Jump to content

Recommended Posts

Hello Everyone.

I'm hacked with multiple hacking ways. A Malware infected to my Laptop with both svchost.exe and explorer.exe infection. I have deleted this for tenth times but its still downloading or creating itself. It was a hack tool for Point Blank (Its a online fps game). I downloaded it from www.sepok-cit.com . This site has too many good reviews and i believed them. Already I Tried a few ways to delte this sh*t from my computer but none of them worked.

I TRIED:

1) Deleting its files (hidden files named as spoolsvc.exe , svchost.exe and explorer.exe)

2) Deleting it via regedit (from HKEY_LOCAL_MACHINE's windows and windows NT folders)

3) Killing it with RogueKiller

4) Deleting this with MalwareBytes

5) Deleting it with Kaspersky

6) Deleting it with Avast

But none of them worked. I Tried also disabling Windows Update from services.msc . Its deleted in each steps i wrote but its reinstalling (or recreating idk what it does) itself everytime i reboot my laptop and SHOWING IN TASK MANAGER WHEN I LAUNCH POINT BLANK (game that i want to hack). POINT BLANK LAUNCHER is TRIGGER of it. Its origin location is Windows/Resources and Windows/Resources/Windows.

PLEASE HELP ME. IM LOSING MY MIND!!!

task manager (when i start point blank and exit).png

fake svchost that keeps explorer.exe file opened.PNG

detailed task manager.PNG

Share this post


Link to post
Share on other sites

Hello, Welcome to Malwarebytes.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

I need more information.

Download the Farbar Recovery Scan Tool (FRST).
Choose the 32 or 64 bit version for your system.
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

How to attach a file:
In the Reply section in the bottom of the topic Select Click the Choose a File.
Navigate to the location of the File.
Click the file. It will appear in section.
Click the Saving button.

Please attach the logs for my review.

Wait for further instructions
====


 

Share this post


Link to post
Share on other sites

@nasdaq

Hello. Thank you very much for giving me your time.

FRST.TXT is :

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-01-2020
Ran by RVFET (administrator) on RVFET (LENOVO 80XL) (21-01-2020 21:41:48)
Running from C:\Users\Lenovo\Downloads\Programs
Loaded Profiles: RVFET (Available Profiles: RVFET)
Platform: Windows 10 Pro Version 1809 17763.973 (X64) Language: Russian (Russia)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\arcai.com\netcut_windows.exe
() [File not signed] C:\Users\Lenovo\AppData\Local\desktop.clipboard.manager\helper.exe
(Adlice -> ) C:\Program Files\RogueKiller\RogueKiller64.exe
(Adlice -> ) C:\Program Files\RogueKiller\RogueKillerSvc.exe
(Arcai.com) [File not signed] C:\Program Files (x86)\arcai.com\aips.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler64.exe
(INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.1725.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
(INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.1725.0_x64__8j3eq9eme6ctt\IGCC.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_f3a64c75ee4defb7\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_f3a64c75ee4defb7\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_38bfcb542ef4272e\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_38bfcb542ef4272e\IntelCpHeciSvc.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.19101.10711.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19101.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\NisSrv.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Tonec Inc. -> Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Tonec Inc. -> Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMMsgHost.exe
(Tonec Inc. -> Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKU\S-1-5-21-3102692137-1051397412-2829928562-1001\...\Run: [utweb] => C:\Users\Lenovo\AppData\Roaming\uTorrent Web\utweb.exe [5415128 2019-12-20] (Jenkins Win Client Build SPC -> BitTorrent Inc.) [File not signed]
HKU\S-1-5-21-3102692137-1051397412-2829928562-1001\...\Run: [com.squirrel.splice.Splice] => C:\Users\Lenovo\AppData\Local\splice\app-3.5.91\Splice.exe
HKU\S-1-5-21-3102692137-1051397412-2829928562-1001\...\Run: [Discord] => C:\Users\Lenovo\AppData\Local\Discord\app-0.0.305\Discord.exe [81780056 2019-03-07] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-3102692137-1051397412-2829928562-1001\...\Run: [Synaptics Pointing Device Driver] => C:\ProgramData\Synaptics\Synaptics.exe
HKU\S-1-5-21-3102692137-1051397412-2829928562-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [4156272 2020-01-11] (Tonec Inc. -> Tonec Inc.)
HKU\S-1-5-21-3102692137-1051397412-2829928562-1001\...\MountPoints2: {59690e13-0062-11ea-911f-9822eff9dd2e} - "E:\Autorun.exe" 
HKU\S-1-5-21-3102692137-1051397412-2829928562-1001\...\MountPoints2: {b5a475f2-fee0-11e9-911e-9822eff9dd2e} - "E:\Autorun.exe" 
HKU\S-1-5-21-3102692137-1051397412-2829928562-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [221184 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.117\Installer\chrmstp.exe [2020-01-09] (Google LLC -> Google LLC)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {02BD875A-5B61-48D1-BD10-2F0AA6F8BFEB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-10-28] (Google Inc -> Google Inc.)
Task: {1B9BD621-1D96-40A5-A666-72AAE44B5C44} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {1C22D3D0-47A9-4E0C-8DC0-F82966685FD8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-10-28] (Google Inc -> Google Inc.)
Task: {42C5313B-9007-47AE-99CB-AFE66866615A} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {430134DD-4A9F-4FB7-A710-F02E4696AB20} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506376 2018-10-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {4619B37F-5C9C-4295-9578-861099F6CD71} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2020-01-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5B0B7452-8AAC-4A73-ACCB-DC0F7EEA4310} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2020-01-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {768B2508-97D0-4006-8790-0F053A3DA2CA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2020-01-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {79FE8C20-76C4-41D6-A731-18AC5EF8BC55} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3102692137-1051397412-2829928562-1001 => C:\Users\Lenovo\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {852E6360-4ACC-40F4-9FEA-020A3B27F440} - System32\Tasks\RtHDVBg_LENOVO_DOLBYDRAGON => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506376 2018-10-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {9F5F1A68-5AAC-4020-9621-7F770615EDE2} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506376 2018-10-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {AD6BDBF5-0FC2-4322-A8F1-DC818E18F964} - System32\Tasks\R@1n-KMS\Windows100Professional => wmic path SoftwareLicensingProduct where (ID="2de67392-b7a7-462a-b1ca-108dd189f588") call Activate
Task: {BB1B3A02-1375-40FA-90AB-0715B3973B68} - System32\Tasks\Opera scheduled Autoupdate 1572704005 => C:\Users\Lenovo\AppData\Local\Programs\Opera\launcher.exe
Task: {C9E065CB-16D2-408F-998D-116B08CB3A7C} - System32\Tasks\Opera scheduled assistant Autoupdate 1573107834 => C:\Users\Lenovo\AppData\Local\Programs\Opera\launcher.exe
Task: {CF4EACBE-EFF1-4359-A8FE-4E221AC8FBAE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2020-01-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {EFB47257-74CB-4FEE-9DF2-F4C503290744} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{330c874a-834f-43ec-816c-497475b0b1a3}: [DhcpNameServer] 172.16.4.10 172.16.4.11
Tcpip\..\Interfaces\{ee1de6fe-79d2-448c-aa45-8c14ce3a0298}: [DhcpNameServer] 192.168.43.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKU\S-1-5-21-3102692137-1051397412-2829928562-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.az/
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2019-11-28] (Tonec Inc. -> Internet Download Manager, Tonec Inc.)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-11-12] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2019-11-28] (Tonec Inc. -> Internet Download Manager, Tonec Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-11-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-11-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-11-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-11-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-11-10] (Microsoft Corporation -> Microsoft Corporation)

