KEMBAR78
Addition | PDF | Antivirus Software | Malware
Scribd
Upload
121 views16 pages

Addition

Uploaded by

devpalsingh2004
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
121 views16 pages

Addition

Uploaded by

devpalsingh2004
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 16

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23.06.

2024
Ran by SUS (24-06-2024 14:12:59)
Running from E:\downloads\scoped_dir11748_1246212785
Microsoft Windows 11 Pro Version 23H2 22631.3737 (X64) (2024-05-28 11:45:24)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-2931057295-1006745406-1456292787-500 - Administrator -


Disabled)
DefaultAccount (S-1-5-21-2931057295-1006745406-1456292787-503 - Limited - Disabled)
Guest (S-1-5-21-2931057295-1006745406-1456292787-501 - Limited - Disabled)
SUS (S-1-5-21-2931057295-1006745406-1456292787-1001 - Administrator - Enabled) =>
C:\Users\yashr
WDAGUtilityAccount (S-1-5-21-2931057295-1006745406-1456292787-504 - Limited -
Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}


FW: COMODO Firewall (Enabled) {3D87FB90-B561-70B4-3B0B-BCEFE7656ABC}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to
unhide them. The adware programs should be uninstalled manually.)

7-Zip 24.06 (x64) (HKLM\...\7-Zip) (Version: 24.06 - Igor Pavlov)


