Jump to content

PC FREEZING RANDOMLY


Go to solution Solved by kevinf80,

Recommended Posts

I have a problem of my pc maybe because of undetectable virus maybe? its freezing and the sounds that come out from my speaker during this event is "drrrrrrr". I already used rogue killer and same thing happened. hopefully someone can answer my problem. I really need this pc for my home schooling because of the virus.

Link to post
Share on other sites

Hello ILLUSION042 and welcome to Malwarebytes,

Disable smart screen ONLY if it interferes with software we may have to use:

https://support.microsoft.com/en-us/microsoft-edge/what-is-smartscreen-and-how-can-it-help-protect-me-1c9a874a-6826-be5e-45b1-67fa445a74c8

Please remember to enable when we are finished....

Next,

Disable any Anti-virus software you have installed ONLY if it stops software we may use from working:

https://www.bleepingcomputer.com/forums/t/114351/how-to-temporarily-disable-your-anti-virus-firewall-and-anti-malware-programs/

Please remember to enable AV software when we are finished running scans....

Next,

Lets grab some logs and see whats going on, continue with the following:

If you do not have Malwarebytes installed do the following:

Download Malwarebytes version 4 from the following link:

https://www.malwarebytes.com/mwb-download/thankyou/

Double click on the installer and follow the prompts.

When the install completes or Malwarebytes is already installed do the following:

Open Malwarebytes, select > small cog wheel top right hand corner, that will open "settings" from there select "Security" tab.

Scroll down to "Scan Options" ensure Scan for Rootkits and Scan within Archives are both on....

Close out the settings window, this will take you back to "DashBoard" select the Blue "Scan Now" tab......

When the scan completes quarantine any found entries...

To get the log from Malwarebytes do the following:
 
  • Open Malwarebytes, select Target scope inside Scanner window,
  • In the new window select "Reports" tab. All recent scan reports will be listed.
  • Hover cursor over latest report (Indentified by date and time) you will see eye tab, download tab and recycle bin tab.
  • Select "Download" tab, download, name and save report to place of your choice (recommend Desktop)
  • Attach that report to your reply...


Next,

Download AdwCleaner by Malwarebytes onto your Desktop.

Or from this Mirror
 
  • Right-click on AdwCleaner.exe and select http://i.imgur.com/Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users)
  • Accept the EULA (I accept), then click on Scan
  • Let the scan complete. Once it's done, make sure that every item listed in the different tabs is checked and click on the Quarantine button. This will kill all the active processes
  • Once the cleaning process is complete, AdwCleaner will ask to restart your computer, do it
  • After the restart, a log will open when logging in. Please copy/paste the content of that log in your next reply


Next,

Download Farbar Recovery Scan Tool and save it to your desktop.

Alternative download option: http://www.techspot.com/downloads/6731-farbar-recovery-scan-tool.html

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

If your security alerts to FRST either, accept the alert or turn your security off to allow FRST to run. It is not malicious or infected in any way...

Be aware FRST must be run from an account with Administrator status... If English is not your primary language Right click on FRST/FRST64 and rename FRSTEnglish/FRST64English

 
  • Double-click to run it. When the tool opens click Yes to disclaimer.(Windows 8/10 users will be prompted about Windows SmartScreen protection - click More information and Run.)
  • Make sure Addition.txt is checkmarked under "Optional scans"
    user posted image
     
  • Press Scan button to run the tool....
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The tool will also make a log named (Addition.txt) Please attach that log to your reply.


Let me see those logs in your reply...

Thank you,

Kevin....
Link to post
Share on other sites

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-11-2021
Ran by Administrator (administrator) on WIN-SKRMTT21HGK (Gigabyte Technology Co., Ltd. A320M-S2H V2) (17-11-2021 11:57:45)
Running from C:\Users\Administrator\Downloads
Loaded Profiles: Administrator
Platform: Microsoft Windows 10 Pro Version 20H2 19042.1348 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ADLICE (ASCOET JULIEN) -> ) C:\Program Files\RogueKiller\RogueKiller64.exe
(ADLICE (ASCOET JULIEN) -> ) C:\Program Files\RogueKiller\RogueKillerSvc.exe
(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0372402.inf_amd64_ac618ec7b5ee5b9e\B372333\atieclxx.exe
(Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0372402.inf_amd64_ac618ec7b5ee5b9e\B372333\atiesrxx.exe
(Firebit OU -> Rainmeter) C:\Program Files\Rainmeter\Rainmeter.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <21>
(Janos Mathe -> H.D.S. Hungary) C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <9>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12107.1001.15.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(OpenJS Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_a1020546271138b9\RtkAudUService64.exe <2>
(Spotify AB -> Spotify Ltd) C:\Users\Administrator\AppData\Roaming\Spotify\Spotify.exe <6>
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_a1020546271138b9\RtkAudUService64.exe [1343072 2021-11-03] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
HKLM\...\Policies\Explorer: [SettingsPageVisibility] hide:maps;cortana;cortana-language;windowsinsider;windowsinsider-optin;windowsdefender;findmydevice
HKLM\...\Policies\Explorer: [DisableThumbnails] 0
HKU\S-1-5-21-3116131230-4231881200-3627952479-500\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Administrator\AppData\Local\Microsoft\Teams\Update.exe [2454240 2021-10-26] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3116131230-4231881200-3627952479-500\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4267928 2021-10-14] (Valve -> Valve Corporation)
HKU\S-1-5-21-3116131230-4231881200-3627952479-500\...\Run: [Spotify] => C:\Users\Administrator\AppData\Roaming\Spotify\Spotify.exe [18750392 2021-11-12] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-3116131230-4231881200-3627952479-500\...\Policies\Explorer: [DisableThumbnails] 0
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\95.0.4638.69\Installer\chrmstp.exe [2021-11-02] (Google LLC -> Google LLC)
Startup: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2021-11-05]
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe (Firebit OU -> Rainmeter)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {023CB7AD-4A8A-478C-AD2E-758353FDBC26} - System32\Tasks\HardDiskSentinel\Hard Disk Sentinel_Administrator => C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe [5968264 2021-01-14] (Janos Mathe -> H.D.S. Hungary)
Task: {05DE8768-BD4C-4791-8A48-2E671B3188BE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5729184 2021-10-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {18C9F0F9-4395-4792-B8C2-B8968646A951} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5729184 2021-10-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {621D49D4-A610-4369-8475-B4BEA6BA735E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-10-24] (Google LLC -> Google LLC)
Task: {640F462A-A6F6-40A4-9461-A5689693EBFF} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [134528 2021-10-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {66454698-B26B-4E8F-810F-93990EEAFF91} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21976976 2021-09-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {66F9F1F2-9CCB-41C0-AC57-E13F6CE790F1} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [134528 2021-10-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {70F52E6D-4469-4437-B254-D777543325CF} - System32\Tasks\Microsoft\Windows\WindowsUpdate\RUXIM\RUXIMDisplay => C:\Program Files\ruxim\ruximics.exe [477512 2021-06-30] (Microsoft Windows -> Microsoft Corporation)
Task: {737C5988-F45F-495C-9DF5-29F34AB03EB0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-10-24] (Google LLC -> Google LLC)
Task: {78520E64-D839-41B0-A84A-03F2A2046E11} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21976976 2021-09-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {AA43D874-627C-4514-A883-13563370F491} - System32\Tasks\Microsoft\Windows\WindowsUpdate\RUXIM\RUXIMSync => C:\Program Files\ruxim\ruximics.exe [477512 2021-06-30] (Microsoft Windows -> Microsoft Corporation)
Task: {BD82B8F6-9EB3-4445-A6F6-F0D141839BA2} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [3978624 2021-11-07] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{85e5b068-01de-4340-9521-067489c3214a}: [DhcpNameServer] 192.168.1.1 192.168.68.1
Tcpip\..\Interfaces\{fbd4d86f-cec4-462b-ba9a-9766c4904c70}: [DhcpNameServer] 192.168.1.1

Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Administrator\AppData\Local\Microsoft\Edge\User Data\Default [2021-11-17]
Edge HKU\S-1-5-21-3116131230-4231881200-3627952479-500\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [llbjbkhnmlidjebalopleeepgdfgcpec] - C:\Program Files (x86)\Internet Download Manager\IDMEdgeExt.crx <not found>

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-10-26] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-10-26] (Microsoft Corporation -> Microsoft Corporation)

Chrome: 
=======
CHR Profile: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default [2021-11-17]
CHR Notifications: Default -> hxxps://meet.google.com; hxxps://web.skype.com
CHR Extension: (Slides) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-10-24]
CHR Extension: (Docs) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-10-24]
CHR Extension: (Google Drive) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-10-24]
CHR Extension: (YouTube) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-10-24]
CHR Extension: (uBlock Origin) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2021-10-27]
CHR Extension: (Sheets) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-10-24]
CHR Extension: (Google Docs Offline) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-10-24]
CHR Extension: (Pinterest Save Button) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2021-11-12]
CHR Extension: (Grammarly for Chrome) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2021-11-13]
CHR Extension: (IDM Integration Module) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2021-11-05]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-10-24]
CHR Extension: (Gmail) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-10-24]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9250696 2021-10-03] (Microsoft Corporation -> Microsoft Corporation)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\21.205.1003.0005\FileSyncHelper.exe [3253120 2021-11-07] (Microsoft Corporation -> Microsoft Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7848632 2021-11-17] (Malwarebytes Inc -> Malwarebytes)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\21.205.1003.0005\OneDriveUpdaterService.exe [3721600 2021-11-07] (Microsoft Corporation -> Microsoft Corporation)
R2 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [14204760 2021-11-09] (ADLICE (ASCOET JULIEN) -> )
S4 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6103464 2021-11-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ucldr_MirTrilogy4_ST; C:\Program Files\Common Files\UNCHEATER\ucldr_MirTrilogy4_ST.exe [6958832 2021-11-16] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2110.6-0\NisSrv.exe [2872024 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2110.6-0\MsMpEng.exe [128376 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0372402.inf_amd64_ac618ec7b5ee5b9e\B372333\amdkmdag.sys [80502832 2021-11-02] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [160176 2021-11-17] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [210352 2021-11-17] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-11-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [193448 2021-11-17] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [69040 2021-11-17] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-11-17] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [149424 2021-11-17] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 MpKslb5ac9409; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E83B88D7-B4CB-42D0-A53E-D756926098AE}\MpKslDrv.sys [130296 2021-11-16] (Microsoft Windows -> Microsoft Corporation)
U3 TrueSight; C:\Windows\System32\drivers\truesight.sys [38032 2021-11-16] (Adlice -> )
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48520 2021-11-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [435424 2021-11-03] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86240 2021-11-03] (Microsoft Windows -> Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [2729456 2021-11-16] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-11-17 11:57 - 2021-11-17 11:58 - 000015767 _____ C:\Users\Administrator\Downloads\FRST.txt
2021-11-17 11:55 - 2021-11-17 11:58 - 000000000 ____D C:\FRST
2021-11-17 11:51 - 2021-11-17 11:51 - 002311680 _____ (Farbar) C:\Users\Administrator\Downloads\FRST64.exe
2021-11-17 11:36 - 2021-11-17 11:36 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-11-17 11:36 - 2021-11-17 11:36 - 000210352 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-11-17 11:36 - 2021-11-17 11:36 - 000193448 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-11-17 11:36 - 2021-11-17 11:36 - 000149424 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-11-17 11:36 - 2021-11-17 11:36 - 000069040 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-11-17 11:36 - 2021-11-17 11:36 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-11-17 11:36 - 2021-11-17 11:36 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-11-17 11:36 - 2021-11-17 11:36 - 000000000 ____D C:\Users\Administrator\AppData\Local\mbam
2021-11-17 11:35 - 2021-11-17 11:35 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-11-17 11:35 - 2021-11-17 11:35 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-11-17 11:26 - 2021-11-17 11:31 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-11-17 11:25 - 2021-11-17 11:31 - 000000000 ____D C:\Program Files\Malwarebytes
2021-11-17 11:25 - 2021-11-17 11:25 - 002101944 _____ (Malwarebytes) C:\Users\Administrator\Downloads\MBSetup-119967.119967-consumer.exe
2021-11-17 11:25 - 2021-11-17 11:25 - 002101944 _____ (Malwarebytes) C:\Users\Administrator\Downloads\MBSetup-10789.10789-consumer.exe
2021-11-16 14:20 - 2021-11-16 19:55 - 002729456 _____ (Wellbia.com Co., Ltd.) C:\WINDOWS\xhunter1.sys
2021-11-16 14:20 - 2021-11-16 14:20 - 000000000 ____D C:\Users\Administrator\AppData\Local\WELLBIA
2021-11-16 14:20 - 2021-11-16 14:20 - 000000000 ____D C:\Program Files\Common Files\UNCHEATER
2021-11-15 20:50 - 2021-11-15 20:55 - 000000000 ____D C:\ProgramData\ADiag
2021-11-15 20:50 - 2021-11-15 20:50 - 000000809 _____ C:\Users\Public\Desktop\Diag.lnk
2021-11-15 20:50 - 2021-11-15 20:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diag
2021-11-15 20:50 - 2021-11-15 20:50 - 000000000 ____D C:\Program Files\Diag
2021-11-15 20:48 - 2021-11-15 20:49 - 028374040 _____ (Adlice Software ) C:\Users\Administrator\Downloads\Diag_setup.exe
2021-11-15 20:22 - 2021-11-15 20:22 - 000000000 ____D C:\Users\Administrator\AppData\Local\UnrealEngine
2021-11-15 12:34 - 2021-11-16 21:21 - 000038032 _____ C:\WINDOWS\system32\Drivers\truesight.sys
2021-11-15 12:34 - 2021-11-15 18:05 - 000000000 ____D C:\ProgramData\RogueKiller
2021-11-15 12:34 - 2021-11-15 12:34 - 000000899 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2021-11-15 12:34 - 2021-11-15 12:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2021-11-15 12:34 - 2021-11-15 12:34 - 000000000 ____D C:\Program Files\RogueKiller
2021-11-15 12:32 - 2021-11-15 12:33 - 041652744 _____ (Adlice Software ) C:\Users\Administrator\Downloads\RogueKiller_setup.exe
2021-11-15 11:24 - 2021-11-15 11:24 - 000000223 _____ C:\Users\Administrator\Desktop\MIR4.url
2021-11-13 20:17 - 2021-11-13 20:17 - 000000000 ____D C:\WINDOWS\Minidump
2021-11-13 20:09 - 2021-11-13 20:09 - 000000000 ___HD C:\$SysReset
2021-11-13 19:11 - 2021-11-13 19:11 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-11-13 19:11 - 2021-11-13 19:11 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-11-13 19:11 - 2021-11-13 19:11 - 000011363 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-11-13 19:10 - 2021-11-13 19:10 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-11-13 18:51 - 2021-11-13 18:51 - 000000000 ___HD C:\$WinREAgent