Edge: 
======
DownloadDir: C:\Users\Lenovo\Downloads
Edge Extension: (IDM Integration Module) -> EdgeExtension_TonecIncIDMIntegrationModule_e7b5mm5d3r6v2 => C:\Program Files\WindowsApps\TonecInc.IDMIntegrationModule_6.30.6.0_neutral__e7b5mm5d3r6v2 [2020-01-18]

FireFox:
========
FF HKU\S-1-5-21-3102692137-1051397412-2829928562-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Lenovo\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\Lenovo\AppData\Roaming\IDM\idmmzcc5 [2020-01-18] [Legacy] [not signed]
FF HKU\S-1-5-21-3102692137-1051397412-2829928562-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-12-20] [Legacy]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\3.0.40818.0\npctrl.dll [2009-08-17] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)

Chrome: 
=======
CHR DefaultProfile: Default
CHR DefaultSearchURL: Default -> hxxps://wordpress.com/calypso/images/manifest/icon-144x144.png?source=pwa
CHR Notifications: Default -> hxxps://dashboard.tawk.to; hxxps://forums.malwarebytes.com; hxxps://web.whatsapp.com
CHR Profile: C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default [2020-01-21]
CHR Extension: (Google Translate) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2019-12-07]
CHR Extension: (Slides) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-10-28]
CHR Extension: (Just Black) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aghfnjkcakhmadgdomlmlhhaocbkloab [2019-12-04]
CHR Extension: (Docs) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-10-28]
CHR Extension: (Google Drive) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-10-28]
CHR Extension: (MEGA) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2020-01-17]
CHR Extension: (YouTube) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-10-28]
CHR Extension: (Improve YouTube! (Open-Source for YouTube)) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnomihfieiccainjcjblhegjgglakjdd [2020-01-09]
CHR Extension: (Stylus) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\clngdbkpkpeebahjckkjfobafhncgmne [2019-12-08]
CHR Extension: (Tampermonkey) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2019-12-01]
CHR Extension: (AHA Music - Music Identifier) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpacanjfikmhoddligfbehkpomnbgblf [2019-12-01]
CHR Extension: (Copyfish 🐟 Free OCR Software) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\eenjdnjldapjajjofmldgmkjaienebbj [2019-12-28]
CHR Extension: (Sheets) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-10-28]
CHR Extension: (Nano Adblocker) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gabbbocakeomblphkmmnoamkioajlkfo [2020-01-03]
CHR Extension: (Nano Defender) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggolfgbegefeeoocgjbmkembbncoadlb [2020-01-14]
CHR Extension: (Google Docs Offline) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-16]
CHR Extension: (Hola Free VPN Proxy Unblocker) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2020-01-19]
CHR Extension: (WordPress.com) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jngpdldinpkemppfmelfbicfhdgemjca [2019-11-02]
CHR Extension: (Direct Message for Instagram™) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdpgppkombninhkfhaggckdmencplhmg [2019-12-17]
CHR Extension: (IDM Integration Module) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2020-01-18]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-28]
CHR Extension: (Gmail) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-10-28]
CHR Extension: (Chrome Media Router) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-15]
CHR Extension: (Clipboard History Manager) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkigjgihlaonoomgjgannieikjecdhil [2019-12-26]
CHR Extension: (Chrome Update) - C:\Users\Lenovo\Desktop\Coding\ChromeVirus [2019-12-16]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2020-01-11]
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2020-01-11]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AIPS; C:\Program Files (x86)\arcai.com\aips.exe [2677760 2018-05-11] (Arcai.com) [File not signed]
R2 AtherosSvc; C:\Windows\System32\drivers\AdminService.exe [406504 2018-07-29] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6960640 2020-01-17] (Malwarebytes Inc -> Malwarebytes)
S2 MEmuSVC; C:\Program Files (x86)\Microvirt\MEmu\MemuService.exe [85304 2019-07-02] (Shanghai Microvirt Software Technology Co., Ltd. -> )
R2 QcomWlanSrv; C:\Windows\System32\drivers\QcomWlanSrvx64.exe [190808 2018-07-29] (Qualcomm Atheros -> Qualcomm Technologies Inc.)
R2 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [16576568 2020-01-06] (Adlice -> )
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [268336 2018-10-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5378320 2019-11-24] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [694016 2019-10-10] (Oracle Corporation -> Oracle Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2020-01-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2020-01-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [218288 2020-01-17] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [20936 2020-01-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248968 2020-01-17] (Malwarebytes Inc -> Malwarebytes)
R1 MEmuDrv; C:\Windows\system32\DRIVERS\MEmuDrv.sys [319192 2019-09-21] (Shanghai Microvirt Software Technology Co., Ltd. -> Maiwei Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvlt.inf_amd64_a061a5d566db3269\nvlddmkm.sys [17038280 2018-03-16] (NVIDIA Corporation -> NVIDIA Corporation)
R3 Qcamain10x64; C:\Windows\System32\drivers\Qcamain10x64.sys [2355544 2018-07-29] (Qualcomm Atheros -> Qualcomm Atheros, Inc.)
U3 RkFlt; C:\Windows\System32\drivers\rkflt.sys [40288 2020-01-20] (Adlice -> Windows (R) Win 7 DDK provider)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [605696 2018-09-15] (Microsoft Windows -> Realtek )
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [3236320 2017-11-07] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
S3 tap0901; C:\Windows\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
U3 TrueSight; C:\Windows\System32\drivers\truesight.sys [28272 2020-01-20] (Adlice -> )
R3 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [237376 2019-10-11] (Oracle Corporation -> Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [248464 2019-10-11] (Oracle Corporation -> Oracle Corporation)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [45664 2020-01-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [355760 2020-01-14] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [54192 2020-01-14] (Microsoft Windows -> Microsoft Corporation)
S1 ghfyxhnd; \??\C:\Windows\system32\drivers\ghfyxhnd.sys [X]
S3 massfilter; system32\drivers\massfilter.sys [X]
S3 ZTEusbmdm6k; \SystemRoot\system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; \SystemRoot\system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; \SystemRoot\system32\DRIVERS\ZTEusbser6k.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-01-21 21:40 - 2020-01-21 21:42 - 000000000 ____D C:\FRST
2020-01-21 21:30 - 2020-01-21 21:30 - 000000000 ____D C:\Users\Lenovo\Desktop\Resources
2020-01-21 21:14 - 2020-01-21 21:14 - 000000000 ____D C:\Users\Lenovo\Downloads\Compressed
2020-01-21 20:37 - 2020-01-21 20:37 - 000085367 _____ C:\Users\Lenovo\Desktop\best trap that i made backup.flp
2020-01-21 20:36 - 2020-01-21 21:03 - 000086069 _____ C:\Users\Lenovo\Desktop\best trap that i made.flp
2020-01-20 21:44 - 2020-01-20 21:44 - 000040288 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\rkflt.sys
2020-01-20 16:09 - 2020-01-20 21:44 - 000028272 _____ C:\Windows\system32\Drivers\truesight.sys
2020-01-19 23:58 - 2020-01-19 23:58 - 056052151 _____ C:\Users\Lenovo\Desktop\Point Blank 2019-12-26.mkv
2020-01-18 14:04 - 2020-01-21 21:14 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\IDM
2020-01-18 14:04 - 2020-01-19 12:10 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\DMCache
2020-01-18 14:04 - 2020-01-18 14:04 - 000000000 ____D C:\Users\Все пользователи\IDM
2020-01-18 14:04 - 2020-01-18 14:04 - 000000000 ____D C:\ProgramData\IDM
2020-01-18 14:03 - 2020-01-20 16:28 - 000000000 ____D C:\Users\Все пользователи\RogueKiller
2020-01-18 14:03 - 2020-01-20 16:28 - 000000000 ____D C:\ProgramData\RogueKiller
