offline
- Rocky I
- Građanin
- Pridružio: 26 Dec 2007
- Poruke: 132
|
FRST.txt
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-11-2023 02
Ran by dejan (administrator) on BATTLESHIP4 (Micro-Star International Co., Ltd MS-7C02) (02-12-2023 10:18:15)
Running from C:\Users\dejan\OneDrive\Desktop\FRST64\FRST64.exe
Loaded Profiles: dejan
Platform: Microsoft Windows 11 Pro Version 23H2 22631.2715 (X64) Language: English (United States)
Default browser: Opera
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
(C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.30700.0.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\118.0.2088.46\msedgewebview2.exe <7>
(C:\Users\dejan\AppData\Local\Programs\Opera\opera.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <2>
(C:\Users\dejan\AppData\Local\Programs\Opera\opera.exe ->) (Opera Norway AS -> Opera Software) C:\Users\dejan\AppData\Local\Programs\Opera\105.0.4970.21\opera_crashreporter.exe
(cmd.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(cmd.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MbamBgNativeMsg.exe
(DriverStore\FileRepository\u0397406.inf_amd64_327265d4e3c6acee\B397164\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0397406.inf_amd64_327265d4e3c6acee\B397164\atieclxx.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <10>
(explorer.exe ->) (The qBittorrent Project) [File not signed] C:\Program Files\qBittorrent\qbittorrent.exe
(Kilonova LLC -> Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.5.0.7\Lightshot.exe
(Open Source Developer, Noriyuki Miyazaki -> Crystal Dew World) C:\Program Files\CrystalDiskInfo\DiskInfo64.exe
(Opera Norway AS -> Opera Software) C:\Users\dejan\AppData\Local\Programs\Opera\opera.exe <47>
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0397406.inf_amd64_327265d4e3c6acee\B397164\atiesrxx.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (HP Inc.) [File not signed] C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Microsoft Update Health Tools\uhssvc.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\dejan\AppData\Local\Microsoft\OneDrive\23.226.1031.0003\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.30700.0.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => "C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_0c755fff65745edd\RtkAudUService64.exe" -background (No File)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18381792 2017-06-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226728 2019-07-21] (Kilonova LLC -> )
HKLM-x32\...\Run: [HDD Regenerator] => "C:\Program Files (x86)\HDD Regenerator\Shell.exe" /1 (No File)
HKLM-x32\...\Run: [Genshin Impact_launcher_pcseaepic_1_3] => [X]
HKU\S-1-5-21-3742737895-398362341-1790896251-1001\...\Run: [MicrosoftEdgeAutoLaunch_A9AE4A14A8BD639F4AB91FC16A3CB162] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4131264 2023-10-13] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3742737895-398362341-1790896251-1001\...\Run: [qBittorrent] => C:\Program Files\qBittorrent\qbittorrent.exe [32222208 2023-11-20] (The qBittorrent Project) [File not signed]
HKU\S-1-5-21-3742737895-398362341-1790896251-1001\...\Run: [AMDNoiseSuppression] => "C:\Windows\system32\AMD\ANR\AMDNoiseSuppression.exe" (No File)
HKLM\...\Print\Monitors\HP Standard TCP/IP Port: C:\Windows\system32\HpTcpMon.dll [331264 2009-09-16] (Hewlett Packard) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\119.0.6045.200\Installer\chrmstp.exe [2023-12-01] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {2B08D15F-78B9-4B1E-B6F1-ED6D0CA93D5A} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1030584 2023-10-26] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {50BBA1D1-D8FD-4496-899B-F59A75320FD0} - System32\Tasks\AMDRyzenMasterSDKTask => C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe [183736 2023-10-25] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {E9631097-A1F9-4221-AB57-031CB827226B} - System32\Tasks\CrystalDiskInfo => C:\Program Files\CrystalDiskInfo\DiskInfo64.exe [2851864 2023-07-11] (Open Source Developer, Noriyuki Miyazaki -> Crystal Dew World)
Task: {4A534B2F-438B-49D3-87C7-D8559D63769C} - System32\Tasks\GoogleUpdateTaskMachineCore{1A06BADA-A8D7-43F1-B50C-5994EBDDAA3D} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162072 2023-09-03] (Google LLC -> Google LLC)
Task: {F7BC5270-2529-456B-B079-71B9F948E559} - System32\Tasks\GoogleUpdateTaskMachineUA{916D487C-2D66-4DB3-80A8-DC1BAD219A07} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162072 2023-09-03] (Google LLC -> Google LLC)
Task: {6373F595-A235-4271-B148-4D20736716DA} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [60880 2023-11-09] (HP Inc. -> HP Inc.)
Task: {875307EA-B8FB-44DD-BEAF-0B6F0B9AD6E8} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [60880 2023-11-09] (HP Inc. -> HP Inc.)
Task: {CB7B650F-1996-45A2-A490-32BCC9CC8DD0} - System32\Tasks\Microsoft\Windows\ConsentUX\UnifiedConsent\UnifiedConsentSyncTask => {82aa0895-198a-4c1b-b2d1-c16894218afb} C:\Windows\System32\unifiedconsent.dll [311296 2023-11-07] (Microsoft Windows -> Microsoft Corporation)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {EF56507F-2D0D-4CA6-B899-1C4678BFC71F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {01AB02E2-08AF-4687-8EBC-1E60438E102E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {29CD333E-1610-4C0E-9BC2-639AF936184F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {FD6D62B7-C21C-4732-B048-C85CAA14CA98} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {52CCAEA7-3B00-495D-9041-5E9BDA94E60B} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1030584 2023-10-26] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {11CC6EF0-8D72-4838-B7C6-C31595A9541E} - System32\Tasks\Opera scheduled Autoupdate 1693753719 => C:\Users\dejan\AppData\Local\Programs\Opera\launcher.exe [2353056 2023-11-22] (Opera Norway AS -> Opera Software)
Task: {BD331458-D1D9-4683-BAF8-049D7F715944} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [60344 2023-10-25] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {E08EFB5D-83B7-40C2-9785-338CEA72103B} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [324024 2023-10-25] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {B0EF9426-EC2A-43DA-BC6F-E608BADCE0DC} - System32\Tasks\update-S-1-5-21-3742737895-398362341-1790896251-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {13F30F04-9908-4F99-93A0-F3A1635FD6A2} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\update-S-1-5-21-3742737895-398362341-1790896251-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{78b586f0-797e-4c99-bc9d-e781f9772ddb}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7d7a6ad2-718f-49c9-8beb-6355924f5174}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\dejan\AppData\Local\Microsoft\Edge\User Data\Default [2023-12-02]
Edge Notifications: Default -> [Link mogu videti samo ulogovani korisnici]
Edge Session Restore: Default -> is enabled.
