxe) [File not signed]
Task: {6025E11A-3449-431A-B2D4-CF77804E6730} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [4565040 2023-07-17] (McAfee, LLC -> McAfee, LLC)
Task: {77C3302F-0EEA-42E1-B1BF-4F11EB68D855} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\1.7.108\DADUpdater.exe [4094568 2023-02-17] (McAfee, LLC -> McAfee, LLC)
Task: {DC27AE06-6DBA-4CEC-A3E5-1BC80ACFD998} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent => {ABCECA3B-EA5A-496B-A021-5C6BAB365E5C} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [931056 2023-02-20] (McAfee, LLC -> McAfee, LLC)
Task: {D60B4834-6370-42EF-91C8-77985540A398} - System32\Tasks\McAfee\McAfee Idle Detection Task => {ABCDCA3B-DE6B-5A7C-B132-6D7CBA63E5C5} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [931056 2023-02-20] (McAfee, LLC -> McAfee, LLC)
Task: {2098FFEA-C3D6-4298-9BFA-8D45FC4771B6} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [761976 2022-02-19] (McAfee, LLC -> McAfee, LLC)
Task: {17D3762B-8F0B-4EC3-AB3D-C80064020F22} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28584424 2024-08-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {5B0B4F28-EA7C-476B-B0B6-A18B30BEF5B2} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28584424 2024-08-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {CE5ED2B7-F84E-43D4-A669-389E750ADF55} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312288 2024-08-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {8D7AA177-EE08-402D-B455-5CF9BDBD4743} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312288 2024-08-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {B774B84D-0789-4CED-BEB5-8865CD576608} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [182240 2024-08-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {A68CB83B-BB92-4673-8DBE-441DE691D387} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpCmdRun.exe [1687320 2024-08-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {37DAF442-4D17-4347-91E5-FD5F9FAC007C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpCmdRun.exe [1687320 2024-08-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {177D18AC-AD9F-46C2-8D52-49B95E021492} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpCmdRun.exe [1687320 2024-08-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {61065176-D17F-4CFB-83B6-6E51936E975C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpCmdRun.exe [1687320 2024-08-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {16ACDD3B-8E03-4B10-8321-6BCCD5927559} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-01] (Nvidia Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {5128F11F-9F23-4F93-AFDD-A48CF6988232} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342080 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {06FF076A-E674-496D-93BE-80D22227F0B8} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646344 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler
Task: {2345F2B1-3777-4074-8FC8-6AFA39551DD8} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {FDCE8A9D-F8B0-4A98-B2CC-484AC6C64703} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {7A2B4998-DA43-45A1-8D4B-AC35197DC41C} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {429221D5-35E8-49CE-816A-A6086B50D770} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {ED17542D-5E0A-44AF-8BC3-9672EE443D2A} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209072 2024-08-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {7B176388-E75C-4572-AD4A-6C8D70944C51} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2205670443-1818561223-1713022560-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209072 2024-08-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {B1C288A3-8A75-4D83-AB1E-7E2DCD22E4C5} - System32\Tasks\Opera GX scheduled Autoupdate 1722118114 => C:\Users\madma\AppData\Local\Programs\Opera GX\autoupdate\opera_autoupdate.exe [5755296 2024-07-24] (Opera Norway AS -> Opera Software)
Task: {0A2BEF37-123A-4638-9C86-D8C69B514BD2} - System32\Tasks\RtkAudUService64_BG => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_179f26ff7cd32d0f\RtkAudUService64.exe [1616744 2022-10-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{bfbc7af6-5cf1-4fdd-b3a4-07056e93495b}: [DhcpNameServer] 40.53.1.11
Tcpip\..\Interfaces\{d0f052b6-d719-4dba-be45-f517603da73a}: [DhcpNameServer] 8.8.8.8 8.8.4.4

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\madma\AppData\Local\Microsoft\Edge\User Data\Default [2024-07-28]
Edge Extension: (Google Docs Offline) - C:\Users\madma\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-07-27]
Edge Extension: (Edge relevant text changes) - C:\Users\madma\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-07-27]

FireFox:
========
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\McAfee\MSC\npMcSnFFPl64.dll [2022-02-22] (McAfee, LLC -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-08-07] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\MSC\npMcSnFFPl.dll [2022-02-22] (McAfee, LLC -> )
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-08-07] (Microsoft Corporation -> Microsoft Corporation)

Opera:
=======
StartMenuInternet: (HKU\S-1-5-21-2205670443-1818561223-1713022560-1001) Opera GXStable - "C:\Users\madma\AppData\Local\Programs\Opera GX\opera.exe"