2021-11-13 18:48 - 2021-11-13 18:48 - 000001146 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2021-11-13 18:48 - 2021-11-13 18:48 - 000000000 ____D C:\Program Files\PCHealthCheck
2021-11-12 23:14 - 2021-11-13 00:10 - 1529155584 _____ C:\Users\Administrator\Downloads\Win10_21H1_English_x64.iso
2021-11-12 22:05 - 2021-11-12 22:05 - 002688921 _____ C:\Users\Administrator\Downloads\Compound-Interest (1).pdf
2021-11-12 21:27 - 2021-11-12 21:27 - 002688921 _____ C:\Users\Administrator\Downloads\Compound-Interest.pdf
2021-11-12 21:14 - 2021-11-12 21:14 - 001507328 _____ C:\Users\Administrator\Downloads\Unconfirmed 273515.crdownload
2021-11-12 20:33 - 2021-11-12 20:33 - 578551808 _____ C:\Users\Administrator\Downloads\Unconfirmed 886685.crdownload
2021-11-12 15:31 - 2021-11-12 15:31 - 000035057 ____H C:\Users\Administrator\Downloads\~WRL0825.tmp
2021-11-12 14:49 - 2021-11-17 11:09 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Spotify
2021-11-12 14:49 - 2021-11-17 11:09 - 000000000 ____D C:\Users\Administrator\AppData\Local\Spotify
2021-11-12 14:49 - 2021-11-12 14:49 - 000726552 _____ (Spotify Ltd) C:\Users\Administrator\Downloads\SpotifySetup (1).exe
2021-11-12 14:49 - 2021-11-12 14:49 - 000001890 _____ C:\Users\Administrator\Desktop\Spotify.lnk
2021-11-12 14:49 - 2021-11-12 14:49 - 000001876 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2021-11-12 06:45 - 2021-11-13 20:23 - 093323264 _____ C:\WINDOWS\system32\config\SOFTWARE
2021-11-12 06:39 - 2021-11-12 06:45 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2021-11-11 17:49 - 2021-11-11 17:49 - 000000219 _____ C:\Users\Administrator\Desktop\Dota 2.url
2021-11-11 16:47 - 2021-11-11 16:49 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2021-11-11 16:46 - 2021-11-11 16:47 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2021-11-11 16:46 - 2021-11-11 16:46 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2021-11-11 16:43 - 2021-11-11 16:43 - 000000000 ____D C:\ProgramData\ssh
2021-11-11 16:39 - 2021-11-11 16:39 - 001687040 _____ C:\WINDOWS\system32\libcrypto.dll
2021-11-11 16:39 - 2021-11-11 16:39 - 000672768 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-11-11 16:39 - 2021-11-11 16:39 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-11-11 16:39 - 2021-11-11 16:39 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-11-11 16:39 - 2021-11-11 16:39 - 000480256 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll
2021-11-11 16:39 - 2021-11-11 16:39 - 000203264 _____ C:\WINDOWS\system32\uwfcfgmgmt.dll
2021-11-11 16:39 - 2021-11-11 16:39 - 000170496 _____ C:\WINDOWS\system32\DeviceUpdateCenterCsp.dll
2021-11-11 16:39 - 2021-11-11 16:39 - 000158208 _____ C:\WINDOWS\system32\uwfcsp.dll
2021-11-11 16:39 - 2021-11-11 16:39 - 000138056 _____ C:\WINDOWS\system32\HvsiManagementApi.dll
2021-11-11 16:39 - 2021-11-11 16:39 - 000101704 _____ C:\WINDOWS\SysWOW64\HvsiManagementApi.dll
2021-11-11 16:39 - 2021-11-11 16:39 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-11-11 16:39 - 2021-11-11 16:39 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-11-11 16:39 - 2021-11-11 16:39 - 000045880 _____ C:\WINDOWS\system32\HvSocket.dll
2021-11-11 16:39 - 2021-11-11 16:39 - 000040960 _____ C:\WINDOWS\system32\uwfservicingapi.dll
2021-11-11 16:38 - 2021-11-11 16:38 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2021-11-11 16:38 - 2021-11-11 16:38 - 002371072 _____ C:\WINDOWS\system32\rdpnano.dll
2021-11-11 16:38 - 2021-11-11 16:38 - 002111488 _____ (Digimarc) C:\WINDOWS\SysWOW64\DMRCDecoder.dll
2021-11-11 16:38 - 2021-11-11 16:38 - 001864192 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll
2021-11-11 16:38 - 2021-11-11 16:38 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-11-11 16:38 - 2021-11-11 16:38 - 000980320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2021-11-11 16:38 - 2021-11-11 16:38 - 000915296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2021-11-11 16:38 - 2021-11-11 16:38 - 000732000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2021-11-11 16:38 - 2021-11-11 16:38 - 000611960 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-11-11 16:38 - 2021-11-11 16:38 - 000468440 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-11-11 16:38 - 2021-11-11 16:38 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-11-11 16:38 - 2021-11-11 16:38 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-11-11 16:38 - 2021-11-11 16:38 - 000055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2021-11-11 16:38 - 2021-11-11 16:38 - 000047472 _____ C:\WINDOWS\SysWOW64\umpdc.dll
2021-11-11 16:38 - 2021-11-11 16:38 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2021-11-11 16:37 - 2021-11-11 16:37 - 004898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2021-11-11 16:37 - 2021-11-11 16:37 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2021-11-11 16:37 - 2021-11-11 16:37 - 001354080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2021-11-11 16:37 - 2021-11-11 16:37 - 001164288 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-11-11 16:37 - 2021-11-11 16:37 - 001091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2021-11-11 16:37 - 2021-11-11 16:37 - 001032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2021-11-11 16:37 - 2021-11-11 16:37 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-11-11 16:37 - 2021-11-11 16:37 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-11-11 16:37 - 2021-11-11 16:37 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll
2021-11-11 16:37 - 2021-11-11 16:37 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-11-11 16:37 - 2021-11-11 16:37 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe
2021-11-11 16:37 - 2021-11-11 16:37 - 000056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2021-11-11 16:37 - 2021-11-11 16:37 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2021-11-11 16:37 - 2021-11-11 16:37 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe
2021-11-11 16:37 - 2021-11-11 16:37 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2021-11-11 16:36 - 2021-11-11 16:36 - 004227116 _____ C:\WINDOWS\system32\DefaultHrtfs.bin
2021-11-11 16:36 - 2021-11-11 16:36 - 002295296 _____ (Digimarc) C:\WINDOWS\system32\DMRCDecoder.dll
2021-11-11 16:36 - 2021-11-11 16:36 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-11-11 16:36 - 2021-11-11 16:36 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2021-11-11 16:36 - 2021-11-11 16:36 - 000706536 _____ C:\WINDOWS\system32\TextShaping.dll
2021-11-11 16:36 - 2021-11-11 16:36 - 000657464 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-11-11 16:36 - 2021-11-11 16:36 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2021-11-11 16:36 - 2021-11-11 16:36 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-11-11 16:36 - 2021-11-11 16:36 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll
2021-11-11 16:36 - 2021-11-11 16:36 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2021-11-11 16:36 - 2021-11-11 16:36 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2021-11-11 16:36 - 2021-11-11 16:36 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-11-11 16:36 - 2021-11-11 16:36 - 000197632 _____ C:\WINDOWS\system32\IHDS.dll
2021-11-11 16:36 - 2021-11-11 16:36 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-11-11 16:36 - 2021-11-11 16:36 - 000098304 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-11-11 16:36 - 2021-11-11 16:36 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2021-11-11 16:36 - 2021-11-11 16:36 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-11-11 16:36 - 2021-11-11 16:36 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2021-11-11 16:36 - 2021-11-11 16:36 - 000064552 _____ C:\WINDOWS\system32\umpdc.dll
2021-11-11 16:36 - 2021-11-11 16:36 - 000029696 _____ (The ICU Project) C:\WINDOWS\system32\icuuc.dll
2021-11-11 16:36 - 2021-11-11 16:36 - 000025088 _____ (The ICU Project) C:\WINDOWS\system32\icuin.dll
