Tweet
Nope, still not sleeping.
-
-
Well, seems to me we are dealing with a possible driver issue. It’s sleeps in safe mode, and we have disabled all non Microsoft services and startups .
Let’s have a look at the machine with a diagnostic log.
ZHP Diag Scan Click here to download.
1.Save to your desktop.
Right Click Run as Admin.- Click the Options button.
Click on Check All
Then click close.
[IMG alt=“upload_2017-4-26_17-16-39-png.2074”]https://pchelpforum.net/attachments/...6-39-png.2074/- Click the Scanner button.
[IMG alt=“upload_2017-2-23_3-32-26-png.1647”]https://pchelpforum.net/attachments/...2-26-png.1647/
When complete please push the report button.
A notepad will open… attach the report in your next reply.
I will move the thread to virus area, I do not suspect malware, I just use this tool to see what is going on with your machine, and these types of logs are not allowed in the regular forum.[/IMG]Comment
- Click the Options button.
-
I didn’t have the option to report after the scan, only analyze and when clicked it showed an error.
However, a text file was on my desktop. I will attach it and copy and paste it.
~ ZHPDiag v2022.2.2.10 By Nicolas Coolman (2022/02/02)
~ Run by Korisnik (Administrator) (2022/02/02 14:40:34)
~ Assistance: https://forum.nicolascoolman.eu/
~ Blog: https://nicolascoolman.eu/
~ Facebook: ZHP
~ Certificate ZHPDiag: Legal
~ State version: Version OK
~ Mode: Scan
~ Report: C:\Users\Korisnik\Desktop\ZHPDiag.txt
~ Report: C:\Users\Korisnik\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ System startup: Normal (Normal boot)
Windows 10 Pro, 64-bit (Build 19044)
—\ Internet Browsers (2) - 0s
~ GCIE: Google Chrome v97.0.4692.99
~ MSIE: Internet Explorer v11.789.19041.0
—\ Windows Product Information (3) - 3s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
Windows Automatic Updates : OK
—\ System protection software (1) - 1s
Windows Defender W10 (Deactivate) (Protection)
—\ Sharing software PeerToPeer (1) - 1s
~ qBittorrent 4.4.0 v4.4.0 (P2P)
—\ Informations on the system (6) - 0s
~ Operating System: Intel64 Family 6 Model 165 Stepping 5, GenuineIntel
~ Operating System: 64-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 16643.368 MB (83% free) : OK =>.RAM Value
System Restore: Activé (Enable)
System drive C: has 142 GB (64%) free of 219 GB : OK =>.Disk Space
—\ Connection to the system mode (3) - 0s
~ Computer Name: DESKTOP-IRCP48C
~ User Name: Korisnik
~ Logged in as Administrator
—\ Enumeration of the disk units (5) - 0s
~ Drive C: has 142 GB free of 219 GB (System)
~ Drive D: has 486 GB free of 999 GB
~ Drive E: has 251 GB free of 299 GB
~ Drive F: has 412 GB free of 607 GB
~ Drive G: has 182 GB free of 256 GB
—\ State of the Windows Security Center (7) - 0s
[HKLM\Software\WOW6432Node\Microsoft\Windows\Curren tVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\Software\WOW6432Node\Microsoft\Windows\Curren tVersion\policies\system] EnableLUA: OK
[HKLM\Software\WOW6432Node\Microsoft\Windows\Curren tVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\Software\WOW6432Node\Microsoft\Windows\Curren tVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\Software\WOW6432Node\Microsoft\Windows\Curren tVersion\Explorer\Associations] Application: OK
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM64\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
—\ Search Generic System Files (25) - 1s
[MD5.1BD5BAA72845A11622F75731658C515B] - 29/01/2022 - (.Microsoft Corporation - Windows Explorer.) – C:\Windows\Explorer.exe [4968224] =>.Microsoft®
[MD5.EF3179D498793BF4234F708D3BE28633] - 06/08/2021 - (.Microsoft Corporation - Windows host process (Rundll32).) – C:\Windows\System32\rundll32.exe [71680] [Unsigned] =>.Microsoft Corporation
[MD5.F3828D75795D5AE4B2D8B828026A4EAA] - 15/12/2021 - (.Microsoft Corporation - Aplikacija za pokretanje sustava Windows.) – C:\Windows\System32\Wininit.exe [432856] [Unsigned] =>.Microsoft Corporation
[MD5.D72984411123C0C955CA77BC793911A4] - 15/12/2021 - (.Microsoft Corporation - Internet proširenja za Win32.) – C:\Windows\System32\wininet.dll [5045248] [Unsigned] =>.Microsoft Corporation
[MD5.FC7F68EE85A3AE64D6E58C2B2D673793] - 29/01/2022 - (.Microsoft Corporation - Aplikacija za prijavu u sustav Windows.) – C:\Windows\System32\Winlogon.exe [910336] [Unsigned] =>.Microsoft Corporation
[MD5.A01E533388EF4141854A72CB9F17B5BE] - 29/01/2022 - (.Microsoft Corporation - Biblioteka za licenciranje softvera.) – C:\Windows\System32\sppcomapi.dll [316416] [Unsigned] =>.Microsoft Corporation
[MD5.B431E0F34DAA9DC2493D368D99DD1745] - 15/12/2021 - (.Microsoft Corporation - DNS Client API DLL.) – C:\Windows\System32\dnsapi.dll [826392] =>.Microsoft®
[MD5.070FFE687DF50D1731DCB633E8CB9851] - 15/12/2021 - (.Microsoft Corporation - DNS Client API DLL.) – C:\Windows\Syswow64\dnsapi.dll [587744] =>.Microsoft®
[MD5.CBD095290A7B0970D87AEB53A44D9018] - 29/01/2022 - (.Microsoft Corporation - Agent za ažuriranje Windows Update.) – C:\Windows\System32\wuaueng.dll [3403776] [Unsigned] =>.Microsoft Corporation
[MD5.7ED7173309D68A454B3107009660AD0D] - 15/12/2021 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) – C:\Windows\System32\drivers\AFD.sys [650064] [Unsigned] =>.Microsoft Corporation
[MD5.AF0AA60DD36E4FA227F3C441B008336E] - 15/12/2021 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) – C:\Windows\System32\drivers\atapi.sys [30032] [Unsigned] =>.Microsoft Corporation
[MD5.764FE2149251A246F6B047A0F09F5F0B] - 07/12/2019 - (.Microsoft Corporation - CD-ROM File System Driver.) – C:\Windows\System32\drivers\Cdfs.sys [100864] [Unsigned] =>.Microsoft Corporation
[MD5.054ABC6C64AE969D033B7876C04D52B4] - 15/12/2021 - (.Microsoft Corporation - SCSI CD-ROM Driver.) – C:\Windows\System32\drivers\Cdrom.sys [175616] [Unsigned] =>.Microsoft Corporation
[MD5.3D3CCAFC76E02403E2963A2CB45D61F7] - 06/08/2021 - (.Microsoft Corporation - DFS Namespace Client Driver.) – C:\Windows\System32\drivers\DfsC.sys [152064] [Unsigned] =>.Microsoft Corporation
[MD5.DE91793D8101F7D3B93D461EA1B56FC5] - 06/08/2021 - (.Microsoft Corporation - High Definition Audio Bus Driver.) – C:\Windows\System32\drivers\HDAudBus.sys [139776] [Unsigned] =>.Microsoft Corporation
[MD5.E4B36C6EAAAB703CBFECB92EE590FB31] - 07/12/2019 - (.Microsoft Corporation - i8042 Port Driver.) – C:\Windows\System32\drivers\i8042prt.sys [118272] [Unsigned] =>.Microsoft Corporation
[MD5.F63572DF4295C78B3F7036AEDA878176] - 07/12/2019 - (.Microsoft Corporation - IP Network Address Translator.) – C:\Windows\System32\drivers\IpNat.sys [225280] [Unsigned] =>.Microsoft Corporation
[MD5.91F89F987BD04BBD7703422371D64756] - 17/12/2021 - (.Microsoft Corporation - Windows NT SMB Minirdr.) – C:\Windows\System32\drivers\MRxSmb.sys [574800] [Unsigned] =>.Microsoft Corporation
[MD5.49F7DE6F689C47B64A2C2D46CD98E327] - 06/08/2021 - (.Microsoft Corporation - MBT Transport driver.) – C:\Windows\System32\drivers\netBT.sys [341504] [Unsigned] =>.Microsoft Corporation
[MD5.2DA3324CAF9E54AB24488921361EE50A] - 29/01/2022 - (.Microsoft Corporation - NT File System Driver.) – C:\Windows\System32\drivers\ntfs.sys [2850152] [Unsigned] =>.Microsoft Corporation
[MD5.138FDB1EBCB61287A645BD3B06DBED5E] - 07/12/2019 - (.Microsoft Corporation - Parallel Port Driver.) – C:\Windows\System32\drivers\Parport.sys [109056] [Unsigned] =>.Microsoft Corporation
[MD5.40CBDB4B80284451536C8CA49561E5CD] - 06/08/2021 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) – C:\Windows\System32\drivers\Rasl2tp.sys [110080] [Unsigned] =>.Microsoft Corporation
[MD5.64991B36F0BD38026F7589572C98E3D6] - 06/08/2021 - (.Microsoft Corporation - Microsoft RDP Device redirector.) – C:\Windows\System32\drivers\rdpdr.sys [169984] [Unsigned] =>.Microsoft Corporation
[MD5.2A8B28579A4964AA7EA8CEB1AC121243] - 15/12/2021 - (.Microsoft Corporation - TDI Translation Driver.) – C:\Windows\System32\drivers\tdx.sys [117584] [Unsigned] =>.Microsoft Corporation
[MD5.988A7A685BB51BAC62F4E176BE5432AC] - 06/08/2021 - (.Microsoft Corporation - Volume Shadow Copy driver.) – C:\Windows\System32\drivers\volsnap.sys [429880] [Unsigned] =>.Microsoft Corporation
—\ No disabled Windows Services (52) - 2s
O23 - Service: C:\Windows\System32\AudioEndpointBuilder.dll (AudioEndpointBuilder) . (.Microsoft Corporation - Windows Audio Endpoint Builder.) - C:\Windows\System32\AudioEndpointBuilder.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\audiosrv.dll (Audiosrv) . (.Microsoft Corporation - Windows Audio Service.) - C:\Windows\System32\Audiosrv.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\bfe.dll (BFE) . (.Microsoft Corporation - Base Filtering Engine.) - C:\Windows\System32\bfe.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\qmgr.dll (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) - C:\Windows\System32\qmgr.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\Windows\system32\bisrv.dll (BrokerInfrastructure) . (.Microsoft Corporation - Process State Manager (PSM) Service.) - C:\Windows\System32\psmsrv.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\cdpusersvc.dll (CDPUserSvc) . (.Microsoft Corporation - Microsoft (R) CDP User Components.) - C:\Windows\System32\CDPUserSvc.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: Connected Devices Platform User Service_517d1 (CDPUserSvc_517d1) . (.Microsoft Corporation - Matični proces za Windows servise.) - C:\Windows\System32\svchost.exe =>.Microsoft®
O23 - Service: Microsoft Office Click-to-Run Service (ClickToRunSvc) . (.Microsoft Corporation - Microsoft Office Click-to-Run (SxS).) - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe =>.Microsoft®