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ArmouryCrateControlInterface; C:\WINDOWS\System32\ASUSACCI\ArmouryCrateControlInterface.exe [1181232 2023-06-07] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ArmouryCrateService; C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.Service.exe [401880 2024-07-27] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
S2 asus; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [153112 2023-03-24] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
R2 AsusAppService; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\AsusAppService\AsusAppService.exe [1199464 2024-06-20] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
S3 asusm; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [153112 2023-03-24] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
R2 ASUSOptimization; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSOptimization\AsusOptimization.exe [563152 2024-06-20] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSoftwareManager; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSSoftwareManager\AsusSoftwareManager.exe [1377744 2024-06-20] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSwitch; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSSwitch\AsusSwitch.exe [650704 2024-06-20] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemAnalysis; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSSystemAnalysis\AsusSystemAnalysis.exe [5097936 2024-06-20] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemDiagnosis; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe [865744 2024-06-20] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13995624 2024-08-07] (Microsoft Corporation -> Microsoft Corporation)
R2 DtsApo4Service; C:\WINDOWS\System32\DTS\PC\APO4x\DtsApo4Service.exe [420680 2023-10-27] (DTS, Inc. -> DTS Inc.)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\24.141.0714.0003\FileSyncHelper.exe [3523088 2024-08-05] (Microsoft Corporation -> Microsoft Corporation)
R2 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [4926312 2024-05-29] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [937296 2024-07-31] (McAfee, LLC -> McAfee, LLC)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_22_2\McApExe.exe [812536 2022-06-08] (McAfee, LLC -> McAfee, LLC)
R3 McAWFwk; C:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [619856 2022-02-16] (McAfee, LLC -> McAfee, LLC)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\5.1.104.0\McCSPServiceHost.exe [3378048 2022-02-17] (McAfee, LLC -> McAfee, LLC)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpDefenderCoreService.exe [1427024 2024-08-08] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [1221456 2022-05-13] (Musarubra US LLC -> McAfee, LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [1221456 2022-05-13] (Musarubra US LLC -> McAfee, LLC)
R3 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [1221456 2022-05-13] (Musarubra US LLC -> McAfee, LLC)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1546144 2022-02-18] (McAfee, LLC -> McAfee, LLC)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_228c2297d67d3a38\Display.NvContainer\NVDisplay.Container.exe [1275424 2024-07-11] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\24.141.0714.0003\OneDriveUpdaterService.exe [3863568 2024-08-05] (Microsoft Corporation -> Microsoft Corporation)
R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [4235968 2022-02-19] (McAfee, LLC -> McAfee, LLC)
S2 RefreshRateService; C:\Program Files (x86)\ASUSTeK COMPUTER INC\RefreshRateService\RefreshRateService.exe [40672 2021-09-10] (ASUSTEK COMPUTER INCORPORATION -> ASUSTek Computer Inc.)
R2 ROG Live Service; C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe [1665648 2023-07-25] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [9730864 2024-07-09] (Riot Games, Inc. -> Riot Games, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\NisSrv.exe [3199648 2024-08-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MsMpEng.exe [133704 2024-08-08] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [35360 2022-06-01] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 amdpmf; C:\WINDOWS\System32\drivers\amdpmf.sys [144320 2022-07-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0382030.inf_amd64_c27c1f19988d7c7e\B381533\amdkmdag.sys [94371744 2022-08-04] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [39272 2023-06-27] (Apple Inc. -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [55608 2023-06-27] (Apple Inc. -> Apple Inc.)
R3 AsusPTPDrv; C:\WINDOWS\System32\DriverStore\FileRepository\asusptpfilter.inf_amd64_2be525c42dff92ab\AsusPTPFilter.sys [123456 2022-06-06] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
R3 AsusSAIO; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSSystemAnalysis\AsusSAIO.sys [49208 2024-06-20] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R1 ATKWMIACPIIO; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_9b2f1b4e956514ee\ASUSOptimization\AsusWmiAcpi.sys [49064 2024-06-20] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [75904 2022-06-07] (Musarubra US LLC -> McAfee, LLC)
S3 dg_ssudbus; C:\WINDOWS\System32\drivers\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [34488 2022-08-08] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R3 IGO_VSD; C:\WINDOWS\system32\drivers\igovsd.sys [42344 2021-07-05] (British Cayman Islands Intelligo Technology Inc. Taiwan Branch -> Intelligo Technology Inc.)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [473720 2022-06-07] (Musarubra US LLC -> McAfee, LLC)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [347768 2022-06-07] (Musarubra US LLC -> McAfee, LLC)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [83400 2022-06-07] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [443000 2022-06-07] (Musarubra US LLC -> McAfee, LLC)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [915568 2022-06-07] (Musarubra US LLC -> McAfee, LLC)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [645680 2022-06-01] (McAfee, Inc. -> McAfee LLC.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [111152 2022-06-01] (McAfee, Inc. -> McAfee LLC.)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [110712 2022-06-07] (Musarubra US LLC -> McAfee, LLC)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [232568 2022-06-07] (Musarubra US LLC -> McAfee, LLC)
R3 MTKBTFilterX64; C:\WINDOWS\system32\DRIVERS\mtkbtfilterx.sys [321064 2023-04-13] (Microsoft Windows Hardware Compatibility Publisher -> MediaTek Inc.)