2021-11-11 16:36 - 2021-11-11 16:36 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2021-11-11 16:31 - 2021-11-11 16:31 - 000000975 _____ C:\Users\Public\Desktop\CPUID HWMonitor.lnk
2021-11-11 09:33 - 2021-11-13 20:06 - 000000000 ____D C:\Users\Administrator\Documents\Sound recordings
2021-11-11 09:20 - 2021-11-11 09:20 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2021-11-11 09:18 - 2021-11-12 20:21 - 000000000 ____D C:\ProgramData\Packages
2021-11-11 09:18 - 2021-11-11 09:18 - 000000000 ____D C:\Users\Administrator\AppData\Local\Publishers
2021-11-11 09:17 - 2021-11-11 09:17 - 000000020 ___SH C:\Users\Administrator\ntuser.ini
2021-11-11 09:17 - 2021-11-11 09:17 - 000000000 ____D C:\Users\Administrator\AppData\Local\VirtualStore
2021-11-11 01:01 - 2021-11-16 21:27 - 000795738 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-11-11 01:01 - 2021-11-16 21:20 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-11-11 01:01 - 2021-11-13 18:59 - 000001908 _____ C:\WINDOWS\diagwrn.xml
2021-11-11 01:01 - 2021-11-13 18:59 - 000001908 _____ C:\WINDOWS\diagerr.xml
2021-11-11 01:01 - 2021-11-11 01:02 - 000003408 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-11-11 01:01 - 2021-11-11 01:02 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-11-11 01:01 - 2021-11-11 01:02 - 000002716 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2021-11-11 01:01 - 2021-11-11 01:01 - 000003184 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-11-11 01:01 - 2021-11-11 01:01 - 000003124 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-11-11 01:01 - 2021-11-11 01:01 - 000000000 ____D C:\WINDOWS\system32\Tasks\HardDiskSentinel
2021-11-11 00:53 - 2021-11-16 21:20 - 000000000 ____D C:\Users\Administrator
2021-11-11 00:50 - 2021-11-17 11:08 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-11-11 00:50 - 2021-11-16 21:20 - 000008192 ___SH C:\DumpStack.log.tmp
2021-11-11 00:50 - 2021-11-13 20:20 - 000435384 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-11-10 21:20 - 2021-11-10 21:20 - 000066463 _____ C:\Users\Administrator\Downloads\FT Assignment 2B - Capsa Enterprises-bonavente.xlsx
2021-11-10 20:15 - 2021-11-10 20:49 - 000066471 _____ C:\Users\Administrator\Downloads\FT Assignment 2B - Capsa Enterprises.xlsx
2021-11-10 15:03 - 2021-11-13 16:35 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\karastar
2021-11-10 15:03 - 2021-11-10 15:03 - 000002303 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Karastar.lnk
2021-11-10 15:03 - 2021-11-10 15:03 - 000002295 _____ C:\Users\Administrator\Desktop\Karastar.lnk
2021-11-10 15:03 - 2021-11-10 15:03 - 000000000 ____D C:\Users\Administrator\AppData\Local\karastar-updater
2021-11-10 14:32 - 2021-11-10 14:32 - 000140028 _____ C:\Users\Administrator\Downloads\Template (2).xlsx
2021-11-09 16:08 - 2021-11-12 21:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
2021-11-09 15:12 - 2021-11-09 15:12 - 000000000 ____D C:\Users\Administrator\AppData\Local\CosmoViewerNG
2021-11-09 15:11 - 2021-11-12 16:05 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\CosmoViewerNG
2021-11-09 15:01 - 2021-11-09 15:01 - 1841852795 _____ C:\WINDOWS\MEMORY.DMP
2021-11-09 14:46 - 2021-11-09 14:46 - 000016722 _____ C:\Users\Administrator\Documents\FT Assignment No. 2 - Adie Enterprises-Bonavente.xlsx
2021-11-09 14:46 - 2021-11-09 14:46 - 000000165 ____H C:\Users\Administrator\Documents\~$FT Assignment No. 2 - Adie Enterprises-Bonavente.xlsx
2021-11-09 14:34 - 2021-11-09 14:45 - 000069403 _____ C:\Users\Administrator\Documents\FT Assignment No. 2 - Adie Enterprises.xlsx
2021-11-09 14:11 - 2021-11-09 14:32 - 000070063 _____ C:\Users\Administrator\Downloads\Template (1).xlsx
2021-11-09 14:11 - 2021-11-09 14:11 - 000140028 _____ C:\Users\Administrator\Downloads\Template.xlsx
2021-11-09 13:56 - 2021-11-13 18:50 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-11-09 13:54 - 2021-11-12 20:14 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-11-09 13:53 - 2021-11-09 15:05 - 000000000 ____D C:\Program Files\ruxim
2021-11-06 20:09 - 2021-11-06 20:09 - 000036208 _____ (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCEXP152.SYS
2021-11-06 18:46 - 2021-11-15 10:23 - 000000000 ___DC C:\WINDOWS\Panther
2021-11-06 07:25 - 2021-11-12 13:07 - 000000000 ____D C:\Program Files\Common Files\Adobe
2021-11-06 07:25 - 2021-11-06 18:00 - 000000000 ___HD C:\adobeTemp
2021-11-06 07:25 - 2021-11-06 17:59 - 000000000 ____D C:\Program Files\Adobe
2021-11-06 07:25 - 2021-11-06 07:25 - 000000000 ____D C:\Program Files (x86)\Adobe
2021-11-06 07:24 - 2021-11-15 20:21 - 000000000 ____D C:\ProgramData\Package Cache
2021-11-06 07:24 - 2021-11-12 13:07 - 000000000 ____D C:\ProgramData\Adobe
2021-11-06 07:24 - 2021-11-06 07:24 - 000000000 ____D C:\Users\Administrator\AppData\Local\Adobe
2021-11-05 20:26 - 2021-11-05 20:26 - 000087566 _____ C:\Users\Administrator\Downloads\translucenttaskbar_1_2_by_arkenthera_dausz1z.rmskin
2021-11-05 19:55 - 2021-11-05 19:55 - 000196227 _____ C:\Users\Administrator\Downloads\elementary-1-5.rmskin
2021-11-05 19:25 - 2021-11-05 20:26 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Rainmeter
2021-11-05 19:25 - 2021-11-05 19:25 - 000000000 ____D C:\Users\Administrator\Documents\Rainmeter
2021-11-05 19:24 - 2021-11-05 19:24 - 002451256 _____ (Rainmeter) C:\Users\Administrator\Downloads\Rainmeter-4.5.4.exe
2021-11-05 19:24 - 2021-11-05 19:24 - 000001707 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rainmeter.lnk
2021-11-05 19:24 - 2021-11-05 19:24 - 000000000 ____D C:\Program Files\Rainmeter
2021-11-05 17:15 - 2021-11-11 16:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-11-05 17:15 - 2021-11-11 00:54 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-11-05 16:56 - 2021-11-12 13:13 - 000000000 ____D C:\Program Files\WinRAR
2021-11-03 02:58 - 2021-11-03 02:58 - 001143176 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys
2021-11-03 02:48 - 2021-11-03 02:58 - 048046994 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2021-11-03 02:47 - 2021-11-03 02:48 - 006582064 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2021-11-03 02:43 - 2021-11-03 02:43 - 001860656 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-11-03 02:43 - 2021-11-03 02:43 - 001860656 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-11-03 02:42 - 2021-11-03 02:43 - 001440304 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-11-03 02:42 - 2021-11-03 02:43 - 001440304 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-11-03 02:42 - 2021-11-03 02:42 - 001107176 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-11-03 02:42 - 2021-11-03 02:42 - 001107176 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-11-03 02:42 - 2021-11-03 02:42 - 000959856 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-11-03 02:42 - 2021-11-03 02:42 - 000959856 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-11-03 02:42 - 2021-11-03 02:42 - 000788528 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2021-11-03 02:42 - 2021-11-03 02:42 - 000665648 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2021-11-03 02:42 - 2021-11-03 02:42 - 000193088 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2021-11-03 02:42 - 2021-11-03 02:42 - 000172592 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2021-11-03 02:42 - 2021-11-03 02:42 - 000154384 _____ C:\WINDOWS\system32\samu_krnl_ci.sbin
2021-11-03 02:42 - 2021-11-03 02:42 - 000149568 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2021-11-03 02:42 - 2021-11-03 02:42 - 000138832 _____ C:\WINDOWS\system32\samu_krnl_isv_ci.sbin
2021-11-03 02:42 - 2021-11-03 02:42 - 000134208 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2021-11-03 02:42 - 2021-11-03 02:42 - 000082480 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mcl64.dll
2021-11-03 02:42 - 2021-11-03 02:42 - 000067120 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mcl32.dll
