Provera

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

2K je nedavno doživeo napad prilikom kog su napadači preuzeli kontrolu nad 2K Support Platformom i prosledili legitimne mailove koji su stigli sa malicioznim linkom.

+ Dopis od 2K Games-aNOTICE OF DATA BREACH
We previously contacted you with information about a security incident which resulted in some users receiving communications from the 2K help desk that contained a malicious link. We outlined steps you should take if you had received and clicked the link, which we have outlined again in the “What you can do” section below. If you haven’t already, we strongly recommend you take those steps immediately. As we have previously communicated, due to the actions taken in response to this security incident, it is safe to interact with all 2K services, including email, moving forward.

Following further investigation, we discovered that the unauthorized third party gained access to, and a copy of, a limited volume of your personal data held in 2K’s helpdesk system and made it available for sale. We want to emphasize at the outset that keeping personal data safe and secure is very important to us, and we deeply regret that this has happened.

WHAT HAPPENED

On 19 September 2022, we learned that an unauthorized third party illegally accessed the credentials of one of our vendors to the help desk platform that 2K uses to provide support to our customers. In addition to sending a malicious link to you and some other users that contained malware that had the potential to compromise data stored on your device including passwords, we discovered that the unauthorized third party accessed and copied some of the personal data we record about you when you when you contact us for support: the name given when contacting us, email address, helpdesk identification number, gamertag and console details. There is no indication that any of your financial information or password(s) held on our systems were compromised.

WHAT WE ARE DOING

Upon discovering the incident, we immediately launched a thorough forensic investigation with the assistance of leading outside cybersecurity experts and promptly took steps to address the issue. This included taking the support portal offline while we investigated further and contained the incident. We already contacted all those sent malicious links and have been reporting the incident to appropriate data protection authorities. We also remain in communication with the appropriate law enforcement agencies.

WHAT YOU CAN DO

While our support portal is now back online and you can now contact it as normal, we recommend that you look out for suspicious activity across your accounts and be vigilant for unauthorized third parties trying to leverage the incident to harm you. In particular:

Look out for scammers. 2K personnel will never ask you for your password or other personal information.
Never click suspicious links. For example, links to websites that you do not recognize or did not expect to receive.
Restart your device and reset passwords. If you think you have clicked on a malicious link, immediately restart your device by powering it down and powering it back on. You should also reset any user account passwords stored in your web browser (e.g., Chrome AutoFill).
Enable multi-factor authentication (MFA) whenever available. If possible, avoid using MFA that relies on text message verification – using an authenticator app is a more secure method.
Install and run a reputable anti-virus program. This can help protect your device and data.

Meni je takođe stigao taj mail, međutim bilo mi je čudno to što sam uopšte dobio mail, pa link nisam ispratio već sam resetovao lozinku 2K naloga, ulogovao se preko legitimnog sajta i pogledao temu.

Ne znam da li je malver bio na samom sajtu ili u linku za preuzimanje nekog launčera, kog svakako nisam skidao.