ARMOURY CRATE Lite Service (HKLM\...\{EF3944FF-2501-4568-B15C-5701E726719E})
(Version: 5.8.9 - ASUS)
ASUS Ambient HAL (HKLM\...\{00C7B374-9D50-4C30-B849-D2DAD6BC24D9}) (Version:
3.2.0.0 - ASUSTeK COMPUTER INC.) Hidden
ASUS Ambient HAL (HKLM-x32\...\{8ae78681-7936-4da1-8a2b-2861c3ba9f04}) (Version:
3.2.0.0 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM\...\{237E1CAC-1708-4940-AC34-DF15C079AB70})
(Version: 1.1.0.20 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM-x32\...\{49c4358d-054e-4cf1-9ec1-dca3487f304a})
(Version: 1.1.0.20 - ASUSTeK COMPUTER INC.) Hidden
ASUS Aura SDK (HKLM\...\{CF8E6E00-9C03-4440-81C0-21FACB921A6B}) (Version: 3.04.42 -
ASUSTek COMPUTER INC.) Hidden
ASUS Framework Service (HKLM-x32\...\{339A6383-7862-46DA-8A9D-E84180EF9424})
(Version: 4.1.1.2 - ASUSTeK Computer Inc.)
ASUS Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version:
1.3.107.113 - ASUSTeK Computer Inc.) Hidden
AURA DRAM Component (HKLM\...\{F2E3BF81-9CB7-4093-8A2B-FF7DFF631E7F}) (Version:
1.1.25 - ASUS) Hidden
AURA DRAM Component (HKLM-x32\...\{9e3269a6-bacd-4c90-98cc-28b15874bf74}) (Version:
1.1.25 - ASUS) Hidden
AURA lighting effect add-on (HKLM-x32\...\{1E2EA04B-FCA7-457E-B6F4-F33E1858E859})
(Version: 0.0.43 - ASUSTek COMPUTER INC.)
AURA lighting effect add-on x64 (HKLM\...\{C5A4A164-4428-4931-B728-96EEF0FA3C44})
(Version: 0.0.43 - ASUSTek COMPUTER INC.)
AURA Service (HKLM-x32\...\{56EEEF7D-0AE3-401A-898B-581719D005AE}) (Version:
3.07.43 - ASUSTeK Computer Inc.) Hidden
AURA Service (HKLM-x32\...\{5bf96be1-0089-49f7-a574-1ed6dc7dc1b0}) (Version:
3.07.43 - ASUSTeK Computer Inc.)
BleachBit (HKU\S-1-5-21-2931057295-1006745406-1456292787-1001\...\BleachBit)
(Version: 4.6.0.2537 - BleachBit)
CapCut (HKU\S-1-5-21-2931057295-1006745406-1456292787-1001\...\CapCut) (Version:
3.9.0.1459 - Bytedance Pte. Ltd.)
COMODO Firewall (HKLM\...\{0E9AFD45-C3BA-41D1-B54B-495A22CB3409}) (Version:
12.2.2.8012 - COMODO Security Solutions Inc.) Hidden
COMODO Firewall (HKLM\...\COMODO Internet Security) (Version: 12.2.2.8012 - COMODO
Security Solutions Inc.)
Discord (HKU\S-1-5-21-2931057295-1006745406-1456292787-1001\...\Discord) (Version:
1.0.9147 - Discord Inc.)
ENE RGB HAL (HKLM\...\{E050E98C-5524-4AFB-9E53-97700BEF2C02}) (Version: 1.1.49.4 -
Ene Tech.) Hidden
ENE RGB HAL (HKLM-x32\...\{98faff1a-720e-4ffe-b922-0a1d6ec0d699}) (Version:
1.1.49.4 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.13.0
- ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{0d380ad9-daa5-4680-ada2-dc3ed9207e16}) (Version:
1.0.13.0 - ENE TECHNOLOGY INC.) Hidden
Epic Games Launcher (HKLM-x32\...\{B85FAA6E-A9AA-4655-9029-E1A4EDC05E1A}) (Version:
1.3.93.0 - Epic Games, Inc.)
GameSDK Service (HKLM-x32\...\{021d69c3-d686-4a94-8fb5-fd1ee782fb14}) (Version:
1.0.5.0 - ASUSTek COMPUTER INC.)
GameSDK Service (HKLM-x32\...\{7160DA8D-3F25-4F6E-ABC8-F693551D82FA}) (Version:
1.0.5.0 - ASUSTek COMPUTER INC.) Hidden
Genshin Impact (HKLM\...\Genshin Impact) (Version: 2.33.7.0 - COGNOSPHERE PTE.
LTD.)
Glary Utilities 6.11 (HKLM-x32\...\Glary Utilities) (Version: 6.11.0.15 - Glarysoft
Ltd)
GM320 RGB (HKLM-x32\...\{2A64AC9B-9DC5-4AC8-B9A8-9B43EEF18321}) (Version: 1.00.0000
- antesports)
GM320 RGB (HKLM-x32\...\{8E7381B4-AA64-471A-B892-891E3A69F1C6}) (Version: 1.00.0000
- antesports)
Intel(R) Chipset Device Software (HKLM\...\{2B96B7E3-FA08-4749-9D23-CDC64F1B835B})
(Version: 10.1.19600.8418 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{404581d0-19c1-47ba-bcd3-
10178793c239}) (Version: 10.1.19600.8418 - Intel(R) Corporation)
Intel(R) Serial IO (HKLM\...\{80E278C3-C089-4D7E-B83A-9C75A691F526}) (Version:
30.100.2237.26 - Intel Corporation) Hidden
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version:
30.100.2237.26 - Intel Corporation)
Internet Security Essentials (HKLM-x32\...\ComodoIse) (Version: 1.6.472587.185 -
Comodo)
Java 8 Update 411 (64-bit) (HKLM\...\{77924AE4-039E-4CA4-87B4-2F64180411F0})
(Version: 8.0.4110.9 - Oracle Corporation)
Kingston AURA DRAM Component (HKLM\...\{965CDF5F-901C-476F-B3A8-7396701B1129})
(Version: 1.1.33 - KINGSTON COMPONENTS INC.) Hidden
Kingston AURA DRAM Component (HKLM-x32\...\{6fcd931b-eac3-4850-9d72-8e2124e32754})
(Version: 1.1.33 - KINGSTON COMPONENTS INC.) Hidden
Lively Wallpaper version 2.1.0.8 (HKU\S-1-5-21-2931057295-1006745406-1456292787-
1001\...\{E3E43E1B-DEC8-44BF-84A6-243DBA3F2CB1}}_is1) (Version: 2.1.0.8 -
rocksdanister)
Mem Reduct (HKLM\...\memreduct) (Version: 3.4 - Henry++)
Microsoft .NET Host - 6.0.16 (x64) (HKLM\...\{1D0AC7F1-2B34-44AF-91F6-
88757D768DA7}) (Version: 48.67.58427 - Microsoft Corporation) Hidden
Microsoft .NET Host - 8.0.6 (x64) (HKLM\...\{EAEDD1FB-8876-4FD8-98A6-3AF439887414})
(Version: 64.24.15199 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.16 (x64) (HKLM\...\{B8537ACA-B210-4DF5-B928-
E41CEB76723D}) (Version: 48.67.58427 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 8.0.5 (x64) (HKLM\...\{25F6351D-21A3-4E92-964E-
01E864A21AB1}) (Version: 64.20.13583 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 8.0.6 (x64) (HKLM\...\{59C4A6C5-E254-4819-B254-
0B4FF17747EB}) (Version: 64.24.15199 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.16 (x64) (HKLM\...\{C71E93D2-B8B4-4858-B2A1-
4C967DBC1C5F}) (Version: 48.67.58427 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.16 (x64) (HKLM-x32\...\{2a8d0f2b-911b-4b58-8252-
46b29e7a4590}) (Version: 6.0.16.32323 - Microsoft Corporation)
Microsoft .NET Runtime - 8.0.5 (x64) (HKLM\...\{26037618-FB6D-47BC-9F99-
4C4323C4CEC6}) (Version: 64.20.13583 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 8.0.6 (x64) (HKLM\...\{F69305BE-6EFA-45D0-9635-
752373304A1A}) (Version: 64.24.15199 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 126.0.2592.68 - Microsoft
Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version:
126.0.2592.68 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473})
(Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-
6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\
{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft
Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.25.28508 (HKLM-x32\...\
{65e650ff-30be-469d-b63a-418d71ea1765}) (Version: 14.25.28508.3 - Microsoft
Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.36.32532 (HKLM-x32\...\
{8bdfe669-9705-4184-9368-db9ce581e0e7}) (Version: 14.36.32532.0 - Microsoft
Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.36.32532 (HKLM\...\{0025DD72-
A959-45B5-A0A3-7EFEB15A8050}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.36.32532 (HKLM\...\{D5D19E2F-
