Jump to content
BySk

high usage unnamed service (svchost)

Recommended Posts

Yesterday i downloaded some random programs and stuff but unfortunately i ended up having a minor in my PC first there was an program running called (wup) i searched about it and it was a Trojan so i did delete it but not fully sure if its gone for ever and now im now stuck with that unnamed service it takes more than 40% from my CPU i think its svchost i tried to search for a lot of fixes but nothing i really hope this can help me out i did try to scan with malware bytes and rogue killer and its not working

 

 

Screenshot_4.png

Screenshot_2.png

Share this post


Link to post
Share on other sites
Hello BySk and welcome to Malwarebytes,

Continue with the following:

If you do not have Malwarebytes installed do the following:

Download Malwarebytes version 3 from the following link:

https://www.malwarebytes.com/mwb-download/thankyou/

Double click on the installer and follow the prompts. If necessary select the Blue Help tab for video instructions....

When the install completes or Malwarebytes is already installed do the following:

Open Malwarebytes, select > "settings" > "protection tab"

Scroll down to "Scan Options" ensure Scan for Rootkits and Scan within Archives are both on....

Go back to "DashBoard" select the Blue "Scan Now" tab......

When the scan completes quarantine any found entries...

To get the log from Malwarebytes do the following:
 
  • Click on the Report tab > from main interface.
  • Double click on the Scan log which shows the Date and time of the scan just performed.
  • Click Export > From export you have two options:
    Copy to Clipboard - if seleted right click to your reply and select "Paste" log will be pasted to your reply
    Text file (*.txt) - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply

     
  • Please use "Copy to Clipboard, then Right click to your reply > select "Paste" that will copy the log to your reply…


Next,

Download AdwCleaner by Malwarebytes onto your Desktop.

Or from this Mirror
 
  • Right-click on AdwCleaner.exe and select user posted imageRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users)
  • Accept the EULA (I accept), then click on Scan
  • Let the scan complete. Once it's done, make sure that every item listed in the different tabs is checked and click on the Quarantine button. This will kill all the active processes
  • Once the cleaning process is complete, AdwCleaner will ask to restart your computer, do it
  • After the restart, a log will open when logging in. Please copy/paste the content of that log in your next reply


Next,

Download Farbar Recovery Scan Tool and save it to your desktop.

Alternative download option: http://www.techspot.com/downloads/6731-farbar-recovery-scan-tool.html

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

If your security alerts to FRST either, accept the alert or turn your security off to allow FRST to run. It is not malicious or infected in any way...

Be aware FRST must be run from an account with Administrator status...
 
  • Double-click to run it. When the tool opens click Yes to disclaimer.(Windows 8/10 users will be prompted about Windows SmartScreen protection - click More information and Run.)
  • Make sure Addition.txt is checkmarked under "Optional scans"
    user posted image
     
  • Press Scan button to run the tool....
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The tool will also make a log named (Addition.txt) Please attach that log to your reply.


Let me see those logs in your reply...

Thank you,

Kevin....

Share this post


Link to post
Share on other sites

Hello Kevin so i fixed this problem with rogue killer but im not fully sure because there's something weird happening which is my cpu temp in task manager is about 7% and it never did go that low i did what u asked for too 

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-09-2019
Ran by Admin (administrator) on DESKTOP-6RQ4EI8 (Micro-Star International Co., Ltd. MS-7B22) (17-09-2019 12:30:19)
Running from C:\Users\Admin\Desktop
Loaded Profiles: Admin (Available Profiles: Admin)
Platform: Windows 10 Pro Version 1809 17763.678 (X64) Language: English (United States)
Default browser: Opera
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adlice -> ) C:\Program Files\RogueKiller\RogueKiller64.exe
(Discord Inc. -> Discord Inc.) C:\Users\Admin\AppData\Local\Discord\app-0.0.305\Discord.exe
(Discord Inc. -> Discord Inc.) C:\Users\Admin\AppData\Local\Discord\app-0.0.305\Discord.exe
(Discord Inc. -> Discord Inc.) C:\Users\Admin\AppData\Local\Discord\app-0.0.305\Discord.exe
(Discord Inc. -> Discord Inc.) C:\Users\Admin\AppData\Local\Discord\app-0.0.305\Discord.exe
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\UnrealCEFSubProcess.exe
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(Kilonova LLC -> Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.5.0.4\Lightshot.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Malwarebytes Inc -> Malwarebytes) C:\Users\Admin\Desktop\adwcleaner_7.4.1.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.yourphone_1.19071.901.0_x64__8wekyb3d8bbwe\YourPhone.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.zunevideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Opera Software AS -> Opera Software) C:\Users\Admin\AppData\Local\Programs\Opera\63.0.3368.53\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Admin\AppData\Local\Programs\Opera\63.0.3368.53\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Admin\AppData\Local\Programs\Opera\63.0.3368.53\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Admin\AppData\Local\Programs\Opera\63.0.3368.53\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Admin\AppData\Local\Programs\Opera\63.0.3368.53\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Admin\AppData\Local\Programs\Opera\63.0.3368.53\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Admin\AppData\Local\Programs\Opera\63.0.3368.53\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Admin\AppData\Local\Programs\Opera\63.0.3368.53\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Admin\AppData\Local\Programs\Opera\63.0.3368.53\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Admin\AppData\Local\Programs\Opera\63.0.3368.53\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Admin\AppData\Local\Programs\Opera\63.0.3368.53\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Admin\AppData\Local\Programs\Opera\63.0.3368.53\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Admin\AppData\Local\Programs\Opera\63.0.3368.53\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Admin\AppData\Local\Programs\Opera\63.0.3368.53\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Admin\AppData\Local\Programs\Opera\63.0.3368.53\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Admin\AppData\Local\Programs\Opera\63.0.3368.53\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Admin\AppData\Local\Programs\Opera\63.0.3368.53\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Admin\AppData\Local\Programs\Opera\63.0.3368.53\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Admin\AppData\Local\Programs\Opera\63.0.3368.53\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Admin\AppData\Local\Programs\Opera\63.0.3368.53\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Admin\AppData\Local\Programs\Opera\63.0.3368.53\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Admin\AppData\Local\Programs\Opera\63.0.3368.53\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Admin\AppData\Local\Programs\Opera\63.0.3368.53\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Admin\AppData\Local\Programs\Opera\63.0.3368.53\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Admin\AppData\Local\Programs\Opera\63.0.3368.53\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Admin\AppData\Local\Programs\Opera\63.0.3368.53\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Admin\AppData\Local\Programs\Opera\63.0.3368.53\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Admin\AppData\Local\Programs\Opera\63.0.3368.53\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Admin\AppData\Local\Programs\Opera\63.0.3368.53\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Admin\AppData\Local\Programs\Opera\63.0.3368.53\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Admin\AppData\Local\Programs\Opera\63.0.3368.53\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Admin\AppData\Local\Programs\Opera\63.0.3368.53\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Admin\AppData\Local\Programs\Opera\63.0.3368.53\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Admin\AppData\Local\Programs\Opera\63.0.3368.53\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Admin\AppData\Local\Programs\Opera\63.0.3368.53\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Admin\AppData\Local\Programs\Opera\63.0.3368.53\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Admin\AppData\Local\Programs\Opera\63.0.3368.53\opera_autoupdate.exe
(Opera Software AS -> Opera Software) C:\Users\Admin\AppData\Local\Programs\Opera\63.0.3368.53\opera_autoupdate.exe
(Opera Software AS -> Opera Software) C:\Users\Admin\AppData\Local\Programs\Opera\63.0.3368.53\opera_autoupdate.exe
(Opera Software AS -> Opera Software) C:\Users\Admin\AppData\Local\Programs\Opera\63.0.3368.53\opera_autoupdate.exe
(Opera Software AS -> Opera Software) C:\Users\Admin\AppData\Local\Programs\Opera\63.0.3368.53\opera_crashreporter.exe
(Opera Software AS -> Opera Software) C:\Users\Admin\AppData\Local\Programs\Opera\launcher.exe
(philandro Software GmbH -> ) C:\Program Files (x86)\AnyDesk\AnyDesk.exe
(philandro Software GmbH -> ) C:\Program Files (x86)\AnyDesk\AnyDesk.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Skype) C:\Program Files\WindowsApps\microsoft.skypeapp_14.51.72.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Skype) C:\Program Files\WindowsApps\microsoft.skypeapp_14.51.72.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Spotify AB -> Spotify Ltd) C:\Users\Admin\AppData\Roaming\Spotify\Spotify.exe
(Spotify AB -> Spotify Ltd) C:\Users\Admin\AppData\Roaming\Spotify\Spotify.exe
(Spotify AB -> Spotify Ltd) C:\Users\Admin\AppData\Roaming\Spotify\Spotify.exe
(Spotify AB -> Spotify Ltd) C:\Users\Admin\AppData\Roaming\Spotify\Spotify.exe
(Spotify AB -> Spotify Ltd) C:\Users\Admin\AppData\Roaming\Spotify\Spotify.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) D:\Steam\Steam.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9270560 2019-05-15] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226728 2019-07-21] (Kilonova LLC -> )
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-536303663-3211401700-1687327366-1001\...\Run: [Discord] => C:\Users\Admin\AppData\Local\Discord\app-0.0.305\Discord.exe [81780056 2019-03-07] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-536303663-3211401700-1687327366-1001\...\Run: [Spotify] => C:\Users\Admin\AppData\Roaming\Spotify\Spotify.exe [24274336 2019-09-16] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-536303663-3211401700-1687327366-1001\...\Run: [Steam] => D:\Steam\steam.exe [3210528 2019-09-14] (Valve -> Valve Corporation)
HKU\S-1-5-21-536303663-3211401700-1687327366-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [35941264 2019-09-17] (Epic Games Inc. -> Epic Games, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2019-08-31]
ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> )
GroupPolicy: Restriction - Windows Defender <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {340D5945-1D8A-445F-8BE3-59B47965C236} - System32\Tasks\RogueKiller Anti-Malware => C:\Program Files\RogueKiller\RogueKiller64.exe [35003960 2019-09-16] (Adlice -> )
Task: {3DA7EE9A-7047-4BEC-85BB-EF0C6E71E013} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {44A466D8-F350-40DD-A5D1-F1F10A678969} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {451842F4-0E48-4B84-9DD3-AD70A9E47076} - System32\Tasks\tsKDMdxOsn => C:\Windows\system32\rundll32.exe "C:\Program Files (x86)\tsKDMdxOsn\tsKDMdxOsn.dll",tsKDMdxOsn <==== ATTENTION
Task: {5C24326F-A21A-4180-9AE8-93762D452DE6} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [653864 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5EFBF78C-BCF3-4CF4-829A-BA1A18FFA0E8} - System32\Tasks\LhdwtfTYbJDpPPHso2 => rundll32 "C:\Program Files (x86)\BmggifQeJiHPNEhLSOR\KmHbLOR.dll",#1
Task: {655FCAA3-4AA9-44A0-B5AC-27D14AADB990} - System32\Tasks\PKiDAvfAFJjHmr => rundll32 "C:\Program Files (x86)\QmtdowQDXrIU2\WHoFVJYkocfxh.dll",#1
Task: {704303AB-4735-4436-9AB4-7507153727C4} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3310688 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {773BA36C-B1F0-475F-98A1-1C84A18DB5F3} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {905C8FC2-7EEA-47BD-BCB4-8A9454A02C43} - System32\Tasks\XdcmOdHvMHTGTWPtBBq2 => rundll32 "C:\Program Files (x86)\voZMNhsujxrMC\KogUtsF.dll",#1
Task: {9783C537-B8B3-4DD2-9133-B162CAC03BAB} - System32\Tasks\Network => C:\Users\Admin\AppData\Local\Soft\Framework\libares.js [1143386 2019-08-27] () [File not signed]
Task: {DC72871E-995D-4FEB-81DE-3ACC4BE8AD6C} - System32\Tasks\update-S-1-5-21-536303663-3211401700-1687327366-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {E259F75B-3AE6-46C2-A382-7806E47FF1C5} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913448 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E6ECC46C-124E-4E01-A1F1-86E0BEF4B429} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {E808394B-2EF7-4C73-A60F-9CBC05860D1F} - System32\Tasks\Opera scheduled Autoupdate 1567179289 => C:\Users\Admin\AppData\Local\Programs\Opera\launcher.exe [1520152 2019-08-26] (Opera Software AS -> Opera Software)
Task: {EE28DB8D-347A-4C3D-BAB3-232B076F930B} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F3B6A908-5CF7-4A4C-BBD3-6F2C32B5B41E} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913448 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FACD468A-D9B1-4BB1-A1D1-B531E5B14690} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FDCB7F97-70FE-46AC-B33B-D51572F3669E} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\update-S-1-5-21-536303663-3211401700-1687327366-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 86.51.34.24 86.51.35.24
Tcpip\..\Interfaces\{26fa3179-924d-467e-ad6e-ecf0d75d1e65}: [DhcpNameServer] 86.51.34.24 86.51.35.24
Tcpip\..\Interfaces\{8d0a94fa-6782-457a-801b-ef412be4413e}: [DhcpNameServer] 8.8.8.8