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\dejan\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bojobppfploabceghnmlahpoonbcbacn [2023-12-01]
Edge Extension: (Google Docs Offline) - C:\Users\dejan\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-18]
Edge Extension: (Edge relevant text changes) - C:\Users\dejan\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-09-13]
Edge Profile: C:\Users\dejan\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2023-11-24]
Edge Session Restore: Profile 1 -> is enabled.
Edge Extension: (Grammarly: Grammar Checker and AI Writing App) - C:\Users\dejan\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\cnlefmmeadmemmdciolhbnfeacpdfbkd [2023-11-17]
Edge Extension: (Google Docs Offline) - C:\Users\dejan\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-03]
Edge Extension: (Edge relevant text changes) - C:\Users\dejan\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-10-23]
Edge Extension: (Octotree - GitHub code tree) - C:\Users\dejan\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\joagmknfcgpikbadjkaikmnhpjadihjg [2023-10-25]
Edge Extension: (AdBlock — best ad blocker) - C:\Users\dejan\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\ndcileolkflehcjpmjnfbnaibdcgglog [2023-11-15]
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Default [2023-12-02]
CHR DownloadDir: D:\Downloads
CHR HomePage: Default -> [Link mogu videti samo ulogovani korisnici]
CHR Session Restore: Default -> is enabled.
CHR Extension: (Google Translate) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2023-09-03]
CHR Extension: (AliExpress Coupon Finder) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\adanomdlalebngcphfbknoglbcdcbchb [2023-09-03]
CHR Extension: (Sexy Undo Close Tab) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcennaiejdjpomgmmohhpgnjlmpcjmbg [2023-09-03]
CHR Extension: (ColorZilla) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhlhnicpbhignbdhedgjhgdocnmhomnp [2023-10-11]
CHR Extension: (WOT: Website Security & Safety Checker) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2023-11-28]
CHR Extension: (Octotree - GitHub code tree) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkhaagjahfmjljalopjnoealnfndnagc [2023-11-14]
CHR Extension: (JSON Viewer) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbmdgpbipfallnflgajpaliibnhdgobh [2023-09-03]
CHR Extension: (Toby Mini) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfdcgfhkelkdmglklfbndgopaihmoeci [2023-11-28]
CHR Extension: (Google Docs Offline) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-03]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2023-11-28]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-12-01]
CHR Extension: (WhatFont) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\jabopobgcpjmedljpbcaablpmlmfcogm [2023-09-03]
CHR Extension: (Grammarly: Grammar Checker and AI Writing App) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2023-12-01]
CHR Extension: (StayFocusd - Block Distracting Websites) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji [2023-12-01]
CHR Extension: (AliSaver - AliExpress Shopping and Cashback) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbpccgpiidnajgnapidpjmcjakjhkbom [2023-09-03]
CHR Extension: (Humble New Tab Page) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfgdmpfihlmdekaclngibpjhdebndhdj [2023-10-23]
CHR Extension: (editGPT) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\mognjodfeldknhobgbnkoomipkmlnnhk [2023-12-01]
CHR Extension: (The Printliminator) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nklechikgnfoonbfmcalddjcpmcmgapf [2023-09-03]
CHR Extension: (Chrome Web Store Payments) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-09-03]
CHR Extension: (Toast - Save Tabs for Later) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pejhbjnfifdecpkgcjhgmcaphdobmiie [2023-09-03]
CHR Profile: C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Profile 1 [2023-11-26]
CHR Session Restore: Profile 1 -> is enabled.
CHR Extension: (Google Translate) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2023-09-03]
CHR Extension: (Sexy Undo Close Tab) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bcennaiejdjpomgmmohhpgnjlmpcjmbg [2023-09-03]
CHR Extension: (JSON Formatter) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bcjindcccaagfpapjjmafapmmgkkhgoa [2023-09-03]
CHR Extension: (Web Developer) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bfbameneiokkgbdmiekhjnmfkcnldhhm [2023-09-03]
CHR Extension: (ColorZilla) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bhlhnicpbhignbdhedgjhgdocnmhomnp [2023-11-13]
CHR Extension: (Octotree - GitHub code tree) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bkhaagjahfmjljalopjnoealnfndnagc [2023-11-13]
CHR Extension: (Weava Highlighter - PDF & Web) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cbnaodkpfinfiipjblikofhlhlcickei [2023-11-13]
CHR Extension: (JSONVue) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\chklaanhfefbnpoihckbnefhakgolnmc [2023-11-13]
CHR Extension: (OneTab) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\chphlpgkkbolifaimnlloiipkdnihall [2023-11-13]
CHR Extension: (Fonts Ninja) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eljapbgkmlngdpckoiiibecpemleclhh [2023-09-03]
CHR Extension: (Google Font Previewer for Chrome) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\engndlnldodigdjamndkplafgmkkencc [2023-09-03]
CHR Extension: (GoFullPage - Full Page Screen Capture) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fdpohaocaechififmbbbbbknoalclacl [2023-09-03]
CHR Extension: (React Developer Tools) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fmkadmapgofadopljbjfkapdkoienihi [2023-11-13]
CHR Extension: (JSON Viewer) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gbmdgpbipfallnflgajpaliibnhdgobh [2023-09-03]
CHR Extension: (Toby Mini) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gfdcgfhkelkdmglklfbndgopaihmoeci [2023-11-13]
CHR Extension: (Google Docs Offline) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-03]
CHR Extension: (ColorA11y) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\icfneoldcbdmgaiocnnobpbbjncdfbfb [2023-09-03]
CHR Extension: (WhatFont) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jabopobgcpjmedljpbcaablpmlmfcogm [2023-09-03]
CHR Extension: (Grammarly: Grammar Checker and AI Writing App) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2023-11-13]
CHR Extension: (Momentum) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\laookkfknpbbblfpciffpaejjkokdgca [2023-11-13]
CHR Extension: (Google Keep Chrome Extension) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lpcaedmchfhocbbapmcbpinfpgnhiddi [2023-11-13]
CHR Extension: (SelectorsHub) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ndgimibanhlabgdgjcpbbndiehljcpfh [2023-09-03]
CHR Extension: (Chrome Web Store Payments) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-09-03]
CHR Extension: (AdBlocker Ultimate) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ohahllgiabjaoigichmmfljhkcfikeof [2023-11-13]
CHR Extension: (Inspect Devices) - C:\Users\dejan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjpobmgdbnbegggcdgbljfgplleejmkb [2023-09-03]
CHR Profile: C:\Users\dejan\AppData\Local\Google\Chrome\User Data\System Profile [2023-11-07]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
Opera:
=======
OPR DefaultProfile: Default
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 CloudBackupRestoreSvc; C:\Windows\System32\CloudRestoreLauncher.dll [1355776 2023-11-07] (Microsoft Windows -> Microsoft Corporation)
S3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [11187816 2023-11-30] (Electronic Arts, Inc. -> Electronic Arts)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [375248 2023-10-22] (Epic Games Inc. -> Epic Games, Inc.)
