Hi,
I recently have the same issue with dttarant it show up colormania 32 bit in task manager, I checked the file location an its show up nothing.
I hope it can fix the colormania 32 bit without reformat my pc
Thank you !
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 07-07-2021
Ran by chuac (administrator) on DESKTOP-GMLU23E (10-07-2021 01:17:23)
Running from C:UserschuacDownloadsPrograms
Loaded Profiles: chuac
Platform: Windows 10 Pro Version 20H2 19042.1083 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:Program FilesDAEMON Tools LiteDiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:Program FilesDAEMON Tools LiteDTShellHlp.exe
(Beijing Sogou Technology Development Co., Ltd. -> Sogou.com Inc.) C:Program Files (x86)SogouInput9.8.0.3746SogouCloud.exe
(Beijing Sogou Technology Development Co., Ltd. -> Sogou.com Inc.) C:WindowsSysWOW64IMESogouPYSogouImeBroker.exe
(Blacksun Software) [File not signed] C:UserschuacAppDataRoamingGoogleGoogleDiagnostics.exe
(Charles Milette -> TranslucentTB Open Source Developers) C:Program Files (x86)TranslucentTBTranslucentTB.exe
(Discord Inc. -> Discord Inc.) C:UserschuacAppDataLocalDiscordapp-1.0.9002Discord.exe <6>
(Garena Online Pte Ltd -> Garena Online) C:Program Files (x86)GarenaGarena2.0.1909.2618gxxsvc.exe
(Garena Online Pte Ltd -> Garena Online) C:Program Files (x86)GarenaGarenaGarena.exe
(Google LLC -> Google LLC) C:Program Files (x86)GoogleUpdate1.3.36.82GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:Program Files (x86)GoogleUpdate1.3.36.82GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:Program FilesGoogleChromeApplicationchrome.exe <62>
(Microsoft Corporation -> Microsoft Corporation) C:Program FilesCommon Filesmicrosoft sharedClickToRunOfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:UserschuacAppDataLocalMicrosoftOneDriveOneDrive.exe
(Microsoft Corporation) C:Program FilesWindowsAppsMicrosoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbweCalculator.exe
(Microsoft Corporation) C:Program FilesWindowsAppsMicrosoft.ZuneMusic_10.21061.10121.0_x64__8wekyb3d8bbweMusic.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:WindowsImmersiveControlPanelSystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32Taskmgr.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2105.5-0MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2105.5-0NisSrv.exe
(miHoYo Co.,Ltd. -> miHoYo) C:Program FilesGenshin Impactlauncher.exe
(NVIDIA Corporation -> Node.js) C:Program Files (x86)NVIDIA CorporationNvNodeNVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:Program FilesNVIDIA CorporationNVIDIA GeForce ExperienceNVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:Program FilesNVIDIA CorporationShadowPlaynvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:WindowsSystem32DriverStoreFileRepositorynv_dispi.inf_amd64_d71d3f5ea7618cbbDisplay.NvContainerNVDisplay.Container.exe <2>
(Razer USA Ltd. -> ) C:Program Files (x86)RazerSynapse3UserProcessRazer Synapse Service Process.exe
(Razer USA Ltd. -> Razer Inc) C:Program Files (x86)RazerRazer ServicesGMSGameManagerService.exe
(Razer USA Ltd. -> Razer Inc) C:Program Files (x86)RazerRazer_Kraken71Chroma_DriverDriversSysAudioKraken71ChromaHelper.exe
(Razer USA Ltd. -> Razer Inc.) C:Program Files (x86)Razer Chroma SDKbinRzSDKServer.exe
(Razer USA Ltd. -> Razer Inc.) C:Program Files (x86)Razer Chroma SDKbinRzSDKService.exe
(Razer USA Ltd. -> Razer Inc.) C:Program Files (x86)RazerRazer CortexFPSRunner32.exe
(Razer USA Ltd. -> Razer Inc.) C:Program Files (x86)RazerRazer CortexPMRunner32.exe
(Razer USA Ltd. -> Razer Inc.) C:Program Files (x86)RazerRazer CortexRzKLService.exe
(Razer USA Ltd. -> Razer Inc.) C:Program Files (x86)RazerRazer Cortexx64FPSRunner64.exe
(Razer USA Ltd. -> Razer Inc.) C:Program Files (x86)RazerRazer Cortexx64PMRunner64.exe
(Razer USA Ltd. -> Razer Inc.) C:Program Files (x86)RazerRazer ServicesRazer CentralRazer Central.exe
(Razer USA Ltd. -> Razer Inc.) C:Program Files (x86)RazerRazer ServicesRazer CentralRazerCentralService.exe
(Razer USA Ltd. -> Razer Inc.) C:Program Files (x86)RazerSynapseRzSynapse.exe
(Razer USA Ltd. -> Razer Inc.) C:Program Files (x86)RazerSynapse3ServiceRazer Synapse Service.exe
(Razer USA Ltd. -> Razer Inc.) C:Program Files (x86)RazerSynapse3WPFUIFrameworkRazer Synapse 3 HostRazer Synapse 3.exe
(Razer USA Ltd. -> Razer) C:Program Files (x86)RazerRazer CortexRazerCortex.exe
(Razer USA Ltd. -> The CefSharp Authors) C:Program Files (x86)RazerRazer CortexCefCefSharp.BrowserSubprocess.exe
(Razer USA Ltd. -> The CefSharp Authors) C:Program Files (x86)RazerRazer ServicesRazer CentralCefSharp.BrowserSubprocess.exe <2>
(Skutta, Kristjan -> ) D:Steamsteamappscommonwallpaper_enginewallpaper32.exe
(The Qt Company Oy -> The Qt Company Ltd.) C:Program FilesGenshin ImpactQtWebEngineProcess.exe
(Tonec Inc. -> Tonec Inc.) C:Program Files (x86)Internet Download ManagerIDMMsgHost.exe
(Tonec Inc.) [File not signed] C:Program Files (x86)Internet Download ManagerIDMan.exe
(Valve -> Valve Corporation) C:Program Files (x86)Common FilesSteamSteamService.exe
(Valve -> Valve Corporation) D:Steambincefcef.win7x64steamwebhelper.exe <7>
(Valve -> Valve Corporation) D:Steamsteam.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM…Run: [WindowsDefender] => “%ProgramFiles%Windows DefenderMSASCuiL.exe”
HKLM-x32…Run: [TeamsMachineInstaller] => C:Program Files (x86)Teams InstallerTeams.exe [101284632 2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32…Run: [RazerCortex] => C:Program Files (x86)RazerRazer CortexCortexLauncher.exe [267072 2021-06-02] (Razer USA Ltd. -> Razer Inc.)
