Hello everyone,
It looks like there is a Powershell infection in my computer. Bitdefender Total Security is unable to detect any files, but displays the following notifications:
Every time I see these things related to powershell.exe it’s always tied to the IP 152.89.247.113
Other dangerous pages seen in Bitdefender, BE CAREFUL NOT TO INFECT YOURSELF TOO:
EDIT: links removed
I ran FRST64, there are the logs.
FRST.txt:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-04-2022
Ran by Phenom (administrator) on DESKTOP-QF06V5V (Gigabyte Technology Co., Ltd. B450 GAMING X) (28-04-2022 19:03:26)
Running from C:UsersPhenomDesktop
Loaded Profiles: Phenom & User
Platform: Microsoft Windows 11 Pro Version 21H2 22000.652 (X64) Language: English (United States)
Default browser: "C:Program FilesGoogleChrome BetaApplicationchrome.exe" --single-argument %1
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:ProgramDataBattle.netAgentAgent.7661Agent.exe
(C:Program Files (x86)Epic GamesLauncherPortalBinariesWin64EpicGamesLauncher.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:Program Files (x86)Epic GamesLauncherEngineBinariesWin64EpicWebHelper.exe <2>
(C:Program Files (x86)F-SecureFreedomeFreedome1.1fsvpnservice.exe ->) (F-Secure Corporation -> F-Secure Corporation) C:Program Files (x86)F-SecureFreedomeFreedome1.1Freedome.exe
(C:Program Files (x86)F-SecureSAFEUltralightulcore1651147404fshoster64.exe ->) (F-Secure Corporation -> F-Secure Corporation) C:Program Files (x86)F-SecureSAFEUltralightulcore1651147404FsPisces.exe
(C:Program FilesBitdefender AgentProductAgentService.exe ->) (Bitdefender SRL -> Bitdefender) C:Program FilesBitdefender Agent26.0.1.220DiscoverySrv.exe
(C:Program FilesBitdefenderBitdefender Securitybdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:Program FilesBitdefenderBitdefender Securitybdagent.exe
(C:Program FilesBitdefenderBitdefender Securitybdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:Program FilesBitdefenderBitdefender Securitybdntwrk.exe
(C:Program FilesBitdefenderBitdefender Securitybdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:Program FilesBitdefenderBitdefender Securitybdwtxag.exe
(C:Program FilesBitdefenderBitdefender Securitybdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:Program FilesBitdefenderBitdefender Securityseccenter.exe
(C:Program FilesMalwarebytesAnti-MalwareMBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:Program FilesMalwarebytesAnti-Malwarembamtray.exe
(C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32rundll32.exe
(C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:Program FilesNVIDIA CorporationNVIDIA GeForce ExperienceNVIDIA Share.exe <3>
(C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:Program FilesNVIDIA CorporationShadowPlaynvsphelper64.exe
(C:Program FilesRogueKillerRogueKillerSvc.exe ->) (ADLICE -> ) C:Program FilesRogueKillerRogueKiller64.exe
(C:Program FilesWindowsAppsMicrosoftWindows.Client.WebExperience_421.20070.95.0_x64__cw5n1h2txyewyDashboardWidgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:Program Files (x86)MicrosoftEdgeWebViewApplication100.0.1185.50msedgewebview2.exe <6>
(Discord Inc. -> Discord Inc.) C:UsersPhenomAppDataLocalDiscordCanaryapp-1.0.46DiscordCanary.exe <6>
(Epic Games Inc. -> Epic Games, Inc.) C:Program Files (x86)Epic GamesLauncherPortalBinariesWin64EpicGamesLauncher.exe
(explorer.exe ->) (Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:Program Files (x86)Battle.netBattle.net.exe <3>
(explorer.exe ->) (Ghisler Software GmbH -> Ghisler Software GmbH) C:Program FilesTotal CommanderTOTALCMD64.EXE
(explorer.exe ->) (Google LLC -> Google LLC) C:Program FilesGoogleChrome BetaApplicationchrome.exe <57>
(Google LLC -> Google LLC) C:Program Files (x86)GoogleUpdate1.3.36.132GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:Program Files (x86)GoogleUpdate1.3.36.132GoogleCrashHandler64.exe
(HP Inc.) C:Program FilesWindowsAppsAD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6win32OmenCommandCenterBackground.exe
(Microsoft Windows -> Microsoft Corporation) C:Program FilesWindows NTAccessorieswordpad.exe
(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32Taskmgr.exe
(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32WindowsPowerShellv1.0powershell.exe
(Nvidia Corporation -> Node.js) C:Program Files (x86)NVIDIA CorporationNvNodeNVIDIA Web Helper.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:Program FilesCCleanerCCleaner64.exe
(services.exe ->) (ADLICE -> ) C:Program FilesRogueKillerRogueKillerSvc.exe
(services.exe ->) (Avira Operations GmbH & Co. KG) [File not signed] C:Program Files (x86)AviraVPNAvira.VpnService.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:Program FilesBitdefender AgentProductAgentService.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:Program FilesBitdefender Agentredlinebdredline.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:Program FilesBitdefenderBitdefender Securitybdservicehost.exe <3>
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:Program FilesBitdefenderBitdefender Securityupdatesrv.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:Program FilesBitdefenderBitdefender VPNBdVpnService.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:Program FilesCommon FilesBitdefenderSetupInformationBitdefender RedLinebdredline.exe
(services.exe ->) (F-Secure Corporation -> F-Secure Corporation) C:Program Files (x86)F-SecureFreedomeFreedome1.1fsvpnservice.exe
(services.exe ->) (F-Secure Corporation -> F-Secure Corporation) C:Program Files (x86)F-SecureSAFEfshoster32.exe <3>
(services.exe ->) (F-Secure Corporation -> F-Secure Corporation) C:Program Files (x86)F-SecureSAFEUltralightulcore1651147404fshoster64.exe <2>
(services.exe ->) (F-Secure Corporation -> F-Secure Corporation) C:Program Files (x86)F-SecureSAFEUltralightulcore1651147404fsorsp64.exe
(services.exe ->) (F-Secure Corporation -> F-Secure Corporation) C:Program Files (x86)F-SecureSAFEUltralightulcore1651147404fsulprothoster.exe
(services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:Program FilesMalwarebytesAnti-MalwareMBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:Program FilesCommon Filesmicrosoft sharedClickToRunOfficeClickToRun.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe <3>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:WindowsSystem32DriverStoreFileRepositorynv_dispi.inf_amd64_4d7400884d0d52e3Display.NvContainerNVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:WindowsSystem32DriverStoreFileRepositoryrealtekservice.inf_amd64_eb52bf0d4dccfcf3RtkAudUService64.exe <2>
(services.exe ->) (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) C:Program Files (x86)SamsungSamsung MagicianSamsungMagicianSVC.exe
(Slack Technologies, Inc. -> Slack Technologies Inc.) C:UsersPhenomAppDataLocalslackapp-4.26.0slack.exe <5>
(svchost.exe ->) (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGABYTE Technology Co.,Ltd.) C:Program Files (x86)GIGABYTEAORUS ENGINEAORUS.exe
(svchost.exe ->) (HP Inc. -> HP Inc.) C:Program FilesHPSystemOptimizerSystemOptimizer.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:WindowsImmersiveControlPanelSystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:WindowsUUSamd64MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows) C:Program FilesWindowsAppsMicrosoftWindows.Client.WebExperience_421.20070.95.0_x64__cw5n1h2txyewyDashboardWidgets.exe
(svchost.exe ->) (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) C:Program Files (x86)SamsungSamsung MagicianSamsungMagician.exe <4>
(svchost.exe ->) (WhatsApp Inc.) C:Program FilesWindowsApps5319275A.51895FA4EA97F_2.2216.4.0_x64__cv1g1gvanyjgmWhatsApp.exe
(Telegram Messenger LLP) C:Program FilesWindowsAppsTelegramMessengerLLP.TelegramDesktop_3.6.0.0_x64__t4vj0pshhgkwmTelegram.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM...Run: [RtkAudUService] => C:WINDOWSSystem32DriverStoreFileRepositoryrealtekservice.inf_amd64_eb52bf0d4dccfcf3RtkAudUService64.exe [3479488 2022-04-11] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKUS-1-5-21-1599435516-3482468045-2126034812-1001...Run: [EpicGamesLauncher] => C:Program Files (x86)Epic GamesLauncherPortalBinariesWin64EpicGamesLauncher.exe [32613856 2022-04-28] (Epic Games Inc. -> Epic Games, Inc.)
HKUS-1-5-21-1599435516-3482468045-2126034812-1001...Run: [CCleaner Smart Cleaning] => C:Program FilesCCleanerCCleaner64.exe [36705520 2022-04-07] (Piriform Software Ltd -> Piriform Software Ltd)
HKUS-1-5-21-1599435516-3482468045-2126034812-1001...Run: [DiscordCanary] => C:UsersPhenomAppDataLocalDiscordCanaryUpdate.exe [1522176 2022-04-15] (Discord Inc. -> GitHub)
HKUS-1-5-21-1599435516-3482468045-2126034812-1001...Run: [Battle.net] => C:Program Files (x86)Battle.netBattle.net.exe [1088456 2022-04-27] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
HKUS-1-5-21-1599435516-3482468045-2126034812-1001...Run: [com.squirrel.slack.slack] => C:UsersPhenomAppDataLocalslackslack.exe [309056 2022-04-28] (Slack Technologies, Inc. -> Slack Technologies Inc.)
HKLMSoftwareMicrosoftActive SetupInstalled Components: [{8237E44A-0054-442C-B6B6-EA0509993955}] -> C:Program FilesGoogleChrome BetaApplication101.0.4951.41Installerchrmstp.exe [2022-04-20] (Google LLC -> Google LLC)
HKLMSoftwareMicrosoftActive SetupInstalled Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:Program FilesBraveSoftwareBrave-BrowserApplication101.1.38.109Installerchrmstp.exe [2022-04-27] (Brave Software, Inc. -> Brave Software, Inc.)
Startup: C:UsersPhenomAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupAORUS ENGINE.lnk [2022-04-15]
ShortcutTarget: AORUS ENGINE.lnk -> C:Program Files (x86)GIGABYTEAORUS ENGINEautorun.exe () [File not signed]
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:ProgramDataNTUSER.pol: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {02121D01-DBE4-4731-9DFF-FB8E80386CF1} - System32TasksBraveSoftwareUpdateTaskMachineCore => C:Program Files (x86)BraveSoftwareUpdateBraveUpdate.exe [165120 2022-04-11] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {02D88619-C1AF-4364-BD46-DB97F47F0577} - System32TasksF-SecureF-Secure Hotfix => C:Program Files (x86)F-SecureSAFEfs_hotfix.exe [315032 2022-03-25] (F-Secure Corporation -> F-Secure Corporation)
Task: {0489B081-0CCD-44EB-AF65-ECB241F60E93} - System32TasksGoogleUpdateTaskMachineUA => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [156232 2022-01-19] (Google LLC -> Google LLC)
Task: {144401BC-4F00-4243-ADDC-23C0991D77EB} - System32TasksNvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe [1003128 2022-03-01] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:Program FilesNVIDIA CorporationNvDriverUpdateCheck" -l 3 -f C:ProgramDataNVIDIANvContainerDriverUpdateCheck.log
Task: {18FA359C-512D-4264-BBC4-9716B96EBB68} - System32TasksGoogleUpdateTaskMachineCore => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [156232 2022-01-19] (Google LLC -> Google LLC)
Task: {1E9485AB-1FC8-4BF5-BD10-22D73C225910} - System32TasksNVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNVIDIA GeForce ExperienceNVIDIA GeForce Experience.exe [3342080 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {316E7299-D946-42B5-B73D-B3CE78777AB9} - System32TasksMicrosoftOfficeOffice Automatic Updates 2.0 => C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeC2RClient.exe [21863344 2022-02-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {33F7899E-577F-41F4-B864-D0141C9D8AB2} - System32TasksNvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationUpdate CoreNvProfileUpdater64.exe [906752 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {42212260-AAC6-4D5C-837A-A35AAF48EEAC} - System32TasksOneDrive Standalone Update Task-S-1-5-21-1599435516-3482468045-2126034812-1002 => C:UsersPhenomAppDataLocalMicrosoftOneDriveOneDriveStandaloneUpdater.exe (No File)
Task: {4F483515-29B7-41B1-BF87-A0721EE17B31} - System32TasksBraveSoftwareUpdateTaskMachineUA => C:Program Files (x86)BraveSoftwareUpdateBraveUpdate.exe [165120 2022-04-11] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {571D52C1-5426-462D-832E-CAE81C4BD13F} - System32TasksMicrosoftWindowsWHServiceProviderAccess => C:WindowsSystem32SyncAppvPublishingServer.vbs [1720 2021-06-05] (Microsoft Windows -> ) -> "n; $a = Get-Content "C:Windowsrundll62" | Select -Index 17033;iex $a;hackbacktrack 5+SxcONPw31YD5KkNSFEldTrLB+ZFx7b29V1rxazM+g=
Task: {5C6840F8-D23B-420B-BB78-9E7C6677F63D} - System32TasksMicrosoftOfficeOfficeTelemetryAgentFallBack2016 => C:Program FilesMicrosoft OfficerootOffice16msoia.exe [7053720 2022-04-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {5EF50543-85B4-4C16-B500-2BE109B09A59} - System32TasksNvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvBackendNvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {5FD84DD5-34F7-4C4E-8C31-8AA688608220} - System32TasksMicrosoftOfficeOffice Feature Updates Logon => C:Program FilesMicrosoft OfficerootOffice16sdxhelper.exe [141208 2022-04-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {657CCEF6-B925-4BB8-8BC5-4BD98753C3D3} - System32TasksMicrosoftOfficeOfficeTelemetryAgentLogOn2016 => C:Program FilesMicrosoft OfficerootOffice16msoia.exe [7053720 2022-04-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {7E0D34DA-C99B-4ED8-AD65-78C683E4E6F4} - System32TasksMicrosoftOfficeOffice ClickToRun Service Monitor => C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeC2RClient.exe [21863344 2022-02-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {806500B0-429A-44D7-B112-B896FB0DF002} - System32TasksNvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvBackendNvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {876E2C86-4C1A-4362-807C-D8A9093BA089} - System32TasksSamsungMagician => C:Program Files (x86)SamsungSamsung MagicianSamsungMagician.exe [109697976 2021-12-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
Task: {8EE53488-CE10-4468-BF82-04DD04A80832} - System32TasksSystemOptimizer => C:Program FilesHPSystemOptimizerSystemOptimizer.exe [112728 2022-02-03] (HP Inc. -> HP Inc.)
Task: {971D583E-B335-4C31-8215-203FD48CCF28} - System32TasksNvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvBackendNvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {9B890657-6594-4E7A-8A56-1764675F9614} - System32TasksNvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program Files (x86)NVIDIA CorporationNvNodenvnodejslauncher.exe [646344 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {9C800561-F322-402A-9F8A-D24092BE4DC6} - System32TasksOpera scheduled Autoupdate 1642631694 => C:UsersPhenomAppDataLocalProgramsOpera developerlauncher.exe [2719488 2022-04-25] (Opera Software AS -> Opera Software) <==== ATTENTION
Task: {A8AACED6-3881-4225-B3A7-C59CC48C1B8D} - System32TasksCreateExplorerShellUnelevatedTask => C:Windowsexplorer.exe /NoUACCheck
Task: {AD351213-BD13-4623-8D52-334B6653287E} - System32TasksNvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationUpdate CoreNvProfileUpdater64.exe [906752 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {AF0A8389-6BE8-48E7-B5A6-2264F05C791D} - System32TasksNvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvBackendNvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {B1C0202D-0735-40AA-BA43-65446D23A0E5} - System32TasksKpRm-quarantinesKpRm-quarantines-20220428182110 => C:KPRMtasks-quarantineskprm-quarantines.exe [2811112 2022-04-28] (kernel-panik -> kernel-panik) [File not signed]
Task: {B6CD9DD5-733E-4913-B41E-BE05EB7EE694} - System32TasksBitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C => C:Program FilesBitdefenderBitdefender Securitybdagent.exe [584280 2022-04-20] (Bitdefender SRL -> Bitdefender)
Task: {C0CEC1B1-3690-481F-8A9B-493D4E0799D6} - System32TasksOneDrive Standalone Update Task-S-1-5-21-1599435516-3482468045-2126034812-1001 => C:UsersPhenomAppDataLocalMicrosoftOneDriveOneDriveStandaloneUpdater.exe (No File)
Task: {C357FFB5-D09A-4A71-9F1C-DD2F0CD24A14} - System32TasksCCleaner Update => C:Program FilesCCleanerCCUpdate.exe (No File)
Task: {D895215F-D917-49D6-9612-8342A713BEE4} - System32TasksLauncher GIGABYTE AORUS GRAPHICS ENGINE => C:Program Files (x86)GIGABYTEAORUS ENGINEAORUS.exe [34682752 2022-04-06] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGABYTE Technology Co.,Ltd.)
