removed successfully 2021-10-13 22:14 - 2021-10-07 19:32 - 000965336 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll 2021-10-20 14:50 - 2021-10-20 14:50 - 000000000 ____D C:\Program Files\ENE 2021-10-03 23:13 - 2021-10-03 23:14 - 000008192 ___SH C:\DumpStack.log.tmp Security intelligence Version: AV: 1.351.958.0, AS: 1.351.958.0, NIS: 1.351.958.0 "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{43f54ace-856e-4b50-9808-1588b79b7c18}" => removed successfully 2021-10-15 11:58 - 2021-10-15 11:58 - 000000000 ____D C:\Program Files\ldplayerbox Task: {bd098352-5f63-4d2b-8e01-ba6a347a2975} - no filepath "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{b44de6b6-1303-474b-bd1f-0c3e771de5d9}" => removed successfully R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [8234256 2021-10-21] (Riot Games, Inc. -> Riot Games, Inc.) [File not signed] C:\Program Files (x86)\GIGABYTE\AORUS LCD Panel Setting\GVDisplay.dll Fault offset: 0x000000000003a839 I disabled it and now everything runs fine. (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Print driver host for applications\Print driver host for applications.exe 2021-10-04 18:19 - 2019-03-19 15:52 - 000000000 ____D C:\Windows\ServiceState CustomCLSID: HKU\S-1-5-21-326566074-3447909417-183555969-1001_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.) at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) Kits Configuration Installer (HKLM-x32\\{E75A9998-E979-760B-6AEB-49763F279EDD}) (Version: 10.1.19041.685 - Microsoft) Hidden 2021-10-16 20:39 - 2021-10-16 20:46 - 000000000 ____D C:\Program Files\Common Files\Adobe 2021-10-09 19:30 - 2021-10-09 19:30 - 000058304 _____ C:\Windows\system32\Drivers\49306c4f52694e4555486333655846434e586f3256576c6e5a334e784f4535614e585674.sys C:\Users\Pepega\NTUSER.pol => moved successfully 2021-10-20 14:48 - 2021-10-20 14:50 - 000000000 ____D C:\Program Files (x86)\GIGABYTE 2021-10-02 23:01 - 2021-10-02 23:01 - 000000000 ____D C:\Users\Pepega\AppData\Local\setup If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed. ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-09-15] (Adobe Inc. -> ) "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{b1fed2a8-3200-4219-af34-0fd05172af37}" => removed successfully Task: {7ef13d49-f1cb-4454-af1c-a7a9e880a031} - no filepath Faulting application start time: 0x01d7c8b23e4aead7 Description: The rules engine failed to evaluate the rules. 2021-10-02 22:56 - 2021-10-02 23:03 - 000000000 ____D C:\Windows\system32\Drivers\NVIDIA Corporation Resetting , OK! C:\Windows\SysWOW64\Windows Driver Installation Service => moved successfully FirewallRules: [UDP Query User{AF8AC701-2625-4E3F-B802-427DABF38DBC}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.) HKLM\\StartupApproved\Run32: => "Adobe CCXProcess" "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{b8ce6039-5202-4c0c-b706-9d55226ab086}" => removed successfully With this running, my Index was getting Display Error spikes almost every second while in the VR home, and any games I tried. Please re-enable javascript to access full functionality. 2021-10-22 18:11 - 2021-10-22 18:11 - 000000031 _____ C:\Users\Pepega\Desktop\fn name.txt Task: {11dec036-7e8b-4b5b-906d-51876287d3d1} - no filepath Date: 2021-10-24 13:02:27.034 WebAORUS is a world leading brand in high-performance motherboards, graphic cards, laptops gaming hardware and systems. 2021-10-02 22:51 - 2021-10-10 13:03 - 000003356 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore Task: {19e78c37-4706-4ee6-b14f-00a377e1761c} - no filepath 2021-10-15 11:55 - 2021-10-15 11:55 - 000000000 ____D C:\Users\Pepega\AppData\Local\BlueStacks ==================== Registry (Whitelisted) =================== Category: Settings Modifier Stage:GATHER_RULES_FROM_LICENSES Epic Games Launcher Prerequisites (x64) (HKLM\\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Task: {90b432e7-5c87-425c-9dd5-33099e0e41c9} - no filepath Task: {414df2f8-cc7c-49b6-a90f-8e407ed62e02} - no filepath 2021-10-04 09:35 - 2021-02-13 04:24 - 000205552 _____ (Ray Hinchliffe) C:\Windows\system32\Drivers\SIVX64.sys 2021-10-15 11:40 - 2021-10-15 11:40 - 000000000 ____D C:\ProgramData\BlueStacks_nxt 0.0.0.0 feedback.search.microsoft.com Task: {69239D2A-9392-46A2-9683-DE2CB69D23FE} - System32\Tasks\AMDAutoUpdate => C:\Program Files\AMD\AutoUpdate\AMDAutoUpdate.exe [667832 2021-07-16] (Advanced Micro Devices INC. -> ) Task: {6902881d-a9ea-4ce3-9977-eac42438e59f} - no filepath 2021-10-03 09:12 - 2021-10-03 09:12 - 000000000 ____D C:\Users\Pepega\source Click OK twice and restart the computer. 2021-10-02 23:03 - 2021-10-02 23:03 - 000000000 ____D C:\Windows\system32\lxss 2021-10-02 23:25 - 2021-10-04 18:19 - 000000000 ____D C:\Windows\SysWOW64\1033 2021-10-02 23:43 - 2021-10-02 23:43 - 000000000 ____D C:\ProgramData\Battle.net Exception code: 0xe0434352 Result of scheduled keys to remove after reboot: vs_minshellmsires (HKLM-x32\\{6BEA577E-EB1B-47A4-A0EF-05D5FAC0861E}) (Version: 17.0.31709 - Microsoft Corporation) Hidden Startup: C:\Users\Pepega\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Thing2.bat [2021-10-24] () [File not signed] Microsoft Edge WebView2 Runtime (HKLM-x32\\Microsoft EdgeWebView) (Version: 95.0.1020.30 - Microsoft Corporation) "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4bc5b754-7072-4f40-a1b7-dd43c20ebdf6}" => removed successfully "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8f7674a6-0b05-416d-8dc8-bba2f61cad8c}" => removed successfully Total physical RAM: 32689.05 MB CustomCLSID: HKU\S-1-5-21-326566074-3447909417-183555969-1001_Classes\CLSID\{47E6DCAF-41F8-441C-BD0E-A50D5FE6C4D1}\localserver32 -> "C:\Users\Pepega\AppData\Local\Microsoft\OneDrive\21.170.0822.0002\Microsoft.SharePoint.exe" => No File 2021-10-13 22:14 - 2021-10-07 19:32 - 001206416 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2021-10-02 23:03 - 2021-10-02 23:04 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation FirewallRules: [UDP Query User{0A8BBE95-3686-4B16-8A84-FCFD22173BE9}C:\program files (x86)\call of duty modern warfare\modernwarfare.exe] => (Allow) C:\program files (x86)\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision) 2021-10-24 12:40 - 2021-10-24 17:27 - 000036208 _____ (Sysinternals - www.sysinternals.com) C:\Windows\system32\Drivers\PROCEXP152.SYS 2021-10-07 22:42 - 2021-10-21 13:34 - 000000044 _____ C:\Users\Pepega\Desktop\time.txt Microsoft Defender Antivirus has detected malware or other potentially unwanted software. 