HKLM-x32…Run: [] => [X]
HKLM-x32…Run: [Razer Synapse] => C:Program Files (x86)RazerSynapseRzSynapse.exe [601784 2020-05-13] (Razer USA Ltd. -> Razer Inc.)
HKLM-x32…Run: [Kraken71ChromaHelper] => C:Program Files (x86)RazerRazer_Kraken71Chroma_DriverDriversSysAudioKraken71ChromaHelper.exe [1600096 2017-02-14] (Razer USA Ltd. -> Razer Inc)
HKUS-1-5-21-4131175827-1518476479-2483294511-1001…Run: [IDMan] => C:Program Files (x86)Internet Download ManagerIDMan.exe [5468672 2020-11-28] (Tonec Inc.) [File not signed]
HKUS-1-5-21-4131175827-1518476479-2483294511-1001…Run: [ctfmon] => C:Windowssystem32ctfmon.exe [11264 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKUS-1-5-21-4131175827-1518476479-2483294511-1001…Run: [DAEMON Tools Lite Automount] => C:Program FilesDAEMON Tools LiteDTAgent.exe [409280 2020-12-08] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKUS-1-5-21-4131175827-1518476479-2483294511-1001…Run: [Synapse3] => C:Program Files (x86)RazerSynapse3WPFUIFrameworkRazer Synapse 3 HostRazer Synapse 3.exe [3519096 2021-06-15] (Razer USA Ltd. -> Razer Inc.)
HKUS-1-5-21-4131175827-1518476479-2483294511-1001…Run: [Discord] => C:UserschuacAppDataLocalDiscordUpdate.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKUS-1-5-21-4131175827-1518476479-2483294511-1001…Run: [TranslucentTB] => C:Program Files (x86)TranslucentTBTranslucentTB.exe [450768 2020-12-28] (Charles Milette -> TranslucentTB Open Source Developers)
HKUS-1-5-21-4131175827-1518476479-2483294511-1001…Run: [WallpaperEngine] => D:Steamsteamappscommonwallpaper_enginewallpaper32.exe [2652832 2021-06-26] (Skutta, Kristjan -> )
HKUS-1-5-21-4131175827-1518476479-2483294511-1001…PoliciesExplorer: [NoLowDiskSpaceChecks] 1
HKUS-1-5-18…Run: [Synapse3] => C:Program Files (x86)RazerSynapse3WPFUIFrameworkRazer Synapse 3 HostRazer Synapse 3.exe [3519096 2021-06-15] (Razer USA Ltd. -> Razer Inc.)
HKLMSoftwareMicrosoftActive SetupInstalled Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:Program FilesGoogleChromeApplication91.0.4472.124Installerchrmstp.exe [2021-07-02] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0592CCD1-24DE-4031-B953-C8B63A4BC6CE} – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Scheduled Scan => C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2105.5-0MpCmdRun.exe [644888 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1C79FD99-C327-42A8-9041-956743E3005A} – System32TasksUpdateWindows => C:UserschuacAppDataRoamingWinHostsvchost.exe <==== ATTENTION
Task: {25AADF7F-411D-447A-848C-BDA20620AF10} – System32TasksMicrosoftOfficeOffice Feature Updates Logon => C:Program FilesMicrosoft OfficerootOffice16sdxhelper.exe [147304 2021-07-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {298378EF-7D58-40A1-8BD7-4081BC6D1DA5} – System32TasksNvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvBackendNvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {31D7E008-58E7-429F-9EAF-62BF65D60D85} – System32TasksNvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvBackendNvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {47F68CC5-8A1E-45B7-BC96-19899C8F8D2D} – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Cache Maintenance => C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2105.5-0MpCmdRun.exe [644888 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {48C03A1C-D05A-499B-9A4F-099F92CB8DD8} – System32TasksDB Bigupgrade Task (One Time) => D:Driver Booster7.2.0dbupgradeg.exe [3984408 2021-04-11] (IObit CO., LTD -> IObit)
Task: {4E6E79A7-A599-413D-A840-5323BC382192} – System32TasksNvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d “C:Program FilesNVIDIA CorporationNvBackendNvBatteryBoostCheck” -l 3 -f C:ProgramDataNVIDIANvContainerBatteryBoostCheck.log
Task: {509198DC-5DBA-4D49-ABF2-4899C5EF97BD} – System32TasksDriver Booster Update => D:Driver Booster7.2.0AutoUpdate.exe [2361104 2020-01-13] (IObit Information Technology -> IObit)
Task: {523DC241-9BBC-42FD-B0BB-2C7CD565D844} – System32TasksNvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvBackendNvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {52AB8DF8-7520-4D58-9C9F-E981BF4BB417} – System32TasksMicrosoftOfficeOffice ClickToRun Service Monitor => C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeC2RClient.exe [23180168 2021-06-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {73195880-04F2-4951-B162-3D2C5F73C035} – System32TasksNVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNVIDIA GeForce ExperienceNVIDIA GeForce Experience.exe [3339120 2021-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {794E5C2F-FAF7-43C5-94A8-39BCC55E1DE9} – System32TasksGoogleUpdateTaskMachineUA => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [155592 2020-12-08] (Google LLC -> Google LLC)