Task: {DEB67D86-1989-4F0D-ACDB-54BBDC527C49} - System32TasksBitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:Program FilesBitdefender Agent26.0.1.220WatchDog.exe [1050728 2022-03-23] (Bitdefender SRL -> Bitdefender)
Task: {E6CDAF43-7A59-4EC1-B8F7-5E627C14235A} - System32TasksOneDrive Reporting Task-S-1-5-21-1599435516-3482468045-2126034812-1002 => C:UsersPhenomAppDataLocalMicrosoftOneDriveOneDriveStandaloneUpdater.exe /reporting (No File)
Task: {F9318572-28D5-44C3-A922-33626CF768E5} - System32TasksMicrosoftOfficeOffice Feature Updates => C:Program FilesMicrosoft OfficerootOffice16sdxhelper.exe [141208 2022-04-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {FCC2E13F-8694-42FB-B00A-7730EEB2751D} - System32TasksCCleanerSkipUAC - Phenom => C:Program FilesCCleanerCCleaner.exe [30836464 2022-04-07] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {FCC85155-47B0-440D-B196-5117B748A8DE} - System32TasksMozillaFirefox Nightly Default Browser Agent 6F193CCC56814779 => C:Program FilesFirefox Nightlydefault-browser-agent.exe do-task "6F193CCC56814779"
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: 127.0.0.1 localhost
TcpipParameters: [DhcpNameServer] 192.168.0.1
Tcpip..Interfaces{08f01634-5a0a-4001-b76a-d21b548a3691}: [DhcpNameServer] 192.168.0.1
Tcpip..Interfaces{c9b8105f-65f8-4b25-b26f-34596433fd48}: [DhcpNameServer] 192.168.0.1
Tcpip..Interfaces{cd2d2ece-a2e7-4176-b987-5e8ea18b4918}: [DhcpNameServer] 8.8.8.8
HKLMSOFTWAREPoliciesMicrosoftInternet Explorer: Restriction <==== ATTENTION
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:UsersPhenomAppDataLocalMicrosoftEdgeUser DataDefault [2022-04-27]
Edge DownloadDir: Default -> C:UsersPhenomDownloads
Edge Notifications: Default -> hxxps://www.tiktok.com
Edge Session Restore: Default -> is enabled.
Edge Extension: (F.B.(FluffBusting)Purity) - C:UsersPhenomAppDataLocalMicrosoftEdgeUser DataDefaultExtensionsbbadpifemeclpdmgelgehgclmeohdoge [2022-04-27]
Edge Extension: (Switch UserAgents) - C:UsersPhenomAppDataLocalMicrosoftEdgeUser DataDefaultExtensionsipacohcfiahhblhbpdnnmnolcakgooci [2022-01-19]
Edge HKLM...EdgeExtension: [cpikpibllpjmpnchjajlibnmmomnnhnm]
Edge HKLM-x32...EdgeExtension: [cpikpibllpjmpnchjajlibnmmomnnhnm]
FireFox:
========
FF DefaultProfile: mkifesbr.default
FF ProfilePath: C:UsersPhenomAppDataRoamingMozillaFirefoxProfileskuhj0kmw.default-nightly [2022-04-28]
FF Session Restore: MozillaFirefoxProfileskuhj0kmw.default-nightly -> is enabled.
FF Extension: (Facebook Container) - C:UsersPhenomAppData[email protected]contain-facebook.xpi [2021-12-30]
FF Extension: (The Stream Detector) - C:UsersPhenomAppData[email protected]m3u8link.xpi [2021-12-30]
FF Extension: (TunnelBear VPN) - C:UsersPhenomAppDataRoaming[email protected]tunnelbear.com.xpi [2021-12-30]
FF Extension: (Decentraleyes) - C:UsersPhenomAppDataRoamingMozillaFiref[email protected]jetpack.xpi [2021-12-30]
FF Extension: (Nimbus Screen Capture: Screenshots, Annotate) - C:UsersPhenomAppDataRoamingMozillaFirefox[email protected]everhelper.me.xpi [2021-12-30]
FF Extension: (Rotate and Zoom Image) - C:UsersPhenomAppDataRoamingMozillaFirefox[email protected]mikk.cz.xpi [2021-12-30]
FF Extension: (uBlock Origin) - C:UsersPhenomAppDataRoaming[email protected]raymondhill.net.xpi [2021-12-30]
FF Extension: (User-Agent Switcher) - C:UsersPhenomAppDataRoamingMozillaFirefoxProfileskuhj0kmw.default-nightlyExtensions{75afe46a-7a50-4c6b-b866-c43a1075b071}.xpi [2021-12-30]
FF Extension: (Video Speed Controller) - C:UsersPhenomAppDataRoamingMozillaFirefoxProfileskuhj0kmw.default-nightlyExtensions{7be2ba16-0f1e-4d93-9ebc-5164397477a9}.xpi [2021-12-30]
FF Extension: (Creează un script nou) - C:UsersPhenomAppDataRoamingMozillaFirefoxProfileskuhj0kmw.default-nightlyExtensions{aecec67f-0d10-4fa7-b7c7-609a2db280cf}.xpi [2021-12-30]
FF Extension: (Video DownloadHelper) - C:UsersPhenomAppDataRoamingMozillaFirefoxProfileskuhj0kmw.default-nightlyExtensions{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2021-12-30]
FF Extension: (Buster: Captcha Solver for Humans) - C:UsersPhenomAppDataRoamingMozillaFirefoxProfileskuhj0kmw.default-nightlyExtensions{e58d3966-3d76-4cd9-8552-1582fbc800c1}.xpi [2021-12-30]
FF ProfilePath: C:UsersPhenomAppDataRoamingMozillaFirefoxProfiles8k2igm37.default-release [2022-04-28]
FF ProfilePath: C:UsersPhenomAppDataRoamingMozillaFirefoxProfilesmkifesbr.default [2022-04-28]
FF NetworkProxy: MozillaFirefoxProfilesmkifesbr.default -> type", 0
FF Session Restore: MozillaFirefoxProfilesmkifesbr.default -> is enabled.
FF Notifications: MozillaFirefoxProfilesmkifesbr.default -> hxxps://www.facebook.com; hxxps://www.youtube.com; hxxps://www.instagram.com
FF Extension: (Facebook Container) - C:UsersPheno[email protected]contain-facebook.xpi [2022-04-02]
FF Extension: (The Stream Detector) - C:UsersPheno[email protected]m3u8link.xpi [2022-04-02]
FF Extension: (TunnelBear VPN) - C:UsersPhenomAppDat[email protected]tunnelbear.com.xpi [2021-04-03]
FF Extension: (Chrome Store Foxified) - C:UsersPhenomAppDataRoamingMozill[email protected]jetpack.xpi [2018-09-07]
FF Extension: (Nimbus Screen Capture: Screenshots, Annotate) - C:UsersPhenomAppDataRoamingMozill[email protected]everhelper.me.xpi [2020-08-28]
FF Extension: (Rotate and Zoom Image) - C:UsersPhenomAppDataRoamingMozill[email protected]mikk.cz.xpi [2022-04-02]
FF Extension: (uBlock Origin) - C:UsersPhenomAppDat[email protected]raymondhill.net.xpi [2022-04-06]
FF Extension: (User-Agent Switcher) - C:UsersPhenomAppDataRoamingMozillaFirefoxProfilesmkifesbr.defaultExtensions{75afe46a-7a50-4c6b-b866-c43a1075b071}.xpi [2021-07-15]
FF Extension: (Video Speed Controller) - C:UsersPhenomAppDataRoamingMozillaFirefoxProfilesmkifesbr.defaultExtensions{7be2ba16-0f1e-4d93-9ebc-5164397477a9}.xpi [2021-04-22]
FF Extension: (Creează un script nou) - C:UsersPhenomAppDataRoamingMozillaFirefoxProfilesmkifesbr.defaultExtensions{aecec67f-0d10-4fa7-b7c7-609a2db280cf}.xpi [2021-06-07]
FF Extension: (Video DownloadHelper) - C:UsersPhenomAppDataRoamingMozillaFirefoxProfilesmkifesbr.defaultExtensions{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2021-07-08]
FF Extension: (Buster: Captcha Solver for Humans) - C:UsersPhenomAppDataRoamingMozillaFirefoxProfilesmkifesbr.defaultExtensions{e58d3966-3d76-4cd9-8552-1582fbc800c1}.xpi [2021-11-04]
FF HKLM...FirefoxExtensions: [[email protected]] - C:Program FilesBitdefenderBitdefender Securitybdwteff.xpi
FF Extension: (Bitdefender Wallet) - C:Program FilesBitdefenderBitdefender Securitybdwteff.xpi [2022-04-20] [UpdateUrl:hxxps://download.bitdefender.com/windows/desktop/connect/wallet/updates.json ]
FF HKLM...FirefoxExtensions: [[email protected]] - C:Program FilesBitdefenderBitdefender Securitybdtbef.xpi
FF Extension: (Bitdefender Anti-tracker) - C:Program FilesBitdefenderBitdefender Securitybdtbef.xpi [2020-09-17] [UpdateUrl:hxxps://download.bitdefender.com/windows/desktop/connect/antitracker/updates.json ]
FF HKLM...ThunderbirdExtensions: [[email protected]] - C:Program FilesBitdefenderBitdefender Securitybdtbext
FF Extension: (Bitdefender Antispam Toolbar) - C:Program FilesBitdefenderBitdefender Securitybdtbext [2022-04-20] [Legacy] [not signed]
FF HKLM-x32...FirefoxExtensions: [[email protected]] - C:Program FilesBitdefenderBitdefender Securitybdwteff.xpi
FF HKLM-x32...FirefoxExtensions: [[email protected]] - C:Program FilesBitdefenderBitdefender Securitybdtbef.xpi
FF HKLM-x32...ThunderbirdExtensions: [[email protected]] - C:Program FilesBitdefenderBitdefender Securitybdtbext
FF Plugin: @java.com/DTPlugin,version=11.321.2 -> C:Program FilesJavajre1.8.0_321bindtpluginnpDeployJava1.dll [2022-02-26] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.321.2 -> C:Program FilesJavajre1.8.0_321binplugin2npjp2.dll [2022-02-26] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:Program FilesMicrosoft OfficerootOffice16NPSPWRAP.DLL [2022-04-11] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:Program FilesVideoLANVLCnpvlc.dll [2022-04-20] (VideoLAN) [File not signed]
FF Plugin: @videolan.org/vlc,version=3.0.17.3 -> C:Program FilesVideoLANVLCnpvlc.dll [2022-04-20] (VideoLAN) [File not signed]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16NPSPWRAP.DLL [2022-04-11] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:UsersPhenomAppDataRoamingmozillapluginsnplightsparkplugin.dll [2022-01-19]
StartMenuInternet: Firefox-6F193CCC56814779 - C:Program FilesFirefox Nightlyfirefox.exe
Chrome:
=======
CHR HKLM...ChromeExtension: [jmjjnhpacphpjmnnlnccpfmhkcloaade]
CHR HKLM-x32...ChromeExtension: [gannpgaobkkhmpomoijebaigcapoeebl]
CHR HKLM-x32...ChromeExtension: [jmjjnhpacphpjmnnlnccpfmhkcloaade]
CHR HKLM-x32...ChromeExtension: [khndhdhbebhaddchcgnalcjlaekbbeof]
StartMenuInternet: Google Chrome Beta - C:Program FilesGoogleChrome BetaApplicationchrome.exe
Opera:
=======
StartMenuInternet: (HKUS-1-5-21-1599435516-3482468045-2126034812-1001) Operadeveloper - "C:UsersPhenomAppDataLocalProgramsOpera developerLauncher.exe"
Brave:
=======
BRA Profile: C:UsersPhenomAppDataLocalBraveSoftwareBrave-BrowserUser DataDefault [2022-04-19]
BRA Extension: (Brave Local Data Files Updater) - C:UsersPhenomAppDataLocalBraveSoftwareBrave-BrowserUser Dataafalakplffnnnlkncjhbmahjfjhmlkal [2022-04-13]
BRA Extension: (Brave NTP background images) - C:UsersPhenomAppDataLocalBraveSoftwareBrave-BrowserUser Dataaoojcmojmmcbpfgoecoadbdpnagfchel [2022-04-11]
BRA Extension: (Wallet Data Files Updater) - C:UsersPhenomAppDataLocalBraveSoftwareBrave-BrowserUser DataBraveWallet [2022-04-13]
BRA Extension: (Brave Ad Block Updater (Default)) - C:UsersPhenomAppDataLocalBraveSoftwareBrave-BrowserUser Datacffkpbalmllkdoenhmdmpbkajipdjfam [2022-04-13]
BRA Extension: (Brave SpeedReader Updater) - C:UsersPhenomAppDataLocalBraveSoftwareBrave-BrowserUser Datajicbkmdloagakknpihibphagfckhjdih [2022-04-11]
BRA Extension: (Brave NTP sponsored images) - C:UsersPhenomAppDataLocalBraveSoftwareBrave-BrowserUser Datalpebdnochobhopeiidkonjhkepamihmm [2022-04-13]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:UsersPhenomAppDataLocalBraveSoftwareBrave-BrowserUser Dataoofiananboodjbbmdelgdommihjbkfag [2022-04-13]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AfVpnService; C:Program FilesBitdefenderBitdefender VPNhydra.sdk.windows.service.exe [198256 2021-01-26] (Pango Inc. -> AnchorFree Inc.)
S4 AGSService; C:Program Files (x86)Common FilesAdobeAdobeGCClientAGSService.exe [3103824 2021-02-01] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AviraPhantomVPN; C:Program Files (x86)AviraVPNAvira.VpnService.exe [338432 2022-04-22] (Avira Operations GmbH & Co. KG) [File not signed]
R2 BDAuxSrv; C:Program FilesBitdefenderBitdefender Securitybdservicehost.exe [822240 2022-04-20] (Bitdefender SRL -> Bitdefender)
R2 BDProtSrv; C:Program FilesBitdefenderBitdefender Securitybdservicehost.exe [822240 2022-04-20] (Bitdefender SRL -> Bitdefender)
R2 bdredline; C:Program FilesCommon FilesBitdefenderSetupInformationBitdefender RedLinebdredline.exe [2195344 2018-03-22] (Bitdefender SRL -> Bitdefender)
R2 bdredline_agent; C:Program FilesBitdefender Agentredlinebdredline.exe [2454632 2022-02-10] (Bitdefender SRL -> Bitdefender)
R2 BdVpnService; C:Program FilesBitdefenderBitdefender VPNbdvpnservice.exe [263328 2022-03-30] (Bitdefender SRL -> Bitdefender)
S2 brave; C:Program Files (x86)BraveSoftwareUpdateBraveUpdate.exe [165120 2022-04-11] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:Program Files (x86)BraveSoftwareUpdateBraveUpdate.exe [165120 2022-04-11] (Brave Software, Inc. -> BraveSoftware Inc.)
R2 ClickToRunSvc; C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeClickToRun.exe [9191816 2022-02-24] (Microsoft Corporation -> Microsoft Corporation)
S3 EpicOnlineServices; C:Program Files (x86)Epic GamesEpic Online ServicesserviceEpicOnlineServicesHost.exe [934368 2022-03-03] (Epic Games Inc. -> Epic Games, Inc.)