R3 mtkwlex; C:\WINDOWS\System32\drivers\mtkwl6ex.sys [1419768 2023-04-10] (Microsoft Windows Hardware Compatibility Publisher -> MediaTek Inc.)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_ea6cec41fc5b2a8b\NvModuleTracker.sys [47240 2024-04-03] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvpcf; C:\WINDOWS\System32\drivers\nvpcf.sys [236696 2024-07-10] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt68cx21; C:\WINDOWS\System32\DriverStore\FileRepository\rt68cx21x64.inf_amd64_72550ea126b8df03\rt68cx21x64.sys [510344 2021-09-13] (Realtek Semiconductor Corp. -> Realtek)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [76832 2022-09-30] (Samsung Electronics CO., LTD. -> QUALCOMM Incorporated)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [39676808 2024-07-09] (Riot Games, Inc. -> Riot Games, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [22080 2024-08-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [602504 2024-08-08] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105864 2024-08-08] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-08-09 13:50 - 2024-08-09 13:50 - 000034749 _ C:\Users\madma\OneDrive\Desktop\FRST.txt
2024-08-09 13:50 - 2024-08-09 13:50 - 000000000 ____D C:\FRST
2024-08-09 13:48 - 2024-08-09 13:48 - 002397184 _ (Farbar) C:\Users\madma\OneDrive\Desktop\FRST64.exe
2024-08-09 13:46 - 2024-08-09 13:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2024-08-08 20:55 - 2024-08-08 20:55 - 002270936 _ (Cermak Technologies, Inc.) C:\Users\madma\Downloads\tsginfo.exe
2024-08-08 16:51 - 2024-08-08 16:51 - 004138648 _ (ASUSTeK COMPUTER INC.) C:\Users\madma\Downloads\LAN_ROG_Realtek_B_V1168.002.0909.2021_24578_1.exe
2024-08-08 16:50 - 2024-08-08 16:50 - 004919952 _ (ASUSTeK COMPUTER INC.) C:\Users\madma\Downloads\WirelessLan_ROG_MediaTek_B_V3.00.01.1294Sub1_34030.exe
2024-08-08 16:50 - 2024-08-08 16:50 - 004919952 _ (ASUSTeK COMPUTER INC.) C:\Users\madma\Downloads\Bluetooth_ROG_MediaTek_B_V1.3.17.155Sub1_34029.exe
2024-08-07 20:48 - 2024-08-07 20:48 - 011278317 _ C:\Users\madma\Downloads\404422a8-6493-4d57-8225-5699f3b442e8.mp4
2024-08-07 13:48 - 2024-08-07 13:48 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-08-07 13:47 - 2024-08-08 17:16 - 000002451 _ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sticky Notes (Preview).lnk
2024-08-05 11:41 - 2024-08-05 11:42 - 000002696 _ C:\WINDOWS\system32\Drivers\etc\hosts.rollback
2024-08-05 11:41 - 2022-05-07 06:22 - 000000824 _ C:\WINDOWS\system32\Drivers\etc\hosts.backup
2024-08-05 10:08 - 2024-08-05 10:08 - 000000204 _ C:\Users\madma\Downloads\@ECHO OFF.bat
2024-08-05 10:06 - 2024-08-05 10:06 - 000000288 _ C:\Users\madma\Downloads\MyPowerShellScript.ps1
2024-08-05 08:56 - 2024-08-05 08:56 - 000000000 ____D C:\WINDOWS\system32\%userprofile%
2024-07-29 19:24 - 2024-07-29 20:43 - 000000000 ____D C:\Users\madma\AppData\Roaming\Microsoft\MMC
2024-07-29 19:13 - 2024-07-29 19:13 - 000000000 ____D C:\Users\madma\AppData\Roaming\McAfee
2024-07-29 18:27 - 2024-08-09 11:03 - 000000001 _ C:\WINDOWS\vgkbootstatus.dat
2024-07-29 17:31 - 2024-08-09 11:44 - 000000000 ____D C:\Users\madma\AppData\Roaming\spicetify
2024-07-29 17:31 - 2024-08-09 11:44 - 000000000 ____D C:\Users\madma\AppData\Local\spicetify
2024-07-29 17:28 - 2024-08-09 11:46 - 000000000 ____D C:\Users\madma\AppData\Local\Spotify
2024-07-29 17:28 - 2024-07-29 17:28 - 000001858 _ C:\Users\madma\OneDrive\Desktop\Spotify.lnk
2024-07-29 17:28 - 2024-07-29 17:28 - 000001838 _ C:\Users\madma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2024-07-29 17:27 - 2024-08-09 11:45 - 000000000 ____D C:\Users\madma\AppData\Roaming\Spotify
2024-07-29 17:27 - 2024-07-29 17:27 - 001020336 _ (Spotify Ltd) C:\Users\madma\Downloads\SpotifySetup.exe
2024-07-29 17:18 - 2024-07-29 17:18 - 000000000 ____D C:\Program Files\Riot Vanguard
2024-07-29 17:12 - 2024-08-09 10:54 - 000000000 ____D C:\Users\madma\AppData\Roaming\riot-client-ux
2024-07-29 17:09 - 2024-07-29 17:12 - 000000000 ____D C:\Riot Games
2024-07-29 17:09 - 2024-07-29 17:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
2024-07-29 17:09 - 2024-07-29 17:09 - 000000000 ____D C:\Users\madma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Riot Games
2024-07-29 17:08 - 2024-08-09 10:55 - 000000000 ____D C:\ProgramData\Riot Games
2024-07-29 17:08 - 2024-07-29 18:41 - 000000000 ____D C:\Users\madma\AppData\Local\Riot Games
2024-07-29 17:08 - 2024-07-29 17:08 - 072327424 _ (Riot Games, Inc.) C:\Users\madma\Downloads\Install League of Legends euw.exe
2024-07-28 21:35 - 2024-07-28 21:36 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-07-28 17:47 - 2024-07-28 17:47 - 000000000 ____D C:\ProgramData\Propagation
2024-07-28 17:47 - 2024-07-28 17:47 - 000000000 ____D C:\ProgramData\AMD
2024-07-28 17:13 - 2024-07-28 17:13 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2024-07-28 12:16 - 2024-07-28 12:16 - 000000000 ____D C:\Users\madma\AppData\Local\Backup
2024-07-28 03:17 - 2024-08-09 11:05 - 000850316 _ C:\WINDOWS\system32\PerfStringBackup.INI
2024-07-28 03:15 - 2024-08-09 13:51 - 000003752 _ C:\WINDOWS\system32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474
2024-07-28 03:14 - 2024-08-09 11:01 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-07-28 03:14 - 2024-07-29 18:30 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfee
2024-07-28 03:14 - 2024-07-28 20:31 - 000003536 _ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-07-28 03:14 - 2024-07-28 20:31 - 000003412 _ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-07-28 03:14 - 2024-07-28 03:14 - 000003958 ____H C:\GetDeviceStatus.xml
2024-07-28 03:14 - 2024-07-28 03:14 - 000003398 _ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-07-28 03:14 - 2024-07-28 03:14 - 000003152 _ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-07-28 03:14 - 2024-07-28 03:14 - 000002948 _ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-07-28 03:14 - 2024-07-28 03:14 - 000002948 _ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-07-28 03:14 - 2024-07-28 03:14 - 000002948 _ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-07-28 03:14 - 2024-07-28 03:14 - 000002948 _ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-07-28 03:14 - 2024-07-28 03:14 - 000002914 _ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-07-28 03:14 - 2024-07-28 03:14 - 000002676 _ C:\WINDOWS\system32\Tasks\McAfeeLogon
2024-07-28 03:14 - 2024-07-28 03:14 - 000002552 _ C:\WINDOWS\system32\Tasks\ASUSSmartDisplayControl
2024-07-28 03:14 - 2024-07-28 03:14 - 000002490 _ C:\WINDOWS\system32\Tasks\ASUS Hotplug Controller
2024-07-28 03:14 - 2024-07-28 03:14 - 000000200 ____H C:\QueryAllDevice.xml
2024-07-28 03:14 - 2024-07-28 03:14 - 000000066 ____H C:\GetDeviceCap.xml
2024-07-28 03:14 - 2024-07-28 03:14 - 000000000 _SHDL C:\Documents and Settings