Task: {7AC69623-6A4F-4990-A90D-B1C43C4FB936} – System32TasksMicrosoftOfficeOffice Automatic Updates 2.0 => C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeC2RClient.exe [23180168 2021-06-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {871BA43B-DFE7-4995-A2FB-AB5BC0E5FB70} – System32TasksMicrosoftOfficeOffice Feature Updates => C:Program FilesMicrosoft OfficerootOffice16sdxhelper.exe [147304 2021-07-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {9475344C-E5C9-4A6E-B5BC-5D47B202732D} – System32TasksOptimize Push Notification Data File-S-1-5-21-4131175827-1518476479-2483294511-1001 => {201600D8-6EFF-48CE-B842-E14D37A0682D} C:WindowsSystem32wpninprc.dll [24064 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {ACD8FBA8-084A-4F64-A88B-D9E5FAF903DC} – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Verification => C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2105.5-0MpCmdRun.exe [644888 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B5B76908-C78E-4869-A4C6-31FAD2B99353} – System32TasksGoogleUpdateTaskMachineCore => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [155592 2020-12-08] (Google LLC -> Google LLC)
Task: {B6283FDA-0C72-43B0-A7E5-0AD6A466C8B5} – System32TasksNvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationUpdate CoreNvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B7B31DE5-7D2E-44EC-AFF5-4E44B2A232EF} – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Cleanup => C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2105.5-0MpCmdRun.exe [644888 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D0D87184-60A5-433A-A17A-211C4F74661D} – System32Tasksgxx speed launcher => C:Program Files (x86)GarenaGarenaGarena.exe [457600 2019-09-26] (Garena Online Pte Ltd -> Garena Online)
Task: {DEE8F372-B935-4C7C-9246-B559B8D324E2} – System32TasksSogouImeMgr => C:Program Files (x86)SogouInputSogouExeSogouExe.exe [412568 2020-06-26] (Beijing Sogou Technology Development Co., Ltd. -> Sogou.com Inc.) -> “C:Program Files (x86)SogouInput9.8.0.3746SGTool.exe” –appid=pinyinrepair /t /v
Task: {DF3CA9AE-7CED-4E8D-B89D-8B562562CB18} – System32TasksDriver Booster Scheduler => D:Driver Booster7.2.0Scheduler.exe [149776 2020-01-06] (IObit Information Technology -> IObit)
Task: {F069932C-07EC-4626-B163-E75F34725D81} – System32TasksNvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationUpdate CoreNvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F133EFCF-E73C-4E63-9B6C-16B4B263197E} – System32TasksNvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvBackendNvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F28C3625-7B91-4C62-B519-EA85C41DA272} – System32TasksDriver Booster SkipUAC (chuac) => D:Driver Booster7.2.0DriverBooster.exe [7748880 2020-01-14] (IObit Information Technology -> IObit)
Task: {F363FBCA-B4E4-4588-A7E6-CC6BE5184CFE} – System32TasksNvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d “C:Program FilesNVIDIA CorporationNvDriverUpdateCheck” -l 3 -f C:ProgramDataNVIDIANvContainerDriverUpdateCheck.log
Task: {FCD13FA4-25C0-4AD4-844E-8E226D2249AE} – System32TasksNvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program Files (x86)NVIDIA CorporationNvNodenvnodejslauncher.exe [645488 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
TcpipParameters: [DhcpNameServer] 192.168.0.1 192.168.68.1
Tcpip..Interfaces{653f205c-51cb-4094-9f97-0731137201c5}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip..Interfaces{653f205c-51cb-4094-9f97-0731137201c5}: [DhcpNameServer] 192.168.0.1 192.168.68.1
Edge:
=======
Edge Profile: C:UserschuacAppDataLocalMicrosoftEdgeUser DataDefault [2021-07-09]
Edge Extension: (IDM Integration Module) – C:UserschuacAppDataLocalMicrosoftEdgeUser DataDefaultExtensionsllbjbkhnmlidjebalopleeepgdfgcpec [2021-05-04]
Edge HKUS-1-5-21-4131175827-1518476479-2483294511-1001SOFTWAREMicrosoftEdgeExtensions…EdgeExtension: [llbjbkhnmlidjebalopleeepgdfgcpec] – C:Program Files (x86)Internet Download ManagerIDMEdgeExt.crx [2020-11-26]
FireFox:
========
FF HKUS-1-5-21-4131175827-1518476479-2483294511-1001…SeaMonkeyExtensions: [mozilla_cc@internetdownloadmanager.com] – C:UserschuacAppDataRoamingIDMidmmzcc5
FF Extension: (IDM CC) – C:UserschuacAppDataRoamingIDMidmmzcc5 [2020-12-08] [Legacy] [not signed]
FF HKUS-1-5-21-4131175827-1518476479-2483294511-1001…SeaMonkeyExtensions: [mozilla_cc2@internetdownloadmanager.com] – C:Program Files (x86)Internet Download Manageridmmzcc2.xpi
FF Extension: (IDM integration) – C:Program Files (x86)Internet Download Manageridmmzcc2.xpi [2017-12-20] [Legacy]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:Program FilesMicrosoft OfficerootOffice16NPSPWRAP.DLL [2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16NPSPWRAP.DLL [2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:UserschuacAppDataLocalGoogleChromeUser DataDefault [2021-07-10]
CHR StartupUrls: Default -> “chrome://extensions/”,”hxxps://www.google.com/search?q=how+to+remove+safe+finder+from+chrome&rlz=1C1CHBF_enMY788MY788&oq=how+to+remove+safe+finder+&aqs=chrome.2.69i57j69i60j0l4.17401j0j7&sourceid=chrome&ie=UTF-8″,”hxxps://www.youtube.com/watch?v=eIxbPwftPwI”
