Tech Support Forum banner
1 - 5 of 5 Posts

·
Registered
Joined
·
490 Posts
Discussion Starter · #1 ·
so my story starts here, if that helps. unknown overheating

so since then, i scanned with Malwarebytes and found nothing. i download avast, and that's how i found the webhelper virus. removed it with avast. overheating stopped. then overheating came back. i scanned again, and i also did a boot time scan... whatever that is... just to make sure it wasn't that but that didn't find anything. however the normal avast scan did. a different virus came up, and i removed it. temperatures returned to normal. but it's overheating AGAIN. and this time when i scanned, it came up empty. and yet the same symptoms are occuring. i do not believe that i'm going anywhere dangerous.
as i'm typing this up, i'm runing that frst thing so i'll post that next and then await further instructions


==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <5>
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(C:\Users\User\AppData\Local\Programs\Opera GX\opera.exe ->) (Opera Norway AS -> Opera Software) C:\Users\User\AppData\Local\Programs\Opera GX\89.0.4447.64\opera_crashreporter.exe
(Discord Inc. -> Discord Inc.) C:\Users\User\AppData\Local\Discord\app-1.0.9005\Discord.exe <6>
(explorer.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(explorer.exe ->) (Opera Software AS -> Opera Software) C:\Users\User\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe <2>
(Opera Norway AS -> Opera Software) C:\Users\User\AppData\Local\Programs\Opera GX\opera.exe <46>
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\Speccy\Speccy64.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\afwServ.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_648d50545868bf91\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_4.67.21001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_4.67.21001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_7ad37590e62d4afc\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_eb52bf0d4dccfcf3\RtkAudUService64.exe <2>
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22052.554.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_eb52bf0d4dccfcf3\RtkAudUService64.exe [3479488 2022-05-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [213760 2022-08-04] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [711328 2022-06-16] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-3224392738-3144465624-1455513726-1000\...\Run: [Opera GX Stable] => C:\Users\User\AppData\Local\Programs\Opera GX\launcher.exe [2462712 2022-07-25] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-3224392738-3144465624-1455513726-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4230544 2022-07-26] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-3224392738-3144465624-1455513726-1000\...\Run: [Discord] => C:\Users\User\AppData\Local\Discord\Update.exe [1522176 2022-06-08] (Discord Inc. -> GitHub)
HKU\S-1-5-21-3224392738-3144465624-1455513726-1000\...\Run: [{5E9C47D5-C2A3-4B5B-9646-23F9F5362F1A}] => "C:\Users\User\AppData\Local\Temp\scoped_dir10360_892946520\MTGAInstaller.exe" /cmdloc "HKCU\Software\Wizards of the Coast AiTemp\{5E9C47D5-C2A3-4B5B-9646-23F9F5362F1A}" (No File) <==== ATTENTION
HKU\S-1-5-21-3224392738-3144465624-1455513726-1000\...\Run: [Opera GX Browser Assistant] => C:\Users\User\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-3224392738-3144465624-1455513726-1000\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1801048 2022-07-05] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-3224392738-3144465624-1455513726-1000\...\Run: [ut] => "C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED (No File)
HKU\S-1-5-21-3224392738-3144465624-1455513726-1000\...\Run: [MicrosoftEdgeAutoLaunch_C46CFC0629905CC775E70B50EA8A519C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3601840 2022-07-28] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\104.0.5112.80\Installer\chrmstp.exe [2022-08-04] (Google LLC -> Google LLC)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {05B94196-B8A9-496D-A61F-BCC50802787D} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKRecertification.exe [818008 2021-09-15] (Intel Corporation -> Intel(R) Corporation)
Task: {15750F9B-04E9-4D74-A859-C127CF54BE23} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4928768 2022-08-04] (Avast Software s.r.o. -> AVAST Software)
Task: {17BEBD06-F691-4A56-AD13-C07524597FA2} - System32\Tasks\Avast Software\Avast SecureLine VPN Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-vpn\icarus.exe [6694224 2022-07-26] (Avast Software s.r.o. -> Avast Software)
Task: {17D4CB13-2494-46EA-9C0C-D04F4AED84D5} - System32\Tasks\Opera scheduled Autoupdate 1655591123 => C:\Users\User\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (No File)