O23 - Service: C:\Windows\System32\coremessaging.dll (CoreMessagingRegistrar) . (.Microsoft Corporation - Microsoft CoreMessaging Dll.) - C:\Windows\System32\coremessaging.dll =>.Microsoft®
O23 - Service: C:\Windows\System32\cryptsvc.dll (CryptSvc) . (.Microsoft Corporation - Cryptographic Services.) - C:\Windows\System32\cryptsvc.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\dhcpcore.dll (Dhcp) . (.Microsoft Corporation - DHCP Client Service.) - C:\Windows\System32\dhcpcore.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\dispbroker.desktop.dll (DispBrokerDesktopSvc) . (.Microsoft Corporation - Desktop Display Broker.) - C:\Windows\System32\DispBroker.Desktop.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\dnsapi.dll (Dnscache) . (.Microsoft Corporation - DNS Caching Resolver Service.) - C:\Windows\System32\dnsrslvr.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\dusmsvc.dll (DusmSvc) . (.Microsoft Corporation - Usluga za potrošnju podataka.) - C:\Windows\System32\dusmsvc.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: ESET Service (ekrn) . (.ESET - ESET Service.) - C:\Program Files\ESET\ESET Security\ekrn.exe =>.ESET, spol. s r.o.®
O23 - Service: C:\Windows\System32\wevtsvc.dll (EventLog) . (.Microsoft Corporation - Event Logging Service.) - C:\Windows\System32\wevtsvc.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: @comres.dll,-2450 (EventSystem) . (.Microsoft Corporation - COM+.) - C:\Windows\System32\es.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: @gpapi.dll,-112 (gpsvc) . (.Microsoft Corporation - Klijent za pravilnik grupe.) - C:\Windows\System32\gpsvc.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\ikeext.dll (IKEEXT) . (.Microsoft Corporation - IKE extension.) - C:\Windows\System32\ikeext.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: Intel(R) TPM Provisioning Service (Intel(R) TPM Provisioning Service) . (.Intel(R) Corporation - Intel(R) TPM Provisioning Service.) - C:\Windows\System32\DriverStore\FileRepository\icl sclient.inf_amd64_76523213b78d9046\lib\TPMProvisio ningService.exe {3BCEA6A75123B821E309D6399265C7BD}. =>.Intel(R) Corporation
O23 - Service: C:\Windows\System32\srvsvc.dll (LanmanServer) . (.Microsoft Corporation - Server Service DLL.) - C:\Windows\System32\srvsvc.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\wkssvc.dll (LanmanWorkstation) . (.Microsoft Corporation - Workstation Service DLL.) - C:\Windows\System32\wkssvc.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation - Intel(R) Local Management Service.) - C:\Windows\System32\DriverStore\FileRepository\lms .inf_amd64_fddb643595e0b8d0\LMS.exe {0ADE8114D7679B066F2DB2DFD2F67AC2}. =>.Intel Corporation
O23 - Service: C:\Windows\system32\lsm.dll (LSM) . (.Microsoft Corporation - Local Session Manager Service.) - C:\Windows\System32\lsm.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\FirewallAPI.dll (mpssvc) . (.Microsoft Corporation - Microsoft Protection Service.) - C:\Windows\System32\mpssvc.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\nlasvc.dll (NlaSvc) . (.Microsoft Corporation - Network Location Awareness 2.) - C:\Windows\System32\nlasvc.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\nsisvc.dll (nsi) . (.Microsoft Corporation - Network Store Interface RPC server.) - C:\Windows\System32\nsisvc.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) . (.NVIDIA Corporation - NVIDIA Container.) - C:\Windows\System32\DriverStore\FileRepository\nv_ dispi.inf_amd64_015fa42d67826549\Display.NvContain er\NVDisplay.Container.exe =>.Nvidia Corporation®
O23 - Service: C:\Windows\System32\APHostRes.dll (OneSyncSvc) . (.Microsoft Corporation - Accounts Host Service.) - C:\Windows\System32\APHostService.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: Sync Host_517d1 (OneSyncSvc_517d1) . (.Microsoft Corporation - Matični proces za Windows servise.) - C:\Windows\System32\svchost.exe =>.Microsoft®
O23 - Service: C:\Windows\System32\umpo.dll (Power) . (.Microsoft Corporation - User-mode Power Service.) - C:\Windows\System32\umpo.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\profsvc.dll (ProfSvc) . (.Microsoft Corporation - ProfSvc.) - C:\Windows\System32\profsvc.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\rasmans.dll (RasMan) . (.Microsoft Corporation - Remote Access Connection Manager.) - C:\Windows\System32\rasmans.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\Windows\system32\RpcEpMap.dll (RpcEptMapper) . (.Microsoft Corporation - RPC Endpoint Mapper.) - C:\Windows\System32\RpcEpMap.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: @combase.dll,-5010 (RpcSs) . (.Microsoft Corporation - Distributed COM Services.) - C:\Windows\System32\rpcss.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: Intel(R) Storage Middleware Service (RstMwService) . (.Intel Corporation - Intel(R) Rapid Storage Technology Managemen.) - C:\Windows\System32\DriverStore\FileRepository\iaa hcic.inf_amd64_ec6acb81b9300f24\RstMwService.exe {34770BB53021480D308F5E5593B49D84}. =>.Intel Corporation
O23 - Service: C:\Windows\System32\schedsvc.dll (Schedule) . (.Microsoft Corporation - Servis Rasporeda zadataka.) - C:\Windows\System32\schedsvc.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\Sens.dll (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) - C:\Windows\System32\sens.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\SgrmBroker.exe,-100 (SgrmBroker) . (.Microsoft Corporation - System Guard Runtime Monitor Broker Service.) - C:\Windows\System32\SgrmBroker.exe [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\shsvcs.dll (ShellHWDetection) . (.Microsoft Corporation - Dll servisi ljuske sustava Windows.) - C:\Windows\System32\shsvcs.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\spoolsv.exe,-1 (Spooler) . (.Microsoft Corporation - Spooler SubSystem App.) - C:\Windows\System32\spoolsv.exe [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\sppsvc.exe,-101 (sppsvc) . (.Microsoft Corporation - Microsoft Software Protection Platform Serv.) - C:\Windows\System32\sppsvc.exe [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\StorSvc.dll (StorSvc) . (.Microsoft Corporation - Servisi za pohranu.) - C:\Windows\System32\storsvc.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\Windows\system32\SystemEventsBrokerServer.dll (SystemEventsBroker) . (.Microsoft Corporation - System Events Broker.) - C:\Windows\System32\SystemEventsBrokerServer.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\themeservice.dll (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) - C:\Windows\System32\themeservice.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\usermgr.dll (UserManager) . (.Microsoft Corporation - UserMgr.) - C:\Windows\System32\usermgr.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\usosvc.dll (UsoSvc) . (.Microsoft Corporation - Update Session Orchestrator Service.) - C:\Windows\System32\usosvc.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\wcmsvc.dll (Wcmsvc) . (.Microsoft Corporation - Windows Connection Manager Service DLL.) - C:\Windows\System32\wcmsvc.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\wbem\wmisvc.dll (Winmgmt) . (.Microsoft Corporation - WMI.) - C:\Windows\System32\wbem\WMIsvc.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\WpnUserService.dll (WpnUserService) . (.Microsoft Corporation - Servis korisnika u sustavu Windows proslije.) - C:\Windows\System32\WpnUserService.dll [Unsigned] =>.Microsoft Corporation
O23 - Service: Windows Push Notifications User Service_517d1 (WpnUserService_517d1) . (.Microsoft Corporation - Matični proces za Windows servise.) - C:\Windows\System32\svchost.exe =>.Microsoft®
O23 - Service: C:\Windows\System32\wscsvc.dll (wscsvc) . (.Microsoft Corporation - Windows Security Center Service.) - C:\Windows\System32\wscsvc.dll [Unsigned] =>.Microsoft Corporation
—\ Services not Microsoft (SR=Run, SS=Stop) (103) - 8s
SR - Boot [07/12/2019] [ 107320] (3ware) . (.LSI.) - C:\Windows\System32\drivers\3ware.sys =>.Microsoft®
SR - Boot [07/12/2019] [ 1135416] (ADP80XX) . (.PMC-Sierra.) - C:\Windows\System32\drivers\ADP80XX.SYS =>.Microsoft®
SR - Demand [07/12/2019] [ 18432] AMD GPIO Client Driver (amdgpio2) . (.Advanced Micro Devices, Inc.) - C:\Windows\System32\drivers\amdgpio2.sys [Unsigned] =>.Advanced Micro Devices, Inc
SR - Demand [07/12/2019] [ 45568] AMD I2C Controller Service (amdi2c) . (.Advanced Micro Devices, Inc.) - C:\Windows\System32\drivers\amdi2c.sys [Unsigned] =>.Advanced Micro Devices, Inc
SR - Boot [07/12/2019] [ 83256] (amdsata) . (.Advanced Micro Devices.) - C:\Windows\System32\drivers\amdsata.sys =>.Microsoft®
SR - Boot [07/12/2019] [ 259384] (amdsbs) . (.AMD Technologies Inc..) - C:\Windows\System32\drivers\amdsbs.sys =>.Microsoft®
SR - Boot [07/12/2019] [ 26936] (amdxata) . (.Advanced Micro Devices.) - C:\Windows\System32\drivers\amdxata.sys =>.Microsoft®
SR - Boot [07/12/2019] [ 131896] Adaptec SAS/SATA-II RAID S (arcsas) . (.PMC-Sierra, Inc..) - C:\Windows\System32\drivers\arcsas.sys =>.Microsoft®
SR - Boot [07/12/2019] [ 533816] QLogic Network Adapter VBD (b06bdrv) . (.QLogic Corporation.) - C:\Windows\System32\drivers\bxvbda.sys =>.Microsoft®
SR - Demand [07/12/2019] [ 9728] bcmfn2 Service (bcmfn2) . (…) - C:\Windows\System32\drivers\bcmfn2.sys [Unsigned] =>.Broadcom Corporation
SR - Disabl [28/01/2022] [ 8901960] BattlEye Service (BEService) . (. {0D683E6AD0CDA9B4475CF8AE1D7D2133}..) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe {0D683E6AD0CDA9B4475CF8AE1D7D2133}.