CHR Extension: (Slides) – C:UserschuacAppDataLocalGoogleChromeUser DataDefaultExtensionsaapocclcgogkmnckokdopfmhonfmgoek [2020-12-08]
CHR Extension: (Docs) – C:UserschuacAppDataLocalGoogleChromeUser DataDefaultExtensionsaohghmighlieiainnegkcijnfilokake [2020-12-08]
CHR Extension: (Google Drive) – C:UserschuacAppDataLocalGoogleChromeUser DataDefaultExtensionsapdfllckaahabafndbhieahigkjlhalf [2020-12-08]
CHR Extension: (YouTube) – C:UserschuacAppDataLocalGoogleChromeUser DataDefaultExtensionsblpcfgokakmgnkcojhhkbfbldkacnbeo [2020-12-08]
CHR Extension: (Rearrange Tabs) – C:UserschuacAppDataLocalGoogleChromeUser DataDefaultExtensionsccnnhhnmpoffieppjjkhdakcoejcpbga [2020-12-08]
CHR Extension: (Shopback Button – Cashback & Coupons) – C:UserschuacAppDataLocalGoogleChromeUser DataDefaultExtensionsdjjjmdgomejlopjnccoejdhgjmiappap [2021-07-08]
CHR Extension: (Sheets) – C:UserschuacAppDataLocalGoogleChromeUser DataDefaultExtensionsfelcaaldnbdncclmgdcncolpebgiejap [2020-12-08]
CHR Extension: (Google Docs Offline) – C:UserschuacAppDataLocalGoogleChromeUser DataDefaultExtensionsghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-25]
CHR Extension: (AdBlock — best ad blocker) – C:UserschuacAppDataLocalGoogleChromeUser DataDefaultExtensionsgighmmpiobklfepjocnamgkkbiglidom [2021-06-25]
CHR Extension: (Cookie-Editor) – C:UserschuacAppDataLocalGoogleChromeUser DataDefaultExtensionshlkenndednhfkekhgcdicdfddnkalmdm [2021-06-18]
CHR Extension: (IDM Integration Module) – C:UserschuacAppDataLocalGoogleChromeUser DataDefaultExtensionsngpampappnmepgilojfohadhhmbhlaek [2021-03-10]
CHR Extension: (Chrome Web Store Payments) – C:UserschuacAppDataLocalGoogleChromeUser DataDefaultExtensionsnmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Starry sky) – C:UserschuacAppDataLocalGoogleChromeUser DataDefaultExtensionsoljbicdbjojdloimanbeppncdafgccnl [2020-12-08]
CHR Extension: (Gmail) – C:UserschuacAppDataLocalGoogleChromeUser DataDefaultExtensionspjkljhegncpnkpknbcohdijeoejaedia [2020-12-08]
CHR Extension: (Chrome Media Router) – C:UserschuacAppDataLocalGoogleChromeUser DataDefaultExtensionspkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-06-06]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ClickToRunSvc; C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeClickToRun.exe [9056656 2021-06-28] (Microsoft Corporation -> Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:Program FilesDAEMON Tools LiteDiscSoftBusServiceLite.exe [5030592 2020-12-08] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 GarenaPlatform; C:Program Files (x86)GarenaGarena2.0.1909.2618gxxsvc.exe [320512 2019-09-26] (Garena Online Pte Ltd -> Garena Online)
R2 Razer Chroma SDK Server; C:Program Files (x86)Razer Chroma SDKbinRzSDKServer.exe [1134616 2021-04-28] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:Program Files (x86)Razer Chroma SDKbinRzSDKService.exe [321560 2021-04-13] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Game Manager Service; C:Program Files (x86)RazerRazer ServicesGMSGameManagerService.exe [254224 2021-03-22] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; C:Program Files (x86)RazerSynapse3ServiceRazer Synapse Service.exe [294520 2021-06-10] (Razer USA Ltd. -> Razer Inc.)
R2 RzActionSvc; C:Program Files (x86)RazerRazer ServicesRazer CentralRazerCentralService.exe [533808 2021-01-29] (Razer USA Ltd. -> Razer Inc.)
R2 RzKLService; C:Program Files (x86)RazerRazer CortexRzKLService.exe [291320 2021-06-02] (Razer USA Ltd. -> Razer Inc.)
S3 Sense; C:Program FilesWindows Defender Advanced Threat ProtectionMsSense.exe [5394864 2021-07-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 SogouSvc; C:Program Files (x86)SogouInputSogouExeSogouSvc.exe [469912 2020-06-26] (Beijing Sogou Technology Development Co., Ltd. -> Sogou.com Inc.)
R3 WdNisSvc; C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2105.5-0NisSrv.exe [2644776 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2105.5-0MsMpEng.exe [136656 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:WindowsSystem32DriverStoreFileRepositorynv_dispi.inf_amd64_d71d3f5ea7618cbbDisplay.NvContainerNVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%NVIDIANVDisplay.ContainerLocalSystem.log -l 3 -d C:WindowsSystem32DriverStoreFileRepositorynv_dispi.inf_amd64_d71d3f5ea7618cbbDisplay.NvContainerpluginsLocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystemLocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AsrDrv103; C:WindowsSysWOW64DriversAsrDrv103.sys [34568 2020-12-08] (ASROCK Incorporation -> ASRock Incorporation) [File not signed]
S3 AsrDrv104n; C:WindowsSysWOW64DriversAsrDrv104n.sys [33000 2021-02-15] (ASROCK Incorporation -> ASRock Incorporation) [File not signed]