7189-42FE-8103-92CD1FA457C2}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.36.32532 (HKLM-x32\...\
{C2C59CAB-8766-4ABD-A8EF-1151A36C41E5}) (Version: 14.36.32532 - Microsoft
Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.36.32532 (HKLM-x32\...\
{73F77E4E-5A17-46E5-A5FC-8A061047725F}) (Version: 14.36.32532 - Microsoft
Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.5 (x64) (HKLM\...\{CE4D0B17-4E11-41F9-8C3B-
73F61DFE0797}) (Version: 64.20.13589 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.6 (x64) (HKLM\...\{0EF5DD4D-EC49-4AE7-8C9A-
F64FF8B3EA58}) (Version: 64.24.15241 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.6 (x64) (HKLM-x32\...\{942f6911-1a02-4186-
8c4c-b27eb2b9733d}) (Version: 8.0.6.33720 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-
67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 8.6.8 - Notepad++ Team)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-
A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.28.0.417 (HKLM\...\{B2FE1952-0186-46C3-BAEC-
A80AA35AC5B8}_Display.GFExperience) (Version: 3.28.0.417 - NVIDIA Corporation)
NVIDIA Graphics Driver 555.99 (HKLM\...\{B2FE1952-0186-46C3-BAEC-
A80AA35AC5B8}_Display.Driver) (Version: 555.99 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.4.0.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-
A80AA35AC5B8}_HDAudio.Driver) (Version: 1.4.0.1 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.23.1019 (HKLM\...\{B2FE1952-0186-46C3-BAEC-
A80AA35AC5B8}_Display.PhysX) (Version: 9.23.1019 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Opera GX Stable 109.0.5097.108 (HKU\S-1-5-21-2931057295-1006745406-1456292787-
1001\...\Opera GX 109.0.5097.108) (Version: 109.0.5097.108 - Opera Software)
Opera GX Stable 109.0.5097.142 (HKU\S-1-5-21-2931057295-1006745406-1456292787-
1001\...\Opera GX 109.0.5097.142) (Version: 109.0.5097.142 - Opera Software)
Patriot Viper DRAM RGB (HKLM\...\{1F9C282E-CCB4-4D8E-A5CB-7B74DFCD8C95}) (Version:
1.0.9.8 - Patriot Memory) Hidden
Patriot Viper DRAM RGB (HKLM-x32\...\{55993b50-5bec-47c8-8b2b-1aecad927e48})
(Version: 1.0.9.8 - Patriot Memory) Hidden
Patriot Viper M2 SSD RGB (HKLM\...\{8B4C0A3D-C135-4E1F-98D8-3926494B4D61})
(Version: 1.1.0.3 - Patriot Memory) Hidden
Patriot Viper M2 SSD RGB (HKLM-x32\...\{6e0eff60-c502-43bb-8f56-360ca07e73d9})
(Version: 1.1.0.3 - Patriot Memory) Hidden
PC Remote Receiver 7.5.16 (HKLM\...\PC Remote Receiver) (Version: 7.5.16 - Monect,
Inc.)
PlayStation(R) PC SDK Runtime (HKLM\...\{B83C13B0-2598-4DA3-8A21-4D8750DF3332})
(Version: 2.16.0001 - Sony Interactive Entertainment Inc.)
PowerToys (Preview) (HKLM\...\{BFA8AF9A-AC09-422E-99DA-29479F232E25}) (Version:
0.81.1 - Microsoft Corporation) Hidden
PowerToys (Preview) x64 (HKU\S-1-5-21-2931057295-1006745406-1456292787-1001\...\
{ba004f68-3d55-4428-b56b-a04921bde4bc}) (Version: 0.81.1 - Microsoft Corporation)
PyCharm Community Edition 2024.1.2 (HKLM-x32\...\PyCharm Community Edition
2024.1.2) (Version: 241.17011.127 - JetBrains s.r.o.)
Python 3.12.3 (64-bit) (HKU\S-1-5-21-2931057295-1006745406-1456292787-1001\...\
{5ee4d2b6-a5dc-4321-b6bd-3ebc98120a51}) (Version: 3.12.3150.0 - Python Software
Foundation)
Python 3.12.3 Add to Path (64-bit) (HKLM\...\{8FB3DEFF-4D86-4889-9B0A-
0FE7AE90D7C9}) (Version: 3.12.3150.0 - Python Software Foundation) Hidden
Python 3.12.3 Core Interpreter (64-bit) (HKLM\...\{3519C7D0-70D4-46F5-A0A9-
3A115D73E2EC}) (Version: 3.12.3150.0 - Python Software Foundation) Hidden
Python 3.12.3 Development Libraries (64-bit) (HKLM\...\{8EB1F259-1326-4583-B383-
F5C3D7C93D7D}) (Version: 3.12.3150.0 - Python Software Foundation) Hidden
Python 3.12.3 Documentation (64-bit) (HKLM\...\{5C195EDE-CE8F-4C5C-A4B8-
B60913B9C2B9}) (Version: 3.12.3150.0 - Python Software Foundation) Hidden
Python 3.12.3 Executables (64-bit) (HKLM\...\{474E5879-A9D5-4DF5-9385-
ADF7E224CEC7}) (Version: 3.12.3150.0 - Python Software Foundation) Hidden
Python 3.12.3 pip Bootstrap (64-bit) (HKLM\...\{837260D6-3959-452B-A557-
666302BEA663}) (Version: 3.12.3150.0 - Python Software Foundation) Hidden
Python 3.12.3 Standard Library (64-bit) (HKLM\...\{A1839EB2-3C30-4BCD-AACF-
04F6FF6C90CD}) (Version: 3.12.3150.0 - Python Software Foundation) Hidden
Python 3.12.3 Tcl/Tk Support (64-bit) (HKLM\...\{A2FC8FF0-021A-431C-826E-
E4B85D3F064F}) (Version: 3.12.3150.0 - Python Software Foundation) Hidden
Python 3.12.3 Test Suite (64-bit) (HKLM\...\{575FEF7A-71FE-437E-91B0-D3838C1026DA})
(Version: 3.12.3150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{52ABF617-F7B4-40F9-8197-C7490DAA97A3}) (Version:
3.12.3150.0 - Python Software Foundation)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC})
(Version: 6.0.9496.1 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-
06DFEED9A476}) (Version: 11.9.0614.2022 - Realtek)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version: - Riot Games, Inc.)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version:
1.0.89.1979 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version:
2.3.0.2 - Rockstar Games)
ROG Live Service (HKLM\...\{2D87BFB6-C184-4A59-9BBE-3E20CE797631}) (Version:
2.3.16.0 - ASUSTek COMPUTER INC.)
SnowRunner (HKLM-x32\...\SnowRunner_is1) (Version: - )
SnowRunnerModIo (HKU\S-1-5-21-2931057295-1006745406-1456292787-1001\...\
d6f5351359f482a2) (Version: 1.0.0.4 - SnowRunnerModIo)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Twinkle Tray 1.15.4 (HKU\S-1-5-21-2931057295-1006745406-1456292787-
1001\...\5cfff8db-b587-542d-a90b-51d2e2742b09) (Version: 1.15.4 - Xander Frangos)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 153.1.11069 - Ubisoft)
Universal Holtek RGB DRAM (HKLM\...\{826388E4-E31F-4514-948B-3BB954FB3EAF})
(Version: 1.0.0.7 - PD) Hidden
Universal Holtek RGB DRAM (HKLM-x32\...\{9a732423-e2f4-47d0-87ab-ef745c7dba69})
(Version: 1.0.0.7 - PD) Hidden
VALORANT (HKU\S-1-5-21-2931057295-1006745406-1456292787-1001\...\Riot Game
valorant.live) (Version: - Riot Games, Inc)
WD_BLACK AN1500 (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version:
1.0.14.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK AN1500 (HKLM-x32\...\{e42c5874-37b0-4977-9e8d-70bf006e1f76}) (Version:
1.0.14.0 - ENE TECHNOLOGY INC.) Hidden
Windscribe (HKLM\...\{fa690e90-ddb0-4f0c-b3f1-136c084e5fc7}_is1) (Version: 2.9.9 -
Windscribe Limited)
WinPaletter (HKU\S-1-5-21-2931057295-1006745406-1456292787-1001\...\WinPaletter)
(Version: 1.0.9.3 - Abdelrhman-AK)
Wise Game Booster (HKLM-x32\...\Wise Game Booster_is1) (Version: 1.5.7 - Lespeed
Technology Co., Ltd)