Task: {1A096C5D-8A3A-4723-BE5D-B751E4AF03A5} - System32\Tasks\Avast Software\Avast Cleanup BugReport => C:\Program Files\Avast Software\Cleanup\AvBugReport.exe [4614912 2022-08-01] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 62 --programpath "C:\Program Files\Avast Software\Cleanup\Setup\.." --configpath "C:\Program Files\Avast Software\Cleanup\Setup" --path "C:\ProgramData\Avast Software\Cleanup\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --guid ff8148eb-58a1-48cc-8103-097ed027a616
Task: {24D776E5-A3A4-4BA1-A228-52F48069DF44} - System32\Tasks\Opera GX scheduled Autoupdate 1655055267 => C:\Users\User\AppData\Local\Programs\Opera GX\launcher.exe [2462712 2022-07-25] (Opera Norway AS -> Opera Software)
Task: {4AE61C78-B70F-45BF-99DA-4BEEE6C2CEC6} - System32\Tasks\Avast Software\Avast Driver Updater BugReport => C:\Program Files\Avast Software\Driver Updater\AvBugReport.exe [4613456 2022-07-17] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 148 --programpath "C:\Program Files\Avast Software\Driver Updater\Setup\.." --configpath "C:\Program Files\Avast Software\Driver Updater\Setup" --path "C:\ProgramData\Avast Software\Driver Updater\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --guid aa4857f8-2490-4f6f-93c3-9369e708e2f8
Task: {4C0F702B-B6AA-46B4-BF84-428044059194} - System32\Tasks\Avast Software\Avast Cleanup Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-tu\icarus.exe [6667600 2022-07-28] (Avast Software s.r.o. -> Avast Software)
Task: {6A998EF2-9837-4453-A28E-F88548E0735F} - System32\Tasks\Avast SecureLine VPN Update => C:\Program Files\Avast Software\SecureLine VPN\VpnUpdate.exe [1197824 2022-08-05] (Avast Software s.r.o. -> AVAST Software)
Task: {7335629A-78DB-42A0-AD6B-5798DDC855B6} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1655307878 => C:\Users\User\AppData\Local\Programs\Opera GX\launcher.exe [2462712 2022-07-25] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\User\AppData\Local\Programs\Opera GX\assistant" $(Arg0)
Task: {7B2F98A0-E003-444E-B5CB-C316C3CACB91} - System32\Tasks\Avast Software\Avast SecureLine VPN Bug Report => C:\Program Files\Avast Software\SecureLine VPN\AvBugReport.exe [4637440 2022-08-05] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 11 --programpath "C:\Program Files\Avast Software\SecureLine VPN" --configpath "C:\ProgramData\Avast Software\SecureLine VPN" --path "C:\ProgramData\Avast Software\SecureLine VPN\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramData\Avast Software\SecureLine VPN\log" --guid c1e7ba95-9dfb-4f88-bbee-dcf1f398b8fa
Task: {9EEFC159-29CA-4A5F-88A8-02F3456FE884} - System32\Tasks\Avast Software\Avast Driver Updater Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-du\icarus.exe [6667600 2022-05-19] (Avast Software s.r.o. -> Avast Software)
Task: {C454AFC9-2283-4505-9441-49777CA7FAA0} - System32\Tasks\Driver Easy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [3993592 2022-05-12] (Easeware Technology Limited -> Easeware)
Task: {CA07A337-A914-4EF7-829C-CCBC1CE94C9F} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2577752 2022-07-05] (Overwolf Ltd -> Overwolf LTD)
Task: {D742BB12-E5D0-4220-A392-7B175066A2C0} - System32\Tasks\GoogleUpdateTaskMachineCore{0CF25E25-E09B-4258-9535-27440E9B1ACD} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [168632 2022-06-12] (Google LLC -> Google LLC)
Task: {E32C0C39-F65F-4CA5-B648-1BFB5345D1CC} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2250576 2022-07-17] (Avast Software s.r.o. -> Avast Software)
Task: {F7728F24-5194-4F73-9D39-BAFA3E71AE9D} - System32\Tasks\GoogleUpdateTaskMachineUA{C92EDF5C-C10D-45DE-BD45-B5A710B05274} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [168632 2022-06-12] (Google LLC -> Google LLC)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9602353a-f4d5-4877-a6a0-88f988cce276}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{a68524a6-87af-402a-a2f4-694a5eee9005}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{ecbdda10-6e53-465b-963a-67b95ea100ed}: [NameServer] 100.120.168.1

Edge:
=======
Edge Profile: C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default [2022-08-06]

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.341.2 -> C:\Program Files\Java\jre1.8.0_341\bin\dtplugin\npDeployJava1.dll [2022-07-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.341.2 -> C:\Program Files\Java\jre1.8.0_341\bin\plugin2\npjp2.dll [2022-07-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2022-06-13]
CHR HomePage: Default -> hxxps://us.search.yahoo.com/yhs/web?hspart=omr&hsimp=yhs-001&type=86311208&param1=y6bdVFVIsvuYsgEClQfz8HyFH9tZCHsOZFHNP%2BYwJC3Hui8pyMFZn6ZbwHssx0DdPwehUcefBtjYGrrEhnE9EurANyqeI00SJrDCvGOMozNWUa8E2QghgjWT3IW8Hg8p2hf9KN5pcLRb5rLDSwziJdyhbB3%2F5SYgyzuvTcL5bA%2FFNWfaqmchVRJUZZqlA%2BcIBQnSTfBdnIBaNXZgd%2BzahtIJZj5ObLcgfPT5jRtrMkzscDXTaxy%2FIlGxqnqn2QSWdc02mjCwqOIZLoDKQeYuVU7e9IxopzVVyHIzq1xf2cc%3D