SR - Boot [07/12/2019] [ 319800] (cht4iscsi) . (.Chelsio Communications.) - C:\Windows\System32\drivers\cht4sx64.sys =>.Microsoft®
SR - Demand [07/12/2019] [ 1853752] Chelsio Virtual Bus Driver (cht4vbd) . (.Chelsio Communications.) - C:\Windows\System32\drivers\cht4vx64.sys =>.Microsoft®
SR - Demand [30/01/2022] [ 44832] cpuz150 (cpuz150) . (.CPUID.) - C:\Windows\Temp\cpuz150\cpuz150_x64.sys =>.CPUID S.A.R.L.U.®
SR - Demand [08/10/2021] [ 160376] SAMSUNG Mobile USB Comp (dg_ssudbus) . (.Samsung Electronics Co., Ltd..) - C:\Windows\System32\DRIVERS\ssudbus2.sys =>.Samsung Electronics Co., Ltd.®
SS - Demand [18/12/2021] [ 4958096] Disc Soft Lite Bus Service (Disc Soft Lite Bus Service) . (.Disc Soft Ltd.) - E:\DAEMON Tools Lite\DiscSoftBusServiceLite.exe {73098091AB520B92B7825CB8493B55DC}. =>.Disc Soft Ltd
SR - Demand [18/12/2021] [ 42256] DAEMON Tools Lite Virtual SCSI Bus (dtlitescsibus) . (.Disc Soft Ltd.) - C:\Windows\System32\drivers\dtlitescsibus.sys =>.AVB Disc Soft, SIA®
SR - Demand [18/12/2021] [ 63696] DAEMON Tools Lite Virtual USB Bus (dtliteusbbus) . (.Disc Soft Ltd.) - C:\Windows\System32\drivers\dtliteusbbus.sys {76CEA6897FE1FB6E06DF03619025CC50}. =>.Disc Soft Ltd
SR - Demand [07/12/2019] [ 147584] Intel(R) PRO/1000 ND (E1G60) . (.Intel Corporation.) - C:\Windows\System32\drivers\E1G6032E.sys [Unsigned] =>.Intel Corporation
SR - System [13/01/2022] [ 184464] eamonm (eamonm) . (.ESET.) - C:\Windows\System32\DRIVERS\eamonm.sys =>.ESET, spol. s r.o.®
SR - Disabl [31/12/2021] [ 813032] EasyAntiCheat (EasyAntiCheat) . (.Epic Games, Inc.) - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe =>.EasyAntiCheat Oy®
SR - Boot [07/12/2019] [ 3418936] QLogic 10 Gigabit Ethernet Ada (ebdrv) . (.QLogic Corporation.) - C:\Windows\System32\drivers\evbda.sys =>.Microsoft®
SR - Boot [13/01/2022] [ 122944] edevmon (edevmon) . (.ESET.) - C:\Windows\System32\DRIVERS\edevmon.sys =>.ESET, spol. s r.o.®
SR - Boot [12/01/2022] [ 15824] eelam (eelam) . (.ESET.) - C:\Windows\System32\DRIVERS\eelam.sys =>.Microsoft®
SR - System [13/01/2022] [ 201976] ehdrv (ehdrv) . (.ESET.) - C:\Windows\System32\DRIVERS\ehdrv.sys =>.ESET, spol. s r.o.®
SR - Auto [13/01/2022] [ 43904] ekbdflt (ekbdflt) . (.ESET.) - C:\Windows\System32\DRIVERS\ekbdflt.sys =>.ESET, spol. s r.o.®
SR - Auto [13/01/2022] [ 3141480] ESET Service (ekrn) . (.ESET.) - C:\Program Files\ESET\ESET Security\ekrn.exe =>.ESET, spol. s r.o.®
SS - Demand [13/01/2022] [ 3141480] ESET Firewall Helper (ekrnEpfw) . (.ESET.) - C:\Program Files\ESET\ESET Security\ekrn.exe =>.ESET, spol. s r.o.®
SR - System [13/01/2022] [ 69704] epfw (epfw) . (.ESET.) - C:\Windows\System32\DRIVERS\epfw.sys =>.ESET, spol. s r.o.®
SR - System [13/01/2022] [ 110560] epfwwfp (epfwwfp) . (.ESET.) - C:\Windows\System32\DRIVERS\epfwwfp.sys =>.ESET, spol. s r.o.®
SR - Disabl [01/10/2021] [ 934368] Epic Online Services (EpicOnlineServices) . (.Epic Games, Inc..) - C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe =>.Epic Games Inc.®
SS - Demand [27/09/2021] [ 410320] NVIDIA FrameView SDK service (FvSvc) . (.NVIDIA.) - C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe =>.Nvidia Corporation®
SS - Demand [19/01/2022] [ 1470296] Google Chrome Elevation Service (GoogleChromeElevationServi (GoogleChromeElevationService) . (.Google LLC.) - C:\Program Files\Google\Chrome\Application\97.0.4692.99\eleva tion_service.exe =>.Google LLC®
SR - Disabl [12/12/2021] [ 156232] Google Update Service (gupdate) (gupdate) . (.Google LLC.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google LLC®
SR - Disabl [12/12/2021] [ 156232] Google Update Service (gupdatem) (gupdatem) . (.Google LLC.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google LLC®
SR - Boot [07/12/2019] [ 64312] (HpSAMD) . (.Hewlett-Packard Company.) - C:\Windows\System32\drivers\HpSAMD.sys =>.Microsoft®
SR - Demand [07/12/2019] [ 36352] Intel Serial IO GPIO Controlle (iagpio) . (.Intel(R) Corporation.) - C:\Windows\System32\drivers\iagpio.sys [Unsigned] =>.Intel(R) Corporation
SR - Demand [07/12/2019] [ 91136] Intel(R) Serial IO I2C Host Cont (iai2c) . (.Intel(R) Corporation.) - C:\Windows\System32\drivers\iai2c.sys [Unsigned] =>.Intel(R) Corporation
SR - Demand [07/12/2019] [ 79360] Intel(R) S (iaLPSS2i_GPIO2) . (.Intel Corporation.) - C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys [Unsigned] =>.Intel Corporation
SR - Demand [07/12/2019] [ 93184] In (iaLPSS2i_GPIO2_BXT_P) . (.Intel Corporation.) - C:\Windows\System32\drivers\iaLPSS2i_GPIO2_BXT_P.s ys [Unsigned] =>.Intel Corporation
SR - Demand [07/12/2019] [ 112128] Intel( (iaLPSS2i_GPIO2_CNL) . (.Intel Corporation.) - C:\Windows\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [Unsigned] =>.Intel Corporation
SR - Demand [07/12/2019] [ 96256] Intel( (iaLPSS2i_GPIO2_GLK) . (.Intel Corporation.) - C:\Windows\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [Unsigned] =>.Intel Corporation
SR - Demand [07/12/2019] [ 171520] Intel(R) Seria (iaLPSS2i_I2C) . (.Intel Corporation.) - C:\Windows\System32\drivers\iaLPSS2i_I2C.sys [Unsigned] =>.Intel Corporation
SR - Demand [07/12/2019] [ 175104] Intel( (iaLPSS2i_I2C_BXT_P) . (.Intel Corporation.) - C:\Windows\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [Unsigned] =>.Intel Corporation
SR - Demand [07/12/2019] [ 177152] Intel(R) S (iaLPSS2i_I2C_CNL) . (.Intel Corporation.) - C:\Windows\System32\drivers\iaLPSS2i_I2C_CNL.sys [Unsigned] =>.Intel Corporation
SR - Demand [07/12/2019] [ 177664] Intel(R) S (iaLPSS2i_I2C_GLK) . (.Intel Corporation.) - C:\Windows\System32\drivers\iaLPSS2i_I2C_GLK.sys [Unsigned] =>.Intel Corporation
SR - Demand [17/12/2021] [ 131224] Intel(R) Serial IO G (iaLPSS2_GPIO2_TGL) . (.Intel Corporation.) - C:\Windows\System32\DriverStore\FileRepository\ial pss2_gpio2_tgl.inf_amd64_2546dafe2183e972\iaLPSS2_ GPIO2_TGL.sys {1D601C5569C6A695C75CDF4FE9FED0DF}. =>.Intel Corporation
SR - Demand [07/12/2019] [ 38128] Intel(R) Serial IO (iaLPSSi_GPIO) . (.Intel Corporation.) - C:\Windows\System32\drivers\iaLPSSi_GPIO.sys =>.Intel Corporation - Client Components Group®
SR - Demand [07/12/2019] [ 113152] Intel(R) Serial IO I (iaLPSSi_I2C) . (.Intel Corporation.) - C:\Windows\System32\drivers\iaLPSSi_I2C.sys [Unsigned] =>.Intel Corporation
SR - Boot [12/12/2021] [ 1545392] Intel(R) Chipset SATA/PCI (iaStorAC) . (.Intel Corporation.) - C:\Windows\System32\drivers\iaStorAC.sys {34770BB53021480D308F5E5593B49D84}. =>.Intel Corporation
SR - Boot [07/12/2019] [ 884752] Intel Chipset SATA RAI (iaStorAVC) . (.Intel Corporation.) - C:\Windows\System32\drivers\iaStorAVC.sys =>.Microsoft®
SR - Boot [07/12/2019] [ 412176] Intel RAID Controller Wi (iaStorV) . (.Intel Corporation.) - C:\Windows\System32\drivers\iaStorV.sys =>.Microsoft®
SR - Demand [07/12/2019] [ 558904] Mellanox InfiniBand Bus/A (ibbus) . (.Mellanox.) - C:\Windows\System32\drivers\ibbus.sys =>.Microsoft®
SR - Demand [17/02/2021] [ 5977120] Service for Realtek HD Audio (WDM) (IntcAzAudAddService) . (.Realtek Semiconductor Corp..) - C:\Windows\System32\drivers\RTKVHD64.sys =>.Realtek Semiconductor Corp.®
SS - Demand [15/09/2021] [ 785240] Intel(R) Capability Lice (Intel(R) Capability Licensing Service TCP IP Interface) . (.Intel(R) Corporation.) - C:\Windows\System32\DriverStore\FileRepository\icl sclient.inf_amd64_76523213b78d9046\lib\SocketHeciS erver.exe {3BCEA6A75123B821E309D6399265C7BD}. =>.Intel(R) Corporation
SR - Auto [15/09/2021] [ 729944] Intel(R) TPM Provis (Intel(R) TPM Provisioning Service) . (.Intel(R) Corporation.) - C:\Windows\System32\DriverStore\FileRepository\icl sclient.inf_amd64_76523213b78d9046\lib\TPMProvisio ningService.exe {3BCEA6A75123B821E309D6399265C7BD}. =>.Intel(R) Corporation
SR - Disabl [04/08/2021] [ 158232] IObit Uninstaller Service (IObitUnSvr) . (.IObit.) - G:\IObit Uninstaller\IUService.exe =>.IObit CO., LTD®
SR - Boot [07/12/2019] [ 172344] (ItSas35i) . (.Avago Technologies.) - C:\Windows\System32\drivers\ItSas35i.sys =>.Microsoft®
SS - Demand [16/06/2021] [ 628616] Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation.) - C:\Windows\System32\DriverStore\FileRepository\dal .inf_amd64_b5484efd38adbe8d\jhi_service.exe =>.Intel(R) Embedded Subsystems and IP Blocks Group®
SR - Auto [02/09/2021] [ 4064384] Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation.) - C:\Windows\System32\DriverStore\FileRepository\lms .inf_amd64_fddb643595e0b8d0\LMS.exe {0ADE8114D7679B066F2DB2DFD2F67AC2}. =>.Intel Corporation
SR - Demand [19/12/2021] [ 37200] Logitech G HUB Virtual Bus E (logi_joy_bus_enum) . (.Logitech.) - C:\Windows\System32\drivers\logi_joy_bus_enum.sys =>.Logitech Inc®
SR - Demand [19/12/2021] [ 66896] Logitech G HUB Translation (logi_joy_xlcore) . (.Logitech.) - C:\Windows\System32\drivers\logi_joy_xlcore.sys =>.Logitech Inc®
SR - Boot [07/12/2019] [ 108856] (LSI_SAS) . (.LSI Corporation.) - C:\Windows\System32\drivers\lsi_sas.sys =>.Microsoft®
SR - Boot [07/12/2019] [ 124216] (LSI_SAS2i) . (.LSI Corporation.) - C:\Windows\System32\drivers\lsi_sas2i.sys =>.Microsoft®
SR - Boot [07/12/2019] [ 135992] (LSI_SAS3i) . (.Avago Technologies.) - C:\Windows\System32\drivers\lsi_sas3i.sys =>.Microsoft®
SR - Boot [07/12/2019] [ 82744] (LSI_SSS) . (.LSI Corporation.) - C:\Windows\System32\drivers\lsi_sss.sys =>.Microsoft®
SR - Boot [07/12/2019] [ 59704] (megasas) . (.Avago Technologies.) - C:\Windows\System32\drivers\megasas.sys =>.Microsoft®
SR - Boot [07/12/2019] [ 81720] (megasas2i) . (.Avago Technologies.) - C:\Windows\System32\drivers\MegaSas2i.sys =>.Microsoft®
SR - Boot [07/12/2019] [ 105480] (megasas35i) . (.Avago Technologies.) - C:\Windows\System32\drivers\megasas35i.sys =>.Microsoft®
SR - Boot [07/12/2019] [ 575800] (megasr) . (.LSI Corporation, Inc..) - C:\Windows\System32\drivers\megasr.sys =>.Microsoft®
SR - Demand [12/01/2022] [ 309384] Intel(R) Management Engine Interfa (MEIx64) . (.Intel Corporation.) - C:\Windows\System32\DriverStore\FileRepository\hec i.inf_amd64_7bf3115ed0b45065\x64\TeeDriverW10x64.s ys {0ADE8114D7679B066F2DB2DFD2F67AC2}. =>.Intel Corporation
SR - Demand [07/12/2019] [ 1131320] Mellanox ConnectX Bus E (mlx4_bus) . (.Mellanox.) - C:\Windows\System32\drivers\mlx4_bus.sys =>.Microsoft®
SR - Boot [07/12/2019] [ 63800] (mvumis) . (.Marvell Semiconductor, Inc..) - C:\Windows\System32\drivers\mvumis.sys =>.Microsoft®
SR - Demand [07/12/2019] [ 146232] NetworkDirect Service (ndfltr) . (.Mellanox.) - C:\Windows\System32\drivers\ndfltr.sys =>.Microsoft®
SR - Disabl [16/11/2021] [ 903024] NVIDIA LocalSystem Container (NvContainerLocalSystem) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe =>.NVIDIA Corporation®
SR - Auto [11/01/2022] [ 1018496] NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) . (.NVIDIA Corporation.) - C:\Windows\System32\DriverStore\FileRepository\nv_ dispi.inf_amd64_015fa42d67826549\Display.NvContain er\NVDisplay.Container.exe =>.Nvidia Corporation®
SR - Demand [11/01/2022] [ 118952] Service for NVIDIA High Definiti (NVHDA) . (.NVIDIA Corporation.) - C:\Windows\System32\drivers\nvhda64v.sys =>.Nvidia Corporation®
SR - Demand [11/01/2022] [42270168] (nvlddmkm) . (.NVIDIA Corporation.) - C:\Windows\System32\DriverStore\FileRepository\nv_ dispi.inf_amd64_015fa42d67826549\nvlddmkm.sys =>.Nvidia Corporation®
SR - Demand [03/06/2021] [ 43408] NvModuleTracker (NvModuleTracker) . (.NVIDIA Corporation.) - C:\Windows\System32\drivers\NvModuleTracker.sys =>.NVIDIA Corporation®
SR - Boot [07/12/2019] [ 150328] (nvraid) . (.NVIDIA Corporation.) - C:\Windows\System32\drivers\nvraid.sys =>.Microsoft®
SR - Boot [07/12/2019] [ 166200] (nvstor) . (.NVIDIA Corporation.) - C:\Windows\System32\drivers\nvstor.sys =>.Microsoft®
SR - Demand [01/11/2021] [ 48552] NVIDIA Virtual Aud (nvvad_WaveExtensible) . (.NVIDIA Corporation.) - C:\Windows\System32\drivers\nvvad64v.sys =>.Microsoft®
SR - Demand [02/06/2021] [ 67464] NVVHCI Enumerator Service (nvvhci) . (.NVIDIA Corporation.) - C:\Windows\System32\drivers\nvvhci.sys =>.NVIDIA Corporation®