2020-01-18 14:03 - 2020-01-18 14:03 - 000000899 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2020-01-18 14:03 - 2020-01-18 14:03 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2020-01-18 14:03 - 2020-01-18 14:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2020-01-18 14:02 - 2020-01-18 14:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2020-01-18 14:02 - 2020-01-18 14:03 - 000000000 ____D C:\Program Files\RogueKiller
2020-01-18 12:12 - 2020-01-19 23:58 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\avidemux
2020-01-18 12:12 - 2020-01-18 12:12 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avidemux 2.7 VC++ 64bits
2020-01-18 12:12 - 2020-01-18 12:12 - 000000000 ____D C:\Users\Lenovo\AppData\Local\avidemux
2020-01-18 12:12 - 2020-01-18 12:12 - 000000000 ____D C:\Program Files\Avidemux 2.7 VC++ 64bits
2020-01-17 21:13 - 2020-01-17 21:13 - 000248968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2020-01-17 21:13 - 2020-01-17 21:13 - 000218288 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2020-01-17 17:28 - 2020-01-17 17:28 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-01-17 17:28 - 2020-01-17 17:28 - 000000000 ____D C:\Users\Lenovo\AppData\Local\mbamtray
2020-01-17 17:28 - 2020-01-17 17:28 - 000000000 ____D C:\Users\Lenovo\AppData\Local\mbam
2020-01-17 17:28 - 2020-01-17 17:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2020-01-17 17:28 - 2020-01-17 17:27 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2020-01-17 17:28 - 2020-01-17 17:27 - 000020936 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2020-01-17 17:27 - 2020-01-17 17:27 - 000000000 ____D C:\Users\Все пользователи\Malwarebytes
2020-01-17 17:27 - 2020-01-17 17:27 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-01-17 17:22 - 2020-01-17 17:22 - 000000000 ____D C:\Program Files\Malwarebytes
2020-01-17 17:12 - 2020-01-17 17:12 - 000000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job
2020-01-17 17:11 - 2020-01-17 17:13 - 000241828 _____ C:\Windows\ntbtlog.txt
2020-01-17 16:45 - 2019-12-10 13:37 - 000012800 _____ C:\Windows\SysWOW64\xxxxx.dll
2020-01-17 16:28 - 2020-01-17 16:28 - 000000000 __SHD C:\Users\Lenovo\AppData\Roaming\WinSl
2020-01-17 16:27 - 2020-01-17 17:54 - 000000000 __SHD C:\Users\Все пользователи\Synaptics
2020-01-17 16:27 - 2020-01-17 17:54 - 000000000 __SHD C:\ProgramData\Synaptics
2020-01-15 18:15 - 2020-01-15 18:15 - 000360798 _____ C:\Users\Lenovo\Documents\History of Az. Tests-500.pdf
2020-01-15 17:39 - 2020-01-15 17:39 - 009668408 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2020-01-15 17:39 - 2020-01-15 17:39 - 008905728 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2020-01-15 17:39 - 2020-01-15 17:39 - 007922688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2020-01-15 17:39 - 2020-01-15 17:39 - 006543736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-01-15 17:39 - 2020-01-15 17:39 - 005436696 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2020-01-15 17:39 - 2020-01-15 17:39 - 004588544 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2020-01-15 17:39 - 2020-01-15 17:39 - 002469440 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2020-01-15 17:39 - 2020-01-15 17:39 - 002323896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2020-01-15 17:39 - 2020-01-15 17:39 - 001721144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll
2020-01-15 17:39 - 2020-01-15 17:39 - 001708544 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2020-01-15 17:39 - 2020-01-15 17:39 - 001701888 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2020-01-15 17:39 - 2020-01-15 17:39 - 001677088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2020-01-15 17:39 - 2020-01-15 17:39 - 001665712 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2020-01-15 17:39 - 2020-01-15 17:39 - 001484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2020-01-15 17:39 - 2020-01-15 17:39 - 001200920 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2020-01-15 17:39 - 2020-01-15 17:39 - 000949248 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2020-01-15 17:39 - 2020-01-15 17:39 - 000878080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2020-01-15 17:39 - 2020-01-15 17:39 - 000842752 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2020-01-15 17:39 - 2020-01-15 17:39 - 000817152 _____ (Microsoft Corporation) C:\Windows\system32\MdmDiagnostics.dll
2020-01-15 17:39 - 2020-01-15 17:39 - 000687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2020-01-15 17:39 - 2020-01-15 17:39 - 000673792 _____ (Microsoft Corporation) C:\Windows\system32\wiaaut.dll
2020-01-15 17:39 - 2020-01-15 17:39 - 000663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2020-01-15 17:39 - 2020-01-15 17:39 - 000651776 _____ (Microsoft Corporation) C:\Windows\system32\wiaservc.dll
2020-01-15 17:39 - 2020-01-15 17:39 - 000578560 _____ (Microsoft Corporation) C:\Windows\system32\SppExtComObj.Exe
2020-01-15 17:39 - 2020-01-15 17:39 - 000572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wiaaut.dll
2020-01-15 17:39 - 2020-01-15 17:39 - 000541264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2020-01-15 17:39 - 2020-01-15 17:39 - 000410616 _____ (Microsoft Corporation) C:\Windows\system32\tsmf.dll
2020-01-15 17:39 - 2020-01-15 17:39 - 000350416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsmf.dll
2020-01-15 17:39 - 2020-01-15 17:39 - 000326144 _____ (Microsoft Corporation) C:\Windows\system32\DiagnosticLogCSP.dll
2020-01-15 17:39 - 2020-01-15 17:39 - 000322048 _____ (Microsoft Corporation) C:\Windows\system32\sti.dll
2020-01-15 17:39 - 2020-01-15 17:39 - 000315904 _____ (Microsoft Corporation) C:\Windows\system32\ConhostV1.dll
2020-01-15 17:39 - 2020-01-15 17:39 - 000228864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sti.dll
2020-01-15 17:39 - 2020-01-15 17:39 - 000189440 _____ (Microsoft Corporation) C:\Windows\system32\sti_ci.dll
2020-01-15 17:39 - 2020-01-15 17:39 - 000154976 _____ (Microsoft Corporation) C:\Windows\system32\dmcmnutils.dll
2020-01-15 17:39 - 2020-01-15 17:39 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\MDMAppInstaller.exe
2020-01-15 17:39 - 2020-01-15 17:39 - 000145920 _____ (Microsoft Corporation) C:\Windows\system32\wiadss.dll
2020-01-15 17:39 - 2020-01-15 17:39 - 000124416 _____ (Microsoft Corporation) C:\Windows\system32\cryptcatsvc.dll
2020-01-15 17:39 - 2020-01-15 17:39 - 000122568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmcmnutils.dll
2020-01-15 17:39 - 2020-01-15 17:39 - 000119808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wiadss.dll
2020-01-15 17:39 - 2020-01-15 17:39 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\enterpriseresourcemanager.dll
2020-01-15 17:39 - 2020-01-15 17:39 - 000083968 _____ (Microsoft Corporation) C:\Windows\system32\wiarpc.dll
2020-01-15 17:39 - 2020-01-15 17:39 - 000066560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\enterpriseresourcemanager.dll
2020-01-15 17:39 - 2020-01-15 17:39 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\LSCSHostPolicy.dll
2020-01-15 17:39 - 2020-01-15 17:39 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2020-01-15 17:38 - 2020-01-15 17:38 - 007645392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2020-01-15 17:38 - 2020-01-15 17:38 - 003637248 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2020-01-15 17:38 - 2020-01-15 17:38 - 002707968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2020-01-15 17:38 - 2020-01-15 17:38 - 002419712 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2020-01-15 17:38 - 2020-01-15 17:38 - 002149160 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2020-01-15 17:38 - 2020-01-15 17:38 - 001936520 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2020-01-15 17:38 - 2020-01-15 17:38 - 001670800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2020-01-15 17:38 - 2020-01-15 17:38 - 001258296 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2020-01-15 17:38 - 2020-01-15 17:38 - 001084416 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2020-01-15 17:38 - 2020-01-15 17:38 - 001050624 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2020-01-15 17:38 - 2020-01-15 17:38 - 001049400 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2020-01-15 17:38 - 2020-01-15 17:38 - 000930816 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2020-01-15 17:38 - 2020-01-15 17:38 - 000839680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2020-01-15 17:38 - 2020-01-15 17:38 - 000677144 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2020-01-15 17:38 - 2020-01-15 17:38 - 000405304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2020-01-15 17:38 - 2020-01-15 17:38 - 000378368 _____ (Microsoft Corporation) C:\Windows\system32\provengine.dll