CHR StartupUrls: Default -> "hxxps://us.search.yahoo.com/yhs/web?hspart=omr&hsimp=yhs-001&type=86311208&param1=y6bdVFVIsvuYsgEClQfz8HyFH9tZCHsOZFHNP%2BYwJC3Hui8pyMFZn6ZbwHssx0DdveJyenDGgVN8DCNAt4P11Y4IZeg6UnGTTIy2vNUOuF5%2FxbdOkF5O0aTXt91bOKV7l4AGunFEyyL50P%2BFUmrR6%2F9Oc0x0efKanXiIPHjvh0ddtGYULjYojwcWWou%2FAUiVHXtgiPpvMmUQXJJUC2XJ%2FSVycSmERFm%2BpdfrnzkaUFMTNkUsw3lpb7dQDrJKyfdJtQxfr4zUEXmgGmCeSMPyH%2F6rJt24UXd%2FaXCC0fC%2Fceg%3D","hxxp://www.google.com/"
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-06-12]
CHR Extension: (Watch2Gether) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cimpffimgeipdhnhjohpbehjkcdpjolg [2022-06-12]
CHR Extension: (Adblock for Youtube™) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2022-06-12]
CHR Extension: (Volume Booster) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejkiikneibegknkgimmihdpcbcedgmpo [2022-06-12]
CHR Extension: (Return YouTube Dislike) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gebbhagfogifgggkldgodflihgfeippi [2022-06-12]
CHR Extension: (Google Docs Offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-06-12]
CHR Extension: (Selectable - for fanfiction.net and more) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcidlhgdoojamkbpmhbpgldmajnobefd [2022-06-12]
CHR Extension: (Classic Blue) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdifmgkofhcnndinbbdbaplplnmdalnc [2022-06-12]
CHR Extension: (SuperNova SWF Enabler) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhmphnocemakkjdampibehejoaleebpo [2022-06-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-06-12]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]

Opera:
=======
StartMenuInternet: (HKU\S-1-5-21-3224392738-3144465624-1455513726-1000) Opera GXStable - "C:\Users\User\AppData\Local\Programs\Opera GX\Launcher.exe"

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8507448 2022-08-04] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [589568 2022-08-04] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [2013440 2022-08-04] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [589056 2022-08-04] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2022-07-17] (Avast Software s.r.o. -> AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8885112 2022-06-22] (BattlEye Innovations e.K. -> )
R2 CleanupPSvc; C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe [15703296 2022-08-01] (Avast Software s.r.o. -> AVAST Software)
R2 DriverUpdSvc; C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe [7680336 2022-07-17] (Avast Software s.r.o. -> AVAST Software)
S4 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934368 2022-03-03] (Epic Games Inc. -> Epic Games, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8680192 2022-07-31] (Malwarebytes Inc. -> Malwarebytes)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [808728 2022-08-04] (McAfee, LLC -> McAfee, LLC)
S4 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2577752 2022-07-05] (Overwolf Ltd -> Overwolf LTD)
S4 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [2016208 2022-07-09] (Rockstar Games, Inc. -> Rockstar Games)
R2 SecureLine; C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe [9752320 2022-08-05] (Avast Software s.r.o. -> AVAST Software)
S4 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [16187368 2022-05-11] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe [3120992 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe [133544 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_7ad37590e62d4afc\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_7ad37590e62d4afc\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [41832 2022-08-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [235576 2022-08-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [389120 2022-08-04] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [258048 2022-08-04] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [104960 2022-08-04] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [24528 2022-08-04] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [47976 2022-08-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [275024 2022-08-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [553928 2022-08-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [113968 2022-08-04] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [89032 2022-08-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [859872 2022-08-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [670776 2022-08-04] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [221512 2022-08-04] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [324840 2022-08-04] (Avast Software s.r.o. -> AVAST Software)
S3 aswVpnRdr; C:\WINDOWS\System32\drivers\aswVpnRdr.sys [65944 2022-07-17] (Avast Software s.r.o. -> Avast Software)
R3 aswWintun; C:\WINDOWS\System32\drivers\aswWintun.sys [37104 2022-07-17] (Avast Software s.r.o. -> WireGuard LLC)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [287744 2022-05-13] (Microsoft Corporation) [File not signed]
R3 cpuz149; C:\Users\User\AppData\Local\Temp\cpuz149\cpuz149_x64.sys [44320 2022-08-06] (CPUID S.A.R.L.U. -> CPUID) <==== ATTENTION