Elem, zamolio bih Vas za jednu proveru jer mi je nedavno stigao i mail da sam se ulogovao na Spotify, pa se plašim da slučajno sam malver nije bio u samoj stranici 2k support-a, te da je pokupio podatke iz browsera.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-10-2022
Ran by srki9 (administrator) on DESKTOP-83NTQ6P (11-10-2022 19:04:39)
Running from C:\Users\srki9\Desktop
Loaded Profiles: srki9
Platform: Microsoft Windows 10 Pro Version 21H1 19043.2006 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <8>
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
(C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCopyAccelerator.exe
(cmd.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Discord Inc. -> Discord Inc.) C:\Users\srki9\AppData\Local\Discord\app-1.0.9006\Discord.exe <6>
(DriverStore\FileRepository\u0383673.inf_amd64_8471f20f3f44a327\B383556\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0383673.inf_amd64_8471f20f3f44a327\B383556\atieclxx.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <23>
(File-New-Project) C:\Program Files\WindowsApps\40459File-New-Project.EarTrumpet_2.2.0.0_x86__1sdd7yawvg6ne\EarTrumpet\EarTrumpet.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Kilonova LLC -> Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.5.0.7\Lightshot.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(services.exe ->) (Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(services.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0383673.inf_amd64_8471f20f3f44a327\B383556\atiesrxx.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(services.exe ->) (Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(services.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome Remote Desktop\106.0.5249.37\remoting_host.exe <2>
(services.exe ->) (Hi-Rez Studios) [File not signed] C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\NisSrv.exe
(services.exe ->) (Popcorn Time) [File not signed] C:\Program Files (x86)\Popcorn Time\Updater.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(services.exe ->) (voidtools -> voidtools) C:\Program Files (x86)\Everything\Everything.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22072.207.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(Wondershare software CO., LIMITED -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3476184 2022-07-27] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [GameSessionsTray] => C:\Program Files\Tangentix\Runtime\x64\GSTray.exe [121232 2020-01-13] (Tangentix Ltd -> Tangentix Ltd)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14040792 2015-07-07] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [3190384 2021-09-10] (Open Source Developer, Dominik Reichl -> Dominik Reichl)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226728 2019-07-22] (Kilonova LLC -> )
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-10-25] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Everything] => C:\Program Files (x86)\Everything\Everything.exe [1710880 2019-02-04] (voidtools -> voidtools)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe [1178400 2015-07-11] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2137744 2016-10-08] (Wondershare software CO., LIMITED -> Wondershare)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [711328 2022-06-16] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-3184632450-4087682676-1639592662-1001\...\Run: [uTorrent] => C:\Users\srki9\AppData\Roaming\uTorrent\uTorrent.exe [2103848 2022-03-27] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-3184632450-4087682676-1639592662-1001\...\Run: [Viber] => C:\Users\Test\AppData\Local\Viber\Viber.exe [55444688 2022-09-26] (Viber Media S.à r.l. -> Viber Media S.à r.l.)
HKU\S-1-5-21-3184632450-4087682676-1639592662-1001\...\Run: [Opera Browser Assistant] => C:\Users\srki9\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3084824 2020-09-15] () [File not signed]
HKU\S-1-5-21-3184632450-4087682676-1639592662-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32688080 2022-10-04] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3184632450-4087682676-1639592662-1001\...\Run: [Facebook.MessengerDesktop] => C:\Users\srki9\AppData\Local\Programs\Messenger\Messenger.exe messenger://openAtLogin (No File)
HKU\S-1-5-21-3184632450-4087682676-1639592662-1001\...\Run: [ut] => C:\Users\srki9\AppData\Roaming\uTorrent\uTorrent.exe [2103848 2022-03-27] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-3184632450-4087682676-1639592662-1001\...\Run: [AMDNoiseSuppression] => "C:\WINDOWS\system32\AMD\ANR\AMDNoiseSuppression.exe" (No File)
HKU\S-1-5-21-3184632450-4087682676-1639592662-1001\...\Run: [MicrosoftEdgeAutoLaunch_C6C0C82D78AA1E3A2B95A6DEF46AE87E] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3852200 2022-10-06] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3184632450-4087682676-1639592662-1001\...\RunOnce: [Application Restart #3] => C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\Common7\IDE\devenv.exe "H:\Ostalo\Programiranje\Steam Inventory Scanner\Steam Inventory Scanner\Steam Inventory Scanner.sln" /restartManag (the data entry has 208 more characters). (No File)
HKU\S-1-5-21-3184632450-4087682676-1639592662-1006\...\Run: [Viber] => C:\Users\Test\AppData\Local\Viber\Viber.exe [55444688 2022-09-26] (Viber Media S.à r.l. -> Viber Media S.à r.l.)
HKU\S-1-5-21-3184632450-4087682676-1639592662-1006\...\Run: [MicrosoftEdgeAutoLaunch_2601F365331078934833C24AD8FFD7E4] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3852200 2022-10-06] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3184632450-4087682676-1639592662-1006\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Test\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-3184632450-4087682676-1639592662-1006\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Test\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-3184632450-4087682676-1639592662-1006\...\RunOnce: [Uninstall 19.123.0624.0005\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Test\AppData\Local\Microsoft\OneDrive\19.123.0624.0005\amd64" (No File)
HKU\S-1-5-21-3184632450-4087682676-1639592662-1006\...\RunOnce: [Uninstall 19.123.0624.0005] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Test\AppData\Local\Microsoft\OneDrive\19.123.0624.0005" (No File)
HKLM\...\Print\Monitors\Wondershare PDFelement Monitor: C:\WINDOWS\system32\PEPrinterMonitor.dll [285232 2021-04-06] (Wondershare Technology Co.,Ltd -> Wondershare Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\105.0.5195.127\Installer\chrmstp.exe [2022-09-17] (Google LLC -> Google LLC)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {04B41B70-BBED-442F-95D7-2F35260546DC} - System32\Tasks\Meta\Messenger-WSP-Helper-S-1-5-21-3184632450-4087682676-1639592662-1001 => MessengerHelper.exe --lassie (No File)
Task: {05BF6A50-C9FB-4570-A334-4EEAB4858E46} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (No File)
Task: {0AAE9DBA-D400-4F57-9DEB-BFE0938705F0} - System32\Tasks\AMD ThankingURL => C:\Program Files\AMD\CIM\Bin64\Setup.exe [1072064 2022-09-16] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {0DFF0ABB-5DCA-424E-8989-D4B0F29657DB} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [954816 2022-09-16] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {17BE982A-52EB-4D99-9073-BFE6612F0CD7} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [291768 2022-09-15] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {21304D58-5D4C-42B1-A2D2-DE1A6138791F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-03] (Google Inc -> Google Inc.)
Task: {2617A05D-F202-4E46-9F29-33A2AC2B6FC8} - no filepath
Task: {502935A2-565F-426F-872F-8902E37F9600} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (No File)
Task: {56314AD7-8AFA-4F44-9B67-0D668B41232E} - System32\Tasks\Update Manager => C:\Users\srki9\AppData\Roaming\7.Days.To.Die.Alpha.v16.4.Repack\ybiselkf.exe /upgradeid=f561932c-0bef-41b9-9289-b7d5c099b86b (No File)
Task: {6B3E7610-7C87-4B6B-AD3F-C8F2BC70BA66} - System32\Tasks\Opera scheduled Autoupdate 1543879043 => C:\Users\srki9\AppData\Local\Programs\Opera\launcher.exe [2538448 2022-09-05] (Opera Norway AS -> Opera Software)
Task: {6F154F01-0925-4D0D-BC43-90641CA4C56B} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {73BF7C8D-1E99-41CA-80D4-69CC137546F9} - System32\Tasks\Microsoft\VisualStudio\Updates\UpdateConfiguration_S-1-5-21-3184632450-4087682676-1639592662-1001 => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\VSIXConfigurationUpdater.exe [24504 2022-08-11] (Microsoft Corporation -> Microsoft)
Task: {87EE17C1-58C9-4689-BB70-BE5EB47BF63C} - System32\Tasks\Microsoft\VisualStudio\Updates\BackgroundDownload => C:\Program Files (x86)\Microsoft Visual Studio\Installer.761caaba2b2c492e9e10e08cf7eee39c\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe (No File)
Task: {8C0B0E23-1BD6-4A10-93BE-CFA6A6402D5D} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe (No File)
Task: {94401A0B-8083-4280-AE3D-37F78A9AFE8B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-09-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {959872CE-E202-419B-99A0-60FAAD71E954} - System32\Tasks\Microsoft\VisualStudio\Updates\UpdateConfiguration_S-1-5-21-3184632450-4087682676-1639592662-1006 => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\VSIXConfigurationUpdater.exe [24504 2022-08-11] (Microsoft Corporation -> Microsoft)
Task: {A9A61E50-ED3A-4329-A053-713BCEB2C1DD} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [954816 2022-09-16] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {AD91EBD1-71EE-42D5-959C-394519062169} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-09-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B07322ED-9F84-4172-96A7-56713FDF6B57} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-09-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C10553AA-84C4-44F6-BD8F-960C16409391} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {D2AD3607-A42F-4611-9AF1-DB8FD6CF5F13} - System32\Tasks\update-S-1-5-21-3184632450-4087682676-1639592662-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {D5B86B70-3ADC-4683-B535-8E863A6CD3E4} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [56760 2022-09-15] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {DA93942A-92CB-49BD-9B20-CDF699B334E7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-03] (Google Inc -> Google Inc.)
Task: {E39DBB8A-6441-49FD-ABF3-DBC6CC200209} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-09-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E3BA864C-5978-4A7D-B2AB-5698B24630DE} - System32\Tasks\Opera scheduled Autoupdate 1525998128 => C:\Users\srki9\AppData\Local\Programs\Opera\launcher.exe [2538448 2022-09-05] (Opera Norway AS -> Opera Software)
Task: {ED1E3371-07D8-45E7-93E5-23E568A5505A} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\VSIXAutoUpdate.exe [50072 2022-08-11] (Microsoft Corporation -> )
Task: {F86F0CD4-38F9-4E45-AC6A-2D47A01E6E43} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3476184 2022-07-27] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {FA337ADD-4588-4B8E-8B62-9CF8C2B68E81} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe (No File)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\update-S-1-5-21-3184632450-4087682676-1639592662-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.77.203
Tcpip\..\Interfaces\{604eedea-3933-4e23-af07-a6bcfd61fcb6}: [DhcpNameServer] 192.168.55.132
Tcpip\..\Interfaces\{7de2b462-62bc-4a01-a97d-72901a6993fb}: [DhcpNameServer] 192.168.77.203
Tcpip\..\Interfaces\{fe4b3100-a025-42c9-b72a-81e48f19c6a5}: [DhcpNameServer] 178.79.42.53 178.79.20.3