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
SearchScopes: HKU\S-1-5-21-536303663-3211401700-1687327366-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

Opera: 
=======
OPR Extension: (Google Notes Offline) - C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Extensions\mmopilapeiobdcbgahaahilppkcpmpbe [2019-09-13]
OPR Extension: (Adblocker for Youtube™) - C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Extensions\npfemhcmeiimfhppchmcdgafolcgopgc [2019-08-31]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [2985424 2019-09-12] (philandro Software GmbH -> )
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8403672 2019-09-03] (BattlEye Innovations e.K. -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803952 2019-09-13] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
S2 Ms3A5814B4AppC; C:\Windows\System32\Ms3A5814B4App.dll [543232 2019-09-12] () [File not signed]
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5356848 2019-08-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\NisSrv.exe [2552416 2019-08-30] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MsMpEng.exe [108832 2019-08-30] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 wuauserv; C:\Windows\system32\svchost.exe [51696 2018-09-15] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 wuauserv; C:\Windows\SysWOW64\svchost.exe [45448 2018-09-15] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 185b9e1cdcb52f8c; C:\Windows\system32\drivers\185b9e1cdcb52f8c.sys [33984 2019-08-31] (BlockChain Advances Ltd -> FsFilter Network)
S3 AppleKmdfFilter; C:\Windows\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 CorsairVBusDriver; C:\Windows\System32\drivers\CorsairVBusDriver.sys [45968 2019-04-18] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
S3 CorsairVHidDriver; C:\Windows\System32\drivers\CorsairVHidDriver.sys [21904 2019-04-18] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 e1dexpress; C:\Windows\System32\DriverStore\FileRepository\e1d68x64.inf_amd64_691712a04a41c1cd\e1d68x64.sys [568960 2018-11-21] (Intel(R) INTELND1820 -> Intel Corporation)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [20936 2019-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [275232 2019-09-17] (Malwarebytes Corporation -> Malwarebytes)
R2 npcap; C:\Windows\system32\DRIVERS\npcap.sys [82824 2018-07-05] (Insecure.Com LLC -> Insecure.Com LLC.)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_b49751b9038af669\nvlddmkm.sys [21836032 2019-05-23] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-07-23] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NVSWCFilter; C:\Windows\System32\drivers\nvswcfilter.sys [53752 2019-04-24] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [69840 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [75600 2019-04-16] (NVIDIA Corporation -> NVIDIA Corporation)
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2017-08-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
S3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
S3 SIUSBXP; C:\Windows\system32\drivers\SiUSBXp.sys [19456 2018-12-28] (Microsoft Windows Hardware Compatibility Publisher -> Silicon Laboratories)
R3 SteamStreamingMicrophone; C:\Windows\system32\drivers\SteamStreamingMicrophone.sys [40736 2017-07-28] (Valve Corp. -> )
R3 SteamStreamingSpeakers; C:\Windows\system32\drivers\SteamStreamingSpeakers.sys [40736 2017-07-20] (Valve Corp. -> )
R3 tap0901; C:\Windows\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
U3 TrueSight; C:\Windows\System32\drivers\truesight.sys [28272 2019-09-17] (Adlice -> )
R3 UcmCxUcsiNvppc; C:\Windows\System32\drivers\UcmCxUcsiNvppc.sys [453000 2019-05-23] (NVIDIA Corporation -> NVIDIA Corporation)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [47496 2019-08-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [344288 2019-08-30] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [54496 2019-08-30] (Microsoft Windows -> Microsoft Corporation)
U4 npcap_wifi; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

NETSVC: Ms3A5814B4App -> no filepath.
NETSVC: Ms3A5814B4AppA -> no filepath.
NETSVC: Ms3A5814B4AppB -> no filepath.
NETSVC: Ms3A5814B4AppBak -> no filepath.
NETSVC: Ms3A5814B4AppC -> C:\Windows\System32\Ms3A5814B4App.dll ()