2020-01-15 17:38 - 2020-01-15 17:38 - 000289792 _____ (Microsoft Corporation) C:\Windows\system32\provops.dll
2020-01-15 17:38 - 2020-01-15 17:38 - 000228864 _____ (Microsoft Corporation) C:\Windows\system32\provisioningcsp.dll
2020-01-15 17:38 - 2020-01-15 17:38 - 000145920 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2020-01-15 17:38 - 2020-01-15 17:38 - 000132608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tsusbhub.sys
2020-01-15 17:38 - 2020-01-15 17:38 - 000083456 _____ (Microsoft Corporation) C:\Windows\system32\provtool.exe
2020-01-15 17:38 - 2020-01-15 17:38 - 000073728 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2020-01-15 17:38 - 2020-01-15 17:38 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin
2020-01-15 17:38 - 2020-01-15 17:38 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin
2020-01-15 17:38 - 2020-01-15 17:38 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin
2020-01-15 17:38 - 2020-01-15 17:38 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin
2020-01-15 17:38 - 2020-01-15 17:38 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin
2020-01-15 17:38 - 2020-01-15 17:38 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin
2020-01-15 17:38 - 2020-01-15 17:38 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin
2020-01-15 17:38 - 2020-01-15 17:38 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin
2020-01-13 01:16 - 2020-01-20 17:53 - 000001729 _____ C:\Users\Lenovo\Desktop\TAM.lnk
2020-01-13 01:15 - 2020-01-13 01:15 - 000001154 _____ C:\Users\Lenovo\Desktop\Beyond Limits.lnk
2020-01-13 00:46 - 2020-01-13 00:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
2020-01-13 00:46 - 2020-01-13 00:46 - 000000000 ____D C:\Program Files\Recuva
2020-01-12 23:38 - 2020-01-12 23:38 - 000289792 _____ C:\Users\Lenovo\Documents\AgPerfMon.dll
2020-01-11 21:16 - 2018-12-20 15:05 - 000229296 _____ (Tonec Inc.) C:\Windows\system32\Drivers\idmwfp.sys
2020-01-11 14:44 - 2020-01-11 14:44 - 000000265 _____ C:\Users\Все пользователи\SoundToys_Problem_Log.txt
2020-01-11 14:44 - 2020-01-11 14:44 - 000000265 _____ C:\ProgramData\SoundToys_Problem_Log.txt
2020-01-10 03:35 - 2020-01-10 03:35 - 000000000 ____D C:\Zepetto
2020-01-09 16:27 - 2020-01-20 21:44 - 000002242 _____ C:\Users\Lenovo\Desktop\Discord.lnk
2020-01-09 16:27 - 2020-01-20 18:23 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Discord
2020-01-09 16:27 - 2020-01-09 16:27 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2020-01-09 16:26 - 2020-01-09 16:27 - 000000000 ____D C:\Users\Lenovo\AppData\Local\Discord
2020-01-09 00:00 - 2010-06-02 04:55 - 000527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2020-01-09 00:00 - 2010-06-02 04:55 - 000518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2020-01-09 00:00 - 2010-06-02 04:55 - 000239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2020-01-09 00:00 - 2010-06-02 04:55 - 000176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2020-01-09 00:00 - 2010-06-02 04:55 - 000077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2020-01-09 00:00 - 2010-06-02 04:55 - 000074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2020-01-09 00:00 - 2010-05-26 11:41 - 002526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2020-01-09 00:00 - 2010-05-26 11:41 - 002401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2020-01-09 00:00 - 2010-05-26 11:41 - 002106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2020-01-09 00:00 - 2010-05-26 11:41 - 001998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2020-01-09 00:00 - 2010-05-26 11:41 - 001907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2020-01-09 00:00 - 2010-05-26 11:41 - 001868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2020-01-09 00:00 - 2010-05-26 11:41 - 000511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2020-01-09 00:00 - 2010-05-26 11:41 - 000470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2020-01-09 00:00 - 2010-05-26 11:41 - 000276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2020-01-09 00:00 - 2010-05-26 11:41 - 000248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2020-01-09 00:00 - 2010-02-04 10:01 - 000530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2020-01-09 00:00 - 2010-02-04 10:01 - 000528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2020-01-09 00:00 - 2010-02-04 10:01 - 000238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2020-01-09 00:00 - 2010-02-04 10:01 - 000176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2020-01-09 00:00 - 2010-02-04 10:01 - 000078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2020-01-09 00:00 - 2010-02-04 10:01 - 000074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2020-01-09 00:00 - 2010-02-04 10:01 - 000024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2020-01-09 00:00 - 2010-02-04 10:01 - 000022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2020-01-09 00:00 - 2009-09-04 17:44 - 000517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2020-01-09 00:00 - 2009-09-04 17:44 - 000515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2020-01-09 00:00 - 2009-09-04 17:44 - 000238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2020-01-09 00:00 - 2009-09-04 17:44 - 000176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2020-01-09 00:00 - 2009-09-04 17:44 - 000073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2020-01-09 00:00 - 2009-09-04 17:44 - 000069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2020-01-09 00:00 - 2009-09-04 17:29 - 005554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2020-01-09 00:00 - 2009-09-04 17:29 - 005501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2020-01-09 00:00 - 2009-09-04 17:29 - 002582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2020-01-09 00:00 - 2009-09-04 17:29 - 002475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2020-01-09 00:00 - 2009-09-04 17:29 - 001974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2020-01-09 00:00 - 2009-09-04 17:29 - 001892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2020-01-09 00:00 - 2009-09-04 17:29 - 000523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2020-01-09 00:00 - 2009-09-04 17:29 - 000453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2020-01-09 00:00 - 2009-09-04 17:29 - 000285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2020-01-09 00:00 - 2009-09-04 17:29 - 000235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2020-01-09 00:00 - 2009-03-16 14:18 - 000521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2020-01-09 00:00 - 2009-03-16 14:18 - 000517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2020-01-09 00:00 - 2009-03-16 14:18 - 000235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2020-01-09 00:00 - 2009-03-16 14:18 - 000174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2020-01-09 00:00 - 2009-03-16 14:18 - 000024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2020-01-09 00:00 - 2009-03-16 14:18 - 000022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2020-01-09 00:00 - 2009-03-09 15:27 - 005425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2020-01-09 00:00 - 2009-03-09 15:27 - 004178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2020-01-09 00:00 - 2009-03-09 15:27 - 002430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2020-01-09 00:00 - 2009-03-09 15:27 - 001846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2020-01-09 00:00 - 2009-03-09 15:27 - 000520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2020-01-09 00:00 - 2009-03-09 15:27 - 000453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2020-01-09 00:00 - 2008-10-27 10:04 - 000518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2020-01-09 00:00 - 2008-10-27 10:04 - 000514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2020-01-09 00:00 - 2008-10-27 10:04 - 000235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2020-01-09 00:00 - 2008-10-27 10:04 - 