2021-10-15 11:59 - 2021-10-15 11:59 - 000000000 ____D C:\Users\Pepega\.Ld2VirtualBox HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp//go.microsoft.com/fwlink/?LinkId=54896 Task: {4bc5b754-7072-4f40-a1b7-dd43c20ebdf6} - no filepath 2021-10-15 11:59 - 2021-10-15 11:59 - 000000128 _____ () C:\Users\Pepega\AppData\Roaming\changzhi_leidianmac.data 2021-10-04 18:19 - 2019-03-19 15:52 - 000000000 ____D C:\Windows\ShellExperiences 2021-10-15 11:58 - 2021-10-15 11:58 - 000000000 ____D C:\Users\Pepega\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LDPlayer4 2021-10-03 18:36 - 2019-03-19 15:52 - 000000000 ____D C:\Windows\system32\oobe FirewallRules: [{D2BE48F9-4A26-495F-A434-C4289999EADD}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) 2021-10-24 20:41 - 2021-10-24 20:41 - 013884680 _____ (NortonLifeLock Inc.) C:\Users\Pepega\Downloads\NPE.exe reinstall aorus engine (1.92) and nvidia driver (457.09, full installation) from gigabyte official site. go to : C:\Program Files (x86)\GIGABYTE\AORUS LCD Panel Setting\Updater and run FWUpgrade.exe, you will see the progress and after completion, it will ask you to shutdown, click yes and the turn on the pc again. 2021-10-13 22:14 - 2021-10-07 19:28 - 000707712 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe Address: 17358 Railroad Street City of Industry, CA 91748 TEL: 1-626-8549338 Option 4 More Online Support How to find model name / serial number Detection Source: System go to : C:\Program Files (x86)\GIGABYTE\AORUS LCD Panel Setting\Updater and run FWUpgrade.exe, you will see the progress and after completion, 2021-10-02 22:59 - 2021-10-02 22:59 - 000000000 ____D C:\Program Files\WinRAR 2021-10-24 18:02 - 2021-10-24 20:25 - 000072704 _____ (Microsoft Windows Operating System) C:\Users\Pepega\AppData\Local\Update.exe CustomCLSID: HKU\S-1-5-21-326566074-3447909417-183555969-1001_Classes\CLSID\{917E8742-AA3B-7318-FA12-10485FB322A2}\localserver32 -> "C:\Users\Pepega\AppData\Local\Microsoft\OneDrive\21.170.0822.0002\Microsoft.SharePoint.exe" => No File 2021-10-16 20:46 - 2021-10-16 20:47 - 000000000 ____D C:\Users\Pepega\Documents\Adobe 2021-10-18 19:35 - 2021-10-24 14:56 - 000003152 _____ C:\Windows\system32\Tasks\NahimicSvc32Run 2021-10-02 23:25 - 2021-10-02 23:26 - 000000000 ____D C:\Windows\SysWOW64\1028 Task: {6ee54cdc-f0d4-4cad-be32-be99498e56b8} - no filepath Process Name: Unknown 2021-10-02 23:22 - 2021-10-02 23:26 - 000000000 ____D C:\Program Files (x86)\Windows Kits Task: {cd558596-f4ee-4e6a-a00e-029783722e00} - no filepath "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{b2522ebf-6a65-406b-9bc7-1ce57d2a2c7c}" => removed successfully "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{b44de6b6-1303-474b-bd1f-0c3e771de5d9}" => removed successfully 2021-10-02 23:04 - 2021-10-04 18:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePassXC 2021-10-04 10:59 - 2021-10-04 10:59 - 000000000 ____D C:\Tor Browser "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{b7e27570-3f72-4ac2-b2ec-fd92b54c3a60}" => removed successfully vs_filehandler_amd64 (HKLM-x32\\{D4617896-04FC-45D7-8355-2BA21BBB314F}) (Version: 17.0.31709 - Microsoft Corporation) Hidden 2021-10-24 20:41 - 2021-10-24 21:08 - 000119048 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SMR540.SYS RGB Fusion with Digital LEDs comes with 9 new patterns and various speed settings with more to come. Task: {3b6b25a5-1bf5-48bb-81f3-5e306db688ba} - no filepath (If an entry is included in the fixlist, it will be removed from the registry. WinAppDeploy (HKLM-x32\\{2ADF1977-BF31-E127-B651-AC28A8658317}) (Version: 10.1.19041.685 - Microsoft Corporation) Hidden (1/2) AORUS MASTER 3080 - Black scre | NVIDIA Task: {90b432e7-5c87-425c-9dd5-33099e0e41c9} - no filepath Task: {8a370bc5-d53d-4130-9a86-55745d7884c5} - no filepath "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7a44f97c-3b59-4a4b-a061-3e52f050d32e}" => removed successfully Task: {b30dbf6f-75b4-422c-82ed-f93cae0f7dec} - no