==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-09-17 12:30 - 2019-09-17 12:30 - 000023608 _____ C:\Users\Admin\Desktop\FRST.txt
2019-09-17 12:29 - 2019-09-17 12:29 - 001614848 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe
2019-09-17 12:26 - 2019-09-17 12:26 - 000275232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-09-17 04:14 - 2019-09-17 04:14 - 000330853 _____ C:\Users\Admin\Downloads\RealTemp_370.zip
2019-09-17 04:11 - 2019-09-17 04:11 - 000000000 ____D C:\Windows\SysWOW64\Npcap
2019-09-17 04:11 - 2019-09-17 04:11 - 000000000 ____D C:\Windows\system32\Npcap
2019-09-17 04:10 - 2019-09-17 04:11 - 000000000 ____D C:\Program Files\Npcap
2019-09-17 04:10 - 2019-09-17 04:10 - 000000000 ____D C:\ProgramData\Oracle
2019-09-17 04:09 - 2019-09-17 04:09 - 000000000 ____D C:\Program Files\ManageEngine
2019-09-16 13:17 - 2019-09-17 03:48 - 000028272 _____ C:\Windows\system32\Drivers\truesight.sys
2019-09-16 13:17 - 2019-09-16 13:17 - 000003156 _____ C:\Windows\System32\Tasks\RogueKiller Anti-Malware
2019-09-16 13:17 - 2019-09-16 13:17 - 000000000 ____D C:\ProgramData\RogueKiller
2019-09-16 13:17 - 2019-09-16 13:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2019-09-16 13:17 - 2019-09-16 13:17 - 000000000 ____D C:\Program Files\RogueKiller
2019-09-16 13:09 - 2019-09-17 12:30 - 000000000 ____D C:\FRST
2019-09-16 12:46 - 2019-09-16 12:46 - 000000000 ____D C:\Users\Admin\AppData\Local\ElevatedDiagnostics
2019-09-16 12:09 - 2019-09-16 12:10 - 000000000 ____D C:\AdwCleaner
2019-09-16 12:08 - 2019-09-16 12:09 - 007636680 _____ (Malwarebytes) C:\Users\Admin\Desktop\adwcleaner_7.4.1.exe
2019-09-14 12:31 - 2019-09-14 12:31 - 028077121 _____ C:\Users\Admin\Downloads\balls_64.zip
2019-09-14 12:31 - 2019-09-14 12:31 - 000000000 ____D C:\Users\Admin\AppData\LocalLow\Dani
2019-09-14 01:20 - 2019-09-15 13:22 - 000000000 ____D C:\Users\Admin\AppData\Roaming\EasyAntiCheat
2019-09-14 01:20 - 2019-09-14 01:20 - 000000000 ____D C:\Users\Admin\AppData\LocalLow\Facepunch Studios LTD
2019-09-14 01:20 - 2019-09-14 01:20 - 000000000 ____D C:\Users\Admin\AppData\Local\GameAnalytics
2019-09-14 01:18 - 2019-09-16 13:23 - 000000000 ____D C:\Users\Admin\Desktop\New folder
2019-09-13 06:15 - 2019-09-13 06:20 - 000000000 ____D C:\Users\Admin\AppData\Local\UNDERTALE
2019-09-13 03:17 - 2019-09-16 12:03 - 000000000 ____D C:\Program Files (x86)\ifSZNaMoGvUn
2019-09-13 03:17 - 2019-09-16 12:03 - 000000000 ____D C:\Program Files (x86)\FQvNWATgkIE
2019-09-13 03:17 - 2019-09-16 12:03 - 000000000 ____D C:\Program Files (x86)\drmBtZYtU
2019-09-13 03:17 - 2019-09-13 08:44 - 000000000 ____D C:\Program Files (x86)\voZMNhsujxrMC
2019-09-13 03:17 - 2019-09-13 08:44 - 000000000 ____D C:\Program Files (x86)\BmggifQeJiHPNEhLSOR
2019-09-13 03:17 - 2019-09-13 03:35 - 000000000 ____D C:\Program Files (x86)\QmtdowQDXrIU2
2019-09-13 03:17 - 2019-09-13 03:17 - 000003356 _____ C:\Windows\System32\Tasks\PKiDAvfAFJjHmr
2019-09-13 03:17 - 2019-09-13 03:17 - 000003034 _____ C:\Windows\System32\Tasks\LhdwtfTYbJDpPPHso2
2019-09-13 03:17 - 2019-09-13 03:17 - 000003026 _____ C:\Windows\System32\Tasks\XdcmOdHvMHTGTWPtBBq2
2019-09-13 03:17 - 2019-09-13 03:17 - 000000000 ____D C:\ProgramData\mjttQrrpxQWADNVB
2019-09-11 06:38 - 2019-09-11 06:38 - 000000000 ____D C:\Users\Admin\Documents\Lightshot
2019-09-11 06:37 - 2019-09-12 05:50 - 000000420 _____ C:\Windows\Tasks\update-sys.job
2019-09-11 06:37 - 2019-09-12 05:50 - 000000420 _____ C:\Windows\Tasks\update-S-1-5-21-536303663-3211401700-1687327366-1001.job
2019-09-11 06:37 - 2019-09-11 06:37 - 000003408 _____ C:\Windows\System32\Tasks\update-S-1-5-21-536303663-3211401700-1687327366-1001
2019-09-11 06:37 - 2019-09-11 06:37 - 000003346 _____ C:\Windows\System32\Tasks\update-sys
2019-09-11 06:37 - 2019-09-11 06:37 - 000000424 _____ C:\Users\Admin\AppData\Local\UserProducts.xml
2019-09-11 06:37 - 2019-09-11 06:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightshot
2019-09-11 06:37 - 2019-09-11 06:37 - 000000000 ____D C:\Program Files (x86)\Skillbrains
2019-09-09 06:12 - 2019-09-12 05:50 - 000543232 _____ C:\Windows\SysWOW64\Ms3A5814B4App.dll
2019-09-09 06:05 - 2019-09-09 06:05 - 021109567 _____ C:\Users\Admin\Downloads\When the FBI suspects you of a crime but youre inside on the game.mp4
2019-09-09 05:54 - 2019-09-09 06:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare FilmoraPro
2019-09-09 05:54 - 2019-09-09 05:54 - 000000000 ____D C:\Users\Admin\Documents\Wondershare
2019-09-09 05:54 - 2019-09-09 05:54 - 000000000 ____D C:\Users\Admin\AppData\Local\Wondershare
2019-09-09 05:54 - 2019-09-09 05:54 - 000000000 ____D C:\ProgramData\Wondershare
2019-09-09 05:54 - 2019-09-09 05:54 - 000000000 ____D C:\Program Files\Wondershare
2019-09-09 05:50 - 2019-09-09 06:10 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2019-09-07 02:51 - 2019-09-07 02:53 - 000000000 ____D C:\Users\Admin\Documents\Chase
2019-09-07 02:51 - 2019-09-07 02:51 - 000000000 ____D C:\Users\Admin\AppData\LocalLow\Acrylec Studios
2019-09-04 12:26 - 2019-09-04 12:26 - 000000335 _____ C:\Users\Admin\Downloads\lifting_simulator_hack.txt
2019-09-04 02:23 - 2019-09-04 02:23 - 000000000 ____D C:\Users\Admin\AppData\Local\BattlEye
2019-09-03 12:32 - 2019-09-03 12:32 - 000074078 _____ C:\Users\Admin\Downloads\Binaries.zip
2019-09-03 10:28 - 2019-09-03 10:28 - 000000000 ____D C:\Users\Admin\AppData\Local\OneDrive
2019-09-03 10:11 - 2019-09-13 11:45 - 000004308 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-09-03 10:11 - 2019-09-13 11:45 - 000004106 _____ C:\Windows\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-09-03 10:11 - 2019-09-13 11:45 - 000003976 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-09-03 10:11 - 2019-09-13 11:45 - 000003940 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-09-03 10:11 - 2019-09-13 11:45 - 000003894 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-09-03 10:11 - 2019-09-13 11:45 - 000003858 _____ C:\Windows\System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-09-03 10:11 - 2019-09-13 11:45 - 000003858 _____ C:\Windows\System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-09-03 10:11 - 2019-09-13 11:45 - 000003858 _____ C:\Windows\System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-09-03 10:11 - 2019-09-13 11:45 - 000003858 _____ C:\Windows\System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-09-03 10:11 - 2019-09-13 11:45 - 000003654 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-09-03 10:11 - 2019-09-13 11:45 - 000001443 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2019-09-03 10:11 - 2019-09-09 05:54 - 000000000 ____D C:\Users\Admin\AppData\Local\NVIDIA
2019-09-03 10:11 - 2019-09-05 03:50 - 002843120 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2019-09-03 10:11 - 2019-09-05 03:50 - 002206704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2019-09-03 10:11 - 2019-09-05 03:50 - 001321968 _____ (NVIDIA Corporation) C:\Windows\system32\NvRtmpStreamer64.dll
2019-09-03 10:11 - 2019-09-03 10:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2019-09-03 10:11 - 2019-07-22 11:36 - 000179000 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2019-09-03 10:11 - 2019-07-22 11:36 - 000154424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2019-09-03 03:37 - 2019-09-17 07:56 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2019-09-03 03:37 - 2019-09-03 03:37 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2019-09-03 03:36 - 2019-09-03 03:37 - 047453544 _____ C:\Users\Admin\Downloads\MSIAfterburnerSetup.zip
2019-09-02 12:11 - 2019-09-17 04:19 - 000000000 ____D C:\Users\Admin\AppData\Local\Ubisoft Game Launcher
2019-09-02 12:11 - 2019-09-02 12:11 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2019-09-02 10:25 - 2019-09-02 10:25 - 000000000 ____D C:\Program Files (x86)\Microsoft XNA
2019-09-02 09:36 - 2019-09-02 09:36 - 000000000 ____D C:\Program Files (x86)\AGEIA Technologies
2019-09-02 09:36 - 2010-06-02 04:55 - 000239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2019-09-02 09:36 - 2010-06-02 04:55 - 000176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2019-09-02 09:36 - 2010-02-04 10:01 - 000530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2019-09-02 09:36 - 2010-02-04 10:01 - 000528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2019-09-02 09:36 - 2010-02-04 10:01 - 000238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2019-09-02 09:36 - 2010-02-04 10:01 - 000176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2019-09-02 09:36 - 2010-02-04 10:01 - 000078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2019-09-02 09:36 - 2010-02-04 10:01 - 000074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2019-09-02 09:35 - 2009-09-04 17:44 - 000517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2019-09-02 09:35 - 2009-09-04 17:44 - 000515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2019-09-02 09:35 - 2009-09-04 17:44 - 000238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2019-09-02 09:35 - 2009-09-04 17:44 - 000176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2019-09-02 09:35 - 2009-09-04 17:44 - 000073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2019-09-02 09:35 - 2009-09-04 17:44 - 000069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2019-09-02 09:35 - 2009-09-04 17:29 - 005554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2019-09-02 09:35 - 2009-09-04 17:29 - 005501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2019-09-02 09:35 - 2009-09-04 17:29 - 002582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2019-09-02 09:35 - 2009-09-04 17:29 - 002475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2019-09-02 09:35 - 2009-09-04 17:29 - 001974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2019-09-02 09:35 - 2009-09-04 17:29 - 001892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2019-09-02 09:35 - 2009-09-04 17:29 - 000523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2019-09-02 09:35 - 2009-09-04 17:29 - 000453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2019-09-02 09:35 - 2009-09-04 17:29 - 000285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2019-09-02 09:35 - 2009-09-04 17:29 - 000235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2019-09-02 09:35 - 2009-03-16 14:18 - 000521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2019-09-02 09:35 - 2009-03-16 14:18 - 000517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2019-09-02 09:35 - 2009-03-16 14:18 - 000235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2019-09-02 09:35 - 2009-03-16 14:18 - 000174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2019-09-02 09:35 - 2009-03-16 14:18 - 000024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2019-09-02 09:35 - 2009-03-16 14:18 - 