2024-07-28 03:14 - 2024-07-28 03:14 - 000000000 ____D C:\WINDOWS\system32\Tasks\ASUS
2024-07-28 03:14 - 2024-07-28 03:14 - 000000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Network
2024-07-28 03:14 - 2024-07-27 23:32 - 000003706 _ C:\WINDOWS\system32\Tasks\McAfee Remediation (Prepare)
2024-07-28 03:14 - 2024-07-27 21:53 - 000004122 _ C:\WINDOWS\system32\Tasks\ASUS Update Checker 2.0
2024-07-28 03:14 - 2024-07-27 21:53 - 000003756 _ C:\WINDOWS\system32\Tasks\ASUS Optimization 36D18D69AFC3
2024-07-28 03:14 - 2024-07-27 19:20 - 000003366 _ C:\WINDOWS\system32\Tasks\RtkAudUService64_BG
2024-07-28 03:13 - 2024-08-08 17:14 - 000001607 _ C:\WINDOWS\system32\config\VSMIDK
2024-07-28 03:11 - 2024-07-28 03:12 - 000000000 ____D C:\WINDOWS\ASUS
2024-07-28 03:11 - 2024-07-28 03:11 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2024-07-28 03:10 - 2024-07-28 03:14 - 000000000 ____D C:\WINDOWS\Panther
2024-07-28 03:10 - 2024-07-28 03:10 - 000000000 ____D C:\eSupport
2024-07-28 03:09 - 2024-07-28 03:09 - 000000000 ____D C:\WINDOWS\SysWOW64\DDFs
2024-07-28 03:09 - 2024-07-28 03:09 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2024-07-28 03:09 - 2024-07-28 03:09 - 000000000 ____D C:\WINDOWS\InboxApps
2024-07-28 03:07 - 2024-08-09 13:50 - 000000000 ____D C:\ProgramData\NVIDIA
2024-07-28 03:07 - 2024-08-09 11:01 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-07-28 03:07 - 2024-08-09 11:00 - 000012288 ___SH C:\DumpStack.log.tmp
2024-07-28 03:07 - 2024-08-08 17:02 - 000002440 _ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-07-28 03:07 - 2024-07-28 03:12 - 000000000 ____D C:\WINDOWS\system32\AMD
2024-07-28 03:07 - 2024-07-28 03:07 - 000000000 ____D C:\WINDOWS\system32\DTS
2024-07-28 03:07 - 2024-07-28 03:07 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2024-07-28 03:07 - 2024-07-28 03:07 - 000000000 ____D C:\WINDOWS\system32\config\BFS
2024-07-28 03:07 - 2024-07-28 03:07 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2024-07-28 03:07 - 2024-07-28 03:07 - 000000000 ____D C:\Program Files\AMD
2024-07-28 03:07 - 2024-07-27 23:39 - 000000000 ____D C:\ProgramData\ASUS
2024-07-28 03:07 - 2024-07-27 21:44 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2024-07-28 03:07 - 2024-07-27 19:19 - 000515048 _ C:\WINDOWS\system32\FNTCACHE.DAT
2024-07-28 03:06 - 2024-07-28 03:06 - 000060462 _ C:\WINDOWS\SysWOW64\ctac.json
2024-07-28 03:06 - 2024-07-28 03:06 - 000025684 _ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-07-28 03:05 - 2024-07-28 03:05 - 000060462 _ C:\WINDOWS\system32\ctac.json
2024-07-28 03:05 - 2024-07-28 03:05 - 000025684 _ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2024-07-28 03:03 - 2024-08-09 13:44 - 000000000 ____D C:\WINDOWS\system32\ASUSACCI
2024-07-28 03:03 - 2024-07-28 03:03 - 000000000 ____D C:\Program Files\Reference Assemblies
2024-07-28 03:03 - 2024-07-28 03:03 - 000000000 ____D C:\Program Files\MSBuild
2024-07-28 03:03 - 2024-07-28 03:03 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2024-07-28 03:03 - 2024-07-28 03:03 - 000000000 ____D C:\Program Files (x86)\MSBuild
2024-07-28 03:02 - 2024-07-28 03:02 - 000000000 ____D C:\WINDOWS\Firmware
2024-07-28 03:01 - 2024-07-28 03:01 - 000008192 _ C:\WINDOWS\system32\config\userdiff
2024-07-28 02:11 - 2024-07-28 04:06 - 000000000 ___HD C:\$SysReset
2024-07-28 00:24 - 2024-07-28 00:24 - 000000000 ____D C:\Users\madma\AppData\Local\UnrealEngine
2024-07-28 00:24 - 2024-07-28 00:24 - 000000000 ____D C:\Users\madma\AppData\Local\Helios
2024-07-28 00:22 - 2024-07-28 00:24 - 000000000 ___HD C:\WINDOWS\msdownld.tmp
2024-07-28 00:22 - 2024-07-28 00:24 - 000000000 ____D C:\WINDOWS\SysWOW64\directx
2024-07-27 23:58 - 2024-07-27 23:58 - 000000000 ____D C:\WINDOWS\%LOCALAPPDATA%
2024-07-27 23:50 - 2024-07-27 23:50 - 000000000 ____D C:\Users\madma\AppData\Local\AcSdkInsLog
2024-07-27 23:46 - 2024-08-09 10:55 - 000002134 _ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-07-27 23:46 - 2024-08-05 12:25 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2024-07-27 23:46 - 2024-08-05 08:56 - 000003194 _ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2024-07-27 23:46 - 2024-08-05 08:56 - 000000000 ___RD C:\Users\Default\OneDrive
2024-07-27 23:31 - 2024-07-27 23:31 - 000000000 ____D C:\Users\madma\AppData\Local\CEF
2024-07-27 23:29 - 2024-08-05 11:19 - 000000000 ____D C:\Games
2024-07-27 23:29 - 2024-07-27 23:29 - 003948120 _ (Alexander Roshal) C:\Users\madma\Downloads\winrar-x64-701.exe
2024-07-27 23:29 - 2024-07-27 23:29 - 000000000 ____D C:\Users\madma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2024-07-27 23:29 - 2024-07-27 23:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2024-07-27 23:29 - 2024-07-27 23:29 - 000000000 ____D C:\Program Files\WinRAR
2024-07-27 23:28 - 2024-07-27 23:28 - 011697825 _ C:\Users\madma\Downloads\Little.Nightmares.II.Enhanced.Edition.Incl.ALL.DLCs.zip.opdownload
2024-07-27 23:17 - 2024-07-27 23:17 - 000000000 ____D C:\Users\madma\AppData\Roaming\NVIDIA
2024-07-27 23:16 - 2024-08-09 11:00 - 000000000 ____D C:\Users\madma\AppData\Roaming\discord
2024-07-27 23:16 - 2024-08-09 10:53 - 000000000 ____D C:\Users\madma\AppData\Local\Discord
2024-07-27 23:16 - 2024-08-07 13:35 - 000002255 _ C:\Users\madma\OneDrive\Desktop\Discord.lnk
2024-07-27 23:16 - 2024-07-27 23:16 - 000000000 ____D C:\Users\madma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2024-07-27 23:16 - 2024-07-27 23:16 - 000000000 ____D C:\Users\madma\AppData\Local\SquirrelTemp
2024-07-27 23:16 - 2024-07-27 23:16 - 000000000 ____D C:\Users\madma\AppData\Local\NVIDIA
2024-07-27 23:13 - 2024-07-27 23:14 - 114439960 _ (Discord Inc.) C:\Users\madma\Downloads\DiscordSetup.exe
2024-07-27 23:08 - 2024-07-27 23:08 - 000004254 _ C:\WINDOWS\system32\Tasks\Opera GX scheduled Autoupdate 1722118114
2024-07-27 23:08 - 2024-07-27 23:08 - 000001415 _ C:\Users\madma\OneDrive\Desktop\Opera GX Browser.lnk
2024-07-27 23:08 - 2024-07-27 23:08 - 000001415 _ C:\Users\madma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera GX Browser.lnk
2024-07-27 23:08 - 2024-07-27 23:08 - 000000000 ____D C:\Users\madma\AppData\Local\Opera Software
2024-07-27 23:06 - 2024-07-27 23:06 - 003266792 _ () C:\Users\madma\Downloads\OperaGXSetup.exe
2024-07-27 23:06 - 2024-07-27 23:06 - 000000000 ____D C:\Users\madma\AppData\Roaming\Opera Software
2024-07-27 23:05 - 2024-08-09 10:54 - 000000000 ____D C:\Users\madma\AppData\Local\CrashDumps
2024-07-27 23:04 - 2024-07-27 23:04 - 000000000 ____D C:\Users\madma\AppData\Local\Comms
2024-07-27 21:37 - 2024-07-27 21:37 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2024-07-27 20:03 - 2024-07-27 20:03 - 000002862 _ C:\WINDOWS\system32\Tasks\FreeDownloadManagerHelperService
