Jump to content

rvfet

Members
  • Posts

    5
  • Joined

  • Last visited

Posts posted by rvfet

  1. 6 hours ago, nasdaq said:

    Hi,

    Please download the attached Fixlist.txt file to  the same folder where the Farbar tool is running from.
    The location is listed in the 3rd line of the FRST.txt log you have submitted.

    Run FRST and click Fix only once and wait.

    The Computer will restart when the fix is completed.

    It will create a log (Fixlog.txt) please post it to your reply.
    ===

    If the problem persists and Chrome is Synced with other Devices reset it.

    https://forums.malwarebytes.com/topic/214325-chrome-secure-preferences-detection-always-comes-back/
    https://support.google.com/chrome/answer/185277

    Execute the suggested fix.

    Restart the computer normally.
    ===========

    Please post the Fixlog.txt and let me know what problem persists.

    fixlist.txt 2.14 kB · 2 downloads

    Hello Dear @nasdaq

    Sorry for disturbing you again and again.

    Its knda WORKED but not totally. When I Launch my game icsys.icn.exe named program runs. I saw it on task manager and i think its part of this malware because it has same logo,icon as other 2 .exe trojans. Its showing for a second and going away. And when I Launch Point Blank( the trigger game of trojan ) RogueKiller named Anti Malware Software starts screaming about explorer.exe but it doesn't showing in task manager. IDK what happens but i think this infection still continues. THANK YOU AGAIN for your patience and Here is Fixlog file:

    Fixlog.txt

  2. @nasdaq

    Hello. Thank you very much for giving me your time.

    FRST.TXT is :

     

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-01-2020
    Ran by RVFET (administrator) on RVFET (LENOVO 80XL) (21-01-2020 21:41:48)
    Running from C:\Users\Lenovo\Downloads\Programs
    Loaded Profiles: RVFET (Available Profiles: RVFET)
    Platform: Windows 10 Pro Version 1809 17763.973 (X64) Language: Russian (Russia)
    Default browser: Chrome
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    () [File not signed] C:\Program Files (x86)\arcai.com\netcut_windows.exe
    () [File not signed] C:\Users\Lenovo\AppData\Local\desktop.clipboard.manager\helper.exe
    (Adlice -> ) C:\Program Files\RogueKiller\RogueKiller64.exe
    (Adlice -> ) C:\Program Files\RogueKiller\RogueKillerSvc.exe
    (Arcai.com) [File not signed] C:\Program Files (x86)\arcai.com\aips.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler64.exe
    (INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.1725.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
    (INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.1725.0_x64__8j3eq9eme6ctt\IGCC.exe
    (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_f3a64c75ee4defb7\igfxCUIService.exe
    (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_f3a64c75ee4defb7\igfxEM.exe
    (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_38bfcb542ef4272e\IntelCpHDCPSvc.exe
    (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_38bfcb542ef4272e\IntelCpHeciSvc.exe
    (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
    (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
    (Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
    (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.19101.10711.0_x64__8wekyb3d8bbwe\Music.UI.exe
    (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19101.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
    (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
    (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\MsMpEng.exe
    (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\NisSrv.exe
    (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
    (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
    (Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
    (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
    (Tonec Inc. -> Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
    (Tonec Inc. -> Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMMsgHost.exe
    (Tonec Inc. -> Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe

    ==================== Registry (Whitelisted) ===================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKU\S-1-5-21-3102692137-1051397412-2829928562-1001\...\Run: [utweb] => C:\Users\Lenovo\AppData\Roaming\uTorrent Web\utweb.exe [5415128 2019-12-20] (Jenkins Win Client Build SPC -> BitTorrent Inc.) [File not signed]
    HKU\S-1-5-21-3102692137-1051397412-2829928562-1001\...\Run: [com.squirrel.splice.Splice] => C:\Users\Lenovo\AppData\Local\splice\app-3.5.91\Splice.exe
    HKU\S-1-5-21-3102692137-1051397412-2829928562-1001\...\Run: [Discord] => C:\Users\Lenovo\AppData\Local\Discord\app-0.0.305\Discord.exe [81780056 2019-03-07] (Discord Inc. -> Discord Inc.)
    HKU\S-1-5-21-3102692137-1051397412-2829928562-1001\...\Run: [Synaptics Pointing Device Driver] => C:\ProgramData\Synaptics\Synaptics.exe
    HKU\S-1-5-21-3102692137-1051397412-2829928562-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [4156272 2020-01-11] (Tonec Inc. -> Tonec Inc.)
    HKU\S-1-5-21-3102692137-1051397412-2829928562-1001\...\MountPoints2: {59690e13-0062-11ea-911f-9822eff9dd2e} - "E:\Autorun.exe" 
    HKU\S-1-5-21-3102692137-1051397412-2829928562-1001\...\MountPoints2: {b5a475f2-fee0-11e9-911e-9822eff9dd2e} - "E:\Autorun.exe" 
    HKU\S-1-5-21-3102692137-1051397412-2829928562-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [221184 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
    HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.117\Installer\chrmstp.exe [2020-01-09] (Google LLC -> Google LLC)
    FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

    ==================== Scheduled Tasks (Whitelisted) ============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {02BD875A-5B61-48D1-BD10-2F0AA6F8BFEB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-10-28] (Google Inc -> Google Inc.)
    Task: {1B9BD621-1D96-40A5-A666-72AAE44B5C44} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
    Task: {1C22D3D0-47A9-4E0C-8DC0-F82966685FD8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-10-28] (Google Inc -> Google Inc.)
    Task: {42C5313B-9007-47AE-99CB-AFE66866615A} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
    Task: {430134DD-4A9F-4FB7-A710-F02E4696AB20} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506376 2018-10-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
    Task: {4619B37F-5C9C-4295-9578-861099F6CD71} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2020-01-14] (Microsoft Windows Publisher -> Microsoft Corporation)
    Task: {5B0B7452-8AAC-4A73-ACCB-DC0F7EEA4310} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2020-01-14] (Microsoft Windows Publisher -> Microsoft Corporation)
    Task: {768B2508-97D0-4006-8790-0F053A3DA2CA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2020-01-14] (Microsoft Windows Publisher -> Microsoft Corporation)
    Task: {79FE8C20-76C4-41D6-A731-18AC5EF8BC55} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3102692137-1051397412-2829928562-1001 => C:\Users\Lenovo\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
    Task: {852E6360-4ACC-40F4-9FEA-020A3B27F440} - System32\Tasks\RtHDVBg_LENOVO_DOLBYDRAGON => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506376 2018-10-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
    Task: {9F5F1A68-5AAC-4020-9621-7F770615EDE2} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506376 2018-10-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
    Task: {AD6BDBF5-0FC2-4322-A8F1-DC818E18F964} - System32\Tasks\R@1n-KMS\Windows100Professional => wmic path SoftwareLicensingProduct where (ID="2de67392-b7a7-462a-b1ca-108dd189f588") call Activate
    Task: {BB1B3A02-1375-40FA-90AB-0715B3973B68} - System32\Tasks\Opera scheduled Autoupdate 1572704005 => C:\Users\Lenovo\AppData\Local\Programs\Opera\launcher.exe
    Task: {C9E065CB-16D2-408F-998D-116B08CB3A7C} - System32\Tasks\Opera scheduled assistant Autoupdate 1573107834 => C:\Users\Lenovo\AppData\Local\Programs\Opera\launcher.exe
    Task: {CF4EACBE-EFF1-4359-A8FE-4E221AC8FBAE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2020-01-14] (Microsoft Windows Publisher -> Microsoft Corporation)
    Task: {EFB47257-74CB-4FEE-9DF2-F4C503290744} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Tcpip\Parameters: [DhcpNameServer] 192.168.43.1
    Tcpip\..\Interfaces\{330c874a-834f-43ec-816c-497475b0b1a3}: [DhcpNameServer] 172.16.4.10 172.16.4.11
    Tcpip\..\Interfaces\{ee1de6fe-79d2-448c-aa45-8c14ce3a0298}: [DhcpNameServer] 192.168.43.1