filepath Edge Profile: C:\Users\Pepega\AppData\Local\Microsoft\Edge\User Data\Default [2021-10-24] 2021-10-02 23:44 - 2021-10-20 12:04 - 000000000 ____D C:\Users\Pepega\AppData\Roaming\Battle.net Restarting the service or rebooting the VM did not solved the problem. ==================== Security Center ======================== "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{634166c8-f3ba-4d37-96ef-8a18d9787a4e}" => removed successfully iCue causing system to hang/crash. - Page 4 - iCUE Microsoft Edge WebView2 Runtime (HKLM-x32\\Microsoft EdgeWebView) (Version: 95.0.1020.30 - Microsoft Corporation) right now the only solution i have is to run task manager or processhacker in the background of my pc as the miners have a script to stop mining whenever those exes are open 2021-10-24 14:31 - 2021-10-24 14:31 - 000000000 ____D C:\Program Files\MSBuild ========================================================== HKU\S-1-5-21-326566074-3447909417-183555969-1001\\StartupApproved\Run: => "Steam" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" Report Id: c4164c23-2f25-4c91-a107-f917df162ea7 2021-10-15 11:56 - 2021-10-15 11:56 - 000000000 ____D C:\LDPlayer Faulting package-relative application ID: 2021-10-18 21:04 - 2021-10-18 21:04 - 000000000 ____D C:\Users\Pepega\Documents\MAXON (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe 2021-10-02 23:07 - 2021-10-02 23:07 - 000000000 ____D C:\Users\Pepega\AppData\Local\tmp5qvbpq15.lck 2021-10-24 20:41 - 2021-10-24 20:41 - 000000000 ____D C:\Users\Pepega\AppData\Local\NPE FirewallRules: [{AEEC18B9-7BBC-4B9F-930A-C90FBE4F9195}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) But again, it could be just a temporary solution, and the miner would re-appear again. Python 3.9.5 Core Interpreter (64-bit symbols) (HKLM\\{7AE79937-D0A7-4D36-9965-5E91E22E5FFA}) (Version: 3.9.5150.0 - Python Software Foundation) Hidden (Wen Jia Liu -> wj32) C:\Program Files\Process Hacker 2\ProcessHacker.exe Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) 2021-10-04 11:39 - 2021-10-14 11:49 - 000058304 _____ (Intel Corporation ) C:\Windows\system32\Drivers\49306c4f52694e4557446c556347467a5a44673559566c4954584a44616c687152576c6a.sys Task: {ed48b1d9-cb70-4ae5-8deb-ce6ddd63422a} - no filepath (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe ========= "C:\Windows\SYSTEM32\lodctr.exe" /R ========= Faulting module path: C:\Windows\System32\KERNELBASE.dll Task: {d7495c49-8426-461c-8455-350522fba9cb} - no filepath Task: {48ae682f-228f-4e67-8aa4-854778a3a6a2} - no filepath HKU\S-1-5-21-326566074-3447909417-183555969-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141 2021-10-13 22:14 - 2021-10-07 19:29 - 000656512 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{013418b8-2dc1-4fb4-9c18-21dcfcb620cb}" => removed successfully I assume this one is for the gpu mining as my gpu is also being used on 100%, but i am not able to see which app is using 100%, as the miner has a script where it immediately stops mining when process hacker or task manager is opened, the only way i was able to tell that the gpu was being used at 100% was because of an app that the gpu manufacturer has provided FF ProfilePath: C:\Users\Pepega\AppData\Roaming\Mozilla\Firefox\Profiles\h4od9c6l.default [2021-10-05] Task: {634166c8-f3ba-4d37-96ef-8a18d9787a4e} - no filepath ENE_EHD_M2_HAL (HKLM-x32\\{54d3d2b5-db16-446d-b6dd-f4964b166b3b}) (Version: 1.0.8.13 - ENE TECHNOLOGY INC.) Hidden Task: {11dec036-7e8b-4b5b-906d-51876287d3d1} - no filepath 2021-10-20 14:50 - 2020-11-23 13:38 - 000475648 _____ (GIGABYTE Technology Co.,Ltd.) 2021-10-02 23:04 - 2021-09-14 14:39 - 002838384 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll I have set the service to constantly restart as eventually when it fails to restart it crashes my entire PC. at Miner.Clipboard+<>c__DisplayClass0_0.
No Limit Larry Cheating On His Wife,
How To Cut Chicken Nuggets For Babies,
Articles T