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [176640 2020-02-11] (HP Inc.) [File not signed]
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [230360 2023-11-09] (HP Inc. -> HP Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9343840 2023-11-24] (Malwarebytes Inc. -> Malwarebytes)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [534584 2023-11-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\NisSrv.exe [3121120 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe [133704 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 WMS; C:\Windows\WinS\wmpnetwk.exe [331264 2014-08-31] () [File not signed] <==== ATTENTION
S3 EasyAntiCheat; "C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe" [X]
S3 EasyAntiCheat_EOS; "C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe" [X]
S3 Futuremark SystemInfo Service; "C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdfendrmgr; C:\Windows\System32\drivers\amdfendrmgr.sys [36736 2023-05-05] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 amdgpio3; C:\Windows\System32\drivers\amdgpio3.sys [36928 2022-09-16] (ASMedia Technology Inc. -> Advanced Micro Devices, Inc)
R2 AMDRyzenMasterDriverV20; C:\Windows\system32\AMDRyzenMasterDriver.sys [58952 2023-10-24] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R3 AMDSAFD; C:\Windows\System32\DriverStore\FileRepository\amdsafd.inf_amd64_54807f69fe156f14\amdsafd.sys [113088 2023-04-13] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R3 amduw23g; C:\Windows\System32\DriverStore\FileRepository\u0397406.inf_amd64_327265d4e3c6acee\B397164\amdkmdag.sys [106410120 2023-11-03] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\Windows\System32\drivers\amdxe.sys [61888 2023-05-24] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [532480 2023-05-05] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [184320 2023-05-05] (Microsoft Corporation) [File not signed]
S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [File not signed]
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [158640 2023-11-24] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [222784 2023-11-24] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2023-11-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt11.sys [233704 2023-12-02] (Malwarebytes Inc. -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [78400 2023-12-02] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239576 2023-11-24] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [188008 2023-12-02] (Malwarebytes Inc. -> Malwarebytes)
R1 MSIO; C:\Windows\system32\drivers\MsIo64.sys [19000 2023-04-05] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R3 rt68cx21; C:\Windows\System32\DriverStore\FileRepository\rt68cx21x64.inf_amd64_400a42c66fb0e159\rt68cx21x64.sys [598976 2022-01-17] (Realtek Semiconductor Corp. -> Realtek)
S3 rtcx21; C:\Windows\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_516e5c9b75c49dc2\rtcx21x64.sys [539648 2022-05-06] (Microsoft Windows -> Realtek)
S4 UCPD; C:\Windows\System32\drivers\UCPD.sys [29184 2023-09-13] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [55744 2023-11-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [578856 2023-11-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105768 2023-11-07] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-12-02 00:37 - 2023-12-02 00:37 - 000233704 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt11.sys
2023-12-02 00:37 - 2023-12-02 00:37 - 000188008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2023-12-01 22:12 - 2023-12-01 22:12 - 000000000 ____D C:\cryptic
2023-12-01 22:09 - 2023-12-01 22:09 - 000000000 ____D C:\Users\dejan\AppData\LocalLow\Snowcastle Games
2023-12-01 22:05 - 2023-12-01 22:05 - 000000000 ____D C:\Users\dejan\AppData\LocalLow\Alt Shift
2023-12-01 22:00 - 2023-12-01 22:00 - 000000000 ____D C:\Users\dejan\AppData\Local\Stardock
2023-12-01 22:00 - 2023-12-01 22:00 - 000000000 ____D C:\ProgramData\Stardock
2023-12-01 21:54 - 2023-12-01 21:54 - 000000000 ____D C:\Users\dejan\AppData\Local\DeliverUsMars
2023-12-01 21:49 - 2023-12-01 21:50 - 000000000 ____D C:\Users\dejan\AppData\Local\Jitsu_Squad
2023-12-01 21:44 - 2023-12-01 21:44 - 000000000 ____D C:\Users\dejan\AppData\LocalLow\Komi Games
2023-11-27 01:20 - 2023-12-02 09:49 - 000003102 _____ C:\Windows\system32\Tasks\AMDLinkUpdate
2023-11-27 01:20 - 2023-11-27 01:20 - 000003484 _____ C:\Windows\system32\Tasks\ModifyLinkUpdate
2023-11-27 01:20 - 2023-11-27 01:20 - 000002620 _____ C:\Windows\system32\Tasks\AMDRyzenMasterSDKTask
2023-11-27 01:20 - 2023-11-27 01:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Software꞉ Adrenalin Edition
2023-11-27 01:20 - 2023-11-27 01:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Bug Report Tool
2023-11-27 01:19 - 2023-11-27 01:19 - 000000000 ____D C:\Windows\LastGood.Tmp
2023-11-27 01:18 - 2023-11-03 17:33 - 002100872 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2023-11-27 01:18 - 2023-11-03 17:33 - 002100872 _____ C:\Windows\system32\vulkaninfo.exe
2023-11-27 01:18 - 2023-11-03 17:33 - 001659016 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2023-11-27 01:18 - 2023-11-03 17:33 - 001659016 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2023-11-27 01:18 - 2023-11-03 17:33 - 001466008 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2023-11-27 01:18 - 2023-11-03 17:33 - 001466008 _____ C:\Windows\system32\vulkan-1.dll