2024-07-27 20:03 - 2024-07-27 20:03 - 000000000 ____D C:\Users\madma\AppData\Local\Softdeluxe
2024-07-27 20:03 - 2024-07-27 20:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Download Manager
2024-07-27 20:03 - 2024-07-27 20:03 - 000000000 ____D C:\Program Files\Softdeluxe
2024-07-27 20:01 - 2024-07-27 20:01 - 040383384 _ (Softdeluxe ) C:\Users\madma\Downloads\fdm_x64_setup.exe
2024-07-27 19:34 - 2024-07-27 19:34 - 000000000 ____D C:\Users\madma\AppData\Local\OneDrive
2024-07-27 19:32 - 2024-07-27 19:32 - 000000000 ____D C:\Users\madma\OneDrive\Documents\WB Games
2024-07-27 19:32 - 2024-07-27 19:32 - 000000000 ____D C:\Users\madma\OneDrive\Documents\M711 Gaming Mouse
2024-07-27 19:32 - 2024-07-27 19:32 - 000000000 ____D C:\Users\madma\OneDrive\Documents\League of Legends
2024-07-27 19:32 - 2024-07-27 19:32 - 000000000 ____D C:\Users\madma\OneDrive\Documents\CPY_SAVES
2024-07-27 19:31 - 2024-08-05 08:56 - 000003596 _ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2205670443-1818561223-1713022560-1001
2024-07-27 19:31 - 2024-07-27 23:46 - 000000000 ___RD C:\Users\madma\OneDrive
2024-07-27 19:31 - 2024-07-27 19:31 - 000000000 ___HD C:\OneDriveTemp
2024-07-27 19:31 - 2024-07-27 19:31 - 000000000 ____D C:\Users\madma\AppData\LocalLow\NVIDIA
2024-07-27 19:30 - 2024-08-07 17:33 - 000000000 ____D C:\Users\madma\AppData\Local\NVIDIA Corporation
2024-07-27 19:30 - 2024-07-27 19:30 - 000000000 ____D C:\Users\madma\AppData\LocalLow\AMD
2024-07-27 19:30 - 2024-07-27 19:30 - 000000000 ____D C:\Users\madma\AppData\Local\VirtualStore
2024-07-27 19:30 - 2024-07-27 19:30 - 000000000 ____D C:\Users\madma\AppData\Local\PlaceholderTileLogoFolder
2024-07-27 19:30 - 2024-07-27 19:30 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2024-07-27 19:29 - 2024-08-08 16:51 - 000000000 ____D C:\Users\madma\AppData\Local\D3DSCache
2024-07-27 19:29 - 2024-08-01 18:29 - 000000000 ____D C:\Users\madma\AppData\Local\Packages
2024-07-27 19:29 - 2024-07-28 17:52 - 000000000 ____D C:\Users\madma\AppData\Local\AMD
2024-07-27 19:29 - 2024-07-27 23:39 - 000000000 ____D C:\Users\madma\AppData\Local\ASUS
2024-07-27 19:29 - 2024-07-27 19:59 - 000000000 ____D C:\Users\madma\AppData\Local\ConnectedDevicesPlatform
2024-07-27 19:29 - 2024-07-27 19:29 - 000000000 ___SD C:\Users\madma\AppData\Roaming\Microsoft\Crypto
2024-07-27 19:29 - 2024-07-27 19:29 - 000000000 ____D C:\Users\madma\AppData\Roaming\Microsoft\Vault
2024-07-27 19:29 - 2024-07-27 19:29 - 000000000 ____D C:\Users\madma\AppData\Roaming\Adobe
2024-07-27 19:29 - 2024-07-27 19:29 - 000000000 ____D C:\Users\madma\AppData\Local\Publishers
2024-07-27 19:24 - 2024-07-27 19:24 - 000000000 ___SD C:\Users\madma\AppData\Roaming\Microsoft\SystemCertificates
2024-07-27 19:23 - 2024-08-09 11:00 - 000000000 ____D C:\Users\madma
2024-07-27 19:23 - 2024-07-29 17:29 - 000000000 ____D C:\Users\madma\AppData\Roaming\Microsoft\Windows
2024-07-27 19:23 - 2024-07-28 03:14 - 000000000 ____D C:\Users\madma\AppData\Roaming\Microsoft\Network
2024-07-27 19:23 - 2024-07-27 23:59 - 000000000 ____D C:\Users\madma\AppData\Roaming\Microsoft\Spelling
2024-07-27 19:23 - 2024-07-27 19:23 - 000000020 ___SH C:\Users\madma\ntuser.ini
2024-07-27 19:23 - 2024-07-27 19:23 - 000000000 ___SD C:\Users\madma\AppData\Roaming\Microsoft\Protect
2024-07-27 19:23 - 2024-07-27 19:23 - 000000000 ___SD C:\Users\madma\AppData\Roaming\Microsoft\Credentials
2024-07-18 20:08 - 2024-07-10 23:29 - 000236696 _ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpcf.sys
2024-07-18 20:08 - 2024-07-10 23:29 - 000121872 _ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2024-07-18 19:47 - 2024-07-11 20:32 - 002040576 _ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2024-07-18 19:47 - 2024-07-11 20:32 - 002040576 _ C:\WINDOWS\system32\vulkaninfo.exe
2024-07-18 19:47 - 2024-07-11 20:32 - 001583872 _ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2024-07-18 19:47 - 2024-07-11 20:32 - 001583872 _ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2024-07-18 19:47 - 2024-07-11 20:32 - 001446656 _ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2024-07-18 19:47 - 2024-07-11 20:32 - 001446656 _ C:\WINDOWS\system32\vulkan-1.dll
2024-07-18 19:47 - 2024-07-11 20:32 - 001296640 _ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2024-07-18 19:47 - 2024-07-11 20:32 - 001296640 _ C:\WINDOWS\SysWOW64\vulkan-1.dll
2024-07-18 19:47 - 2024-07-11 20:32 - 000477704 _ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2024-07-18 19:47 - 2024-07-11 20:32 - 000374288 _ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2024-07-18 19:47 - 2024-07-11 20:29 - 000669816 _ (NVIDIA Corporation) C:\WINDOWS\system32\nvofapi64.dll
2024-07-18 19:47 - 2024-07-11 20:29 - 000505992 _ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvofapi.dll
2024-07-18 19:47 - 2024-07-11 20:28 - 002178160 _ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2024-07-18 19:47 - 2024-07-11 20:28 - 001629832 _ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2024-07-18 19:47 - 2024-07-11 20:28 - 001546760 _ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2024-07-18 19:47 - 2024-07-11 20:28 - 001202704 _ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2024-07-18 19:47 - 2024-07-11 20:28 - 001079432 _ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2024-07-18 19:47 - 2024-07-11 20:28 - 001034360 _ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2024-07-18 19:47 - 2024-07-11 20:28 - 000856584 _ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2024-07-18 19:47 - 2024-07-11 20:28 - 000797320 _ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2024-07-18 19:47 - 2024-07-11 20:27 - 016199688 _ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2024-07-18 19:47 - 2024-07-11 20:27 - 014270072 _ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2024-07-18 19:47 - 2024-07-11 20:27 - 006914056 _ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2024-07-18 19:47 - 2024-07-11 20:27 - 005910664 _ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2024-07-18 19:47 - 2024-07-11 20:27 - 005349408 _ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll
2024-07-18 19:47 - 2024-07-11 20:27 - 003788400 _ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2024-07-18 19:47 - 2024-07-11 20:27 - 000461432 _ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2024-07-18 19:47 - 2024-07-11 20:26 - 007133048 _ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2024-07-18 19:47 - 2024-07-11 20:26 - 000853112 _ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2024-07-18 19:47 - 2024-07-11 20:25 - 006211816 _ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2024-07-18 19:47 - 2024-07-10 23:29 - 000128301 _ C:\WINDOWS\system32\nvinfo.pb