S3 BthA2dp; C:WindowsSystem32driversBthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R3 dtlitescsibus; C:WindowsSystem32driversdtlitescsibus.sys [42256 2020-12-08] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:WindowsSystem32driversdtliteusbbus.sys [59360 2020-12-08] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R1 EneTechIo; C:Windowssystem32driversene.sys [20992 2020-05-12] (Microsoft Windows Hardware Compatibility Publisher -> )
R1 GLCKIO2; C:Windowssystem32driversGLCKIO2.sys [19392 2018-04-23] (ASUSTeK Computer Inc. -> )
R1 HWiNFO32; C:WindowsSysWOW64driversHWiNFO64A.SYS [27552 2020-12-15] (Martin Malik – REALiX -> REALiX)
S3 MSIO; C:Program Files (x86)ASRock UtilityASRRGBLEDBinmsio64.sys [17424 2020-01-19] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R3 RzCommon; C:WindowsSystem32driversRzCommon.sys [54632 2021-03-31] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0046; C:WindowsSystem32driversRzDev_0046.sys [54168 2020-08-24] (Razer USA Ltd. -> Razer Inc)
S0 WdBoot; C:WindowsSystem32driverswdWdBoot.sys [49568 2021-06-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:WindowsSystem32driverswdWdFilter.sys [425184 2021-06-12] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:WindowsSystem32driverswdWdNisDrv.sys [76000 2021-06-12] (Microsoft Windows -> Microsoft Corporation)
R1 YSDrv; C:Program Files (x86)BignoxBigNoxVMRTYSDrv.sys [312776 2021-06-02] (Microsoft Windows Hardware Compatibility Publisher -> Nox Limited Corporation)
R1 YSDrvA; C:Program Files (x86)BignoxABigNoxVMRTYSDrvA.sys [331456 2021-06-08] (Nox Limited -> Nox Limited Corporation)
U4 napagent; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-07-10 01:17 – 2021-07-10 01:17 – 000000000 ____D C:FRST
2021-07-10 00:59 – 2021-07-10 00:59 – 000000000 ____D C:Program FilesMalwarebytes
2021-07-09 18:27 – 2021-07-09 18:27 – 2147483648 _____ C:UserschuacDownloads(New)Yume to Iro de Dekiteiru CHS.part1.rar
2021-07-09 13:59 – 2021-07-09 16:26 – 000000407 _____ C:UserschuacDesktopcomtrick.txt
2021-07-09 13:10 – 2021-07-09 16:55 – 000386875 _____ C:UserschuacDesktopCOM1121_J19031450_Individual.pptx
2021-07-09 12:38 – 2021-07-09 12:38 – 002512995 _____ C:UserschuacDownloadsLanguage School Newsletter by Slidesgo.pptx
2021-07-08 12:48 – 2021-07-08 12:48 – 000000000 ____D C:Windowssystem32TasksAgent Activation Runtime
2021-07-08 11:49 – 2021-07-08 11:49 – 000206468 _____ C:UserschuacDownloadsCHAPTER 9 HOMEWORK – MUST DO.pptx
2021-07-08 02:27 – 2021-07-09 12:46 – 000000000 ____D C:UserschuacDownloadsschool
2021-07-07 22:21 – 2021-07-07 22:21 – 002371072 _____ C:Windowssystem32rdpnano.dll
2021-07-07 22:21 – 2021-07-07 22:21 – 002260992 _____ C:Windowssystem32TextInputMethodFormatter.dll
2021-07-07 22:21 – 2021-07-07 22:21 – 001823304 _____ (Microsoft Corporation) C:Windowssystem32winload.efi
2021-07-07 22:21 – 2021-07-07 22:21 – 001393504 _____ (Microsoft Corporation) C:Windowssystem32winresume.efi
2021-07-07 22:21 – 2021-07-07 22:21 – 001314128 _____ (Microsoft Corporation) C:Windowssystem32SecConfig.efi
2021-07-07 22:21 – 2021-07-07 22:21 – 000570880 _____ (Microsoft Corporation) C:Windowssystem32inetcpl.cpl
2021-07-07 22:21 – 2021-07-07 22:21 – 000452608 _____ (Microsoft Corporation) C:WindowsSysWOW64inetcpl.cpl
2021-07-07 22:21 – 2021-07-07 22:21 – 000097792 _____ C:Windowssystem32Driverscimfs.sys
2021-07-07 22:21 – 2021-07-07 22:21 – 000084992 _____ (Microsoft Corporation) C:Windowssystem32wscui.cpl
2021-07-07 22:21 – 2021-07-07 22:21 – 000067584 _____ (Microsoft Corporation) C:WindowsSysWOW64wscui.cpl
2021-07-07 22:21 – 2021-07-07 22:21 – 000060928 _____ C:Windowssystem32runexehelper.exe
2021-07-07 22:21 – 2021-07-07 22:21 – 000011351 _____ C:Windowssystem32DrtmAuthTxt.wim
2021-07-06 08:18 – 2021-07-06 08:18 – 000003168 _____ C:Windowssystem32TasksDB Bigupgrade Task (One Time)
2021-07-06 02:45 – 2021-07-06 02:45 – 001151992 _____ (Realtek ) C:Windowssystem32Driversrt640x64.sys
2021-07-06 02:45 – 2021-07-06 02:45 – 000443088 _____ (Advanced Micro Devices, Inc. ) C:Windowssystem32amdtee_api.dll
2021-07-06 02:45 – 2021-07-06 02:45 – 000356560 _____ (Advanced Micro Devices, Inc. ) C:WindowsSysWOW64amdtee_api.dll
2021-07-06 02:45 – 2021-07-06 02:45 – 000137424 _____ (Advanced Micro Devices, Inc. ) C:Windowssystem32Driversamdpsp.sys
2021-07-04 01:51 – 2021-07-04 01:51 – 000004308 _____ C:Windowssystem32TasksNvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-04 01:51 – 2021-07-04 01:51 – 000004106 _____ C:Windowssystem32TasksNvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-04 01:51 – 2021-07-04 01:51 – 000003976 _____ C:Windowssystem32TasksNVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-04 01:51 – 2021-07-04 01:51 – 000003940 _____ C:Windowssystem32TasksNvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-04 01:51 – 2021-07-04 01:51 – 000003894 _____ C:Windowssystem32TasksNvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-04 01:51 – 2021-07-04 01:51 – 000003858 _____ C:Windowssystem32TasksNvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-04 01:51 – 2021-07-04 01:51 – 000003858 _____ C:Windowssystem32TasksNvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-04 01:51 – 2021-07-04 01:51 – 000003858 _____ C:Windowssystem32TasksNvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-04 01:51 – 2021-07-04 01:51 – 000003858 _____ C:Windowssystem32TasksNvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-04 01:51 – 2021-07-04 01:51 – 000003654 _____ C:Windowssystem32TasksNvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-07-04 01:51 – 2021-06-09 22:17 – 002838384 _____ (NVIDIA Corporation) C:Windowssystem32nvspcap64.dll