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2022-08-04] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-06-28] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-07-11] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49576 2022-06-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2018-06-04] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [452856 2022-06-23] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [91384 2022-06-23] (Microsoft Windows -> Microsoft Corporation)
R1 YSDrv; C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [312776 2022-07-15] (Microsoft Windows Hardware Compatibility Publisher -> Nox Limited Corporation)
S3 cpuz154; \??\C:\Users\User\AppData\Local\Temp\cpuz154\cpuz154_x64.sys [X] <==== ATTENTION
S3 MpKsl2ac979d3; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6549AD7C-B6B6-4F21-8EB3-EA5A67A301EF}\MpKslDrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-08-06 06:15 - 2022-08-06 06:16 - 000024421 _ C:\Users\User\Desktop\FRST.txt
2022-08-06 06:14 - 2022-08-06 06:15 - 000000000 ____D C:\FRST
2022-08-06 06:14 - 2022-08-06 06:14 - 002370048 _ (Farbar) C:\Users\User\Desktop\FRST64.exe
2022-08-05 06:57 - 2022-08-05 06:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MTG Arena
2022-08-04 15:41 - 2022-08-04 15:41 - 000270592 _ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2022-08-04 15:41 - 2022-08-04 15:41 - 000221512 _ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2022-08-04 11:38 - 2022-08-04 11:38 - 000223176 _ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-08-03 14:59 - 2022-08-03 15:01 - 000000000 ____D C:\Users\User\Downloads\The Matrix Resurrections (2021) [1080p] [WEBRip] [5.1] [YTS.MX]
2022-08-02 07:03 - 2022-08-02 07:03 - 000000000 ____D C:\Users\User\AppData\LocalLow\Thorium Entertainment
2022-07-29 22:53 - 2022-08-04 11:38 - 000000420 _ C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job
2022-07-29 22:53 - 2022-08-02 18:28 - 000003606 _ C:\WINDOWS\system32\Tasks\Driver Easy Scheduled Scan
2022-07-29 22:53 - 2022-07-29 22:53 - 000001012 _ C:\Users\Public\Desktop\Driver Easy.lnk
2022-07-29 22:53 - 2022-07-29 22:53 - 000000000 ____D C:\Users\User\AppData\Roaming\Easeware
2022-07-29 22:53 - 2022-07-29 22:53 - 000000000 ____D C:\Program Files\Easeware
2022-07-29 22:52 - 2022-07-29 22:53 - 005376032 _ (Easeware ) C:\Users\User\Downloads\DriverEasy_Setup (1).exe
2022-07-29 21:53 - 2022-07-29 21:53 - 000010598 _ C:\Users\User\Downloads\CreatureStats.csv
2022-07-28 23:34 - 2022-07-28 23:34 - 036349010 _ C:\Users\User\Downloads\TheAztecEmpire.zip
2022-07-26 17:33 - 2022-07-26 17:33 - 000000000 ____D C:\Users\User\AppData\Local\My Games
2022-07-26 17:32 - 2022-07-26 17:32 - 000000000 ____D C:\Users\User\AppData\Local\2K
2022-07-26 00:04 - 2022-07-26 00:04 - 000005158 _ C:\Users\User\Downloads\Effects.csv
2022-07-24 00:01 - 2022-07-24 00:01 - 000000000 ____D C:\Users\User\AppData\LocalLow\Oracle
2022-07-23 21:34 - 2022-07-23 21:34 - 000000000 ____D C:\Users\User\Documents\Frontier Developments
2022-07-23 21:34 - 2022-07-23 21:34 - 000000000 ____D C:\Users\User\AppData\Roaming\Frontier Developments
2022-07-23 21:34 - 2022-07-23 21:34 - 000000000 ____D C:\Users\User\AppData\Local\Frontier Developments
2022-07-23 19:38 - 2022-07-26 01:55 - 000000000 ____D C:\Users\User\AppData\Roaming\Thrive Launcher
2022-07-23 19:38 - 2022-07-23 19:38 - 000000000 ____D C:\Users\User\AppData\Roaming\Thrive
2022-07-23 19:38 - 2022-07-23 19:38 - 000000000 ____D C:\Users\User\AppData\Roaming\Revolutionary-Games
2022-07-20 23:12 - 2022-07-20 23:12 - 000132220 _ C:\Users\User\Downloads\Eruption.dat
2022-07-20 18:57 - 2022-07-20 18:57 - 000000000 ____D C:\Users\User\AppData\LocalLow\uTorrent.WebView2
2022-07-20 18:56 - 2022-07-20 18:56 - 001763848 _ ( ) C:\Users\User\Downloads\uTorrent.exe
2022-07-20 18:55 - 2022-07-20 18:55 - 001786808 _ ( ) C:\Users\User\Downloads\utweb_installer.exe
2022-07-20 18:55 - 2022-07-20 18:55 - 000001874 _ C:\Users\User\Desktop\uTorrent Web.lnk
2022-07-20 18:55 - 2022-07-20 18:55 - 000001860 _ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent Web.lnk
2022-07-20 18:55 - 2022-07-20 18:55 - 000000000 ____D C:\Users\User\AppData\Roaming\uTorrent Web
2022-07-20 01:30 - 2022-07-20 01:30 - 000019995 _ C:\Users\User\Downloads\1658117597.poopywolf_when_a_jolteon_is_diapered.odt
2022-07-18 11:18 - 2022-07-18 11:18 - 000001230 _ C:\Users\User\Desktop\ManicMiners.exe - Shortcut.lnk
2022-07-18 11:17 - 2022-07-18 11:17 - 657377018 _ C:\Users\User\Downloads\ManicMiners2022-05-18.zip
2022-07-18 11:17 - 2022-07-18 11:17 - 000000000 ____D C:\Users\User\Desktop\ManicMiners2022-05-18
2022-07-18 10:25 - 2022-07-18 10:25 - 000117875 _ C:\Users\User\Downloads\CorridorRescue1.dat
2022-07-18 10:25 - 2022-07-18 10:25 - 000102802 _ C:\Users\User\Downloads\CrystalMayhemV2.dat
2022-07-17 22:52 - 2022-07-17 22:52 - 000002154 _ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast One.lnk