SR - Boot [07/12/2019] [ 58680] (percsas2i) . (.Avago Technologies.) - C:\Windows\System32\drivers\percsas2i.sys =>.Microsoft®
SR - Boot [07/12/2019] [ 68408] (percsas3i) . (.Avago Technologies.) - C:\Windows\System32\drivers\percsas3i.sys =>.Microsoft®
SR - Auto [12/12/2021] [ 1998000] Intel(R) Storage Midd (RstMwService) . (.Intel Corporation.) - C:\Windows\System32\DriverStore\FileRepository\iaa hcic.inf_amd64_ec6acb81b9300f24\RstMwService.exe {34770BB53021480D308F5E5593B49D84}. =>.Intel Corporation
SR - Demand [12/01/2022] [ 1159216] Realtek RT640 NT Driver (rt640x64) . (.Realtek.) - C:\Windows\System32\drivers\rt640x64.sys =>.Realtek Semiconductor Corp.®
SR - Demand [00/00/0000] [ 0] RTCore64 (RTCore64) . (…) - \G:\MSI Afterburner\RTCore64.sys (.not file.) [Unsigned]
SR - Disabl [17/02/2021] [ 1231864] Realtek Audio Universal Service (RtkAudioUniversalService) . (.Realtek Semiconductor.) - C:\Windows\System32\DriverStore\FileRepository\rea ltekservice.inf_amd64_bc81681eb27bc1ae\RtkAudUServ ice64.exe =>.Realtek Semiconductor Corp.®
SR - Boot [07/12/2019] [ 44856] (SiSRaid2) . (.Silicon Integrated Systems Corp..) - C:\Windows\System32\drivers\SiSRaid2.sys =>.Microsoft®
SR - Boot [07/12/2019] [ 81720] (SiSRaid4) . (.Silicon Integrated Systems.) - C:\Windows\System32\drivers\sisraid4.sys =>.Microsoft®
SR - Boot [09/03/2017] [ 30744] SmartDefragDriver (SmartDefragDriver) . (.IObit.) - C:\Windows\System32\Drivers\SmartDefragDriver.sys =>.IObit Information Technology®
SR - Boot [07/12/2019] [ 209720] (SmartSAMD) . (.Microsemi Corportation.) - C:\Windows\System32\drivers\SmartSAMD.sys =>.Microsoft®
SR - Disabl [16/01/2022] [ 2811816] Steam Client Service (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe =>.Valve Corp.®
SR - Boot [07/12/2019] [ 31032] (stexstor) . (.Promise Technology, Inc..) - C:\Windows\System32\drivers\stexstor.sys =>.Microsoft®
SR - Demand [28/05/2021] [ 49024] TAP-ProtonVPN Windows Adapte (tapprotonvpn) . (.The OpenVPN Project.) - C:\Windows\System32\drivers\tapprotonvpn.sys =>.Microsoft®
SR - Disabl [30/01/2022] [ 7152880] Uncheater for BattleGrounds_GL (ucldr_battlegrounds_gl) . (.Wellbia.com Co., Ltd..) - C:\Program Files\Common Files\UNCHEATER\ucldr_battlegrounds_gl.exe {420B1AD8D94118DCF821B8CBD6E142F9}. =>.Wellbia.com Co., Ltd.
SR - Boot [07/12/2019] [ 166712] (vsmraid) . (.VIA Technologies Inc.,Ltd.) - C:\Windows\System32\drivers\vsmraid.sys =>.Microsoft®
SR - Boot [07/12/2019] [ 305464] VIA StorX Storage RAID Co (VSTXRAID) . (.VIA Corporation.) - C:\Windows\System32\drivers\vstxraid.sys =>.Microsoft®
SR - Demand [07/12/2019] [ 36152] WinMad Service (WinMad) . (.Mellanox.) - C:\Windows\System32\drivers\winmad.sys =>.Microsoft®
SR - Demand [07/12/2019] [ 73016] WinVerbs Service (WinVerbs) . (.Mellanox.) - C:\Windows\System32\drivers\winverbs.sys =>.Microsoft®
SR - Demand [30/01/2022] [ 2522256] xhunter1 (xhunter1) . (.Wellbia.com Co., Ltd..) - C:\Windows\xhunter1.sys {0C067D0F436427B359B7A6BABD673873}. =>.Wellbia.com Co., Ltd.
SR - Disabl [30/01/2022] [ 8737992] Zakynthos Service (zksvc) . (.PUBG Corporation.) - C:\Program Files\Common Files\PUBG\zksvc.exe {06DBE19411438F282930348586B67EE7}.
—\ Task Planned Automatically (Register) (30) - 5s
O38 - TASK: {18305FCC-6D41-4331-943B-EFE6D9E41F30} [64Bits][\GoogleUpdateTaskMachineCore] - (.Google LLC - Google alat za instalaciju.) – C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232] =>.Google LLC
O38 - TASK: {3BFE5F00-41A0-4D96-B94B-950393CB6D84} [64Bits][\Intel PTT EK Recertification] - (.Intel(R) Corporation - Intel(R)PTT EK Recertification Service.) – C:\Windows\System32\DriverStore\FileRepository\icl sclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKR ecertification.exe [818008] =>.Intel(R) Corporation
O38 - TASK: {6DA18C18-E5A3-4A69-8798-B0FFAB290663} [64Bits][\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] - (.NVIDIA Corporation - NVIDIA crash and telemetry reporter.) – C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384] =>.NVIDIA Corporation
O38 - TASK: {74D07083-70C8-4C94-9E05-1DC8BF9919FC} [64Bits][\Uninstaller_SkipUac_Korisnik] - (.IObit - IObit Uninstall Tool.) – G:\IObit Uninstaller\IObitUninstaler.exe [7350808] =>.IObit
O38 - TASK: {82CF67A4-283A-46D3-8143-0B93D013CC51} [64Bits][\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] - (.NVIDIA Corporation - NVIDIA crash and telemetry reporter.) – C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384] =>.NVIDIA Corporation
O38 - TASK: {84D9B6B8-549C-405D-B1C7-414A03D4CBDA} [64Bits][\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] - (.NVIDIA Corporation - NVIDIA driver profile updater.) – C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [904904] =>.NVIDIA Corporation
O38 - TASK: {A29AB79F-A6A7-4831-B32E-67B107EB77FE} [64Bits][\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] - (.NVIDIA Corporation - NVIDIA GeForce Experience.) – C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3341312] =>.NVIDIA Corporation
O38 - TASK: {A43E9B5C-7867-4431-AF7F-935B08ACA267} [64Bits][\Online_KMS_Activation_Script-Renewal] - (.RPO/WindowsAddict - Online_KMS_Activation_Script-Renewal - Week.) – C:\ProgramData\Online_KMS_Activation\Activate.cmd [90849]
O38 - TASK: {AA87C4B7-C6BD-4D38-92E9-79922EC358F0} [64Bits][\GoogleUpdateTaskMachineUA] - (.Google LLC - Google alat za instalaciju.) – C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232] =>.Google LLC
O38 - TASK: {B426CABB-ED5B-466B-A06F-CCA04D4913C6} [64Bits][\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] - (.NVIDIA Corporation - NVIDIA driver profile updater.) – C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [904904] =>.NVIDIA Corporation
O38 - TASK: {C805E389-27CA-415F-B3B0-F8F3B460B853} [64Bits][\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] - (.NVIDIA Corporation - NVIDIA nodejs launcher.) – C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649216] =>.NVIDIA Corporation
O38 - TASK: {CE7FF671-DD1E-42D7-8878-EB81DE962AC6} [64Bits][\MSIAfterburner] - (.2009-2021 Alexey Nicolaychuk aka Unwinder, developed - MSIAfterburner.) – G:\MSI Afterburner\MSIAfterburner.exe [804408]
O38 - TASK: {E45A65AC-5AC5-4ABD-A93E-605E7C282C4F} [64Bits][\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] - (.NVIDIA Corporation - NVIDIA Container.) – C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024] =>.NVIDIA Corporation
O38 - TASK: {EA9E889F-D0C8-4F5B-A8D3-1E89331B9E6D} [64Bits][\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] - (.NVIDIA Corporation - NVIDIA crash and telemetry reporter.) – C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384] =>.NVIDIA Corporation
O38 - TASK: {F509D6B5-62FA-48A1-8D0F-DBACCD7A3FF3} [64Bits][\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] - (.NVIDIA Corporation - NVIDIA crash and telemetry reporter.) – C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384] =>.NVIDIA Corporation
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineC ore - (.Google LLC.) – C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [/c] =>.Google LLC
C:\Windows\System32\Tasks\Intel PTT EK Recertification - (.Intel(R) Corporation.) – C:\Windows\System32\DriverStore\FileRepository\icl sclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKR ecertification.exe =>.Intel(R) Corporation
C:\Windows\System32\Tasks\NvTmRep_CrashReport4_{B2 FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) – C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe =>.NVIDIA Corporation
C:\Windows\System32\Tasks\Uninstaller_SkipUac_Kori snik - (.IObit.) – G:\IObit Uninstaller\IObitUninstaler.exe [/UninstallExplorer] =>.IObit
C:\Windows\System32\Tasks\NvTmRep_CrashReport3_{B2 FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) – C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe =>.NVIDIA Corporation
C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B 2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) – C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe =>.NVIDIA Corporation
C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) – C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe =>.NVIDIA Corporation
C:\Windows\System32\Tasks\Online_KMS_Activation_Sc ript-Renewal - (.RPO/WindowsAddict.) – C:\ProgramData\Online_KMS_Activation\Activate.cmd [Task]
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineU A - (.Google LLC.) – C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [/ua ./ua] =>.Google LLC
C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_ {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) – C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe =>.NVIDIA Corporation
C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) – C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [–launcher=TaskScheduler] =>.NVIDIA Corporation
C:\Windows\System32\Tasks\MSIAfterburner - (.2009-2021 Alexey Nicolaychuk aka Unwinder, developed .) – G:\MSI Afterburner\MSIAfterburner.exe [/s]
C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily _{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) – C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [-d “C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck” -l 3 -f C:\ProgramData\NVIDIA\NvContain] =>.NVIDIA Corporation
C:\Windows\System32\Tasks\NvTmRep_CrashReport1_{B2 FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) – C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe =>.NVIDIA Corporation
C:\Windows\System32\Tasks\NvTmRep_CrashReport2_{B2 FE1952-0186-46C3-BAEC-A80AA35AC5B8} - (.NVIDIA Corporation.) – C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe =>.NVIDIA Corporation
—\ Auto loading programs from Registry and folders (4) - 1s
O4 - HKLM..\Run: [SecurityHealth] . (.Microsoft Corporation - Windows Security notification icon.) – C:\Windows\system32\SecurityHealthSystray.exe [Unsigned] =>.Microsoft Corporation
O4 - HKLM..\Run: [egui] . (.ESET - ESET command line interface.) – C:\Program Files\ESET\ESET Security\ecmds.exe =>.ESET, spol. s r.o.®
O4 - HKUS\S-1-5-19..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive (32 bit) Setup.) – C:\Windows\SysWOW64\OneDriveSetup.exe =>.Microsoft Corporation®
O4 - HKUS\S-1-5-20..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive (32 bit) Setup.) – C:\Windows\SysWOW64\OneDriveSetup.exe =>.Microsoft Corporation®
—\ Process running (23) - 2s
[MD5.DEA491C846AC778320EAE22996B2FF92] - (.NVIDIA Corporation - NVIDIA Container.) – C:\Windows\System32\DriverStore\FileRepository\nv_ dispi.inf_amd64_015fa42d67826549\Display.NvContain er\NVDisplay.Container.exe [1018496] [PID.956] =>.Nvidia Corporation®
[MD5.DEA491C846AC778320EAE22996B2FF92] - (.NVIDIA Corporation - NVIDIA Container.) – C:\Windows\System32\DriverStore\FileRepository\nv_ dispi.inf_amd64_015fa42d67826549\Display.NvContain er\NVDisplay.Container.exe [1018496] [PID.2120] =>.Nvidia Corporation®
[MD5.24A3B4F43B21177EAD956F04C898CD84] - (.Intel Corporation - Intel(R) Rapid Storage Technology Managemen.) – C:\Windows\System32\DriverStore\FileRepository\iaa hcic.inf_amd64_ec6acb81b9300f24\RstMwService.exe [1998000] [PID.3036] {34770BB53021480D308F5E5593B49D84}. =>.Intel Corporation
[MD5.3EA726927781374110A7176DC0640838] - (.Intel Corporation - Intel(R) Local Management Service.) – C:\Windows\System32\DriverStore\FileRepository\lms .inf_amd64_fddb643595e0b8d0\LMS.exe [4064384] [PID.3092] {0ADE8114D7679B066F2DB2DFD2F67AC2}. =>.Intel Corporation
[MD5.4C564F44DBFA88A7412B8B529AA20EE8] - (.2009-2021 Alexey Nicolaychuk aka Unwinder, developed - MSIAfterburner.) – G:\MSI Afterburner\MSIAfterburner.exe [804408] [PID.4296] =>.MICRO-STAR INTERNATIONAL CO., LTD.®
[MD5.5CDDF06A40E89358807A2B9506F064D9] - (…) – C:\Windows\SystemApps\Microsoft.Windows.StartMenuE xperienceHost_cw5n1h2txyewy\StartMenuExperienceHos t.exe [793416] [PID.5116] =>.Microsoft®
[MD5.E39E27519E86FA8BF9576FD71D13FE9A] - (.2005-2021 by Alexey Nicolaychuk aka Unwinder - RTSS.) – G:\RivaTuner Statistics Server\RTSS.exe [434896] [PID.4800] {4925507D1EF02B011B4FD1079B0A0B5E}.