    Internet Explorer:
    ==================
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
    HKU\S-1-5-21-3102692137-1051397412-2829928562-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.az/
    BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2019-11-28] (Tonec Inc. -> Internet Download Manager, Tonec Inc.)
    BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
    BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-11-12] (Microsoft Corporation -> Microsoft Corporation)
    BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2019-11-28] (Tonec Inc. -> Internet Download Manager, Tonec Inc.)
    BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
    BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-11-12] (Microsoft Corporation -> Microsoft Corporation)
    Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-11-10] (Microsoft Corporation -> Microsoft Corporation)
    Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-11-10] (Microsoft Corporation -> Microsoft Corporation)
    Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-11-10] (Microsoft Corporation -> Microsoft Corporation)
    Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-11-10] (Microsoft Corporation -> Microsoft Corporation)

    Edge: 
    ======
    DownloadDir: C:\Users\Lenovo\Downloads
    Edge Extension: (IDM Integration Module) -> EdgeExtension_TonecIncIDMIntegrationModule_e7b5mm5d3r6v2 => C:\Program Files\WindowsApps\TonecInc.IDMIntegrationModule_6.30.6.0_neutral__e7b5mm5d3r6v2 [2020-01-18]

    FireFox:
    ========
    FF HKU\S-1-5-21-3102692137-1051397412-2829928562-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Lenovo\AppData\Roaming\IDM\idmmzcc5
    FF Extension: (IDM CC) - C:\Users\Lenovo\AppData\Roaming\IDM\idmmzcc5 [2020-01-18] [Legacy] [not signed]
    FF HKU\S-1-5-21-3102692137-1051397412-2829928562-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
    FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-12-20] [Legacy]
    FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
    FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN -> VideoLAN)
    FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\3.0.40818.0\npctrl.dll [2009-08-17] (Microsoft Corporation ->  Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)

    Chrome: 
    =======
    CHR DefaultProfile: Default
    CHR DefaultSearchURL: Default -> hxxps://wordpress.com/calypso/images/manifest/icon-144x144.png?source=pwa
    CHR Notifications: Default -> hxxps://dashboard.tawk.to; hxxps://forums.malwarebytes.com; hxxps://web.whatsapp.com
    CHR Profile: C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default [2020-01-21]
    CHR Extension: (Google Translate) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2019-12-07]
    CHR Extension: (Slides) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-10-28]
    CHR Extension: (Just Black) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aghfnjkcakhmadgdomlmlhhaocbkloab [2019-12-04]
    CHR Extension: (Docs) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-10-28]
    CHR Extension: (Google Drive) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-10-28]
    CHR Extension: (MEGA) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2020-01-17]
    CHR Extension: (YouTube) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-10-28]
    CHR Extension: (Improve YouTube! (Open-Source for YouTube)) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnomihfieiccainjcjblhegjgglakjdd [2020-01-09]
    CHR Extension: (Stylus) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\clngdbkpkpeebahjckkjfobafhncgmne [2019-12-08]
    CHR Extension: (Tampermonkey) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2019-12-01]
    CHR Extension: (AHA Music - Music Identifier) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpacanjfikmhoddligfbehkpomnbgblf [2019-12-01]
    CHR Extension: (Copyfish 🐟 Free OCR Software) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\eenjdnjldapjajjofmldgmkjaienebbj [2019-12-28]
    CHR Extension: (Sheets) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-10-28]
    CHR Extension: (Nano Adblocker) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gabbbocakeomblphkmmnoamkioajlkfo [2020-01-03]
    CHR Extension: (Nano Defender) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggolfgbegefeeoocgjbmkembbncoadlb [2020-01-14]
    CHR Extension: (Google Docs Offline) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-16]
    CHR Extension: (Hola Free VPN Proxy Unblocker) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2020-01-19]
    CHR Extension: (WordPress.com) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jngpdldinpkemppfmelfbicfhdgemjca [2019-11-02]
    CHR Extension: (Direct Message for Instagram™) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdpgppkombninhkfhaggckdmencplhmg [2019-12-17]
    CHR Extension: (IDM Integration Module) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2020-01-18]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-28]
    CHR Extension: (Gmail) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-10-28]
    CHR Extension: (Chrome Media Router) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-15]
    CHR Extension: (Clipboard History Manager) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkigjgihlaonoomgjgannieikjecdhil [2019-12-26]
    CHR Extension: (Chrome Update) - C:\Users\Lenovo\Desktop\Coding\ChromeVirus [2019-12-16]
    CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2020-01-11]
    CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2020-01-11]

    ==================== Services (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 AIPS; C:\Program Files (x86)\arcai.com\aips.exe [2677760 2018-05-11] (Arcai.com) [File not signed]
    R2 AtherosSvc; C:\Windows\System32\drivers\AdminService.exe [406504 2018-07-29] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
    R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6960640 2020-01-17] (Malwarebytes Inc -> Malwarebytes)
    S2 MEmuSVC; C:\Program Files (x86)\Microvirt\MEmu\MemuService.exe [85304 2019-07-02] (Shanghai Microvirt Software Technology Co., Ltd. -> )
    R2 QcomWlanSrv; C:\Windows\System32\drivers\QcomWlanSrvx64.exe [190808 2018-07-29] (Qualcomm Atheros -> Qualcomm Technologies Inc.)
    R2 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [16576568 2020-01-06] (Adlice -> )
    S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
    R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [268336 2018-10-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
    S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5378320 2019-11-24] (Microsoft Windows Publisher -> Microsoft Corporation)
    S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [694016 2019-10-10] (Oracle Corporation -> Oracle Corporation)
    R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2020-01-14] (Microsoft Windows Publisher -> Microsoft Corporation)
    R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2020-01-14] (Microsoft Windows Publisher -> Microsoft Corporation)
    R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