2021-07-04 01:51 – 2021-06-09 22:17 – 002186608 _____ (NVIDIA Corporation) C:WindowsSysWOW64nvspcap.dll
2021-07-04 01:51 – 2021-06-02 22:03 – 000067464 _____ (NVIDIA Corporation) C:Windowssystem32Driversnvvhci.sys
2021-07-03 20:28 – 2021-07-03 20:28 – 000003380 _____ C:Windowssystem32TasksOneDrive Standalone Update Task-S-1-5-21-4131175827-1518476479-2483294511-1001
2021-07-03 20:28 – 2021-07-03 20:28 – 000002397 _____ C:UserschuacAppDataRoamingMicrosoftWindowsStart MenuProgramsOneDrive.lnk
2021-07-03 19:02 – 2021-07-03 19:02 – 000000000 ____D C:UserschuacAppDataLocalLownvgames
2021-07-02 21:45 – 2021-07-07 11:25 – 004795419 _____ C:UserschuacDesktopBUS1100_Group8 .pptx
2021-07-02 00:25 – 2021-07-02 00:25 – 195606109 _____ C:UserschuacDesktop202107020004.mp4
2021-06-23 16:46 – 2021-06-23 18:08 – 000000000 ____D C:UserschuacAppDataRoamingZoom
2021-06-21 06:47 – 2021-06-21 06:47 – 000000000 ____D C:ProgramDataOracle
2021-06-20 11:15 – 2021-07-07 23:43 – 000008192 ___SH C:DumpStack.log.tmp
2021-06-20 07:14 – 2021-06-20 07:14 – 000000000 ____D C:UserschuacAppDataRoamingorg.sakuradite.reader
2021-06-20 07:11 – 2021-06-20 07:11 – 000000000 ____D C:UserschuacAppDataRoamingBlack LILITH
2021-06-20 07:11 – 2021-06-20 07:11 – 000000000 ____D C:UserschuacAppDataLocalTurbo.net
2021-06-17 01:49 – 2021-07-02 16:49 – 227852831 _____ C:UserschuacDesktopcom1121_GROUP PRESENTATION 5 – LIFE HACK.pptx
2021-06-14 21:01 – 2021-06-14 21:01 – 000000638 _____ C:UserschuacDesktop剪映专业版.lnk
2021-06-14 21:01 – 2021-06-14 21:01 – 000000000 ____D C:UserschuacAppDataRoamingMicrosoftWindowsStart MenuPrograms剪映专业版
2021-06-14 17:15 – 2021-06-14 20:55 – 002079612 _____ C:UserschuacDesktopChuah Chung Han J19031450 Does smart home system make us lazier.pptx
2021-06-13 14:02 – 2021-06-13 14:02 – 000000000 ____D C:UserschuacAppDataRoamingま~まれぇど
2021-06-13 05:04 – 2021-06-13 05:04 – 000000000 ____D C:UserschuacAppDataRoamingsonora
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-07-10 01:16 – 2019-12-07 17:14 – 000000000 ____D C:WindowsAppReadiness
2021-07-10 01:10 – 2020-12-08 16:50 – 000000000 ____D C:UserschuacAppDataLocalPackages
2021-07-10 01:10 – 2020-12-08 00:52 – 000000000 ____D C:UserschuacAppDataLocalPlaceholderTileLogoFolder
2021-07-10 01:10 – 2019-12-07 17:14 – 000000000 ___HD C:WindowsELAMBKUP
2021-07-10 01:07 – 2019-12-07 17:14 – 000000000 ____D C:ProgramDataregid.1991-06.com.microsoft
2021-07-10 01:03 – 2020-12-08 10:09 – 000000000 ____D C:UserschuacAppDataRoamingdiscord
2021-07-10 01:03 – 2020-12-08 10:09 – 000000000 ____D C:UserschuacAppDataLocalDiscord
2021-07-10 01:01 – 2020-12-08 09:42 – 000000000 ____D C:UserschuacAppDataLocalLowSogouPY
2021-07-10 01:00 – 2020-12-08 01:04 – 000000000 ____D C:UserschuacAppDataLocalD3DSCache
2021-07-09 19:20 – 2020-12-08 09:10 – 000000000 ____D C:ProgramDataNVIDIA
2021-07-09 19:00 – 2020-12-08 16:54 – 000000000 ____D C:ProgramDataRiot Games
2021-07-09 17:46 – 2020-12-08 09:32 – 000000000 ____D C:UserschuacAppDataLocalCrashDumps
2021-07-09 14:45 – 2020-09-27 22:50 – 000000000 ____D C:Windowssystem32SleepStudy
2021-07-08 17:34 – 2020-12-08 12:48 – 000000000 ____D C:Program FilesGenshin Impact
2021-07-08 13:05 – 2019-12-07 17:03 – 000000000 ____D C:WindowsCbsTemp
2021-07-08 11:03 – 2020-12-08 00:51 – 000000000 ___RD C:UserschuacOneDrive
2021-07-08 03:07 – 2020-12-08 08:43 – 000000000 ____D C:UserschuacAppDataRoamingDMCache
2021-07-08 00:43 – 2020-12-08 08:43 – 000000000 ____D C:UserschuacDownloadsCompressed
2021-07-08 00:43 – 2019-12-07 17:13 – 000000000 ____D C:WindowsINF
2021-07-07 23:50 – 2020-12-08 16:50 – 000795742 _____ C:Windowssystem32PerfStringBackup.INI
2021-07-07 23:48 – 2020-12-08 11:53 – 000000000 ____D C:ProgramDataboost_interprocess
2021-07-07 23:43 – 2020-09-27 22:50 – 000462792 _____ C:Windowssystem32FNTCACHE.DAT
2021-07-07 23:43 – 2020-09-27 22:50 – 000000006 ____H C:WindowsTasksSA.DAT
2021-07-07 23:43 – 2019-12-07 17:14 – 000000000 ____D C:WindowsServiceState
2021-07-07 23:42 – 2020-12-13 13:28 – 000000000 ____D C:Program FilesWindows Defender Advanced Threat Protection
2021-07-07 23:42 – 2019-12-07 17:14 – 000000000 ___RD C:WindowsImmersiveControlPanel
2021-07-07 23:42 – 2019-12-07 17:14 – 000000000 ____D C:WindowsSysWOW64setup
2021-07-07 23:42 – 2019-12-07 17:14 – 000000000 ____D C:WindowsSysWOW64oobe
2021-07-07 23:42 – 2019-12-07 17:14 – 000000000 ____D C:WindowsSysWOW64Dism