R2 Freedome Service; C:Program Files (x86)F-SecureFreedomeFreedome1.1fsvpnservice.exe [1649864 2022-04-27] (F-Secure Corporation -> F-Secure Corporation)
R2 fshoster; C:Program Files (x86)F-SecureSAFEfshoster32.exe [239256 2022-03-25] (F-Secure Corporation -> F-Secure Corporation)
R2 fsnethoster; C:Program Files (x86)F-SecureSAFEfshoster32.exe [239256 2022-03-25] (F-Secure Corporation -> F-Secure Corporation)
R2 fsulhoster; C:Program Files (x86)F-SecureSAFEUltralightulcore1651147404fshoster64.exe [417048 2022-04-28] (F-Secure Corporation -> F-Secure Corporation)
R2 fsulnethoster; C:Program Files (x86)F-SecureSAFEUltralightulcore1651147404fshoster64.exe [417048 2022-04-28] (F-Secure Corporation -> F-Secure Corporation)
R2 fsulorsp; C:Program Files (x86)F-SecureSAFEUltralightulcore1651147404fsorsp64.exe [107208 2022-04-28] (F-Secure Corporation -> F-Secure Corporation)
R2 fsulprothoster; C:Program Files (x86)F-SecureSAFEUltralightulcore1651147404fsulprothoster.exe [417048 2022-04-28] (F-Secure Corporation -> F-Secure Corporation)
S3 GoogleChromeBetaElevationService; C:Program FilesGoogleChrome BetaApplication101.0.4951.41elevation_service.exe [1600912 2022-04-20] (Google LLC -> Google LLC)
S3 MagicianSVC; C:Program Files (x86)SamsungSamsung MagicianSamsungMagicianSVC.exe [347576 2021-12-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 MBAMService; C:Program FilesMalwarebytesAnti-MalwareMBAMService.exe [8347832 2022-04-25] (Malwarebytes Inc -> Malwarebytes)
R2 ProductAgentService; C:Program FilesBitdefender AgentProductAgentService.exe [786536 2022-03-23] (Bitdefender SRL -> Bitdefender)
R2 rkrtservice; C:Program FilesRogueKillerRogueKillerSvc.exe [14419440 2022-03-07] (ADLICE -> )
R2 SamsungMagicianSVC; C:Program Files (x86)SamsungSamsung MagicianSamsungMagicianSVC.exe [347576 2021-12-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 Sense; C:Program FilesWindows Defender Advanced Threat ProtectionMsSense.exe [6207688 2022-04-26] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 UPDATESRV; C:Program FilesBitdefenderBitdefender Securityupdatesrv.exe [284760 2022-04-20] (Bitdefender SRL -> Bitdefender)
R2 VSSERV; C:Program FilesBitdefenderBitdefender Securitybdservicehost.exe [822240 2022-04-20] (Bitdefender SRL -> Bitdefender)
S3 WdNisSvc; C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2203.5-0NisSrv.exe [3116848 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2203.5-0MsMpEng.exe [133544 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WsaService; C:WSAWsaServiceWsaService.exe [229888 2022-04-22] () [File not signed]
R2 NVDisplay.ContainerLocalSystem; C:WINDOWSSystem32DriverStoreFileRepositorynv_dispi.inf_amd64_4d7400884d0d52e3Display.NvContainerNVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%NVIDIANVDisplay.ContainerLocalSystem.log -l 3 -d C:WINDOWSSystem32DriverStoreFileRepositorynv_dispi.inf_amd64_4d7400884d0d52e3Display.NvContainerpluginsLocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystemLocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdgpio3; C:WINDOWSSystem32driversamdgpio3.sys [27256 2022-01-27] (ASMedia Technology Inc. -> Advanced Micro Devices, Inc)
R3 AmdTools64; C:WINDOWSSystem32driversAmdTools64.sys [63392 2020-06-16] (Microsoft Windows Hardware Compatibility Publisher -> )
R1 atc; C:WINDOWSSystem32DRIVERSatc.sys [3947928 2022-04-20] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender S.R.L. Bucharest, ROMANIA)
R2 BdDci; C:WINDOWSsystem32DRIVERSbddci.sys [800672 2022-04-20] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S0 bdelam; C:WINDOWSSystem32driversbdelam.sys [22976 2022-04-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Bitdefender)
R0 bdprivmon; C:WINDOWSSystem32DRIVERSbdprivmon.sys [33208 2022-04-20] (Microsoft Windows Hardware Compatibility Publisher -> © Bitdefender SRL)
S3 bduefiscan; C:WINDOWSsystem32DRIVERSbduefiscan.sys [55864 2022-04-20] (Bitdefender SRL -> Bitdefender)
R1 ESProtectionDriver; C:WINDOWSsystem32driversmbae64.sys [103888 2022-04-25] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 F-Secure Gatekeeper; C:Program Files (x86)F-SecureSAFEUltralightulcore1651147404fsulgk.sys [404512 2022-04-28] (Microsoft Windows Hardware Compatibility Publisher -> F-Secure Corporation)
R0 fsbts; C:WINDOWSSystem32driversfsbts.sys [51736 2022-04-26] (Microsoft Windows Hardware Compatibility Publisher -> F-Secure Corporation)
R0 fse; C:WINDOWSSystem32driversfse.sys [193896 2022-04-26] (Microsoft Windows -> Microsoft Corporation)
S0 fselms; C:WINDOWSSystem32driversfselms.sys [15816 2022-04-26] (Microsoft Windows Early Launch Anti-malware Publisher -> F-Secure Corporation)
R3 fsfreedomewintun; C:WINDOWSSystem32driversfsfreedomewintun.sys [31248 2021-09-16] (Microsoft Windows Hardware Compatibility Publisher -> F-Secure Corporation)
R2 fsnif2; C:Program Files (x86)F-SecureSAFEUltralightnif21643898281nif2s64.sys [172480 2022-04-26] (Microsoft Windows Hardware Compatibility Publisher -> F-Secure Corporation)
R3 gdrv3; C:Windowsgdrv3.sys [36352 2022-01-19] (GIGA-BYTE Technology Co., Ltd. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R0 Gemma; C:WINDOWSSystem32DRIVERSgemma.sys [1188744 2022-04-20] (Microsoft Windows Hardware Compatibility Publisher -> BitDefender S.R.L. Bucharest, ROMANIA)
R2 HpReadHWData; C:WINDOWSsystem32driversHpReadHWData.sys [47184 2022-02-03] (HP Inc. -> Windows (R) Win 7 DDK provider)
S3 Hsp; C:WINDOWSSystem32driversHsp.sys [111952 2022-04-26] (Microsoft Windows -> Microsoft Corporation)
R2 Ignis; C:WINDOWSsystem32DRIVERSignis.sys [185312 2020-10-07] (Bitdefender SRL -> Bitdefender)
R2 MBAMChameleon; C:WINDOWSSystem32DriversMbamChameleon.sys [223176 2022-04-27] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:WINDOWSSystem32DRIVERSMbamElam.sys [21480 2022-04-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:WINDOWSSystem32DRIVERSfarflt.sys [193992 2022-04-28] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:WINDOWSsystem32DRIVERSmbam.sys [70072 2022-04-28] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:WINDOWSSystem32Driversmbamswissarmy.sys [239560 2022-04-27] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:WINDOWSsystem32DRIVERSmwac.sys [158856 2022-04-28] (Malwarebytes Inc -> Malwarebytes)
R3 nvvad_WaveExtensible; C:WINDOWSsystem32driversnvvad64v.sys [48552 2021-11-01] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
R3 phantomtap; C:WINDOWSSystem32driversphantomtap.sys [50248 2022-03-30] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
R3 rt68cx21; C:WINDOWSSystem32DriverStoreFileRepositoryrt68cx21x64.inf_amd64_9bf8409c8d4e92a5rt68cx21x64.sys [625560 2022-04-12] (Realtek Semiconductor Corp. -> Realtek)
R3 tap0901; C:WINDOWSSystem32driverstap0901.sys [47920 2020-02-20] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
U3 TrueSight; C:WindowsSystem32driverstruesight.sys [38032 2022-04-28] (Adlice -> )
R0 trufos; C:WINDOWSSystem32DRIVERStrufos.sys [623008 2022-04-20] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
R0 vlflt; C:WINDOWSSystem32DRIVERSvlflt.sys [485792 2022-04-20] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S3 vmbusproxy; C:WINDOWSsystem32driversvmbusproxy.sys [90112 2022-04-26] (Microsoft Windows -> )
S3 WdBoot; C:WINDOWSsystem32driverswdWdBoot.sys [49600 2022-04-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:WINDOWSsystem32driverswdWdFilter.sys [443664 2022-04-08] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:WINDOWSSystem32driverswdWdNisDrv.sys [90384 2022-04-08] (Microsoft Windows -> Microsoft Corporation)
S3 HWiNFO_170; ??C:UsersPhenomAppDataLocalTempHWiNFO64A_170.SYS [X] <==== ATTENTION
S1 WinSetupMon; system32DRIVERSWinSetupMon.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-04-28 19:03 - 2022-04-28 19:04 - 000041023 _____ C:UsersPhenomDesktopFRST.txt
2022-04-28 18:45 - 2022-04-28 18:40 - 002366976 _____ (Farbar) C:UsersPhenomDesktopFRST64.exe
2022-04-28 18:41 - 2022-04-28 19:03 - 000000000 ____D C:FRST
2022-04-28 18:40 - 2022-04-28 18:40 - 002366976 _____ (Farbar) C:UsersPhenomDownloadsFRST64.exe
2022-04-28 18:23 - 2022-04-28 18:23 - 000193992 _____ (Malwarebytes) C:WINDOWSsystem32Driversfarflt.sys
2022-04-28 18:23 - 2022-04-28 18:23 - 000158856 _____ (Malwarebytes) C:WINDOWSsystem32Driversmwac.sys
2022-04-28 18:23 - 2022-04-28 18:23 - 000070072 _____ (Malwarebytes) C:WINDOWSsystem32Driversmbam.sys
2022-04-28 18:23 - 2022-04-28 18:23 - 000000000 ____D C:UsersPhenomAppDataLocalLowIGDump
2022-04-28 18:21 - 2022-04-28 18:21 - 000000000 ____D C:WINDOWSsystem32TasksKpRm-quarantines
2022-04-28 18:21 - 2022-04-28 18:21 - 000000000 ____D C:KPRM
2022-04-28 18:19 - 2022-04-28 18:19 - 002811112 _____ (kernel-panik) C:UsersPhenomDownloadskprm_2.9.3 (2).exe
2022-04-28 18:19 - 2022-04-28 18:19 - 002811112 _____ (kernel-panik) C:UsersPhenomDownloadskprm_2.9.3 (1).exe
2022-04-28 18:13 - 2022-04-28 19:18 - 000000000 ____D C:UsersPhenomDocuments20220428
2022-04-28 17:46 - 2022-04-28 17:46 - 011331520 _____ (SurfRight B.V.) C:UsersPhenomDownloadsHitmanPro_x64 (1).exe
2022-04-28 17:41 - 2022-04-28 17:41 - 000012872 _____ (SurfRight B.V.) C:WINDOWSsystem32bootdelete.exe
2022-04-28 17:38 - 2022-04-28 17:38 - 000040976 _____ C:WINDOWSsystem32Drivershitmanpro37.sys
2022-04-28 17:31 - 2022-04-28 17:38 - 000000000 ____D C:Program FilesHitmanPro
2022-04-28 17:30 - 2022-04-28 17:30 - 014239168 _____ (SurfRight B.V.) C:UsersPhenomDownloadsHitmanPro_x64.exe
2022-04-28 16:33 - 2022-04-28 16:33 - 002811112 _____ (kernel-panik) C:UsersPhenomDownloadskprm_2.9.3.exe
2022-04-28 14:55 - 2022-04-28 18:23 - 000000000 ____D C:UsersPhenomAppDataRoamingSlack
2022-04-28 14:55 - 2022-04-28 14:55 - 102072640 _____ (Slack Technologies Inc.) C:UsersPhenomDownloadsSlackSetup.exe
2022-04-28 14:55 - 2022-04-28 14:55 - 000002208 _____ C:UsersPhenomDesktopSlack.lnk
2022-04-28 14:55 - 2022-04-28 14:55 - 000000000 ____D C:UsersPhenomAppDataRoamingMicrosoftWindowsStart MenuProgramsSlack Technologies Inc
2022-04-28 14:55 - 2022-04-28 14:55 - 000000000 ____D C:UsersPhenomAppDataLocalslack
2022-04-28 03:20 - 2022-04-28 03:21 - 184206126 _____ C:UsersPhenomDownloadsX-230120NBREX.rar
2022-04-28 03:00 - 2022-04-28 18:23 - 000038032 _____ C:WINDOWSsystem32Driverstruesight.sys
2022-04-28 02:52 - 2022-04-28 02:59 - 000426192 _____ C:WINDOWSntbtlog.txt
2022-04-28 02:42 - 2022-04-28 02:42 - 000004322 _____ C:UsersPhenomDownloadsAdd_Take_Ownership_to_context_menu.reg
2022-04-28 01:27 - 2022-04-28 01:27 - 000014790 _____ C:UsersPhenomDownloadsffz-settings (2022-4-28).json
2022-04-27 21:50 - 2022-04-27 21:50 - 000000000 ____D C:WINDOWSLastGood.Tmp
2022-04-27 18:42 - 2022-04-21 21:37 - 001905936 _____ C:WINDOWSsystem32vulkaninfo-1-999-0-0-0.exe
2022-04-27 18:42 - 2022-04-21 21:37 - 001905936 _____ C:WINDOWSsystem32vulkaninfo.exe
2022-04-27 18:42 - 2022-04-21 21:37 - 001478416 _____ C:WINDOWSSysWOW64vulkaninfo-1-999-0-0-0.exe
2022-04-27 18:42 - 2022-04-21 21:37 - 001478416 _____ C:WINDOWSSysWOW64vulkaninfo.exe
2022-04-27 18:42 - 2022-04-21 21:37 - 001432336 _____ C:WINDOWSsystem32vulkan-1-999-0-0-0.dll
2022-04-27 18:42 - 2022-04-21 21:37 - 001432336 _____ C:WINDOWSsystem32vulkan-1.dll
2022-04-27 18:42 - 2022-04-21 21:37 - 001145616 _____ C:WINDOWSSysWOW64vulkan-1-999-0-0-0.dll
2022-04-27 18:42 - 2022-04-21 21:37 - 001145616 _____ C:WINDOWSSysWOW64vulkan-1.dll
2022-04-27 18:42 - 2022-04-21 21:36 - 001467992 _____ (Khronos Group) C:WINDOWSsystem32OpenCL.dll
2022-04-27 18:42 - 2022-04-21 21:36 - 001209432 _____ (Khronos Group) C:WINDOWSSysWOW64OpenCL.dll
2022-04-27 18:42 - 2022-04-21 21:34 - 000586464 _____ C:WINDOWSsystem32nvofapi64.dll
2022-04-27 18:42 - 2022-04-21 21:34 - 000461400 _____ C:WINDOWSSysWOW64nvofapi.dll
2022-04-27 18:42 - 2022-04-21 21:33 - 001530432 _____ (NVIDIA Corporation) C:WINDOWSsystem32NvIFR64.dll
2022-04-27 18:42 - 2022-04-21 21:33 - 001177288 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64NvIFR.dll
2022-04-27 18:42 - 2022-04-21 21:33 - 000725568 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvml.dll
2022-04-27 18:42 - 2022-04-21 21:33 - 000712392 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvidia-smi.exe
2022-04-27 18:42 - 2022-04-21 21:32 - 002120928 _____ (NVIDIA Corporation) C:WINDOWSsystem32NvFBC64.dll
2022-04-27 18:42 - 2022-04-21 21:32 - 001603152 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64NvFBC.dll
2022-04-27 18:42 - 2022-04-21 21:32 - 000730328 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvEncodeAPI64.dll
2022-04-27 18:42 - 2022-04-21 21:32 - 000581848 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64nvEncodeAPI.dll
2022-04-27 18:42 - 2022-04-21 21:31 - 006963912 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvcuvid.dll
2022-04-27 18:42 - 2022-04-21 21:31 - 006226632 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64nvcuvid.dll
2022-04-27 18:42 - 2022-04-21 21:31 - 005729856 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvcpl.dll
2022-04-27 18:42 - 2022-04-21 21:31 - 005100744 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64nvcuda.dll
2022-04-27 18:42 - 2022-04-21 21:31 - 002932936 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvcuda.dll
2022-04-27 18:42 - 2022-04-21 21:31 - 000457928 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvdebugdump.exe