    ===================== Drivers (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [218288 2020-01-17] (Malwarebytes Inc -> Malwarebytes)
    S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [20936 2020-01-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
    R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248968 2020-01-17] (Malwarebytes Inc -> Malwarebytes)
    R1 MEmuDrv; C:\Windows\system32\DRIVERS\MEmuDrv.sys [319192 2019-09-21] (Shanghai Microvirt Software Technology Co., Ltd. -> Maiwei Corporation)
    R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
    R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvlt.inf_amd64_a061a5d566db3269\nvlddmkm.sys [17038280 2018-03-16] (NVIDIA Corporation -> NVIDIA Corporation)
    R3 Qcamain10x64; C:\Windows\System32\drivers\Qcamain10x64.sys [2355544 2018-07-29] (Qualcomm Atheros -> Qualcomm Atheros, Inc.)
    U3 RkFlt; C:\Windows\System32\drivers\rkflt.sys [40288 2020-01-20] (Adlice -> Windows (R) Win 7 DDK provider)
    R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [605696 2018-09-15] (Microsoft Windows -> Realtek )
    R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [3236320 2017-11-07] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
    S3 tap0901; C:\Windows\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
    U3 TrueSight; C:\Windows\System32\drivers\truesight.sys [28272 2020-01-20] (Adlice -> )
    R3 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [237376 2019-10-11] (Oracle Corporation -> Oracle Corporation)
    R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [248464 2019-10-11] (Oracle Corporation -> Oracle Corporation)
    S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [45664 2020-01-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
    R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [355760 2020-01-14] (Microsoft Windows -> Microsoft Corporation)
    R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [54192 2020-01-14] (Microsoft Windows -> Microsoft Corporation)
    S1 ghfyxhnd; \??\C:\Windows\system32\drivers\ghfyxhnd.sys [X]
    S3 massfilter; system32\drivers\massfilter.sys [X]
    S3 ZTEusbmdm6k; \SystemRoot\system32\DRIVERS\ZTEusbmdm6k.sys [X]
    S3 ZTEusbnmea; \SystemRoot\system32\DRIVERS\ZTEusbnmea.sys [X]
    S3 ZTEusbser6k; \SystemRoot\system32\DRIVERS\ZTEusbser6k.sys [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One month (created) ===================