2021-07-07 23:42 – 2019-12-07 17:14 – 000000000 ____D C:WindowsSystemResources
2021-07-07 23:42 – 2019-12-07 17:14 – 000000000 ____D C:Windowssystem32setup
2021-07-07 23:42 – 2019-12-07 17:14 – 000000000 ____D C:Windowssystem32oobe
2021-07-07 23:42 – 2019-12-07 17:14 – 000000000 ____D C:Windowssystem32Dism
2021-07-07 23:42 – 2019-12-07 17:14 – 000000000 ____D C:WindowsProvisioning
2021-07-07 23:42 – 2019-12-07 17:14 – 000000000 ____D C:WindowsPolicyDefinitions
2021-07-07 23:42 – 2019-12-07 17:14 – 000000000 ____D C:Windowsbcastdvr
2021-07-07 23:42 – 2019-12-07 17:03 – 000524288 _____ C:Windowssystem32configBBI
2021-07-07 20:14 – 2020-12-08 08:43 – 000000000 ____D C:UserschuacAppDataRoamingIDM
2021-07-07 16:00 – 2020-12-08 09:49 – 000000000 ____D C:Program FilesMicrosoft Office
2021-07-07 14:02 – 2019-12-07 17:14 – 000000000 ___HD C:Program FilesWindowsApps
2021-07-06 16:11 – 2020-12-08 11:48 – 000000000 ____D C:UserschuacAppDataLocalSpotify
2021-07-06 15:27 – 2021-04-07 19:10 – 000000000 ____D C:UserschuacAppDataRoamingSpotify
2021-07-06 02:45 – 2020-12-15 18:56 – 000000000 ____D C:ProgramDataProductData
2021-07-04 01:51 – 2020-12-08 09:12 – 000001461 _____ C:UsersPublicDesktopGeForce Experience.lnk
2021-07-04 01:51 – 2020-12-08 09:12 – 000001461 _____ C:ProgramDataDesktopGeForce Experience.lnk
2021-07-04 01:51 – 2020-12-08 09:10 – 000000000 ____D C:ProgramDataNVIDIA Corporation
2021-07-04 01:51 – 2020-12-08 09:10 – 000000000 ____D C:Program Files (x86)NVIDIA Corporation
2021-07-04 01:51 – 2020-12-08 09:02 – 000000000 ____D C:Program FilesNVIDIA Corporation
2021-07-03 19:55 – 2020-12-08 08:43 – 000000000 ____D C:UserschuacDownloadsVideo
2021-07-03 13:25 – 2020-09-27 22:53 – 000002452 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsMicrosoft Edge.lnk
2021-07-03 13:25 – 2020-09-27 22:53 – 000002290 _____ C:UsersPublicDesktopMicrosoft Edge.lnk
2021-07-03 13:25 – 2020-09-27 22:53 – 000002290 _____ C:ProgramDataDesktopMicrosoft Edge.lnk
2021-07-02 20:44 – 2020-12-08 01:21 – 000002261 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle Chrome.lnk
2021-07-02 20:44 – 2020-12-08 01:21 – 000002220 _____ C:UsersPublicDesktopGoogle Chrome.lnk
2021-07-02 20:44 – 2020-12-08 01:21 – 000002220 _____ C:ProgramDataDesktopGoogle Chrome.lnk
2021-07-02 12:25 – 2020-09-27 22:53 – 000003480 _____ C:Windowssystem32TasksMicrosoftEdgeUpdateTaskMachineUA
2021-07-02 12:25 – 2020-09-27 22:53 – 000003356 _____ C:Windowssystem32TasksMicrosoftEdgeUpdateTaskMachineCore
2021-07-01 10:22 – 2020-12-08 08:31 – 000000000 ____D C:UserschuacAppDataRoaminguTorrent
2021-06-26 14:46 – 2020-12-08 10:02 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsRazer
2021-06-25 03:47 – 2020-12-08 08:40 – 000000000 ____D C:UserschuacAppDataLocalBitTorrentHelper
2021-06-24 18:43 – 2020-12-12 15:45 – 000000000 ____D C:WindowsMinidump
2021-06-20 07:15 – 2021-03-19 02:42 – 000000000 ____D C:UserschuacAppDataRoamingasaproject
2021-06-17 04:55 – 2020-12-08 16:48 – 000000000 ____D C:Userschuac
2021-06-15 08:12 – 2019-12-07 17:14 – 000000000 ____D C:WindowsLiveKernelReports
2021-06-12 16:32 – 2020-09-27 22:51 – 000000000 ____D C:Windowssystem32Driverswd
2021-06-10 00:06 – 2020-12-08 10:01 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsRazer Cortex
2021-06-10 00:02 – 2019-12-07 17:14 – 000000000 ___RD C:WindowsPrintDialog
2021-06-10 00:02 – 2019-12-07 17:14 – 000000000 ____D C:WindowsSysWOW64lv-LV
2021-06-10 00:02 – 2019-12-07 17:14 – 000000000 ____D C:WindowsSysWOW64et-EE
2021-06-10 00:02 – 2019-12-07 17:14 – 000000000 ____D C:Windowssystem32migwiz
2021-06-10 00:02 – 2019-12-07 17:14 – 000000000 ____D C:Windowssystem32lv-LV
2021-06-10 00:02 – 2019-12-07 17:14 – 000000000 ____D C:Windowssystem32et-EE
==================== Files in the root of some directories ========
2020-12-15 17:05 – 2020-12-15 17:05 – 000000000 ____H () C:UserschuacAppDataLocalBIT4783.tmp
2021-04-03 16:41 – 2021-04-03 16:41 – 000000017 _____ () C:UserschuacAppDataLocalresmon.resmoncfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-07-2021
Ran by chuac (10-07-2021 01:18:13)
Running from C:UserschuacDownloadsPrograms
Windows 10 Pro Version 20H2 19042.1083 (X64) (2020-12-08 08:46:46)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-4131175827-1518476479-2483294511-500 – Administrator – Disabled)
chuac (S-1-5-21-4131175827-1518476479-2483294511-1001 – Administrator – Enabled) => C:Userschuac
DefaultAccount (S-1-5-21-4131175827-1518476479-2483294511-503 – Limited – Disabled)
Guest (S-1-5-21-4131175827-1518476479-2483294511-501 – Limited – Disabled)
WDAGUtilityAccount (S-1-5-21-4131175827-1518476479-2483294511-504 – Limited – Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled – Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with “Hidden” flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKUS-1-5-21-4131175827-1518476479-2483294511-1001…uTorrent) (Version: 3.5.5.46010 – BitTorrent Inc.)