2022-04-27 18:42 - 2022-04-21 21:30 - 000852048 _____ (NVIDIA Corporation) C:WINDOWSsystem32MCU.exe
2022-04-27 18:42 - 2022-04-21 05:16 - 000089337 _____ C:WINDOWSsystem32nvinfo.pb
2022-04-27 17:32 - 2022-04-27 17:32 - 000000000 ____D C:ProgramDataBlizzard Entertainment
2022-04-27 17:30 - 2022-04-28 19:13 - 000000000 ____D C:UsersPhenomAppDataLocalBattle.net
2022-04-27 17:30 - 2022-04-27 17:32 - 000000000 ____D C:UsersPhenomAppDataRoamingBattle.net
2022-04-27 17:30 - 2022-04-27 17:30 - 000000940 _____ C:UsersPublicDesktopBattle.net.lnk
2022-04-27 17:30 - 2022-04-27 17:30 - 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsBattle.net
2022-04-27 17:29 - 2022-04-28 02:04 - 000000000 ____D C:Program Files (x86)Battle.net
2022-04-27 17:29 - 2022-04-27 17:29 - 000000000 ____D C:UsersPhenomAppDataLocalBlizzard Entertainment
2022-04-27 17:29 - 2022-04-27 17:29 - 000000000 ____D C:ProgramDataBattle.net
2022-04-27 17:28 - 2022-04-27 17:29 - 004837816 _____ (Blizzard Entertainment) C:UsersPhenomDownloadsBattle.net-Setup.exe
2022-04-27 13:38 - 2022-04-27 13:38 - 098870710 _____ C:UsersPhenomDownloadsffmpeg-944b8c9-ff31946-win64-nonfree.7z
2022-04-27 13:37 - 2022-04-27 13:37 - 012037363 _____ C:UsersPhenomDownloadsffmpeg-snapshot.tar.bz2
2022-04-27 13:28 - 2022-04-27 13:28 - 012975058 _____ C:UsersPhenomDownloadsTwitchDownloaderCLI-Windows-x64.zip
2022-04-27 13:28 - 2022-04-27 13:28 - 000000000 ____D C:Program FilesTwitch VOD Downloader
2022-04-27 01:32 - 2022-04-27 01:32 - 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsFreedome
2022-04-27 01:29 - 2022-04-27 01:32 - 000002464 _____ C:UsersPublicDesktopFreedome.lnk
2022-04-26 23:02 - 2022-04-26 23:02 - 000196096 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:WINDOWSSysWOW64l3codecp.acm
2022-04-26 23:01 - 2022-04-26 23:01 - 000831488 _____ (Microsoft Corporation) C:WINDOWSsystem32Bubbles.scr
2022-04-26 23:01 - 2022-04-26 23:01 - 000774144 _____ C:WINDOWSsystem32FsNVSDeviceSource.dll
2022-04-26 23:01 - 2022-04-26 23:01 - 000557056 _____ (Microsoft Corporation) C:WINDOWSsystem32PhotoScreensaver.scr
2022-04-26 23:01 - 2022-04-26 23:01 - 000485376 _____ (Microsoft Corporation) C:WINDOWSSysWOW64PhotoScreensaver.scr
2022-04-26 23:01 - 2022-04-26 23:01 - 000442368 _____ (Microsoft Corporation) C:WINDOWSsystem32html.iec
2022-04-26 23:01 - 2022-04-26 23:01 - 000353624 _____ C:WINDOWSsystem32vp9fs.dll
2022-04-26 23:01 - 2022-04-26 23:01 - 000341504 _____ (Microsoft Corporation) C:WINDOWSSysWOW64html.iec
2022-04-26 23:01 - 2022-04-26 23:01 - 000323584 _____ (Microsoft Corporation) C:WINDOWSsystem32unimdm.tsp
2022-04-26 23:01 - 2022-04-26 23:01 - 000254976 _____ (Microsoft Corporation) C:WINDOWSSysWOW64unimdm.tsp
2022-04-26 23:01 - 2022-04-26 23:01 - 000253952 _____ (Microsoft Corporation) C:WINDOWSsystem32ssText3d.scr
2022-04-26 23:01 - 2022-04-26 23:01 - 000208896 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:WINDOWSsystem32l3codecp.acm
2022-04-26 23:01 - 2022-04-26 23:01 - 000188416 _____ C:WINDOWSsystem32EsclProtocol.dll
2022-04-26 23:01 - 2022-04-26 23:01 - 000176128 _____ (Microsoft Corporation) C:WINDOWSsystem32Ribbons.scr
2022-04-26 23:01 - 2022-04-26 23:01 - 000176128 _____ (Microsoft Corporation) C:WINDOWSsystem32Mystify.scr
2022-04-26 23:01 - 2022-04-26 23:01 - 000122880 _____ (Microsoft Corporation) C:WINDOWSsystem32remotesp.tsp
2022-04-26 23:01 - 2022-04-26 23:01 - 000088064 _____ (Microsoft Corporation) C:WINDOWSSysWOW64remotesp.tsp
2022-04-26 23:01 - 2022-04-26 23:01 - 000079208 _____ C:WINDOWSsystem32DriversNDKPerf.sys
2022-04-26 23:01 - 2022-04-26 23:01 - 000061440 _____ (Microsoft Corporation) C:WINDOWSsystem32hidphone.tsp
2022-04-26 23:01 - 2022-04-26 23:01 - 000046592 _____ (Microsoft Corporation) C:WINDOWSSysWOW64format.com
2022-04-26 23:01 - 2022-04-26 23:01 - 000032768 _____ (Microsoft Corporation) C:WINDOWSSysWOW64hidphone.tsp
2022-04-26 23:01 - 2022-04-26 23:01 - 000027136 _____ (Microsoft Corporation) C:WINDOWSSysWOW64mode.com
2022-04-26 23:01 - 2022-04-26 23:01 - 000024576 _____ (Microsoft Corporation) C:WINDOWSSysWOW64more.com
2022-04-26 23:01 - 2022-04-26 23:01 - 000019456 _____ C:WINDOWSSysWOW64WsdProviderUtil.dll
2022-04-26 23:01 - 2022-04-26 23:01 - 000017920 _____ (Microsoft Corporation) C:WINDOWSSysWOW64tree.com
2022-04-26 23:00 - 2022-04-26 23:00 - 002125824 _____ C:WINDOWSsystem32dwmscene.dll
2022-04-26 23:00 - 2022-04-26 23:00 - 000460800 _____ C:WINDOWSSysWOW64SettingSyncDownloadHelper.dll
2022-04-26 23:00 - 2022-04-26 23:00 - 000356352 _____ C:WINDOWSsystem32Windows.Internal.UI.Shell.WindowTabManager.dll
2022-04-26 23:00 - 2022-04-26 23:00 - 000335872 _____ C:WINDOWSsystem32Windows.Internal.UI.Dialogs.dll
2022-04-26 23:00 - 2022-04-26 23:00 - 000311296 _____ C:WINDOWSsystem32EsclScan.dll
2022-04-26 23:00 - 2022-04-26 23:00 - 000294912 _____ C:WINDOWSsystem32pnpdiag.dll
2022-04-26 23:00 - 2022-04-26 23:00 - 000208896 _____ C:WINDOWSsystem32BthpanContextHandler.dll
2022-04-26 23:00 - 2022-04-26 23:00 - 000098304 _____ C:WINDOWSsystem32sstpcfg.dll
2022-04-26 23:00 - 2022-04-26 23:00 - 000086016 _____ C:WINDOWSsystem32printticketvalidation.dll
2022-04-26 23:00 - 2022-04-26 23:00 - 000086016 _____ C:WINDOWSsystem32CredProvCommonCore.dll
2022-04-26 23:00 - 2022-04-26 23:00 - 000077824 _____ C:WINDOWSsystem32APMonUI.dll
2022-04-26 23:00 - 2022-04-26 23:00 - 000069632 _____ (Microsoft Corporation) C:WINDOWSsystem32kmddsp.tsp
2022-04-26 23:00 - 2022-04-26 23:00 - 000065536 _____ (Microsoft Corporation) C:WINDOWSsystem32format.com
2022-04-26 23:00 - 2022-04-26 23:00 - 000051712 _____ C:WINDOWSSysWOW64CredProvCommonCore.dll
2022-04-26 23:00 - 2022-04-26 23:00 - 000049152 _____ (Microsoft Corporation) C:WINDOWSsystem32more.com
2022-04-26 23:00 - 2022-04-26 23:00 - 000049152 _____ (Microsoft Corporation) C:WINDOWSsystem32mode.com
2022-04-26 23:00 - 2022-04-26 23:00 - 000042744 _____ C:WINDOWSsystem32wow64base.dll
2022-04-26 23:00 - 2022-04-26 23:00 - 000040960 _____ (Microsoft Corporation) C:WINDOWSsystem32tree.com
2022-04-26 23:00 - 2022-04-26 23:00 - 000039424 _____ (Microsoft Corporation) C:WINDOWSSysWOW64kmddsp.tsp
2022-04-26 23:00 - 2022-04-26 23:00 - 000038784 _____ (Microsoft Corporation) C:WINDOWSSysWOW64msgsm32.acm
2022-04-26 23:00 - 2022-04-26 23:00 - 000034128 _____ (Microsoft Corporation) C:WINDOWSSysWOW64imaadp32.acm
2022-04-26 23:00 - 2022-04-26 23:00 - 000033576 _____ (Microsoft Corporation) C:WINDOWSSysWOW64msadp32.acm
2022-04-26 23:00 - 2022-04-26 23:00 - 000032768 _____ (Microsoft Corporation) C:WINDOWSSysWOW64scrnsave.scr
2022-04-26 23:00 - 2022-04-26 23:00 - 000015016 _____ C:WINDOWSsystem32DrtmAuthTxt.wim
2022-04-26 22:59 - 2022-04-26 22:59 - 000643072 _____ C:WINDOWSsystem32SettingSyncDownloadHelper.dll
2022-04-26 22:59 - 2022-04-26 22:59 - 000335872 _____ C:WINDOWSsystem32Windows.Management.InprocObjects.dll
2022-04-26 22:59 - 2022-04-26 22:59 - 000286720 _____ C:WINDOWSsystem32Microsoft.Bluetooth.Audio.dll
2022-04-26 22:59 - 2022-04-26 22:59 - 000180224 _____ C:WINDOWSsystem32CloudExperienceHostRedirection.dll
2022-04-26 22:59 - 2022-04-26 22:59 - 000067512 _____ (Microsoft Corporation) C:WINDOWSsystem32msgsm32.acm
2022-04-26 22:59 - 2022-04-26 22:59 - 000063384 _____ (Microsoft Corporation) C:WINDOWSsystem32imaadp32.acm
2022-04-26 22:59 - 2022-04-26 22:59 - 000061440 _____ (Microsoft Corporation) C:WINDOWSsystem32scrnsave.scr
2022-04-26 22:59 - 2022-04-26 22:59 - 000059248 _____ (Microsoft Corporation) C:WINDOWSsystem32msadp32.acm
2022-04-26 22:59 - 2022-04-26 22:59 - 000040960 _____ C:WINDOWSsystem32WsdProviderUtil.dll
2022-04-26 22:45 - 2022-04-26 22:45 - 000000000 ___HD C:$WinREAgent
2022-04-26 21:53 - 2022-04-26 21:55 - 000000000 ____D C:UsersPhenomDocuments20220426
2022-04-26 20:04 - 2022-04-26 20:04 - 000000020 ___SH C:UsersUserntuser.ini
2022-04-26 19:58 - 2022-04-28 19:15 - 000000000 ____D C:UsersPhenomAppDataRoamingdiscordcanary
2022-04-26 19:58 - 2022-04-28 18:23 - 000000000 ____D C:UsersPhenomAppDataLocalDiscordCanary
2022-04-26 19:58 - 2022-04-26 19:58 - 083143168 _____ (Discord Inc.) C:UsersPhenomDownloadsDiscordCanarySetup (2).exe
2022-04-26 19:58 - 2022-04-26 19:58 - 000002324 _____ C:UsersPhenomDesktopDiscord Canary.lnk
2022-04-26 19:58 - 2022-04-26 19:58 - 000000000 ____D C:UsersPhenomAppDataRoamingdiscord
2022-04-26 19:55 - 2022-04-27 13:22 - 000223176 _____ (Malwarebytes) C:WINDOWSsystem32DriversMbamChameleon.sys
2022-04-26 19:49 - 2022-04-26 19:49 - 000000000 ____D C:ProgramDataMicrosoft OneDrive
2022-04-26 19:48 - 2022-04-26 19:48 - 000000020 ___SH C:UsersPhenomntuser.ini
2022-04-26 18:31 - 2022-04-28 18:22 - 000000006 ____H C:WINDOWSTasksSA.DAT
2022-04-26 18:31 - 2022-04-28 18:12 - 000003658 _____ C:WINDOWSsystem32TasksCreateExplorerShellUnelevatedTask
2022-04-26 18:31 - 2022-04-27 17:18 - 000004308 _____ C:WINDOWSsystem32TasksNvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-04-26 18:31 - 2022-04-27 17:18 - 000003976 _____ C:WINDOWSsystem32TasksNVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-04-26 18:31 - 2022-04-27 17:18 - 000003940 _____ C:WINDOWSsystem32TasksNvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-04-26 18:31 - 2022-04-27 17:18 - 000003894 _____ C:WINDOWSsystem32TasksNvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-04-26 18:31 - 2022-04-27 17:18 - 000003858 _____ C:WINDOWSsystem32TasksNvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-04-26 18:31 - 2022-04-27 17:18 - 000003858 _____ C:WINDOWSsystem32TasksNvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-04-26 18:31 - 2022-04-27 17:18 - 000003858 _____ C:WINDOWSsystem32TasksNvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-04-26 18:31 - 2022-04-27 17:18 - 000003858 _____ C:WINDOWSsystem32TasksNvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-04-26 18:31 - 2022-04-27 17:18 - 000003654 _____ C:WINDOWSsystem32TasksNvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-04-26 18:31 - 2022-04-26 19:50 - 000003846 _____ C:WINDOWSsystem32TasksBitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2022-04-26 18:31 - 2022-04-26 18:31 - 000003634 _____ C:WINDOWSsystem32TasksOpera scheduled Autoupdate 1642631694
2022-04-26 18:31 - 2022-04-26 18:31 - 000003580 _____ C:WINDOWSsystem32TasksBraveSoftwareUpdateTaskMachineUA
2022-04-26 18:31 - 2022-04-26 18:31 - 000003408 _____ C:WINDOWSsystem32TasksMicrosoftEdgeUpdateTaskMachineUA
2022-04-26 18:31 - 2022-04-26 18:31 - 000003356 _____ C:WINDOWSsystem32TasksBraveSoftwareUpdateTaskMachineCore
2022-04-26 18:31 - 2022-04-26 18:31 - 000003348 _____ C:WINDOWSsystem32TasksGoogleUpdateTaskMachineUA
2022-04-26 18:31 - 2022-04-26 18:31 - 000003214 _____ C:WINDOWSsystem32TasksMicrosoftEdgeUpdateTaskMachineCore1d83e245fa71e18
2022-04-26 18:31 - 2022-04-26 18:31 - 000003194 _____ C:WINDOWSsystem32TasksCCleaner Update
2022-04-26 18:31 - 2022-04-26 18:31 - 000003184 _____ C:WINDOWSsystem32TasksMicrosoftEdgeUpdateTaskMachineCore
2022-04-26 18:31 - 2022-04-26 18:31 - 000003124 _____ C:WINDOWSsystem32TasksGoogleUpdateTaskMachineCore
2022-04-26 18:31 - 2022-04-26 18:31 - 000003066 _____ C:WINDOWSsystem32TasksOneDrive Reporting Task-S-1-5-21-1599435516-3482468045-2126034812-1002
2022-04-26 18:31 - 2022-04-26 18:31 - 000002862 _____ C:WINDOWSsystem32TasksOneDrive Standalone Update Task-S-1-5-21-1599435516-3482468045-2126034812-1002
2022-04-26 18:31 - 2022-04-26 18:31 - 000002862 _____ C:WINDOWSsystem32TasksOneDrive Standalone Update Task-S-1-5-21-1599435516-3482468045-2126034812-1001
2022-04-26 18:31 - 2022-04-26 18:31 - 000002748 _____ C:WINDOWSsystem32TasksSystemOptimizer
2022-04-26 18:31 - 2022-04-26 18:31 - 000002588 _____ C:WINDOWSsystem32TasksLauncher GIGABYTE AORUS GRAPHICS ENGINE
2022-04-26 18:31 - 2022-04-26 18:31 - 000002534 _____ C:WINDOWSsystem32TasksSamsungMagician
2022-04-26 18:31 - 2022-04-26 18:31 - 000002404 _____ C:WINDOWSsystem32TasksBitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C
2022-04-26 18:31 - 2022-04-26 18:31 - 000002256 _____ C:WINDOWSsystem32TasksCCleanerSkipUAC - Phenom
2022-04-26 18:31 - 2022-04-26 18:31 - 000000000 ____D C:WINDOWSsystem32TasksMozilla
2022-04-26 18:31 - 2022-04-26 18:31 - 000000000 ____D C:WINDOWSsystem32TasksF-Secure
2022-04-26 18:31 - 2022-04-26 18:31 - 000000000 ____D C:WINDOWSsystem32TasksAgent Activation Runtime
2022-04-26 18:30 - 2022-04-28 18:29 - 000806946 _____ C:WINDOWSsystem32PerfStringBackup.INI
2022-04-26 18:29 - 2022-04-26 18:31 - 000017148 _____ C:WINDOWSdiagwrn.xml
2022-04-26 18:29 - 2022-04-26 18:31 - 000017148 _____ C:WINDOWSdiagerr.xml
2022-04-26 18:27 - 2022-04-28 01:13 - 000000000 ____D C:WINDOWSsystem32SleepStudy
2022-04-26 18:27 - 2022-04-26 18:27 - 000472896 _____ C:WINDOWSsystem32FNTCACHE.DAT
2022-04-26 18:27 - 2022-04-26 18:27 - 000001162 _____ C:WINDOWSsystem32configVSMIDK
2022-04-26 18:25 - 2022-04-20 23:42 - 001188744 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:WINDOWSsystem32Driversgemma.sys
2022-04-26 18:25 - 2022-04-20 23:42 - 000623008 _____ (Bitdefender) C:WINDOWSsystem32Driverstrufos.sys
2022-04-26 18:25 - 2022-04-20 23:42 - 000485792 _____ (Bitdefender) C:WINDOWSsystem32Driversvlflt.sys
2022-04-26 18:25 - 2022-04-20 23:42 - 000033208 _____ (© Bitdefender SRL) C:WINDOWSsystem32Driversbdprivmon.sys
2022-04-26 18:25 - 2022-04-20 16:13 - 000022976 _____ (Bitdefender) C:WINDOWSsystem32Driversbdelam.sys