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-08-09 13:45 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-08-09 11:11 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-08-09 11:05 - 2022-05-07 06:22 - 000000000 ____D C:\WINDOWS\INF
2024-08-09 11:00 - 2022-05-07 06:17 - 000786432 _ C:\WINDOWS\system32\config\BBI
2024-08-09 10:55 - 2022-06-03 14:02 - 000002452 _ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2024-08-09 10:55 - 2022-06-03 14:02 - 000002409 _ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook (classic).lnk
2024-08-09 10:55 - 2022-06-03 14:02 - 000002403 _ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2024-08-09 10:55 - 2022-06-03 14:02 - 000002395 _ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
2024-08-08 17:17 - 2023-03-24 04:11 - 000000000 ____D C:\Program Files\ASUS
2024-08-08 17:16 - 2022-06-03 14:02 - 000002453 _ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2024-08-08 17:06 - 2022-06-03 13:57 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2024-08-08 16:46 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-08-07 22:45 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-08-07 13:49 - 2022-06-03 14:01 - 000000000 ____D C:\Program Files\Microsoft Office
2024-08-07 13:49 - 2022-05-07 06:24 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2024-08-05 12:25 - 2022-05-07 06:17 - 000032768 _ C:\WINDOWS\system32\config\ELAM
2024-08-05 12:23 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2024-08-05 09:04 - 2022-06-03 14:02 - 000002416 _ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2024-08-05 09:04 - 2022-06-03 14:02 - 000002415 _ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2024-07-28 20:07 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-07-28 12:08 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\appcompat
2024-07-28 03:15 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\AppLocker
2024-07-28 03:14 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2024-07-28 03:14 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2024-07-28 03:14 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ServiceState
2024-07-28 03:12 - 2023-03-24 04:33 - 000000000 ____D C:\WINDOWS\OEM
2024-07-28 03:12 - 2023-03-24 04:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2024-07-28 03:12 - 2023-03-24 04:09 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2024-07-28 03:12 - 2022-06-03 14:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2024-07-28 03:12 - 2022-05-07 07:10 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2024-07-28 03:12 - 2022-05-07 07:01 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2024-07-28 03:12 - 2022-05-07 07:01 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2024-07-28 03:12 - 2022-05-07 07:01 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2024-07-28 03:12 - 2022-05-07 07:01 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2024-07-28 03:12 - 2022-05-07 07:01 - 000000000 ____D C:\WINDOWS\system32\winrm
2024-07-28 03:12 - 2022-05-07 07:01 - 000000000 ____D C:\WINDOWS\system32\WCN
2024-07-28 03:12 - 2022-05-07 07:01 - 000000000 ____D C:\WINDOWS\system32\slmgr
2024-07-28 03:12 - 2022-05-07 07:01 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2024-07-28 03:12 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2024-07-28 03:12 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2024-07-28 03:12 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\system32\F12
2024-07-28 03:12 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\system32\dsc
2024-07-28 03:12 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2024-07-28 03:12 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2024-07-28 03:12 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-07-28 03:12 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2024-07-28 03:12 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2024-07-28 03:12 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\spool
2024-07-28 03:12 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2024-07-28 03:12 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2024-07-28 03:12 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-07-28 03:12 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2024-07-28 03:12 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\IME
2024-07-28 03:11 - 2023-03-24 04:19 - 000000000 ____D C:\Program Files\McAfee.com
2024-07-28 03:11 - 2023-03-24 04:19 - 000000000 ____D C:\Program Files\Common Files\McAfee
2024-07-28 03:11 - 2023-03-24 04:19 - 000000000 ____D C:\Program Files\Common Files\AV
2024-07-28 03:11 - 2023-03-24 04:11 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2024-07-28 03:11 - 2023-03-24 04:11 - 000000000 ____D C:\Program Files (x86)\ASUSTeK COMPUTER INC
2024-07-28 03:11 - 2023-03-24 04:08 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2024-07-28 03:11 - 2022-06-03 14:01 - 000000000 ____D C:\Program Files\Microsoft Office 15
2024-07-28 03:11 - 2022-05-07 07:10 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2024-07-28 03:11 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2024-07-28 03:11 - 2022-05-07 06:24 - 000000000 ____D C:\Program Files\Common Files\System
2024-07-28 03:10 - 2022-05-07 06:24 - 000028672 _ C:\WINDOWS\system32\config\BCD-Template
2024-07-28 03:09 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\system32\UNP
2024-07-28 03:09 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\WUModels
2024-07-28 03:09 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\UUS
2024-07-28 03:09 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2024-07-28 03:09 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2024-07-28 03:09 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-07-28 03:09 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2024-07-28 03:09 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2024-07-28 03:09 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2024-07-28 03:09 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2024-07-28 03:09 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\gl-ES
2024-07-28 03:09 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES
2024-07-28 03:09 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2024-07-28 03:09 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2024-07-28 03:09 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES
2024-07-28 03:09 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemResources
2024-07-28 03:09 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemApps
2024-07-28 03:09 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2024-07-28 03:09 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2024-07-28 03:09 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2024-07-28 03:09 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\setup
2024-07-28 03:09 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2024-07-28 03:09 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\migwiz
2024-07-28 03:09 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2024-07-28 03:09 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2024-07-28 03:09 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\id-ID
2024-07-28 03:09 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2024-07-28 03:09 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\gl-ES
2024-07-28 03:09 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\eu-ES
2024-07-28 03:09 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\et-EE
2024-07-28 03:09 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\es-MX
2024-07-28 03:09 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\DDFs
2024-07-28 03:09 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\ca-ES
2024-07-28 03:09 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-07-28 03:09 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-07-28 03:09 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ShellComponents
2024-07-28 03:09 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\Provisioning
2024-07-28 03:09 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\Globalization
2024-07-28 03:09 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\DiagTrack
2024-07-28 03:09 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\BrowserCore
2024-07-28 03:09 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-07-28 03:08 - 2022-05-07 07:10 - 000036864 _ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2024-07-28 03:08 - 2022-05-07 07:10 - 000024383 _ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2024-07-28 03:08 - 2022-05-07 06:25 - 000209920 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2024-07-28 03:08 - 2022-05-07 06:24 - 000249856 _ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2024-07-28 00:14 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\servicing
2024-07-28 00:11 - 2022-05-07 06:24 - 000000000 ____D C:\Program Files\Windows Defender
2024-07-27 23:58 - 2023-03-24 04:19 - 000000000 ____D C:\Program Files (x86)\McAfee
2024-07-27 23:46 - 2022-06-03 14:00 - 000000000 ____D C:\ProgramData\Packages
2024-07-27 23:39 - 2023-03-24 04:12 - 000000000 ____D C:\Program Files (x86)\LightingService
2024-07-27 23:39 - 2023-03-24 04:11 - 000000000 ____D C:\Program Files (x86)\ASUS
2024-07-27 23:39 - 2023-03-24 04:10 - 000000000 ____D C:\ProgramData\Package Cache
2024-07-27 23:37 - 2023-03-24 04:19 - 000000000 ____D C:\ProgramData\McAfee
2024-07-27 23:37 - 2023-03-24 04:19 - 000000000 ____D C:\Program Files\McAfee
2024-07-27 21:53 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2024-07-27 20:21 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\OCR
2024-07-27 20:00 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-07-27 19:59 - 2022-05-07 06:24 - 000000000 ___RD C:\WINDOWS\PrintDialog
2024-07-27 19:30 - 2023-03-24 04:05 - 000000000 __RHD C:\Users\Public\AccountPictures
2024-07-27 19:29 - 2022-06-03 14:26 - 000000000 ____D C:\WINDOWS\Log
2024-07-27 19:29 - 2022-05-07 06:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-07-27 19:19 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\oobe
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================