[MD5.6C4A241FC5D6E86651FDE94E9E255A8A] - (.2013-2019 by Alexey Nicolaychuk aka Unwinder - RTSS Encoder Server.) – G:\RivaTuner Statistics Server\EncoderServer.exe [69840] [PID.6220] {4925507D1EF02B011B4FD1079B0A0B5E}.
[MD5.2B75102EFC502582E7DA72BDD886676C] - (.2012-2019 by Alexey Nicolaychuk aka Unwinder - RTSS Hooks Loader.) – G:\RivaTuner Statistics Server\RTSSHooksLoader64.exe [68816] [PID.6240] {4925507D1EF02B011B4FD1079B0A0B5E}.
[MD5.D8351F22F14893A4E6BB6284B49F32F9] - (.ESET - ESET Proxy GUI.) – C:\Program Files\ESET\ESET Security\eguiproxy.exe [941016] [PID.6700] =>.ESET, spol. s r.o.®
[MD5.27AD88B3C1B6A777AF667DAB4F67CD5F] - (.Google LLC - Google Chrome.) – C:\Program Files\Google\Chrome\Application\chrome.exe [2503512] [PID.2312] =>.Google LLC®
[MD5.27AD88B3C1B6A777AF667DAB4F67CD5F] - (.Google LLC - Google Chrome.) – C:\Program Files\Google\Chrome\Application\chrome.exe [2503512] [PID.2380] =>.Google LLC®
[MD5.27AD88B3C1B6A777AF667DAB4F67CD5F] - (.Google LLC - Google Chrome.) – C:\Program Files\Google\Chrome\Application\chrome.exe [2503512] [PID.3012] =>.Google LLC®
[MD5.27AD88B3C1B6A777AF667DAB4F67CD5F] - (.Google LLC - Google Chrome.) – C:\Program Files\Google\Chrome\Application\chrome.exe [2503512] [PID.1168] =>.Google LLC®
[MD5.27AD88B3C1B6A777AF667DAB4F67CD5F] - (.Google LLC - Google Chrome.) – C:\Program Files\Google\Chrome\Application\chrome.exe [2503512] [PID.2912] =>.Google LLC®
[MD5.27AD88B3C1B6A777AF667DAB4F67CD5F] - (.Google LLC - Google Chrome.) – C:\Program Files\Google\Chrome\Application\chrome.exe [2503512] [PID.7148] =>.Google LLC®
[MD5.27AD88B3C1B6A777AF667DAB4F67CD5F] - (.Google LLC - Google Chrome.) – C:\Program Files\Google\Chrome\Application\chrome.exe [2503512] [PID.2752] =>.Google LLC®
[MD5.27AD88B3C1B6A777AF667DAB4F67CD5F] - (.Google LLC - Google Chrome.) – C:\Program Files\Google\Chrome\Application\chrome.exe [2503512] [PID.2260] =>.Google LLC®
[MD5.27AD88B3C1B6A777AF667DAB4F67CD5F] - (.Google LLC - Google Chrome.) – C:\Program Files\Google\Chrome\Application\chrome.exe [2503512] [PID.7824] =>.Google LLC®
[MD5.27AD88B3C1B6A777AF667DAB4F67CD5F] - (.Google LLC - Google Chrome.) – C:\Program Files\Google\Chrome\Application\chrome.exe [2503512] [PID.7964] =>.Google LLC®
[MD5.27AD88B3C1B6A777AF667DAB4F67CD5F] - (.Google LLC - Google Chrome.) – C:\Program Files\Google\Chrome\Application\chrome.exe [2503512] [PID.8144] =>.Google LLC®
[MD5.27AD88B3C1B6A777AF667DAB4F67CD5F] - (.Google LLC - Google Chrome.) – C:\Program Files\Google\Chrome\Application\chrome.exe [2503512] [PID.7552] =>.Google LLC®
[MD5.286C1E53C35A7DC3F745208E042A5962] - (.Nicolas Coolman - ZHPDiag.) – C:\Users\Korisnik\AppData\Roaming\ZHP\ZHPDiag3.exe [3284632] [PID.2068] [Unsigned] =>.Nicolas Coolman
—\ Google Chrome, Start,Search,Extensions (18) - 1s
G2 - GCE: Preference [Korisnik][User Data\Default\Extensions] [aapocclcgogkmnckokdopfmhonfmgoek] =>.Google Inc. {Slides}
G2 - GCE: Preference [Korisnik][User Data\Default\Extensions] [aohghmighlieiainnegkcijnfilokake] =>.Google Inc. {Docs}
G2 - GCE: Preference [Korisnik][User Data\Default\Extensions] [apdfllckaahabafndbhieahigkjlhalf] http://drive.google.com/ =>.Google Inc. {Drive}
G2 - GCE: Preference [Korisnik][User Data\Default\Extensions] [blpcfgokakmgnkcojhhkbfbldkacnbeo] http://www.youtube.com =>.Youtube {Youtube}
G2 - GCE: Preference [Korisnik][User Data\Default\Extensions] [einnffiilpmgldkapbikhkeicohlaapj]
G2 - GCE: Preference [Korisnik][User Data\Default\Extensions] [felcaaldnbdncclmgdcncolpebgiejap] =>.Google Inc. {Sheets}
G2 - GCE: Preference [Korisnik][User Data\Default\Extensions] [ghbmnnjooekpmoecnnnilnnbdlolhkhi] =>.Google Inc. {Docs hors connexion}
G2 - GCE: Preference [Korisnik][User Data\Default\Extensions] [gighmmpiobklfepjocnamgkkbiglidom] Toggle Pause/Resume on all sites =>.Legitimate
G2 - GCE: Preference [Korisnik][User Data\Default\Extensions] [majdfhpaihoncoakbjgbdhglocklcgno] VeePN
G2 - GCE: Preference [Korisnik][User Data\Default\Extensions] [nmmhkkegccagdldgiimedpiccmgmieda] =>.Google Inc. {Wallet}
G2 - GCE: Preference [Korisnik][User Data\Default\Extensions] [pjkljhegncpnkpknbcohdijeoejaedia] http://mail.google.com/ =>.Google Inc. {Gmail}
G2 - GCE: Preference [Korisnik][User Data\Default\Local Extension Settings] [ghbmnnjooekpmoecnnnilnnbdlolhkhi] =>.Google Inc. {Docs hors connexion}
G2 - GCE: Preference [Korisnik][User Data\Default\Local Extension Settings] [gighmmpiobklfepjocnamgkkbiglidom] =>.Wladimir Palant {AdBlock}
G2 - GCE: Preference [Korisnik][User Data\Default\Local Extension Settings] [majdfhpaihoncoakbjgbdhglocklcgno]
G2 - GCE: Preference [Korisnik][User Data\Default\Managed Extension Settings] [ghbmnnjooekpmoecnnnilnnbdlolhkhi] =>.Google Inc. {Docs hors connexion}
G2 - GCE: Preference [Korisnik][User Data\Default\Managed Extension Settings] [gighmmpiobklfepjocnamgkkbiglidom] =>.Wladimir Palant {AdBlock}
G2 - GCE: Preference [Korisnik][User Data\Default\Managed Extension Settings] [majdfhpaihoncoakbjgbdhglocklcgno]
G2 - GCE: Preference [Korisnik][User Data\Default\Sync Extension Settings] [einnffiilpmgldkapbikhkeicohlaapj]
—\ Internet Explorer Extensions, Start, Search (15) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation
R3 - URLSearchHook: (no name)[HKCU] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internetski preglednik.) (11.00.19041.1503 (WinBuild.160101.0800)) – C:\Windows\System32\ieframe.dll =>.Microsoft Corporation
—\ INTERNET EXPLORER, trusted site and sensitive site (1) - 0s
~ Microsoft Internet Explorer Restricted Site(s) Domains: 0(Good) / 0(Bad)
—\ Internet Explorer, Proxy Management (3) - 0s
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyEnable = 0 =>.Default.Value
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Int ernet Settings,MigrateProxy = 1 =>.Default.Value
R5 - HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Para meters\Internet\ManualProxies =>.Microsoft
—\ Line Analysis, IniFiles, Auto loading programs (3) - 0s
F2 - REG:system.ini: UserInit=
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: VMApplet=
—\ Hosts file redirection (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (45)
—\ Browser Helper Object (BHO) (3) - 0s
O2 - BHO: ExplorerWnd Helper [64Bits] - {10921475-03CE-4E04-90CE-E2E7EF20C814} . (.IObit - Uninstall for explorer.) – G:\IObit Uninstaller\UninstallExplorer.dll =>.IObit Information Technology®
O2 - BHO: Java™ Plug-In SSV Helper [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java™ Platform SE binary.) – C:\Program Files\Java\jre1.8.0_321\bin\ssv.dll {068BE2F53452C882F18ED41A5DD4E7A3}. =>.Oracle Corporation
O2 - BHO: Java™ Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java™ Platform SE binary.) – C:\Program Files\Java\jre1.8.0_321\bin\jp2ssv.dll {068BE2F53452C882F18ED41A5DD4E7A3}. =>.Oracle Corporation
—\ Global shortcuts Startup (59) - 5s
O4 - GS\Desktop [Administrator]: Discord.lnk . (.GitHub - Update.) C:\Users\Korisnik\AppData\Local\Discord\Update.exe --processStart Discord.exe =>.SUP.Discord
O4 - GS\Desktop [Administrator]: Rayman Origins.lnk . (…) D:\IGRE\Rayman\Rayman Origins.exe =>.Ubisoft Entertainment SA®
O4 - GS\Desktop [Administrator]: steam.lnk . (.Valve Corporation - Steam.) D:\Steam\steam.exe =>.Valve Corp.®
O4 - GS\Desktop [Administrator]: The Witcher 3 Wild Hunt.lnk . (.CD Projekt Red - The Witcher 3.) D:\IGRE\The Witcher 3 Wild Hunt\bin\x64\witcher3.exe =>.CD PROJEKT S.A.®
O4 - GS\Desktop [Administrator]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Korisnik\AppData\Roaming\ZHP\ZHPDiag3.exe [Unsigned] =>.Nicolas Coolman
O4 - GS\Quicklaunch [Administrator]: BS.Player FREE.lnk . (.AB Team - BS.Player.) C:\Program Files (x86)\Webteh\BSPlayer\bsplayer.exe {1E323D42FFE7B81CA944E95B3773DD38}. =>.AB Team
O4 - GS\Quicklaunch [Administrator]: Google Chrome.lnk . (.Google LLC - Pristup Internetu.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [Unsigned] =>.Google LLC
O4 - GS\sendTo [Administrator]: Bluetooth File Transfer.LNK . (.Microsoft Corporation - Prenosi datoteke između uređaj.) C:\Windows\System32\fsquirt.exe [Unsigned] =>.Microsoft Corporation
O4 - GS\sendTo [Administrator]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\system32\WFS.exe /SendTo [Unsigned] =>.Microsoft Corporation
O4 - GS\TaskBar [Administrator]: Google Chrome.lnk . (.Google LLC - Pristup Internetu.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [Unsigned] =>.Google LLC
O4 - GS\Desktop [Guest]: Discord.lnk . (.GitHub - Update.) C:\Users\Korisnik\AppData\Local\Discord\Update.exe --processStart Discord.exe =>.SUP.Discord
O4 - GS\Desktop [Guest]: Rayman Origins.lnk . (…) D:\IGRE\Rayman\Rayman Origins.exe =>.Ubisoft Entertainment SA®
O4 - GS\Desktop [Guest]: steam.lnk . (.Valve Corporation - Steam.) D:\Steam\steam.exe =>.Valve Corp.®
O4 - GS\Desktop [Guest]: The Witcher 3 Wild Hunt.lnk . (.CD Projekt Red - The Witcher 3.) D:\IGRE\The Witcher 3 Wild Hunt\bin\x64\witcher3.exe =>.CD PROJEKT S.A.®
O4 - GS\Desktop [Guest]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Korisnik\AppData\Roaming\ZHP\ZHPDiag3.exe [Unsigned] =>.Nicolas Coolman
O4 - GS\Quicklaunch [Guest]: BS.Player FREE.lnk . (.AB Team - BS.Player.) C:\Program Files (x86)\Webteh\BSPlayer\bsplayer.exe {1E323D42FFE7B81CA944E95B3773DD38}. =>.AB Team
O4 - GS\Quicklaunch [Guest]: Google Chrome.lnk . (.Google LLC - Pristup Internetu.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [Unsigned] =>.Google LLC
O4 - GS\sendTo [Guest]: Bluetooth File Transfer.LNK . (.Microsoft Corporation - Prenosi datoteke između uređaj.) C:\Windows\System32\fsquirt.exe [Unsigned] =>.Microsoft Corporation
O4 - GS\sendTo [Guest]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\system32\WFS.exe /SendTo [Unsigned] =>.Microsoft Corporation
O4 - GS\TaskBar [Guest]: Google Chrome.lnk . (.Google LLC - Pristup Internetu.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [Unsigned] =>.Google LLC
O4 - GS\Desktop [Korisnik]: Discord.lnk . (.GitHub - Update.) C:\Users\Korisnik\AppData\Local\Discord\Update.exe --processStart Discord.exe =>.SUP.Discord
O4 - GS\Desktop [Korisnik]: Rayman Origins.lnk . (…) D:\IGRE\Rayman\Rayman Origins.exe =>.Ubisoft Entertainment SA®
O4 - GS\Desktop [Korisnik]: steam.lnk . (.Valve Corporation - Steam.) D:\Steam\steam.exe =>.Valve Corp.®
O4 - GS\Desktop [Korisnik]: The Witcher 3 Wild Hunt.lnk . (.CD Projekt Red - The Witcher 3.) D:\IGRE\The Witcher 3 Wild Hunt\bin\x64\witcher3.exe =>.CD PROJEKT S.A.®
O4 - GS\Desktop [Korisnik]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Korisnik\AppData\Roaming\ZHP\ZHPDiag3.exe [Unsigned] =>.Nicolas Coolman
O4 - GS\Quicklaunch [Korisnik]: BS.Player FREE.lnk . (.AB Team - BS.Player.) C:\Program Files (x86)\Webteh\BSPlayer\bsplayer.exe {1E323D42FFE7B81CA944E95B3773DD38}. =>.AB Team
O4 - GS\Quicklaunch [Korisnik]: Google Chrome.lnk . (.Google LLC - Pristup Internetu.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [Unsigned] =>.Google LLC
O4 - GS\sendTo [Korisnik]: Bluetooth File Transfer.LNK . (.Microsoft Corporation - Prenosi datoteke između uređaj.) C:\Windows\System32\fsquirt.exe [Unsigned] =>.Microsoft Corporation