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2020-01-21 21:40 - 2020-01-21 21:42 - 000000000 ____D C:\FRST
    2020-01-21 21:30 - 2020-01-21 21:30 - 000000000 ____D C:\Users\Lenovo\Desktop\Resources
    2020-01-21 21:14 - 2020-01-21 21:14 - 000000000 ____D C:\Users\Lenovo\Downloads\Compressed
    2020-01-21 20:37 - 2020-01-21 20:37 - 000085367 _____ C:\Users\Lenovo\Desktop\best trap that i made backup.flp
    2020-01-21 20:36 - 2020-01-21 21:03 - 000086069 _____ C:\Users\Lenovo\Desktop\best trap that i made.flp
    2020-01-20 21:44 - 2020-01-20 21:44 - 000040288 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\rkflt.sys
    2020-01-20 16:09 - 2020-01-20 21:44 - 000028272 _____ C:\Windows\system32\Drivers\truesight.sys
    2020-01-19 23:58 - 2020-01-19 23:58 - 056052151 _____ C:\Users\Lenovo\Desktop\Point Blank 2019-12-26.mkv
    2020-01-18 14:04 - 2020-01-21 21:14 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\IDM
    2020-01-18 14:04 - 2020-01-19 12:10 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\DMCache
    2020-01-18 14:04 - 2020-01-18 14:04 - 000000000 ____D C:\Users\Все пользователи\IDM
    2020-01-18 14:04 - 2020-01-18 14:04 - 000000000 ____D C:\ProgramData\IDM
    2020-01-18 14:03 - 2020-01-20 16:28 - 000000000 ____D C:\Users\Все пользователи\RogueKiller
    2020-01-18 14:03 - 2020-01-20 16:28 - 000000000 ____D C:\ProgramData\RogueKiller
    2020-01-18 14:03 - 2020-01-18 14:03 - 000000899 _____ C:\Users\Public\Desktop\RogueKiller.lnk
    2020-01-18 14:03 - 2020-01-18 14:03 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
    2020-01-18 14:03 - 2020-01-18 14:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
    2020-01-18 14:02 - 2020-01-18 14:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
    2020-01-18 14:02 - 2020-01-18 14:03 - 000000000 ____D C:\Program Files\RogueKiller
    2020-01-18 12:12 - 2020-01-19 23:58 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\avidemux
    2020-01-18 12:12 - 2020-01-18 12:12 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avidemux 2.7 VC++ 64bits
    2020-01-18 12:12 - 2020-01-18 12:12 - 000000000 ____D C:\Users\Lenovo\AppData\Local\avidemux
    2020-01-18 12:12 - 2020-01-18 12:12 - 000000000 ____D C:\Program Files\Avidemux 2.7 VC++ 64bits
    2020-01-17 21:13 - 2020-01-17 21:13 - 000248968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
    2020-01-17 21:13 - 2020-01-17 21:13 - 000218288 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
    2020-01-17 17:28 - 2020-01-17 17:28 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
    2020-01-17 17:28 - 2020-01-17 17:28 - 000000000 ____D C:\Users\Lenovo\AppData\Local\mbamtray
    2020-01-17 17:28 - 2020-01-17 17:28 - 000000000 ____D C:\Users\Lenovo\AppData\Local\mbam
    2020-01-17 17:28 - 2020-01-17 17:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
    2020-01-17 17:28 - 2020-01-17 17:27 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
    2020-01-17 17:28 - 2020-01-17 17:27 - 000020936 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
    2020-01-17 17:27 - 2020-01-17 17:27 - 000000000 ____D C:\Users\Все пользователи\Malwarebytes
    2020-01-17 17:27 - 2020-01-17 17:27 - 000000000 ____D C:\ProgramData\Malwarebytes
    2020-01-17 17:22 - 2020-01-17 17:22 - 000000000 ____D C:\Program Files\Malwarebytes
    2020-01-17 17:12 - 2020-01-17 17:12 - 000000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job
    2020-01-17 17:11 - 2020-01-17 17:13 - 000241828 _____ C:\Windows\ntbtlog.txt
    2020-01-17 16:45 - 2019-12-10 13:37 - 000012800 _____ C:\Windows\SysWOW64\xxxxx.dll
    2020-01-17 16:28 - 2020-01-17 16:28 - 000000000 __SHD C:\Users\Lenovo\AppData\Roaming\WinSl
    2020-01-17 16:27 - 2020-01-17 17:54 - 000000000 __SHD C:\Users\Все пользователи\Synaptics
    2020-01-17 16:27 - 2020-01-17 17:54 - 000000000 __SHD C:\ProgramData\Synaptics
    2020-01-15 18:15 - 2020-01-15 18:15 - 000360798 _____ C:\Users\Lenovo\Documents\History of Az. Tests-500.pdf
    2020-01-15 17:39 - 2020-01-15 17:39 - 009668408 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
    2020-01-15 17:39 - 2020-01-15 17:39 - 008905728 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
    2020-01-15 17:39 - 2020-01-15 17:39 - 007922688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
    2020-01-15 17:39 - 2020-01-15 17:39 - 006543736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
    2020-01-15 17:39 - 2020-01-15 17:39 - 005436696 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
    2020-01-15 17:39 - 2020-01-15 17:39 - 004588544 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
    2020-01-15 17:39 - 2020-01-15 17:39 - 002469440 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
    2020-01-15 17:39 - 2020-01-15 17:39 - 002323896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
    2020-01-15 17:39 - 2020-01-15 17:39 - 001721144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll
    2020-01-15 17:39 - 2020-01-15 17:39 - 001708544 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
    2020-01-15 17:39 - 2020-01-15 17:39 - 001701888 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
    2020-01-15 17:39 - 2020-01-15 17:39 - 001677088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
    2020-01-15 17:39 - 2020-01-15 17:39 - 001665712 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
    2020-01-15 17:39 - 2020-01-15 17:39 - 001484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
    2020-01-15 17:39 - 2020-01-15 17:39 - 001200920 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
    2020-01-15 17:39 - 2020-01-15 17:39 - 000949248 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
    2020-01-15 17:39 - 2020-01-15 17:39 - 000878080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
    2020-01-15 17:39 - 2020-01-15 17:39 - 000842752 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
    2020-01-15 17:39 - 2020-01-15 17:39 - 000817152 _____ (Microsoft Corporation) C:\Windows\system32\MdmDiagnostics.dll
    2020-01-15 17:39 - 2020-01-15 17:39 - 000687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
    2020-01-15 17:39 - 2020-01-15 17:39 - 000673792 _____ (Microsoft Corporation) C:\Windows\system32\wiaaut.dll
    2020-01-15 17:39 - 2020-01-15 17:39 - 000663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
    2020-01-15 17:39 - 2020-01-15 17:39 - 000651776 _____ (Microsoft Corporation) C:\Windows\system32\wiaservc.dll
    2020-01-15 17:39 - 2020-01-15 17:39 - 000578560 _____ (Microsoft Corporation) C:\Windows\system32\SppExtComObj.Exe
    2020-01-15 17:39 - 2020-01-15 17:39 - 000572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wiaaut.dll
    2020-01-15 17:39 - 2020-01-15 17:39 - 000541264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
    2020-01-15 17:39 - 2020-01-15 17:39 - 000410616 _____ (Microsoft Corporation) C:\Windows\system32\tsmf.dll
    2020-01-15 17:39 - 2020-01-15 17:39 - 000350416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsmf.dll
    2020-01-15 17:39 - 2020-01-15 17:39 - 000326144 _____ (Microsoft Corporation) C:\Windows\system32\DiagnosticLogCSP.dll
    2020-01-15 17:39 - 2020-01-15 17:39 - 000322048 _____ (Microsoft Corporation) C:\Windows\system32\sti.dll
    2020-01-15 17:39 - 2020-01-15 17:39 - 000315904 _____ (Microsoft Corporation) C:\Windows\system32\ConhostV1.dll
    2020-01-15 17:39 - 2020-01-15 17:39 - 000228864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sti.dll
    2020-01-15 17:39 - 2020-01-15 17:39 - 000189440 _____ (Microsoft Corporation) C:\Windows\system32\sti_ci.dll
    2020-01-15 17:39 - 2020-01-15 17:39 - 000154976 _____ (Microsoft Corporation) C:\Windows\system32\dmcmnutils.dll
    2020-01-15 17:39 - 2020-01-15 17:39 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\MDMAppInstaller.exe
    2020-01-15 17:39 - 2020-01-15 17:39 - 000145920 _____ (Microsoft Corporation) C:\Windows\system32\wiadss.dll
    2020-01-15 17:39 - 2020-01-15 17:39 - 000124416 _____ (Microsoft Corporation) C:\Windows\system32\cryptcatsvc.dll
    2020-01-15 17:39 - 2020-01-15 17:39 - 000122568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmcmnutils.dll
    2020-01-15 17:39 - 2020-01-15 17:39 - 000119808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wiadss.dll
    2020-01-15 17:39 - 2020-01-15 17:39 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\enterpriseresourcemanager.dll
    2020-01-15 17:39 - 2020-01-15 17:39 - 000083968 _____ (Microsoft Corporation) C:\Windows\system32\wiarpc.dll
    2020-01-15 17:39 - 2020-01-15 17:39 - 000066560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\enterpriseresourcemanager.dll
    2020-01-15 17:39 - 2020-01-15 17:39 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\LSCSHostPolicy.dll
    2020-01-15 17:39 - 2020-01-15 17:39 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
    2020-01-15 17:38 - 2020-01-15 17:38 - 007645392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
    2020-01-15 17:38 - 2020-01-15 17:38 - 003637248 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