DR M · Aug 9, 2024

Hi. The tool created 2 logs. FRST.txt which you posted above, and Addition.txt which is on your Desktop. Please, post that as well, so I can check both.

madmaxed45 · Aug 9, 2024

for some reason whenever i paste the content it wont post

DR M · Aug 9, 2024

That's why I asked to attach the logs.

To attach it, click on the clip icon below the reply area, choose the Addition.txt and Open.

madmaxed45 · Aug 9, 2024

oh okay here :

madmaxed45 · Aug 10, 2024

will installing windows 10 and formatting the disk help? ive had many problems with windows 11 besides this

DR M · Aug 10, 2024

Hi, madmaxed45.

I apologize for the late response. I didn't forget you. I was extremely busy until now. I'll take a look into your logs within the day. Have in mind that my time zone is UTC +2.

madmaxed45 · Aug 10, 2024

no problem mate take your time

DR M · Aug 10, 2024

The computer is infected.

Please, adhere to the guidelines below, and wait for my instructions.

1. Always ask before acting. Do not continue if you are not sure, or if something unexpected happens!

2. Do not run any tools unless instructed to do so. Also, do not uninstall or install any software during the procedure, unless I ask you to do so.

3. Cracked or pirated programs are not only illegal, but also can make your computer a malware target. Having such programs installed, is the easiest way to get infected. Thus, no need to clean the computer, since, soon or later, it will get infected again. If you have such programs, please uninstall them now, before we start the cleaning procedure.

4. If your computer seems to start working normally, don't abandon the topic. Even if your system is behaving normally, there may still be some malware remnants left over. Additionally, malware can re-infect the computer if some remnants are left. Therefore, please complete all requested steps to make sure any malware is successfully eradicated from your PC.

5. You have to reply to my posts within 3 days. If you need some additional time, just let me know. Otherwise, I will leave the topic due to lack of feedback. If you are able, I would request you to check this thread at least once per day so that we can resolve your issues effectively and efficiently.

6. Logs from malware diagnostic or removal programs can take some time to get analyzed. Also, have in mind that all the experts here are volunteers and may not be available to assist when you post. Please, be patient, while I analyze your logs.

madmaxed45 · Aug 10, 2024

i read you clearly.
now what exactly do i do.

DR M · Aug 10, 2024

You said above that you are using the Microsoft Defender as your antivirus, but you have also installed:

McAfee LiveSafe
WebAdvisor by McAfee

I recommend you to uninstall both.

After that:

ESET Online Scan

Download ESET Online Scanner and save it to your desktop.