000175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2020-01-09 00:00 - 2008-10-27 10:04 - 000074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2020-01-09 00:00 - 2008-10-27 10:04 - 000070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2020-01-09 00:00 - 2008-10-27 10:04 - 000025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2020-01-09 00:00 - 2008-10-27 10:04 - 000023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2020-01-09 00:00 - 2008-10-10 04:52 - 005631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2020-01-09 00:00 - 2008-10-10 04:52 - 004379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2020-01-09 00:00 - 2008-10-10 04:52 - 002605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2020-01-09 00:00 - 2008-10-10 04:52 - 002036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2020-01-09 00:00 - 2008-10-10 04:52 - 000519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2020-01-09 00:00 - 2008-10-10 04:52 - 000452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2020-01-09 00:00 - 2008-07-31 10:41 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2020-01-09 00:00 - 2008-07-31 10:41 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2020-01-09 00:00 - 2008-07-31 10:41 - 000072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2020-01-09 00:00 - 2008-07-31 10:41 - 000068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2020-01-09 00:00 - 2008-07-31 10:40 - 000513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2020-01-09 00:00 - 2008-07-31 10:40 - 000509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2020-01-09 00:00 - 2008-07-10 11:01 - 000467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2020-01-09 00:00 - 2008-07-10 11:00 - 004992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2020-01-09 00:00 - 2008-07-10 11:00 - 003851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2020-01-09 00:00 - 2008-07-10 11:00 - 001942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2020-01-09 00:00 - 2008-07-10 11:00 - 001493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2020-01-09 00:00 - 2008-07-10 11:00 - 000540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2020-01-09 00:00 - 2008-05-30 14:19 - 000511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2020-01-09 00:00 - 2008-05-30 14:19 - 000507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2020-01-09 00:00 - 2008-05-30 14:18 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2020-01-09 00:00 - 2008-05-30 14:18 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2020-01-09 00:00 - 2008-05-30 14:17 - 000068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2020-01-09 00:00 - 2008-05-30 14:17 - 000065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2020-01-09 00:00 - 2008-05-30 14:17 - 000025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2020-01-09 00:00 - 2008-05-30 14:16 - 000028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2020-01-09 00:00 - 2008-05-30 14:11 - 004991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2020-01-09 00:00 - 2008-05-30 14:11 - 003850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2020-01-09 00:00 - 2008-05-30 14:11 - 001941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2020-01-09 00:00 - 2008-05-30 14:11 - 001491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2020-01-09 00:00 - 2008-05-30 14:11 - 000540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2020-01-09 00:00 - 2008-05-30 14:11 - 000467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2020-01-09 00:00 - 2008-03-05 16:04 - 000489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2020-01-09 00:00 - 2008-03-05 16:03 - 000479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2020-01-09 00:00 - 2008-03-05 16:03 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2020-01-09 00:00 - 2008-03-05 16:03 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2020-01-09 00:00 - 2008-03-05 16:00 - 000028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2020-01-09 00:00 - 2008-03-05 16:00 - 000025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2020-01-09 00:00 - 2008-03-05 15:56 - 004910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2020-01-09 00:00 - 2008-03-05 15:56 - 003786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2020-01-09 00:00 - 2008-03-05 15:56 - 001860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2020-01-09 00:00 - 2008-03-05 15:56 - 001420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2020-01-09 00:00 - 2008-02-05 23:07 - 000529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2020-01-09 00:00 - 2008-02-05 23:07 - 000462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2020-01-09 00:00 - 2007-10-22 03:40 - 000411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2020-01-09 00:00 - 2007-10-22 03:39 - 000267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2020-01-09 00:00 - 2007-10-22 03:37 - 000021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2020-01-09 00:00 - 2007-10-22 03:37 - 000017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2020-01-09 00:00 - 2007-10-12 15:14 - 005081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2020-01-09 00:00 - 2007-10-12 15:14 - 003734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2020-01-09 00:00 - 2007-10-12 15:14 - 002006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2020-01-09 00:00 - 2007-10-12 15:14 - 001374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2020-01-09 00:00 - 2007-10-02 09:56 - 000508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2020-01-09 00:00 - 2007-10-02 09:56 - 000444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2020-01-09 00:00 - 2007-07-20 00:57 - 000411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2020-01-09 00:00 - 2007-07-20 00:57 - 000267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2020-01-09 00:00 - 2007-07-19 18:14 - 005073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2020-01-09 00:00 - 2007-07-19 18:14 - 003727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2020-01-09 00:00 - 2007-07-19 18:14 - 001985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2020-01-09 00:00 - 2007-07-19 18:14 - 001358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2020-01-09 00:00 - 2007-07-19 18:14 - 000508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2020-01-09 00:00 - 2007-07-19 18:14 - 000444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2020-01-09 00:00 - 2007-06-20 20:49 - 000409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2020-01-09 00:00 - 2007-06-20 20:46 - 000266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2020-01-09 00:00 - 2007-05-16 16:45 - 004496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2020-01-09 00:00 - 2007-05-16 16:45 - 003497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2020-01-09 00:00 - 2007-05-16 16:45 - 001401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2020-01-09 00:00 - 2007-05-16 16:45 - 001124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2020-01-09 00:00 - 2007-05-16 16:45 - 000506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2020-01-09 00:00 - 2007-05-16 16:45 - 000443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2020-01-09 00:00 - 2007-04-04 18:55 - 000403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2020-01-09 00:00 - 2007-04-04 18:55 - 000261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2020-01-09 00:00 - 2007-04-04 18:54 - 000107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2020-01-09 00:00 - 2007-04-04 18:53 - 000081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2020-01-09 00:00 - 2007-03-15 16:57 - 000506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2020-01-09 00:00 - 2007-03-15 16:57 - 000443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2020-01-09 00:00 - 2007-03-12 16:42 - 004494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2020-01-09 00:00 - 2007-03-12 16:42 - 003495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2020-01-09 00:00 - 2007-03-12 16:42 - 001400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2020-01-09 00:00 - 2007-03-12 16:42 - 001123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2020-01-09 00:00 - 2007-03-05 12:42 - 000017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2020-01-09 00:00 - 2007-03-05 12:42 - 000015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2020-01-09 