Edge:
=======
DownloadDir: C:\Users\srki9\Downloads
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\srki9\AppData\Local\Microsoft\Edge\User Data\Default [2022-10-11]
Edge Extension: (AutoJoin for SteamGifts) - C:\Users\srki9\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bchhlccjhoedhhegglilngpbnldfcidc [2022-07-10]
Edge Extension: (Imagus) - C:\Users\srki9\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\immpkjjlgappgfkkfieppnmlhakdmaab [2020-06-11]

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.341.2 -> C:\Program Files\Java\jre1.8.0_341\bin\dtplugin\npDeployJava1.dll [2022-07-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.341.2 -> C:\Program Files\Java\jre1.8.0_341\bin\plugin2\npjp2.dll [2022-07-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-25] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.341.2 -> C:\Program Files (x86)\Java\jre1.8.0_341\bin\dtplugin\npDeployJava1.dll [2022-07-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.341.2 -> C:\Program Files (x86)\Java\jre1.8.0_341\bin\plugin2\npjp2.dll [2022-07-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-25] (Adobe Systems Incorporated -> Adobe Systems)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\srki9\AppData\Local\Google\Chrome\User Data\Default [2022-10-11]
CHR Notifications: Default -> hxxps://outlook.live.com
CHR DefaultSearchURL: Default -> hxxps://duckduckgo.com/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> duckduckgo.com
CHR DefaultSuggestURL: Default -> hxxps://duckduckgo.com/ac/?q={searchTerms}&type=list
CHR Extension: (DuckDuckGo) - C:\Users\srki9\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkdgflcldnnnapblkhphbgpggdiikppg [2022-08-28]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\srki9\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-08-30]
CHR Extension: (Imagus) - C:\Users\srki9\AppData\Local\Google\Chrome\User Data\Default\Extensions\immpkjjlgappgfkkfieppnmlhakdmaab [2020-04-16]
CHR Extension: (Chrome Remote Desktop) - C:\Users\srki9\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2021-09-07]
CHR Extension: (Chrome Web Store Payments) - C:\Users\srki9\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Profile: C:\Users\srki9\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-01-04]
CHR Profile: C:\Users\srki9\AppData\Local\Google\Chrome\User Data\System Profile [2019-09-03]