O4 - GS\sendTo [Korisnik]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\system32\WFS.exe /SendTo [Unsigned] =>.Microsoft Corporation
O4 - GS\TaskBar [Korisnik]: Google Chrome.lnk . (.Google LLC - Pristup Internetu.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [Unsigned] =>.Google LLC
O4 - GS\CommonDesktop [Public]: Epic Games Launcher.lnk . (.Epic Games, Inc. - UnrealEngineLauncherProxy.) D:\IGRE\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLaun cher.exe =>.Epic Games Inc.®
O4 - GS\CommonDesktop [Public]: God of War.lnk . (.Santa Monica Studio - God of War.) D:\IGRE\God of War\GoW.exe [Unsigned]
O4 - GS\CommonDesktop [Public]: Google Chrome.lnk . (.Google LLC - Pristup Internetu.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [Unsigned] =>.Google LLC
O4 - GS\CommonDesktop [Public]: Grand Theft Auto V.lnk . (.Rockstar Games - Grand Theft Auto V Launcher.) G:\Grand Theft Auto V\GTAVLauncher.exe [Unsigned] =>.Rockstar Games
O4 - GS\CommonDesktop [Public]: Play Cyberpunk 2077.lnk . (.CD PROJEKT S.A. - Cyberpunk 2077.) D:\IGRE\Cyberpunk 2077\bin\x64\Cyberpunk2077.exe =>.CD PROJEKT SPÓŁKA AKCYJNA®
O4 - GS\CommonDesktop [Public]: Play Max Payne 3.lnk . (.Rockstar Games - Max Payne 3.) D:\IGRE\Max Payne 3\MaxPayne3.exe {136D3EC438310A8C000000005565FC5E}. =>.Rockstar Games
O4 - GS\CommonDesktop [Public]: Sniper - Ghost Warrior Contracts.lnk . (.CI Games S.A. - .) D:\IGRE\Sniper - Ghost Warrior Contracts\win_x64\SGWContracts.exe [Unsigned] =>.CI Games S.A.
O4 - GS\CommonDesktop [Public]: Sniper Ghost Warrior Contracts 2.lnk . (.CI Games S.A. - .) D:\IGRE\Sniper Ghost Warrior Contracts 2\win_x64\SGWContracts2.exe [Unsigned] =>.CI Games S.A.
O4 - GS\CommonDesktop [Public]: TLauncher.lnk . (.TLauncher Inc. - TLauncher.) C:\Users\Korisnik\AppData\Roaming.minecraft\TLaunc her.exe =>.TLauncher Inc.®
O4 - GS\CommonDesktop [Public]: Wolfenstein Youngblood.lnk . (.MachineGames Sweden AB - Wolfenstein: Youngblood.) D:\IGRE\Wolfenstein Youngblood\Youngblood_x64vk.exe [Unsigned] =>.MachineGames Sweden AB
O4 - GS\Accessories [Public]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft®
O4 - GS\Accessories [Public]: Math Input Panel.lnk . (.Microsoft Corporation - .) C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\mip.exe [Unsigned] =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Notepad.lnk . (.Microsoft Corporation - Blok za pisanje.) C:\Windows\system32\notepad.exe [Unsigned] =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Bojanje.) C:\Windows\system32\mspaint.exe [Unsigned] =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Quick Assist.lnk . (.Microsoft Corporation - Quick Assist.) C:\Windows\system32\quickassist.exe [Unsigned] =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Veza s udaljenim računalom.) C:\Windows\system32\mstsc.exe [Unsigned] =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Snipping Tool.lnk . (.Microsoft Corporation - Alat za izrezivanje.) C:\Windows\system32\SnippingTool.exe [Unsigned] =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Steps Recorder.lnk . (.Microsoft Corporation - Snimač koraka.) C:\Windows\system32\psr.exe [Unsigned] =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Windows Fax and Scan.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\system32\WFS.exe [Unsigned] =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 [Unsigned] =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - WordPad aplikacija u sustavu Windows.) C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe [Unsigned] =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Karta znakova.) C:\Windows\system32\charmap.exe [Unsigned] =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Epic Games Launcher.lnk . (.Epic Games, Inc. - UnrealEngineLauncherProxy.) D:\IGRE\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLaun cher.exe =>.Epic Games Inc.®
O4 - GS\ProgramsCommon [Public]: Excel.lnk . (.Microsoft Corporation - Easily discover, visualize, an.) C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE [Unsigned] =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Google Chrome.lnk . (.Google LLC - Pristup Internetu.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [Unsigned] =>.Google LLC
O4 - GS\ProgramsCommon [Public]: Immersive Control Panel.lnk . (.Microsoft Corporation - Windows Control Panel.) C:\Windows\System32\Control.exe [Unsigned] =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: IObit Uninstaller.lnk . (.IObit - IObit Uninstall Tool.) G:\IObit Uninstaller\IObitUninstaler.exe =>.IObit CO., LTD®
O4 - GS\ProgramsCommon [Public]: PowerPoint.lnk . (.Microsoft Corporation - Design and deliver beautiful p.) C:\Program Files (x86)\Microsoft Office\root\Office16\POWERPNT.EXE [Unsigned] =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Word.lnk . (.Microsoft Corporation - Create beautiful documents, ea.) C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE [Unsigned] =>.Microsoft Corporation
—\ Lop.com/Domain Hijackers (2) - 1s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1 =>.Local IP Adress
O17 - HKLM\System\CCS\Services\Tcpip..{0da5278c-291d-47f9-9274-9251109cc5ca}: DhcpNameServer = 192.168.1.1 192.168.1.1 =>.Local IP Adress
—\ Extra protocols (27) - 1s
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML preglednik.) – C:\Windows\System32\mshtml.dll [Unsigned] =>.Microsoft Corporation
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 proširenja za Win32.) – C:\Windows\System32\urlmon.dll [Unsigned] =>.Microsoft Corporation
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) – C:\Windows\System32\MSVidCtl.dll [Unsigned] =>.Microsoft Corporation
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 proširenja za Win32.) – C:\Windows\System32\urlmon.dll [Unsigned] =>.Microsoft Corporation
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 proširenja za Win32.) – C:\Windows\System32\urlmon.dll [Unsigned] =>.Microsoft Corporation
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 proširenja za Win32.) – C:\Windows\System32\urlmon.dll [Unsigned] =>.Microsoft Corporation
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 proširenja za Win32.) – C:\Windows\System32\urlmon.dll [Unsigned] =>.Microsoft Corporation
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) – C:\Windows\System32\itss.dll [Unsigned] =>.Microsoft Corporation
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML preglednik.) – C:\Windows\System32\mshtml.dll [Unsigned] =>.Microsoft Corporation
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 proširenja za Win32.) – C:\Windows\System32\urlmon.dll [Unsigned] =>.Microsoft Corporation
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML preglednik.) – C:\Windows\System32\mshtml.dll [Unsigned] =>.Microsoft Corporation
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) – C:\Windows\System32\inetcomm.dll [Unsigned] =>.Microsoft Corporation
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 proširenja za Win32.) – C:\Windows\System32\urlmon.dll [Unsigned] =>.Microsoft Corporation
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) – C:\Windows\System32\itss.dll [Unsigned] =>.Microsoft Corporation
O18 - Handler: mso-minsb-roaming.16 [64Bits] - {83C25742-A9F7-49FB-9138-434302C88D07} . (.Microsoft Corporation - Microsoft Office component.) – C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL =>.Microsoft®
O18 - Handler: mso-minsb.16 [64Bits] - {42089D2D-912D-4018-9087-2B87803E93FB} . (.Microsoft Corporation - Microsoft Office component.) – C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL =>.Microsoft®
O18 - Handler: osf-roaming.16 [64Bits] - {42089D2D-912D-4018-9087-2B87803E93FB} . (.Microsoft Corporation - Microsoft Office component.) – C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL =>.Microsoft®
O18 - Handler: osf.16 [64Bits] - {5504BE45-A83B-4808-900A-3A5C36E7F77A} . (.Microsoft Corporation - Microsoft Office component.) – C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL =>.Microsoft®
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML preglednik.) – C:\Windows\System32\mshtml.dll [Unsigned] =>.Microsoft Corporation
O18 - Handler: tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) – C:\Windows\System32\tbauth.dll [Unsigned] =>.Microsoft Corporation
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) – C:\Windows\System32\MSVidCtl.dll [Unsigned] =>.Microsoft Corporation
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML preglednik.) – C:\Windows\System32\mshtml.dll [Unsigned] =>.Microsoft Corporation
O18 - Handler: windows.tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) – C:\Windows\System32\tbauth.dll [Unsigned] =>.Microsoft Corporation
O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) – C:\Windows\System32\mscoree.dll [Unsigned] =>.Microsoft Corporation
O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) – C:\Windows\System32\mscoree.dll [Unsigned] =>.Microsoft Corporation
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) – C:\Windows\System32\mscoree.dll [Unsigned] =>.Microsoft Corporation
O18 - Filter: text/xml [64Bits] - {807583E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) – C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL =>.Microsoft®
—\ AppInit_DLLs Registry value Autorun (1) - 0s
O20 - Winlogon : UserInit . (.Microsoft Corporation - Userinit Logon Application.) - C:\Windows\system32\userinit.exe =>.Microsoft Corporation
—\ BootExecute (BEX) (1) - 0s
O34 - HKLM BootExecute: (SmartDefragBootTime.exe) (. - SmartDefrag.) – SmartDefragBootTime.exe
—\ List of key exploring StartupApproved (5) - 0s
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\StartupApproved\Run]:LGHUB
[HKEY_USERS\S-1-5-21-3132303913-1656691581-3202241647-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\StartupApproved\Run]:LGHUB
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\StartupApproved\Run]:SecurityHealth =>.Microsoft Corporation
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\StartupApproved\Run]:WindowsDefender =>.Microsoft Corporation
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\StartupApproved\Run32]:SunJavaUpdateSched =>.Oracle
—\ ASIC (ActiveSetup Installed Components) (5) - 0s
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) – C:\Windows\System32\wmpdxm.dll [Unsigned] =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Uslužni program za instaliranje programa Mi.) – C:\Windows\System32\unregmp2.exe [Unsigned] =>.Microsoft Corporation
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Pomoćni program za pokretanje IE za pojedin.) – C:\Windows\System32\ie4uinit.exe [Unsigned] =>.Microsoft Corporation
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) – C:\Windows\System32\mscories.dll =>.Microsoft®
O40 - ASIC: Google Chrome [64Bits] - {8A69D345-D564-463c-AFF1-A69D9E530F96} . (.Google LLC - Google Chrome Installer.) – C:\Program Files\Google\Chrome\Application\97.0.4692.99\Insta ller\chrmstp.exe =>.Google LLC®
—\ Software installed (92) - 14s
O42 - Logiciel: BS.Player FREE - (.AB Team, d.o.o..) [HKLM][64Bits] – BSPlayerf [Unsigned] =>.AB Team, d.o.o.