2022-04-26 18:07 - 2022-04-26 18:27 - 000000000 ____D C:WINDOWSsystem32configbbimigrate
2022-04-26 18:04 - 2022-04-26 19:48 - 000000000 ____D C:UsersPhenom
2022-04-26 18:04 - 2021-06-05 15:04 - 000001281 _____ C:UsersUserAppDataRoamingMicrosoftWindowsStart MenuProgramsAdministrative Tools.lnk
2022-04-26 18:04 - 2021-06-05 15:04 - 000001281 _____ C:UsersPhenomAppDataRoamingMicrosoftWindowsStart MenuProgramsAdministrative Tools.lnk
2022-04-26 18:04 - 2021-06-05 15:04 - 000000407 _____ C:UsersUserAppDataRoamingMicrosoftWindowsStart MenuProgramsFile Explorer.lnk
2022-04-26 18:04 - 2021-06-05 15:04 - 000000407 _____ C:UsersPhenomAppDataRoamingMicrosoftWindowsStart MenuProgramsFile Explorer.lnk
2022-04-26 18:02 - 2022-04-26 18:07 - 000000000 ____D C:WINDOWSServiceProfiles
2022-04-26 17:59 - 2022-04-26 17:59 - 000000000 ___SD C:WINDOWSsystem32containers
2022-04-26 17:59 - 2022-04-26 17:59 - 000000000 ____D C:WINDOWSsystem32HvsiSettingsProviders
2022-04-26 17:59 - 2022-04-26 17:59 - 000000000 ____D C:Program FilesReference Assemblies
2022-04-26 17:59 - 2022-04-26 17:59 - 000000000 ____D C:Program FilesMSBuild
2022-04-26 17:59 - 2022-04-26 17:59 - 000000000 ____D C:Program Files (x86)Reference Assemblies
2022-04-26 17:59 - 2022-04-26 17:59 - 000000000 ____D C:Program Files (x86)MSBuild
2022-04-26 17:51 - 2022-04-26 17:51 - 000008192 _____ C:WINDOWSsystem32configuserdiff
2022-04-26 17:48 - 2022-04-26 19:55 - 000000000 ___DC C:WINDOWSPanther
2022-04-26 17:24 - 2022-04-26 17:24 - 000000000 ____D C:UsersPhenomAppDataLocalruffle
2022-04-26 17:23 - 2022-04-26 17:24 - 000000000 ____D C:Program FilesRuffle
2022-04-26 17:23 - 2022-04-26 17:23 - 004449380 _____ C:UsersPhenomDownloadsruffle-nightly-2022_04_26-windows-x86_64.zip
2022-04-26 17:22 - 2022-04-26 17:22 - 008692568 _____ C:UsersPhenomDownloadspapashotdoggeria.swf
2022-04-26 15:50 - 2022-04-26 15:51 - 076729013 _____ C:UsersPhenomDownloadsW11ISOPatcher-x64-2.0.1.0.zip
2022-04-26 15:35 - 2022-04-26 15:35 - 082973864 _____ (Discord Inc.) C:UsersPhenomDownloadsdiscord-1-0-9003.exe
2022-04-26 15:34 - 2022-04-26 15:34 - 082992808 _____ (Discord Inc.) C:UsersPhenomDownloadsDiscordSetup.exe
2022-04-26 14:41 - 2022-04-26 14:41 - 018694678 _____ C:UsersPhenomDownloadsDriver Booster 9.3.0.209.rar
2022-04-26 14:38 - 2022-04-26 18:27 - 000000000 ____D C:WINDOWSsystem32appmgmt
2022-04-26 14:28 - 2022-04-26 15:28 - 083143168 _____ (Discord Inc.) C:UsersPhenomDownloadsDiscordCanarySetup (1).exe
2022-04-26 13:22 - 2022-04-26 13:25 - 000000000 ____D C:ferestre11
2022-04-26 03:35 - 2022-04-26 03:35 - 007235215 _____ C:UsersPhenomDownloadsTotal Commander 10.50.rar
2022-04-26 03:00 - 2022-04-26 03:00 - 006169992 _____ (Ghisler Software GmbH) C:UsersPhenomDownloadstc1050x64_b2.exe
2022-04-26 03:00 - 2022-04-26 03:00 - 006169992 _____ (Ghisler Software GmbH) C:UsersPhenomDownloadstc1050x64_b2 (1).exe
2022-04-26 03:00 - 2022-04-26 03:00 - 005295504 _____ (Ghisler Software GmbH) C:UsersPhenomDownloadstc1050x32_b2.exe
2022-04-26 02:43 - 2022-04-26 02:48 - 1427560448 _____ C:UsersPhenomDownloadsen-us_windows_11_consumer_editions_updated_april_2022_x64_dvd_cda87c56.iso
2022-04-26 02:09 - 2022-04-26 18:27 - 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsAvira
2022-04-26 02:09 - 2022-04-26 02:09 - 000000000 ____D C:ProgramDataAvira
2022-04-26 02:09 - 2022-04-26 02:09 - 000000000 ____D C:Program Files (x86)Avira
2022-04-26 02:09 - 2022-03-30 15:16 - 000050248 _____ (The OpenVPN Project) C:WINDOWSsystem32Driversphantomtap.sys
2022-04-26 02:01 - 2022-04-26 02:01 - 000000000 ____D C:UsersPhenomAppDataRoamingMask Surf Pro
2022-04-26 02:01 - 2022-04-26 02:01 - 000000000 ____D C:UsersPhenomAppDataLocalMask_Surf_Pro
2022-04-26 02:00 - 2022-04-26 03:32 - 000000000 ____D C:UsersPhenomAppDataRoamingTor
2022-04-26 02:00 - 2022-04-26 02:06 - 000000000 ____D C:Program Files (x86)Mask Surf Pro
2022-04-26 02:00 - 2022-04-26 02:00 - 000000000 ____D C:UsersPhenomAppDataLocalItpNetLibrary
2022-04-26 02:00 - 2022-04-26 02:00 - 000000000 ____D C:ProgramDataItpNetLibrary
2022-04-26 01:57 - 2022-04-26 01:57 - 004037475 _____ C:UsersPhenomDownloadsMask.Surf.PRO.v4.1.zip
2022-04-26 01:46 - 2022-04-26 01:46 - 000043751 _____ C:UsersPhenomDownloadsFdm.rar
2022-04-26 01:42 - 2022-04-26 01:42 - 079083672 _____ (F-Secure Corporation) C:UsersPhenomDownloadsFreedome.exe
2022-04-26 00:46 - 2022-04-26 18:27 - 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsF-Secure
2022-04-26 00:46 - 2022-04-26 00:46 - 000051736 _____ (F-Secure Corporation) C:WINDOWSsystem32Driversfsbts.sys
2022-04-26 00:46 - 2022-04-26 00:46 - 000015816 _____ (F-Secure Corporation) C:WINDOWSsystem32Driversfselms.sys
2022-04-26 00:46 - 2022-04-26 00:46 - 000002051 _____ C:UsersPublicDesktopF-Secure SAFE.lnk
2022-04-26 00:27 - 2022-04-26 00:27 - 000000000 ____D C:UsersPhenomAppDataRoamingGlarysoft
2022-04-26 00:27 - 2022-04-26 00:27 - 000000000 ____D C:ProgramDataGlarysoft
2022-04-26 00:26 - 2022-04-26 00:26 - 086124135 _____ (hxxp://forum.portableappc.com/index.php) C:UsersPhenomDownloadsMalwareHunterPortable_1.146.0.763_Multilingual.paf.exe
2022-04-25 23:55 - 2022-04-25 23:55 - 002366976 _____ (Farbar) C:UsersPhenomDownloadsFRRST-64 (2).exe
2022-04-25 23:33 - 2022-04-25 23:33 - 000000000 ____D C:UsersPhenomAppDataLocalmbam
2022-04-25 23:32 - 2022-04-25 23:32 - 000103888 _____ (Malwarebytes) C:WINDOWSsystem32Driversmbae64.sys
2022-04-25 23:32 - 2022-04-18 22:12 - 000021480 _____ (Malwarebytes) C:WINDOWSsystem32DriversMbamElam.sys
2022-04-25 23:31 - 2022-04-25 23:31 - 002443448 _____ (Malwarebytes) C:UsersPhenomDownloadsMBSetup (1).exe
2022-04-25 23:26 - 2022-04-25 23:26 - 003326275 _____ C:UsersPhenomDownloadsHitmanPro.Alert.v3.8.20.939.7z
2022-04-25 19:55 - 2022-04-25 19:55 - 003487216 _____ (Sophos Limited) C:UsersPhenomDownloadsSophosInstall.exe
2022-04-25 19:54 - 2022-04-25 19:54 - 000001191 _____ C:UsersPhenomDesktopkprm-20220425195414.txt
2022-04-24 19:10 - 2022-04-24 19:10 - 008416463 _____ C:UsersPhenomDownloadsStreamlabs-3.2.0-130.apk
2022-04-23 23:14 - 2022-04-23 23:14 - 000236744 _____ C:UsersPhenomDownloadsMicrosoft_Application_Preview_License_Terms[1].pdf
2022-04-23 22:41 - 2022-04-23 22:41 - 000000000 ____D C:AdwCleaner
2022-04-23 21:34 - 2022-04-23 21:34 - 010313909 _____ C:UsersPhenomDownloadsInstaller_10.1.5.apk
2022-04-23 20:24 - 2022-04-23 20:24 - 002873487 _____ C:UsersPhenomDownloadsMicrosoft.HEVCVideoExtension_1.0.50361.0_x64__8wekyb3d8bbwe.Appx
2022-04-23 20:24 - 2022-04-23 20:24 - 001510578 _____ C:UsersPhenomDownloadsMicrosoft.HEVCVideoExtension_1.0.50361.0_x86__8wekyb3d8bbwe.Appx
2022-04-23 01:49 - 2022-04-23 01:49 - 088168595 _____ C:UsersPhenomDownloadscom.snapchat.android_11.75.0.33-84591_minAPI19(armeabi-v7a)(nodpi)_apkmirror.com.apk
2022-04-23 01:43 - 2022-04-23 01:43 - 002722983 _____ C:UsersPhenomDownloadsApp List_v1.1.3_apkpure.com.apk
2022-04-21 23:50 - 2022-04-21 23:59 - 006189548 _____ C:UsersPhenomDownloadsPID.Key.Checker.zip
2022-04-21 23:47 - 2022-04-26 18:27 - 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsSamsung Magician
2022-04-21 22:04 - 2022-04-28 17:41 - 000000000 ____D C:ProgramDataHitmanPro
2022-04-21 22:04 - 2022-04-26 00:45 - 000000000 ____D C:ProgramDataHitmanPro.Alert
2022-04-21 16:20 - 2022-04-21 16:20 - 001719496 _____ (F-Secure Corporation) C:UsersPhenomDownloadsF-Secure-Safe-Network-Installer_16mqv5j18liz4f_.exe
2022-04-21 16:07 - 2022-04-21 16:07 - 002419925 _____ C:UsersPhenomDownloadsMSAct++_v2.0.7.5.bat.7z
2022-04-21 13:42 - 2022-04-21 16:21 - 004670695 _____ C:WINDOWSZAM.krnl.trace
2022-04-20 23:48 - 2022-04-20 23:48 - 000000000 ____D C:UsersPhenomAppDataLocalunInstall
2022-04-20 23:44 - 2022-04-20 23:42 - 000055864 _____ (Bitdefender) C:WINDOWSsystem32Driversbduefiscan.sys
2022-04-20 23:41 - 2022-04-28 16:34 - 000001383 _____ C:UsersPhenomAppDataRoamingMicrosoftWindowsStart MenuProgramsESET Online Scanner.lnk
2022-04-20 23:41 - 2022-04-20 23:41 - 000000000 ____D C:UsersPhenomAppDataLocalESET
2022-04-20 22:29 - 2022-04-26 18:27 - 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsRogueKiller
2022-04-20 22:29 - 2022-04-25 23:09 - 000000899 _____ C:UsersPublicDesktopRogueKiller.lnk
2022-04-20 22:29 - 2022-04-25 23:09 - 000000000 ____D C:Program FilesRogueKiller
2022-04-20 22:29 - 2022-04-20 23:26 - 000000000 ____D C:ProgramDataRogueKiller
2022-04-20 21:08 - 2022-04-20 21:08 - 000000000 ____D C:ProgramData48C4687D-9760-4F5B-BAB3-60351B0841E4
2022-04-20 19:45 - 2022-04-20 19:46 - 000000000 ____D C:UsersPhenomAppDataRoaming.minecraft
2022-04-20 19:39 - 2022-04-28 16:39 - 000000000 ____D C:Nero
2022-04-20 19:33 - 2022-04-20 19:34 - 000000000 ____D C:UsersPhenomAppDataRoamingdvdcss
2022-04-20 16:04 - 2022-04-26 18:27 - 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsBitdefender VPN
2022-04-20 16:04 - 2022-04-20 16:04 - 000223820 _____ C:ProgramDatavpn.1650459839.bdinstall.v2.bin
2022-04-20 16:04 - 2022-04-20 16:04 - 000000000 ____D C:ProgramDataBitdefender VPN
2022-04-20 16:04 - 2022-04-20 16:04 - 000000000 ____D C:ProgramDataAnchorFree_Inc
2022-04-20 16:04 - 2020-02-20 14:02 - 000047920 _____ (The OpenVPN Project) C:WINDOWSsystem32Driverstap0901.sys
2022-04-20 15:59 - 2022-04-20 15:59 - 000769892 _____ C:ProgramDatacl.1650458995.bdinstall.v2.bin
2022-04-20 15:59 - 2022-04-20 15:59 - 000102104 _____ C:ProgramDatacl.kit.1650458992.bdinstall.v2.bin
2022-04-20 15:58 - 2022-04-26 18:27 - 000000000 ____D C:WINDOWSsystem32elambkup
2022-04-20 15:58 - 2022-04-26 18:27 - 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsBitdefender Security
2022-04-20 15:58 - 2022-04-20 16:04 - 000002195 _____ C:UsersPublicDesktopBitdefender VPN.lnk
2022-04-20 15:58 - 2022-04-20 15:58 - 000002342 _____ C:UsersPublicDesktopBitdefender.lnk
2022-04-20 15:58 - 2022-04-20 15:58 - 000000000 ____D C:ProgramDataGemma
2022-04-20 15:58 - 2022-04-20 15:58 - 000000000 ____D C:ProgramDataBDLogging
2022-04-20 15:58 - 2022-04-20 15:58 - 000000000 ____D C:ProgramDataAtc
2022-04-20 15:57 - 2022-04-20 23:42 - 003947928 _____ (Bitdefender S.R.L. Bucharest, ROMANIA) C:WINDOWSsystem32Driversatc.sys
2022-04-20 15:57 - 2022-04-20 23:42 - 000800672 _____ (Bitdefender) C:WINDOWSsystem32Driversbddci.sys
2022-04-20 15:57 - 2022-04-20 16:14 - 000000000 ____D C:ProgramDataBitdefender
2022-04-20 15:57 - 2022-04-20 16:04 - 000000000 ____D C:Program FilesBitdefender
2022-04-20 15:57 - 2022-04-20 15:57 - 000150272 _____ C:ProgramDataagent.1650459433.bdinstall.v2.bin
2022-04-20 15:57 - 2022-04-20 15:57 - 000000000 ____D C:UsersPhenomAppDataRoamingBitdefender
2022-04-20 15:57 - 2022-04-20 15:57 - 000000000 ____D C:UsersPhenomAppDataLocalBitdefender
2022-04-20 15:57 - 2022-04-20 15:57 - 000000000 ____D C:ProgramDataBitdefender Agent
2022-04-20 15:57 - 2022-04-20 15:57 - 000000000 ____D C:Program FilesBitdefender Agent
2022-04-20 15:57 - 2020-10-07 11:30 - 000185312 _____ (Bitdefender) C:WINDOWSsystem32Driversignis.sys
2022-04-20 15:56 - 2022-04-20 15:56 - 000232794 _____ C:UsersPublicDesktopmbst-clean-results.txt
2022-04-20 15:53 - 2022-04-20 15:53 - 013471344 _____ C:UsersPhenomDownloadsmb-support-1.8.7.918.exe
2022-04-20 15:49 - 2022-04-20 15:57 - 000000000 ____D C:Program FilesCommon FilesBitdefender
2022-04-20 15:33 - 2022-04-20 15:33 - 000000000 ____D C:UsersPhenomAppDataRoamingWireshark
2022-04-20 15:32 - 2022-04-23 21:13 - 000000000 ____D C:Program FilesNpcap
2022-04-20 15:24 - 2022-04-20 15:24 - 000000000 ____H C:UsersPhenomDocumentsDefault.rdp
2022-04-19 00:48 - 2022-04-19 00:48 - 000295007 _____ C:UsersPhenomDownloadsFReset.rar
2022-04-18 22:12 - 2022-04-27 13:22 - 000239560 _____ (Malwarebytes) C:WINDOWSsystem32Driversmbamswissarmy.sys
2022-04-18 21:12 - 2022-04-11 18:33 - 006189504 _____ (Realtek Semiconductor Corp.) C:WINDOWSsystem32DriversRTKVHD64.sys
2022-04-18 21:12 - 2022-04-11 18:17 - 050822203 _____ C:WINDOWSsystem32DriversRTAIODAT.DAT
2022-04-18 14:42 - 2022-04-18 14:43 - 000000000 ____D C:UsersPhenomAppDataLocalLowAdobe
2022-04-18 14:42 - 2022-04-18 14:42 - 000000000 ____D C:UsersPhenomAppDataLocalLowNVIDIA
2022-04-18 14:42 - 2022-04-18 14:42 - 000000000 ____D C:UsersPhenomAppDataLocalAdobe
2022-04-18 14:41 - 2022-04-26 14:38 - 000000000 ____D C:ProgramDataAdobe
2022-04-18 14:41 - 2022-04-26 14:38 - 000000000 ____D C:Program FilesCommon FilesAdobe
2022-04-18 14:41 - 2022-04-18 14:42 - 000000000 ___HD C:UsersPublicDocumentsAdobeGCData
2022-04-18 14:41 - 2022-04-18 14:41 - 000000000 ____D C:Program FilesAdobe
2022-04-16 18:39 - 2022-04-22 16:56 - 000000149 _____ C:UsersPubliclog.dat
2022-04-15 16:42 - 2022-04-21 16:21 - 000000000 ____D C:UsersPhenomAppDataLocalAMSDK
2022-04-15 16:42 - 2022-04-15 16:42 - 000000000 ____D C:UsersPhenomAppDataLocalZemana
2022-04-15 16:19 - 2022-04-26 18:07 - 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsGIGABYTE
2022-04-15 16:19 - 2022-04-15 16:19 - 000001243 _____ C:UsersPublicDesktopAORUS ENGINE.lnk
2022-04-15 16:19 - 2022-04-15 16:19 - 000000000 ____D C:Program Files (x86)GIGABYTE
2022-04-15 16:18 - 2022-04-15 16:18 - 163507192 _____ (GIGABYTE Technology Co.,Inc. ) C:UsersPhenomDownloadsvga_utility_aorus_setup_V2.1.5 (1).exe
2022-04-15 16:01 - 2022-04-15 16:01 - 003584960 _____ (AVG Technologies CZ) C:UsersPhenomDownloadsavg_remover_floxif.exe