    2020-01-15 17:38 - 2020-01-15 17:38 - 002707968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
    2020-01-15 17:38 - 2020-01-15 17:38 - 002419712 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
    2020-01-15 17:38 - 2020-01-15 17:38 - 002149160 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
    2020-01-15 17:38 - 2020-01-15 17:38 - 001936520 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
    2020-01-15 17:38 - 2020-01-15 17:38 - 001670800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
    2020-01-15 17:38 - 2020-01-15 17:38 - 001258296 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
    2020-01-15 17:38 - 2020-01-15 17:38 - 001084416 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
    2020-01-15 17:38 - 2020-01-15 17:38 - 001050624 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
    2020-01-15 17:38 - 2020-01-15 17:38 - 001049400 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
    2020-01-15 17:38 - 2020-01-15 17:38 - 000930816 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
    2020-01-15 17:38 - 2020-01-15 17:38 - 000839680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
    2020-01-15 17:38 - 2020-01-15 17:38 - 000677144 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
    2020-01-15 17:38 - 2020-01-15 17:38 - 000405304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
    2020-01-15 17:38 - 2020-01-15 17:38 - 000378368 _____ (Microsoft Corporation) C:\Windows\system32\provengine.dll
    2020-01-15 17:38 - 2020-01-15 17:38 - 000289792 _____ (Microsoft Corporation) C:\Windows\system32\provops.dll
    2020-01-15 17:38 - 2020-01-15 17:38 - 000228864 _____ (Microsoft Corporation) C:\Windows\system32\provisioningcsp.dll
    2020-01-15 17:38 - 2020-01-15 17:38 - 000145920 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
    2020-01-15 17:38 - 2020-01-15 17:38 - 000132608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tsusbhub.sys
    2020-01-15 17:38 - 2020-01-15 17:38 - 000083456 _____ (Microsoft Corporation) C:\Windows\system32\provtool.exe
    2020-01-15 17:38 - 2020-01-15 17:38 - 000073728 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
    2020-01-15 17:38 - 2020-01-15 17:38 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin
    2020-01-15 17:38 - 2020-01-15 17:38 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin
    2020-01-15 17:38 - 2020-01-15 17:38 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin
    2020-01-15 17:38 - 2020-01-15 17:38 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin
    2020-01-15 17:38 - 2020-01-15 17:38 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin
    2020-01-15 17:38 - 2020-01-15 17:38 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin
    2020-01-15 17:38 - 2020-01-15 17:38 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin
    2020-01-15 17:38 - 2020-01-15 17:38 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin
    2020-01-13 01:16 - 2020-01-20 17:53 - 000001729 _____ C:\Users\Lenovo\Desktop\TAM.lnk
    2020-01-13 01:15 - 2020-01-13 01:15 - 000001154 _____ C:\Users\Lenovo\Desktop\Beyond Limits.lnk
    2020-01-13 00:46 - 2020-01-13 00:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
    2020-01-13 00:46 - 2020-01-13 00:46 - 000000000 ____D C:\Program Files\Recuva
    2020-01-12 23:38 - 2020-01-12 23:38 - 000289792 _____ C:\Users\Lenovo\Documents\AgPerfMon.dll
    2020-01-11 21:16 - 2018-12-20 15:05 - 000229296 _____ (Tonec Inc.) C:\Windows\system32\Drivers\idmwfp.sys
    2020-01-11 14:44 - 2020-01-11 14:44 - 000000265 _____ C:\Users\Все пользователи\SoundToys_Problem_Log.txt
    2020-01-11 14:44 - 2020-01-11 14:44 - 000000265 _____ C:\ProgramData\SoundToys_Problem_Log.txt
    2020-01-10 03:35 - 2020-01-10 03:35 - 000000000 ____D C:\Zepetto
    2020-01-09 16:27 - 2020-01-20 21:44 - 000002242 _____ C:\Users\Lenovo\Desktop\Discord.lnk
    2020-01-09 16:27 - 2020-01-20 18:23 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Discord
    2020-01-09 16:27 - 2020-01-09 16:27 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
    2020-01-09 16:26 - 2020-01-09 16:27 - 000000000 ____D C:\Users\Lenovo\AppData\Local\Discord
    2020-01-09 00:00 - 2010-06-02 04:55 - 000527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
    2020-01-09 00:00 - 2010-06-02 04:55 - 000518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
    2020-01-09 00:00 - 2010-06-02 04:55 - 000239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
    2020-01-09 00:00 - 2010-06-02 04:55 - 000176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
    2020-01-09 00:00 - 2010-06-02 04:55 - 000077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
    2020-01-09 00:00 - 2010-06-02 04:55 - 000074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
    2020-01-09 00:00 - 2010-05-26 11:41 - 002526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
    2020-01-09 00:00 - 2010-05-26 11:41 - 002401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
    2020-01-09 00:00 - 2010-05-26 11:41 - 002106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
    2020-01-09 00:00 - 2010-05-26 11:41 - 001998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
    2020-01-09 00:00 - 2010-05-26 11:41 - 001907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
    2020-01-09 00:00 - 2010-05-26 11:41 - 001868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
    2020-01-09 00:00 - 2010-05-26 11:41 - 000511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
    2020-01-09 00:00 - 2010-05-26 11:41 - 000470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
    2020-01-09 00:00 - 2010-05-26 11:41 - 000276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
    2020-01-09 00:00 - 2010-05-26 11:41 - 000248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
    2020-01-09 00:00 - 2010-02-04 10:01 - 000530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
    2020-01-09 00:00 - 2010-02-04 10:01 - 000528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
    2020-01-09 00:00 - 2010-02-04 10:01 - 000238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
    2020-01-09 00:00 - 2010-02-04 10:01 - 000176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
    2020-01-09 00:00 - 2010-02-04 10:01 - 000078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
    2020-01-09 00:00 - 2010-02-04 10:01 - 000074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
    2020-01-09 00:00 - 2010-02-04 10:01 - 000024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
    2020-01-09 00:00 - 2010-02-04 10:01 - 000022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
    2020-01-09 00:00 - 2009-09-04 17:44 - 000517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
    2020-01-09 00:00 - 2009-09-04 17:44 - 000515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
    2020-01-09 00:00 - 2009-09-04 17:44 - 000238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
    2020-01-09 00:00 - 2009-09-04 17:44 - 000176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
    2020-01-09 00:00 - 2009-09-04 17:44 - 000073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
    2020-01-09 00:00 - 2009-09-04 17:44 - 000069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
    2020-01-09 00:00 - 2009-09-04 17:29 - 005554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
    2020-01-09 00:00 - 2009-09-04 17:29 - 005501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
    2020-01-09 00:00 - 2009-09-04 17:29 - 002582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
    2020-01-09 00:00 - 2009-09-04 17:29 - 002475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
    2020-01-09 00:00 - 2009-09-04 17:29 - 001974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
    2020-01-09 00:00 - 2009-09-04 17:29 - 001892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
    2020-01-09 00:00 - 2009-09-04 17:29 - 000523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
    2020-01-09 00:00 - 2009-09-04 17:29 - 000453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
    2020-01-09 00:00 - 2009-09-04 17:29 - 000285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
    2020-01-09 00:00 - 2009-09-04 17:29 - 000235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
    2020-01-09 00:00 - 2009-03-16 14:18 - 000521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
    2020-01-09 00:00 - 2009-03-16 14:18 - 000517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
    2020-01-09 00:00 - 2009-03-16 14:18 - 000235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
    2020-01-09 00:00 - 2009-03-16 14:18 - 000174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
    2020-01-09 00:00 - 2009-03-16 14:18 - 000024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
    2020-01-09 00:00 - 2009-03-16 14:18 - 000022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
    2020-01-09 00:00 - 2009-03-09 15:27 - 005425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
    2020-01-09 00:00 - 2009-03-09 15:27 - 004178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
    2020-01-09 00:00 - 2009-03-09 15:27 - 002430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