000022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2019-09-02 09:35 - 2009-03-09 15:27 - 005425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2019-09-02 09:35 - 2009-03-09 15:27 - 004178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2019-09-02 09:35 - 2009-03-09 15:27 - 002430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2019-09-02 09:35 - 2009-03-09 15:27 - 001846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2019-09-02 09:35 - 2009-03-09 15:27 - 000520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2019-09-02 09:35 - 2009-03-09 15:27 - 000453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2019-09-02 09:35 - 2008-10-27 10:04 - 000518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2019-09-02 09:35 - 2008-10-27 10:04 - 000514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2019-09-02 09:35 - 2008-10-27 10:04 - 000235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2019-09-02 09:35 - 2008-10-27 10:04 - 000175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2019-09-02 09:35 - 2008-10-27 10:04 - 000074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2019-09-02 09:35 - 2008-10-27 10:04 - 000070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2019-09-02 09:35 - 2008-10-27 10:04 - 000025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2019-09-02 09:35 - 2008-10-27 10:04 - 000023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2019-09-02 09:35 - 2008-10-15 06:22 - 005631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2019-09-02 09:35 - 2008-10-15 06:22 - 004379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2019-09-02 09:35 - 2008-10-15 06:22 - 002605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2019-09-02 09:35 - 2008-10-15 06:22 - 002036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2019-09-02 09:35 - 2008-10-15 06:22 - 000519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2019-09-02 09:35 - 2008-10-15 06:22 - 000452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2019-09-02 09:35 - 2008-07-31 10:41 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2019-09-02 09:35 - 2008-07-31 10:41 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2019-09-02 09:35 - 2008-07-31 10:41 - 000072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2019-09-02 09:35 - 2008-07-31 10:41 - 000068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2019-09-02 09:35 - 2008-07-31 10:40 - 000513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2019-09-02 09:35 - 2008-07-31 10:40 - 000509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2019-09-02 09:35 - 2008-07-10 11:01 - 000467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2019-09-02 09:35 - 2008-07-10 11:00 - 004992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2019-09-02 09:35 - 2008-07-10 11:00 - 003851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2019-09-02 09:35 - 2008-07-10 11:00 - 001942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2019-09-02 09:35 - 2008-07-10 11:00 - 001493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2019-09-02 09:35 - 2008-07-10 11:00 - 000540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2019-09-02 09:35 - 2008-05-30 14:19 - 000511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2019-09-02 09:35 - 2008-05-30 14:19 - 000507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2019-09-02 09:35 - 2008-05-30 14:18 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2019-09-02 09:35 - 2008-05-30 14:18 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2019-09-02 09:35 - 2008-05-30 14:17 - 000068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2019-09-02 09:35 - 2008-05-30 14:17 - 000065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2019-09-02 09:35 - 2008-05-30 14:17 - 000025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2019-09-02 09:35 - 2008-05-30 14:16 - 000028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2019-09-02 09:35 - 2008-05-30 14:11 - 004991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2019-09-02 09:35 - 2008-05-30 14:11 - 003850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2019-09-02 09:35 - 2008-05-30 14:11 - 001941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2019-09-02 09:35 - 2008-05-30 14:11 - 001491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2019-09-02 09:35 - 2008-05-30 14:11 - 000540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2019-09-02 09:35 - 2008-05-30 14:11 - 000467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2019-09-02 09:35 - 2008-03-05 16:04 - 000489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2019-09-02 09:35 - 2008-03-05 16:03 - 000479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2019-09-02 09:35 - 2008-03-05 16:03 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2019-09-02 09:35 - 2008-03-05 16:03 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2019-09-02 09:35 - 2008-03-05 16:00 - 000028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2019-09-02 09:35 - 2008-03-05 16:00 - 000025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2019-09-02 09:35 - 2008-03-05 15:56 - 004910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2019-09-02 09:35 - 2008-03-05 15:56 - 003786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2019-09-02 09:35 - 2008-03-05 15:56 - 001860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2019-09-02 09:35 - 2008-03-05 15:56 - 001420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2019-09-02 09:35 - 2008-02-05 23:07 - 000529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2019-09-02 09:35 - 2008-02-05 23:07 - 000462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2019-09-02 09:35 - 2007-10-22 03:40 - 000411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2019-09-02 09:35 - 2007-10-22 03:39 - 000267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2019-09-02 09:35 - 2007-10-22 03:37 - 000021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2019-09-02 09:35 - 2007-10-22 03:37 - 000017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2019-09-02 09:35 - 2007-10-12 15:14 - 005081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2019-09-02 09:35 - 2007-10-12 15:14 - 003734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2019-09-02 09:35 - 2007-10-12 15:14 - 002006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2019-09-02 09:35 - 2007-10-12 15:14 - 001374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2019-09-02 09:35 - 2007-10-02 09:56 - 000508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2019-09-02 09:35 - 2007-10-02 09:56 - 000444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2019-09-02 09:35 - 2007-07-20 00:57 - 000411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2019-09-02 09:35 - 2007-07-20 00:57 - 000267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2019-09-02 09:35 - 2007-07-19 18:14 - 005073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2019-09-02 09:35 - 2007-07-19 18:14 - 003727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2019-09-02 09:35 - 2007-07-19 18:14 - 001985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2019-09-02 09:35 - 2007-07-19 18:14 - 001358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2019-09-02 09:35 - 2007-07-19 18:14 - 000508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2019-09-02 09:35 - 2007-07-19 18:14 - 000444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2019-09-02 09:35 - 2007-06-20 20:49 - 000409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2019-09-02 09:35 - 2007-06-20 20:46 - 000266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2019-09-02 09:35 - 2007-05-16 16:45 - 004496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2019-09-02 09:35 - 2007-05-16 16:45 - 003497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2019-09-02 09:35 - 2007-05-16 16:45 - 001401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2019-09-02 09:35 - 2007-05-16 16:45 - 001124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2019-09-02 09:35 - 2007-05-16 16:45 - 000506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2019-09-02 09:35 - 2007-05-16 16:45 - 000443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2019-09-02 09:35 - 2007-04-04 18:55 - 000403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2019-09-02 09:35 - 2007-04-04 18:55 - 000261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2019-09-02 09:35 - 2007-03-15 16:57 - 000506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2019-09-02 09:35 - 2007-03-15 16:57 - 000443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2019-09-02 09:35 - 2007-03-12 16:42 - 004494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2019-09-02 09:35 - 2007-03-12 16:42 - 003495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2019-09-02 09:35 - 2007-03-12 16:42 - 001400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2019-09-02 09:35 - 2007-03-12 16:42 - 001123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2019-09-02 09:35 - 2007-03-05 12:42 - 000017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2019-09-02 09:35 - 2007-03-05 12:42 - 000015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2019-09-02 09:35 - 2007-01-24 15:27 - 000393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2019-09-02 09:35 - 2007-01-24 15:27 - 000255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2019-09-02 09:35 - 2006-12-08 12:02 - 000251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2019-09-02 09:35 - 2006-12-08 12:00 - 000390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2019-09-02 09:35 - 2006-11-29 13:06 - 004398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2019-09-02 09:35 - 2006-11-29 13:06 - 003426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2019-09-02 09:35 - 2006-11-29 13:06 - 000469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2019-09-02 09:35 - 2006-11-29 13:06 - 000440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2019-09-02 09:35 - 2006-09-28 16:05 - 003977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2019-09-02 09:35 - 2006-09-28 16:05 - 002414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2019-09-02 09:35 - 2006-09-28 16:05 - 000237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2019-09-02 09:35 - 2006-09-28 16:04 - 000364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2019-09-02 09:35 - 2006-07-28 09:31 - 000083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2019-09-02 09:35 - 2006-07-28 09:30 - 000363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2019-09-02 09:35 - 2006-07-28 09:30 - 000236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2019-09-02 09:35 - 2006-07-28 09:30 - 000062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2019-09-02 09:35 - 2006-05-31 07:24 - 000230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2019-09-02 09:35 - 2006-05-31 07:22 - 