00:00 - 2007-01-24 15:27 - 000393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2020-01-09 00:00 - 2007-01-24 15:27 - 000255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2020-01-09 00:00 - 2006-12-08 12:02 - 000251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2020-01-09 00:00 - 2006-12-08 12:00 - 000390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2020-01-09 00:00 - 2006-11-29 13:06 - 004398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2020-01-09 00:00 - 2006-11-29 13:06 - 003426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2020-01-09 00:00 - 2006-11-29 13:06 - 000469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2020-01-09 00:00 - 2006-11-29 13:06 - 000440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2020-01-09 00:00 - 2006-09-28 16:05 - 003977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2020-01-09 00:00 - 2006-09-28 16:05 - 002414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2020-01-09 00:00 - 2006-09-28 16:05 - 000237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2020-01-09 00:00 - 2006-09-28 16:04 - 000364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2020-01-09 00:00 - 2006-07-28 09:31 - 000083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2020-01-09 00:00 - 2006-07-28 09:30 - 000363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2020-01-09 00:00 - 2006-07-28 09:30 - 000236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2020-01-09 00:00 - 2006-07-28 09:30 - 000062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2020-01-08 23:59 - 2006-05-31 07:24 - 000230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2020-01-08 23:59 - 2006-05-31 07:22 - 000354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2020-01-08 23:59 - 2006-03-31 12:41 - 003927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2020-01-08 23:59 - 2006-03-31 12:40 - 002388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2020-01-08 23:59 - 2006-03-31 12:40 - 000352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2020-01-08 23:59 - 2006-03-31 12:39 - 000229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2020-01-08 23:59 - 2006-03-31 12:39 - 000083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2020-01-08 23:59 - 2006-03-31 12:39 - 000062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2020-01-08 23:59 - 2006-02-03 08:43 - 003830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2020-01-08 23:59 - 2006-02-03 08:43 - 002332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2020-01-08 23:59 - 2006-02-03 08:42 - 000355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2020-01-08 23:59 - 2006-02-03 08:42 - 000230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2020-01-08 23:59 - 2006-02-03 08:41 - 000016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2020-01-08 23:59 - 2006-02-03 08:41 - 000014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2020-01-08 23:59 - 2005-12-05 18:09 - 003815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2020-01-08 23:59 - 2005-12-05 18:09 - 002323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2020-01-08 23:59 - 2005-07-22 19:59 - 003807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2020-01-08 23:59 - 2005-07-22 19:59 - 002319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2020-01-08 23:59 - 2005-05-26 15:34 - 003767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2020-01-08 23:59 - 2005-05-26 15:34 - 002297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2020-01-08 23:59 - 2005-03-18 17:19 - 003823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2020-01-08 23:59 - 2005-03-18 17:19 - 002337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2020-01-08 23:59 - 2005-02-05 19:45 - 003544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2020-01-08 23:59 - 2005-02-05 19:45 - 002222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2020-01-08 23:43 - 2020-01-09 00:00 - 000000000 ____D C:\Windows\SysWOW64\directx
2020-01-08 23:43 - 2020-01-08 23:59 - 000000000 ___HD C:\Windows\msdownld.tmp
2020-01-06 19:56 - 2020-01-06 20:08 - 000000000 ____D C:\Program Files (x86)\Airy Team
2020-01-06 19:56 - 2020-01-06 19:56 - 000000000 ____D C:\Users\Все пользователи\AutoUpdate
2020-01-06 19:56 - 2020-01-06 19:56 - 000000000 ____D C:\Users\Все пользователи\Airy Team
2020-01-06 19:56 - 2020-01-06 19:56 - 000000000 ____D C:\ProgramData\AutoUpdate
2020-01-06 19:56 - 2020-01-06 19:56 - 000000000 ____D C:\ProgramData\Airy Team
2020-01-06 18:45 - 2020-01-06 18:45 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\iZotope
2020-01-06 18:35 - 2020-01-06 18:44 - 000000000 ____D C:\Users\Lenovo\Documents\iZotope
2020-01-06 18:35 - 2020-01-06 18:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iZotope
2020-01-06 18:33 - 2020-01-06 18:35 - 000000000 ____D C:\Program Files (x86)\iZotope
2020-01-06 18:09 - 2020-01-06 18:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\SoundToys
2020-01-06 18:09 - 2020-01-06 18:09 - 000000000 ____D C:\Program Files (x86)\Soundtoys
2020-01-06 18:08 - 2020-01-06 18:08 - 000000000 ____D C:\Users\Все пользователи\AudioUTOPiA
2020-01-06 18:08 - 2020-01-06 18:08 - 000000000 ____D C:\Users\Public\Documents\Soundtoys
2020-01-06 18:08 - 2020-01-06 18:08 - 000000000 ____D C:\ProgramData\AudioUTOPiA
2020-01-05 11:36 - 2020-01-14 23:17 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\obs-studio
2020-01-05 11:24 - 2020-01-05 11:24 - 000001052 _____ C:\Users\Public\Desktop\OBS Studio.lnk
2020-01-05 11:24 - 2020-01-05 11:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
2020-01-05 11:24 - 2020-01-05 11:24 - 000000000 ____D C:\Program Files\obs-studio
2020-01-05 00:32 - 2020-01-05 11:18 - 000000000 ____D C:\Users\Lenovo\Documents\Splice
2020-01-05 00:30 - 2020-01-05 20:12 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Splice
2020-01-05 00:30 - 2020-01-05 00:30 - 000000000 ____D C:\Users\Lenovo\AppData\Local\IsolatedStorage
2020-01-05 00:29 - 2020-01-05 20:12 - 000000000 ____D C:\Users\Lenovo\AppData\Local\splice
2020-01-05 00:29 - 2020-01-05 20:09 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Splice
2020-01-05 00:29 - 2020-01-05 20:09 - 000000000 ____D C:\Users\Lenovo\AppData\Local\SpliceSettings
2019-12-27 16:42 - 2020-01-18 14:04 - 000000000 ____D C:\Program Files (x86)\Internet Download Manager
2019-12-26 18:54 - 2019-12-26 18:55 - 006111966 _____ C:\Users\Lenovo\Downloads\looperman-l-3429373-0195450-icy-guitar.wav
2019-12-26 18:50 - 2019-12-26 18:51 - 004287366 _____ C:\Users\Lenovo\Downloads\looperman-l-2061580-0197187-franklins.wav
2019-12-26 15:38 - 2019-12-26 16:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sylenth1
2019-12-26 15:38 - 2019-12-26 15:38 - 000000000 ____D C:\Program Files\LennarDigital
2019-12-26 14:27 - 2019-12-26 14:27 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2019-12-26 14:26 - 2019-12-28 20:30 - 000000000 ____D C:\Users\Lenovo\Documents\Visual Studio 2010
2019-12-26 14:24 - 2020-01-17 15:26 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 10.0
2019-12-26 14:24 - 2019-12-26 14:24 - 000000000 ____D C:\Program Files\Microsoft Help Viewer
2019-12-26 14:13 - 2019-12-26 14:13 - 000000000 ____D C:\Users\Lenovo\AppData\Local\desktop.clipboard.manager
2019-12-26 12:14 - 2019-12-26 12:14 - 000000000 ____D C:\Users\Lenovo\AppData\Local\PointBlank
2019-12-26 12:04 - 2019-12-26 12:04 - 000000000 ____D C:\Program Files (x86)\BandiMPEG1
2019-12-26 00:05 - 2020-01-10 11:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Point Blank
2019-12-25 23:58 - 2019-12-25 23:58 - 000000000 ____D C:\Program Files (x86)\TAM Game
2019-12-25 21:47 - 2019-12-27 13:00 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\uTorrent Web
2019-12-25 21:47 - 2019-12-27 12:59 - 000001870 _____ C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent Web.lnk
2019-12-25 21:46 - 2019-12-27 12:59 - 000000000 ____D C:\Users\Lenovo\AppData\Local\BitTorrentHelper
2019-12-24 21:19 - 2019-12-24 21:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinHTTrack
2019-12-24 21:19 - 2019-12-24 21:19 - 000000000 ____D C:\Program Files\WinHTTrack
2019-12-23 09:49 - 2019-12-23 09:49 - 000000000 ____D C:\Users\Все пользователи\SystemAcCrux
2019-12-23 09:49 - 2019-12-23 09:49 - 000000000 ____D C:\ProgramData\SystemAcCrux
2019-12-23 09:48 - 2019-12-23 09:48 - 000000000 ____D C:\Program Files\EaseUS