    2020-01-09 00:00 - 2009-03-09 15:27 - 001846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
    2020-01-09 00:00 - 2009-03-09 15:27 - 000520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
    2020-01-09 00:00 - 2009-03-09 15:27 - 000453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
    2020-01-09 00:00 - 2008-10-27 10:04 - 000518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
    2020-01-09 00:00 - 2008-10-27 10:04 - 000514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
    2020-01-09 00:00 - 2008-10-27 10:04 - 000235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
    2020-01-09 00:00 - 2008-10-27 10:04 - 000175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
    2020-01-09 00:00 - 2008-10-27 10:04 - 000074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
    2020-01-09 00:00 - 2008-10-27 10:04 - 000070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
    2020-01-09 00:00 - 2008-10-27 10:04 - 000025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
    2020-01-09 00:00 - 2008-10-27 10:04 - 000023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
    2020-01-09 00:00 - 2008-10-10 04:52 - 005631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
    2020-01-09 00:00 - 2008-10-10 04:52 - 004379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
    2020-01-09 00:00 - 2008-10-10 04:52 - 002605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
    2020-01-09 00:00 - 2008-10-10 04:52 - 002036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
    2020-01-09 00:00 - 2008-10-10 04:52 - 000519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
    2020-01-09 00:00 - 2008-10-10 04:52 - 000452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
    2020-01-09 00:00 - 2008-07-31 10:41 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
    2020-01-09 00:00 - 2008-07-31 10:41 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
    2020-01-09 00:00 - 2008-07-31 10:41 - 000072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
    2020-01-09 00:00 - 2008-07-31 10:41 - 000068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
    2020-01-09 00:00 - 2008-07-31 10:40 - 000513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
    2020-01-09 00:00 - 2008-07-31 10:40 - 000509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
    2020-01-09 00:00 - 2008-07-10 11:01 - 000467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
    2020-01-09 00:00 - 2008-07-10 11:00 - 004992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
    2020-01-09 00:00 - 2008-07-10 11:00 - 003851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
    2020-01-09 00:00 - 2008-07-10 11:00 - 001942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
    2020-01-09 00:00 - 2008-07-10 11:00 - 001493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
    2020-01-09 00:00 - 2008-07-10 11:00 - 000540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
    2020-01-09 00:00 - 2008-05-30 14:19 - 000511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
    2020-01-09 00:00 - 2008-05-30 14:19 - 000507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
    2020-01-09 00:00 - 2008-05-30 14:18 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
    2020-01-09 00:00 - 2008-05-30 14:18 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
    2020-01-09 00:00 - 2008-05-30 14:17 - 000068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
    2020-01-09 00:00 - 2008-05-30 14:17 - 000065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
    2020-01-09 00:00 - 2008-05-30 14:17 - 000025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
    2020-01-09 00:00 - 2008-05-30 14:16 - 000028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
    2020-01-09 00:00 - 2008-05-30 14:11 - 004991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
    2020-01-09 00:00 - 2008-05-30 14:11 - 003850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
    2020-01-09 00:00 - 2008-05-30 14:11 - 001941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
    2020-01-09 00:00 - 2008-05-30 14:11 - 001491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
    2020-01-09 00:00 - 2008-05-30 14:11 - 000540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
    2020-01-09 00:00 - 2008-05-30 14:11 - 000467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
    2020-01-09 00:00 - 2008-03-05 16:04 - 000489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
    2020-01-09 00:00 - 2008-03-05 16:03 - 000479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
    2020-01-09 00:00 - 2008-03-05 16:03 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
    2020-01-09 00:00 - 2008-03-05 16:03 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
    2020-01-09 00:00 - 2008-03-05 16:00 - 000028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
    2020-01-09 00:00 - 2008-03-05 16:00 - 000025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
    2020-01-09 00:00 - 2008-03-05 15:56 - 004910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
    2020-01-09 00:00 - 2008-03-05 15:56 - 003786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
    2020-01-09 00:00 - 2008-03-05 15:56 - 001860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
    2020-01-09 00:00 - 2008-03-05 15:56 - 001420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
    2020-01-09 00:00 - 2008-02-05 23:07 - 000529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
    2020-01-09 00:00 - 2008-02-05 23:07 - 000462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
    2020-01-09 00:00 - 2007-10-22 03:40 - 000411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
    2020-01-09 00:00 - 2007-10-22 03:39 - 000267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
    2020-01-09 00:00 - 2007-10-22 03:37 - 000021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
    2020-01-09 00:00 - 2007-10-22 03:37 - 000017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
    2020-01-09 00:00 - 2007-10-12 15:14 - 005081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
    2020-01-09 00:00 - 2007-10-12 15:14 - 003734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
    2020-01-09 00:00 - 2007-10-12 15:14 - 002006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
    2020-01-09 00:00 - 2007-10-12 15:14 - 001374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
    2020-01-09 00:00 - 2007-10-02 09:56 - 000508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
    2020-01-09 00:00 - 2007-10-02 09:56 - 000444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
    2020-01-09 00:00 - 2007-07-20 00:57 - 000411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
    2020-01-09 00:00 - 2007-07-20 00:57 - 000267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
    2020-01-09 00:00 - 2007-07-19 18:14 - 005073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
    2020-01-09 00:00 - 2007-07-19 18:14 - 003727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
    2020-01-09 00:00 - 2007-07-19 18:14 - 001985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
    2020-01-09 00:00 - 2007-07-19 18:14 - 001358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
    2020-01-09 00:00 - 2007-07-19 18:14 - 000508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
    2020-01-09 00:00 - 2007-07-19 18:14 - 000444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
    2020-01-09 00:00 - 2007-06-20 20:49 - 000409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
    2020-01-09 00:00 - 2007-06-20 20:46 - 000266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
    2020-01-09 00:00 - 2007-05-16 16:45 - 004496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
    2020-01-09 00:00 - 2007-05-16 16:45 - 003497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
    2020-01-09 00:00 - 2007-05-16 16:45 - 001401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
    2020-01-09 00:00 - 2007-05-16 16:45 - 001124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
    2020-01-09 00:00 - 2007-05-16 16:45 - 000506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
    2020-01-09 00:00 - 2007-05-16 16:45 - 000443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
    2020-01-09 00:00 - 2007-04-04 18:55 - 000403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
    2020-01-09 00:00 - 2007-04-04 18:55 - 000261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
    2020-01-09 00:00 - 2007-04-04 18:54 - 000107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
    2020-01-09 00:00 - 2007-04-04 18:53 - 000081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
    2020-01-09 00:00 - 2007-03-15 16:57 - 000506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
    2020-01-09 00:00 - 2007-03-15 16:57 - 000443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
    2020-01-09 00:00 - 2007-03-12 16:42 - 004494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
    2020-01-09 00:00 - 2007-03-12 16:42 - 003495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