Opera:
=======
OPR Profile: C:\Users\srki9\AppData\Roaming\Opera Software\Opera Stable [2022-10-11]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\srki9\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-03-11]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\srki9\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-09-04]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-25] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3863256 2022-07-27] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3701464 2022-07-27] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8901960 2022-01-23] (BattlEye Innovations e.K. -> )
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\106.0.5249.37\remoting_host.exe [74528 2022-09-12] (Google LLC -> Google LLC)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [812520 2022-02-16] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029472 2021-11-27] (Epic Games Inc. -> Epic Games, Inc.)
R2 Everything; C:\Program Files (x86)\Everything\Everything.exe [1710880 2019-02-04] (voidtools -> voidtools)
S3 FACEITService; C:\Program Files\FACEIT AC\faceitservice.exe [25529336 2022-04-12] (FACE IT LIMITED -> )
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1874272 2021-04-10] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6840672 2021-04-10] (GOG Sp. z o.o. -> GOG.com)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2018-05-30] (Hi-Rez Studios) [File not signed]
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21304 2017-09-28] (Microsoft Corporation -> Microsoft Corporation)
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8765464 2022-09-05] (Malwarebytes Inc. -> Malwarebytes)
S3 NGS; C:\WINDOWS\NGService.exe [2994248 2018-10-11] (NEXON Korea Corporation. -> NEXON Korea Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2579272 2022-08-09] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3497808 2022-08-09] (Electronic Arts, Inc. -> Electronic Arts)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [75136 2021-01-06] (Even Balance, Inc. -> )
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1631360 2020-12-02] (Rockstar Games, Inc. -> Rockstar Games)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224192 2022-09-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 TDDService; C:\Program Files\Tangentix\Runtime\x64\TDDService.exe [14736 2020-01-13] (Tangentix Ltd -> Tangentix Ltd)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12986664 2021-12-17] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 ucldr_battlegrounds_gl; C:\Program Files\Common Files\UNCHEATER\ucldr_battlegrounds_gl.exe [7152880 2022-01-24] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [339968 2020-08-27] (Popcorn Time) [File not signed]
S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [744968 2020-01-15] (Oracle Corporation -> Oracle Corporation)
S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [147392 2019-05-01] (Microsoft Corporation -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\NisSrv.exe [3125112 2022-09-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe [133560 2022-09-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 zksvc; C:\Program Files\Common Files\PUBG\zksvc.exe [8737992 2022-01-24] (PUBG CORPORATION -> PUBG Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [35360 2022-06-01] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AMDSAFD; C:\WINDOWS\System32\DriverStore\FileRepository\amdsafd.inf_amd64_1a1a381a2c0e293c\amdsafd.sys [113056 2022-08-25] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0383673.inf_amd64_8471f20f3f44a327\B383556\amdkmdag.sys [94445056 2022-09-20] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [59920 2022-05-31] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 AVMCOWAN; C:\WINDOWS\system32\DRIVERS\AVMCOWAN.sys [82432 2012-07-19] (Microsoft Windows Hardware Compatibility Publisher -> AVM GmbH)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2022-06-20] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R0 FACEIT; C:\WINDOWS\System32\Drivers\FACEIT.sys [16001072 2022-04-24] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 Hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
R1 HWiNFO; C:\WINDOWS\system32\drivers\HWiNFO64A.SYS [61208 2020-02-21] (Martin Malik - REALiX -> REALiX(tm))
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2022-10-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-05-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [193488 2022-10-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [75216 2022-10-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-10-05] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [181992 2022-10-09] (Malwarebytes Inc. -> Malwarebytes)
S3 Neo_VPN; C:\WINDOWS\System32\drivers\Neo6_x64_VPN.sys [37824 2019-02-06] (SoftEther Corporation -> SoftEther Corporation)
R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2018-12-19] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
S3 RvNetMP60; C:\WINDOWS\System32\drivers\RvNetMP60.sys [69048 2020-09-24] (Famatech Corp. -> Famatech Corp.)
R1 SeLow; C:\WINDOWS\system32\DRIVERS\SeLow_x64.sys [50624 2019-02-06] (SoftEther Corporation -> SoftEther Corporation)
R2 speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2017-07-28] (Valve Corp. -> )
R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2017-07-21] (Valve Corp. -> )
S3 VBAudioVACMME; C:\WINDOWS\System32\drivers\vbaudio_cable64_win7.sys [41192 2014-09-02] (Vincent Burel -> Windows (R) Win 7 DDK provider)
S3 VBAudioVMAUXVAIOMME; C:\WINDOWS\System32\drivers\vbaudio_vmauxvaio64_win10.sys [71920 2022-02-09] (Vincent Burel -> Windows (R) Win 7 DDK provider)