Right-click on esetonlinescanner_enu.exe and select Run as Administrator.
When the tool opens, click Get Started.
Read and accept the license agreement.
At the Welcome to ESET Online Scanner window, click Get Started.
Select whether you would like to send anonymous data to ESET.
Note: if you see the "Welcome Back to ESET Online Scanner" screen, click Computer Scan > Full Scan.
Click on the Full Scan option.
Select Enable ESET to detect and remove potentially unwanted applications, then click Start scan.
ESET will now begin scanning your computer. This may take some time.
When the scan is finished and if threats have been detected, select Save scan log. Save it to your desktop as eset.txt. Click on Continue.
ESET Online Scanner may ask if you'd like to turn on the Periodic Scan feature. Click on Continue.
On the next screen, you can leave feedback about the program if you wish. Check the box for Delete application data on closing. If you left feedback, click Submit and continue. If not, Close without feedback.
Open the scan log on your desktop (eset.txt) and copy and paste its contents into your next reply.

madmaxed45 · Aug 10, 2024

madmaxed45 · Aug 10, 2024

this is what happens when i click full scan and when thee update finishes the app closes

DR M · Aug 10, 2024

Can you please try again? I just tried it and it works fine for me.

madmaxed45 · Aug 10, 2024

it's working now the scan is in progress
i'll update you once it is finished

DR M · Aug 10, 2024

Great. Have in mind that it may take a couple of hours.

madmaxed45 · Aug 10, 2024

Here is the result:

8/10/2024 18:55:30 PM
Scanned files: 251727
Detected files: 0
Cleaned files: 0
Total scan time: 00:29:19
Scan status: Finished

Cookiegal · Aug 10, 2024

I've moved this over to the Virus & Other Malware Removal forum since malware cleaning is now in progress.

DR M · Aug 10, 2024

It didn't take long.

Now, please run a new scan with FRST log and attach for me fresh FRST logs, Addition and FRST.

madmaxed45 · Aug 10, 2024

DR M · Aug 10, 2024

You didn't uninstall McAfee WebAdvisor. I'll include it in the fix.

1. FRST fix

Please do the following to run a FRST fix.

NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system

Select the entire contents of the code box below, from the "Start::" line to "End::", including both lines. Right-click and select "Copy ". No need to paste anything to anywhere.

Code:

Start::
CreateRestorePoint:
CloseProcesses:
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} =>  -> No File
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk:A1B76439FE [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini:41964AA945 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk:B96E9B8455 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk:E77773B271 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk:4E42ED6D31 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk:60EC9648C0 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook (classic).lnk:5465085A2F [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook (classic).lnk:BE800952D3 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk:1DC1525F34 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk:104946E0EA [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sticky Notes (Preview).lnk:3DF0A9C0EF [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk:7AD7FA8AB1 [3442]
FirewallRules: [{4CC7F786-C1B6-4A00-A2EB-F2FC4A5CC37A}] => (Allow) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d7f2049d0193da1\ASUSLinkRemote\AsusLinkRemoteAgent.exe => No File
FirewallRules: [{F8C09F8A-4BC2-46BD-AA1B-8B769D8D08F5}] => (Allow) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_9d7f2049d0193da1\ASUSLinkRemote\AsusLinkRemoteAgent.exe => No File
Task: {6CDB5426-D373-41CF-BD19-C5DBDAFC61E1} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe  (No File)
S2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [937296 2024-07-31] (McAfee, LLC -> McAfee, LLC)
2024-07-29 19:13 - 2024-07-29 19:13 - 000000000 ____D C:\Users\madma\AppData\Roaming\McAfee
2024-08-10 17:23 - 2023-03-24 04:19 - 000000000 ____D C:\ProgramData\McAfee
2024-08-10 17:23 - 2023-03-24 04:19 - 000000000 ____D C:\Program Files\McAfee
DeleteKey: HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}
Hosts:
EmptyTemp:
End::

Right-click on FRST64 on your Desktop, to run it as administrator. When the tool opens, click "yes" to the disclaimer.
Press the Fix button once and wait.
FRST will process fixlist.txt
When finished, it will produce a log fixlog.txt on your Desktop.
Post the log in your next reply.

2. Run Malwarebytes (scan only)

Download Malwarebytes and save it to your Desktop.
Once downloaded, close all programs and Windows on your computer.
Double-click on the icon on your desktop named MBSetup.exe. This will start the installation of MBAM onto your computer.
Follow the instructions to install the program.
When finished, double click the program's icon created on your Desktop.
Click the little gear on the top right (Settings) and when it opens, click the General tab. Under the title Windows Security Center, make sure the option is disabled.
Click the Scan and Detections tab and under the Scan options title, enable Scan for rootkits option. Do not change any other option.
Return to the Dashboard and choose Scan.
When finished, you will see the Threat Scan Summary window open.
If threats are not found, click View Report and proceed to the two last steps below.

If threats are found, make sure that all threats are not selected,close the program and proceed to the next steps below.
- Open Malwarebytes again, click on the Scanner, and then on the Reports tab.
- Find the report with the most recent date and double click on it.
- Click on Export and then Copy to Clipboard.
- Paste its content here, in your next reply.

3. Run AdwCleaner (scan only)

Download AdwCleaner and save it to your desktop.

Double click AdwCleaner.exe to run it.
Click the Scan Now button.
Once the scan completes, AdwCleaner shows you all detected PUPs and adware. DO NOT check anything found, and click Next.
If any preinstalled software was detected on your device, a message notifies you that your action is requested. DO NOT check anything, and click Cancel to continue.
Click the Log Files tab.
Double click on the latest scan log (Scan logs have a [S0*] suffix, where * is replaced by a number, the latest scan will have the largest number)
A Notepad file will open containing the results of the removal.
Please post the contents of the file in your next reply.

Note: Click Skip Basic Repair if you are asked to.

In your next reply, please post:

The fixlog.txt
The AdwCleaner[S0*].txt
The Malwarebytes report

P.S. I'll be back to you tomorrow, my time.

madmaxed45 · Aug 10, 2024

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 8/10/2024
Scan Time: 8:03 PM
Log File: 2f4e26dc-574b-11ef-a7f0-a036bc6b1bb1.json

-Software Information-
Version: 5.1.7.121
Components Version: 1.0.5002
Update Package Version: 1.0.87710
License: Trial

-System Information-
OS: Windows 11 (Build 22631.3880)
CPU: x64
File System: NTFS
User: Abdou_Mejri\madma

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 221727
Threats Detected: 0
Threats Quarantined: 0
Time Elapsed: 2 min, 10 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
File system: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 0
(No malicious items detected)

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)

(end)

DR M · Aug 11, 2024

Hello.

The scans returned a clean outcome and the fix restored what malware affected.

Now I would like your feedback. What are the remaining issues regarding this computer?

madmaxed45 · Aug 11, 2024

the refreshing persists but hold on let me check the fps

madmaxed45 · Aug 11, 2024

nothing has changed , the FPS drops are still there

madmaxed45 · Aug 11, 2024

and the refreshing animation from the cursor is still there

madmaxed45 · Aug 11, 2024

if only i could attach a video

Is this a virus?

Attachments

Attachments

Attachments

Top Contributors this Month

Recommended Communities