2021-10-02 23:04 - 2021-10-02 23:04 - 000003940 _____ C:\Windows\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-10-02 23:18 - 2021-10-02 23:18 - 000001429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio Installer.lnk 2021-10-24 09:40 - 2021-10-24 09:40 - 000000000 ____D C:\Users\Pepega\Documents\Call of Duty Modern Warfare Resetting Subinterface, OK! 2021-10-02 23:25 - 2021-10-04 18:19 - 000000000 ____D C:\Windows\system32\1029 vs_clickoncebootstrappermsires (HKLM-x32\\{4F48CC43-3C4F-4C5F-813A-8D5E5BF4E52A}) (Version: 17.0.31703 - Microsoft Corporation) Hidden Pepega (S-1-5-21-326566074-3447909417-183555969-1001 - Administrator - Enabled) => C:\Users\Pepega Task: {68912dca-04b7-43b9-b125-ab2888148ebb} - no filepath "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6298650e-c3bc-47e3-a571-b4eea94ac419}" => removed successfully 2021-10-03 18:24 - 2021-10-03 19:31 - 000000000 ____D C:\Program Files\ruxim Severity: Medium at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object) Task: {d9c6b67e-9dbb-4ba4-ad4b-5aecb6889d08} - no filepath Task: {df1c3fe3-3222-4a5e-b520-95a4768a5710} - no filepath ==================== Codecs (Whitelisted) ==================== Faulting module path: D:\Cheetos\Woofing\Cinx Archieves\SinEx 4.2.0 [BETA]\SinEx 4.2.0 BETA Woofer [All Winver].exe Detection Origin: Local machine (A-Volute SAS -> A-Volute) C:\Users\Pepega\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe Description: Faulting application name: SinEx 4.2.0 BETA Woofer [All Winver].exe, version: 0.0.0.0, time stamp: 0x616e2119 Task: {86c0c79f-566b-48c2-a517-d270146f5782} - no filepath 2021-10-18 20:24 - 2021-10-18 20:24 - 000000000 ____D C:\ProgramData\AMD AutoUpdate You currently have javascript disabled. ==================== Restore Points ========================= ========= End of CMD: ========= ==================== Shortcuts & WMI ======================== CloseProcesses: 2021-10-13 22:14 - 2021-10-07 19:32 - 001450200 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal) ENE_EHD_M2_HAL (HKLM-x32\\{54d3d2b5-db16-446d-b6dd-f4964b166b3b}) (Version: 1.0.8.13 - ENE TECHNOLOGY INC.) Hidden 2021-10-03 18:39 - 2021-10-07 12:21 - 000049533 _____ C:\Windows\diagwrn.xml 2021-10-24 20:19 - 2021-10-24 20:37 - 000000000 ____D C:\Users\Pepega\AppData\Local\CrashDumps WinRT Intellisense Mobile - en-us (HKLM-x32\\{443FF51E-16C3-F23B-18FC-0D1D66024B0B}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden Error: (10/24/2021 07:36:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) ========= "C:\Windows\SysWOW64\lodctr.exe" /R ========= Engine Version: AM: 1.1.18600.4, NIS: 1.1.18600.4 2021-10-13 22:14 - 2021-10-07 19:28 - 000707712 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe 2021-10-05 15:51 - 2021-10-05 16:12 - 000000094 _____ C:\Users\Pepega\Desktop\cod filters.txt i have tried manually removing these files in safe mode but again, it was only a temporary solution, as they are downloaded again (presumably using some sort of script), even though i have firewall enable AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} 2021-10-04 09:35 - 2021-10-04 09:35 - 000000000 ____D C:\Users\Pepega\Desktop\rkill Task: {53092fd3-455c-4d74-9110-8a5211ddb6c2} - no filepath The file will not be moved unless listed separately.) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal) "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{c68b5818-129c-4160-9e29-1a8feeb737d8}" => removed successfully CMD: "%WINDIR%\SysWOW64\lodctr.exe" /R HKLM\\StartupApproved\Run: => "WindowsDefender" Microsoft Defender Antivirus has detected malware or other potentially unwanted software. Adobe Media Encoder 2021 (HKLM-x32\\AME_15_4_1) (Version: 15.4.1 - Adobe Inc.) 2021-10-24 13:20 - 2021-10-24 13:22 - 476374211 _____ (Igor Pavlov) C:\Users\Pepega\Desktop\Tron v12.0.1 (2021-10-18).exe WebAORUS Gaming Motherboards will support either 5v or 12v digital LED strips. Task: {2d5dd02e-d989-436b-a3d0-b2283ce2c942} - no filepath not found Description: The process was terminated due to an unhandled exception. Discord (HKU\S-1-5-21-326566074-3447909417-183555969-1001\\Discord) (Version: 1.0.9003 - Discord Inc.) Successfully flushed the DNS Resolver Cache. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{68703689-47bd-47ee-9cf2-e91abb43a182}" => removed successfully Error - The Alienware Client Management Service service failed to start due to the following error: Error - The application has failed to start because its side-by-side configuration is incorrect. Task: {e0ba60f1-d26f-4185-8bb0-04b05678ff5a} - no filepath "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{a4a7b095-aaa9-401c-a9d7-8abe8ea301af}" => removed successfully C:\WINDOWS\system32\*.tmp Latest News: Apples first Rapid Security Response patch fails to install on iPhones, Featured Deal: Extended Deal: Get Microsoft Office 2021 on sale for just $39, Latest Buyer's Guide: Best VPNs to unblock WhatsApp calling in the UAE. Task: {10914230-EDDF-4324-BD6D-2A05C1496959} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-09-14] (NVIDIA Corporation -> NVIDIA Corporation) (Currently there is no automatic fix for this section.) Task: {a4a7b095-aaa9-401c-a9d7-8abe8ea301af} - no filepath Task: {ab7dbf26-2e26-445a-a7dd-f60ac12f19a6} - no filepath Resetting , OK! (If an entry is included in the fixlist, the registry item will be restored to default or removed. Python 3.9.5 Tcl/Tk Support (64-bit symbols) (HKLM\\{9F0D0DF1-B4D0-4760-A174-0CFF5C09D758}) (Version: 3.9.5150.0 - Python Software Foundation) Hidden Startup: C:\Users\Pepega\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Thing.bat [2021-10-24] () [File not signed] Task: {e6857042-80d9-4422-85b4-1c5dc0aae451} - no filepath 0.0.0.0 reports.wes.df.telemetry.microsoft.com HKU\S-1-5-21-326566074-3447909417-183555969-1001\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION Mozilla Firefox (x64 en-US) (HKLM\\Mozilla Firefox 93.0 (x64 en-US)) (Version: 93.0 - Mozilla) FirewallRules: [{E2EA9D77-F4B6-46E6-94CF-DAE772492424}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> ) WebMake the most of your membership enjoy games, invite friends, earn points, get rewards, and more. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{bc549475-73a3-47b9-8e8c-cce95c3b76c2}" => removed successfully 2021-10-02 23:25 - 2021-10-04 18:19 - 000000000 ____D C:\Windows\SysWOW64\1040 "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{bfa657d3-0b7d-471a-89e3-f729ecb71365}" => removed successfully Resetting , OK! Task: {6298650e-c3bc-47e3-a571-b4eea94ac419} - no filepath Task: {560963e7-8fb3-45a5-b560-b69102dfab6a} - no filepath R2 NahimicService; C:\Windows\system32\NahimicService.exe [1633288 2020-12-10] (A-Volute SAS -> Nahimic) 2021-10-02 23:04 - 2021-09-14 14:39 - 000001951 _____ C:\Windows\NvContainerRecovery.bat Task: {95d6d4ae-89c2-47b7-947d-0a2c92579474} - no filepath Security intelligence Version: AV: 1.351.958.0, AS: 1.351.958.0, NIS: 1.351.958.0 The file which is running by the task will not be moved.) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation) For more information please see the following:https://go.microsoft.com/fwlink/?linkid=37020&name=SettingsModifier:Win32/PossibleHostsFileHijack&threatid=14994&enterprise=0 Task: {b3eb79cd-689d-4158-bea3-8771c38a327c} - no filepath For more information please see the following:https://go.microsoft.com/fwlink/?linkid=37020&name=SettingsModifier:Win32/PossibleHostsFileHijack&threatid=14994&enterprise=0 2021-10-22 11:43 - 2021-10-22 11:43 - 000000000 ____D C:\Users\Pepega\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Riot Games CustomCLSID: HKU\S-1-5-21-326566074-3447909417-183555969-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Pepega\AppData\Local\Microsoft\OneDrive\21.170.0822.0002\amd64\FileSyncShell64.dll => No File ========= End of CMD: ========= WinAppDeploy (HKLM-x32\\{2ADF1977-BF31-E127-B651-AC28A8658317}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden 2021-10-02 23:04 - 2021-09-14 14:39 - 001293680 _____ (NVIDIA Corporation) C:\Windows\system32\NvRtmpStreamer64.dll Task: {a68a203b-7eaa-4914-a565-5ff9759ae2a4} - no filepath Task: {1539d558-2bfa-453d-a38e-aa8bbec05194} - no filepath CustomCLSID: HKU\S-1-5-21-326566074-3447909417-183555969-1001_Classes\CLSID\{80172dde-4e20-4df0-81a2-0a48553e80bb}\localserver32 -> C:\Users\Pepega\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe (A-Volute SAS -> A-Volute) (If an entry is included in the fixlist, it will be removed from the registry. here are the virustotals for the 2 files:https://www.virustotal.com/gui/file/85aa1344d28fd7c6a911924040e5b3ae1278fb70444cd39d056bd270f147f61bhttps://www.virustotal.com/gui/file/85aa1344d28fd7c6a911924040e5b3ae1278fb70444cd39d056bd270f147f61b/behavior/Microsoft%20Sysinternals, FRST RESULTS: HKU\S-1-5-21-326566074-3447909417-183555969-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E} => removed successfully R2 AORUS LCD Panel Service; C:\Program Files (x86)\GIGABYTE\AORUS LCD Panel Setting\MonitorService-exec.exe [360960 2018-12-21] (CloudBees, Inc.) [File not signed] Path: file:_C:\Windows\System32\drivers\etc\hosts 2021-09-29 10:31 - 2021-10-24 17:56 - 000000000 ____D C:\Users\Pepega 2021-10-07 11:40 - 2021-10-07 11:40 - 000000000 ___HD C:\$WinREAgent vs_CoreEditorFonts (HKLM-x32\\{E247EDC7-CB46-45AD-9F59-C5C339A006D9}) (Version: 17.0.31716 - Microsoft Corporation) Hidden (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) C:\Windows\Temp\MpSigStub.log => moved successfully 2021-10-04 18:19 - 2019-03-19 15:52 - 000000000 ____D C:\Windows\system32\ta-in HKU\S-1-5-21-326566074-3447909417-183555969-1001\\StartupApproved\Run: => "OneDrive" HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp//go.microsoft.com/fwlink/?LinkId=54896 (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe Task: {646144d0-0d5f-463c-aedc-cbc190d10525} - no filepath CustomCLSID: HKU\S-1-5-21-326566074-3447909417-183555969-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems) 2021-10-13 22:14 - 2021-10-07 19:28 - 000981136 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll ==================== One month (created) (Whitelisted) ========= Task: {65f6d357-0576-4835-8e37-d12ac62b76e0} - no filepath CMD: "C:\Windows\SysWOW64\lodctr.exe" /R 2021-10-03 11:47 - 2021-10-04 18:19 - 000000000 ____D C:\Program Files\UNP (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicService.exe Error: (10/24/2021 07:35:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) FF Extension: (Decentraleyes) - C:\Users\Pepega\AppData\Roaming\Mozilla\Firefox\Profiles\q42kwfcc.default-release\Extensions\jid1-BoFifL9Vbdl2zQ@jetpack.xpi [2021-10-05] 2021-10-02 23:04 - 2021-09-14 14:39 - 002838384 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll FirewallRules: [{AEEC18B9-7BBC-4B9F-930A-C90FBE4F9195}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) 2021-10-24 13:24 - 2021-10-24 13:24 - 000000000 ____D C:\Users\Pepega\Desktop\tron 2021-10-22 12:27 - 2021-10-24 19:38 - 000000001 _____ C:\Windows\vgkbootstatus.dat WinRT Intellisense IoT - Other Languages (HKLM-x32\\{216D5F47-257D-6284-5849-B51037875EFA}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden 2021-10-13 16:20 - 2021-10-13 16:38 - 000000254 _____ C:\Users\Pepega\AppData\LocalLow\rbxcsettings.rbx 2021-10-03 15:49 - 2021-10-03 15:49 - 000000000 _SHDL C:\Documents and Settings "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{86c0c79f-566b-48c2-a517-d270146f5782}" => removed successfully 2021-10-04 18:19 - 2019-03-19 15:52 - 000000000 ____D C:\Windows\system32\GroupPolicy "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{29ad0c16-34a9-49f9-a1d8-81f44fff082d}" => removed successfully FirewallRules: [{7AD4F43C-4369-433E-B2EC-A10468B9A5B1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> ) Task: {132c3361-2a8c-4a3a-a81d-208c0f31a908} - no filepath Edge DefaultProfile: Default 2021-10-24 14:03 - 2021-10-24 14:03 - 000058304 _____ C:\Windows\system32\Drivers\49306c4f52694d3361565a36626b5a525132647563586434536a6c474d586f3054584670.sys icecap_collection_neutral (HKLM-x32\\{519060B0-9C83-4D54-97A7-32C2350583C9}) (Version: 17.0.31709 - Microsoft Corporation) Hidden Task: {013418b8-2dc1-4fb4-9c18-21dcfcb620cb} - no filepath vs_Graphics_Singletonx64 (HKLM\\{FB70BB0F-04E2-48FE-B4A8-41FA0ABD59C1}) (Version: 17.0.31709 - Microsoft Corporation) Hidden 2021-10-13 22:14 - 2021-10-07 19:27 - 000452224 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe vs_minshellinteropsharedmsi (HKLM-x32\\{6A4F2879-CFBC-4023-8C00-75E2ED65E0C9}) (Version: 17.0.31709 - Microsoft Corporation) Hidden Faulting package-relative application ID: "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{d7495c49-8426-461c-8455-350522fba9cb}" => removed successfully WebOpen Hours: Monday Saturday, 8:00 a.m. 6:00 p.m. Login Register; Home; Contact Us Task: {6ee54cdc-f0d4-4cad-be32-be99498e56b8} - no filepath Task: {b30dbf6f-75b4-422c-82ed-f93cae0f7dec} - no filepath The system cannot find the path specified. The following corrective action will be taken in 10,510. Task: {d2d2fbec-f7b4-41b4-9251-9cfdc41d781f} - no filepath 2021-10-18 19:33 - 2021-10-18 19:33 - 000000000 ____D C:\Users\Pepega\AppData\Local\NhNotifSys 2021-10-08 16:58 - 2021-10-08 16:58 - 000058304 _____ C:\Windows\system32\Drivers\49306c4f52694d3363575a7151566834646c4a3252566836626a644955474a7463474a6f.sys Task: {4d4276f1-945c-486b-b48f-62cda9b73d18} - no filepath Universal CRT Redistributable (HKLM-x32\\{A57CD0A6-4297-FD30-34A4-34758B6F5F69}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden Task: {519e0c96-0a46-4c15-840e-41ed3cda1aef} - no filepath Task: {b1fed2a8-3200-4219-af34-0fd05172af37} - no filepath at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object) 2021-10-02 23:34 - 2021-10-02 23:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits 2021-10-18 19:32 - 2021-07-29 05:27 - 048046994 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT 2021-10-16 20:42 - 2021-10-17 14:37 - 000000000 ___RD C:\Users\Pepega\Creative Cloud Files 0.0.0.0 wes.df.telemetry.microsoft.com Resetting Path, OK! "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{519e0c96-0a46-4c15-840e-41ed3cda1aef}" => removed successfully Windows Software Development Kit - Windows 10.0.19041.685 (HKLM-x32\\{4591faf1-a2db-4a3d-bfda-aa5a4ebb1587}) (Version: 10.1.19041.685 - Microsoft Corporation) 2021-10-03 16:54 - 2021-10-03 16:54 - 000000223 _____ C:\Users\Pepega\Desktop\Apex Legends.url 2021-10-13 16:20 - 2021-10-13 16:20 - 000001245 _____ C:\Users\Pepega\Desktop\Roblox Studio.lnk Task: {df1c3fe3-3222-4a5e-b520-95a4768a5710} - no filepath Error: (10/24/2021 06:01:46 PM) (Source: DCOM) (EventID: 10010) (User: Avalanche-14329) Access is denied. Resetting Site Prefix, OK! "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2d5dd02e-d989-436b-a3d0-b2283ce2c942}" => removed successfully Description: Faulting application name: Update.exe_Microsoft Corporation, version: 10.0.100.100, time stamp: 0x6174a237 2021-10-02 23:18 - 2021-10-02 23:18 - 000000000 ____D C:\Users\Pepega\AppData\Roaming\Visual Studio Setup 2021-10-13 16:38 - 2021-10-13 16:41 - 000000000 ____D C:\Program Files\Wireshark 2021-10-03 15:48 - 2021-10-03 15:48 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf Task: {14B4F718-04DD-467B-A775-E906F62BB732} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-09-14] (NVIDIA Corporation -> NVIDIA Corporation) Resetting , OK! ?\C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys [X] 2021-10-02 23:22 - 2021-10-02 23:26 - 000000000 ____D C:\Program Files (x86)\Windows Kits " The NVIDIA LocalSystem Container service terminated with the following Task: {00f722c3-08dc-4b10-b10e-91a3004714f3} - no filepath Resetting Control Protocol, OK! ?\C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys [X] 2021-09-30 14:33 - 2021-09-30 14:33 - 001993216 _____ (GIGABYTE) [File not signed] C:\Program Files (x86)\GIGABYTE\RGBFusion\AACPCIeSSD_Lib.dll 2021-10-03 16:47 - 2021-10-07 11:42 - 000000000 ____D C:\Windows\Panther 2021-10-22 11:44 - 2021-10-22 11:44 - 000000000 ____D C:\Program Files\Riot Vanguard Task: {0D800AA5-1B39-4310-BE91-74EBCFD0DB76} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-09-14] (NVIDIA Corporation -> NVIDIA Corporation) Microsoft Defender Antivirus has detected malware or other potentially unwanted software. Error: (10/24/2021 07:36:20 PM) (Source: Application Error) (EventID: 1000) (User: ) Severity: Medium 2021-10-02 23:02 - 2021-10-02 23:02 - 000000000 ____D C:\Program Files (x86)\AMD 2021-10-13 16:39 - 2021-10-24 14:30 - 000000000 ____D C:\Program Files\Npcap C:\WINDOWS\syswow64\*.tmp Desktop PC Gaming Peripherals Premium Components Gaming Motherboards Premium Graphics Cards Gaming Laptops 2021-10-02 23:24 - 2021-10-02 23:24 - 000000000 ____D C:\Users\Pepega\.dotnet "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{53092fd3-455c-4d74-9110-8a5211ddb6c2}" => removed successfully Exception Info: System.Runtime.InteropServices.ExternalException Available physical RAM: 26345.08 MB SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC Task: {013418b8-2dc1-4fb4-9c18-21dcfcb620cb} - no filepath Realtek Ethernet Controller Driver (HKLM-x32\\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.46.1231.2020 - Realtek) Section 8 Housing Application Ohio, Articles T
">