000354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2019-09-02 09:35 - 2006-03-31 12:41 - 003927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2019-09-02 09:35 - 2006-03-31 12:40 - 002388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2019-09-02 09:35 - 2006-03-31 12:40 - 000352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2019-09-02 09:35 - 2006-03-31 12:39 - 000229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2019-09-02 09:35 - 2006-03-31 12:39 - 000083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2019-09-02 09:35 - 2006-03-31 12:39 - 000062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2019-09-02 09:35 - 2006-02-03 08:43 - 003830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2019-09-02 09:35 - 2006-02-03 08:43 - 002332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2019-09-02 09:35 - 2006-02-03 08:42 - 000355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2019-09-02 09:35 - 2006-02-03 08:42 - 000230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2019-09-02 09:35 - 2006-02-03 08:41 - 000016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2019-09-02 09:35 - 2006-02-03 08:41 - 000014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2019-09-02 09:35 - 2005-12-05 18:09 - 003815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2019-09-02 09:35 - 2005-12-05 18:09 - 002323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2019-09-02 09:35 - 2005-07-22 19:59 - 003807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2019-09-02 09:35 - 2005-07-22 19:59 - 002319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2019-09-02 09:35 - 2005-05-26 15:34 - 003767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2019-09-02 09:35 - 2005-05-26 15:34 - 002297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2019-09-02 09:35 - 2005-03-18 17:19 - 003823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2019-09-02 09:35 - 2005-03-18 17:19 - 002337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2019-09-02 09:35 - 2005-02-05 19:45 - 003544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2019-09-02 09:35 - 2005-02-05 19:45 - 002222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2019-09-02 07:15 - 2019-09-02 07:15 - 000137288 _____ C:\Users\Admin\Downloads\Fast-Lifter.htm
2019-09-02 06:09 - 2019-09-03 12:31 - 000000000 ____D C:\Users\Admin\Documents\My Games
2019-09-01 05:11 - 2019-09-01 05:11 - 000000000 ____D C:\Users\Admin\AppData\Local\PeerDistRepub
2019-09-01 04:19 - 2019-09-01 04:19 - 000248295 _____ C:\Windows\SysWOW64\EA518AA7F39205A70963E908EE504804.CNB021
2019-08-31 10:32 - 2019-09-12 14:51 - 000000000 ____D C:\Program Files (x86)\AnyDesk
2019-08-31 10:32 - 2019-09-03 03:40 - 000000000 ____D C:\ProgramData\AnyDesk
2019-08-31 10:32 - 2019-08-31 10:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnyDesk
2019-08-31 10:29 - 2019-08-31 10:32 - 000000000 ____D C:\Users\Admin\AppData\Roaming\AnyDesk
2019-08-31 10:24 - 2019-08-31 10:24 - 000000000 ____D C:\Users\Admin\AppData\Roaming\WinRAR
2019-08-31 10:24 - 2019-08-31 10:24 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-08-31 10:24 - 2019-08-31 10:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-08-31 05:00 - 2019-08-31 05:00 - 000000000 ____D C:\Program Files\UNP
2019-08-31 02:35 - 2019-09-13 18:55 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-08-31 02:35 - 2019-08-31 02:35 - 000000000 ____D C:\Users\Admin\AppData\Local\mbamtray
2019-08-31 02:35 - 2019-08-31 02:35 - 000000000 ____D C:\Users\Admin\AppData\Local\mbam
2019-08-31 02:35 - 2019-08-31 02:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-08-31 02:35 - 2019-08-31 02:35 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-08-31 02:35 - 2019-08-31 02:35 - 000000000 ____D C:\Program Files\Malwarebytes
2019-08-31 02:35 - 2019-06-26 13:00 - 000020936 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2019-08-31 02:32 - 2019-09-12 05:50 - 000543232 ____N C:\Windows\system32\Ms3A5814B4App.dll
2019-08-31 02:32 - 2019-08-31 02:32 - 000000258 __RSH C:\Users\Admin\ntuser.pol
2019-08-31 02:31 - 2019-08-31 03:00 - 000000000 ____D C:\Program Files (x86)\tsKDMdxOsn
2019-08-31 02:31 - 2019-08-31 02:31 - 000033984 _____ (FsFilter Network) C:\Windows\system32\Drivers\185b9e1cdcb52f8c.sys
2019-08-31 02:31 - 2019-08-31 02:31 - 000016810 _____ C:\Windows\System32\Tasks\tsKDMdxOsn
2019-08-31 02:31 - 2019-08-31 02:31 - 000001114 _____ C:\Users\Admin\_readme.txt
2019-08-31 02:31 - 2019-08-31 02:31 - 000000000 ____D C:\ProgramData\Lamia
2019-08-31 02:30 - 2019-09-14 02:15 - 000000000 ____D C:\Users\Admin\AppData\Local\CrashDumps
2019-08-31 02:30 - 2019-09-13 03:17 - 000005076 __RSH C:\ProgramData\ntuser.pol
2019-08-31 02:30 - 2019-08-31 02:38 - 000000000 ____D C:\Users\Admin\AppData\Roaming\cvhcdhgenew
2019-08-31 02:30 - 2019-08-31 02:37 - 000000000 ____D C:\Users\Admin\AppData\Local\10a6a19c-4990-452c-bed8-c1d49bf5808a
2019-08-31 02:30 - 2019-08-31 02:37 - 000000000 ____D C:\Program Files (x86)\DATA
2019-08-31 02:30 - 2019-08-31 02:30 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Mozilla
2019-08-31 02:30 - 2019-08-31 02:30 - 000000000 ____D C:\Users\Admin\AppData\Local\DBG
2019-08-31 02:30 - 2019-08-31 02:30 - 000000000 ____D C:\SystemID
2019-08-31 02:08 - 2019-08-31 02:08 - 000000000 ___SH C:\Users\Public\Shared Files
2019-08-31 02:02 - 2019-09-13 11:47 - 000000000 ____D C:\Users\Admin\AppData\Local\NVIDIA Corporation
2019-08-31 02:01 - 2019-09-14 01:20 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat
2019-08-31 02:01 - 2019-08-31 02:01 - 000000000 ____D C:\Users\Admin\AppData\Local\FortniteGame
2019-08-30 18:18 - 2019-08-30 18:18 - 000000000 _SHDL C:\Users\Default User
2019-08-30 18:18 - 2019-08-30 18:18 - 000000000 _SHDL C:\Users\All Users
2019-08-30 18:18 - 2019-08-30 18:18 - 000000000 _SHDL C:\Documents and Settings
2019-08-30 18:16 - 2019-09-17 12:28 - 000000000 ____D C:\ProgramData\NVIDIA
2019-08-30 18:16 - 2019-09-17 12:26 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-08-30 18:16 - 2019-09-13 11:47 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2019-08-30 18:16 - 2019-09-13 11:45 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2019-08-30 18:16 - 2019-09-13 11:45 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2019-08-30 18:16 - 2019-08-30 18:16 - 000000000 ____H C:\ProgramData\DP45977C.lfl
2019-08-30 18:16 - 2019-08-30 18:16 - 000000000 ____D C:\Windows\SysWOW64\RTCOM
2019-08-30 18:16 - 2019-08-30 18:16 - 000000000 ____D C:\Windows\system32\Drivers\NVIDIA Corporation
2019-08-30 18:16 - 2019-08-30 18:16 - 000000000 ____D C:\Windows\system32\DAX3
2019-08-30 18:16 - 2019-08-30 18:16 - 000000000 ____D C:\Windows\system32\DAX2
2019-08-30 18:16 - 2019-08-30 18:16 - 000000000 ____D C:\ProgramData\USOShared
2019-08-30 18:16 - 2019-08-30 18:16 - 000000000 ____D C:\Program Files\Realtek
2019-08-30 18:16 - 2019-08-30 18:16 - 000000000 _____ C:\Windows\system32\fpfftResultsFile.txt
2019-08-30 18:16 - 2019-08-30 10:50 - 000000000 ____D C:\Windows\system32\Drivers\wd
2019-08-30 18:16 - 2019-08-27 12:15 - 000001951 _____ C:\Windows\NvContainerRecovery.bat
2019-08-30 18:16 - 2019-05-22 15:01 - 005432688 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2019-08-30 18:16 - 2019-05-22 15:01 - 002637808 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2019-08-30 18:16 - 2019-05-22 15:01 - 001767920 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2019-08-30 18:16 - 2019-05-22 15:01 - 000650608 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2019-08-30 18:16 - 2019-05-22 15:01 - 000450872 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2019-08-30 18:16 - 2019-05-22 15:01 - 000125240 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2019-08-30 18:16 - 2019-05-22 15:01 - 000083440 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2019-08-30 18:16 - 2019-05-22 08:03 - 008579232 _____ C:\Windows\system32\nvcoproc.bin
2019-08-30 18:15 - 2019-09-17 11:20 - 000000000 ____D C:\Windows\system32\SleepStudy
2019-08-30 18:15 - 2019-09-09 06:11 - 000282312 _____ C:\Windows\system32\FNTCACHE.DAT
2019-08-30 18:15 - 2019-08-30 18:15 - 000000000 ____D C:\Windows\ServiceProfiles
2019-08-30 16:33 - 2019-08-30 16:33 - 000008192 _____ C:\Windows\system32\config\userdiff
2019-08-30 16:33 - 2019-08-30 16:33 - 000000000 ____D C:\Windows\Setup
2019-08-30 16:31 - 2019-08-30 16:31 - 000000000 ____D C:\Windows\SysWOW64\XPSViewer
2019-08-30 16:31 - 2019-08-30 16:31 - 000000000 ____D C:\Windows\SysWOW64\MailContactsCalendarSync
2019-08-30 16:31 - 2019-08-30 16:31 - 000000000 ____D C:\Windows\system32\OpenSSH
2019-08-30 16:31 - 2019-08-30 16:31 - 000000000 ____D C:\Windows\system32\MailContactsCalendarSync
2019-08-30 16:31 - 2019-08-30 16:31 - 000000000 ____D C:\Windows\OCR
2019-08-30 16:31 - 2019-08-30 16:31 - 000000000 ____D C:\Program Files\Reference Assemblies
2019-08-30 16:31 - 2019-08-30 16:31 - 000000000 ____D C:\Program Files\MSBuild
2019-08-30 16:31 - 2019-08-30 16:31 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2019-08-30 16:31 - 2019-08-30 16:31 - 000000000 ____D C:\Program Files (x86)\MSBuild
2019-08-30 16:30 - 2019-08-30 16:31 - 000000000 ____D C:\Windows\SysWOW64\WCN
2019-08-30 16:30 - 2019-08-30 16:31 - 000000000 ____D C:\Windows\system32\WCN
2019-08-30 16:30 - 2019-08-30 16:30 - 000000000 ____D C:\Windows\SysWOW64\winrm
2019-08-30 16:30 - 2019-08-30 16:30 - 000000000 ____D C:\Windows\SysWOW64\sysprep
2019-08-30 16:30 - 2019-08-30 16:30 - 000000000 ____D C:\Windows\SysWOW64\slmgr
2019-08-30 16:30 - 2019-08-30 16:30 - 000000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts
2019-08-30 16:30 - 2019-08-30 16:30 - 000000000 ____D C:\Windows\SysWOW64\0409
2019-08-30 16:30 - 2019-08-30 16:30 - 000000000 ____D C:\Windows\system32\winrm
2019-08-30 16:30 - 2019-08-30 16:30 - 000000000 ____D C:\Windows\system32\slmgr
2019-08-30 16:30 - 2019-08-30 16:30 - 000000000 ____D C:\Windows\system32\Printing_Admin_Scripts
2019-08-30 16:30 - 2019-08-30 16:30 - 000000000 ____D C:\Windows\system32\ar
2019-08-30 16:30 - 2019-08-30 16:30 - 000000000 ____D C:\Windows\system32\0409
2019-08-30 16:30 - 2019-08-30 16:30 - 000000000 ____D C:\Windows\DigitalLocker
2019-08-30 16:29 - 2019-05-31 11:03 - 000835688 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-08-30 16:29 - 2019-05-31 11:03 - 000179816 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-08-30 16:28 - 2019-09-17 12:26 - 000000000 ___RD C:\Program Files (x86)
2019-08-30 16:28 - 2019-09-17 12:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-08-30 16:28 - 2019-09-17 04:11 - 000000000 ____D C:\Windows\system32\config\systemprofile
2019-08-30 16:28 - 2019-09-14 01:07 - 000000000 ____D C:\Windows\system32\NDF
2019-08-30 16:28 - 2019-09-07 09:32 - 000000000 ____D C:\Windows\LiveKernelReports