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-01-21 21:39 - 2018-09-15 11:33 - 000000000 ____D C:\Users\Все пользователи\regid.1991-06.com.microsoft
2020-01-21 21:39 - 2018-09-15 11:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-01-21 20:24 - 2019-10-31 15:40 - 000004170 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{2A0C710C-CCE4-4B7E-8B2F-9F4443421356}
2020-01-21 20:13 - 2019-10-28 14:50 - 000000000 ____D C:\Windows\system32\SleepStudy
2020-01-21 12:37 - 2018-09-15 11:33 - 000000000 ____D C:\Windows\system32\NDF
2020-01-21 03:58 - 2019-10-28 11:15 - 000000000 ____D C:\Users\Все пользователи\NVIDIA
2020-01-21 03:58 - 2019-10-28 11:15 - 000000000 ____D C:\ProgramData\NVIDIA
2020-01-20 21:43 - 2019-10-28 19:50 - 000000000 ___RD C:\Users\Lenovo\Desktop\TRVP
2020-01-20 21:31 - 2018-09-15 11:33 - 000000000 ____D C:\Windows\Resources
2020-01-20 20:07 - 2019-11-04 12:53 - 000000000 ____D C:\Users\Lenovo\AppData\Local\CrashDumps
2020-01-20 00:19 - 2019-10-28 11:12 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\AIMP
2020-01-19 00:22 - 2019-10-28 15:26 - 000000000 ____D C:\Users\Lenovo\AppData\Local\D3DSCache
2020-01-18 21:10 - 2019-10-28 11:06 - 000000000 ____D C:\Users\Lenovo\AppData\Local\PlaceholderTileLogoFolder
2020-01-18 20:44 - 2018-09-15 11:33 - 000000000 ___HD C:\Program Files\WindowsApps
2020-01-18 20:44 - 2018-09-15 11:33 - 000000000 ____D C:\Windows\AppReadiness
2020-01-18 14:37 - 2019-10-28 19:27 - 000000000 ____D C:\Users\Lenovo\Desktop\Toolz
2020-01-18 14:07 - 2019-10-28 11:03 - 000000000 ____D C:\Users\Lenovo\AppData\Local\Packages
2020-01-17 21:19 - 2019-11-24 23:02 - 000000000 ____D C:\Users\Lenovo\Desktop\FL Studio 12
2020-01-17 21:19 - 2018-09-15 11:23 - 000000000 ____D C:\Windows\CbsTemp
2020-01-17 21:18 - 2019-11-02 16:56 - 000000000 ____D C:\Users\Lenovo\Desktop\YT
2020-01-17 21:18 - 2019-10-28 15:01 - 001663726 _____ C:\Windows\system32\PerfStringBackup.INI
2020-01-17 21:18 - 2018-09-15 20:43 - 000734830 _____ C:\Windows\system32\perfh019.dat
2020-01-17 21:18 - 2018-09-15 20:43 - 000144020 _____ C:\Windows\system32\perfc019.dat
2020-01-17 21:18 - 2018-09-15 11:31 - 000000000 ____D C:\Windows\INF
2020-01-17 21:13 - 2019-10-28 14:51 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-01-17 21:12 - 2018-09-15 10:09 - 000524288 _____ C:\Windows\system32\config\BBI
2020-01-17 17:28 - 2019-12-14 15:10 - 000000000 ____D C:\Users\Lenovo\AppData\Local\cache
2020-01-17 17:28 - 2018-09-15 11:33 - 000000000 ___HD C:\Windows\ELAMBKUP
2020-01-17 15:26 - 2019-10-29 17:29 - 000000000 ____D C:\Users\Все пользователи\Package Cache
2020-01-17 15:26 - 2019-10-29 17:29 - 000000000 ____D C:\ProgramData\Package Cache
2020-01-17 15:26 - 2018-09-15 11:33 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-01-16 14:19 - 2019-11-01 19:10 - 000000000 ____D C:\Program Files\UNP
2020-01-16 14:12 - 2019-10-28 14:50 - 000443440 _____ C:\Windows\system32\FNTCACHE.DAT
2020-01-16 14:11 - 2019-11-27 15:39 - 000000000 ____D C:\Users\Все пользователи\AVAST Software
2020-01-16 14:11 - 2019-11-27 15:39 - 000000000 ____D C:\ProgramData\AVAST Software
2020-01-16 01:23 - 2018-09-15 11:33 - 000000000 ___SD C:\Windows\system32\UNP
2020-01-16 01:23 - 2018-09-15 11:33 - 000000000 ____D C:\Windows\ShellExperiences
2020-01-16 01:23 - 2018-09-15 11:33 - 000000000 ____D C:\Windows\bcastdvr
2020-01-15 18:06 - 2019-11-07 19:30 - 000000000 ____D C:\Windows\system32\MRT
2020-01-15 17:42 - 2019-11-07 19:29 - 120202352 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2020-01-14 21:30 - 2019-10-28 14:51 - 000000000 ____D C:\Windows\system32\Drivers\wd
2020-01-11 21:04 - 2019-11-07 10:23 - 000003862 _____ C:\Windows\system32\Tasks\Opera scheduled assistant Autoupdate 1573107834
2020-01-11 21:04 - 2019-11-02 18:13 - 000003586 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1572704005
2020-01-11 21:04 - 2019-10-28 11:19 - 000002352 _____ C:\Windows\system32\Tasks\RtHDVBg_LENOVO_DOLBYDRAGON
2020-01-11 21:04 - 2019-10-28 11:19 - 000002306 _____ C:\Windows\system32\Tasks\RtHDVBg_Dolby
2020-01-11 21:04 - 2019-10-28 11:19 - 000002302 _____ C:\Windows\system32\Tasks\RTKCPL
2020-01-11 21:04 - 2019-10-28 11:12 - 000003348 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-01-11 21:04 - 2019-10-28 11:12 - 000003124 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-01-11 21:04 - 2019-10-28 11:06 - 000002862 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3102692137-1051397412-2829928562-1001
2020-01-11 14:03 - 2019-11-06 09:01 - 000000000 ____D C:\Windows\SysWOW64\SupportAppCB
2020-01-10 12:02 - 2019-11-30 14:52 - 000000000 ____D C:\Users\Lenovo\Desktop\thingz dat i luv
2020-01-09 16:27 - 2019-12-15 12:18 - 000000000 ____D C:\Users\Lenovo\AppData\Local\SquirrelTemp
2020-01-06 18:33 - 2019-10-31 15:53 - 000000000 ____D C:\Program Files\Common Files\VST3
2020-01-06 18:08 - 2019-11-24 23:12 - 000000000 ____D C:\Program Files (x86)\VstPlugins
2020-01-06 18:08 - 2019-10-31 15:56 - 000000000 ____D C:\Program Files\VSTPlugins
2020-01-05 20:11 - 2019-12-15 12:20 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\WhatsApp
2020-01-05 20:11 - 2019-12-15 12:20 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2020-01-05 20:11 - 2019-12-15 12:19 - 000000000 ____D C:\Users\Lenovo\AppData\Local\WhatsApp
2020-01-05 11:59 - 2019-10-28 19:26 - 000000000 ____D C:\Users\Lenovo\Desktop\Coding
2020-01-05 11:56 - 2019-11-27 21:36 - 000000000 ____D C:\Users\Lenovo\.MemuHyperv
2020-01-05 11:25 - 2019-10-28 11:08 - 000000000 ____D C:\Users\Все пользователи\Intel
2020-01-05 11:25 - 2019-10-28 11:08 - 000000000 ____D C:\ProgramData\Intel
2020-01-03 19:56 - 2019-12-14 18:32 - 000000000 ____D C:\Users\Lenovo\Desktop\NeyBots-CellCraft-Olaf4Snow-v2 (1)
2019-12-30 21:52 - 2019-11-04 13:19 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Code
2019-12-30 20:07 - 2019-11-04 13:18 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Visual Studio Code
2019-12-26 14:59 - 2019-12-18 14:37 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\BitTorrent Web
2019-12-24 01:33 - 2019-10-28 11:03 - 000000000 ____D C:\Users\Lenovo