2021-11-03 02:42 - 2021-11-03 02:42 - 000038448 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2021-11-03 02:42 - 2021-11-03 02:42 - 000035376 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2021-11-03 02:41 - 2021-11-03 02:42 - 000121168 _____ C:\WINDOWS\system32\kapp_si.sbin
2021-11-03 02:41 - 2021-11-03 02:41 - 000548928 _____ C:\WINDOWS\system32\GameManager64.dll
2021-11-03 02:41 - 2021-11-03 02:41 - 000492096 _____ C:\WINDOWS\system32\dgtrayicon.exe
2021-11-03 02:41 - 2021-11-03 02:41 - 000482880 _____ C:\WINDOWS\system32\EEURestart.exe
2021-11-03 02:41 - 2021-11-03 02:41 - 000410176 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2021-11-03 02:41 - 2021-11-03 02:41 - 000335408 _____ C:\WINDOWS\system32\clinfo.exe
2021-11-03 02:41 - 2021-11-03 02:41 - 000128048 _____ C:\WINDOWS\system32\kapp_ci.sbin
2021-11-03 02:41 - 2021-11-03 02:41 - 000019928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2021-11-03 02:41 - 2021-11-03 02:41 - 000019928 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2021-11-03 02:01 - 2021-11-03 02:01 - 000204952 _____ C:\WINDOWS\SysWOW64\ativvsvl.dat
2021-11-03 02:01 - 2021-11-03 02:01 - 000204952 _____ C:\WINDOWS\system32\ativvsvl.dat
2021-11-03 02:01 - 2021-11-03 02:01 - 000157144 _____ C:\WINDOWS\SysWOW64\ativvsva.dat
2021-11-03 02:01 - 2021-11-03 02:01 - 000157144 _____ C:\WINDOWS\system32\ativvsva.dat
2021-11-03 02:01 - 2021-11-03 02:01 - 000012344 _____ C:\WINDOWS\system32\brandingWS_RSX.bmp
2021-11-03 02:01 - 2021-11-03 02:01 - 000012344 _____ C:\WINDOWS\system32\brandingRSX.bmp
2021-11-03 02:01 - 2021-11-03 02:01 - 000000822 _____ C:\WINDOWS\system32\branding.bmp
2021-11-03 01:56 - 2021-11-03 01:57 - 003471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2021-11-03 01:50 - 2021-11-03 01:51 - 003437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2021-11-03 01:47 - 2021-11-03 01:47 - 000170032 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2021-11-03 01:47 - 2021-11-03 01:47 - 000132656 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2021-11-03 01:29 - 2021-11-03 01:29 - 000839720 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2021-11-03 01:29 - 2021-11-03 01:29 - 000251968 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2021-11-03 01:29 - 2021-11-03 01:29 - 000211008 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2021-11-03 01:29 - 2021-11-03 01:29 - 000158272 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2021-11-03 01:29 - 2021-11-03 01:29 - 000139704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2021-11-03 01:29 - 2021-11-03 01:29 - 000111088 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2021-11-03 01:28 - 2021-11-03 01:29 - 000516136 _____ C:\WINDOWS\system32\atieah64.exe
2021-11-03 01:28 - 2021-11-03 01:28 - 000384576 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2021-11-03 01:28 - 2021-11-03 01:28 - 000130600 _____ C:\WINDOWS\system32\atidxx64.dll
2021-11-03 01:28 - 2021-11-03 01:28 - 000104512 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2021-11-03 01:16 - 2021-11-03 01:16 - 000460328 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2021-11-03 01:16 - 2021-11-03 01:16 - 000193432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2021-11-03 01:16 - 2021-11-03 01:16 - 000157376 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2021-11-03 01:15 - 2021-11-03 01:15 - 001386536 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2021-11-03 01:15 - 2021-11-03 01:15 - 001386536 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2021-11-03 01:15 - 2021-11-03 01:15 - 000562656 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2021-11-03 01:15 - 2021-11-03 01:15 - 000562656 _____ C:\WINDOWS\system32\atiapfxx.blb
2021-11-03 01:14 - 2021-11-03 01:15 - 001839680 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2021-11-03 01:14 - 2021-11-03 01:14 - 001528384 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiacm64.dll
2021-11-03 01:14 - 2021-11-03 01:14 - 000061992 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2021-11-03 01:14 - 2021-11-03 01:14 - 000011014 _____ C:\WINDOWS\system32\atiacmLocalisation.ini
2021-11-03 01:12 - 2021-11-03 01:12 - 000129064 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2021-11-03 01:12 - 2021-11-03 01:12 - 000105024 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2021-11-03 01:11 - 2021-11-03 01:12 - 001689408 _____ (AMD) C:\WINDOWS\system32\amf-mft-mjpeg-decoder64.dll
2021-11-03 01:11 - 2021-11-03 01:11 - 001368224 _____ (AMD) C:\WINDOWS\SysWOW64\amf-mft-mjpeg-decoder32.dll
2021-11-03 00:59 - 2021-11-03 00:59 - 000124968 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2021-11-03 00:59 - 2021-11-03 00:59 - 000101424 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2021-11-03 00:47 - 2021-11-03 00:59 - 058447000 _____ C:\WINDOWS\system32\amdxc64.so
2021-11-03 00:11 - 2021-11-03 00:11 - 000139728 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2021-11-03 00:11 - 2021-11-03 00:11 - 000111064 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2021-11-02 23:45 - 2021-11-02 23:45 - 000535568 _____ C:\WINDOWS\system32\amdmiracast.dll
2021-11-02 23:33 - 2021-11-02 23:33 - 000933416 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2021-11-02 23:33 - 2021-11-02 23:33 - 000760880 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2021-11-02 23:32 - 2021-11-02 23:33 - 000458288 _____ C:\WINDOWS\system32\amdlogum.exe
2021-11-02 23:32 - 2021-11-02 23:32 - 000202680 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdihk64.dll
2021-11-02 23:32 - 2021-11-02 23:32 - 000170232 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdihk32.dll
2021-11-02 23:32 - 2021-11-02 23:32 - 000076237 _____ C:\WINDOWS\system32\AMDKernelEvents.man
2021-11-02 23:18 - 2021-11-02 23:32 - 069800488 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdhip64.dll
2021-11-02 23:16 - 2021-11-02 23:16 - 000548904 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2021-11-02 23:16 - 2021-11-02 23:16 - 000412200 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2021-11-02 23:15 - 2021-11-02 23:15 - 000150072 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2021-11-02 23:15 - 2021-11-02 23:15 - 000141864 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-11-02 23:15 - 2021-11-02 23:15 - 000125608 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2021-11-02 23:15 - 2021-11-02 23:15 - 000122944 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-11-02 23:01 - 2021-11-02 23:15 - 069085736 _____ C:\WINDOWS\SysWOW64\amd_comgr32.dll
2021-11-02 22:44 - 2021-11-02 23:01 - 084037672 _____ C:\WINDOWS\system32\amd_comgr.dll
2021-11-02 22:27 - 2021-11-02 22:27 - 000443192 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdtee_api.dll
2021-11-02 22:27 - 2021-11-02 22:27 - 000356664 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdtee_api.dll
2021-11-02 22:27 - 2021-11-02 22:27 - 000246200 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\AtihdWT6.sys
2021-11-02 22:27 - 2021-11-02 22:27 - 000055096 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\Drivers\amdpsp.sys
2021-11-02 22:27 - 2021-11-02 22:27 - 000054984 _____ (Advanced Micro Devices, Inc) C:\WINDOWS\system32\Drivers\amdgpio2.sys
2021-11-02 22:27 - 2021-11-02 22:27 - 000033136 _____ (Advanced Micro Devices, Inc) C:\WINDOWS\system32\Drivers\amdgpio3.sys
2021-11-02 22:26 - 2021-11-09 13:51 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2021-11-02 22:23 - 2021-11-02 22:23 - 000000000 ____D C:\Users\Administrator\AppData\Local\OneDrive
2021-11-02 20:24 - 2021-11-15 10:10 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-11-02 20:24 - 2021-11-15 10:10 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-11-02 20:20 - 2021-11-02 20:20 - 000000000 ____D C:\WINDOWS\CSC
2021-11-02 19:49 - 2021-11-12 13:13 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\IDM