2022-07-17 22:52 - 2022-07-17 22:52 - 000002142 _ C:\Users\Public\Desktop\Avast One.lnk
2022-07-17 22:52 - 2022-07-17 22:52 - 000000000 ____D C:\Users\User\AppData\Roaming\Avast Software
2022-07-17 22:52 - 2022-07-17 22:52 - 000000000 ____D C:\Users\User\AppData\Local\Avast Software
2022-07-17 22:51 - 2022-08-06 05:22 - 000004028 _ C:\WINDOWS\system32\Tasks\Avast SecureLine VPN Update
2022-07-17 22:51 - 2022-07-17 22:51 - 000065944 _ (Avast Software) C:\WINDOWS\system32\Drivers\aswVpnRdr.sys
2022-07-17 22:51 - 2022-07-17 22:51 - 000037200 _ (Avast Software) C:\WINDOWS\system32\icarus_rvrt.exe
2022-07-17 22:51 - 2022-07-17 22:51 - 000037104 _ (WireGuard LLC) C:\WINDOWS\system32\Drivers\aswWintun.sys
2022-07-17 22:51 - 2022-07-17 22:51 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2022-07-17 22:50 - 2022-08-04 15:41 - 000859872 _ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2022-07-17 22:50 - 2022-08-04 15:41 - 000670776 _ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2022-07-17 22:50 - 2022-08-04 15:41 - 000553928 _ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2022-07-17 22:50 - 2022-08-04 15:41 - 000389120 _ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2022-07-17 22:50 - 2022-08-04 15:41 - 000324840 _ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2022-07-17 22:50 - 2022-08-04 15:41 - 000275024 _ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2022-07-17 22:50 - 2022-08-04 15:41 - 000258048 _ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2022-07-17 22:50 - 2022-08-04 15:41 - 000235576 _ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2022-07-17 22:50 - 2022-08-04 15:41 - 000113968 _ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2022-07-17 22:50 - 2022-08-04 15:41 - 000104960 _ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2022-07-17 22:50 - 2022-08-04 15:41 - 000089032 _ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2022-07-17 22:50 - 2022-08-04 15:41 - 000047976 _ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2022-07-17 22:50 - 2022-08-04 15:41 - 000041832 _ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2022-07-17 22:50 - 2022-08-04 15:41 - 000024528 _ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2022-07-17 22:50 - 2022-08-04 15:41 - 000003990 _ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2022-07-17 22:50 - 2022-07-17 22:51 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2022-07-17 22:50 - 2022-07-17 22:51 - 000000000 ____D C:\Program Files\Avast Software
2022-07-17 22:49 - 2022-07-17 22:49 - 000268536 _ (AVAST Software) C:\Users\User\Downloads\avast_one_essential_setup_online (1).exe
2022-07-17 19:14 - 2022-07-17 19:14 - 000000000 ____D C:\Users\User\Desktop\ACLib
2022-07-15 23:44 - 2022-07-15 23:44 - 000000000 ____D C:\Users\User\AppData\Local\MultiPlayerManager
2022-07-15 23:41 - 2022-07-23 00:18 - 000000000 ____D C:\Users\User\AppData\Local\NoxSrv
2022-07-15 23:41 - 2022-07-23 00:18 - 000000000 ____D C:\Users\User\.BigNox
2022-07-15 23:41 - 2022-07-15 23:41 - 000000824 _ C:\Users\User\Desktop\Nox Asst.lnk
2022-07-15 23:41 - 2022-07-15 23:41 - 000000000 ____D C:\Users\User\AppData\Roaming\NoxSrv
2022-07-15 23:41 - 2022-07-15 23:41 - 000000000 ____D C:\Users\User\AppData\Local\DBG
2022-07-15 23:41 - 2022-07-15 23:41 - 000000000 ____D C:\Program Files (x86)\Bignox
2022-07-15 23:40 - 2022-07-24 00:01 - 000000000 ____D C:\Users\User\AppData\Local\Nox
2022-07-15 23:39 - 2022-07-15 23:40 - 537164320 _ (Duodian Technology Co. Ltd.) C:\Users\User\Downloads\nox_setup_v7.0.3.1_full_intl.exe
2022-07-15 14:54 - 2022-07-31 00:07 - 000002319 _ C:\Users\User\Desktop\Thunderstore Mod Manager.lnk
2022-07-15 14:54 - 2022-07-15 14:54 - 000000000 ____D C:\Users\User\AppData\Roaming\Thunderstore Mod Manager
2022-07-13 11:06 - 2022-07-13 11:06 - 000693248 _ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2022-07-13 11:06 - 2022-07-13 11:06 - 000530944 _ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-07-13 11:06 - 2022-07-13 11:06 - 000470528 _ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-07-13 11:06 - 2022-07-13 11:06 - 000270848 _ C:\WINDOWS\system32\EsclScan.dll
2022-07-13 11:06 - 2022-07-13 11:06 - 000152064 _ C:\WINDOWS\system32\EsclProtocol.dll
2022-07-13 11:06 - 2022-07-13 11:06 - 000033280 _ (Microsoft Corporation) C:\WINDOWS\system32\mode.com
2022-07-13 11:06 - 2022-07-13 11:06 - 000026624 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mode.com
2022-07-13 11:06 - 2022-07-13 11:06 - 000020992 _ (Microsoft Corporation) C:\WINDOWS\system32\tree.com
2022-07-13 11:06 - 2022-07-13 11:06 - 000018944 _ C:\WINDOWS\SysWOW64\WsdProviderUtil.dll
2022-07-13 11:06 - 2022-07-13 11:06 - 000017920 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tree.com
2022-07-13 11:06 - 2022-07-13 11:06 - 000014848 _ (Microsoft Corporation) C:\WINDOWS\system32\chcp.com
2022-07-13 11:06 - 2022-07-13 11:06 - 000012800 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\chcp.com