2023-11-27 01:18 - 2023-11-03 17:33 - 001307352 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2023-11-27 01:18 - 2023-11-03 17:33 - 001307352 _____ C:\Windows\SysWOW64\vulkan-1.dll
2023-11-27 01:18 - 2023-11-03 17:33 - 000731280 _____ C:\Windows\system32\hiprt0200064.dll
2023-11-27 01:18 - 2023-11-03 17:33 - 000607888 _____ C:\Windows\system32\GameManager64.dll
2023-11-27 01:18 - 2023-11-03 17:33 - 000549000 _____ C:\Windows\system32\libsmi_guest.dll
2023-11-27 01:18 - 2023-11-03 17:33 - 000524424 _____ C:\Windows\system32\libsmi_host.dll
2023-11-27 01:18 - 2023-11-03 17:33 - 000503944 _____ C:\Windows\system32\EEURestart.exe
2023-11-27 01:18 - 2023-11-03 17:33 - 000462472 _____ C:\Windows\SysWOW64\GameManager32.dll
2023-11-27 01:18 - 2023-11-03 17:33 - 000207496 _____ C:\Windows\system32\mantle64.dll
2023-11-27 01:18 - 2023-11-03 17:33 - 000186512 _____ C:\Windows\system32\mantleaxl64.dll
2023-11-27 01:18 - 2023-11-03 17:33 - 000165512 _____ C:\Windows\SysWOW64\mantle32.dll
2023-11-27 01:18 - 2023-11-03 17:33 - 000149128 _____ C:\Windows\SysWOW64\mantleaxl32.dll
2023-11-27 01:18 - 2023-11-03 17:32 - 000184464 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2023-11-27 01:18 - 2023-11-03 17:32 - 000148624 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2023-11-27 01:18 - 2023-11-03 17:31 - 000975504 _____ (AMD) C:\Windows\system32\atieclxx.exe
2023-11-27 01:18 - 2023-11-03 17:31 - 000537232 _____ C:\Windows\system32\atieah64.exe
2023-11-27 01:18 - 2023-11-03 17:31 - 000266896 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2023-11-27 01:18 - 2023-11-03 17:31 - 000229008 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2023-11-27 01:18 - 2023-11-03 17:31 - 000196232 _____ (AMD) C:\Windows\system32\atimuixx.dll
2023-11-27 01:18 - 2023-11-03 17:30 - 001617544 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2023-11-27 01:18 - 2023-11-03 17:30 - 001617544 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxx.dll
2023-11-27 01:18 - 2023-11-03 17:30 - 000473224 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2023-11-27 01:18 - 2023-11-03 17:30 - 000406152 _____ C:\Windows\SysWOW64\atieah32.exe
2023-11-27 01:18 - 2023-11-03 17:30 - 000210872 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2023-11-27 01:18 - 2023-11-03 17:30 - 000174792 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2023-11-27 01:18 - 2023-11-03 17:30 - 000138888 _____ C:\Windows\system32\amdxc64.dll
2023-11-27 01:18 - 2023-11-03 17:30 - 000114832 _____ C:\Windows\SysWOW64\amdxc32.dll
2023-11-27 01:18 - 2023-11-03 17:30 - 000074896 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ati2erec.dll
2023-11-27 01:18 - 2023-11-03 17:29 - 011757048 _____ C:\Windows\system32\amdsmi.exe
2023-11-27 01:18 - 2023-11-03 17:29 - 002245256 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdsasrv64.dll
2023-11-27 01:18 - 2023-11-03 17:29 - 001338504 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdsacli64.dll
2023-11-27 01:18 - 2023-11-03 17:29 - 001059464 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdsacli32.dll
2023-11-27 01:18 - 2023-11-03 17:29 - 000943752 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdlvr64.dll
2023-11-27 01:18 - 2023-11-03 17:29 - 000771208 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdlvr32.dll
2023-11-27 01:18 - 2023-11-03 17:29 - 000570000 _____ C:\Windows\system32\amdgfxinfo64.dll
2023-11-27 01:18 - 2023-11-03 17:29 - 000433800 _____ C:\Windows\SysWOW64\amdgfxinfo32.dll
2023-11-27 01:18 - 2023-11-03 17:28 - 004384904 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdadlx64.dll
2023-11-27 01:18 - 2023-11-03 17:28 - 004189832 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdadlx32.dll
2023-11-27 01:18 - 2023-11-03 17:28 - 000801424 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Rapidfire64.dll
2023-11-27 01:18 - 2023-11-03 17:28 - 000678544 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\Rapidfire.dll
2023-11-27 01:18 - 2023-11-03 17:28 - 000542856 _____ C:\Windows\system32\dgtrayicon.exe
2023-11-27 01:18 - 2023-11-03 17:28 - 000471176 _____ C:\Windows\system32\amdlogum.exe
2023-11-27 01:18 - 2023-11-03 17:28 - 000051336 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\RapidFireServer64.dll
2023-11-27 01:18 - 2023-11-03 17:28 - 000048272 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\RapidFireServer.dll
2023-11-27 01:18 - 2023-11-03 17:27 - 105410192 _____ C:\Windows\system32\amd_comgr.dll
2023-11-27 01:18 - 2023-11-03 17:27 - 088615560 _____ C:\Windows\SysWOW64\amd_comgr32.dll
2023-11-27 01:18 - 2023-11-03 17:27 - 019434128 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdhip64.dll
2023-11-27 01:18 - 2023-11-03 17:27 - 001725760 _____ (AMD) C:\Windows\system32\amf-mft-mjpeg-decoder64.dll
2023-11-27 01:18 - 2023-11-03 17:27 - 001400224 _____ (AMD) C:\Windows\SysWOW64\amf-mft-mjpeg-decoder32.dll
2023-11-27 01:18 - 2023-11-03 17:27 - 000524944 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2023-11-27 01:18 - 2023-11-03 17:27 - 000390792 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2023-11-27 01:18 - 2023-11-03 17:27 - 000337984 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdfendr.stz
2023-11-27 01:18 - 2023-11-03 17:27 - 000176784 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll
2023-11-27 01:18 - 2023-11-03 17:27 - 000167256 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2023-11-27 01:18 - 2023-11-03 17:27 - 000145552 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl.dll
2023-11-27 01:18 - 2023-11-03 17:27 - 000138336 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2023-11-27 01:18 - 2023-11-03 17:27 - 000132512 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2023-11-27 01:18 - 2023-11-03 17:27 - 000103048 _____ C:\Windows\system32\clinfo.exe
2023-11-27 01:18 - 2023-11-03 17:27 - 000056384 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdfendrmgr.stz
2023-11-27 01:18 - 2023-11-03 17:26 - 000572160 _____ C:\Windows\system32\amdmiracast.dll
2023-11-27 01:18 - 2023-11-03 17:26 - 000177688 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2023-11-27 01:18 - 2023-11-03 17:26 - 000167264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2023-11-27 01:18 - 2023-11-03 17:26 - 000152344 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2023-11-27 01:18 - 2023-11-03 17:26 - 000138328 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2023-11-27 01:18 - 2023-11-03 16:51 - 110185488 _____ C:\Windows\system32\amdxc64.so
2023-11-25 02:19 - 2023-11-25 02:19 - 000054390 _____ C:\Users\dejan\OneDrive\Documents\Addition.txt
2023-11-25 01:49 - 2023-12-02 10:18 - 000000000 ____D C:\FRST
2023-11-24 01:22 - 2023-11-24 01:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2023-11-24 01:22 - 2023-11-24 01:22 - 000000000 ____D C:\Program Files\qBittorrent
2023-11-24 00:56 - 2023-12-02 10:16 - 000000000 ____D C:\Users\dejan\AppData\Local\Malwarebytes
2023-11-24 00:56 - 2023-11-24 00:56 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2023-11-24 00:56 - 2023-11-24 00:56 - 000000000 ____D C:\Users\dejan\AppData\Local\mbam
2023-11-24 00:56 - 2023-11-24 00:56 - 000000000 ____D C:\ProgramData\Malwarebytes
2023-11-24 00:56 - 2023-11-24 00:56 - 000000000 ____D C:\Program Files\Malwarebytes
2023-11-22 10:18 - 2023-11-22 10:18 - 000000000 ____D C:\Windows\Microsoft Antimalware
2023-11-22 01:29 - 2023-11-22 01:29 - 002383872 _____ (Farbar) C:\Users\dejan\Downloads\FRSTEnglish.exe
2023-11-22 00:53 - 2023-11-24 00:59 - 000000000 ____D C:\Users\dejan\AppData\Roaming\DigitalCloud
2023-11-22 00:53 - 2023-11-22 00:53 - 000000000 ____D C:\Users\dejan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DigitalCloud
2023-11-22 00:48 - 2023-11-22 01:14 - 000000004 ____H C:\ProgramData\rc.dat
2023-11-22 00:47 - 2023-11-22 01:14 - 000000004 ____H C:\ProgramData\lock.dat
2023-11-22 00:47 - 2023-11-22 00:47 - 000000512 ____H C:\ProgramData\resource.dat
2023-11-22 00:47 - 2023-11-22 00:47 - 000000008 ____H C:\ProgramData\ts.dat
2023-11-22 00:46 - 2023-11-22 01:15 - 000000000 ____D C:\ProgramData\AudioLevel
2023-11-22 00:31 - 2023-11-22 00:31 - 000000000 ____D C:\Users\dejan\AppData\LocalLow\Statespace
2023-11-22 00:27 - 2023-11-22 00:27 - 000000000 ____D C:\Users\dejan\AppData\Local\tkr
2023-11-22 00:09 - 2023-11-22 00:09 - 000000000 ____D C:\Users\dejan\AppData\Local\unali-468551218
2023-11-22 00:09 - 2023-11-22 00:09 - 000000000 ____D C:\Users\dejan\AppData\Local\unali-468551109
2023-11-21 23:55 - 2023-11-21 23:55 - 000000000 ____D C:\Users\dejan\AppData\LocalLow\Woodhill Studios
2023-11-21 23:43 - 2023-11-21 23:43 - 000000000 ____D C:\Users\dejan\AppData\Local\AitDPrologue
2023-11-21 19:25 - 2023-11-21 19:25 - 000000000 ____D C:\Users\dejan\AppData\Roaming\EaseUS
2023-11-21 19:25 - 2023-11-21 19:25 - 000000000 ____D C:\ProgramData\SystemAcCrux
2023-11-21 19:25 - 2023-11-21 19:25 - 000000000 ____D C:\Program Files\EaseUS
2023-11-21 19:25 - 2023-11-21 19:25 - 000000000 ____D C:\Program Files (x86)\EaseUS
2023-11-21 15:49 - 2023-11-21 15:49 - 000000000 ____D C:\ProgramData\Piriform
2023-11-21 15:47 - 2023-11-21 15:47 - 000000000 ____H C:\Users\dejan\OneDrive\Documents\Default.rdp
2023-11-21 14:29 - 2023-11-21 14:29 - 000000016 _____ C:\ProgramData\mntemp
2023-11-21 14:29 - 2023-11-21 14:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LAV Filters
2023-11-21 14:28 - 2023-11-21 15:45 - 000000000 ____D C:\ProgramData\Wondershare
2023-11-21 14:28 - 2023-11-21 15:45 - 000000000 ____D C:\Program Files (x86)\iSkysoft
2023-11-21 14:28 - 2023-11-21 14:29 - 000000000 ____D C:\Program Files (x86)\LAV Filters
2023-11-19 21:20 - 2023-11-19 21:20 - 000000000 ____D C:\Users\dejan\AppData\Local\VALORANT
2023-11-18 11:47 - 2023-11-21 00:13 - 000000000 ____D C:\Users\dejan\OneDrive\Documents\ViberDownloads
2023-11-18 11:47 - 2023-11-19 21:00 - 000000000 ____D C:\Users\dejan\AppData\Roaming\ViberPC
2023-11-18 11:47 - 2023-11-18 11:47 - 000001070 _____ C:\Users\dejan\AppData\Roaming\Microsoft\Windows\Start Menu\Viber.lnk
2023-11-18 11:47 - 2023-11-18 11:47 - 000000000 ____D C:\Users\dejan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Viber
2023-11-18 11:47 - 2023-11-18 11:47 - 000000000 ____D C:\Users\dejan\AppData\Local\ViberCache
2023-11-18 11:47 - 2023-11-18 11:47 - 000000000 ____D C:\Users\dejan\AppData\Local\Viber Media S.à r.l
2023-11-18 11:47 - 2023-11-18 11:47 - 000000000 ____D C:\Users\dejan\AppData\Local\Viber
2023-11-18 11:47 - 2023-11-18 11:47 - 000000000 ____D C:\Users\dejan\AppData\Local\Package Cache
2023-11-18 11:47 - 2023-11-18 11:47 - 000000000 ____D C:\Users\dejan\AppData\Local\2010-2023_Viber_Media_S.a
2023-11-15 17:07 - 2023-11-15 17:07 - 000000000 ____D C:\Users\dejan\AppData\Local\Days of Wonder