2021-11-02 19:49 - 2021-11-11 18:48 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\DMCache
2021-11-02 19:49 - 2021-11-02 19:49 - 000000000 ____D C:\Users\Administrator\Downloads\Video
2021-11-02 19:49 - 2021-11-02 19:49 - 000000000 ____D C:\ProgramData\IDM
2021-11-02 19:48 - 2021-11-12 13:14 - 000000000 ____D C:\Program Files (x86)\Internet Download Manager
2021-10-28 18:49 - 2021-10-28 18:49 - 000142605 _____ C:\Users\Administrator\Downloads\ZAFE-MARC-DANIEL-FABM-ASSIGNMENT-1 (1).pdf
2021-10-28 14:46 - 2021-10-28 14:47 - 000142605 _____ C:\Users\Administrator\Downloads\ZAFE-MARC-DANIEL-FABM-ASSIGNMENT-1.pdf
2021-10-28 13:09 - 2021-11-15 11:24 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2021-10-28 13:09 - 2021-10-28 13:09 - 000000222 _____ C:\Users\Administrator\Desktop\Grand Theft Auto V.url
2021-10-28 12:59 - 2021-11-11 09:33 - 000000000 ____D C:\Users\Administrator\AppData\Local\ElevatedDiagnostics
2021-10-28 12:58 - 2021-10-28 12:58 - 000000000 ____D C:\Users\Administrator\AppData\Local\Steam
2021-10-28 12:58 - 2021-10-28 12:58 - 000000000 ____D C:\Users\Administrator\AppData\Local\CEF
2021-10-28 12:48 - 2021-11-17 11:58 - 000000000 ____D C:\Program Files (x86)\Steam
2021-10-28 12:48 - 2021-11-11 16:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2021-10-28 12:48 - 2021-10-28 12:48 - 001770744 _____ C:\Users\Administrator\Downloads\SteamSetup.exe
2021-10-28 12:48 - 2021-10-28 12:48 - 000001032 _____ C:\Users\Public\Desktop\Steam.lnk
2021-10-27 21:51 - 2021-10-27 21:52 - 000180826 ____H C:\Users\Administrator\Downloads\~WRL1398.tmp
2021-10-27 11:03 - 2021-10-26 21:43 - 1786521444 _____ C:\Users\Administrator\Downloads\_Getintopc.com_Office_Pro_Plus_2021_v2109_Build_14430.20276.rar
2021-10-27 02:21 - 2021-10-27 02:21 - 000000017 _____ C:\Users\Administrator\AppData\Local\resmon.resmoncfg
2021-10-27 01:32 - 2021-10-27 01:32 - 000000000 ____D C:\Users\Administrator\AppData\Local\PeerDistRepub
2021-10-27 01:13 - 2021-10-27 01:13 - 000000000 ____D C:\Users\Administrator\Documents\Custom Office Templates
2021-10-26 22:18 - 2021-11-11 16:49 - 000000000 ____D C:\Program Files\UNP
2021-10-26 22:10 - 2021-10-26 22:10 - 000002404 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2021-10-26 22:10 - 2021-10-26 22:10 - 000002396 _____ C:\Users\Administrator\Desktop\Microsoft Teams.lnk
2021-10-26 22:10 - 2021-10-26 22:10 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Teams
2021-10-26 22:10 - 2021-10-26 22:10 - 000000000 ____D C:\Users\Administrator\AppData\Local\SquirrelTemp
2021-10-26 22:03 - 2021-11-07 15:23 - 000002092 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-10-26 22:03 - 2021-10-26 22:03 - 000000000 ___RD C:\Users\Default\OneDrive
2021-10-26 22:03 - 2021-10-26 22:03 - 000000000 ___RD C:\Users\Administrator\OneDrive
2021-10-26 22:02 - 2021-10-26 22:02 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2021-10-26 22:02 - 2021-10-26 22:02 - 000000000 ____D C:\Program Files (x86)\Teams Installer
2021-10-26 22:01 - 2021-11-11 16:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2021-10-26 22:01 - 2021-10-26 22:01 - 000002411 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2021-10-26 22:01 - 2021-10-26 22:01 - 000002410 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2021-10-26 22:01 - 2021-10-26 22:01 - 000002374 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2021-10-26 22:01 - 2021-10-26 22:01 - 000002373 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2021-10-26 22:01 - 2021-10-26 22:01 - 000002367 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2021-10-26 22:01 - 2021-10-26 22:01 - 000002361 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2021-10-26 22:01 - 2021-10-26 22:01 - 000002353 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
2021-10-26 22:00 - 2021-10-26 22:02 - 000000000 ____D C:\Program Files\Microsoft Office
2021-10-26 22:00 - 2021-10-26 22:00 - 000000000 ____D C:\Program Files\Microsoft Office 15
2021-10-26 21:57 - 2021-11-05 17:17 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\WinRAR
2021-10-26 20:54 - 2021-10-26 20:54 - 000000000 ____D C:\Users\Administrator\AppData\Local\Comms
2021-10-24 13:51 - 2021-11-13 19:02 - 000000000 ____D C:\Program Files (x86)\Hard Disk Sentinel
2021-10-24 13:51 - 2021-11-11 16:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hard Disk Sentinel
2021-10-24 13:51 - 2021-10-24 13:51 - 000001156 _____ C:\Users\Administrator\Desktop\Hard Disk Sentinel.lnk
2021-10-24 13:51 - 2021-10-24 13:51 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Hard Disk Sentinel
2021-10-24 13:50 - 2021-10-24 13:50 - 036324820 _____ C:\Users\Administrator\Downloads\hdsentinel_pro_setup.zip
2021-10-24 13:50 - 2021-10-24 13:50 - 000000000 ____D C:\Users\Administrator\Downloads\hdsentinel_pro_setup
2021-10-24 13:47 - 2021-10-24 13:47 - 000000000 ____L (lrepacks.ru) C:\Users\Administrator\Desktop\DriverEasy Portable
2021-10-24 13:47 - 2021-10-24 13:47 - 000000000 ____D C:\Program Files\DriverEasy
2021-10-24 13:43 - 2021-10-24 13:43 - 003581729 _____ C:\Users\Administrator\Downloads\Windows.10.Digital.Activation.CMD.zip
2021-10-24 13:43 - 2021-10-24 13:43 - 000000000 ____D C:\Users\Administrator\Downloads\Windows.10.Digital.Activation.CMD
2021-10-24 13:42 - 2021-11-11 00:58 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-10-24 13:42 - 2021-11-11 00:58 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-10-24 13:42 - 2021-10-27 11:15 - 000000000 ____D C:\Users\Administrator\AppData\Local\Google
2021-10-24 13:42 - 2021-10-24 13:42 - 000000000 ____D C:\Users\Administrator\AppData\LocalLow\AMD
2021-10-24 13:41 - 2021-11-17 11:11 - 000000000 ____D C:\Program Files (x86)\Google
2021-10-24 13:41 - 2021-10-24 13:41 - 000000000 ____D C:\Users\Administrator\AppData\Local\wget
2021-10-24 13:41 - 2021-10-24 13:41 - 000000000 ____D C:\Program Files\Google
2021-10-24 13:33 - 2021-11-16 20:26 - 000000000 ____D C:\Users\Administrator\AppData\Local\D3DSCache
2021-10-24 13:33 - 2021-10-28 13:00 - 000000000 ____D C:\Users\Administrator\AppData\Local\AMD
2021-10-24 13:31 - 2021-11-11 16:47 - 000000000 ____D C:\WINDOWS\system32\AMD
2021-10-24 13:31 - 2021-10-24 13:31 - 000000000 ____D C:\Program Files\AMD
2021-10-24 13:31 - 2019-10-30 17:20 - 005623256 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPOU64.dll
2021-10-24 13:31 - 2019-10-30 17:20 - 001126344 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtCOM64.dll
2021-10-24 13:31 - 2019-10-30 17:20 - 000481888 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2021-10-24 13:31 - 2019-10-30 14:20 - 000856288 _____ (Realtek Semiconductor) C:\WINDOWS\system32\RtkAudUService64.exe
2021-10-24 13:31 - 2019-10-30 14:20 - 000821336 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64U.dll
2021-10-24 13:31 - 2019-10-30 14:20 - 000215032 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2021-10-24 13:23 - 2021-11-11 16:49 - 000000000 ___HD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2021-10-24 13:23 - 2021-11-11 16:31 - 000000000 ___HD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2021-10-24 13:23 - 2021-11-11 16:31 - 000000000 ____D C:\Program Files\CPUID
2021-10-24 13:23 - 2021-10-24 13:23 - 000000874 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2021-10-24 13:22 - 2021-11-15 12:33 - 000000000 ____D C:\Users\Administrator\AppData\Local\Packages
2021-10-24 13:22 - 2021-11-12 13:07 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2021-10-24 13:22 - 2021-11-11 09:17 - 000000000 ___RD C:\Users\Administrator\3D Objects
2021-10-24 13:22 - 2021-10-24 13:23 - 000000000 ____D C:\Users\Administrator\AppData\Local\ConnectedDevicesPlatform
2021-10-24 13:22 - 2019-11-27 07:11 - 000001580 _____ C:\Users\Administrator\Desktop\Ghost Toolbox.lnk
2021-10-24 13:18 - 2021-10-24 13:18 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2021-10-24 13:17 - 2021-11-13 20:17 - 000737294 ____N C:\WINDOWS\Minidump\111321-30312-01.dmp