    2020-01-09 00:00 - 2007-03-12 16:42 - 001400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
    2020-01-09 00:00 - 2007-03-12 16:42 - 001123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
    2020-01-09 00:00 - 2007-03-05 12:42 - 000017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
    2020-01-09 00:00 - 2007-03-05 12:42 - 000015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
    2020-01-09 00:00 - 2007-01-24 15:27 - 000393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
    2020-01-09 00:00 - 2007-01-24 15:27 - 000255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
    2020-01-09 00:00 - 2006-12-08 12:02 - 000251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
    2020-01-09 00:00 - 2006-12-08 12:00 - 000390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
    2020-01-09 00:00 - 2006-11-29 13:06 - 004398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
    2020-01-09 00:00 - 2006-11-29 13:06 - 003426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
    2020-01-09 00:00 - 2006-11-29 13:06 - 000469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
    2020-01-09 00:00 - 2006-11-29 13:06 - 000440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
    2020-01-09 00:00 - 2006-09-28 16:05 - 003977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
    2020-01-09 00:00 - 2006-09-28 16:05 - 002414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
    2020-01-09 00:00 - 2006-09-28 16:05 - 000237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
    2020-01-09 00:00 - 2006-09-28 16:04 - 000364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
    2020-01-09 00:00 - 2006-07-28 09:31 - 000083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
    2020-01-09 00:00 - 2006-07-28 09:30 - 000363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
    2020-01-09 00:00 - 2006-07-28 09:30 - 000236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
    2020-01-09 00:00 - 2006-07-28 09:30 - 000062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
    2020-01-08 23:59 - 2006-05-31 07:24 - 000230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
    2020-01-08 23:59 - 2006-05-31 07:22 - 000354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
    2020-01-08 23:59 - 2006-03-31 12:41 - 003927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
    2020-01-08 23:59 - 2006-03-31 12:40 - 002388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
    2020-01-08 23:59 - 2006-03-31 12:40 - 000352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
    2020-01-08 23:59 - 2006-03-31 12:39 - 000229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
    2020-01-08 23:59 - 2006-03-31 12:39 - 000083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
    2020-01-08 23:59 - 2006-03-31 12:39 - 000062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
    2020-01-08 23:59 - 2006-02-03 08:43 - 003830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
    2020-01-08 23:59 - 2006-02-03 08:43 - 002332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
    2020-01-08 23:59 - 2006-02-03 08:42 - 000355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
    2020-01-08 23:59 - 2006-02-03 08:42 - 000230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
    2020-01-08 23:59 - 2006-02-03 08:41 - 000016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
    2020-01-08 23:59 - 2006-02-03 08:41 - 000014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
    2020-01-08 23:59 - 2005-12-05 18:09 - 003815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
    2020-01-08 23:59 - 2005-12-05 18:09 - 002323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
    2020-01-08 23:59 - 2005-07-22 19:59 - 003807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
    2020-01-08 23:59 - 2005-07-22 19:59 - 002319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
    2020-01-08 23:59 - 2005-05-26 15:34 - 003767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
    2020-01-08 23:59 - 2005-05-26 15:34 - 002297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
    2020-01-08 23:59 - 2005-03-18 17:19 - 003823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
    2020-01-08 23:59 - 2005-03-18 17:19 - 002337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
    2020-01-08 23:59 - 2005-02-05 19:45 - 003544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
    2020-01-08 23:59 - 2005-02-05 19:45 - 002222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
    2020-01-08 23:43 - 2020-01-09 00:00 - 000000000 ____D C:\Windows\SysWOW64\directx
    2020-01-08 23:43 - 2020-01-08 23:59 - 000000000 ___HD C:\Windows\msdownld.tmp
    2020-01-06 19:56 - 2020-01-06 20:08 - 000000000 ____D C:\Program Files (x86)\Airy Team
    2020-01-06 19:56 - 2020-01-06 19:56 - 000000000 ____D C:\Users\Все пользователи\AutoUpdate
    2020-01-06 19:56 - 2020-01-06 19:56 - 000000000 ____D C:\Users\Все пользователи\Airy Team
    2020-01-06 19:56 - 2020-01-06 19:56 - 000000000 ____D C:\ProgramData\AutoUpdate
    2020-01-06 19:56 - 2020-01-06 19:56 - 000000000 ____D C:\ProgramData\Airy Team
    2020-01-06 18:45 - 2020-01-06 18:45 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\iZotope
    2020-01-06 18:35 - 2020-01-06 18:44 - 000000000 ____D C:\Users\Lenovo\Documents\iZotope
    2020-01-06 18:35 - 2020-01-06 18:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iZotope
    2020-01-06 18:33 - 2020-01-06 18:35 - 000000000 ____D C:\Program Files (x86)\iZotope
    2020-01-06 18:09 - 2020-01-06 18:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\SoundToys
    2020-01-06 18:09 - 2020-01-06 18:09 - 000000000 ____D C:\Program Files (x86)\Soundtoys
    2020-01-06 18:08 - 2020-01-06 18:08 - 000000000 ____D C:\Users\Все пользователи\AudioUTOPiA
    2020-01-06 18:08 - 2020-01-06 18:08 - 000000000 ____D C:\Users\Public\Documents\Soundtoys
    2020-01-06 18:08 - 2020-01-06 18:08 - 000000000 ____D C:\ProgramData\AudioUTOPiA
    2020-01-05 11:36 - 2020-01-14 23:17 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\obs-studio
    2020-01-05 11:24 - 2020-01-05 11:24 - 000001052 _____ C:\Users\Public\Desktop\OBS Studio.lnk
    2020-01-05 11:24 - 2020-01-05 11:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
    2020-01-05 11:24 - 2020-01-05 11:24 - 000000000 ____D C:\Program Files\obs-studio
    2020-01-05 00:32 - 2020-01-05 11:18 - 000000000 ____D C:\Users\Lenovo\Documents\Splice
    2020-01-05 00:30 - 2020-01-05 20:12 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Splice
    2020-01-05 00:30 - 2020-01-05 00:30 - 000000000 ____D C:\Users\Lenovo\AppData\Local\IsolatedStorage
    2020-01-05 00:29 - 2020-01-05 20:12 - 000000000 ____D C:\Users\Lenovo\AppData\Local\splice
    2020-01-05 00:29 - 2020-01-05 20:09 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Splice
    2020-01-05 00:29 - 2020-01-05 20:09 - 000000000 ____D C:\Users\Lenovo\AppData\Local\SpliceSettings
    2019-12-27 16:42 - 2020-01-18 14:04 - 000000000 ____D C:\Program Files (x86)\Internet Download Manager
    2019-12-26 18:54 - 2019-12-26 18:55 - 006111966 _____ C:\Users\Lenovo\Downloads\looperman-l-3429373-0195450-icy-guitar.wav
    2019-12-26 18:50 - 2019-12-26 18:51 - 004287366 _____ C:\Users\Lenovo\Downloads\looperman-l-2061580-0197187-franklins.wav
    2019-12-26 15:38 - 2019-12-26 16:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sylenth1
    2019-12-26 15:38 - 2019-12-26 15:38 - 000000000 ____D C:\Program Files\LennarDigital
    2019-12-26 14:27 - 2019-12-26 14:27 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight
    2019-12-26 14:26 - 2019-12-28 20:30 - 000000000 ____D C:\Users\Lenovo\Documents\Visual Studio 2010
    2019-12-26 14:24 - 2020-01-17 15:26 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 10.0
    2019-12-26 14:24 - 2019-12-26 14:24 - 000000000 ____D C:\Program Files\Microsoft Help Viewer
    2019-12-26 14:13 - 2019-12-26 14:13 - 000000000 ____D C:\Users\Lenovo\AppData\Local\desktop.clipboard.manager
    2019-12-26 12:14 - 2019-12-26 12:14 - 000000000 ____D C:\Users\Lenovo\AppData\Local\PointBlank
    2019-12-26 12:04 - 2019-12-26 12:04 - 000000000 ____D C:\Program Files (x86)\BandiMPEG1
    2019-12-26 00:05 - 2020-01-10 11:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Point Blank
    2019-12-25 23:58 - 2019-12-25 23:58 - 000000000 ____D C:\Program Files (x86)\TAM Game
    2019-12-25 21:47 - 2019-12-27 13:00 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\uTorrent Web
    2019-12-25 21:47 - 2019-12-27 12:59 - 000001870 _____ C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent Web.lnk
    2019-12-25 21:46 - 2019-12-27 12:59 - 000000000 ____D C:\Users\Lenovo\AppData\Local\BitTorrentHelper
    2019-12-24 21:19 - 2019-12-24 21:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinHTTrack
    2019-12-24 21:19 - 2019-12-24 21:19 - 000000000 ____D C:\Program Files\WinHTTrack
    2019-12-23 09:49 - 2019-12-23 09:49 - 000000000 ____D C:\Users\Все пользователи\SystemAcCrux
    2019-12-23 09:49 - 2019-12-23 09:49 - 000000000 ____D C:\ProgramData\SystemAcCrux
    2019-12-23 09:48 - 2019-12-23 09:48 - 000000000 ____D C:\Program Files\EaseUS