2023-11-15 17:01 - 2023-11-15 17:01 - 000000000 ____D C:\Users\dejan\AppData\LocalLow\Choice Provisions
2023-11-15 16:29 - 2023-11-15 16:29 - 000000000 ____D C:\Users\dejan\AppData\LocalLow\Codename Entertainment
2023-11-15 16:26 - 2023-11-15 16:28 - 000000000 ____D C:\Users\dejan\AppData\LocalLow\Unity
2023-11-15 16:17 - 2023-11-15 16:26 - 000000000 ____D C:\Users\dejan\AppData\LocalLow\Obsidian Entertainment
2023-11-15 15:56 - 2023-11-15 15:56 - 000000000 ____D C:\Users\dejan\AppData\LocalLow\Fullbright
2023-11-15 12:57 - 2023-11-15 12:58 - 000000000 ___HD C:\$WinREAgent
2023-11-13 09:57 - 2023-11-19 22:22 - 000000001 _____ C:\Windows\vgkbootstatus.dat
2023-11-12 22:08 - 2023-11-12 22:08 - 000000000 ____D C:\Users\dejan\OneDrive\Documents\Avalanche Studios
2023-11-12 22:08 - 2023-11-12 22:08 - 000000000 ____D C:\Users\dejan\AppData\Local\CrashRpt
2023-11-12 22:08 - 2023-11-12 22:08 - 000000000 ____D C:\Users\dejan\AppData\Local\Avalanche Studios
2023-11-12 21:59 - 2023-11-12 22:04 - 000000000 ____D C:\Users\dejan\AppData\Roaming\Path of Exile
2023-11-12 21:56 - 2023-11-12 21:56 - 000000000 ____D C:\Users\dejan\AppData\Roaming\Kalypso Media
2023-11-12 21:56 - 2023-11-12 21:56 - 000000000 ____D C:\Users\dejan\AppData\LocalLow\Realmforge Studios GmbH
2023-11-12 21:56 - 2023-11-12 21:56 - 000000000 ____D C:\Users\dejan\AppData\Local\Kalypso Media
2023-11-12 21:45 - 2023-11-12 21:45 - 000000000 ____D C:\Users\dejan\AppData\LocalLow\Koch Media GmbH
2023-11-12 21:39 - 2023-11-12 21:40 - 000000000 ____D C:\Users\dejan\AppData\Roaming\Surviving Mars
2023-11-12 21:22 - 2023-11-12 21:23 - 000000000 ____D C:\Users\dejan\OneDrive\Documents\Guacamelee2_EGS
2023-11-12 21:14 - 2023-11-12 21:14 - 000000000 ____D C:\Users\dejan\AppData\Local\QUBE
2023-11-12 21:02 - 2023-11-12 21:02 - 000000000 ____D C:\Users\dejan\AppData\LocalLow\MrPink
2023-11-12 20:56 - 2023-11-12 20:56 - 000000000 ____D C:\Users\dejan\AppData\LocalLow\No Code
2023-11-11 11:51 - 2023-11-11 11:51 - 000000000 ____D C:\Users\dejan\AppData\Local\HoYoverse
2023-11-11 10:36 - 2023-11-11 10:36 - 000000000 ____D C:\Users\dejan\AppData\LocalLow\Drop Bear Bytes
2023-11-11 10:27 - 2023-11-11 10:27 - 000000000 ____D C:\Users\dejan\AppData\Local\ColonyShipGame
2023-11-08 13:20 - 2023-11-08 13:20 - 000000000 ____D C:\Users\dejan\AppData\Local\Backup
2023-11-07 23:11 - 2023-11-07 23:11 - 000000000 ____D C:\Users\dejan\OneDrive\Documents\Darkest
2023-11-07 23:01 - 2023-11-07 23:01 - 000000000 ____D C:\Users\dejan\AppData\Local\VisionaireStudio
2023-11-07 23:01 - 2023-11-07 23:01 - 000000000 ____D C:\Users\dejan\AppData\Local\Visionaire Editor
2023-11-07 23:01 - 2023-11-07 23:01 - 000000000 ____D C:\Users\dejan\AppData\Local\Daedalic Entertainment GmbH
2023-11-07 22:43 - 2023-11-07 22:43 - 000000000 ____D C:\Users\dejan\AppData\LocalLow\Ripstone
2023-11-07 19:22 - 2023-11-07 19:22 - 000016240 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json
2023-11-07 19:08 - 2023-11-07 19:08 - 000000000 ____D C:\Users\dejan\AppData\LocalLow\Cosmonaut Studios Limited
2023-11-07 18:59 - 2023-11-07 18:59 - 000000000 ____D C:\Users\dejan\AppData\Local\Shadows
2023-11-07 18:37 - 2023-11-07 18:37 - 000000000 ____D C:\Users\dejan\AppData\LocalLow\Beam Team Games
2023-11-07 18:30 - 2023-11-07 18:30 - 000000000 ____D C:\Users\dejan\AppData\Roaming\Samurai Shodown NEOGEO Collection
2023-11-07 18:27 - 2023-11-07 18:27 - 000000000 ____D C:\Users\dejan\AppData\LocalLow\Snoozy Kazoo
2023-11-06 23:09 - 2023-11-06 23:09 - 000000000 ____D C:\Users\dejan\AppData\LocalLow\Dim Bulb Games
2023-11-06 23:02 - 2023-11-06 23:02 - 000000000 ____D C:\Users\dejan\AppData\Roaming\Aspyr Media
2023-11-06 23:02 - 2023-11-06 23:02 - 000000000 ____D C:\Users\dejan\AppData\LocalLow\PolyKnight Games
2023-11-06 23:02 - 2023-11-06 23:02 - 000000000 ____D C:\Users\dejan\AppData\Local\Aspyr Media
2023-11-06 22:52 - 2023-11-06 22:52 - 000000000 ____D C:\Users\dejan\AppData\Local\QUBE_Remastered
2023-11-06 18:44 - 2023-11-06 18:44 - 000000000 ____D C:\Users\dejan\AppData\Local\Ubisoft
2023-11-06 16:16 - 2023-11-06 16:16 - 000000000 ____D C:\Users\dejan\AppData\LocalLow\Hinterland
2023-11-06 16:15 - 2023-11-06 16:16 - 000000000 ____D C:\Users\dejan\AppData\Local\Hinterland
2023-11-06 14:17 - 2023-11-27 01:20 - 000003072 _____ C:\Windows\system32\Tasks\StartDVR
2023-11-06 11:53 - 2023-11-06 11:53 - 000000000 ____D C:\Users\dejan\AppData\Local\My Games
2023-11-05 19:39 - 2023-11-05 19:39 - 000000000 ____D C:\Users\dejan\AppData\LocalLow\BonusXP
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-12-02 10:16 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-12-02 10:04 - 2023-09-03 16:38 - 000000000 ____D C:\Users\dejan\AppData\Roaming\qBittorrent
2023-12-02 09:50 - 2023-09-03 22:06 - 000000000 ____D C:\Program Files (x86)\Google
2023-12-02 09:50 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SystemTemp
2023-12-02 09:49 - 2023-09-03 16:06 - 000000000 ___RD C:\Users\dejan\OneDrive
2023-12-02 09:49 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\AppReadiness
2023-12-02 02:31 - 2023-09-03 16:11 - 000000000 ____D C:\Program Files (x86)\Steam
2023-12-02 02:20 - 2023-09-04 00:55 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-12-02 02:19 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps
2023-12-02 00:45 - 2022-05-07 06:22 - 000000000 ____D C:\Windows\INF