S3 VBAudioVMVAIOMME; C:\WINDOWS\System32\drivers\vbaudio_vmvaio64_win10.sys [71712 2022-02-09] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R3 VBoxNetAdp; C:\WINDOWS\System32\drivers\VBoxNetAdp6.sys [237304 2020-01-15] (Oracle Corporation -> Oracle Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49576 2022-09-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [453904 2022-09-07] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [94480 2022-09-07] (Microsoft Windows -> Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [2522256 2022-01-24] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
R1 YSDrv; C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [312776 2021-05-25] (Microsoft Windows Hardware Compatibility Publisher -> Nox Limited Corporation)
S1 lmimirr; \SystemRoot\system32\DRIVERS\lmimirr.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-10-11 19:04 - 2022-10-11 19:05 - 000036025 _____ C:\Users\srki9\Desktop\FRST.txt
2022-10-11 19:03 - 2022-10-11 19:04 - 002373120 _____ (Farbar) C:\Users\srki9\Desktop\FRST64.exe
2022-10-11 09:06 - 2022-10-11 09:06 - 000000000 ____D C:\Users\srki9\AppData\LocalLow\IGDump
2022-10-10 08:56 - 2022-10-10 08:56 - 000000000 ____D C:\Users\srki9\AppData\Local\Tempzxpsigned107f990296e932
2022-10-09 18:45 - 2022-10-09 18:45 - 000000000 ____D C:\Users\srki9\AppData\Local\Tempzxpsignf36c40e29d904787
2022-10-09 18:39 - 2022-10-10 08:28 - 000000000 ____D C:\Program Files\Cheat Engine 7.4
2022-10-09 18:39 - 2022-10-09 18:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 7.4
2022-10-09 15:06 - 2022-10-09 15:06 - 000075216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2022-10-09 15:05 - 2022-10-09 15:05 - 000223176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-10-09 15:05 - 2022-10-09 15:05 - 000193488 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2022-10-09 15:05 - 2022-10-09 15:05 - 000181992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2022-10-09 12:47 - 2022-10-09 12:47 - 000000000 ____D C:\Users\srki9\AppData\LocalLow\Cosmo Gatto
2022-10-09 01:52 - 2022-10-09 01:52 - 000016299 _____ C:\Users\srki9\Desktop\Inside the Backrooms - MrAntiFun.CT
2022-10-09 00:53 - 2022-10-09 00:53 - 000000000 ____D C:\Users\srki9\AppData\Local\Godumas
2022-10-09 00:38 - 2022-10-09 00:38 - 000000000 ____D C:\Users\srki9\AppData\LocalLow\ThunderGames
2022-10-08 22:28 - 2022-10-08 22:28 - 000000000 ____D C:\Users\srki9\AppData\Local\EscapeMemoirsMS
2022-10-07 22:31 - 2022-10-07 22:31 - 061237481 _____ C:\Users\srki9\Desktop\Untitled-1.psd
2022-10-07 21:18 - 2022-10-07 21:18 - 000000000 ____D C:\Users\srki9\AppData\LocalLow\Bureau Bravin
2022-10-07 20:06 - 2022-10-07 20:06 - 000000000 ____D C:\Users\srki9\AppData\Local\Tempzxpsignd53d7a3858943519
2022-10-05 04:56 - 2022-10-05 04:56 - 000239544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-10-04 22:30 - 2022-10-04 22:30 - 000000000 ____D C:\Users\srki9\AppData\Local\Project_Kilo
2022-10-04 02:12 - 2022-10-04 02:12 - 000000000 ____D C:\Users\srki9\mandelbrot_config
2022-10-04 02:12 - 2022-10-04 02:12 - 000000000 ____D C:\Users\srki9\Downloads\mandelbrotsetwithc__application
2022-10-04 02:11 - 2022-10-04 02:11 - 000095302 _____ C:\Users\srki9\Downloads\mandelbrotsetwithc__application.zip
2022-10-01 20:55 - 2022-10-01 20:55 - 000000000 ____D C:\Users\srki9\AppData\LocalLow\Blueplant Studios
2022-10-01 20:52 - 2022-10-01 20:52 - 000000223 _____ C:\Users\srki9\Desktop\DEVOUR.url
2022-10-01 20:45 - 2022-10-01 20:45 - 000000223 _____ C:\Users\srki9\Desktop\Inside the Backrooms.url
2022-09-25 23:59 - 2022-09-25 23:59 - 000000000 ____D C:\Users\srki9\AppData\LocalLow\DrawDistance
2022-09-25 18:40 - 2022-09-25 18:40 - 000000000 ____D C:\Users\srki9\AppData\LocalLow\The Quantum Astrophysicists Guild
2022-09-25 17:55 - 2022-09-25 17:55 - 000000000 ____D C:\Users\srki9\AppData\LocalLow\SplitSide Games
2022-09-25 17:55 - 2022-09-25 17:55 - 000000000 ____D C:\Users\srki9\AppData\Local\SplitSide Games
2022-09-25 16:19 - 2022-09-25 16:19 - 000000000 ____D C:\Users\srki9\AppData\LocalLow\Team17 Digital Ltd_
2022-09-25 01:57 - 2022-09-25 01:57 - 000000000 ____D C:\Users\srki9\AppData\LocalLow\Gentlymad Studios
2022-09-25 00:31 - 2022-09-25 00:31 - 000000000 ____D C:\Users\srki9\Documents\Call of Duty
2022-09-25 00:30 - 2022-09-25 00:30 - 000000000 ____D C:\Users\srki9\AppData\LocalLow\AMD
2022-09-25 00:27 - 2022-10-11 18:44 - 000003078 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2022-09-25 00:27 - 2022-09-25 00:27 - 000003488 _____ C:\WINDOWS\system32\Tasks\ModifyLinkUpdate
2022-09-25 00:27 - 2022-09-25 00:27 - 000003152 _____ C:\WINDOWS\system32\Tasks\StartCN
2022-09-25 00:27 - 2022-09-25 00:27 - 000003072 _____ C:\WINDOWS\system32\Tasks\StartDVR
2022-09-25 00:27 - 2022-09-25 00:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Software꞉ Adrenalin Edition
2022-09-25 00:27 - 2022-09-25 00:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Bug Report Tool
2022-09-25 00:23 - 2022-09-20 22:08 - 001966104 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2022-09-25 00:23 - 2022-09-20 22:08 - 001966104 _____ C:\WINDOWS\system32\vulkaninfo.exe
2022-09-25 00:23 - 2022-09-20 22:08 - 001522720 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-09-25 00:23 - 2022-09-20 22:08 - 001522720 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2022-09-25 00:23 - 2022-09-20 22:08 - 001447920 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2022-09-25 00:23 - 2022-09-20 22:08 - 001447920 _____ C:\WINDOWS\system32\vulkan-1.dll
2022-09-25 00:23 - 2022-09-20 22:08 - 001159496 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2022-09-25 00:23 - 2022-09-20 22:08 - 001159496 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2022-09-25 00:23 - 2022-09-20 22:08 - 000792080 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2022-09-25 00:23 - 2022-09-20 22:08 - 000669200 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2022-09-25 00:23 - 2022-09-20 22:08 - 000594952 _____ C:\WINDOWS\system32\GameManager64.dll