the aorus lcd panel service service terminated unexpectedly

the aorus lcd panel service service terminated unexpectedly
jerry paul smith blacksburg
By comfrey for teeth and gums May 4, 2023

2021-10-15 11:58 - 2021-10-15 11:58 - 000000000 ____D C:\Users\Pepega\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LDPlayer4 0.0.0.0 oca.telemetry.microsoft.com (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <13> Microsoft Defender Antivirus has detected malware or other potentially unwanted software. (If an entry is included in the fixlist, it will be removed from the registry. Task: {977e0d72-710d-4264-bfbf-105f17f81aa3} - no filepath Drive c: () (Fixed) (Total:1863.02 GB) (Free:1519.33 GB) NTFS -> ) Startup: C:\Users\Pepega\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Thing.bat [2021-10-24] () [File not signed] Resetting , OK! "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{80442d75-04ca-4d81-8c53-a52f6d4b32b0}" => removed successfully 2021-10-13 22:14 - 2021-10-07 19:32 - 000965336 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll 2021-10-20 14:50 - 2021-10-20 14:50 - 000000000 ____D C:\Program Files\ENE 2021-10-03 23:13 - 2021-10-03 23:14 - 000008192 ___SH C:\DumpStack.log.tmp Security intelligence Version: AV: 1.351.958.0, AS: 1.351.958.0, NIS: 1.351.958.0 "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{43f54ace-856e-4b50-9808-1588b79b7c18}" => removed successfully 2021-10-15 11:58 - 2021-10-15 11:58 - 000000000 ____D C:\Program Files\ldplayerbox Task: {bd098352-5f63-4d2b-8e01-ba6a347a2975} - no filepath "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{b44de6b6-1303-474b-bd1f-0c3e771de5d9}" => removed successfully R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [8234256 2021-10-21] (Riot Games, Inc. -> Riot Games, Inc.) [File not signed] C:\Program Files (x86)\GIGABYTE\AORUS LCD Panel Setting\GVDisplay.dll Fault offset: 0x000000000003a839 I disabled it and now everything runs fine. (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Print driver host for applications\Print driver host for applications.exe 2021-10-04 18:19 - 2019-03-19 15:52 - 000000000 ____D C:\Windows\ServiceState CustomCLSID: HKU\S-1-5-21-326566074-3447909417-183555969-1001_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.) at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) Kits Configuration Installer (HKLM-x32\\{E75A9998-E979-760B-6AEB-49763F279EDD}) (Version: 10.1.19041.685 - Microsoft) Hidden 2021-10-16 20:39 - 2021-10-16 20:46 - 000000000 ____D C:\Program Files\Common Files\Adobe 2021-10-09 19:30 - 2021-10-09 19:30 - 000058304 _____ C:\Windows\system32\Drivers\49306c4f52694e4555486333655846434e586f3256576c6e5a334e784f4535614e585674.sys C:\Users\Pepega\NTUSER.pol => moved successfully 2021-10-20 14:48 - 2021-10-20 14:50 - 000000000 ____D C:\Program Files (x86)\GIGABYTE 2021-10-02 23:01 - 2021-10-02 23:01 - 000000000 ____D C:\Users\Pepega\AppData\Local\setup If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed. ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-09-15] (Adobe Inc. -> ) "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{b1fed2a8-3200-4219-af34-0fd05172af37}" => removed successfully Task: {7ef13d49-f1cb-4454-af1c-a7a9e880a031} - no filepath Faulting application start time: 0x01d7c8b23e4aead7 Description: The rules engine failed to evaluate the rules. 2021-10-02 22:56 - 2021-10-02 23:03 - 000000000 ____D C:\Windows\system32\Drivers\NVIDIA Corporation Resetting , OK! C:\Windows\SysWOW64\Windows Driver Installation Service => moved successfully FirewallRules: [UDP Query User{AF8AC701-2625-4E3F-B802-427DABF38DBC}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.) HKLM\\StartupApproved\Run32: => "Adobe CCXProcess" "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{b8ce6039-5202-4c0c-b706-9d55226ab086}" => removed successfully With this running, my Index was getting Display Error spikes almost every second while in the VR home, and any games I tried. Please re-enable javascript to access full functionality. 2021-10-22 18:11 - 2021-10-22 18:11 - 000000031 _____ C:\Users\Pepega\Desktop\fn name.txt Task: {11dec036-7e8b-4b5b-906d-51876287d3d1} - no filepath Date: 2021-10-24 13:02:27.034 WebAORUS is a world leading brand in high-performance motherboards, graphic cards, laptops gaming hardware and systems. 2021-10-02 22:51 - 2021-10-10 13:03 - 000003356 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore Task: {19e78c37-4706-4ee6-b14f-00a377e1761c} - no filepath 2021-10-15 11:55 - 2021-10-15 11:55 - 000000000 ____D C:\Users\Pepega\AppData\Local\BlueStacks ==================== Registry (Whitelisted) =================== Category: Settings Modifier Stage:GATHER_RULES_FROM_LICENSES Epic Games Launcher Prerequisites (x64) (HKLM\\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Task: {90b432e7-5c87-425c-9dd5-33099e0e41c9} - no filepath Task: {414df2f8-cc7c-49b6-a90f-8e407ed62e02} - no filepath 2021-10-04 09:35 - 2021-02-13 04:24 - 000205552 _____ (Ray Hinchliffe) C:\Windows\system32\Drivers\SIVX64.sys 2021-10-15 11:40 - 2021-10-15 11:40 - 000000000 ____D C:\ProgramData\BlueStacks_nxt 0.0.0.0 feedback.search.microsoft.com Task: {69239D2A-9392-46A2-9683-DE2CB69D23FE} - System32\Tasks\AMDAutoUpdate => C:\Program Files\AMD\AutoUpdate\AMDAutoUpdate.exe [667832 2021-07-16] (Advanced Micro Devices INC. -> ) Task: {6902881d-a9ea-4ce3-9977-eac42438e59f} - no filepath 2021-10-03 09:12 - 2021-10-03 09:12 - 000000000 ____D C:\Users\Pepega\source Click OK twice and restart the computer. 