2023-12-02 00:42 - 2022-05-07 06:17 - 000032768 _____ C:\Windows\system32\config\ELAM
2023-12-02 00:41 - 2023-09-03 16:03 - 000850316 _____ C:\Windows\system32\PerfStringBackup.INI
2023-12-02 00:34 - 2023-09-04 00:56 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-12-02 00:34 - 2023-09-04 00:55 - 000012288 ___SH C:\DumpStack.log.tmp
2023-12-02 00:34 - 2022-05-07 06:17 - 000524288 _____ C:\Windows\system32\config\BBI
2023-12-02 00:24 - 2023-09-03 18:49 - 000000000 ____D C:\AMD
2023-12-02 00:24 - 2023-09-03 16:03 - 000000000 ___SD C:\Users\dejan\AppData\Roaming\Microsoft\Protect
2023-12-01 22:11 - 2023-09-03 16:11 - 000000000 ____D C:\Program Files (x86)\Epic Games
2023-12-01 22:00 - 2023-09-03 16:27 - 000000000 ____D C:\Users\dejan\OneDrive\Documents\My Games
2023-12-01 21:54 - 2023-09-03 16:12 - 000000000 ____D C:\Users\dejan\AppData\Local\EpicGamesLauncher
2023-12-01 18:38 - 2023-09-03 16:13 - 000000000 ____D C:\Users\dejan\AppData\Local\Ubisoft Game Launcher
2023-12-01 18:38 - 2023-09-03 16:05 - 000000000 ____D C:\Users\dejan\AppData\Local\D3DSCache
2023-12-01 17:53 - 2023-09-03 22:06 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-12-01 17:53 - 2023-09-03 18:09 - 000000000 ___HD C:\Program Files\Microsoft Update Health Tools
2023-11-30 18:26 - 2023-09-03 22:06 - 000003790 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA{916D487C-2D66-4DB3-80A8-DC1BAD219A07}
2023-11-30 18:26 - 2023-09-03 22:06 - 000003666 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore{1A06BADA-A8D7-43F1-B50C-5994EBDDAA3D}
2023-11-27 09:32 - 2023-09-03 16:05 - 000000000 ____D C:\Users\dejan\AppData\Local\AMD
2023-11-27 01:20 - 2023-10-15 19:13 - 000003152 _____ C:\Windows\system32\Tasks\StartCN
2023-11-27 01:20 - 2023-09-03 16:05 - 000000000 ____D C:\Users\dejan\AppData\Local\Packages
2023-11-27 01:20 - 2023-09-03 16:01 - 000000000 ____D C:\Program Files\AMD
2023-11-27 01:20 - 2023-09-03 15:57 - 000000000 ____D C:\ProgramData\Packages
2023-11-26 19:21 - 2023-09-04 00:17 - 000000000 ____D C:\Users\dejan\AppData\LocalLow\Temp
2023-11-25 02:24 - 2023-09-03 16:08 - 000004182 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1693753719
2023-11-25 02:24 - 2023-09-03 16:08 - 000001446 _____ C:\Users\dejan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera Browser.lnk
2023-11-25 02:08 - 2023-09-03 18:08 - 000000000 ____D C:\Windows\system32\MRT
2023-11-24 13:42 - 2023-09-03 16:03 - 000000000 ____D C:\Users\dejan
2023-11-24 01:12 - 2023-10-15 19:16 - 000001607 _____ C:\Windows\system32\config\VSMIDK
2023-11-24 00:56 - 2022-05-07 06:24 - 000000000 ___HD C:\Windows\ELAMBKUP
2023-11-22 03:30 - 2023-09-07 14:10 - 000000000 ____D C:\Windows\Minidump
2023-11-22 01:16 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\USOPrivate
2023-11-22 01:15 - 2023-10-15 17:17 - 000000000 ____D C:\Windows\WinS
2023-11-22 01:01 - 2023-09-04 00:55 - 000303704 _____ C:\Windows\system32\FNTCACHE.DAT
2023-11-22 01:01 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SystemResources
2023-11-22 00:53 - 2023-09-03 18:52 - 000000000 ____D C:\Users\dejan\AppData\Local\CrashDumps
2023-11-22 00:27 - 2023-09-03 16:12 - 000000000 ____D C:\Users\dejan\AppData\Local\UnrealEngine
2023-11-21 15:46 - 2022-05-07 06:17 - 000000000 ____D C:\Windows\CbsTemp
2023-11-21 01:21 - 2023-09-03 16:06 - 000003588 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3742737895-398362341-1790896251-1001
2023-11-21 01:21 - 2023-09-03 16:06 - 000003370 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3742737895-398362341-1790896251-1001
2023-11-21 01:21 - 2023-09-03 16:06 - 000002420 _____ C:\Users\dejan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-11-20 20:14 - 2023-09-03 19:09 - 000000000 ____D C:\Users\dejan\AppData\Local\AMD_Common
2023-11-19 22:21 - 2023-09-20 22:31 - 000000000 ____D C:\Users\dejan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Riot Games
2023-11-19 21:20 - 2023-09-20 22:31 - 000000000 ____D C:\Users\dejan\AppData\Local\Riot Games
2023-11-17 18:45 - 2023-09-03 16:11 - 000000000 ____D C:\Users\dejan\AppData\Local\Steam
2023-11-16 01:55 - 2022-05-07 08:39 - 000000000 ___HD C:\Program Files\Windows Defender Advanced Threat Protection
2023-11-16 01:55 - 2022-05-07 06:24 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2023-11-16 01:55 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\oobe
2023-11-16 01:55 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\bcastdvr
2023-11-15 16:29 - 2023-09-03 16:13 - 000000000 ____D C:\ProgramData\Package Cache
2023-11-15 13:02 - 2023-09-03 18:08 - 182871392 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2023-11-15 13:01 - 2023-09-03 15:58 - 003212800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2023-11-15 10:55 - 2023-09-19 13:19 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2023-11-13 01:55 - 2023-09-14 12:29 - 000000000 ____D C:\Users\dejan\AppData\Roaming\KSM
2023-11-10 09:48 - 2023-09-19 13:19 - 000000000 ____D C:\Windows\system32\Tasks\HP
2023-11-10 09:48 - 2023-09-03 16:20 - 000000000 ____D C:\Users\dejan\AppData\Local\Publishers
2023-11-08 01:47 - 2023-10-11 09:38 - 000000000 ____D C:\Windows\system32\Microsoft-Edge-WebView
2023-11-08 01:47 - 2022-05-07 08:39 - 000000000 ___SD C:\Windows\system32\AppV
2023-11-08 01:47 - 2022-05-07 06:24 - 000000000 ___SD C:\Windows\system32\UNP
2023-11-08 01:47 - 2022-05-07 06:24 - 000000000 ___RD C:\Windows\PrintDialog