2022-09-25 00:23 - 2022-09-20 22:08 - 000529944 _____ C:\WINDOWS\system32\dgtrayicon.exe
2022-09-25 00:23 - 2022-09-20 22:08 - 000493080 _____ C:\WINDOWS\system32\EEURestart.exe
2022-09-25 00:23 - 2022-09-20 22:08 - 000351744 _____ C:\WINDOWS\system32\clinfo.exe
2022-09-25 00:23 - 2022-09-20 22:08 - 000197136 _____ C:\WINDOWS\system32\mantle64.dll
2022-09-25 00:23 - 2022-09-20 22:08 - 000176656 _____ C:\WINDOWS\system32\mantleaxl64.dll
2022-09-25 00:23 - 2022-09-20 22:08 - 000154112 _____ C:\WINDOWS\SysWOW64\mantle32.dll
2022-09-25 00:23 - 2022-09-20 22:08 - 000138256 _____ C:\WINDOWS\SysWOW64\mantleaxl32.dll
2022-09-25 00:23 - 2022-09-20 22:08 - 000042008 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2022-09-25 00:23 - 2022-09-20 22:08 - 000038928 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2022-09-25 00:23 - 2022-09-20 22:08 - 000034672 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2022-09-25 00:23 - 2022-09-20 22:05 - 000174624 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2022-09-25 00:23 - 2022-09-20 22:05 - 000137728 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2022-09-25 00:23 - 2022-09-20 22:04 - 000257040 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2022-09-25 00:23 - 2022-09-20 22:04 - 000217616 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2022-09-25 00:23 - 2022-09-20 22:04 - 000161808 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2022-09-25 00:23 - 2022-09-20 22:03 - 075115040 _____ C:\WINDOWS\SysWOW64\amd_comgr32.dll
2022-09-25 00:23 - 2022-09-20 22:03 - 001507352 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2022-09-25 00:23 - 2022-09-20 22:03 - 001507352 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2022-09-25 00:23 - 2022-09-20 22:03 - 000928784 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2022-09-25 00:23 - 2022-09-20 22:03 - 000526352 _____ C:\WINDOWS\system32\atieah64.exe
2022-09-25 00:23 - 2022-09-20 22:03 - 000503320 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2022-09-25 00:23 - 2022-09-20 22:03 - 000463888 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2022-09-25 00:23 - 2022-09-20 22:03 - 000395272 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2022-09-25 00:23 - 2022-09-20 22:03 - 000368656 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2022-09-25 00:23 - 2022-09-20 22:03 - 000201024 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2022-09-25 00:23 - 2022-09-20 22:03 - 000163904 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2022-09-25 00:23 - 2022-09-20 22:03 - 000135184 _____ C:\WINDOWS\system32\atidxx64.dll
2022-09-25 00:23 - 2022-09-20 22:03 - 000109056 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2022-09-25 00:23 - 2022-09-20 22:03 - 000065536 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2022-09-25 00:23 - 2022-09-20 22:02 - 091449880 _____ C:\WINDOWS\system32\amd_comgr.dll
2022-09-25 00:23 - 2022-09-20 22:01 - 000129040 _____ C:\WINDOWS\system32\amdxc64.dll
2022-09-25 00:23 - 2022-09-20 22:01 - 000104464 _____ C:\WINDOWS\SysWOW64\amdxc32.dll
2022-09-25 00:23 - 2022-09-20 22:00 - 000933904 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2022-09-25 00:23 - 2022-09-20 22:00 - 000761864 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2022-09-25 00:23 - 2022-09-20 22:00 - 000461824 _____ C:\WINDOWS\system32\amdlogum.exe
2022-09-25 00:23 - 2022-09-20 22:00 - 000156584 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2022-09-25 00:23 - 2022-09-20 22:00 - 000126328 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2022-09-25 00:23 - 2022-09-20 21:59 - 001695936 _____ (AMD) C:\WINDOWS\system32\amf-mft-mjpeg-decoder64.dll
2022-09-25 00:23 - 2022-09-20 21:59 - 001374808 _____ (AMD) C:\WINDOWS\SysWOW64\amf-mft-mjpeg-decoder32.dll
2022-09-25 00:23 - 2022-09-20 21:58 - 010558472 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdhip64.dll
2022-09-25 00:23 - 2022-09-20 21:58 - 000559112 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2022-09-25 00:23 - 2022-09-20 21:58 - 000553912 _____ C:\WINDOWS\system32\amdmiracast.dll
2022-09-25 00:23 - 2022-09-20 21:58 - 000422936 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2022-09-25 00:23 - 2022-09-20 21:58 - 000166416 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2022-09-25 00:23 - 2022-09-20 21:58 - 000156560 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2022-09-25 00:23 - 2022-09-20 21:58 - 000140856 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2022-09-25 00:23 - 2022-09-20 21:58 - 000126344 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2022-09-25 00:23 - 2022-09-16 01:29 - 079816480 _____ C:\WINDOWS\system32\amdxc64.so
2022-09-25 00:23 - 2022-09-16 00:25 - 003471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2022-09-25 00:23 - 2022-09-16 00:25 - 003437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2022-09-25 00:23 - 2022-09-16 00:18 - 000576872 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2022-09-25 00:23 - 2022-09-16 00:18 - 000576872 _____ C:\WINDOWS\system32\atiapfxx.blb
2022-09-25 00:18 - 2022-09-25 00:18 - 000000000 ____D C:\Users\srki9\AppData\Local\Activision
2022-09-21 00:07 - 2022-09-21 00:07 - 000000000 ____D C:\Users\srki9\AppData\Roaming\SPTemp
2022-09-20 23:29 - 2022-09-20 23:47 - 000000000 ____D C:\Users\srki9\Desktop\New folder
2022-09-16 07:47 - 2022-09-16 07:47 - 000011813 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-09-16 07:46 - 2022-09-16 07:46 - 000413696 _____ C:\WINDOWS\system32\AzureCheck.dll
2022-09-16 07:46 - 2022-09-16 07:46 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-09-16 07:46 - 2022-09-16 07:46 - 000098816 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2022-09-16 07:46 - 2022-09-16 07:46 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2022-09-16 07:39 - 2022-09-16 07:39 - 000000000 ___HD C:\$WinREAgent