2019-08-30 16:28 - 2019-09-02 09:35 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-08-30 16:28 - 2019-08-31 04:59 - 000000000 ____D C:\Windows\appcompat
2019-08-30 16:28 - 2019-08-31 02:35 - 000000000 ___HD C:\Windows\ELAMBKUP
2019-08-30 16:28 - 2019-08-31 02:30 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2019-08-30 16:28 - 2019-08-31 02:08 - 000000000 __SHD C:\Users\Public\Libraries
2019-08-30 16:28 - 2019-08-30 18:36 - 000028672 _____ C:\Windows\system32\config\BCD-Template
2019-08-30 16:28 - 2019-08-30 18:18 - 000000000 ____D C:\Windows\CSC
2019-08-30 16:28 - 2019-08-30 18:16 - 000000000 ___RD C:\Windows\PrintDialog
2019-08-30 16:28 - 2019-08-30 18:16 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2019-08-30 16:28 - 2019-08-30 18:16 - 000000000 ____D C:\Windows\Help
2019-08-30 16:28 - 2019-08-30 18:16 - 000000000 ____D C:\ProgramData\USOPrivate
2019-08-30 16:28 - 2019-08-30 18:15 - 000000000 ____D C:\Windows\system32\config\TxR
2019-08-30 16:28 - 2019-08-30 16:35 - 000000000 ____D C:\Windows\Containers
2019-08-30 16:28 - 2019-08-30 16:33 - 000000000 ___SD C:\Windows\system32\UNP
2019-08-30 16:28 - 2019-08-30 16:33 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2019-08-30 16:28 - 2019-08-30 16:33 - 000000000 ____D C:\Windows\TextInput
2019-08-30 16:28 - 2019-08-30 16:33 - 000000000 ____D C:\Windows\SysWOW64\oobe
2019-08-30 16:28 - 2019-08-30 16:33 - 000000000 ____D C:\Windows\SysWOW64\Dism
2019-08-30 16:28 - 2019-08-30 16:33 - 000000000 ____D C:\Windows\system32\oobe
2019-08-30 16:28 - 2019-08-30 16:33 - 000000000 ____D C:\Windows\system32\migwiz
2019-08-30 16:28 - 2019-08-30 16:33 - 000000000 ____D C:\Windows\system32\Dism
2019-08-30 16:28 - 2019-08-30 16:33 - 000000000 ____D C:\Windows\system32\appraiser
2019-08-30 16:28 - 2019-08-30 16:33 - 000000000 ____D C:\Windows\ShellExperiences
2019-08-30 16:28 - 2019-08-30 16:33 - 000000000 ____D C:\Windows\ShellComponents
2019-08-30 16:28 - 2019-08-30 16:33 - 000000000 ____D C:\Windows\Provisioning
2019-08-30 16:28 - 2019-08-30 16:33 - 000000000 ____D C:\Windows\PolicyDefinitions
2019-08-30 16:28 - 2019-08-30 16:33 - 000000000 ____D C:\Windows\bcastdvr
2019-08-30 16:28 - 2019-08-30 16:33 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2019-08-30 16:28 - 2019-08-30 16:33 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2019-08-30 16:28 - 2019-08-30 16:33 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2019-08-30 16:28 - 2019-08-30 16:31 - 000000000 ____D C:\Windows\SysWOW64\MUI
2019-08-30 16:28 - 2019-08-30 16:31 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2019-08-30 16:28 - 2019-08-30 16:31 - 000000000 ____D C:\Windows\system32\SystemResetPlatform
2019-08-30 16:28 - 2019-08-30 16:31 - 000000000 ____D C:\Windows\system32\MUI
2019-08-30 16:28 - 2019-08-30 16:31 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2019-08-30 16:28 - 2019-08-30 16:30 - 000000000 ___SD C:\Windows\SysWOW64\F12
2019-08-30 16:28 - 2019-08-30 16:30 - 000000000 ___SD C:\Windows\SysWOW64\DiagSvcs
2019-08-30 16:28 - 2019-08-30 16:30 - 000000000 ___SD C:\Windows\system32\F12
2019-08-30 16:28 - 2019-08-30 16:30 - 000000000 ___SD C:\Windows\system32\dsc
2019-08-30 16:28 - 2019-08-30 16:30 - 000000000 ____D C:\Windows\SysWOW64\setup
2019-08-30 16:28 - 2019-08-30 16:30 - 000000000 ____D C:\Windows\SysWOW64\com
2019-08-30 16:28 - 2019-08-30 16:30 - 000000000 ____D C:\Windows\system32\Sysprep
2019-08-30 16:28 - 2019-08-30 16:30 - 000000000 ____D C:\Windows\system32\setup
2019-08-30 16:28 - 2019-08-30 16:30 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2019-08-30 16:28 - 2019-08-30 16:30 - 000000000 ____D C:\Windows\system32\com
2019-08-30 16:28 - 2019-08-30 16:30 - 000000000 ____D C:\Windows\IME
2019-08-30 16:28 - 2019-08-30 16:30 - 000000000 ____D C:\Program Files\Common Files\system
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 __SHD C:\Windows\BitLockerDiscoveryVolumeContents
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 __SHD C:\Program Files\Windows Sidebar
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 __RSD C:\Windows\media
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ___SD C:\Windows\SysWOW64\Nui
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ___SD C:\Windows\SysWOW64\Configuration
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ___SD C:\Windows\system32\Nui
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ___SD C:\Windows\system32\Configuration
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ___SD C:\Windows\system32\AppV
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ___SD C:\Windows\Downloaded Program Files
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ___RD C:\Windows\Offline Web Pages
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ___HD C:\Windows\LanguageOverlayCache
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Windows\Web
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Windows\WaaS
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Windows\Vss
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Windows\tracing
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Windows\TAPI
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Windows\SysWOW64\SMI
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Windows\SysWOW64\ras
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Windows\SysWOW64\PerceptionSimulation
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Windows\SysWOW64\NDF
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Windows\SysWOW64\Msdtc
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Windows\SysWOW64\migwiz
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Windows\SysWOW64\Ipmi
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Windows\SysWOW64\InputMethod
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Windows\SysWOW64\inetsrv
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Windows\SysWOW64\IME
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Windows\SysWOW64\icsxml
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicyUsers
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Windows\SysWOW64\FxsTmp
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Windows\SysWOW64\downlevel
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Windows\SysWOW64\Bthprops
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Windows\SysWOW64\AppLocker
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Windows\SysWOW64\AdvancedInstallers
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Windows\SystemResources
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Windows\SystemApps
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Windows\system32\WinMetadata
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Windows\system32\winevt
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Windows\system32\ti-et
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Windows\system32\ta-lk
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Windows\system32\ta-in
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Windows\system32\si-lk
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Windows\system32\ShellExperiences
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Windows\system32\Sgrm
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Windows\system32\ras
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Windows\system32\ProximityToast
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Windows\system32\PointOfService
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Windows\system32\my-mm
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Windows\system32\MsDtc
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Windows\system32\Macromed
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Windows\system32\Ipmi
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Windows\system32\InputMethod
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Windows\system32\inetsrv
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Windows\system32\IME
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Windows\system32\icsxml
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Windows\system32\ias
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Windows\system32\hydrogen
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Windows\system32\GroupPolicyUsers
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Windows\system32\DriverState
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Windows\system32\Drivers\DriverData
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Windows\system32\downlevel
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Windows\system32\DDFs
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Windows\system32\config\RegBack
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Windows\system32\config\Journal
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Windows\system32\Bthprops
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Windows\system32\AppLocker
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Windows\system32\am-et
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Windows\system32\AdvancedInstallers
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Windows\System
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Windows\SKB
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Windows\security
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Windows\schemas
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Windows\SchCache
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Windows\Resources
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Windows\rescache
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Windows\RemotePackages
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Windows\Registration
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Windows\PLA
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Windows\Performance
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Windows\ModemLogs
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Windows\L2Schemas
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Windows\InputMethod
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Windows\IdentityCRL
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Windows\Globalization
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Windows\GameBarPresenceWriter
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Windows\Cursors
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Windows\Branding
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Windows\addins
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\ProgramData\WindowsHolographicDevices
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Program Files\Windows Security
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Program Files\Windows Portable Devices