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

 

and here is addition.txt

Addition.txt

Share this post


Link to post
Share on other sites

Hi,

Please download the attached Fixlist.txt file to  the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the FRST.txt log you have submitted.

Run FRST and click Fix only once and wait.

The Computer will restart when the fix is completed.

It will create a log (Fixlog.txt) please post it to your reply.
===

If the problem persists and Chrome is Synced with other Devices reset it.

https://forums.malwarebytes.com/topic/214325-chrome-secure-preferences-detection-always-comes-back/
https://support.google.com/chrome/answer/185277

Execute the suggested fix.

Restart the computer normally.
===========

Please post the Fixlog.txt and let me know what problem persists.

fixlist.txt

Share this post


Link to post
Share on other sites
6 hours ago, nasdaq said:

Hi,

Please download the attached Fixlist.txt file to  the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the FRST.txt log you have submitted.

Run FRST and click Fix only once and wait.

The Computer will restart when the fix is completed.

It will create a log (Fixlog.txt) please post it to your reply.
===

If the problem persists and Chrome is Synced with other Devices reset it.

https://forums.malwarebytes.com/topic/214325-chrome-secure-preferences-detection-always-comes-back/
https://support.google.com/chrome/answer/185277

Execute the suggested fix.

Restart the computer normally.
===========

Please post the Fixlog.txt and let me know what problem persists.

fixlist.txt 2.14 kB · 2 downloads

Hello Dear @nasdaq

Sorry for disturbing you again and again.

Its knda WORKED but not totally. When I Launch my game icsys.icn.exe named program runs. I saw it on task manager and i think its part of this malware because it has same logo,icon as other 2 .exe trojans. Its showing for a second and going away. And when I Launch Point Blank( the trigger game of trojan ) RogueKiller named Anti Malware Software starts screaming about explorer.exe but it doesn't showing in task manager. IDK what happens but i think this infection still continues. THANK YOU AGAIN for your patience and Here is Fixlog file:

Fixlog.txt

Share this post


Link to post
Share on other sites

Hi,

Delete the file/program.

Run this Sophos Virus Removal Tool

Please download Sophos Virus Removal Tool and save it to your computer's Desktop.

  • Right-click the icon and select Run as administrator.
  • Click Yes to accept any security warnings that may appear.
  • Click the Next button.
  • Select 'I accept the terms in the license agreement', then click Next twice.
  • Click the Install button and wait until the installation is complete.
  • Click the Finish button. The tool created a shortcut icon on the Desktop of your computer.
  • Now, double-click the Sophos Virus Removal Tool shortcut icon to run the tool.
  • Click Yes to accept any security warnings that may appear.
  • After it updates and a "Start Scanning" button appears in the lower right:
    • Disconnect from the Internet or physically unplug your Internet cable connection.
    • Close all open programs, scheduling/updating tasks and background processes that might activate during the scan including the screensaver.
    • Temporarily disable your anti-virus and real-time anti-spyware protection.



Windows Vista and above:
C:\ProgramData\Sophos\Sophos Virus Removal Tool\Logs\SophosVirusRemovalTool.log
 
Please post the contents of the log in your next reply and note any errors encountered.
===
 

Let me know if all is well.

 

Share this post


Link to post
Share on other sites

@nasdaq 

Thank you very much for help.

The virus (malware or anything) has been deleted by Sophos. 

It deleted whole game and other hidden files created by the virus author and now i don't have this virus on my laptop.

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.