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-10-11 19:06 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-10-11 19:05 - 2019-07-10 00:54 - 000000000 ____D C:\FRST
2022-10-11 19:01 - 2018-07-27 17:51 - 000000000 ____D C:\Program Files (x86)\Steam
2022-10-11 18:57 - 2018-05-11 00:56 - 000000000 ____D C:\Users\srki9\AppData\Roaming\discord
2022-10-11 18:55 - 2018-05-11 00:56 - 000000000 ____D C:\Users\srki9\AppData\Local\Discord
2022-10-11 18:44 - 2020-05-31 21:36 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-10-11 18:11 - 2018-05-03 16:57 - 000000000 ____D C:\Program Files (x86)\Google
2022-10-11 18:06 - 2020-05-31 21:44 - 000004168 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{C5D74ED5-D243-49B2-A816-68C3CF043313}
2022-10-11 13:58 - 2019-10-03 23:47 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2022-10-10 08:56 - 2018-05-05 02:23 - 000000000 ____D C:\Users\srki9\AppData\Local\D3DSCache
2022-10-10 01:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-10-10 01:10 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-10-09 20:22 - 2022-01-02 17:21 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2022-10-09 20:22 - 2018-05-07 02:47 - 000000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2022-10-09 18:39 - 2020-10-14 23:51 - 000000931 _____ C:\Users\srki9\Desktop\Cheat Engine.lnk
2022-10-09 18:34 - 2021-05-16 20:45 - 000000000 ____D C:\Program Files\Cheat Engine 7.2
2022-10-09 14:11 - 2021-01-28 19:52 - 000000000 ____D C:\Users\srki9\AppData\Local\AMD_Common
2022-10-09 12:52 - 2018-09-06 22:27 - 000000000 ____D C:\Users\srki9\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2022-10-09 12:27 - 2020-10-14 23:51 - 000000000 ____D C:\Program Files\Cheat Engine 7.1
2022-10-08 13:44 - 2020-05-31 21:43 - 000840602 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-10-08 13:44 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-10-08 13:39 - 2019-01-30 00:31 - 000000000 ____D C:\Users\srki9\AppData\Local\Everything
2022-10-08 13:39 - 2018-05-03 16:53 - 000000000 ____D C:\Users\srki9\AppData\Local\Packages
2022-10-08 13:38 - 2021-03-12 21:15 - 000000000 ____D C:\Users\srki9\AppData\Roaming\Messenger
2022-10-08 13:38 - 2020-05-12 22:39 - 000000000 ____D C:\Users\srki9\AppData\Roaming\ViberPC
2022-10-08 13:38 - 2019-01-30 00:25 - 000000000 ____D C:\Users\srki9\AppData\Roaming\Everything
2022-10-08 13:37 - 2020-05-31 21:44 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-10-08 13:37 - 2020-05-31 21:36 - 000008192 ___SH C:\DumpStack.log.tmp
2022-10-08 13:37 - 2020-02-07 19:16 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2022-10-08 13:37 - 2018-05-10 16:31 - 000000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2022-10-08 13:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-10-08 13:26 - 2020-11-07 19:47 - 000000000 ____D C:\Users\Test\AppData\Roaming\ViberPC
2022-10-07 23:55 - 2020-11-07 19:47 - 000000000 ____D C:\Users\Test\Documents\ViberDownloads
2022-10-07 23:05 - 2020-06-09 22:52 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-10-07 23:05 - 2018-09-18 23:07 - 000000000 ____D C:\Users\srki9\AppData\Local\CrashDumps
2022-10-07 21:51 - 2018-05-03 17:04 - 000000000 ____D C:\Users\srki9\AppData\Roaming\KeePass
2022-10-07 20:25 - 2020-11-07 19:50 - 000001674 _____ C:\Users\srki9\Desktop\Privatni.lnk
2022-10-06 08:14 - 2022-08-30 08:11 - 000000000 ____D C:\Users\Test\AppData\Local\Viber
2022-10-04 02:12 - 2020-05-31 21:10 - 000000000 ____D C:\Users\srki9
2022-09-29 16:58 - 2021-01-22 23:41 - 000000000 ____D C:\Users\srki9\AppData\Roaming\vlc
2022-09-29 16:55 - 2019-03-27 06:21 - 000000000 ____D C:\Users\srki9\AppData\Local\BitTorrentHelper
2022-09-29 16:55 - 2018-05-05 19:32 - 000000000 ____D C:\Users\srki9\AppData\Roaming\uTorrent
2022-09-29 16:28 - 2020-05-31 21:10 - 000000000 ____D C:\Users\Test
2022-09-29 08:07 - 2021-12-13 08:56 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3184632450-4087682676-1639592662-1001
2022-09-29 08:07 - 2020-05-31 21:44 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3184632450-4087682676-1639592662-1001
2022-09-29 08:07 - 2020-05-31 21:10 - 000002383 _____ C:\Users\srki9\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-09-25 00:31 - 2018-05-15 04:01 - 000000000 ____D C:\Users\srki9\AppData\Local\AMD
2022-09-25 00:28 - 2018-12-23 14:55 - 000000000 ____D C:\Program Files\AMD
2022-09-25 00:27 - 2019-12-07 11:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2022-09-25 00:27 - 2018-05-03 16:54 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2022-09-25 00:24 - 2018-05-15 03:55 - 000000000 ____D C:\AMD
2022-09-25 00:18 - 2018-05-03 16:55 - 000000000 ____D C:\ProgramData\Package Cache
2022-09-24 21:43 - 2019-01-16 18:59 - 000000000 ____D C:\ProgramData\Riot Games
2022-09-21 08:25 - 2020-11-07 19:42 - 000001031 _____ C:\Users\srki9\Desktop\Sluzbeni.lnk
2022-09-20 22:08 - 2022-03-16 20:12 - 000448536 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2022-09-20 22:08 - 2022-03-16 20:12 - 000034664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2022-09-20 22:03 - 2020-12-07 22:44 - 001979904 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2022-09-20 21:59 - 2021-11-05 01:27 - 000177840 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdihk32.dll
2022-09-20 21:59 - 2020-12-07 22:43 - 000222672 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdihk64.dll
2022-09-17 14:12 - 2018-05-03 16:57 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-09-16 17:34 - 2020-05-31 21:36 - 000329104 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-09-16 17:32 - 2019-12-07 11:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-09-16 17:32 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-09-16 17:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2022-09-16 17:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-09-16 17:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-09-16 17:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2022-09-16 17:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-09-16 17:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-09-16 17:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2022-09-16 17:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-09-16 17:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-09-16 08:21 - 2020-06-03 18:33 - 000000000 ____D C:\Users\srki9\Documents\ViberDownloads
2022-09-16 07:49 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-09-16 07:46 - 2020-05-31 21:38 - 003011072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-09-16 07:38 - 2018-05-09 01:48 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-09-16 07:33 - 2018-05-09 01:48 - 141646296 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-09-16 00:46 - 2021-05-15 19:39 - 002977744 _____ (AMD Inc.) C:\WINDOWS\SysWOW64\AMDBugReportTool.exe