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-11-17 11:35 - 2019-12-07 17:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-11-17 11:08 - 2019-12-07 17:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-11-16 21:54 - 2019-12-07 17:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-11-16 21:54 - 2019-12-07 17:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-11-16 21:27 - 2019-12-07 17:13 - 000000000 ____D C:\WINDOWS\INF
2021-11-16 19:36 - 2019-12-07 17:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-11-13 20:19 - 2019-12-07 17:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-11-13 20:18 - 2019-12-07 17:54 - 000000000 ___SD C:\WINDOWS\system32\AppV
2021-11-13 20:18 - 2019-12-07 17:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-11-13 20:18 - 2019-12-07 17:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-11-13 20:18 - 2019-12-07 17:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-11-13 20:18 - 2019-12-07 17:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-11-13 20:18 - 2019-12-07 17:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-11-13 20:18 - 2019-12-07 17:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-11-13 20:18 - 2019-12-07 17:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-11-13 20:18 - 2019-12-07 17:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-11-13 20:18 - 2019-12-07 17:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-11-13 20:18 - 2019-12-07 17:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-11-13 20:18 - 2019-12-07 17:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-11-13 20:18 - 2019-12-07 17:03 - 000000000 ____D C:\WINDOWS\servicing
2021-11-13 19:17 - 2019-12-07 17:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-11-12 13:11 - 2019-12-07 17:14 - 000000000 ____D C:\WINDOWS\appcompat
2021-11-11 18:50 - 2019-12-07 17:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-11-11 16:49 - 2019-12-07 17:18 - 000000000 ____D C:\WINDOWS\Setup
2021-11-11 16:49 - 2019-12-07 17:14 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2021-11-11 16:49 - 2019-12-07 17:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2021-11-11 16:49 - 2019-12-07 17:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-11-11 16:49 - 2019-12-07 17:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-11-11 16:49 - 2019-12-07 17:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-11-11 16:49 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2021-11-11 16:49 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2021-11-11 16:43 - 2019-12-07 17:54 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-11-11 16:43 - 2019-12-07 17:54 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-11-11 16:43 - 2019-12-07 17:51 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2021-11-11 16:43 - 2019-12-07 17:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-11-11 16:43 - 2019-12-07 17:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-11-11 16:43 - 2019-12-07 17:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-11-11 16:43 - 2019-12-07 17:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-11-11 16:43 - 2019-12-07 17:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-11-11 16:43 - 2019-12-07 17:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-11-11 16:43 - 2019-12-07 17:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-11-11 16:43 - 2019-12-07 17:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2021-11-11 16:43 - 2019-12-07 17:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2021-11-11 16:43 - 2019-12-07 17:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2021-11-11 16:43 - 2019-12-07 17:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-11-11 16:43 - 2019-12-07 17:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2021-11-11 16:43 - 2019-12-07 17:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-11-11 16:43 - 2019-12-07 17:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-11-11 16:43 - 2019-12-07 17:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-11-11 16:43 - 2019-12-07 17:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-11-11 16:43 - 2019-12-07 17:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-11-11 16:43 - 2019-12-07 17:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-11-11 16:43 - 2019-12-07 17:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2021-11-11 16:43 - 2019-12-07 17:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-11-11 16:43 - 2019-12-07 17:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-11-11 16:43 - 2019-12-07 17:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-11-11 16:43 - 2019-12-07 17:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-11-11 16:43 - 2019-12-07 17:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-11-11 16:43 - 2019-12-07 17:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-11-11 16:43 - 2019-12-07 17:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-11-11 16:43 - 2019-12-07 17:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2021-11-11 16:43 - 2019-12-07 17:14 - 000000000 ____D C:\WINDOWS\system32\Com
2021-11-11 16:43 - 2019-12-07 17:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-11-11 16:43 - 2019-12-07 17:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-11-11 16:43 - 2019-12-07 17:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-11-11 16:43 - 2019-12-07 17:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-11-11 16:43 - 2019-12-07 17:14 - 000000000 ____D C:\WINDOWS\IME
2021-11-11 16:43 - 2019-12-07 17:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-11-11 16:43 - 2019-12-07 17:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-11-11 16:43 - 2019-12-07 17:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2021-11-11 16:42 - 2019-12-07 17:54 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-11-11 16:42 - 2019-12-07 17:54 - 000020908 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2021-11-11 09:34 - 2019-12-07 17:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-11-11 09:18 - 2021-07-15 17:24 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-11-11 01:03 - 2019-12-07 17:51 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2021-11-11 01:03 - 2019-12-07 17:14 - 000000000 ____D C:\ProgramData\USOPrivate
2021-11-11 01:02 - 2019-12-07 17:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-11-11 01:01 - 2019-12-07 17:14 - 000000000 ____D C:\Program Files\Windows Defender
2021-11-11 00:57 - 2019-12-07 17:14 - 000000000 __RHD C:\Users\Public\Libraries
2021-11-03 06:05 - 2021-07-15 17:23 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd

==================== Files in the root of some directories ========

2021-10-27 02:21 - 2021-10-27 02:21 - 000000017 _____ () C:\Users\Administrator\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

 

Link to post
Share on other sites

ohh i forgot about this

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 11/17/21
Scan Time: 11:42 AM
Log File: 6e44ce96-4758-11ec-84fd-001a7dda7110.json

-Software Information-
Version: 4.4.10.144
Components Version: 1.0.1499
Update Package Version: 1.0.47270
License: Trial

-System Information-
OS: Windows 10 (Build 19042.1348)
CPU: x64
File System: NTFS
User: WIN-SKRMTT21HGK\Administrator

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 287398
Threats Detected: 0
Threats Quarantined: 0
Time Elapsed: 4 min, 43 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 0
(No malicious items detected)

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)

Link to post
Share on other sites

Hello ILLUSION042,

Do not see any specific malware or infection in the logs you`ve posted, did you also run Adwcleaner..? can I also see that log.

Can you Disable Controlled Folder Access, reboot, does that male any difference..?

https://www.tenforums.com/tutorials/113380-how-enable-disable-controlled-folder-access-windows-10-a.html

Thank you,

Kevin

Link to post
Share on other sites

# -------------------------------
# Malwarebytes AdwCleaner 8.3.0.0
# -------------------------------
# Build:    06-29-2021
# Database: 2021-10-26.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    11-17-2021
# Duration: 00:00:11
# OS:       Windows 10 Pro
# Scanned:  32012
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.