Packages:
=========

Armoury Crate -> C:\Program Files\ASUS\AacAmbientHal [2024-05-29] (Sparse Package)


ARMOURY CRATE -> C:\Program Files\WindowsApps\
B9ECED6F.ArmouryCrate_5.8.9.0_x64__qmba6cd70vzyy [2024-06-10] (ASUSTeK COMPUTER
INC.)
Ink.Handwriting.en-US.1.0 -> C:\Program Files\WindowsApps\
Microsoft.Ink.Handwriting.en-US.1.0_0.237.110.0_x64__8wekyb3d8bbwe [2024-06-10]
(Microsoft Corporation)
Ink.Handwriting.en-US.1.0 -> C:\Program Files\WindowsApps\
Microsoft.Ink.Handwriting.en-US.1.0_0.237.110.0_x86__8wekyb3d8bbwe [2024-06-10]
(Microsoft Corporation)
Ink.Handwriting.Main.en-US.1.0 -> C:\Program Files\WindowsApps\
Microsoft.Ink.Handwriting.Main.en-US.1.0.1_0.237.110.0_x64__8wekyb3d8bbwe [2024-06-
10] (Microsoft Corporation)
MicrosoftWindows.CrossDevice -> C:\Program Files\WindowsApps\
MicrosoftWindows.CrossDevice_1.24052.57.0_x64__cw5n1h2txyewy [2024-06-18]
(Microsoft Windows) [Startup Task]
Notepad++ -> C:\Program Files\Notepad++\contextMenu [2024-06-17] (Notepad++)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\
NVIDIACorp.NVIDIAControlPanel_8.1.966.0_x64__56jybvy8sckqj [2024-06-14] (NVIDIA
Corp.)
Photos -> C:\Program Files\WindowsApps\
Microsoft.Windows.Photos_2024.11060.12008.0_x64__8wekyb3d8bbwe [2024-06-19]
(Microsoft Corporation) [Startup Task]
PowerToys FileLocksmith Context Menu -> C:\Users\yashr\AppData\Local\PowerToys\
WinUI3Apps [2024-05-31] (Microsoft)
PowerToys ImageResizer Context Menu -> C:\Users\yashr\AppData\Local\PowerToys
[2024-05-31] (Microsoft)
PowerToys PowerRename Context Menu -> C:\Users\yashr\AppData\Local\PowerToys\
WinUI3Apps [2024-05-31] (Microsoft)
Realtek Audio Control -> C:\Program Files\WindowsApps\
RealtekSemiconductorCorp.RealtekAudioControl_1.41.290.0_x64__dt26b99r8h8gj [2024-
06-10] (Realtek Semiconductor Corp)
TranslucentTB -> C:\Program Files\WindowsApps\
28017CharlesMilette.TranslucentTB_2024.1.0.0_x64__v826wp6bftszj [2024-06-11]
(Charles Milette) [Startup Task]
WinAppRuntime.Main.1.5 -> C:\Program Files\WindowsApps\
MicrosoftCorporationII.WinAppRuntime.Main.1.5_5001.159.55.0_x64__8wekyb3d8bbwe
[2024-06-12] (Microsoft Corp.)
WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\
MicrosoftCorporationII.WinAppRuntime.Singleton_5001.159.55.0_x64__8wekyb3d8bbwe
[2024-06-12] (Microsoft Corp.)
Windows Feature Experience Pack -> C:\Windows\SystemApps\
MicrosoftWindows.Client.LKG_cw5n1h2txyewy [2024-06-12] (Microsoft Windows)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The
file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2931057295-1006745406-1456292787-1001_Classes\CLSID\
{0440049F-D1DC-4E46-B27B-98393D79486B}\InprocServer32 -> C:\Users\yashr\AppData\
Local\PowerToys\WinUI3Apps\PowerToys.PowerRenameExt.dll (Microsoft Corporation ->
Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2931057295-1006745406-1456292787-1001_Classes\CLSID\
{14d341c5-edb2-efea-ae43-c374d0136ff2}\localserver32 -> C:\Users\yashr\AppData\
Local\PowerToys\PowerToys.PowerLauncher.exe (Microsoft Corporation -> Microsoft
Corporation)
CustomCLSID: HKU\S-1-5-21-2931057295-1006745406-1456292787-1001_Classes\CLSID\
{51B4D7E5-7568-4234-B4BB-47FB3C016A69}\InprocServer32 -> C:\Users\yashr\AppData\
Local\PowerToys\PowerToys.ImageResizerExt.dll (Microsoft Corporation -> Microsoft
Corporation)
CustomCLSID: HKU\S-1-5-21-2931057295-1006745406-1456292787-1001_Classes\CLSID\
{84D68575-E186-46AD-B0CB-BAEB45EE29C0}\InprocServer32 -> C:\Users\yashr\AppData\
Local\PowerToys\WinUI3Apps\PowerToys.FileLocksmithExt.dll (Microsoft Corporation ->
Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2931057295-1006745406-1456292787-1001_Classes\CLSID\
{AD856B15-D25E-4008-AFB7-AFAA55586188}\InprocServer32 -> C:\Users\yashr\AppData\
Local\PowerToys\PowerToys.QoiThumbnailProviderCpp.dll (Microsoft Corporation ->
Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2931057295-1006745406-1456292787-1001_Classes\CLSID\
{D8034CFA-F34B-41FE-AD45-62FCBB52A6DA}\InprocServer32 -> C:\Users\yashr\AppData\
Local\PowerToys\PowerToys.MonacoPreviewHandlerCpp.dll (Microsoft Corporation ->
Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2931057295-1006745406-1456292787-1001_Classes\CLSID\
{DD5CACDA-7C2E-4997-A62A-04A597B58F76}\localserver32 -> C:\Users\yashr\AppData\
Local\PowerToys\PowerToys.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2931057295-1006745406-1456292787-1001_Classes\CLSID\
{F2847CBE-CD03-4C83-A359-1A8052C1B9D5}\InprocServer32 -> C:\Users\yashr\AppData\
Local\PowerToys\PowerToys.GcodeThumbnailProviderCpp.dll (Microsoft Corporation ->
Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2931057295-1006745406-1456292787-1001_Classes\CLSID\
{FCDD4EED-41AA-492F-8A84-31A1546226E0}\InprocServer32 -> C:\Users\yashr\AppData\
Local\PowerToys\PowerToys.SvgPreviewHandlerCpp.dll (Microsoft Corporation ->
Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\
Program Files\7-Zip\7-zip.dll [2024-05-26] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD}
=> C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2021-01-22]
(Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD}
=> C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2021-01-22]
(Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\
Program Files\7-Zip\7-zip.dll [2024-05-26] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-
BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\
nvhdci.inf_amd64_a72fe1415cc3fd16\nvshext.dll [2024-06-02] (NVIDIA Corporation ->
NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\
Program Files\7-Zip\7-zip.dll [2024-05-26] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD}
=> C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2021-01-22]
(Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers2_S-1-5-21-2931057295-1006745406-1456292787-1001:
[FileLocksmithExt] -> {84D68575-E186-46AD-B0CB-BAEB45EE29C0} => C:\Users\yashr\
AppData\Local\PowerToys\WinUI3Apps\PowerToys.FileLocksmithExt.dll [2024-05-27]
(Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers3_S-1-5-21-2931057295-1006745406-1456292787-1001:
[FileLocksmithExt] -> {84D68575-E186-46AD-B0CB-BAEB45EE29C0} => C:\Users\yashr\
AppData\Local\PowerToys\WinUI3Apps\PowerToys.FileLocksmithExt.dll [2024-05-27]
(Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers3_S-1-5-21-2931057295-1006745406-1456292787-1001:
[PowerRenameExt] -> {0440049F-D1DC-4E46-B27B-98393D79486B} => C:\Users\yashr\
AppData\Local\PowerToys\WinUI3Apps\PowerToys.PowerRenameExt.dll [2024-05-27]
(Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5_S-1-5-21-2931057295-1006745406-1456292787-1001:
[PowerRenameExt] -> {0440049F-D1DC-4E46-B27B-98393D79486B} => C:\Users\yashr\
AppData\Local\PowerToys\WinUI3Apps\PowerToys.PowerRenameExt.dll [2024-05-27]
(Microsoft Corporation -> Microsoft Corporation)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2024-05-28 17:41 - 2024-03-20 02:50 - 000423424 _____ () [File not signed] \\?\C:\
Program Files (x86)\ASUS\ArmouryDevice\resources\app.asar.unpacked\node_modules\
ac_node_addon\build\Release\ac_node_addon.node
2024-05-28 17:41 - 2023-04-15 02:48 - 000319488 _____ () [File not signed] \\?\C:\
Program Files (x86)\ASUS\ArmouryDevice\resources\app.asar.unpacked\node_modules\
sharp\build\Release\sharp-win32-ia32.node
2024-06-24 09:07 - 2024-06-24 09:07 - 000287744 _____ () [File not signed] \\?\C:\
Users\yashr\AppData\Local\Temp\3329fd14-ff3e-4f9d-8bea-8fcc85416852.tmp.node
2024-06-24 09:07 - 2024-06-24 09:07 - 000109056 _____ () [File not signed] \\?\C:\
Users\yashr\AppData\Local\Temp\69db5a43-507b-4307-bc68-dfa36be15523.tmp.node
2024-06-24 09:07 - 2024-06-24 09:07 - 000123392 _____ () [File not signed] \\?\C:\
Users\yashr\AppData\Local\Temp\887c3054-cdf5-4d2b-99b6-9498077d4d48.tmp.node
2024-06-24 09:07 - 2024-06-24 09:07 - 000118272 _____ () [File not signed] \\?\C:\
Users\yashr\AppData\Local\Temp\8a8a5daf-42ea-4f14-ad1a-6673e47edb8d.tmp.node
2024-06-24 09:07 - 2024-06-24 09:07 - 000104960 _____ () [File not signed] \\?\C:\
Users\yashr\AppData\Local\Temp\91467cc9-26f2-4fca-b15f-1b1500cc6c11.tmp.node
2024-06-24 09:07 - 2024-06-24 09:07 - 000665088 _____ () [File not signed] \\?\C:\
Users\yashr\AppData\Local\Temp\961e15e5-732e-4d10-932a-8b2dbecfb60c.tmp.node
2024-06-24 09:07 - 2024-06-24 09:07 - 000137728 _____ () [File not signed] \\?\C:\
Users\yashr\AppData\Local\Temp\c04179e8-3141-4eb8-8c4c-14cb92686c38.tmp.node
2024-06-24 09:07 - 2024-06-24 09:07 - 000665088 _____ () [File not signed] \\?\C:\
Users\yashr\AppData\Local\Temp\e03f1ac5-0c18-4963-a953-b0197f2c2dad.tmp.node
2024-06-24 09:07 - 2024-06-24 09:07 - 000148480 _____ () [File not signed] \\?\C:\
Users\yashr\AppData\Local\Temp\ff012989-da29-43d1-af31-893275fed6f6.tmp.node
2024-06-10 23:02 - 2023-06-17 05:51 - 002787840 _____ () [File not signed] C:\
Users\yashr\AppData\Local\Programs\twinkle-tray\ffmpeg.dll
2024-06-10 23:02 - 2023-06-17 05:51 - 000468992 _____ () [File not signed] C:\
Users\yashr\AppData\Local\Programs\twinkle-tray\libegl.dll
2024-06-10 23:02 - 2023-06-17 05:51 - 007409664 _____ () [File not signed] C:\
Users\yashr\AppData\Local\Programs\twinkle-tray\libglesv2.dll
2024-06-10 23:02 - 2023-06-17 05:51 - 004873728 _____ () [File not signed] C:\
Users\yashr\AppData\Local\Programs\twinkle-tray\vk_swiftshader.dll
2023-12-08 00:56 - 2023-12-08 00:56 - 001490944 _____ () [File not signed] C:\
Users\yashr\AppData\Roaming\uTorrent Web\avcodec-58.dll
2023-12-08 00:56 - 2023-12-08 00:56 - 000949248 _____ () [File not signed] C:\
Users\yashr\AppData\Roaming\uTorrent Web\avformat-58.dll
2023-12-08 00:56 - 2023-12-08 00:56 - 000635392 _____ () [File not signed] C:\
Users\yashr\AppData\Roaming\uTorrent Web\avutil-56.dll
2023-12-08 00:56 - 2023-12-08 00:56 - 000153088 _____ () [File not signed] C:\
Users\yashr\AppData\Roaming\uTorrent Web\swresample-3.dll
2024-05-25 21:33 - 2024-04-16 11:43 - 001341952 _____ (GitHub) [File not signed]
[File is in use] C:\Users\yashr\AppData\Local\Programs\Lively Wallpaper\Octokit.dll
2024-05-25 21:33 - 2023-12-30 11:31 - 000076800 _____ (Google) [File not signed]
[File is in use] C:\Users\yashr\AppData\Local\Programs\Lively Wallpaper\
GrpcDotNetNamedPipes.dll
2024-05-25 21:33 - 2022-05-18 02:11 - 000225280 _____
(gsscoder;nemec;ericnewton76;moh-hassan) [File not signed] [File is in use] C:\
Users\yashr\AppData\Local\Programs\Lively Wallpaper\CommandLine.dll
2024-05-14 16:00 - 2024-05-26 22:30 - 000101376 _____ (Igor Pavlov) [File not
signed] C:\Program Files\7-Zip\7-zip.dll
2024-05-25 21:33 - 2023-11-04 10:32 - 000067584 _____ (Linearstar) [File not
signed] [File is in use] C:\Users\yashr\AppData\Local\Programs\Lively Wallpaper\
RawInput.Sharp.dll
2024-05-25 21:33 - 2024-05-31 23:02 - 000682496 _____ (Lively) [File not signed]
[File is in use] C:\Users\yashr\AppData\Local\Programs\Lively Wallpaper\Lively.dll
2024-05-25 21:33 - 2024-05-31 23:02 - 000115200 _____ (Lively.Common) [File not
signed] [File is in use] C:\Users\yashr\AppData\Local\Programs\Lively Wallpaper\
Lively.Common.dll
2024-05-25 21:33 - 2024-05-31 23:02 - 000007680 _____ (Lively.Common.Factories)
[File not signed] [File is in use] C:\Users\yashr\AppData\Local\Programs\Lively
Wallpaper\Lively.Common.Factories.dll
2024-05-25 21:33 - 2024-05-31 23:02 - 000038912 _____ (Lively.Common.Services)
[File not signed] [File is in use] C:\Users\yashr\AppData\Local\Programs\Lively
Wallpaper\Lively.Common.Services.dll
2024-05-25 21:33 - 2024-05-31 23:02 - 000168448 _____ (Lively.Grpc.Common) [File
not signed] [File is in use] C:\Users\yashr\AppData\Local\Programs\Lively
Wallpaper\Lively.Grpc.Common.dll
2024-05-25 21:33 - 2024-05-31 23:02 - 000048128 _____ (Lively.Models) [File not
signed] [File is in use] C:\Users\yashr\AppData\Local\Programs\Lively Wallpaper\
Lively.Models.dll
2024-05-25 21:33 - 2020-01-26 00:09 - 000005120 _____ (Matteo Pagani) [File not
signed] [File is in use] C:\Users\yashr\AppData\Local\Programs\Lively Wallpaper\
DesktopBridge.Helpers.dll
2024-05-25 21:33 - 2023-12-30 12:17 - 000939008 _____ (NLog) [File not signed]
[File is in use] C:\Users\yashr\AppData\Local\Programs\Lively Wallpaper\NLog.dll
2024-05-25 21:33 - 2021-04-02 10:14 - 000015360 _____ (OpenByte) [File not signed]
[File is in use] C:\Users\yashr\AppData\Local\Programs\Lively Wallpaper\
WinEventHook.dll
2024-05-25 21:33 - 2019-01-16 10:24 - 000032768 _____ (Soroush Falahati
(falahati.net)) [File not signed] [File is in use] C:\Users\yashr\AppData\Local\
Programs\Lively Wallpaper\UACHelper.dll
2023-12-08 00:56 - 2023-12-08 00:56 - 002554880 _____ (The OpenSSL Project,
hxxps://www.openssl.org/) [File not signed] C:\Users\yashr\AppData\Roaming\uTorrent
Web\libcrypto-1_1.dll
2023-12-08 00:56 - 2023-12-08 00:56 - 000537600 _____ (The OpenSSL Project,
hxxps://www.openssl.org/) [File not signed] C:\Users\yashr\AppData\Roaming\uTorrent
Web\libssl-1_1.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows\tracing:? [16]