2022-07-13 11:05 - 2022-07-13 11:05 - 002260480 _ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-07-13 11:05 - 2022-07-13 11:05 - 000640512 _ C:\WINDOWS\system32\SettingSyncDownloadHelper.dll
2022-07-13 11:05 - 2022-07-13 11:05 - 000288768 _ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-07-13 11:05 - 2022-07-13 11:05 - 000061952 _ C:\WINDOWS\system32\printticketvalidation.dll
2022-07-13 11:05 - 2022-07-13 11:05 - 000057344 _ C:\WINDOWS\system32\APMonUI.dll
2022-07-13 11:05 - 2022-07-13 11:05 - 000024576 _ C:\WINDOWS\system32\WsdProviderUtil.dll
2022-07-13 11:05 - 2022-07-13 11:05 - 000011811 _ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-07-13 11:02 - 2022-07-13 11:02 - 000000000 ___HD C:\$WinREAgent
2022-07-12 15:55 - 2022-07-12 15:55 - 000000000 ____D C:\Users\User\AppData\LocalLow\OptizOnion
2022-07-11 23:47 - 2022-07-11 23:47 - 000000000 ____D C:\Users\User\AppData\Local\Uber Entertainment
2022-07-11 22:59 - 2022-07-11 22:59 - 000000000 ____D C:\Users\User\AppData\Local\NVIDIA Corporation
2022-07-11 22:58 - 2022-07-11 22:59 - 000000000 ____D C:\ProgramData\Epic
2022-07-11 22:58 - 2022-07-11 22:58 - 158863360 _ C:\Users\User\Downloads\EpicInstaller-13.3.0.msi
2022-07-11 22:58 - 2022-07-11 22:58 - 000001334 _ C:\Users\Public\Desktop\Epic Games Launcher.lnk
2022-07-11 22:58 - 2022-07-11 22:58 - 000001270 _ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2022-07-11 22:58 - 2022-07-11 22:58 - 000000000 ____D C:\Users\User\AppData\Local\UnrealEngineLauncher
2022-07-11 22:58 - 2022-07-11 22:58 - 000000000 ____D C:\Users\User\AppData\Local\EpicGamesLauncher
2022-07-11 22:58 - 2022-07-11 22:58 - 000000000 ____D C:\Users\User\AppData\Local\Epic Games
2022-07-11 22:58 - 2022-07-11 22:58 - 000000000 ____D C:\Program Files (x86)\Epic Games
2022-07-11 18:38 - 2022-07-11 18:38 - 000959072 _ C:\Users\User\Downloads\Kt3rSyT.mp4
2022-07-09 18:23 - 2022-07-09 18:23 - 001961896 _ C:\Users\User\Downloads\EE-Shortcut-Keys-on-Icons-14-20211013-1634155503.7z
2022-07-09 15:14 - 2022-07-09 15:14 - 000003008 _ C:\Users\User\Downloads\Upgrade_all-1-0-10.zip
2022-07-09 15:12 - 2022-07-09 15:12 - 000004103 _ C:\Users\User\Downloads\Essentials v1.1.zip
2022-07-09 14:04 - 2022-07-09 14:04 - 000001413 _ C:\Users\Public\Desktop\Empire Earth - AoC.lnk
2022-07-09 14:04 - 2022-07-09 14:04 - 000001291 _ C:\Users\Public\Desktop\Empire Earth.lnk
2022-07-09 14:04 - 2022-07-09 14:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Empire Earth
2022-07-09 14:04 - 2022-07-09 14:04 - 000000000 ____D C:\Program Files (x86)\Empire Earth
2022-07-09 14:01 - 2022-07-09 14:02 - 689206464 _ (Empire Earth Community ) C:\Users\User\Downloads\EE_Setup.exe
2022-07-09 13:52 - 2022-07-09 13:52 - 000000000 ____D C:\ProgramData\Trymedia
2022-07-09 13:50 - 2022-07-09 13:58 - 000000000 ____D C:\Program Files (x86)\Neo Empire Earth
2022-07-09 13:48 - 2022-07-09 13:50 - 734461584 _ (Empire Earth Community & NeoEE ) C:\Users\User\Downloads\NeoEE_Setup.exe
2022-07-09 10:07 - 2022-07-09 10:08 - 000000000 ____D C:\Users\User\AppData\Local\Rockstar Games
2022-07-09 10:07 - 2022-07-09 10:07 - 000001928 _ C:\Users\User\Desktop\Rockstar Games Launcher.lnk
2022-07-09 10:07 - 2022-07-09 10:07 - 000000000 ____D C:\Users\User\Documents\Rockstar Games
2022-07-09 10:07 - 2022-07-09 10:07 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2022-07-09 10:06 - 2022-07-09 10:07 - 000000000 ____D C:\ProgramData\Rockstar Games
2022-07-09 10:06 - 2022-07-09 10:07 - 000000000 ____D C:\Program Files\Rockstar Games
2022-07-09 10:06 - 2022-07-09 10:07 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2022-07-07 20:08 - 2022-07-07 20:08 - 001442236 _ C:\Users\User\Downloads\ScriptHookV_1.0.2628.2.zip
2022-07-07 20:05 - 2022-07-07 20:05 - 000013655 _ C:\Users\User\Downloads\cabb00-Very Hard Police (VHP) MOD v.3.0.zip
2022-07-07 20:05 - 2022-07-07 20:05 - 000013386 _ C:\Users\User\Downloads\841f76-NewsHeli.zip
2022-07-07 20:05 - 2022-07-07 20:05 - 000005745 _ C:\Users\User\Downloads\0f69f4-PersistentCorpses.zip

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-08-06 06:06 - 2022-06-12 13:43 - 000000000 ____D C:\Users\User\AppData\Roaming\discord
2022-08-06 06:05 - 2022-06-12 13:43 - 000000000 ____D C:\Users\User\AppData\Local\Discord
2022-08-06 06:02 - 2022-06-12 16:58 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-08-06 05:42 - 2022-06-12 13:37 - 000000000 ____D C:\Program Files (x86)\Google
2022-08-06 05:29 - 2022-06-12 16:57 - 000000000 ____D C:\WINDOWS\INF
2022-08-06 05:29 - 2022-06-12 13:15 - 000840598 _ C:\WINDOWS\system32\PerfStringBackup.INI
2022-08-06 05:22 - 2022-06-16 12:55 - 000000000 ____D C:\ProgramData\Avast Software
2022-08-06 05:22 - 2022-06-15 11:44 - 000003746 _ C:\WINDOWS\system32\Tasks\Opera GX scheduled assistant Autoupdate 1655307878
2022-08-06 05:22 - 2022-06-12 16:55 - 000524288 _ C:\WINDOWS\system32\config\BBI