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Program Files\windows nt
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Program Files\Windows Multimedia Platform
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Program Files\Common Files\Services
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Program Files (x86)\windows nt
2019-08-30 16:28 - 2019-08-30 16:28 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2019-08-30 16:28 - 2019-08-30 16:27 - 000231424 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll
2019-08-30 16:28 - 2019-08-30 16:27 - 000215943 _____ C:\Windows\SysWOW64\dssec.dat
2019-08-30 16:28 - 2019-08-30 16:27 - 000215943 _____ C:\Windows\system32\dssec.dat
2019-08-30 16:28 - 2019-08-30 16:27 - 000207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll
2019-08-30 16:28 - 2019-08-30 16:27 - 000019968 _____ (Microsoft Corporation) C:\Windows\system32\OEMDefaultAssociations.dll
2019-08-30 16:28 - 2019-08-30 16:27 - 000017635 _____ C:\Windows\system32\Drivers\etc\services
2019-08-30 16:28 - 2019-08-30 16:27 - 000017548 _____ C:\Windows\system32\OEMDefaultAssociations.xml
2019-08-30 16:28 - 2019-08-30 16:27 - 000003683 _____ C:\Windows\system32\Drivers\etc\lmhosts.sam
2019-08-30 16:28 - 2019-08-30 16:27 - 000003103 _____ C:\Windows\SysWOW64\mmc.exe.config
2019-08-30 16:28 - 2019-08-30 16:27 - 000003103 _____ C:\Windows\system32\mmc.exe.config
2019-08-30 16:28 - 2019-08-30 16:27 - 000001358 _____ C:\Windows\system32\Drivers\etc\protocol
2019-08-30 16:28 - 2019-08-30 16:27 - 000000858 _____ C:\Windows\system32\DefaultQuestions.json
2019-08-30 16:28 - 2019-08-30 16:27 - 000000741 _____ C:\Windows\SysWOW64\NOISE.DAT
2019-08-30 16:28 - 2019-08-30 16:27 - 000000741 _____ C:\Windows\system32\NOISE.DAT
2019-08-30 16:28 - 2019-08-30 16:27 - 000000407 _____ C:\Windows\system32\Drivers\etc\networks
2019-08-30 16:28 - 2019-08-30 16:27 - 000000219 _____ C:\Windows\system.ini
2019-08-30 16:28 - 2019-08-30 16:27 - 000000092 _____ C:\Windows\win.ini
2019-08-30 16:28 - 2019-08-30 10:51 - 000000000 ____D C:\Windows\AppReadiness
2019-08-30 16:28 - 2019-08-30 10:50 - 000000000 ___RD C:\Program Files\Windows Defender
2019-08-30 16:28 - 2019-08-30 10:45 - 000000000 ___HD C:\Program Files\WindowsApps
2019-08-30 16:28 - 2019-08-30 08:46 - 000000000 ____D C:\Windows\ServiceState
2019-08-30 16:28 - 2019-08-30 08:20 - 000000000 ____D C:\Windows\system32\spool
2019-08-30 16:28 - 2019-08-30 08:20 - 000000000 ____D C:\Windows\system32\FxsTmp
2019-08-30 16:28 - 2019-08-30 08:19 - 000000000 ____D C:\Windows\system32\WinBioDatabase
2019-08-30 16:27 - 2019-09-17 04:10 - 000000000 ____D C:\Windows\INF
2019-08-30 16:23 - 2019-09-17 12:26 - 078381056 _____ C:\Windows\system32\config\SOFTWARE
2019-08-30 16:23 - 2019-09-17 12:26 - 014155776 _____ C:\Windows\system32\config\SYSTEM
2019-08-30 16:23 - 2019-09-17 12:26 - 000524288 _____ C:\Windows\system32\config\DEFAULT
2019-08-30 16:23 - 2019-09-17 12:26 - 000524288 _____ C:\Windows\system32\config\BBI
2019-08-30 16:23 - 2019-09-17 12:26 - 000065536 _____ C:\Windows\system32\config\SECURITY
2019-08-30 16:23 - 2019-09-17 12:26 - 000065536 _____ C:\Windows\system32\config\SAM
2019-08-30 16:23 - 2019-08-30 16:28 - 000000000 ____D C:\Windows\system32\SMI
2019-08-30 16:23 - 2019-08-30 08:44 - 000000000 ____D C:\Windows\servicing
2019-08-30 16:23 - 2019-08-30 08:44 - 000000000 ____D C:\Windows\CbsTemp
2019-08-30 16:23 - 2019-08-30 08:34 - 000032768 _____ C:\Windows\system32\config\ELAM
2019-08-30 16:23 - 2019-08-30 08:18 - 000000000 ____D C:\Windows\Panther
2019-08-30 16:19 - 2019-09-14 01:13 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2019-08-30 16:09 - 2019-08-30 16:09 - 000000000 ____D C:\Users\Admin\AppData\Local\Steam
2019-08-30 16:08 - 2019-08-30 16:08 - 000000000 ____D C:\Users\Admin\AppData\Local\CEF
2019-08-30 16:08 - 2010-06-02 04:55 - 000527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2019-08-30 16:08 - 2010-06-02 04:55 - 000518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2019-08-30 16:08 - 2010-06-02 04:55 - 000077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2019-08-30 16:08 - 2010-06-02 04:55 - 000074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2019-08-30 16:08 - 2010-05-26 11:41 - 002526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2019-08-30 16:08 - 2010-05-26 11:41 - 002401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2019-08-30 16:08 - 2010-05-26 11:41 - 001998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2019-08-30 16:08 - 2010-05-26 11:41 - 001907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2019-08-30 16:08 - 2010-05-26 11:41 - 000511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2019-08-30 16:08 - 2010-05-26 11:41 - 000276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2019-08-30 16:08 - 2010-02-04 10:01 - 000024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2019-08-30 16:08 - 2010-02-04 10:01 - 000022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2019-08-30 16:08 - 2007-04-04 18:54 - 000107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2019-08-30 16:07 - 2019-08-31 02:01 - 000000000 ____D C:\Users\Admin\AppData\Local\UnrealEngine
2019-08-30 16:07 - 2019-08-30 16:08 - 000000000 ____D C:\ProgramData\Epic
2019-08-30 16:07 - 2019-08-30 16:07 - 000001270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2019-08-30 16:07 - 2019-08-30 16:07 - 000001258 _____ C:\Users\Admin\Desktop\Epic Games Launcher.lnk
2019-08-30 16:07 - 2019-08-30 16:07 - 000000604 _____ C:\Users\Public\Desktop\Steam.lnk
2019-08-30 16:07 - 2019-08-30 16:07 - 000000000 ____D C:\Users\Admin\AppData\Local\UnrealEngineLauncher
2019-08-30 16:07 - 2019-08-30 16:07 - 000000000 ____D C:\Users\Admin\AppData\Local\EpicGamesLauncher
2019-08-30 16:07 - 2019-08-30 16:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2019-08-30 16:07 - 2019-08-30 16:07 - 000000000 ____D C:\Program Files (x86)\Epic Games
2019-08-30 16:07 - 2010-05-26 11:41 - 002106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2019-08-30 16:07 - 2010-05-26 11:41 - 001868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2019-08-30 16:07 - 2010-05-26 11:41 - 000470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2019-08-30 16:07 - 2010-05-26 11:41 - 000248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2019-08-30 16:07 - 2007-04-04 18:53 - 000081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2019-08-30 10:51 - 2019-08-30 10:51 - 134272480 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-08-30 10:51 - 2019-08-30 10:51 - 000000000 ____D C:\Windows\system32\MRT
2019-08-30 09:14 - 2019-09-04 11:24 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2019-08-30 09:14 - 2019-08-30 10:07 - 000000000 ____D C:\Users\Admin\AppData\Local\Roblox
2019-08-30 09:14 - 2019-08-30 09:20 - 000000248 _____ C:\Users\Admin\AppData\LocalLow\rbxcsettings.rbx
2019-08-30 09:02 - 2019-08-31 02:24 - 000003258 _____ C:\Windows\System32\Tasks\Network
2019-08-30 09:02 - 2019-08-30 09:02 - 000000000 ____D C:\Users\Admin\AppData\Local\Soft
2019-08-30 08:52 - 2019-09-17 12:27 - 000000000 ____D C:\Users\Admin\AppData\Local\D3DSCache
2019-08-30 08:46 - 2019-09-17 04:10 - 000000000 ____D C:\ProgramData\Package Cache
2019-08-30 08:46 - 2019-08-30 08:46 - 000000000 ____D C:\Users\Admin\AppData\Local\Comms
2019-08-30 08:46 - 2019-08-30 08:46 - 000000000 ____D C:\Program Files\TAP-Windows
2019-08-30 08:42 - 2019-08-30 08:42 - 000000000 ____D C:\Users\Admin\AppData\Roaming\NVIDIA
2019-08-30 08:38 - 2019-09-17 04:10 - 000000000 ____D C:\Users\Admin\AppData\Local\Spotify
2019-08-30 08:38 - 2019-08-30 08:38 - 000001850 _____ C:\Users\Admin\Desktop\Spotify.lnk
2019-08-30 08:38 - 2019-08-30 08:38 - 000001836 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2019-08-30 08:37 - 2019-09-17 12:27 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Spotify
2019-08-30 08:36 - 2019-09-13 13:10 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Discord
2019-08-30 08:36 - 2019-08-30 08:36 - 000002233 _____ C:\Users\Admin\Desktop\Discord.lnk
2019-08-30 08:36 - 2019-08-30 08:36 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2019-08-30 08:36 - 2019-08-30 08:36 - 000000000 ____D C:\Users\Admin\AppData\Local\SquirrelTemp
2019-08-30 08:36 - 2019-08-30 08:36 - 000000000 ____D C:\Users\Admin\AppData\Local\Discord
2019-08-30 08:34 - 2019-08-30 08:34 - 000004206 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1567179289
2019-08-30 08:34 - 2019-08-30 08:34 - 000001393 _____ C:\Users\Admin\Desktop\Opera Browser.lnk
2019-08-30 08:34 - 2019-08-30 08:34 - 000001393 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera Browser.lnk
2019-08-30 08:34 - 2019-08-30 08:34 - 000000000 ____D C:\Users\Admin\AppData\Local\Opera Software
2019-08-30 08:34 - 2019-08-30 08:33 - 000741432 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2019-08-30 08:31 - 2019-09-12 06:07 - 000003378 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-536303663-3211401700-1687327366-1001
2019-08-30 08:31 - 2019-09-12 06:07 - 000000000 ___RD C:\Users\Admin\OneDrive
2019-08-30 08:31 - 2019-08-30 08:31 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Opera Software
2019-08-30 08:30 - 2019-08-31 02:32 - 000000000 ____D C:\Users\Admin\AppData\Local\PlaceholderTileLogoFolder
2019-08-30 08:30 - 2019-08-30 08:30 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2019-08-30 08:29 - 2019-08-31 02:31 - 000000000 ____D C:\Users\Admin\AppData\Local\VirtualStore
2019-08-30 08:29 - 2019-08-30 10:45 - 000000000 ____D C:\Users\Admin\AppData\Local\Packages
2019-08-30 08:29 - 2019-08-30 08:52 - 000000000 ____D C:\ProgramData\Packages
2019-08-30 08:29 - 2019-08-30 08:51 - 000000000 ____D C:\Users\Admin\AppData\Local\Publishers
2019-08-30 08:29 - 2019-08-30 08:29 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-08-30 08:29 - 2019-08-30 08:29 - 000000000 ___RD C:\Users\Admin\3D Objects
2019-08-30 08:29 - 2019-08-30 08:29 - 000000000 ___HD C:\Users\Admin\MicrosoftEdgeBackups
2019-08-30 08:29 - 2019-08-30 08:29 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Adobe
2019-08-30 08:29 - 2019-08-30 08:29 - 000000000 ____D C:\Users\Admin\AppData\Local\MicrosoftEdge
2019-08-30 08:29 - 2019-08-30 08:29 - 000000000 ____D C:\Users\Admin\AppData\Local\ConnectedDevicesPlatform
2019-08-30 08:26 - 2019-09-12 06:07 - 000002363 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-08-30 08:26 - 2019-09-10 13:30 - 000000000 ____D C:\Users\Admin
2019-08-30 08:26 - 2019-08-30 08:26 - 000000020 ___SH C:\Users\Admin\ntuser.ini
2019-08-30 08:22 - 2019-09-17 12:30 - 000840848 _____ C:\Windows\system32\PerfStringBackup.INI
2019-08-30 08:20 - 2019-04-26 15:13 - 002865152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2019-08-30 05:16 - 2019-08-31 02:36 - 000000000 ___HD C:\$SysReset