2021-10-02 23:03 - 2021-10-02 23:03 - 000000000 ____D C:\Windows\system32\lxss 2021-10-02 23:25 - 2021-10-04 18:19 - 000000000 ____D C:\Windows\SysWOW64\1033 2021-10-02 23:43 - 2021-10-02 23:43 - 000000000 ____D C:\ProgramData\Battle.net Exception code: 0xe0434352 Result of scheduled keys to remove after reboot: vs_minshellmsires (HKLM-x32\\{6BEA577E-EB1B-47A4-A0EF-05D5FAC0861E}) (Version: 17.0.31709 - Microsoft Corporation) Hidden Startup: C:\Users\Pepega\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Thing2.bat [2021-10-24] () [File not signed] Microsoft Edge WebView2 Runtime (HKLM-x32\\Microsoft EdgeWebView) (Version: 95.0.1020.30 - Microsoft Corporation) "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4bc5b754-7072-4f40-a1b7-dd43c20ebdf6}" => removed successfully "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8f7674a6-0b05-416d-8dc8-bba2f61cad8c}" => removed successfully Total physical RAM: 32689.05 MB CustomCLSID: HKU\S-1-5-21-326566074-3447909417-183555969-1001_Classes\CLSID\{47E6DCAF-41F8-441C-BD0E-A50D5FE6C4D1}\localserver32 -> "C:\Users\Pepega\AppData\Local\Microsoft\OneDrive\21.170.0822.0002\Microsoft.SharePoint.exe" => No File 2021-10-13 22:14 - 2021-10-07 19:32 - 001206416 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2021-10-02 23:03 - 2021-10-02 23:04 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation FirewallRules: [UDP Query User{0A8BBE95-3686-4B16-8A84-FCFD22173BE9}C:\program files (x86)\call of duty modern warfare\modernwarfare.exe] => (Allow) C:\program files (x86)\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision) 2021-10-24 12:40 - 2021-10-24 17:27 - 000036208 _____ (Sysinternals - www.sysinternals.com) C:\Windows\system32\Drivers\PROCEXP152.SYS 2021-10-07 22:42 - 2021-10-21 13:34 - 000000044 _____ C:\Users\Pepega\Desktop\time.txt Microsoft Defender Antivirus has detected malware or other potentially unwanted software. 2021-10-02 23:04 - 2021-10-02 23:04 - 000003940 _____ C:\Windows\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-10-02 23:18 - 2021-10-02 23:18 - 000001429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio Installer.lnk 2021-10-24 09:40 - 2021-10-24 09:40 - 000000000 ____D C:\Users\Pepega\Documents\Call of Duty Modern Warfare Resetting Subinterface, OK! 2021-10-02 23:25 - 2021-10-04 18:19 - 000000000 ____D C:\Windows\system32\1029 vs_clickoncebootstrappermsires (HKLM-x32\\{4F48CC43-3C4F-4C5F-813A-8D5E5BF4E52A}) (Version: 17.0.31703 - Microsoft Corporation) Hidden Pepega (S-1-5-21-326566074-3447909417-183555969-1001 - Administrator - Enabled) => C:\Users\Pepega Task: {68912dca-04b7-43b9-b125-ab2888148ebb} - no filepath "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6298650e-c3bc-47e3-a571-b4eea94ac419}" => removed successfully 2021-10-03 18:24 - 2021-10-03 19:31 - 000000000 ____D C:\Program Files\ruxim Severity: Medium at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object) Task: {d9c6b67e-9dbb-4ba4-ad4b-5aecb6889d08} - no filepath Task: {df1c3fe3-3222-4a5e-b520-95a4768a5710} - no filepath ==================== Codecs (Whitelisted) ==================== Faulting module path: D:\Cheetos\Woofing\Cinx Archieves\SinEx 4.2.0 [BETA]\SinEx 4.2.0 BETA Woofer [All Winver].exe Detection Origin: Local machine (A-Volute SAS -> A-Volute) C:\Users\Pepega\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe Description: Faulting application name: SinEx 4.2.0 BETA Woofer [All Winver].exe, version: 0.0.0.0, time stamp: 0x616e2119 Task: {86c0c79f-566b-48c2-a517-d270146f5782} - no filepath 2021-10-18 20:24 - 2021-10-18 20:24 - 000000000 ____D C:\ProgramData\AMD AutoUpdate You currently have javascript disabled. ==================== Restore Points ========================= ========= End of CMD: ========= ==================== Shortcuts & WMI ======================== CloseProcesses: 2021-10-13 22:14 - 2021-10-07 19:32 - 001450200 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal) ENE_EHD_M2_HAL (HKLM-x32\\{54d3d2b5-db16-446d-b6dd-f4964b166b3b}) (Version: 1.0.8.13 - ENE TECHNOLOGY INC.) Hidden 2021-10-03 18:39 - 2021-10-07 12:21 - 000049533 _____ C:\Windows\diagwrn.xml 2021-10-24 20:19 - 2021-10-24 20:37 - 000000000 ____D C:\Users\Pepega\AppData\Local\CrashDumps WinRT Intellisense Mobile - en-us (HKLM-x32\\{443FF51E-16C3-F23B-18FC-0D1D66024B0B}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden Error: (10/24/2021 07:36:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) ========= "C:\Windows\SysWOW64\lodctr.exe" /R ========= Engine Version: AM: 1.1.18600.4, NIS: 1.1.18600.4 2021-10-13 22:14 - 2021-10-07 19:28 - 000707712 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe 2021-10-05 15:51 - 2021-10-05 16:12 - 000000094 _____ C:\Users\Pepega\Desktop\cod filters.txt i have tried manually removing these files in safe mode but again, it was only a temporary solution, as they are downloaded again (presumably using some sort of script), even though i have firewall enable AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} 2021-10-04 09:35 - 2021-10-04 09:35 - 000000000 ____D C:\Users\Pepega\Desktop\rkill Task: {53092fd3-455c-4d74-9110-8a5211ddb6c2} - no filepath The file will not be moved unless listed separately.) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal) "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{c68b5818-129c-4160-9e29-1a8feeb737d8}" => removed successfully CMD: "%WINDIR%\SysWOW64\lodctr.exe" /R HKLM\\StartupApproved\Run: => "WindowsDefender" Microsoft Defender Antivirus has detected malware or other potentially unwanted software. Adobe Media Encoder 2021 (HKLM-x32\\AME_15_4_1) (Version: 15.4.1 - Adobe Inc.) 2021-10-24 13:20 - 2021-10-24 13:22 - 476374211 _____ (Igor Pavlov) C:\Users\Pepega\Desktop\Tron v12.0.1 (2021-10-18).exe WebAORUS Gaming Motherboards will support either 5v or 12v digital LED strips. Task: {2d5dd02e-d989-436b-a3d0-b2283ce2c942} - no filepath not found Description: The process was terminated due to an unhandled exception. Discord (HKU\S-1-5-21-326566074-3447909417-183555969-1001\\Discord) (Version: 1.0.9003 - Discord Inc.) Successfully flushed the DNS Resolver Cache. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{68703689-47bd-47ee-9cf2-e91abb43a182}" => removed successfully Error - The Alienware Client Management Service service failed to start due to the following error: Error - The application has failed to start because its side-by-side configuration is incorrect. Task: {e0ba60f1-d26f-4185-8bb0-04b05678ff5a} - no filepath "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{a4a7b095-aaa9-401c-a9d7-8abe8ea301af}" => removed successfully C:\WINDOWS\system32\*.tmp Latest News: Apples first Rapid Security Response patch fails to install on iPhones, Featured Deal: Extended Deal: Get Microsoft Office 2021 on sale for just $39, Latest Buyer's Guide: Best VPNs to unblock WhatsApp calling in the UAE. Task: {10914230-EDDF-4324-BD6D-2A05C1496959} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-09-14] (NVIDIA Corporation -> NVIDIA Corporation) (Currently there is no automatic fix for this section.) Task: {a4a7b095-aaa9-401c-a9d7-8abe8ea301af} - no filepath Task: {ab7dbf26-2e26-445a-a7dd-f60ac12f19a6} - no filepath Resetting , OK! (If an entry is included in the fixlist, the registry item will be restored to default or removed. Python 3.9.5 Tcl/Tk Support (64-bit symbols) (HKLM\\{9F0D0DF1-B4D0-4760-A174-0CFF5C09D758}) (Version: 3.9.5150.0 - Python Software Foundation) Hidden Startup: C:\Users\Pepega\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Thing.bat [2021-10-24] () [File not signed] Task: {e6857042-80d9-4422-85b4-1c5dc0aae451} - no filepath 0.0.0.0 reports.wes.df.telemetry.microsoft.com HKU\S-1-5-21-326566074-3447909417-183555969-1001\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION Mozilla Firefox (x64 en-US) (HKLM\\Mozilla Firefox 93.0 (x64 en-US)) (Version: 93.0 - Mozilla) FirewallRules: [{E2EA9D77-F4B6-46E6-94CF-DAE772492424}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> ) WebMake the most of your membership enjoy games, invite friends, earn points, get rewards, and more. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{bc549475-73a3-47b9-8e8c-cce95c3b76c2}" => removed successfully 2021-10-02 23:25 - 2021-10-04 18:19 - 000000000 ____D C:\Windows\SysWOW64\1040 "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{bfa657d3-0b7d-471a-89e3-f729ecb71365}" => removed successfully Resetting , OK! Task: {6298650e-c3bc-47e3-a571-b4eea94ac419} - no filepath Task: {560963e7-8fb3-45a5-b560-b69102dfab6a} - no filepath R2 NahimicService; C:\Windows\system32\NahimicService.exe [1633288 2020-12-10] (A-Volute SAS -> Nahimic) 2021-10-02 23:04 - 2021-09-14 14:39 - 000001951 _____ C:\Windows\NvContainerRecovery.bat Task: {95d6d4ae-89c2-47b7-947d-0a2c92579474} - no filepath Security intelligence Version: AV: 1.351.958.0, AS: 1.351.958.0, NIS: 1.351.958.0 The file which is running by the task will not be moved.) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation) For more information please see the following:https://go.microsoft.com/fwlink/?linkid=37020&name=SettingsModifier:Win32/PossibleHostsFileHijack&threatid=14994&enterprise=0 Task: {b3eb79cd-689d-4158-bea3-8771c38a327c} - no filepath For more information please see the following:https://go.microsoft.com/fwlink/?linkid=37020&name=SettingsModifier:Win32/PossibleHostsFileHijack&threatid=14994&enterprise=0 2021-10-22 11:43 - 2021-10-22 11:43 - 000000000 ____D C:\Users\Pepega\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Riot Games CustomCLSID: HKU\S-1-5-21-326566074-3447909417-183555969-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Pepega\AppData\Local\Microsoft\OneDrive\21.170.0822.0002\amd64\FileSyncShell64.dll => No File ========= End of CMD: ========= WinAppDeploy (HKLM-x32\\{2ADF1977-BF31-E127-B651-AC28A8658317}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden 2021-10-02 23:04 - 2021-09-14 14:39 - 001293680 _____ (NVIDIA Corporation) C:\Windows\system32\NvRtmpStreamer64.dll Task: {a68a203b-7eaa-4914-a565-5ff9759ae2a4} - no filepath Task: {1539d558-2bfa-453d-a38e-aa8bbec05194} - no filepath CustomCLSID: HKU\S-1-5-21-326566074-3447909417-183555969-1001_Classes\CLSID\{80172dde-4e20-4df0-81a2-0a48553e80bb}\localserver32 -> C:\Users\Pepega\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe (A-Volute SAS -> A-Volute) (If an entry is included in the fixlist, it will be removed from the registry. here are the virustotals for the 2 files:https://www.virustotal.com/gui/file/85aa1344d28fd7c6a911924040e5b3ae1278fb70444cd39d056bd270f147f61bhttps://www.virustotal.com/gui/file/85aa1344d28fd7c6a911924040e5b3ae1278fb70444cd39d056bd270f147f61b/behavior/Microsoft%20Sysinternals, FRST RESULTS: HKU\S-1-5-21-326566074-3447909417-183555969-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E} => removed successfully R2 AORUS LCD Panel Service; C:\Program Files (x86)\GIGABYTE\AORUS LCD Panel Setting\MonitorService-exec.exe [360960 2018-12-21] (CloudBees, Inc.) [File not signed] Path: file:_C:\Windows\System32\drivers\etc\hosts 2021-09-29 10:31 - 2021-10-24 17:56 - 000000000 ____D C:\Users\Pepega 2021-10-07 11:40 - 2021-10-07 11:40 - 000000000 ___HD C:\$WinREAgent vs_CoreEditorFonts (HKLM-x32\\{E247EDC7-CB46-45AD-9F59-C5C339A006D9}) (Version: 17.0.31716 - Microsoft Corporation) Hidden (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) C:\Windows\Temp\MpSigStub.log => moved successfully 2021-10-04 18:19 - 2019-03-19 15:52 - 000000000 ____D C:\Windows\system32\ta-in HKU\S-1-5-21-326566074-3447909417-183555969-1001\\StartupApproved\Run: => "OneDrive" HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp//go.microsoft.com/fwlink/?LinkId=54896 (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe Task: {646144d0-0d5f-463c-aedc-cbc190d10525} - no filepath CustomCLSID: HKU\S-1-5-21-326566074-3447909417-183555969-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems) 2021-10-13 22:14 - 2021-10-07 19:28 - 000981136 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll ==================== One month (created) (Whitelisted) ========= Task: {65f6d357-0576-4835-8e37-d12ac62b76e0} - no filepath CMD: "C:\Windows\SysWOW64\lodctr.exe" /R 2021-10-03 11:47 - 2021-10-04 18:19 - 000000000 ____D C:\Program Files\UNP (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicService.exe Error: (10/24/2021 07:35:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) FF Extension: (Decentraleyes) - C:\Users\Pepega\AppData\Roaming\Mozilla\Firefox\Profiles\q42kwfcc.default-release\Extensions\jid1-BoFifL9Vbdl2zQ@jetpack.xpi [2021-10-05] 2021-10-02 23:04 - 2021-09-14 14:39 - 002838384 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll FirewallRules: [{AEEC18B9-7BBC-4B9F-930A-C90FBE4F9195}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) 2021-10-24 13:24 - 2021-10-24 13:24 - 000000000 ____D C:\Users\Pepega\Desktop\tron 2021-10-22 12:27 - 2021-10-24 19:38 - 000000001 _____ C:\Windows\vgkbootstatus.dat WinRT Intellisense IoT - Other Languages (HKLM-x32\\{216D5F47-257D-6284-5849-B51037875EFA}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden 2021-10-13 16:20 - 2021-10-13 16:38 - 000000254 _____ C:\Users\Pepega\AppData\LocalLow\rbxcsettings.rbx 2021-10-03 15:49 - 2021-10-03 15:49 - 000000000 _SHDL C:\Documents and Settings "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{86c0c79f-566b-48c2-a517-d270146f5782}" => removed successfully 2021-10-04 18:19 - 2019-03-19 15:52 - 000000000 ____D C:\Windows\system32\GroupPolicy "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{29ad0c16-34a9-49f9-a1d8-81f44fff082d}" => removed