2022-08-06 05:22 - 2022-06-12 13:41 - 000000000 ____D C:\Program Files (x86)\Steam
2022-08-06 05:22 - 2022-06-12 13:34 - 000003488 _ C:\WINDOWS\system32\Tasks\Opera GX scheduled Autoupdate 1655055267
2022-08-06 05:22 - 2022-06-12 13:05 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-08-06 05:22 - 2022-06-12 13:05 - 000000000 ____D C:\ProgramData\NVIDIA
2022-08-06 05:22 - 2021-12-20 17:32 - 000008192 ___SH C:\DumpStack.log.tmp
2022-08-06 05:21 - 2022-06-12 14:26 - 000000000 ____D C:\Users\User\AppData\Local\Warframe
2022-08-06 05:16 - 2022-06-12 13:04 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-08-06 04:27 - 2022-06-12 16:58 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-08-06 01:26 - 2022-06-13 05:03 - 000000000 ____D C:\Users\User\AppData\Roaming\.minecraft
2022-08-06 01:24 - 2022-06-12 16:58 - 000000000 ___HD C:\Program Files\WindowsApps
2022-08-06 01:24 - 2022-06-12 13:15 - 000000000 ____D C:\Users\User\AppData\Local\Packages
2022-08-06 01:24 - 2022-05-10 10:36 - 000000000 ____D C:\XboxGames
2022-08-06 01:23 - 2022-06-12 13:16 - 000000000 ____D C:\Users\User\AppData\Local\PlaceholderTileLogoFolder
2022-08-05 18:39 - 2022-06-22 07:59 - 000000000 ____D C:\Users\User\AppData\Local\CrashDumps
2022-08-05 10:43 - 2022-06-12 16:58 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-08-05 06:57 - 2022-06-13 06:38 - 000001857 _ C:\Users\User\Desktop\MTG Arena.lnk
2022-08-04 18:43 - 2022-06-12 13:37 - 000002247 _ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-08-04 18:43 - 2022-06-12 13:37 - 000002206 _ C:\Users\Public\Desktop\Google Chrome.lnk
2022-08-04 15:41 - 2022-06-12 16:58 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-08-04 11:16 - 2022-06-18 18:25 - 000000000 ____D C:\Users\User\AppData\Local\BitTorrentHelper
2022-08-03 23:45 - 2022-06-16 13:47 - 000000000 ____D C:\ProgramData\Riot Games
2022-08-03 17:32 - 2022-06-26 21:29 - 000000000 ____D C:\Users\User\AppData\Roaming\vlc
2022-08-03 17:00 - 2022-06-12 13:30 - 000000000 ____D C:\Users\User\AppData\Local\D3DSCache
2022-08-02 18:28 - 2022-06-26 18:43 - 000003330 _ C:\WINDOWS\system32\Tasks\Overwolf Updater Task
2022-08-02 07:03 - 2021-12-26 19:30 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2022-08-01 08:25 - 2022-06-13 17:41 - 000000000 ____D C:\Users\User\AppData\Roaming\WeMod
2022-08-01 06:39 - 2022-06-17 20:21 - 000000000 ____D C:\Users\User\AppData\Local\Battle.net
2022-08-01 06:25 - 2022-06-17 20:23 - 000000000 ____D C:\Program Files (x86)\StarCraft II
2022-07-31 00:07 - 2022-06-26 18:44 - 000002319 _ C:\Users\User\Desktop\Facecheck.lnk
2022-07-31 00:07 - 2022-06-26 18:42 - 000000000 ____D C:\Users\User\AppData\Local\Overwolf
2022-07-31 00:06 - 2022-06-21 19:41 - 000000000 ____D C:\Program Files\TeamViewer
2022-07-31 00:06 - 2021-12-20 15:35 - 000000000 ___RD C:\Users\User\OneDrive
2022-07-30 12:26 - 2022-06-12 13:05 - 000002276 _ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-07-30 12:26 - 2021-12-20 15:45 - 000002438 _ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-07-30 09:42 - 2022-06-13 05:00 - 002754000 _ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2022-07-30 09:42 - 2022-06-13 05:00 - 000402904 _ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2022-07-30 09:42 - 2022-06-13 05:00 - 000234960 _ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2022-07-30 09:42 - 2022-06-13 05:00 - 000198096 _ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2022-07-30 09:42 - 2022-06-13 05:00 - 000144856 _ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2022-07-30 09:42 - 2022-06-13 05:00 - 000131072 _ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2022-07-30 09:42 - 2022-06-13 05:00 - 000067032 _ (Microsoft Corporation) C:\WINDOWS\system32\gamemodcontrol.exe
2022-07-29 22:53 - 2022-01-22 23:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Easy
2022-07-28 00:42 - 2022-06-26 18:43 - 000000000 ____D C:\Program Files (x86)\Overwolf
2022-07-27 21:42 - 2022-07-05 23:32 - 001698969 _ C:\WINDOWS\gethelp_audiotroubleshooter_latestpackage.zip
2022-07-27 08:42 - 2022-06-12 13:34 - 000001435 _ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera GX Browser.lnk
2022-07-26 17:33 - 2021-12-31 09:46 - 000000000 ____D C:\Users\User\Documents\My Games
2022-07-26 13:57 - 2022-06-12 13:16 - 000003592 _ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3224392738-3144465624-1455513726-1000
2022-07-26 13:57 - 2022-06-12 13:16 - 000003362 _ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3224392738-3144465624-1455513726-1000
2022-07-26 13:57 - 2022-06-12 13:06 - 000002380 _ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-07-24 00:02 - 2022-06-13 05:07 - 000195280 _ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2022-07-24 00:02 - 2022-06-13 05:07 - 000000000 ____D C:\Program Files\Java
2022-07-24 00:02 - 2022-01-02 13:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2022-07-23 00:25 - 2022-06-02 23:16 - 000000297 _ C:\Users\User\d4ac4633ebd6440fa397b84f1bc94a3c.7z