AlternateDataStreams: C:\ProgramData\autoclickconfig.ini:07021500A6 [6010]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\
desktop.ini:B1DA6C571C [6010]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\
desktop.ini:41964AA945 [6010]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic
Games Launcher.lnk:BE32D07BC5 [6010]
AlternateDataStreams: C:\Users\Public\Documents\BstShm_5.21.150.1024_nxt:6B75DFD9E6
[4298]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

(If an entry is included in the fixlist, the registry item will be restored to
default or removed.)

HKU\S-1-5-21-2931057295-1006745406-1456292787-1001\Software\Classes\regfile: <====
ATTENTION
HKU\S-1-5-21-2931057295-1006745406-1456292787-1001\Software\Classes\.reg: =>
<==== ATTENTION
HKU\S-1-5-21-2931057295-1006745406-1456292787-1001\Software\Classes\.bat: =>
<==== ATTENTION
HKU\S-1-5-21-2931057295-1006745406-1456292787-1001\Software\Classes\.cmd: =>
<==== ATTENTION

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-2931057295-1006745406-1456292787-1001\Software\Microsoft\Internet
Explorer\Main,Start Page = hxxp://in.yahoo.com?fr=fp-
comodo&type=33050001005_12.2.2.7036_i_hp
SearchScopes: HKU\S-1-5-21-2931057295-1006745406-1456292787-1001 -> DefaultScope
{8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL =
hxxp://in.search_path.yahoo.com/search_path?p={searchTerms}&fr=chr-
comodo&type=33050001005_12.2.2.7036_i_ds
SearchScopes: HKU\S-1-5-21-2931057295-1006745406-1456292787-1001 -> {8EEAC88A-079B-
4b2c-80C1-7836F79EB40A} URL = hxxp://in.search_path.yahoo.com/search_path?
p={searchTerms}&fr=chr-comodo&type=33050001005_12.2.2.7036_i_ds
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\
Program Files\Java\jre-1.8\bin\ssv.dll [2024-03-13] (Oracle America, Inc. -> Oracle
Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\
Program Files\Java\jre-1.8\bin\jp2ssv.dll [2024-03-13] (Oracle America, Inc. ->
Oracle Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2022-05-07 10:54 - 2022-05-07 10:52 - 000000824 _____ C:\Windows\system32\drivers\
etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\


Program Files (x86)\Common Files\Oracle\Java\java8path;C:\Program Files (x86)\
Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\
system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\
WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\dotnet\;C:\
ProgramData\chocolatey\bin;C:\Program Files (x86)\NVIDIA Corporation\PhysX\
Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;
HKU\S-1-5-21-2931057295-1006745406-1456292787-1001\Control Panel\Desktop\\Wallpaper
->
DNS Servers: 156.154.70.22 - 156.154.71.22
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System =>
(ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.