2022-04-15 14:30 - 2022-04-26 18:27 - 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuPrograms7-Zip
2022-04-15 14:30 - 2022-04-15 14:30 - 001533613 _____ (Igor Pavlov) C:UsersPhenomDownloads7z2107-x64 (1).exe
2022-04-15 14:19 - 2022-04-15 14:19 - 000000000 ____D C:Program Files (x86)Samsung
2022-04-15 14:18 - 2022-04-15 14:19 - 146342615 _____ C:UsersPhenomDownloadsSamsung_Magician_Installer_Official_7.0.1.630.zip
2022-04-15 14:18 - 2022-04-15 14:18 - 000001052 _____ C:UsersPublicDesktopOBS Studio.lnk
2022-04-15 14:18 - 2022-04-15 14:18 - 000000000 ____D C:ProgramDataobs-studio-hook
2022-04-15 14:17 - 2022-04-15 14:18 - 117961440 _____ (OBS Project) C:UsersPhenomDownloadsOBS-Studio-27.2.4-Full-Installer-x64 (1).exe
2022-04-15 13:47 - 2022-04-15 13:47 - 083024040 _____ (Discord Inc.) C:UsersPhenomDownloadsDiscordCanarySetup.exe
2022-04-15 13:39 - 2022-04-25 23:32 - 000002033 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsMalwarebytes.lnk
2022-04-15 13:39 - 2022-04-25 23:31 - 000000000 ____D C:ProgramDataMalwarebytes
2022-04-15 13:39 - 2022-04-25 23:31 - 000000000 ____D C:Program FilesMalwarebytes
2022-04-15 13:24 - 2022-04-15 13:24 - 163507192 _____ (GIGABYTE Technology Co.,Inc. ) C:UsersPhenomDownloadsvga_utility_aorus_setup_V2.1.5.exe
2022-04-15 04:34 - 2022-04-23 21:08 - 000000000 ____D C:UsersPhenomAppDataRoamingSpotify
2022-04-15 04:34 - 2022-04-15 04:36 - 000000000 ____D C:UsersPhenomAppDataLocalSpotify
2022-04-14 16:51 - 2022-04-14 16:51 - 001003355 _____ C:UsersPhenomDesktopComputed Diff - Diff Checker.html
2022-04-14 16:51 - 2022-04-14 16:51 - 000000000 ____D C:UsersPhenomDesktopComputed Diff - Diff Checker_files
2022-04-14 13:42 - 2022-04-18 15:12 - 000000000 ____D C:UsersPhenomAppDataRoamingAdobe
2022-04-14 01:12 - 2022-04-14 01:12 - 000000000 ____D C:UsersPhenomAppDataLocalSome organization
2022-04-14 01:12 - 2022-04-14 01:12 - 000000000 ____D C:UsersPhenomAppDataLocalloadAman
2022-04-14 01:12 - 2022-04-14 01:12 - 000000000 ____D C:UsersPhenomAppDataLocalInstall
2022-04-13 22:40 - 2022-04-13 22:40 - 005526486 _____ C:WINDOWSrundll62
2022-04-13 22:40 - 2022-04-13 22:40 - 000000000 ____D C:UsersPhenomAppDataLocalluminati
2022-04-13 22:38 - 2022-04-13 22:52 - 000000000 ____D C:UsersPhenomAppDataRoamingDVDVideoSoft
2022-04-13 15:15 - 2022-04-13 15:16 - 000000000 ____D C:UsersPhenomAppDataLocalBrave-Smoker
2022-04-13 15:12 - 2022-04-13 15:12 - 004068068 _____ C:UsersPhenomDownloadssqlite-netFx46-static-binary-bundle-x64-2015-1.0.115.5.zip
2022-04-13 14:46 - 2022-04-13 14:47 - 075575768 _____ (BraveSoftware Inc.) C:UsersPhenomDownloadsBraveBrowserStandaloneSilentSetup.exe
2022-04-13 02:09 - 2022-04-13 02:09 - 002261809 _____ C:UsersPhenomDownloadsLSPosed-v1.8.1-6506-zygisk-release.zip
2022-04-12 23:13 - 2022-04-12 23:13 - 000000000 ____D C:WINDOWSsystem32HealthAttestationClient
2022-04-12 23:03 - 2022-04-26 17:59 - 000251216 _____ C:WINDOWSsystem32cmdiag.exe
2022-04-12 23:03 - 2022-04-26 17:59 - 000073728 _____ C:WINDOWSsystem32cmimageworker.exe
2022-04-12 23:03 - 2022-04-26 17:59 - 000032768 _____ C:WINDOWSsystem32hnsproxy.dll
2022-04-12 23:03 - 2022-04-12 23:03 - 002080992 _____ (The ICU Project) C:WINDOWSSysWOW64icu.dll
2022-04-12 23:03 - 2022-04-12 23:03 - 000617648 _____ C:WINDOWSSysWOW64TextShaping.dll
2022-04-12 23:03 - 2022-04-12 23:03 - 000523776 _____ (curl, hxxps://curl.se/) C:WINDOWSsystem32curl.exe
2022-04-12 23:03 - 2022-04-12 23:03 - 000464384 _____ (curl, hxxps://curl.se/) C:WINDOWSSysWOW64curl.exe
2022-04-12 23:03 - 2022-04-12 23:03 - 000425984 _____ C:WINDOWSSysWOW64TextInputMethodFormatter.dll
2022-04-12 23:03 - 2022-04-12 23:03 - 000267264 _____ C:WINDOWSSysWOW64Windows.Internal.UI.Dialogs.dll
2022-04-12 23:03 - 2022-04-12 23:03 - 000247808 _____ C:WINDOWSSysWOW64pku2u.dll
2022-04-12 23:03 - 2022-04-12 23:03 - 000221184 _____ C:WINDOWSSysWOW64Microsoft.Internal.FrameworkUdk.System.dll
2022-04-12 23:03 - 2022-04-12 23:03 - 000121344 _____ C:WINDOWSSysWOW64TpmTool.exe
2022-04-12 23:03 - 2022-04-12 23:03 - 000041594 _____ C:WINDOWSSysWOW64ctac.json
2022-04-12 23:03 - 2022-04-12 23:03 - 000013824 _____ C:WINDOWSSysWOW64prxyqry.dll
2022-04-12 23:03 - 2022-04-12 23:03 - 000009522 _____ C:WINDOWSsystem32ResPriUHMImageList
2022-04-12 23:03 - 2022-04-12 23:03 - 000009522 _____ C:WINDOWSsystem32ResPriImageList
2022-04-12 23:03 - 2022-04-12 23:03 - 000009522 _____ C:WINDOWSsystem32ResPriHMImageList
2022-04-12 23:03 - 2022-04-12 23:03 - 000009402 _____ C:WINDOWSsystem32ResPriHMImageListLowCost
2022-04-12 23:03 - 2022-04-12 23:03 - 000008964 _____ C:WINDOWSsystem32ResPriLMImageList
2022-04-12 23:03 - 2022-04-12 23:03 - 000008870 _____ C:WINDOWSsystem32ResPriImageListLowCost
2022-04-12 23:03 - 2022-04-12 23:03 - 000006656 _____ C:WINDOWSSysWOW64nrtapi.dll
2022-04-12 23:03 - 2022-04-12 23:03 - 000003366 _____ C:WINDOWSSysWOW64AppxProvisioning.xml
2022-04-12 23:02 - 2022-04-12 23:02 - 002550832 _____ (The ICU Project) C:WINDOWSsystem32icu.dll
2022-04-12 23:02 - 2022-04-12 23:02 - 000727576 _____ C:WINDOWSsystem32TextShaping.dll
2022-04-12 23:02 - 2022-04-12 23:02 - 000614400 _____ C:WINDOWSsystem32TextInputMethodFormatter.dll
2022-04-12 23:02 - 2022-04-12 23:02 - 000372736 _____ C:WINDOWSsystem32hwreqchk.dll
2022-04-12 23:02 - 2022-04-12 23:02 - 000339968 _____ C:WINDOWSsystem32pku2u.dll
2022-04-12 23:02 - 2022-04-12 23:02 - 000311296 _____ C:WINDOWSsystem32Microsoft.Internal.FrameworkUdk.System.dll
2022-04-12 23:02 - 2022-04-12 23:02 - 000286720 _____ C:WINDOWSsystem32AggregatorHost.exe
2022-04-12 23:02 - 2022-04-12 23:02 - 000210432 _____ C:WINDOWSsystem32CloudIdWxhExtension.dll
2022-04-12 23:02 - 2022-04-12 23:02 - 000172032 _____ C:WINDOWSsystem32DataStoreCacheDumpTool.exe
2022-04-12 23:02 - 2022-04-12 23:02 - 000099560 _____ C:WINDOWSsystem32wow64con.dll
2022-04-12 23:02 - 2022-04-12 23:02 - 000077824 _____ C:WINDOWSsystem32runexehelper.exe
2022-04-12 23:02 - 2022-04-12 23:02 - 000069632 _____ (Adobe Systems) C:WINDOWSsystem32atmlib.dll
2022-04-12 23:02 - 2022-04-12 23:02 - 000040960 _____ C:WINDOWSsystem32prxyqry.dll
2022-04-12 23:02 - 2022-04-12 23:02 - 000036864 _____ C:WINDOWSsystem32umpodev.dll
2022-04-12 23:02 - 2022-04-12 23:02 - 000024576 _____ C:WINDOWSsystem32nrtapi.dll
2022-04-12 23:02 - 2022-04-12 23:02 - 000003366 _____ C:WINDOWSsystem32AppxProvisioning.xml
2022-04-12 23:01 - 2022-04-12 23:01 - 000258048 _____ C:WINDOWSsystem32CoreMas.dll
2022-04-12 23:01 - 2022-04-12 23:01 - 000208896 _____ C:WINDOWSsystem32IHDS.dll
2022-04-12 23:01 - 2022-04-12 23:01 - 000167936 _____ C:WINDOWSsystem32TpmTool.exe
2022-04-12 23:01 - 2022-04-12 23:01 - 000041594 _____ C:WINDOWSsystem32ctac.json
2022-04-12 23:01 - 2022-04-12 23:01 - 000032768 _____ C:WINDOWSsystem32agentactivationruntimestarter.exe
2022-04-12 22:28 - 2022-04-12 22:28 - 033180147 _____ C:UsersPhenomDownloadsCCleaner 5.92.rar
2022-04-12 03:27 - 2022-04-26 18:27 - 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsDriver Easy
2022-04-12 03:27 - 2022-04-12 03:27 - 005241536 _____ (Easeware ) C:UsersPhenomDownloadsDriverEasy_Setup (4).exe
2022-04-12 03:27 - 2022-04-12 03:27 - 000001012 _____ C:UsersPublicDesktopDriver Easy.lnk
2022-04-12 03:27 - 2022-04-12 03:27 - 000000000 ____D C:UsersPhenomAppDataRoamingEaseware
2022-04-12 03:27 - 2022-04-12 03:27 - 000000000 ____D C:Program FilesEaseware
2022-04-12 03:25 - 2022-04-28 18:23 - 000000000 ____D C:Program FilesCCleaner
2022-04-12 03:25 - 2022-04-26 18:27 - 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsCCleaner
2022-04-12 03:25 - 2022-04-12 03:25 - 048787808 _____ (Piriform Software Ltd) C:UsersPhenomDownloadsccsetup592.exe
2022-04-12 03:25 - 2022-04-12 03:25 - 000000863 _____ C:UsersPublicDesktopCCleaner.lnk
2022-04-12 02:05 - 2022-04-12 02:05 - 000011338 _____ C:UsersPhenomDownloadsbindings (7).json
2022-04-12 02:00 - 2022-04-12 02:00 - 005742936 _____ C:UsersPhenomDownloadsapp-debug (8).apk
2022-04-11 23:02 - 2022-04-11 23:02 - 589302264 _____ C:UsersPhenomDownloadsBraveSoftware.rar
2022-04-11 22:42 - 2022-04-11 22:42 - 000020650 _____ C:UsersPhenomDownloadsbrave_password.csv
2022-04-11 22:42 - 2022-04-11 22:42 - 000007782 _____ C:UsersPhenomDownloadsbrave_password.rar
2022-04-11 19:00 - 2022-04-11 19:00 - 001033769 _____ C:UsersPhenomDownloadsCSVpad 1.2 64bit.zip
2022-04-11 18:58 - 2022-04-11 18:58 - 000690305 _____ C:UsersPhenomDownloadsModern CSV 1.3.35.zip
2022-04-11 18:54 - 2022-04-11 21:32 - 000000000 ____D C:UsersPhenomAppDataRoamingModern CSV
2022-04-11 18:54 - 2022-04-11 18:54 - 022953984 _____ C:UsersPhenomDownloadsModernCSV-Win-v1.3.35.msi
2022-04-11 18:54 - 2022-04-11 18:54 - 000002913 _____ C:UsersPhenomAppDataRoamingMicrosoftWindowsStart MenuModern CSV.lnk
2022-04-11 18:54 - 2022-04-11 18:54 - 000000000 ____D C:Program FilesModern CSV
2022-04-11 15:38 - 2022-04-11 15:38 - 000000000 ____D C:UsersPhenomTracing
2022-04-11 15:20 - 2022-04-26 18:27 - 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsMicrosoft Office Tools
2022-04-11 15:20 - 2022-04-11 15:20 - 000002451 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsWord.lnk
2022-04-11 15:20 - 2022-04-11 15:20 - 000002450 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsPowerPoint.lnk
2022-04-11 15:20 - 2022-04-11 15:20 - 000002414 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsAccess.lnk
2022-04-11 15:20 - 2022-04-11 15:20 - 000002413 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsExcel.lnk
2022-04-11 15:20 - 2022-04-11 15:20 - 000002407 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsOutlook.lnk
2022-04-11 15:20 - 2022-04-11 15:20 - 000002401 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsPublisher.lnk
2022-04-11 15:20 - 2022-04-11 15:20 - 000002393 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsOneNote.lnk
2022-04-11 15:20 - 2022-04-11 15:20 - 000000000 ____D C:Program FilesCommon FilesDESIGNER
2022-04-11 15:19 - 2022-04-20 20:44 - 000000000 ____D C:Program FilesMicrosoft Office
2022-04-11 15:19 - 2022-04-11 15:19 - 000000000 ____D C:Program FilesMicrosoft Office 15
2022-04-11 04:26 - 2022-04-11 04:26 - 000199913 _____ C:UsersPhenomDownloadschromepass.zip
2022-04-11 04:12 - 2022-04-27 23:22 - 000002364 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsBrave.lnk
2022-04-11 04:12 - 2022-04-27 23:22 - 000002323 _____ C:UsersPublicDesktopBrave.lnk
2022-04-11 04:12 - 2022-04-11 04:12 - 000000000 ____D C:UsersPhenomAppDataLocalBraveSoftware
2022-04-11 04:12 - 2022-04-11 04:12 - 000000000 ____D C:Program FilesBraveSoftware
2022-04-11 04:12 - 2022-04-11 04:12 - 000000000 ____D C:Program Files (x86)BraveSoftware
2022-04-11 04:11 - 2022-04-11 04:11 - 001293840 _____ (BraveSoftware Inc.) C:UsersPhenomDownloadsBraveBrowserSetup (1).exe
2022-04-11 01:21 - 2022-04-11 01:21 - 053984688 _____ (Advanced Micro Devices, Inc.) C:UsersPhenomDownloadsamd_chipset_software_4.03.03.431 (1).exe
2022-04-10 22:40 - 2022-04-10 22:40 - 004858012 _____ C:UsersPhenomDownloadsTwitchRecover.zip
2022-04-10 22:07 - 2022-04-28 18:18 - 000002098 __RSH C:ProgramDatantuser.pol
2022-04-10 00:54 - 2022-04-10 00:54 - 010174592 _____ (Martin Malik - REALiX ) C:UsersPhenomDownloadshwi_722.exe
2022-04-09 20:48 - 2022-04-09 20:48 - 000605067 _____ C:UsersPhenomDownloadsPana Vara Viitoare.ogg
2022-04-09 20:40 - 2022-04-09 20:40 - 000320411 _____ C:UsersPhenomDownloadsmp3DC236.exe
2022-04-09 20:40 - 2022-04-09 20:40 - 000001128 _____ C:UsersPhenomDesktopmp3DirectCut.lnk
2022-04-09 20:40 - 2022-04-09 20:40 - 000000000 ____D C:Program Files (x86)mp3DirectCut
2022-04-09 17:46 - 2022-04-26 18:07 - 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsGsmServer
2022-04-09 17:46 - 2022-04-09 17:46 - 000000000 ____D C:Program Files (x86)GsmServer
2022-04-09 17:20 - 2022-04-09 17:20 - 000000000 ____D C:UsersPhenomDocumentsSigmaKey
2022-04-09 16:56 - 2022-04-09 16:56 - 099824780 _____ C:UsersPhenomDownloadsVisual-C-Runtimes-All-in-One-Feb-2022.zip
2022-04-09 16:51 - 2022-04-09 16:51 - 070500361 _____ (GsmServer) C:UsersPhenomDownloadsSigmaKey_Software_Setup_v2.26.16.exe
2022-04-09 14:54 - 2022-04-09 14:54 - 117926544 _____ (OBS Project) C:UsersPhenomDownloadsOBS-Studio-27.2.1-Full-Installer-x64 (1).exe
2022-04-09 14:47 - 2022-04-09 14:48 - 117926544 _____ (OBS Project) C:UsersPhenomDownloadsOBS-Studio-27.2.1-Full-Installer-x64.exe
2022-04-09 14:36 - 2022-04-09 14:36 - 000176141 _____ C:UsersPhenomDownloadslogs (1).rar
2022-04-09 14:24 - 2022-04-09 14:24 - 117961440 _____ (OBS Project) C:UsersPhenomDownloadsOBS-Studio-27.2.4-Full-Installer-x64.exe
2022-04-09 14:12 - 2022-04-09 14:12 - 000528208 _____ C:UsersPhenomDownloadslogs.rar
2022-04-09 14:03 - 2022-04-15 14:18 - 000000000 ____D C:Program Filesobs-studio
2022-04-09 14:02 - 2022-04-09 14:02 - 090640720 _____ (obsproject.com) C:UsersPhenomDownloadsOBS-Studio-27.1.3-Full-Installer-x64.exe
2022-04-09 01:50 - 2022-04-26 18:27 - 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsVideoLAN
2022-04-09 01:50 - 2022-04-21 01:33 - 000000916 _____ C:UsersPublicDesktopVLC media player.lnk
2022-04-09 01:49 - 2022-04-09 01:49 - 113409498 _____ C:UsersPhenomDownloadsvlc-3.0.17.4-win64-release.7z
2022-04-09 01:49 - 2022-04-09 01:49 - 042762464 _____ C:UsersPhenomDownloadsvlc-3.0.16-win64 (2).exe
2022-04-08 04:16 - 2022-04-27 01:29 - 000000000 ____D C:Program Files (x86)F-Secure