==================== Files in the root of some directories ========

2018-11-01 16:34 - 2021-10-09 16:35 - 000000132 _____ () C:\Users\srki9\AppData\Roaming\licecap.ini
2020-05-01 17:04 - 2020-05-01 17:04 - 000001711 _____ () C:\Users\srki9\AppData\Roaming\SpeedRunnersLog.txt
2020-05-01 17:04 - 2020-05-01 17:04 - 000002896 _____ () C:\Users\srki9\AppData\Roaming\TargetInvocationLog.txt
2022-02-09 19:58 - 2022-02-12 11:37 - 000007432 _____ () C:\Users\srki9\AppData\Roaming\VoiceMeeterDefault.xml
2018-08-01 00:43 - 2018-08-01 02:07 - 000001456 _____ () C:\Users\srki9\AppData\Local\Adobe Save for Web 13.0 Prefs
2022-02-19 05:00 - 2022-02-19 05:00 - 000000726 _____ () C:\Users\srki9\AppData\Local\cur17CA.tmp
2022-02-19 04:59 - 2022-02-19 04:59 - 000000726 _____ () C:\Users\srki9\AppData\Local\cur44.tmp
2022-02-19 04:59 - 2022-02-19 04:59 - 000000726 _____ () C:\Users\srki9\AppData\Local\curDBA3.tmp
2022-02-19 04:59 - 2022-02-19 04:59 - 000000726 _____ () C:\Users\srki9\AppData\Local\curEB49.tmp
2022-02-19 04:59 - 2022-02-19 04:59 - 000000726 _____ () C:\Users\srki9\AppData\Local\curF968.tmp
2018-09-28 14:18 - 2018-09-28 14:18 - 000000000 _____ () C:\Users\srki9\AppData\Local\oobelibMkey.log
2019-01-28 07:23 - 2019-04-28 00:27 - 000000600 _____ () C:\Users\srki9\AppData\Local\PUTTY.RND
2018-09-28 23:37 - 2020-12-20 02:49 - 000007614 _____ () C:\Users\srki9\AppData\Local\Resmon.ResmonCfg
2018-05-08 03:59 - 2018-05-08 03:59 - 000000003 _____ () C:\Users\srki9\AppData\Local\updater.log
2021-05-25 19:56 - 2021-05-25 20:02 - 000000069 _____ () C:\Users\srki9\AppData\Local\update_progress.txt
2018-05-08 03:59 - 2022-03-06 23:22 - 000000424 _____ () C:\Users\srki9\AppData\Local\UserProducts.xml
2020-08-09 21:57 - 2020-08-09 22:29 - 000000093 _____ () C:\Users\srki9\AppData\Local\X-Plane 11 Preferences.prf
2020-08-09 22:22 - 2020-08-09 22:22 - 000000037 _____ () C:\Users\srki9\AppData\Local\X-Plane Installer.prf
2020-08-09 22:22 - 2020-08-09 22:23 - 000000015 _____ () C:\Users\srki9\AppData\Local\X-Plane_drm_11.prf
2020-08-09 21:57 - 2020-08-09 21:57 - 000000022 _____ () C:\Users\srki9\AppData\Local\x-plane_install_11.txt

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

https://www.mycity.rs/must-login.png

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Zdravo, iskreno, ne vidim nista posebno.

1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod:

CreateRestorePoint:
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
AlternateDataStreams: C:\Users\srki9:Heroes & Generals [38]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [472]
AlternateDataStreams: C:\Users\srki9\Application Data:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\srki9\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
EmptyTemp:


2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt
To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt
Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi.

3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj.
Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema.



Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku.
Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Pozdrav, evo loga:

Fix result of Farbar Recovery Scan Tool (x64) Version: 14-10-2022
Ran by srki9 (14-10-2022 16:40:19) Run:1
Running from C:\Users\srki9\Desktop
Loaded Profiles: srki9 & Test
Boot Mode: Normal
==============================================

fixlist content:
*****************
CreateRestorePoint:
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
AlternateDataStreams: C:\Users\srki9:Heroes & Generals [38]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [472]
AlternateDataStreams: C:\Users\srki9\Application Data:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\srki9\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
EmptyTemp:
*****************

Restore point was successfully created.
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate => removed successfully
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\ProgramData\NTUSER.pol => moved successfully
C:\Users\srki9 => ":Heroes & Generals" ADS removed successfully
C:\Users\Public\Shared Files => ":VersionCache" ADS removed successfully
C:\Users\srki9\Application Data => ":00e481b5e22dbe1f649fcddd505d3eb7" ADS removed successfully
"C:\Users\srki9\AppData\Roaming" => ":00e481b5e22dbe1f649fcddd505d3eb7" ADS not found.

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 211742300 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 719662960 B
Windows/system/drivers => 14555778 B
Edge => 4066226 B
Chrome => 464502076 B
Firefox => 0 B
Opera => 25768584 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 215713 B
LocalService => 215713 B
NetworkService => 3066183 B
srki9 => 532173077 B
Test => 815734303 B

RecycleBin => 285789523 B
EmptyTemp: => 2.9 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 18:26:15 ====

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Da li imas nekih problema u radu? Ja bih rekao da je sve uredu.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Steam mi ponekad ne izrenderuje celu aplikaciju.
Mislim da je zbog keša ali ništa što reinstalacijom ne bih mogao da rešim.

Osim toga, u radu je sve OK kao i ranije.

Hvala