Network Binding:
=============
Ethernet: COMODO Internet Security Firewall Driver -> inspect (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: ArmouryCrateService => 2


MSCONFIG\Services: asComSvc => 3
MSCONFIG\Services: asus => 2
MSCONFIG\Services: AsusCertService => 2
MSCONFIG\Services: AsusFanControlService => 2
MSCONFIG\Services: asusm => 3
MSCONFIG\Services: AsusUpdateCheck => 2
MSCONFIG\Services: GUBootService => 2
MSCONFIG\Services: GUMemfilesService => 2
MSCONFIG\Services: Intel(R) Platform License Manager Service => 2
MSCONFIG\Services: LightingService => 2
MSCONFIG\Services: Rockstar Service => 3
MSCONFIG\Services: ROG Live Service => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: WindscribeService => 3
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "RtkAudUService"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Discord"
HKU\S-1-5-21-2931057295-1006745406-1456292787-1001\...\StartupApproved\Run: =>
"MicrosoftEdgeAutoLaunch_696CEBCE28AE49CC83C224BC5ABD0069"
HKU\S-1-5-21-2931057295-1006745406-1456292787-1001\...\StartupApproved\Run: =>
"Steam"
HKU\S-1-5-21-2931057295-1006745406-1456292787-1001\...\StartupApproved\Run: =>
"Discord"
HKU\S-1-5-21-2931057295-1006745406-1456292787-1001\...\StartupApproved\Run: =>
"Windscribe"
HKU\S-1-5-21-2931057295-1006745406-1456292787-1001\...\StartupApproved\Run: =>
"Opera GX Browser Assistant"
HKU\S-1-5-21-2931057295-1006745406-1456292787-1001\...\StartupApproved\Run: =>
"RiotClient"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The
file will not be moved unless listed separately.)

FirewallRules: [{C5B5AC29-1D9E-4767-9A6A-954686B467D9}] => (Allow) C:\Program Files


(x86)\Steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{C093553A-07FD-4F59-9DB8-9BDF4BA403B5}] => (Allow) C:\Program Files
(x86)\Steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{C723D919-5EBB-4C43-9530-0ECF49D45A07}] => (Allow) C:\Program Files
(x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve
Corporation)
FirewallRules: [{68EDA1C6-7BD8-4594-98CA-B2B8065CE33E}] => (Allow) C:\Program Files
(x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve
Corporation)
FirewallRules: [{8CCA24FA-2B70-4D22-950F-C69B4C6E164E}] => (Allow) C:\Program Files
(x86)\Microsoft\EdgeWebView\Application\126.0.2592.68\msedgewebview2.exe (Microsoft
Corporation -> Microsoft Corporation)

==================== Restore Points =========================

18-06-2024 23:39:11 COMODO Firewall Binary update


19-06-2024 16:07:45 Windows Modules Installer
19-06-2024 16:07:52 Windows Modules Installer
24-06-2024 04:11:05 Installed PlayStation(R) PC SDK Runtime
24-06-2024 04:11:21 Installed PlayStation(R) PC SDK Runtime 24.07-02.16.00.01

==================== Faulty Device Manager Devices ============

Name: vJoy Device


Description: vJoy Device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Shaul Eizikovich
Service: vjoy
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This
starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: ========================

Application errors:
==================
Error: (06/24/2024 09:27:35 AM) (Source: Application Error) (EventID: 1000) (User:
SUS)
Description: Faulting application name: HxTsr.exe, version: 16.0.14326.21962, time
stamp: 0x665fcafb
Faulting module name: HxOutlookBackground.dll, version: 16.0.14326.21962, time
stamp: 0x66625cb8
Exception code: 0x0071d20d
Fault offset: 0x00000000000ca741
Faulting process id: 0x0x1fe8
Faulting application start time: 0x0x1dac5eaa54c09ef
Faulting application path: C:\Program Files\WindowsApps\
microsoft.windowscommunicationsapps_16005.14326.21962.0_x64__8wekyb3d8bbwe\
HxTsr.exe
Faulting module path: C:\Program Files\WindowsApps\
microsoft.windowscommunicationsapps_16005.14326.21962.0_x64__8wekyb3d8bbwe\
HxOutlookBackground.dll
Report Id: 0e4ea19a-e681-440e-87b8-017b4e84b22e
Faulting package full name:
microsoft.windowscommunicationsapps_16005.14326.21962.0_x64__8wekyb3d8bbwe
Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

Error: (06/24/2024 09:27:35 AM) (Source: Microsoft-Windows-AppModel-State)


(EventID: 10) (User: SUS)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe-2147024891

Error: (06/24/2024 09:27:35 AM) (Source: Microsoft-Windows-AppModel-State)


(EventID: 10) (User: SUS)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe-2147024891

Error: (06/24/2024 09:27:35 AM) (Source: Microsoft-Windows-AppModel-State)


(EventID: 10) (User: SUS)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe-2147024891

Error: (06/24/2024 09:27:35 AM) (Source: Microsoft-Windows-AppModel-State)


(EventID: 10) (User: SUS)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe-2147024891

Error: (06/24/2024 09:27:35 AM) (Source: Microsoft-Windows-AppModel-State)


(EventID: 10) (User: SUS)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe-2147024891

Error: (06/24/2024 09:27:35 AM) (Source: Microsoft-Windows-AppModel-State)


(EventID: 10) (User: SUS)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe-2147024891

Error: (06/24/2024 09:27:34 AM) (Source: Microsoft-Windows-AppModel-State)


(EventID: 10) (User: SUS)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe-2147024891

System errors:
=============
Error: (06/24/2024 09:07:30 AM) (Source: DCOM) (EventID: 10001) (User: SUS)
Description: Unable to start a DCOM Server:
Microsoft.YourPhone_1.24051.101.0_x64__8wekyb3d8bbwe!
App.AppX3vhsrrrr4az9vb3h5mjdzkhtshkg5v0x.mca as Unavailable/Unavailable. The error:
"2147958031"
Happened while starting this command:
"C:\Windows\system32\backgroundTaskHost.exe" -
ServerName:App.AppXfkd8mejksk4ancwf4vtyhmkvtzn1jcbs.mca

Error: (06/24/2024 04:12:16 AM) (Source: DCOM) (EventID: 10010) (User: SUS)
Description: The server {C53A4F16-787E-42A4-B304-29EFFB4BF597} did not register
with DCOM within the required timeout.

Error: (06/24/2024 04:12:13 AM) (Source: DCOM) (EventID: 10010) (User: SUS)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register
with DCOM within the required timeout.

Error: (06/24/2024 04:12:13 AM) (Source: DCOM) (EventID: 10010) (User: SUS)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register
with DCOM within the required timeout.
Error: (06/24/2024 04:12:13 AM) (Source: DCOM) (EventID: 10010) (User: SUS)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register
with DCOM within the required timeout.

Error: (06/24/2024 04:12:13 AM) (Source: DCOM) (EventID: 10010) (User: SUS)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register
with DCOM within the required timeout.

Error: (06/24/2024 04:12:13 AM) (Source: DCOM) (EventID: 10010) (User: SUS)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register
with DCOM within the required timeout.

Error: (06/24/2024 04:12:13 AM) (Source: DCOM) (EventID: 10010) (User: SUS)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register
with DCOM within the required timeout.