2022-04-08 02:30 - 2022-04-08 02:30 - 064286208 _____ C:UsersPhenomDownloadsvlc-4.0.0-dev-win64-caf66c91.msi
2022-04-08 02:30 - 2022-04-08 02:30 - 050064901 _____ C:UsersPhenomDownloadsvlc-4.0.0-dev-win64-caf66c91.exe
2022-04-08 01:38 - 2022-04-08 01:38 - 052731974 _____ C:UsersPhenomDownloadsfsecure_freedome_vpn_2.47.927.zip
2022-04-07 19:56 - 2022-04-07 19:56 - 005234297 _____ C:UsersPhenomDownloadsapp-debug (7).apk
2022-04-07 19:55 - 2022-04-07 19:55 - 000011445 _____ C:UsersPhenomDownloadsbindings (4).json
2022-04-07 19:36 - 2022-04-07 19:36 - 005234389 _____ C:UsersPhenomDownloadsapp-debug (3).apk
2022-04-07 19:36 - 2022-04-07 19:36 - 000011192 _____ C:UsersPhenomDownloadsbindings (3).json
2022-04-07 19:26 - 2022-04-07 19:26 - 005234829 _____ C:UsersPhenomDownloadsapp-debug (2).apk
2022-04-07 19:26 - 2022-04-07 19:26 - 000011445 _____ C:UsersPhenomDownloadsbindings (2).json
2022-04-07 19:15 - 2022-04-07 19:15 - 005233237 _____ C:UsersPhenomDownloadsapp-debug (1).apk
2022-04-07 19:15 - 2022-04-07 19:15 - 000011445 _____ C:UsersPhenomDownloadsbindings (1).json
2022-04-07 18:42 - 2022-04-07 18:42 - 000421251 _____ C:UsersPhenomDownloadsSnapMod-1.2.2.zip
2022-04-07 03:46 - 2022-04-07 03:46 - 005241536 _____ (Easeware ) C:UsersPhenomDownloadsDriverEasy_Setup (3).exe
2022-04-07 02:16 - 2022-04-07 02:16 - 000000000 ____D C:UsersPhenomAppDataLocalvlc
2022-04-07 02:15 - 2022-04-07 02:15 - 050156829 _____ C:UsersPhenomDownloadsvlc-4.0.0-dev-win64-9f1a32a0.exe
2022-04-07 01:13 - 2022-04-07 01:13 - 005232469 _____ C:UsersPhenomDownloadsapp-debug (6).apk
2022-04-07 01:04 - 2022-04-07 01:04 - 091794208 _____ C:UsersPhenomDownloadscom.snapchat.android_11.73.0.35-84586_minAPI19(arm64-v8a)(nodpi)_apkmirror.com.apk
2022-04-07 01:04 - 2022-04-07 01:04 - 086724931 _____ C:UsersPhenomDownloadscom.snapchat.android_11.73.0.35-84586_minAPI19(armeabi-v7a)(nodpi)_apkmirror.com.apk
2022-04-07 00:59 - 2022-04-07 00:59 - 000011445 _____ C:UsersPhenomDownloadsbindings (6).json
2022-04-07 00:58 - 2022-04-07 00:58 - 005234693 _____ C:UsersPhenomDownloadsapp-debug (5).apk
2022-04-07 00:16 - 2022-04-07 00:16 - 000011192 _____ C:UsersPhenomDownloadsbindings (5).json
2022-04-07 00:15 - 2022-04-07 00:15 - 005232469 _____ C:UsersPhenomDownloadsapp-debug (4).apk
2022-04-06 19:16 - 2022-04-06 19:17 - 000057440 _____ C:UsersPhenomDownloadsLSPosed_2022-04-06T19_14_46.219.zip
2022-04-06 17:44 - 2022-04-06 19:09 - 000011192 _____ C:UsersPhenomDownloadsbindings.json
2022-04-06 01:25 - 2022-04-22 13:46 - 000000000 ____D C:Program FilesFirefox Nightly
2022-04-05 18:59 - 2022-04-05 19:00 - 825175568 _____ (NVIDIA Corporation) C:UsersPhenomDownloads512.15-desktop-win10-win11-64bit-international-dch-whql.exe
2022-04-05 18:58 - 2022-04-05 18:58 - 001261730 _____ C:UsersPhenomDownloads[Guru3D.com]-DDU (2).zip
2022-04-05 18:58 - 2022-04-05 18:58 - 001261730 _____ C:UsersPhenomDownloads[Guru3D.com]-DDU (1).zip
2022-04-05 16:56 - 2022-04-05 16:56 - 000000350 _____ C:UsersPhenomDesktopRocket League®.url
2022-04-05 16:34 - 2022-04-05 16:34 - 000000000 ____D C:UsersPhenomAppDataLocalUnrealEngineLauncher
2022-04-05 16:34 - 2022-04-05 16:34 - 000000000 ____D C:UsersPhenomAppDataLocalUnrealEngine
2022-04-05 16:34 - 2022-04-05 16:34 - 000000000 ____D C:UsersPhenomAppDataLocalEpicGamesLauncher
2022-04-05 16:33 - 2022-04-05 16:35 - 000000000 ____D C:ProgramDataEpic
2022-04-05 16:33 - 2022-04-05 16:33 - 000001270 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsEpic Games Launcher.lnk
2022-04-05 16:33 - 2022-04-05 16:33 - 000001258 _____ C:UsersPublicDesktopEpic Games Launcher.lnk
2022-04-05 16:33 - 2022-04-05 16:33 - 000000000 ____D C:UsersPhenomAppDataLocalEpic Games
2022-04-05 16:33 - 2022-04-05 16:33 - 000000000 ____D C:Program Files (x86)Epic Games
2022-04-05 16:29 - 2022-04-05 16:29 - 158863360 _____ C:UsersPhenomDownloadsEpicInstaller-13.3.0.msi
2022-04-04 22:02 - 2022-04-04 22:02 - 008369999 _____ C:UsersPhenomDownloadsdxvk-master-7ea41309d5f9e028d646bf569152879b5ec4295a.zip
2022-04-04 21:18 - 2022-04-04 21:18 - 008370142 _____ C:UsersPhenomDownloadsdxvk-master-e2989e68638c883f7bb61702b2930e3c05e0968b.zip
2022-04-04 20:53 - 2022-04-04 20:53 - 008370022 _____ C:UsersPhenomDownloadsdxvk-master-42747ebd16afe46461d93b0a45076af442ea10d0.zip
2022-04-04 20:34 - 2022-04-04 20:34 - 008370117 _____ C:UsersPhenomDownloadsdxvk-master-77992ef951e0c765785097aeea8014374d9a8282.zip
2022-04-04 18:13 - 2022-04-04 18:13 - 007722937 _____ C:UsersPhenomDownloadsd9vk-0.40.1.tar.gz
2022-04-02 01:19 - 2022-04-10 03:31 - 010681746 _____ C:UsersPhenomDownloadsapp-neo.apk
2022-04-01 16:36 - 2022-04-01 16:36 - 008369977 _____ C:UsersPhenomDownloadsdxvk-master-260f928dbcff7dce5e725e177240d5807c082743.zip
2022-04-01 03:58 - 2022-04-01 04:00 - 1270085632 _____ C:UsersPhenomDownloadsWin11_English_x64v1.iso
2022-03-31 23:06 - 2022-03-31 23:06 - 008507392 _____ C:UsersPhenomDownloadsC24RG5xFQ.exe
2022-03-31 23:01 - 2022-03-31 23:01 - 012202017 _____ C:UsersPhenomDownloads249f91c7-c196-48ed-bf19-8a634c006137_b35ab57440235d71ac9103f59fcea8a7c90866fa.cab
2022-03-31 22:58 - 2022-03-31 22:58 - 076059062 _____ C:UsersPhenomDownloadsUnofficial-Realtek-UAD-generic-6.0.9323.1 (1).zip
2022-03-31 22:57 - 2022-03-31 22:58 - 032977002 _____ C:UsersPhenomDownloadsRealtekAudioControl_1.35.269-offline (1).zip
2022-03-31 22:41 - 2022-03-31 22:41 - 029350975 _____ C:UsersPhenomDownloadsCCleaner 5.91.rar
2022-03-31 21:55 - 2022-03-31 21:55 - 035930248 _____ (TeamViewer Germany GmbH) C:UsersPhenomDownloadsTeamViewer_Setup_x64 (1).exe
2022-03-30 17:22 - 2022-03-30 17:24 - 000003924 _____ C:UsersPhenomDownloads272401865965305867.json
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-04-28 19:18 - 2022-01-19 22:28 - 000000000 ____D C:UsersPhenomAppDataRoamingqBittorrent
2022-04-28 18:43 - 2021-06-05 15:10 - 000000000 ____D C:ProgramDataregid.1991-06.com.microsoft
2022-04-28 18:29 - 2021-06-05 15:09 - 000000000 ____D C:WINDOWSINF
2022-04-28 18:27 - 2021-06-05 15:01 - 000065536 _____ C:WINDOWSsystem32configELAM
2022-04-28 18:25 - 2022-01-19 22:02 - 000000000 ____D C:Program Files (x86)Google
2022-04-28 18:23 - 2022-01-19 22:30 - 000000000 ____D C:ProgramDataNVIDIA
2022-04-28 18:23 - 2022-01-19 22:28 - 000000000 ____D C:UsersPhenomAppDataRoamingSamsung Magician
2022-04-28 18:23 - 2022-01-19 21:59 - 000000000 ____D C:UsersPhenomAppDataLocalD3DSCache
2022-04-28 18:23 - 2021-06-05 15:10 - 000000000 ____D C:WINDOWSSystemTemp
2022-04-28 18:22 - 2021-12-23 16:17 - 000012288 ___SH C:DumpStack.log.tmp
2022-04-28 18:22 - 2021-06-05 15:01 - 000524288 _____ C:WINDOWSsystem32configBBI
2022-04-28 14:55 - 2022-01-19 22:27 - 000000000 ____D C:UsersPhenomAppDataLocalSquirrelTemp
2022-04-28 03:45 - 2022-01-19 22:28 - 000000000 ____D C:UsersPhenomAppDataRoamingvlc
2022-04-28 03:05 - 2021-06-05 15:10 - 000000000 ____D C:WINDOWSappcompat
2022-04-28 01:44 - 2022-01-19 21:59 - 000000000 ____D C:UsersPhenomAppDataLocalPackages
2022-04-28 01:19 - 2022-01-20 01:17 - 000000713 _____ C:WINDOWSsystem32Driversetchosts.ics
2022-04-28 01:15 - 2021-06-05 15:10 - 000000000 ___HD C:Program FilesWindowsApps
2022-04-28 01:15 - 2021-06-05 15:10 - 000000000 ____D C:WINDOWSAppReadiness
2022-04-27 21:51 - 2022-01-19 22:23 - 000000000 ____D C:UsersPhenomAppDataLocalNVIDIA
2022-04-27 17:19 - 2022-01-19 22:27 - 000000000 ____D C:UsersPhenomAppDataLocalNVIDIA Corporation
2022-04-27 17:18 - 2022-01-19 22:30 - 000001447 _____ C:UsersPublicDesktopGeForce Experience.lnk
2022-04-27 17:18 - 2022-01-19 22:30 - 000000000 ____D C:Program Files (x86)NVIDIA Corporation
2022-04-27 17:18 - 2022-01-19 22:00 - 000000000 ____D C:ProgramDataNVIDIA Corporation
2022-04-27 17:18 - 2022-01-19 22:00 - 000000000 ____D C:Program FilesNVIDIA Corporation
2022-04-27 03:41 - 2021-06-05 17:30 - 000000000 ____D C:Program FilesWindows Photo Viewer
2022-04-27 03:41 - 2021-06-05 17:30 - 000000000 ____D C:Program FilesWindows Defender Advanced Threat Protection
2022-04-27 03:41 - 2021-06-05 17:30 - 000000000 ____D C:Program Files (x86)Windows Photo Viewer
2022-04-27 03:41 - 2021-06-05 15:10 - 000000000 ___SD C:WINDOWSSysWOW64F12
2022-04-27 03:41 - 2021-06-05 15:10 - 000000000 ___SD C:WINDOWSsystem32UNP
2022-04-27 03:41 - 2021-06-05 15:10 - 000000000 ___SD C:WINDOWSsystem32F12
2022-04-27 03:41 - 2021-06-05 15:10 - 000000000 ___SD C:WINDOWSsystem32DiagSvcs
2022-04-27 03:41 - 2021-06-05 15:10 - 000000000 ___RD C:WINDOWSPrintDialog
2022-04-27 03:41 - 2021-06-05 15:10 - 000000000 ___RD C:WINDOWSImmersiveControlPanel
2022-04-27 03:41 - 2021-06-05 15:10 - 000000000 ____D C:WINDOWSSysWOW64setup
2022-04-27 03:41 - 2021-06-05 15:10 - 000000000 ____D C:WINDOWSSysWOW64Dism
2022-04-27 03:41 - 2021-06-05 15:10 - 000000000 ____D C:WINDOWSSysWOW64Com
2022-04-27 03:41 - 2021-06-05 15:10 - 000000000 ____D C:WINDOWSSystemResources
2022-04-27 03:41 - 2021-06-05 15:10 - 000000000 ____D C:WINDOWSsystem32WinBioPlugIns
2022-04-27 03:41 - 2021-06-05 15:10 - 000000000 ____D C:WINDOWSsystem32SystemResetPlatform
2022-04-27 03:41 - 2021-06-05 15:10 - 000000000 ____D C:WINDOWSsystem32Sysprep
2022-04-27 03:41 - 2021-06-05 15:10 - 000000000 ____D C:WINDOWSsystem32setup
2022-04-27 03:41 - 2021-06-05 15:10 - 000000000 ____D C:WINDOWSsystem32oobe
2022-04-27 03:41 - 2021-06-05 15:10 - 000000000 ____D C:WINDOWSsystem32Dism
2022-04-27 03:41 - 2021-06-05 15:10 - 000000000 ____D C:WINDOWSsystem32Com
2022-04-27 03:41 - 2021-06-05 15:10 - 000000000 ____D C:WINDOWSsystem32appraiser
2022-04-27 03:41 - 2021-06-05 15:10 - 000000000 ____D C:WINDOWSPolicyDefinitions
2022-04-27 03:41 - 2021-06-05 15:10 - 000000000 ____D C:WINDOWSIME
2022-04-27 03:41 - 2021-06-05 15:10 - 000000000 ____D C:WINDOWSbcastdvr
2022-04-27 03:41 - 2021-06-05 15:10 - 000000000 ____D C:Program FilesWindows Defender
2022-04-27 03:41 - 2021-06-05 15:10 - 000000000 ____D C:Program FilesCommon FilesSystem
2022-04-27 03:41 - 2021-06-05 15:01 - 000000000 ____D C:WINDOWSservicing
2022-04-27 00:34 - 2022-01-19 22:26 - 000000000 ____D C:UsersPhenomAppDataLocalCrashDumps
2022-04-27 00:18 - 2022-01-19 22:17 - 000000000 ____D C:UsersPhenomDownloadsTelegram Desktop
2022-04-26 23:57 - 2022-02-11 01:51 - 000000000 ____D C:WSA
2022-04-26 23:06 - 2021-06-05 15:01 - 000000000 ____D C:WINDOWSCbsTemp
2022-04-26 23:04 - 2021-06-05 15:08 - 000245760 _____ (Microsoft Corporation) C:WINDOWSsystem32msclmd.dll
2022-04-26 23:04 - 2021-06-05 15:08 - 000207360 _____ (Microsoft Corporation) C:WINDOWSSysWOW64msclmd.dll
2022-04-26 20:24 - 2021-06-05 15:10 - 000000000 ____D C:WINDOWSsystem32NDF
2022-04-26 19:58 - 2022-01-19 22:31 - 000000000 ____D C:UsersPhenomAppDataRoamingMicrosoftWindowsStart MenuProgramsDiscord Inc
2022-04-26 19:48 - 2022-01-19 21:59 - 000000000 __RHD C:UsersPublicAccountPictures
2022-04-26 18:28 - 2021-06-05 15:10 - 000000000 ____D C:WINDOWSMedia
2022-04-26 18:27 - 2022-03-28 22:59 - 000000000 ____D C:Program FilesCommon Fileslogishrd
2022-04-26 18:27 - 2022-03-25 03:50 - 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsqBittorrent
2022-04-26 18:27 - 2022-03-25 02:45 - 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsHWiNFO64
2022-04-26 18:27 - 2022-03-22 23:53 - 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsDriversCloud.com
2022-04-26 18:27 - 2022-02-26 17:49 - 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsJava
2022-04-26 18:27 - 2022-02-24 16:03 - 000000000 ____D C:UsersPhenomAppDataRoamingMicrosoftWindowsStart MenuProgramsWinRAR
2022-04-26 18:27 - 2022-02-24 16:03 - 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsWinRAR
2022-04-26 18:27 - 2022-02-19 03:56 - 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsmLogcat
2022-04-26 18:27 - 2022-02-16 03:09 - 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsCheat Engine 7.4
2022-04-26 18:27 - 2022-02-10 03:27 - 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsTextCrawler Pro
2022-04-26 18:27 - 2022-02-08 18:51 - 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsNode.js
2022-04-26 18:27 - 2022-01-31 16:57 - 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsGit
2022-04-26 18:27 - 2022-01-31 16:56 - 000000000 ____D C:UsersPhenomAppDataRoamingMicrosoftWindowsStart MenuProgramsGitHub, Inc
2022-04-26 18:27 - 2022-01-22 23:53 - 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsOBS Studio
2022-04-26 18:27 - 2022-01-19 23:00 - 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsRiot Games
2022-04-26 18:27 - 2022-01-19 22:30 - 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsNVIDIA Corporation
2022-04-26 18:27 - 2022-01-19 22:13 - 000000000 ____D C:UsersPhenomAppDataRoamingMicrosoftWindowsStart MenuProgramsAplicații Chrome Beta
2022-04-26 18:27 - 2022-01-19 22:03 - 000000000 ____D C:UsersPhenomAppDataRoamingMicrosoftWindowsStart MenuProgramsTotal Commander
2022-04-26 18:27 - 2022-01-19 21:59 - 000000000 ____D C:WINDOWSsystem32DriversNVIDIA Corporation
2022-04-26 18:27 - 2021-06-05 15:10 - 000000000 ___HD C:WINDOWSsystem32GroupPolicy
2022-04-26 18:27 - 2021-06-05 15:10 - 000000000 ____D C:WINDOWSSysWOW64GroupPolicy
2022-04-26 18:27 - 2021-06-05 15:10 - 000000000 ____D C:WINDOWSsystem32WinBioDatabase
2022-04-26 18:27 - 2021-06-05 15:10 - 000000000 ____D C:WINDOWSsystem32Tasks_Migrated
2022-04-26 18:27 - 2021-06-05 15:10 - 000000000 ____D C:WINDOWSsystem32spool