    ==================== One month (modified) ==================

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2020-01-21 21:39 - 2018-09-15 11:33 - 000000000 ____D C:\Users\Все пользователи\regid.1991-06.com.microsoft
    2020-01-21 21:39 - 2018-09-15 11:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
    2020-01-21 20:24 - 2019-10-31 15:40 - 000004170 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{2A0C710C-CCE4-4B7E-8B2F-9F4443421356}
    2020-01-21 20:13 - 2019-10-28 14:50 - 000000000 ____D C:\Windows\system32\SleepStudy
    2020-01-21 12:37 - 2018-09-15 11:33 - 000000000 ____D C:\Windows\system32\NDF
    2020-01-21 03:58 - 2019-10-28 11:15 - 000000000 ____D C:\Users\Все пользователи\NVIDIA
    2020-01-21 03:58 - 2019-10-28 11:15 - 000000000 ____D C:\ProgramData\NVIDIA
    2020-01-20 21:43 - 2019-10-28 19:50 - 000000000 ___RD C:\Users\Lenovo\Desktop\TRVP
    2020-01-20 21:31 - 2018-09-15 11:33 - 000000000 ____D C:\Windows\Resources
    2020-01-20 20:07 - 2019-11-04 12:53 - 000000000 ____D C:\Users\Lenovo\AppData\Local\CrashDumps
    2020-01-20 00:19 - 2019-10-28 11:12 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\AIMP
    2020-01-19 00:22 - 2019-10-28 15:26 - 000000000 ____D C:\Users\Lenovo\AppData\Local\D3DSCache
    2020-01-18 21:10 - 2019-10-28 11:06 - 000000000 ____D C:\Users\Lenovo\AppData\Local\PlaceholderTileLogoFolder
    2020-01-18 20:44 - 2018-09-15 11:33 - 000000000 ___HD C:\Program Files\WindowsApps
    2020-01-18 20:44 - 2018-09-15 11:33 - 000000000 ____D C:\Windows\AppReadiness
    2020-01-18 14:37 - 2019-10-28 19:27 - 000000000 ____D C:\Users\Lenovo\Desktop\Toolz
    2020-01-18 14:07 - 2019-10-28 11:03 - 000000000 ____D C:\Users\Lenovo\AppData\Local\Packages
    2020-01-17 21:19 - 2019-11-24 23:02 - 000000000 ____D C:\Users\Lenovo\Desktop\FL Studio 12
    2020-01-17 21:19 - 2018-09-15 11:23 - 000000000 ____D C:\Windows\CbsTemp
    2020-01-17 21:18 - 2019-11-02 16:56 - 000000000 ____D C:\Users\Lenovo\Desktop\YT
    2020-01-17 21:18 - 2019-10-28 15:01 - 001663726 _____ C:\Windows\system32\PerfStringBackup.INI
    2020-01-17 21:18 - 2018-09-15 20:43 - 000734830 _____ C:\Windows\system32\perfh019.dat
    2020-01-17 21:18 - 2018-09-15 20:43 - 000144020 _____ C:\Windows\system32\perfc019.dat
    2020-01-17 21:18 - 2018-09-15 11:31 - 000000000 ____D C:\Windows\INF
    2020-01-17 21:13 - 2019-10-28 14:51 - 000000006 ____H C:\Windows\Tasks\SA.DAT
    2020-01-17 21:12 - 2018-09-15 10:09 - 000524288 _____ C:\Windows\system32\config\BBI
    2020-01-17 17:28 - 2019-12-14 15:10 - 000000000 ____D C:\Users\Lenovo\AppData\Local\cache
    2020-01-17 17:28 - 2018-09-15 11:33 - 000000000 ___HD C:\Windows\ELAMBKUP
    2020-01-17 15:26 - 2019-10-29 17:29 - 000000000 ____D C:\Users\Все пользователи\Package Cache
    2020-01-17 15:26 - 2019-10-29 17:29 - 000000000 ____D C:\ProgramData\Package Cache
    2020-01-17 15:26 - 2018-09-15 11:33 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
    2020-01-16 14:19 - 2019-11-01 19:10 - 000000000 ____D C:\Program Files\UNP
    2020-01-16 14:12 - 2019-10-28 14:50 - 000443440 _____ C:\Windows\system32\FNTCACHE.DAT
    2020-01-16 14:11 - 2019-11-27 15:39 - 000000000 ____D C:\Users\Все пользователи\AVAST Software
    2020-01-16 14:11 - 2019-11-27 15:39 - 000000000 ____D C:\ProgramData\AVAST Software
    2020-01-16 01:23 - 2018-09-15 11:33 - 000000000 ___SD C:\Windows\system32\UNP
    2020-01-16 01:23 - 2018-09-15 11:33 - 000000000 ____D C:\Windows\ShellExperiences
    2020-01-16 01:23 - 2018-09-15 11:33 - 000000000 ____D C:\Windows\bcastdvr
    2020-01-15 18:06 - 2019-11-07 19:30 - 000000000 ____D C:\Windows\system32\MRT
    2020-01-15 17:42 - 2019-11-07 19:29 - 120202352 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2020-01-14 21:30 - 2019-10-28 14:51 - 000000000 ____D C:\Windows\system32\Drivers\wd
    2020-01-11 21:04 - 2019-11-07 10:23 - 000003862 _____ C:\Windows\system32\Tasks\Opera scheduled assistant Autoupdate 1573107834
    2020-01-11 21:04 - 2019-11-02 18:13 - 000003586 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1572704005
    2020-01-11 21:04 - 2019-10-28 11:19 - 000002352 _____ C:\Windows\system32\Tasks\RtHDVBg_LENOVO_DOLBYDRAGON
    2020-01-11 21:04 - 2019-10-28 11:19 - 000002306 _____ C:\Windows\system32\Tasks\RtHDVBg_Dolby
    2020-01-11 21:04 - 2019-10-28 11:19 - 000002302 _____ C:\Windows\system32\Tasks\RTKCPL
    2020-01-11 21:04 - 2019-10-28 11:12 - 000003348 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
    2020-01-11 21:04 - 2019-10-28 11:12 - 000003124 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
    2020-01-11 21:04 - 2019-10-28 11:06 - 000002862 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3102692137-1051397412-2829928562-1001
    2020-01-11 14:03 - 2019-11-06 09:01 - 000000000 ____D C:\Windows\SysWOW64\SupportAppCB
    2020-01-10 12:02 - 2019-11-30 14:52 - 000000000 ____D C:\Users\Lenovo\Desktop\thingz dat i luv
    2020-01-09 16:27 - 2019-12-15 12:18 - 000000000 ____D C:\Users\Lenovo\AppData\Local\SquirrelTemp
    2020-01-06 18:33 - 2019-10-31 15:53 - 000000000 ____D C:\Program Files\Common Files\VST3
    2020-01-06 18:08 - 2019-11-24 23:12 - 000000000 ____D C:\Program Files (x86)\VstPlugins
    2020-01-06 18:08 - 2019-10-31 15:56 - 000000000 ____D C:\Program Files\VSTPlugins
    2020-01-05 20:11 - 2019-12-15 12:20 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\WhatsApp
    2020-01-05 20:11 - 2019-12-15 12:20 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
    2020-01-05 20:11 - 2019-12-15 12:19 - 000000000 ____D C:\Users\Lenovo\AppData\Local\WhatsApp
    2020-01-05 11:59 - 2019-10-28 19:26 - 000000000 ____D C:\Users\Lenovo\Desktop\Coding
    2020-01-05 11:56 - 2019-11-27 21:36 - 000000000 ____D C:\Users\Lenovo\.MemuHyperv
    2020-01-05 11:25 - 2019-10-28 11:08 - 000000000 ____D C:\Users\Все пользователи\Intel
    2020-01-05 11:25 - 2019-10-28 11:08 - 000000000 ____D C:\ProgramData\Intel
    2020-01-03 19:56 - 2019-12-14 18:32 - 000000000 ____D C:\Users\Lenovo\Desktop\NeyBots-CellCraft-Olaf4Snow-v2 (1)
    2019-12-30 21:52 - 2019-11-04 13:19 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Code
    2019-12-30 20:07 - 2019-11-04 13:18 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Visual Studio Code
    2019-12-26 14:59 - 2019-12-18 14:37 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\BitTorrent Web
    2019-12-24 01:33 - 2019-10-28 11:03 - 000000000 ____D C:\Users\Lenovo

    ==================== SigCheck ============================

    (There is no automatic fix for files that do not pass verification.)

    ==================== End of FRST.txt ========================

     

    and here is addition.txt

    Addition.txt

  3. Hello Everyone.

    I'm hacked with multiple hacking ways. A Malware infected to my Laptop with both svchost.exe and explorer.exe infection. I have deleted this for tenth times but its still downloading or creating itself. It was a hack tool for Point Blank (Its a online fps game). I downloaded it from www.sepok-cit.com . This site has too many good reviews and i believed them. Already I Tried a few ways to delte this sh*t from my computer but none of them worked.

    I TRIED:

    1) Deleting its files (hidden files named as spoolsvc.exe , svchost.exe and explorer.exe)

    2) Deleting it via regedit (from HKEY_LOCAL_MACHINE's windows and windows NT folders)

    3) Killing it with RogueKiller

    4) Deleting this with MalwareBytes

    5) Deleting it with Kaspersky

    6) Deleting it with Avast

    But none of them worked. I Tried also disabling Windows Update from services.msc . Its deleted in each steps i wrote but its reinstalling (or recreating idk what it does) itself everytime i reboot my laptop and SHOWING IN TASK MANAGER WHEN I LAUNCH POINT BLANK (game that i want to hack). POINT BLANK LAUNCHER is TRIGGER of it. Its origin location is Windows/Resources and Windows/Resources/Windows.

    PLEASE HELP ME. IM LOSING MY MIND!!!

    task manager (when i start point blank and exit).png

    fake svchost that keeps explorer.exe file opened.PNG

    detailed task manager.PNG

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.