2023-11-08 01:47 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\UUS
2023-11-08 01:47 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2023-11-08 01:47 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SysWOW64\vi-VN
2023-11-08 01:47 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SysWOW64\setup
2023-11-08 01:47 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SysWOW64\PerceptionSimulation
2023-11-08 01:47 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SysWOW64\oobe
2023-11-08 01:47 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SysWOW64\lv-LV
2023-11-08 01:47 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SysWOW64\lt-LT
2023-11-08 01:47 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SysWOW64\id-ID
2023-11-08 01:47 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SysWOW64\gl-ES
2023-11-08 01:47 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SysWOW64\eu-ES
2023-11-08 01:47 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SysWOW64\et-EE
2023-11-08 01:47 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SysWOW64\es-MX
2023-11-08 01:47 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SysWOW64\Dism
2023-11-08 01:47 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SysWOW64\ca-ES
2023-11-08 01:47 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\WinMetadata
2023-11-08 01:47 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2023-11-08 01:47 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\vi-VN
2023-11-08 01:47 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\ShellExperiences
2023-11-08 01:47 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\Sgrm
2023-11-08 01:47 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\setup
2023-11-08 01:47 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2023-11-08 01:47 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\migwiz
2023-11-08 01:47 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\lv-LV
2023-11-08 01:47 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\lt-LT
2023-11-08 01:47 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\id-ID
2023-11-08 01:47 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\HealthAttestationClient
2023-11-08 01:47 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\gl-ES
2023-11-08 01:47 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\eu-ES
2023-11-08 01:47 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\et-EE
2023-11-08 01:47 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\es-MX
2023-11-08 01:47 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\Dism
2023-11-08 01:47 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\DDFs
2023-11-08 01:47 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\ca-ES
2023-11-08 01:47 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\appraiser
2023-11-08 01:47 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\ShellExperiences
2023-11-08 01:47 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\ShellComponents
2023-11-08 01:47 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\Provisioning
2023-11-08 01:47 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\DiagTrack
2023-11-08 01:47 - 2022-05-07 06:24 - 000000000 ____D C:\Program Files\Common Files\System
2023-11-08 01:47 - 2022-05-07 06:17 - 000000000 ____D C:\Windows\servicing
2023-11-07 22:32 - 2023-10-22 18:15 - 000000000 ____D C:\Users\dejan\AppData\Local\TangoGameworks
2023-11-07 19:26 - 2022-05-07 08:39 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\OEMDefaultAssociations.dll
2023-11-07 19:26 - 2022-05-07 06:25 - 000209920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll
2023-11-07 19:26 - 2022-05-07 06:24 - 000249856 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll
2023-11-07 19:05 - 2023-09-04 00:56 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-11-07 19:05 - 2023-09-04 00:56 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-11-07 09:19 - 2023-09-04 00:56 - 000000000 ____D C:\Windows\system32\Drivers\wd
2023-11-06 23:02 - 2023-09-03 16:21 - 000000000 ____D C:\Users\dejan\AppData\Local\cache
2023-11-03 17:30 - 2023-04-06 21:13 - 002099856 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2023-11-03 17:29 - 2023-09-03 18:49 - 000188208 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdihk32.dll
2023-11-03 17:29 - 2023-04-06 21:08 - 000233544 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdihk64.dll
2023-11-03 17:27 - 2023-10-15 19:10 - 000158872 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
==================== Files in the root of some directories ========
2023-11-22 00:47 - 2023-11-22 01:14 - 000000004 ____H () C:\ProgramData\lock.dat
2023-11-22 00:48 - 2023-11-22 01:14 - 000000004 ____H () C:\ProgramData\rc.dat
2023-11-22 00:47 - 2023-11-22 00:47 - 000000512 ____H () C:\ProgramData\resource.dat
2023-11-22 00:47 - 2023-11-22 00:47 - 000000008 ____H () C:\ProgramData\ts.dat
2023-09-03 22:50 - 2023-09-03 22:50 - 000000003 _____ () C:\Users\dejan\AppData\Local\updater.log
2023-09-03 22:50 - 2023-09-03 22:50 - 000000424 _____ () C:\Users\dejan\AppData\Local\UserProducts.xml
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Addition.txt
[Link mogu videti samo ulogovani korisnici]
|
Ludilo. Svakako nema tog foldera u kojem detektuje.
. Da li ima zastita koja mu nece dozvoliti da enkriptuje sve fajlove?