2022-07-23 00:19 - 2022-06-02 23:13 - 000000000 ____D C:\Users\User\.android
2022-07-23 00:18 - 2022-06-02 23:13 - 000000000 ____D C:\Users\User\vmlogs
2022-07-22 18:05 - 2022-06-17 20:21 - 000000000 ____D C:\Program Files (x86)\Battle.net
2022-07-20 20:20 - 2022-06-12 13:05 - 000003536 _ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-07-20 20:20 - 2022-06-12 13:05 - 000003412 _ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-07-20 16:38 - 2022-06-13 17:41 - 000002168 _ C:\Users\User\Desktop\WeMod.lnk
2022-07-20 16:38 - 2022-06-13 17:41 - 000000000 ____D C:\Users\User\AppData\Local\WeMod
2022-07-20 16:38 - 2022-05-05 21:10 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WeMod
2022-07-20 16:37 - 2022-06-12 13:43 - 000000000 ____D C:\Users\User\AppData\Local\SquirrelTemp
2022-07-20 13:38 - 2022-06-12 16:55 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-07-17 18:30 - 2022-06-22 16:23 - 000000000 ____D C:\Users\User\AppData\Local\ModOrganizer
2022-07-17 18:30 - 2022-06-22 16:23 - 000000000 ____D C:\ProgramData\USVFS
2022-07-15 23:41 - 2022-06-12 16:58 - 000000000 ____D C:\WINDOWS\Registration
2022-07-15 23:41 - 2022-06-02 23:13 - 000000763 _ C:\Users\User\Desktop\Nox.lnk
2022-07-15 14:54 - 2021-12-27 01:13 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2022-07-15 00:14 - 2022-06-22 19:00 - 000000000 ____D C:\Users\User\AppData\Local\LOOT
2022-07-14 02:01 - 2022-06-12 16:58 - 000000000 ___RD C:\WINDOWS\PrintDialog
2022-07-14 02:01 - 2022-06-12 16:58 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-07-14 02:01 - 2022-06-12 16:58 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2022-07-14 02:01 - 2022-06-12 16:58 - 000000000 ____D C:\WINDOWS\SystemResources
2022-07-14 02:01 - 2022-06-12 16:58 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2022-07-14 02:01 - 2022-06-12 16:58 - 000000000 ____D C:\WINDOWS\system32\setup
2022-07-14 02:01 - 2022-06-12 16:58 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-07-14 02:01 - 2022-06-12 16:58 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-07-14 02:01 - 2022-06-12 16:58 - 000000000 ____D C:\WINDOWS\system32\DDFs
2022-07-14 02:01 - 2022-06-12 16:58 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-07-14 02:01 - 2022-06-12 16:58 - 000000000 ____D C:\WINDOWS\ShellComponents
2022-07-14 02:01 - 2022-06-12 16:58 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-07-14 02:01 - 2022-06-12 13:04 - 000258768 _ C:\WINDOWS\system32\FNTCACHE.DAT
2022-07-13 11:05 - 2022-06-12 13:07 - 003010560 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-07-13 11:02 - 2022-06-13 22:37 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-07-13 11:00 - 2022-06-13 22:23 - 146546848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-07-12 15:40 - 2022-06-12 14:47 - 000000000 ____D C:\Users\User\AppData\Local\ModTheSpire
2022-07-11 22:59 - 2022-06-12 13:30 - 000000000 ____D C:\ProgramData\Package Cache
2022-07-11 22:58 - 2022-06-12 13:30 - 000000000 ____D C:\Users\User\AppData\Local\UnrealEngine
2022-07-11 17:20 - 2022-06-28 16:50 - 000239544 _ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-07-09 16:17 - 2022-06-17 20:23 - 000000000 ____D C:\Users\User\Documents\StarCraft II
2022-07-09 14:50 - 2022-06-12 13:05 - 000018960 _ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
 

Attachments

·
Global Moderator
Using Google to solve problems
Joined
·
43,528 Posts
Overheating is usually not caused by software programs or Viruses.
The previous Thread didn't mention if the computer was overheating when you boot to the Linux Distro and Try Linux (ie) not install it on your computer. If it was a Virus that is causing the overheating, then it would not overheat when using Linux.
If that is the case, then easiest way to fix this is to backup your files onto a USB HDD and wipe the internal drive, removing any virus files and reinstall Windows.
 

·
Registered
Joined
·
490 Posts
Discussion Starter · #3 ·
Overheating is usually not caused by software programs or Viruses.
The previous Thread didn't mention if the computer was overheating when you boot to the Linux Distro and Try Linux (ie) not install it on your computer. If it was a Virus that is causing the overheating, then it would not overheat when using Linux.
If that is the case, then easiest way to fix this is to backup your files onto a USB HDD and wipe the internal drive, removing any virus files and reinstall Windows.
it was not overheating when i booted up linux mint. that was one of the things that i was instructed to do.
 

·
Global Moderator
Using Google to solve problems
Joined
·
43,528 Posts
Then it is a Windows issue not hardware, that is why we asked you to do that.
Maybe others can remove the infection to solve the problem
If not
The easiest way to fix this is to backup your files onto a USB HDD and wipe the internal drive, removing any virus files and reinstall Windows.
 
1 - 5 of 5 Posts
Top