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)


==================== Files in the root of some directories ================

2018-09-15 00:28 - 2018-09-15 00:28 - 000000270 ___SH () C:\Users\Admin\AppData\Roaming\suvtrbu
2019-09-11 06:37 - 2019-09-11 06:37 - 000000003 _____ () C:\Users\Admin\AppData\Local\updater.log
2019-09-11 06:37 - 2019-09-11 06:37 - 000000424 _____ () C:\Users\Admin\AppData\Local\UserProducts.xml

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

Screenshot_1.png

Addition.txt malware bytes.txt

Share this post


Link to post
Share on other sites

Thanks for those logs BySk, Continue:

Download attached fixlist.txt file (end of reply) and save it to the Desktop, or the folder you saved FRST into. "Do not open that file when running FRST fix"
NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

Open FRST and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt) or the folder it was ran from. Please post it to your reply.

user posted image

Next,

Download Microsoft's " Malicious Software Removal Tool" and save direct to the desktop

Ensure to get the correct version for your system....

https://www.microsoft.com/en-gb/download/malicious-software-removal-tool-details.aspx


Right click on the Tool, select “Run as Administrator” the tool will expand to the options Window
In the "Scan Type" window, select Quick Scan
Perform a scan and Click Finish when the scan is done.


Retrieve the MSRT log as follows, and post it in your next reply:

1) Select the Windows key and R key together to open the "Run" function
2) Type or Copy/Paste the following command to the "Run Line" and Press Enter:

notepad c:\windows\debug\mrt.log

The log will include log details for each time MSRT has run, we only need the most recent log by date and time....

Post those logs to your reply, also let me know if there are any remaining issues or concerns...

Thank you,

Kevin..

fixlist.txt

Share this post


Link to post
Share on other sites

Hey Kevin, looks like i was right when i opened my PC today i found that its still here the unnamed service still getting a lot of usage i did what u asked for too

and by the way the when i did the FRST  file thing it stopped responding i tried to fix it and i think i did but i don't think its all of it because it just 7 kb and it didn't take time at all, idk why it stopped responding tho 

 


---------------------------------------------------------------------------------------
Microsoft Windows Malicious Software Removal Tool v5.75, August 2019 (build 5.75.16236.1)
Started On Fri Aug 30 10:51:15 2019

Engine: 1.1.16200.1
Signatures: 1.299.474.0
MpGear: 1.1.15747.1
Run Mode: Scan Run From Windows Update

Results Summary:
----------------
No infection found.
Successfully Submitted Heartbeat Report
Microsoft Windows Malicious Software Removal Tool Finished On Fri Aug 30 10:51:45 2019


Return code: 0 (0x0)

---------------------------------------------------------------------------------------
Microsoft Windows Malicious Software Removal Tool v5.75, August 2019 (build 5.75.16236.1)
Started On Wed Sep 18 05:05:59 2019

Engine: 1.1.16200.1
Signatures: 1.299.474.0
MpGear: 1.1.15747.1
Run Mode: Interactive Graphical Mode

Results Summary:
----------------
No infection found.
Successfully Submitted Heartbeat Report
Microsoft Windows Malicious Software Removal Tool Finished On Wed Sep 18 05:07:29 2019


Return code: 0 (0x0)

---------------------------------------------------------------------------------------
Microsoft Windows Malicious Software Removal Tool v5.75, August 2019 (build 5.75.16236.1)
Started On Wed Sep 18 05:08:59 2019

Engine: 1.1.16200.1
Signatures: 1.299.474.0
MpGear: 1.1.15747.1
Run Mode: Interactive Graphical Mode

Results Summary:
----------------
No infection found.
Successfully Submitted Heartbeat Report
Microsoft Windows Malicious Software Removal Tool Finished On Wed Sep 18 05:14:22 2019


Return code: 0 (0x0)
 

 

 

Fixlog.txt

Share this post


Link to post
Share on other sites
Run FRST one more time, ensure all boxes are checkmarked under "Whitelist" but only Addition.txt under "Optional scan" Select scan, when done post the new logs. "FRST.txt" and "Addition.txt"

user posted image

Share this post


Link to post
Share on other sites

the frst program when i press the fix button it suddenly stops responding 

Screenshot_2.png

Share this post


Link to post
Share on other sites

and i'm pretty sure the files are in the same place (desktop)

Share this post


Link to post
Share on other sites

Thanks for those logs, unfortunately they still show infection presence on your system.. Continue:

Download attached fixlist.txt file (end of reply) and save it to the Desktop, or the folder you saved FRST into. "Do not open that file when running FRST fix"
NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

Open FRST and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt) or the folder it was ran from. Please post it to your reply.

fix.jpg

Next,

Download Sophos Free Virus Removal Tool and save it to your desktop.

If your security alerts to this scan either accept the alert or turn off your security to allow Sophos to run and complete.....

Please Do Not use your PC whilst the scan is in progress.... This scan is very thorough so may take several hours...
 
  • Double click the icon and select Run
  • Click Next
  • Select I accept the terms in this license agreement, then click Next twice
  • Click Install
  • Click Finish to launch the program
  • Once the virus database has been updated click Start Scanning
  • If any threats are found click Details, then View log file... (bottom left hand corner)
  • Copy and paste the results in your reply
  • Close the Notepad document, close the Threat Details screen, then click Start cleanup
  • Click Exit to close the program
  • If no threats were found please confirm that result....



The Virus Removal Tool scans the following areas of your computer:
  • Memory, including system memory on 32-bit (x86) versions of Windows
  • The Windows registry
  • All local hard drives, fixed and removable
  • Mapped network drives are not scanned.



Note: If threats are found in the computer memory, the scan stops. This is because further scanning could enable the threat to spread. You will be asked to click Start Cleanup to remove the threats before continuing the scan.

Saved logs are found here: C:\ProgramData\Sophos\Sophos Virus Removal Tool\Logs

Thanks,

Kevin..

 

fixlist.txt

Share this post


Link to post
Share on other sites

Hello kevin sorry i've been a bit busy with my family these days i'll start doing what you said today and will tell you tomorrow everything

Share this post


Link to post
Share on other sites

btw the frst program is still not responding whenever i press fix the program just crash

Share this post


Link to post
Share on other sites

Due to the lack of feedback, this topic is closed to prevent others from posting here.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this topic. Other members who need assistance please start your own topic in a new thread.

Thanks

 

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.