ASRRGBLED v1.0.82 (HKLM-x32…ASRock RGB LED_is1) (Version: 1.0.82 – ASRock Inc.)
ASUS GLCKIO2 Driver (HKLM-x32…{548dd834-70c5-4426-8065-fbeabdd2bb5d}) (Version: 1.0.10 – ASUSTeK Computer Inc.) Hidden
ASUS GLCKIO2 Driver (HKLM-x32…{5960FD0F-BB3B-49AF-B175-F77DC91E995A}) (Version: 1.0.10 – ASUSTeK Computer Inc.) Hidden
CrystalDiskInfo 8.8.9 (HKLM…CrystalDiskInfo_is1) (Version: 8.8.9 – Crystal Dew World)
DAEMON Tools Lite (HKLM…DAEMON Tools Lite) (Version: 10.14.0.1567 – Disc Soft Ltd)
Discord (HKUS-1-5-21-4131175827-1518476479-2483294511-1001…Discord) (Version: 0.0.309 – Discord Inc.)
Driver Booster 7 (HKLM-x32…Driver Booster_is1) (Version: 7.2.0 – IObit)
ENE_DRAM_RGB_AIO (HKLM…{1745D314-9077-46C9-8562-1C62BAE189B7}) (Version: 1.0.0.10 – Ene Tech.) Hidden
ENE_DRAM_RGB_AIO (HKLM-x32…{52d1d7de-19c3-4f83-97bb-f9435dc84c5b}) (Version: 1.0.0.10 – Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM…{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.7.11 – ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32…{fd812556-e0bb-4961-ac2b-cf5643484519}) (Version: 1.0.7.11 – ENE TECHNOLOGY INC.) Hidden
ENE_EHD_SSS_HAL (HKLM…{CF703694-01C6-4062-B797-84DB215662BC}) (Version: 1.00.00 – ENE TECHNOLOGY INC.) Hidden
ENE_EHD_SSS_HAL (HKLM-x32…{b00e47a4-d642-402c-a060-8d959a0537db}) (Version: 1.00.00 – ENE TECHNOLOGY INC.) Hidden
Garena (remove only) (HKLM-x32…gxx) (Version: 2.0.1909.2618 – Garena)
Genshin Impact (HKLM…Genshin Impact) (Version: 2.9.1.0 – miHoYo Co.,Ltd)
Google Chrome (HKLM-x32…Google Chrome) (Version: 91.0.4472.124 – Google LLC)
IDM 6.38 build 14 6.38.14 (HKLM-x32…IDM 6.38 build 14 6.38.14) (Version: 6.38.14 – CrackingPatching)
Internet Download Manager (HKLM-x32…Internet Download Manager) (Version: 6.38.14 – Tonec Inc.)
Microsoft Edge (HKLM-x32…Microsoft Edge) (Version: 91.0.864.64 – Microsoft Corporation)
Microsoft Office Home and Student 2016 – en-us (HKLM…HomeStudentRetail – en-us) (Version: 16.0.14131.20278 – Microsoft Corporation)
Microsoft OneDrive (HKUS-1-5-21-4131175827-1518476479-2483294511-1001…OneDriveSetup.exe) (Version: 21.119.0613.0001 – Microsoft Corporation)
Microsoft Teams (HKUS-1-5-21-4131175827-1518476479-2483294511-1001…Teams) (Version: 1.3.00.26064 – Microsoft Corporation)
Microsoft Update Health Tools (HKLM…{E5A95BC5-81DF-4F0C-B910-B59DD012F037}) (Version: 2.81.0.0 – Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable – x64 9.0.30729.17 (HKLM…{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 – Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable – x64 9.0.30729.4148 (HKLM…{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 – Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) – 12.0.30501 (HKLM-x32…{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 – Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) – 12.0.40660 (HKLM-x32…{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 – Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) – 14.22.27821 (HKLM-x32…{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 – Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) – 14.22.27821 (HKLM-x32…{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 – Microsoft Corporation)
MPC-HC 1.7.9 (HKLM-x32…{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.9 – MPC-HC Team)
NARUTO SHIPPUDEN Ultimate Ninja STORM 4 Road to Boruto Next Generations (HKLM-x32…NARUTO SHIPPUDEN Ultimate Ninja STORM 4 Road to ~629813CA_is1) (Version: – )
NoxPlayer(64-bit) (HKLM-x32…Nox64) (Version: 9.0.0.0 – Duodian Technology Co. Ltd.)
NVIDIA FrameView SDK 1.1.4923.29968894 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29968894 – NVIDIA Corporation)
NVIDIA GeForce Experience 3.23.0.74 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.23.0.74 – NVIDIA Corporation)
NVIDIA Graphics Driver 466.27 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 466.27 – NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 – NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM…{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14131.20278 – Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM…{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14131.20278 – Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM…{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14131.20278 – Microsoft Corporation) Hidden
Patriot Viper M2 SSD RGB (HKLM…{8B4C0A3D-C135-4E1F-98D8-3926494B4D61}) (Version: 1.0.6.2 – Patriot Memory) Hidden
Patriot Viper M2 SSD RGB (HKLM-x32…{1122cfaf-aa52-4ba0-af2e-1e252b647b5b}) (Version: 1.0.6.2 – Patriot Memory)
Razer Cortex (HKLM-x32…Razer Cortex_is1) (Version: 9.15.19.1412 – Razer Inc.)
Razer Synapse (HKLM-x32…{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.21.24.34 – Razer Inc.)
Razer Synapse (HKLM-x32…Razer Synapse) (Version: 3.6.0624.061513 – Razer Inc.)
Spotify (HKUS-1-5-21-4131175827-1518476479-2483294511-1001…Spotify) (Version: 1.1.56.595.g2d2da0de – Spotify AB)
Steam (HKLM-x32…Steam) (Version: 2.10.91.91 – Valve Corporation)
Streamlabs OBS 0.26.0 (HKLM…