successfully FirewallRules: [{7AD4F43C-4369-433E-B2EC-A10468B9A5B1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> ) Task: {132c3361-2a8c-4a3a-a81d-208c0f31a908} - no filepath Edge DefaultProfile: Default 2021-10-24 14:03 - 2021-10-24 14:03 - 000058304 _____ C:\Windows\system32\Drivers\49306c4f52694d3361565a36626b5a525132647563586434536a6c474d586f3054584670.sys icecap_collection_neutral (HKLM-x32\\{519060B0-9C83-4D54-97A7-32C2350583C9}) (Version: 17.0.31709 - Microsoft Corporation) Hidden Task: {013418b8-2dc1-4fb4-9c18-21dcfcb620cb} - no filepath vs_Graphics_Singletonx64 (HKLM\\{FB70BB0F-04E2-48FE-B4A8-41FA0ABD59C1}) (Version: 17.0.31709 - Microsoft Corporation) Hidden 2021-10-13 22:14 - 2021-10-07 19:27 - 000452224 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe vs_minshellinteropsharedmsi (HKLM-x32\\{6A4F2879-CFBC-4023-8C00-75E2ED65E0C9}) (Version: 17.0.31709 - Microsoft Corporation) Hidden Faulting package-relative application ID: "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{d7495c49-8426-461c-8455-350522fba9cb}" => removed successfully WebOpen Hours: Monday Saturday, 8:00 a.m. 6:00 p.m. Login Register; Home; Contact Us Task: {6ee54cdc-f0d4-4cad-be32-be99498e56b8} - no filepath Task: {b30dbf6f-75b4-422c-82ed-f93cae0f7dec} - no filepath The system cannot find the path specified. The following corrective action will be taken in 10,510. Task: {d2d2fbec-f7b4-41b4-9251-9cfdc41d781f} - no filepath 2021-10-18 19:33 - 2021-10-18 19:33 - 000000000 ____D C:\Users\Pepega\AppData\Local\NhNotifSys 2021-10-08 16:58 - 2021-10-08 16:58 - 000058304 _____ C:\Windows\system32\Drivers\49306c4f52694d3363575a7151566834646c4a3252566836626a644955474a7463474a6f.sys Task: {4d4276f1-945c-486b-b48f-62cda9b73d18} - no filepath Universal CRT Redistributable (HKLM-x32\\{A57CD0A6-4297-FD30-34A4-34758B6F5F69}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden Task: {519e0c96-0a46-4c15-840e-41ed3cda1aef} - no filepath Task: {b1fed2a8-3200-4219-af34-0fd05172af37} - no filepath at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object) 2021-10-02 23:34 - 2021-10-02 23:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits 2021-10-18 19:32 - 2021-07-29 05:27 - 048046994 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT 2021-10-16 20:42 - 2021-10-17 14:37 - 000000000 ___RD C:\Users\Pepega\Creative Cloud Files 0.0.0.0 wes.df.telemetry.microsoft.com Resetting Path, OK! "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{519e0c96-0a46-4c15-840e-41ed3cda1aef}" => removed successfully Windows Software Development Kit - Windows 10.0.19041.685 (HKLM-x32\\{4591faf1-a2db-4a3d-bfda-aa5a4ebb1587}) (Version: 10.1.19041.685 - Microsoft Corporation) 2021-10-03 16:54 - 2021-10-03 16:54 - 000000223 _____ C:\Users\Pepega\Desktop\Apex Legends.url 2021-10-13 16:20 - 2021-10-13 16:20 - 000001245 _____ C:\Users\Pepega\Desktop\Roblox Studio.lnk Task: {df1c3fe3-3222-4a5e-b520-95a4768a5710} - no filepath Error: (10/24/2021 06:01:46 PM) (Source: DCOM) (EventID: 10010) (User: Avalanche-14329) Access is denied. Resetting Site Prefix, OK! "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2d5dd02e-d989-436b-a3d0-b2283ce2c942}" => removed successfully Description: Faulting application name: Update.exe_Microsoft Corporation, version: 10.0.100.100, time stamp: 0x6174a237 2021-10-02 23:18 - 2021-10-02 23:18 - 000000000 ____D C:\Users\Pepega\AppData\Roaming\Visual Studio Setup 2021-10-13 16:38 - 2021-10-13 16:41 - 000000000 ____D C:\Program Files\Wireshark 2021-10-03 15:48 - 2021-10-03 15:48 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf Task: {14B4F718-04DD-467B-A775-E906F62BB732} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-09-14] (NVIDIA Corporation -> NVIDIA Corporation) Resetting , OK! ?\C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys [X] 2021-10-02 23:22 - 2021-10-02 23:26 - 000000000 ____D C:\Program Files (x86)\Windows Kits " The NVIDIA LocalSystem Container service terminated with the following Task: {00f722c3-08dc-4b10-b10e-91a3004714f3} - no filepath Resetting Control Protocol, OK! ?\C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys [X] 2021-09-30 14:33 - 2021-09-30 14:33 - 001993216 _____ (GIGABYTE) [File not signed] C:\Program Files (x86)\GIGABYTE\RGBFusion\AACPCIeSSD_Lib.dll 2021-10-03 16:47 - 2021-10-07 11:42 - 000000000 ____D C:\Windows\Panther 2021-10-22 11:44 - 2021-10-22 11:44 - 000000000 ____D C:\Program Files\Riot Vanguard Task: {0D800AA5-1B39-4310-BE91-74EBCFD0DB76} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-09-14] (NVIDIA Corporation -> NVIDIA Corporation) Microsoft Defender Antivirus has detected malware or other potentially unwanted software. Error: (10/24/2021 07:36:20 PM) (Source: Application Error) (EventID: 1000) (User: ) Severity: Medium 2021-10-02 23:02 - 2021-10-02 23:02 - 000000000 ____D C:\Program Files (x86)\AMD 2021-10-13 16:39 - 2021-10-24 14:30 - 000000000 ____D C:\Program Files\Npcap C:\WINDOWS\syswow64\*.tmp Desktop PC Gaming Peripherals Premium Components Gaming Motherboards Premium Graphics Cards Gaming Laptops 2021-10-02 23:24 - 2021-10-02 23:24 - 000000000 ____D C:\Users\Pepega\.dotnet "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{53092fd3-455c-4d74-9110-8a5211ddb6c2}" => removed successfully Exception Info: System.Runtime.InteropServices.ExternalException Available physical RAM: 26345.08 MB SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC Task: {013418b8-2dc1-4fb4-9c18-21dcfcb620cb} - no filepath Realtek Ethernet Controller Driver (HKLM-x32\\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.46.1231.2020 - Realtek)

Section 8 Housing Application Ohio, Articles T

/ About Author
mastercard director vs vice president
our Address

93C Gladstonos Street
Limassol
3032, Cyprus

Phones

Phone: +357 25351515

our e-mail

info@bodytekstudios.com
booking@bodytekstudios.com
www.bodytekstudios.com

working hours

Monday-Friday: 7:00 – 13:30, 16:00 – 19:30
Wednesday: 7:00 – 13:30
Saturday: 10:00 – 12:30

Fitness Evolution. Technology Driven.

The project PRE-SEED/0719/0163 is Co-funded by the European Regional Development Fund and the Republic of Cyprus through the research and innovation foundation

Our website uses cookies from third party services to improve your browsing experience. Read more about this and how you can control cookies by clicking "Privacy Preferences".