2022-04-26 18:27 - 2021-06-05 15:10 - 000000000 ____D C:WINDOWSsystem32MsDtc
2022-04-26 18:27 - 2021-06-05 15:10 - 000000000 ____D C:WINDOWSServiceState
2022-04-26 18:27 - 2021-06-05 15:10 - 000000000 ____D C:WINDOWSLiveKernelReports
2022-04-26 18:27 - 2021-06-05 15:10 - 000000000 ____D C:Program FilesCommon Filesmicrosoft shared
2022-04-26 18:27 - 2021-06-05 15:08 - 000028672 _____ C:WINDOWSsystem32configBCD-Template
2022-04-26 18:24 - 2021-06-05 15:14 - 000000000 ____D C:WINDOWSSetup
2022-04-26 18:21 - 2021-06-05 15:10 - 000000000 ____D C:ProgramDataUSOPrivate
2022-04-26 18:07 - 2022-03-25 03:08 - 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsFinalWire
2022-04-26 18:07 - 2022-03-24 17:28 - 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsCPUID
2022-04-26 18:07 - 2022-02-17 22:56 - 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsStreamlabs
2022-04-26 18:05 - 2022-01-24 17:05 - 000000000 ____D C:UsersUserAppDataLocalPackages
2022-04-26 17:59 - 2021-06-05 15:21 - 000049464 _____ (Microsoft Corporation) C:WINDOWSsystem32UtilityVmSysprep.dll
2022-04-26 17:59 - 2021-06-05 15:19 - 000504144 _____ (Microsoft Corporation) C:WINDOWSsystem32NetMgmtIF.dll
2022-04-26 17:59 - 2021-06-05 15:19 - 000213328 _____ C:WINDOWSsystem32IsolatedWindowsEnvironmentUtils.dll
2022-04-26 17:59 - 2021-06-05 15:19 - 000192848 _____ C:WINDOWSsystem32HvsiSettingsWorker.exe
2022-04-26 17:59 - 2021-06-05 15:19 - 000139600 _____ C:WINDOWSsystem32nmscrub.exe
2022-04-26 17:59 - 2021-06-05 15:19 - 000119120 _____ (Microsoft Corporation) C:WINDOWSsystem32nmbind.exe
2022-04-26 17:59 - 2021-06-05 15:19 - 000114688 _____ C:WINDOWSsystem32hvsiproxyapp.exe
2022-04-26 17:59 - 2021-06-05 15:19 - 000094536 _____ (Microsoft Corporation) C:WINDOWSsystem32CmAgent.dll
2022-04-26 17:59 - 2021-06-05 15:19 - 000082256 _____ C:WINDOWSsystem32HvsiMachinePolicies.dll
2022-04-26 17:59 - 2021-06-05 15:19 - 000082248 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversl2bridge.sys
2022-04-26 17:59 - 2021-06-05 15:19 - 000081920 _____ (Microsoft Corporation) C:WINDOWSsystem32CCGLaunchPad.dll
2022-04-26 17:59 - 2021-06-05 15:19 - 000069944 _____ C:WINDOWSsystem32AuditSettingsProvider.dll
2022-04-26 17:59 - 2021-06-05 15:19 - 000049488 _____ (Microsoft Corporation) C:WINDOWSsystem32Drivershnswfpdriver.sys
2022-04-26 17:59 - 2021-06-05 15:18 - 000401736 _____ (Microsoft Corporation) C:WINDOWSsystem32VmSynthNic.dll
2022-04-26 17:59 - 2021-06-05 15:18 - 000360784 _____ (Microsoft Corporation) C:WINDOWSsystem32vmiccore.dll
2022-04-26 17:59 - 2021-06-05 15:18 - 000356680 _____ (Microsoft Corporation) C:WINDOWSsystem32hcsdiag.exe
2022-04-26 17:59 - 2021-06-05 15:18 - 000311616 _____ (Microsoft Corporation) C:WINDOWSsystem32vmflexio.dll
2022-04-26 17:59 - 2021-06-05 15:18 - 000270672 _____ (Microsoft Corporation) C:WINDOWSsystem32CExecSvc.exe
2022-04-26 17:59 - 2021-06-05 15:18 - 000258384 _____ (Microsoft Corporation) C:WINDOWSsystem32vmbusvdev.dll
2022-04-26 17:59 - 2021-06-05 15:18 - 000250184 _____ (Microsoft Corporation) C:WINDOWSsystem32gpupvdev.dll
2022-04-26 17:59 - 2021-06-05 15:18 - 000233808 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversvpcivsp.sys
2022-04-26 17:59 - 2021-06-05 15:18 - 000164176 _____ (Microsoft Corporation) C:WINDOWSsystem32vmvirtio.dll
2022-04-26 17:59 - 2021-06-05 15:18 - 000123208 _____ (Microsoft Corporation) C:WINDOWSsystem32vmwpevents.dll
2022-04-26 17:59 - 2021-06-05 15:18 - 000122880 _____ C:WINDOWSsystem32vmhbmgmt.dll
2022-04-26 17:59 - 2021-06-05 15:18 - 000119104 _____ (Microsoft Corporation) C:WINDOWSsystem32vmwpctrl.dll
2022-04-26 17:59 - 2021-06-05 15:18 - 000110904 _____ (Microsoft Corporation) C:WINDOWSsystem32wcsetupagent.exe
2022-04-26 17:59 - 2021-06-05 15:18 - 000090112 _____ C:WINDOWSsystem32Driversvmbusproxy.sys
2022-04-26 17:59 - 2021-06-05 15:18 - 000078144 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversvhdparser.sys
2022-04-26 17:59 - 2021-06-05 15:18 - 000069968 _____ (Microsoft Corporation) C:WINDOWSsystem32Driverspassthruparser.sys
2022-04-26 17:59 - 2021-06-05 15:18 - 000069960 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversvkrnlintvsc.sys
2022-04-26 17:59 - 2021-06-05 15:18 - 000069952 _____ (Microsoft Corporation) C:WINDOWSsystem32Driversvkrnlintvsp.sys
2022-04-26 17:59 - 2021-06-05 15:18 - 000061776 _____ (Microsoft Corporation) C:WINDOWSsystem32Drivershvsocketcontrol.sys
2022-04-26 17:59 - 2021-06-05 15:18 - 000049480 _____ (Microsoft Corporation) C:WINDOWSsystem32VrdUmed.dll
2022-04-26 17:59 - 2021-06-05 15:18 - 000049464 _____ (Microsoft Corporation) C:WINDOWSsystem32vmsifproxystub.dll
2022-04-26 17:59 - 2021-06-05 15:18 - 000041288 _____ (Microsoft Corporation) C:WINDOWSsystem32vmcomputeeventlog.dll
2022-04-26 17:59 - 2021-06-05 15:18 - 000036864 _____ (Microsoft Corporation) C:WINDOWSsystem32VmComputeProxy.dll
2022-04-26 17:59 - 2021-06-05 15:18 - 000024904 _____ (Microsoft Corporation) C:WINDOWSsystem32f989b52d-f928-44a3-9bf1-bf0c1da6a0d6_HyperV-DeviceVirtualization.dll
2022-04-26 17:59 - 2021-06-05 15:18 - 000024904 _____ (Microsoft Corporation) C:WINDOWSsystem32f1db7d81-95be-4911-935a-8ab71629112a_HyperV-IsolatedVM.dll
2022-04-26 17:59 - 2021-06-05 15:18 - 000024904 _____ (Microsoft Corporation) C:WINDOWSsystem32c4d66f00-b6f0-4439-ac9b-c5ea13fe54d7_HyperV-ComputeCore.dll
2022-04-26 17:59 - 2021-06-05 15:18 - 000024904 _____ (Microsoft Corporation) C:WINDOWSsystem32c28c7a4e-a619-4463-82b7-0fc9cc7187f5_HyperV-ComputeStorage.dll
2022-04-26 17:59 - 2021-06-05 15:18 - 000024896 _____ (Microsoft Corporation) C:WINDOWSsystem32d4d78066-e6db-44b7-b5cd-2eb82dce620c_HyperV-ComputeLegacy.dll
2022-04-26 17:59 - 2021-06-05 15:18 - 000006658 _____ C:WINDOWSsystem32VmFirmware Third-Party Notices.txt
2022-04-26 14:38 - 2022-01-19 21:59 - 000000000 ____D C:ProgramDataPackages
2022-04-26 03:36 - 2022-01-19 22:03 - 000000000 ____D C:Program FilesTotal Commander
2022-04-26 01:51 - 2022-01-20 01:41 - 000000000 ____D C:ProgramDataF-Secure
2022-04-26 01:51 - 2022-01-19 22:26 - 000000000 ____D C:UsersPhenomAppDataLocalF-Secure
2022-04-26 01:35 - 2022-01-20 01:34 - 000001486 _____ C:UsersPhenomAppDataRoamingMicrosoftWindowsStart MenuProgramsOpera developer.lnk
2022-04-26 00:53 - 2022-01-19 23:20 - 000000000 ____D C:Program Files7-Zip
2022-04-25 23:09 - 2022-01-19 22:17 - 000002278 _____ C:UsersPhenomDesktopMicrosoft Edge.lnk
2022-04-25 18:11 - 2022-01-19 22:27 - 000000000 ____D C:UsersPhenomAppDataRoamingobs-studio
2022-04-23 23:34 - 2022-01-19 22:01 - 000000000 ____D C:UsersPhenomAppDataLocalPlaceholderTileLogoFolder
2022-04-23 21:06 - 2022-01-19 22:01 - 000000000 ___RD C:UsersPhenomOneDrive
2022-04-23 12:19 - 2022-01-20 07:52 - 000002440 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsMicrosoft Edge.lnk
2022-04-23 02:14 - 2021-12-24 02:05 - 000000000 ____D C:TeamViewerPortable
2022-04-22 13:49 - 2022-01-19 22:53 - 143823848 ____C (Microsoft Corporation) C:WINDOWSsystem32MRT.exe
2022-04-22 13:46 - 2022-01-31 03:16 - 000000000 ____D C:Program Files (x86)Mozilla Maintenance Service
2022-04-21 22:20 - 2022-02-16 03:09 - 000000000 ____D C:Program FilesCheat Engine 7.4
2022-04-21 21:29 - 2022-03-24 01:37 - 007618600 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvapi64.dll
2022-04-21 21:29 - 2022-03-24 01:37 - 006465192 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64nvapi.dll
2022-04-21 18:11 - 2022-01-19 22:26 - 000000000 ____D C:UsersPhenomAppDataLocalLowMozilla
2022-04-21 18:07 - 2022-01-31 03:16 - 000000000 ____D C:ProgramDataMozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-04-21 18:06 - 2022-01-31 03:16 - 000001005 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsFirefox Nightly.lnk
2022-04-20 22:22 - 2022-01-19 22:02 - 000002302 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle Chrome Beta.lnk
2022-04-20 22:22 - 2022-01-19 22:02 - 000002261 _____ C:UsersPublicDesktopGoogle Chrome Beta.lnk
2022-04-20 17:21 - 2022-01-20 01:40 - 000005869 _____ C:UsersPhenomDownloadsfsecure_freedome_vpn_2.43.809.zip
2022-04-20 17:21 - 2022-01-19 22:18 - 000004742 _____ C:UsersPhenomDownloadsdrivermax_11.18.0.38.zip
2022-04-20 17:17 - 2022-01-19 22:18 - 000004651 _____ C:UsersPhenomDownloadsdriver_easy_5.6.14.33488.zip
2022-04-20 17:17 - 2022-01-19 22:18 - 000004651 _____ C:UsersPhenomDownloadsdriver_easy_5.6.14.33488 (1).zip
2022-04-20 17:13 - 2022-03-03 02:29 - 000005887 _____ C:UsersPhenomDownloadsfsecure_freedome_vpn_2.45.888 (1).zip
2022-04-20 04:13 - 2022-01-19 22:27 - 000000000 ____D C:UsersPhenomAppDataRoamingGitHub Desktop
2022-04-20 01:15 - 2022-01-19 22:17 - 000000000 ____D C:UsersPhenomDocumentsGitHub
2022-04-19 23:42 - 2022-01-19 22:27 - 000000000 ____D C:UsersPhenomAppDataRoamingNotepad++
2022-04-19 21:37 - 2022-01-31 16:56 - 000000000 ____D C:UsersPhenomAppDataLocalGitHubDesktop
2022-04-19 21:37 - 2022-01-19 22:17 - 000002378 _____ C:UsersPhenomDesktopGitHub Desktop.lnk
2022-04-15 14:19 - 2022-01-19 22:41 - 000000000 ____D C:ProgramDataSamsung
2022-04-13 23:59 - 2022-01-19 22:20 - 000294281 _____ C:UsersPhenomDownloadsSDI_Update.torrent
2022-04-13 18:54 - 2022-01-19 22:53 - 000000000 ____D C:WINDOWSsystem32MRT
2022-04-13 15:16 - 2022-01-19 22:26 - 000000000 ____D C:UsersPhenomAppDataLocalbabl-0.1
2022-04-12 23:13 - 2021-06-05 17:30 - 000000000 ___SD C:WINDOWSsystem32AppV
2022-04-12 23:13 - 2021-06-05 15:10 - 000000000 ___SD C:WINDOWSSysWOW64DiagSvcs
2022-04-12 23:13 - 2021-06-05 15:10 - 000000000 ____D C:WINDOWSSysWOW64WinMetadata
2022-04-12 23:13 - 2021-06-05 15:10 - 000000000 ____D C:WINDOWSSysWOW64vi-VN
2022-04-12 23:13 - 2021-06-05 15:10 - 000000000 ____D C:WINDOWSSysWOW64oobe
2022-04-12 23:13 - 2021-06-05 15:10 - 000000000 ____D C:WINDOWSSysWOW64lv-LV
2022-04-12 23:13 - 2021-06-05 15:10 - 000000000 ____D C:WINDOWSSysWOW64lt-LT
2022-04-12 23:13 - 2021-06-05 15:10 - 000000000 ____D C:WINDOWSSysWOW64id-ID
2022-04-12 23:13 - 2021-06-05 15:10 - 000000000 ____D C:WINDOWSSysWOW64gl-ES
2022-04-12 23:13 - 2021-06-05 15:10 - 000000000 ____D C:WINDOWSSysWOW64eu-ES
2022-04-12 23:13 - 2021-06-05 15:10 - 000000000 ____D C:WINDOWSSysWOW64et-EE
2022-04-12 23:13 - 2021-06-05 15:10 - 000000000 ____D C:WINDOWSSysWOW64es-MX
2022-04-12 23:13 - 2021-06-05 15:10 - 000000000 ____D C:WINDOWSSysWOW64ca-ES
2022-04-12 23:13 - 2021-06-05 15:10 - 000000000 ____D C:WINDOWSsystem32WinMetadata
2022-04-12 23:13 - 2021-06-05 15:10 - 000000000 ____D C:WINDOWSsystem32vi-VN
2022-04-12 23:13 - 2021-06-05 15:10 - 000000000 ____D C:WINDOWSsystem32ShellExperiences
2022-04-12 23:13 - 2021-06-05 15:10 - 000000000 ____D C:WINDOWSsystem32PerceptionSimulation
2022-04-12 23:13 - 2021-06-05 15:10 - 000000000 ____D C:WINDOWSsystem32migwiz
2022-04-12 23:13 - 2021-06-05 15:10 - 000000000 ____D C:WINDOWSsystem32lv-LV
2022-04-12 23:13 - 2021-06-05 15:10 - 000000000 ____D C:WINDOWSsystem32lt-LT
2022-04-12 23:13 - 2021-06-05 15:10 - 000000000 ____D C:WINDOWSsystem32id-ID
2022-04-12 23:13 - 2021-06-05 15:10 - 000000000 ____D C:WINDOWSsystem32gl-ES
2022-04-12 23:13 - 2021-06-05 15:10 - 000000000 ____D C:WINDOWSsystem32eu-ES
2022-04-12 23:13 - 2021-06-05 15:10 - 000000000 ____D C:WINDOWSsystem32et-EE
2022-04-12 23:13 - 2021-06-05 15:10 - 000000000 ____D C:WINDOWSsystem32es-MX
2022-04-12 23:13 - 2021-06-05 15:10 - 000000000 ____D C:WINDOWSsystem32ca-ES
2022-04-12 23:13 - 2021-06-05 15:10 - 000000000 ____D C:WINDOWSShellExperiences
2022-04-12 23:13 - 2021-06-05 15:10 - 000000000 ____D C:WINDOWSShellComponents
2022-04-12 23:13 - 2021-06-05 15:10 - 000000000 ____D C:WINDOWSProvisioning
2022-04-12 23:13 - 2021-06-05 15:10 - 000000000 ____D C:WINDOWSDiagTrack
2022-04-12 23:12 - 2021-06-05 17:30 - 000032768 _____ (Microsoft Corporation) C:WINDOWSsystem32OEMDefaultAssociations.dll
2022-04-12 23:12 - 2021-06-05 17:30 - 000021047 _____ C:WINDOWSsystem32OEMDefaultAssociations.xml
2022-04-12 19:04 - 2022-01-19 22:26 - 000000000 ____D C:UsersPhenomAppDataLocalgtk-2.0
2022-04-11 17:16 - 2022-01-31 20:37 - 000000000 ____D C:UsersPhenomAppDataLocalTeamViewer
2022-04-11 15:17 - 2022-01-31 22:03 - 000000000 __SHD C:UsersPhenomwc
2022-04-10 22:41 - 2022-02-26 17:48 - 000000000 ____D C:Program Files (x86)Twitch Recover
2022-04-10 00:54 - 2022-03-25 02:45 - 000000000 ____D C:Program FilesHWiNFO64
2022-04-09 17:46 - 2022-01-19 22:23 - 000000000 ____D C:ProgramDataPackage Cache
2022-04-09 01:50 - 2022-01-20 00:58 - 000000000 ____D C:Program FilesVideoLAN
2022-04-08 02:37 - 2022-01-20 07:52 - 000000000 ____D C:WINDOWSsystem32Driverswd
2022-04-06 21:52 - 2022-01-19 23:00 - 000000000 ____D C:Program FilesMicrosoft Update Health Tools
2022-04-06 15:17 - 2022-02-05 21:59 - 000000000 ____D C:Emoji
2022-03-31 21:57 - 2022-01-20 01:18 - 000000000 ____D C:UsersPhenom.android
2022-03-30 20:55 - 2022-01-19 22:30 - 002200272 _____ (NVIDIA Corporation) C:WINDOWSSysWOW64nvspcap.dll
2022-03-30 20:54 - 2022-01-19 22:30 - 002859264 _____ (NVIDIA Corporation) C:WINDOWSsystem32nvspcap64.dll
2022-03-30 20:54 - 2022-01-19 22:30 - 001295104 _____ (NVIDIA Corporation) C:WINDOWSsystem32NvRtmpStreamer64.dll
==================== Files in the root of some directories ========
2022-04-16 18:39 - 2022-04-22 16:56 - 000000149 _____ () C:UsersPubliclog.dat
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Edited by buddy215, today, 1:12 p.m.
Comments are closed.