Windows Defender:
================
Date: 2024-06-24 14:12:54
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted
software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/GenCBL.SIBA!
MTB&threatid=2147781940&enterprise=0
Name: Trojan:Win32/GenCBL.SIBA!MTB
Severity: Severe
Category: Trojan
Path: file:_C:\Users\yashr\AppData\Roaming\VC_redistx64.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: E:\downloads\scoped_dir11748_1246212785\FRST64.exe
Security intelligence Version: AV: 1.413.483.0, AS: 1.413.483.0, NIS: 1.413.483.0
Engine Version: AM: 1.1.24050.5, NIS: 1.1.24050.5

Date: 2024-06-24 14:12:54


Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted
software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Wacatac.H!
ml&threatid=2147814523&enterprise=0
Name: Trojan:Win32/Wacatac.H!ml
Severity: Severe
Category: Trojan
Path: file:_C:\Users\yashr\AppData\Roaming\gnHypersurrogatesavesDhcp.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: E:\downloads\scoped_dir11748_1246212785\FRST64.exe
Security intelligence Version: AV: 1.413.483.0, AS: 1.413.483.0, NIS: 1.413.483.0
Engine Version: AM: 1.1.24050.5, NIS: 1.1.24050.5

Date: 2024-06-24 14:12:51


Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted
software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/LummaStealer.RO!
MTB&threatid=2147909020&enterprise=0
Name: Trojan:Win32/LummaStealer.RO!MTB
Severity: Severe
Category: Trojan
Path: file:_C:\Users\yashr\AppData\Roaming\d3d9.dll
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: E:\downloads\scoped_dir11748_1246212785\FRST64.exe
Security intelligence Version: AV: 1.413.483.0, AS: 1.413.483.0, NIS: 1.413.483.0
Engine Version: AM: 1.1.24050.5, NIS: 1.1.24050.5

Date: 2024-06-24 13:40:27


Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted
software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Phonzy.C!
ml&threatid=2147772964&enterprise=0
Name: Trojan:Win32/Phonzy.C!ml
Severity: Severe
Category: Trojan
Path: file:_E:\@^NewFile_22885_UseAs_ṔḁṨṨCṏḌḙ%$\relay.dll
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: E:\@^NewFile_22885_UseAs_ṔḁṨṨCṏḌḙ%$\Setup.exe
Security intelligence Version: AV: 1.413.483.0, AS: 1.413.483.0, NIS: 1.413.483.0
Engine Version: AM: 1.1.24050.5, NIS: 1.1.24050.5

Date: 2024-06-24 12:13:56


Description:
Microsoft Defender Antivirus has detected potentially unwanted application(PUA).
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=PUA:Win32/
GameHack&threatid=242625&enterprise=0
Name: PUA:Win32/GameHack
Severity: Low
Category: Potentially Unwanted Software
Path: file:_C:\Users\yashr\Desktop\launcher - Shortcut.lnk; file:_E:\downloads\GI\
launcher.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: System
Process Name: Unknown
Security intelligence Version: AV: 1.413.483.0, AS: 1.413.483.0, NIS: 1.413.483.0
Engine Version: AM: 1.1.24050.5, NIS: 1.1.24050.5
Event[0]

Date: 2024-06-17 22:03:00


Description:
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error
and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode
Reason: Antimalware security intelligence has stopped functioning for an unknown
reason. In some instances, restarting the service may resolve the problem.

Date: 2024-06-17 21:59:46


Description:
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error
and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode
Reason: Antimalware security intelligence has stopped functioning for an unknown
reason. In some instances, restarting the service may resolve the problem.

Date: 2024-06-10 09:29:12


Description:
Microsoft Defender Antivirus has encountered an error trying to update security
intelligence and will attempt to revert to a previous version.
Security intelligence Attempted: Current
Error Code: 0x80070003
Error description: The system cannot find the path specified.
Security intelligence Version: 0.0.0.0;0.0.0.0
Engine Version: 0.0.0.0

Date: 2024-06-07 10:53:05


Description:
Microsoft Defender Antivirus has encountered an error trying to update security
intelligence and will attempt to revert to a previous version.
Security intelligence Attempted: Current
Error Code: 0x80070003
Error description: The system cannot find the path specified.
Security intelligence Version: 0.0.0.0;0.0.0.0
Engine Version: 0.0.0.0

CodeIntegrity:
===============
Date: 2024-06-24 14:08:43
Description:
Windows is unable to verify the image integrity of the file \Device\
HarddiskVolume7\Windows\System32\guard64.dll because file hash could not be found
on the system. A recent hardware or software change might have installed a file
that is signed incorrectly or damaged, or that might be malicious software from an
unknown source.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 3210 04/19/2024


Motherboard: ASUSTeK COMPUTER INC. PRIME H610M-CS D4
Processor: 12th Gen Intel(R) Core(TM) i5-12400F
Percentage of memory in use: 30%
Total physical RAM: 16194.11 MB
Available physical RAM: 11287.96 MB
Total Virtual: 25746.62 MB
Available Virtual: 13473.64 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:464.86 GB) (Free:66.12 GB) (Model: WD Green SN350 500GB
2G0C) NTFS
Drive d: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) (Model:
ST500DM002-1BD142) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (games2) (Fixed) (Total:184.06 GB) (Free:157.12 GB) (Model: WDC
WD2500AAJS-65B4A0) NTFS
Drive g: () (Fixed) (Total:99.51 GB) (Free:9.9 GB) (Model: ST500DM002-1BD142) NTFS
Drive h: (games) (Fixed) (Total:201.17 GB) (Free:55 GB) (Model: ST500DM002-1BD142)
NTFS
Drive i: () (Fixed) (Total:164.98 GB) (Free:4.03 GB) (Model: ST500DM002-1BD142)
NTFS
Drive y: () (Fixed) (Total:48.82 GB) (Free:21.9 GB) (Model: WDC WD2500AAJS-65B4A0)
NTFS

\\?\Volume{b2b9c53f-576e-426e-bec1-acb37edcf56f}\ () (Fixed) (Total:0.79 GB)


(Free:0.04 GB) NTFS
\\?\Volume{17e3a397-96f8-43df-ac94-0b0c64052abe}\ () (Fixed) (Total:0.09 GB)
(Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 8117FD20)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=99.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=201.2 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=165 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 232.9 GB) (Disk ID: 88F4A82B)
Partition 1: (Active) - (Size=48.8 GB) - (Type=42)
Partition 2: (Not Active) - (Size=184.1 GB) - (Type=42)

==========================================================
Disk: 2 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

You might also like