O42 - Logiciel: Cyberpunk 2077 - (.DODI-Repacks.) [HKLM][64Bits] – Cyberpunk 2077_is1 [Unsigned]
O42 - Logiciel: DAEMON Tools Lite - (.Disc Soft Ltd.) [HKLM][64Bits] – DAEMON Tools Lite {73098091AB520B92B7825CB8493B55DC}. =>.Disc Soft Ltd
O42 - Logiciel: Discord - (.Discord Inc..) [HKCU][64Bits] – Discord =>.SUP.Discord
O42 - Logiciel: Epic Games Launcher - (.Epic Games, Inc..) [HKLM][64Bits] – {209F4B4B-3DF2-4825-9906-D4D6A80EC09E} [Unsigned] =>.Epic Games, Inc.
O42 - Logiciel: Epic Games Launcher Prerequisites (x64) - (.Epic Games, Inc..) [HKLM][64Bits] – {F9C5C994-F6B9-4D75-B3E7-AD01B84073E9} [Unsigned] =>.Epic Games, Inc. (Hidden)
O42 - Logiciel: Epic Online Services - (.Epic Games, Inc..) [HKLM][64Bits] – {32C68D93-D32F-4B01-8250-61642BFC22F8} [Unsigned] =>.Epic Games, Inc.
O42 - Logiciel: ESET Security - (.ESET, spol. s r.o..) [HKLM][64Bits] – {C8113C9E-3025-4DC5-89E8-71F7C080967A} [Unsigned] =>.ESET, spol. s r.o.
O42 - Logiciel: God of War - (..) [HKLM][64Bits] – God of War_is1 [Unsigned]
O42 - Logiciel: Google Chrome - (.Google LLC.) [HKLM][64Bits] – Google Chrome =>.Google LLC®
O42 - Logiciel: Grand Theft Auto V - (.Games Software.) [HKLM][64Bits] – Grand Theft Auto V_is1 [Unsigned] =>.Games Software
O42 - Logiciel: IObit Uninstaller 11 - (.IObit.) [HKLM][64Bits] – IObitUninstall =>.IObit CO., LTD®
O42 - Logiciel: Java 8 Update 311 (64-bit) - (.Oracle Corporation.) [HKLM][64Bits] – {26A24AE4-039D-4CA4-87B4-2F64180311F0} [Unsigned] =>.Oracle Corporation
O42 - Logiciel: Java 8 Update 321 (64-bit) - (.Oracle Corporation.) [HKLM][64Bits] – {26A24AE4-039D-4CA4-87B4-2F64180321F0} [Unsigned] =>.Oracle Corporation
O42 - Logiciel: Java 8 Update 51 (64-bit) - (.Oracle Corporation.) [HKLM][64Bits] – {26A24AE4-039D-4CA4-87B4-2F86418051F0} [Unsigned] =>.Oracle Corporation
O42 - Logiciel: Java Auto Updater - (.Oracle Corporation.) [HKLM][64Bits] – {4A03706F-666A-4037-7777-5F2748764D10} [Unsigned] =>.Oracle Corporation (Hidden)
O42 - Logiciel: Java SE Development Kit 8 Update 311 (64-bit) - (.Oracle Corporation.) [HKLM][64Bits] – {64A3A4F4-B792-11D6-A78A-00B0D0180311} [Unsigned] =>.Oracle Corporation
O42 - Logiciel: Java SE Development Kit 8 Update 321 (64-bit) - (.Oracle Corporation.) [HKLM][64Bits] – {64A3A4F4-B792-11D6-A78A-00B0D0180321} [Unsigned] =>.Oracle Corporation
O42 - Logiciel: Launcher Prerequisites (x64) - (.Epic Games, Inc..) [HKLM][64Bits] – {43a03b9c-4770-409c-a999-587b60700b63} =>.Epic Games Inc.® (Hidden)
O42 - Logiciel: Max Payne 3 - (.DODI-Repacks.) [HKLM][64Bits] – Max Payne 3_is1 [Unsigned]
O42 - Logiciel: Microsoft Office Professional Plus 2019 - en-us - (.Microsoft Corporation.) [HKLM][64Bits] – ProPlus2019Volume - en-us =>.Microsoft®
O42 - Logiciel: Microsoft Update Health Tools - (.Microsoft Corporation.) [HKLM][64Bits] – {E876418F-BE59-4D8C-B9A5-74B056B676FA} [Unsigned] =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM][64Bits] – {5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4} [Unsigned] =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM][64Bits] – {1F1C2DFC-2D24-3E06-BCB8-725134ADF989} [Unsigned] =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM][64Bits] – {9BE518E6-ECC6-35A9-88E4-87755C07200F} [Unsigned] =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 - (.Microsoft Corporation.) [HKLM][64Bits] – {1D8E6291-B0D5-35EC-8441-6616F567A0F7} [Unsigned] =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 - (.Microsoft Corporation.) [HKLM][64Bits] – {ca67548a-5ebe-413a-b50c-4b9ceb6d66c6} =>.Microsoft®
O42 - Logiciel: Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 - (.Microsoft Corporation.) [HKLM][64Bits] – {33d1fd90-4274-48a1-9bc1-97e33d9c2d6f} =>.Microsoft®
O42 - Logiciel: Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 - (.Microsoft Corporation.) [HKLM][64Bits] – {37B8F9C7-03FB-3253-8781-2517C99D7C00} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 - (.Microsoft Corporation.) [HKLM][64Bits] – {CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 - (.Microsoft Corporation.) [HKLM][64Bits] – {B175520C-86A2-35A7-8619-86DC379688B9} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 - (.Microsoft Corporation.) [HKLM][64Bits] – {BD95A8CD-1D9F-35AD-981A-3E7925026EBB} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 - (.Microsoft Corporation.) [HKLM][64Bits] – {050d4fc8-5d48-4b8f-8972-47c82c46020f} =>.Microsoft®
O42 - Logiciel: Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 - (.Microsoft Corporation.) [HKLM][64Bits] – {f65db027-aff3-4070-886a-0d87064aabb1} =>.Microsoft®
O42 - Logiciel: Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 - (.Microsoft Corporation.) [HKLM][64Bits] – {929FBD26-9020-399B-9A7A-751D61F0B942} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 - (.Microsoft Corporation.) [HKLM][64Bits] – {A749D8E6-B613-3BE3-8F5F-045C84EBA29B} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 - (.Microsoft Corporation.) [HKLM][64Bits] – {F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 - (.Microsoft Corporation.) [HKLM][64Bits] – {13A4EE12-23EA-3371-91EE-EFB36DDFFF3E} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.30.30704 - (.Microsoft Corporation.) [HKLM][64Bits] – {57a73df6-4ba9-4c1d-bbbb-517289ff6c13} =>.Microsoft®
O42 - Logiciel: Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.30.30704 - (.Microsoft Corporation.) [HKLM][64Bits] – {4d8dcf8c-a72a-43e1-9833-c12724db736e} =>.Microsoft®
O42 - Logiciel: Microsoft Visual C++ 2022 X64 Additional Runtime - 14.30.30704 - (.Microsoft Corporation.) [HKLM][64Bits] – {6DB765A8-05AF-49A1-A71D-6F645EE3CE41} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.30.30704 - (.Microsoft Corporation.) [HKLM][64Bits] – {662A0088-6FCD-45DD-9EA7-68674058AED5} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Visual C++ 2022 X86 Additional Runtime - 14.30.30704 - (.Microsoft Corporation.) [HKLM][64Bits] – {BF08E976-B92E-4336-B56F-2171179476C4} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.30.30704 - (.Microsoft Corporation.) [HKLM][64Bits] – {F6080405-9FA8-4CAA-9982-14E95D1A3DAC} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Middle-earth: Shadow of War DE - (..) [HKLM][64Bits] – Middle-earth: Shadow of War DE_is1 [Unsigned]
O42 - Logiciel: MSI Afterburner 4.6.4 - (.MSI Co., LTD.) [HKLM][64Bits] – Afterburner [Unsigned] =>.MSI Co., LTD
O42 - Logiciel: NVAPI Monitor plugin for NvContainer - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor [Unsigned] =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA Backend - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvBackend [Unsigned] =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA Container - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer [Unsigned] =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA FrameView SDK 1.2.4999.30397803 - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk [Unsigned] =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA GeForce Experience 3.24.0.126 - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience [Unsigned] =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA GPX Common OSS binaries (POCO, OpenSSL, libprotobuf) - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GpxCommon.Oss [Unsigned] =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA Graphics Driver 511.23 - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver [Unsigned] =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA HD Audio Driver 1.3.39.1 - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver [Unsigned] =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Install Application - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer [Unsigned] =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA LocalSystem Container - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.LocalSystem [Unsigned] =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA Message Bus for NvContainer - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.MessageBus [Unsigned] =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA NetworkService Container - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.ServiceUser [Unsigned] =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA NodeJS - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs [Unsigned] =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA Optimus Update 39.2.2.0 - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus [Unsigned] =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA PhysX System Software 9.21.0713 - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX [Unsigned] =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Session Container - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.Session [Unsigned] =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA ShadowPlay 3.24.0.126 - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay [Unsigned] =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: Nvidia Share - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_OSC [Unsigned] =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA SHIELD Streaming - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv [Unsigned] =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA SHIELD Wireless Controller Driver - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController [Unsigned] =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA Telemetry Client - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry [Unsigned] =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA TelemetryApi helper for NvContainer - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.ContainerTelemetryApiHel per [Unsigned] =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA Update 39.2.2.0 - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update [Unsigned] =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA Update Core - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core [Unsigned] =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA User Container - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.User [Unsigned] =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA Virtual Audio 4.39.0.0 - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver [Unsigned] =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA Virtual Host Controller - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvVHCI [Unsigned] =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NVIDIA Watchdog Plugin for NvContainer - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvPlugin.Watchdog [Unsigned] =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: NvModuleTracker - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver [Unsigned] =>.NVIDIA Corporation (Hidden)
O42 - Logiciel: Office 16 Click-to-Run Extensibility Component - (.Microsoft Corporation.) [HKLM][64Bits] – {90160000-008C-0000-1000-0000000FF1CE} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Office 16 Click-to-Run Licensing Component - (.Microsoft Corporation.) [HKLM][64Bits] – {90160000-007E-0000-1000-0000000FF1CE} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: Office 16 Click-to-Run Localization Component - (.Microsoft Corporation.) [HKLM][64Bits] – {90160000-008C-0409-1000-0000000FF1CE} [Unsigned] =>.Microsoft Corporation (Hidden)
O42 - Logiciel: PUBG: BATTLEGROUNDS - (.KRAFTON, Inc..) [HKLM][64Bits] – Steam App 578080 =>.Valve Corp.®
O42 - Logiciel: qBittorrent 4.4.0 - (.The qBittorrent project.) [HKLM][64Bits] – qBittorrent [Unsigned] =>.The qBittorrent project
O42 - Logiciel: Rayman Origins - (.Ubisoft.) [HKLM][64Bits] – {DE491AB9-1D47-4FED-A8F5-4D4325B2EB4B} =>.Ubisoft Entertainment SA®
O42 - Logiciel: REDlauncher - (.GOG.com.) [HKCU][64Bits] – {7258BA11-600C-430E-A759-27E2C691A335}-REDlauncher_is1 =>.GOG Sp. z o.o.®
O42 - Logiciel: RivaTuner Statistics Server 7.3.3 - (.Unwinder.) [HKLM][64Bits] – RTSS [Unsigned] =>.Unwinder
O42 - Logiciel: Sniper Ghost Warrior Contracts 2 - (..) [HKLM][64Bits] – Sniper Ghost Warrior Contracts 2_is1 [Unsigned]
O42 - Logiciel: Sniper: Ghost Warrior 3 - (..) [HKLM][64Bits] – Sniper: Ghost Warrior 3_is1 [Unsigned]
O42 - Logiciel: Sniper: Ghost Warrior Contracts - (..) [HKLM][64Bits] – Sniper: Ghost Warrior Contracts_is1 [Unsigned]
O42 - Logiciel: The Witcher 3 Wild Hunt v.1.31 - (..) [HKLM][64Bits] – The Witcher 3 Wild Hunt_is1 [Unsigned]
O42 - Logiciel: The Witcher 3: GotY Edition - (..) [HKLM][64Bits] – The Witcher 3: GotY Edition_is1 [Unsigned]
O42 - Logiciel: TLauncher - (.TLauncher Inc..) [HKLM][64Bits] – TLauncher =>.TLauncher Inc.®
O42 - Logiciel: WinRAR 6.02 (64-bit) - (.win.rar GmbH.) [HKLM][64Bits] – WinRAR archiver =>.win.rar GmbH®
O42 - Logiciel: Wolfenstein Youngblood Deluxe Edition MULTi12 - ElAmigos version 1.0.3 - (.Bethesda Softworks.) [HKLM][64Bits] – {8D2A84ED-62F8-4817-A798-A7487A91BEAE}_is1 [Unsigned] =>.Bethesda Softworks
O42 - Logiciel: Zoom - (.Zoom Video Communications, Inc..) [HKCU][64Bits] – ZoomUMX =>.Zoom Video Communications, Inc.®
—\ HKCU & HKLM Software Keys (141) - 14s
HKLM\SOFTWARE\Wow6432Node\IObit\RealTimeProtector =>SUP.Optional.AdvancedSystemCare
HKLM\SOFTWARE\Wow6432Node\IObit\ASC =>SUP.Optional.AdvancedSystemCare
HKLM\SOFTWARE\IObit\RealTimeProtector =>SUP.Optional.AdvancedSystemCare
HKLM\SOFTWARE\Iobit\ASC =>SUP.Optional.AdvancedSystemCare
HKLM\SOFTWARE\AGEIA Technologies =>.AGEIA Technologies
HKLM\SOFTWARE\Apple Inc. =>.Apple Inc.
HKLM\SOFTWARE\CVSM =>.Legitimate
HKLM\SOFTWARE\DefaultUserEnvironment =>.Microsoft Corporation
HKLM\SOFTWARE\Disc Soft =>.Disc Soft
HKLM\SOFTWARE\ESET =>.ESET
HKLM\SOFTWARE\Google =>.Google
HKLM\SOFTWARE\Intel =>.Intel
HKLM\SOFTWARE\JavaSoft =>.JavaSoft
HKLM\SOFTWARE\JreMetrics =>.JreMetrics
HKLM\SOFTWARE\Khronos =>.Khronos
HKLM\SOFTWARE\MozillaPlugins =>.MozillaPlugins
HKLM\SOFTWARE\NVIDIA Corporation =>.nVidia Corporation
HKLM\SOFTWARE\O&O =>.O&O Software GmbH
HKLM\SOFTWARE\ODBC =>.DB Connectivity Solutions
HKLM\SOFTWARE\OEM =>.OEM
HKLM\SOFTWARE\RAZER =>.Razer
HKLM\SOFTWARE\Realtek =>.Realtek Semiconductor Corp.
HKLM\SOFTWARE\RegisteredApplications =>.Microsoft Corporation
HKLM\SOFTWARE\TrendMicro =>.TrendMicro
HKLM\SOFTWARE\WinRAR =>.WinRAR
HKLM\SOFTWARE\WOW6432Node =>.Microsoft Corporation
HKLM\SOFTWARE\WOW6432Node\AGEIA Technologies =>.AGEIA Technologies
HKLM\SOFTWARE\WOW6432Node\Bethesda Softworks =>.Bethesda Softworks
HKLM\SOFTWARE\WOW6432Node\Conduit =>SUP.Optional.Conduit
HKLM\SOFTWARE\WOW6432Node\David Kinder
HKLM\SOFTWARE\WOW6432Node\EasyAntiCheat =>.EasyAntiCheat
HKLM\SOFTWARE\WOW6432Node\Epic Games =>.Epic Games
HKLM\SOFTWARE\WOW6432Node\EpicGames =>.Epic Games
HKLM\SOFTWARE\WOW6432Node\ESET =>.ESET
HKLM\SOFTWARE\WOW6432Node\GOG.com =>.GOG.com
HKLM\SOFTWARE\WOW6432Node\Google =>.Google
HKLM\SOFTWARE\WOW6432Node\Intel =>.Intel
HKLM\SOFTWARE\WOW6432Node\IObit =>.IObit
HKLM\SOFTWARE\WOW6432Node\JavaSoft =>.JavaSoft
HKLM\SOFTWARE\WOW6432Node\JreMetrics =>.JreMetrics
HKLM\SOFTWARE\WOW6432Node\Khronos =>.Khronos
HKLM\SOFTWARE\WOW6432Node\Mozilla =>.Mozilla
HKLM\SOFTWARE\WOW6432Node\MozillaPlugins =>.MozillaPlugins
HKLM\SOFTWARE\WOW6432Node\MSI =>.MSI
HKLM\SOFTWARE\WOW6432Node\NVIDIA Corporation =>.nVidia Corporation
HKLM\SOFTWARE\WOW6432Node\ODBC =>.DB Connectivity Solutions
HKLM\SOFTWARE\WOW6432Node\qBittorrent =>.uTorrent (P2P)
HKLM\SOFTWARE\WOW6432Node\TrendMicro =>.TrendMicro
HKLM\SOFTWARE\WOW6432Node\Ubisoft =>.Ubisoft
HKLM\SOFTWARE\WOW6432Node\Unwinder =>.Unwinder
HKLM\SOFTWARE\WOW6432Node\Valve =>.Valve
HKLM\SOFTWARE\WOW6432Node\Webteh =>.SUP.ABTeam
HKLM\SOFTWARE\WOW6432Node\RegisteredApplications =>.Microsoft Corporation
HKCU\SOFTWARE\4A-Games =>.4A-Games
HKCU\SOFTWARE\AC3Filter =>.Vigovsky Alexander
HKCU\SOFTWARE\AppDataLow =>.Microsoft Corporation
HKCU\SOFTWARE\Blizzard Entertainment =>.Blizzard Entertainment
HKCU\SOFTWARE\BST =>.BST Software
HKCU\SOFTWARE\Chromium =>.Chromium
HKCU\SOFTWARE\Conduit =>SUP.Optional.Conduit
HKCU\SOFTWARE\David Kinder
HKCU\SOFTWARE\Disc Soft =>.Disc Soft
HKCU\SOFTWARE\Discord =>.SUP.Discord
HKCU\SOFTWARE\Edge
HKCU\SOFTWARE\Eidos Montreal =>.Eidos Montreal
HKCU\SOFTWARE\ElAmigos =>.ElAmigos
HKCU\SOFTWARE\Epic Games =>.Epic Games
HKCU\SOFTWARE\ESET =>.ESET
HKCU\SOFTWARE\Google =>.Google
HKCU\SOFTWARE\IM Providers =>.IM Providers
HKCU\SOFTWARE\JavaSoft =>.JavaSoft
HKCU\SOFTWARE\Khronos =>.Khronos
HKCU\SOFTWARE\LAV =>.LAV Inc
HKCU\SOFTWARE\Logitech =>.Logitech
HKCU\SOFTWARE\MSI =>.MSI
HKCU\SOFTWARE\Netscape =>.Netscape
HKCU\SOFTWARE\NVIDIA Corporation =>.nVidia Corporation
HKCU\SOFTWARE\O&O =>.O&O Software GmbH
HKCU\SOFTWARE\ODBC =>.DB Connectivity Solutions
HKCU\SOFTWARE\QtProject =>.QtProject
HKCU\SOFTWARE\Razer =>.Razer
HKCU\SOFTWARE\Realtek =>.Realtek Semiconductor Corp.
HKCU\SOFTWARE\RegisteredApplications =>.Microsoft Corporation
HKCU\SOFTWARE\RzAppEngine
HKCU\SOFTWARE\Sysinternals =>.Sysinternals
HKCU\SOFTWARE\Thrustmaster =>.Thrustmaster
HKCU\SOFTWARE\Ubisoft =>.Ubisoft
HKCU\SOFTWARE\Unknown Worlds =>.Unknown Worlds
HKCU\SOFTWARE\Unwinder =>.Unwinder
HKCU\SOFTWARE\Valve =>.Valve
HKCU\SOFTWARE\WinRAR =>.WinRAR
HKCU\SOFTWARE\WinRAR SFX =>.RarLab
HKCU\SOFTWARE\Wow6432Node =>.Microsoft Corporation
HKCU\SOFTWARE\ZHP =>.Nicolas Coolman
HKCU\SOFTWARE\ZoomUMX
HKCU\SOFTWARE\AppDataLow\Software =>.Microsoft Corporation
HKCU\SOFTWARE\AppDataLow\Software\JavaSoft =>.JavaSoft
HKU.DEFAULT\SOFTWARE\ESET =>.ESET
HKU.DEFAULT\SOFTWARE\Razer =>.Razer
HKU\S-1-5-21-3132303913-1656691581-3202241647-1002\SOFTWARE\4A-Games =>.4A-Games
HKU\S-1-5-21-3132303913-1656691581-3202241647-1002\SOFTWARE\AC3Filter =>.Vigovsky Alexander
HKU\S-1-5-21-3132303913-1656691581-3202241647-1002\SOFTWARE\AppDataLow =>.Microsoft Corporation
HKU\S-1-5-21-3132303913-1656691581-3202241647-1002\SOFTWARE\Blizzard Entertainment =>.Blizzard Entertainment
HKU\S-1-5-21-3132303913-1656691581-3202241647-1002\SOFTWARE\BST =>.BST Software
HKU\S-1-5-21-3132303913-1656691581-3202241647-1002\SOFTWARE\Chromium =>.Chromium
HKU\S-1-5-21-3132303913-1656691581-3202241647-1002\SOFTWARE\Conduit =>SUP.Optional.Conduit
HKU\S-1-5-21-3132303913-1656691581-3202241647-1002\SOFTWARE\David Kinder
HKU\S-1-5-21-3132303913-1656691581-3202241647-1002\SOFTWARE\Disc Soft =>.Disc Soft
HKU\S-1-5-21-3132303913-1656691581-3202241647-1002\SOFTWARE\Discord =>.SUP.Discord
HKU\S-1-5-21-3132303913-1656691581-3202241647-1002\SOFTWARE\Edge
HKU\S-1-5-21-3132303913-1656691581-3202241647-1002\SOFTWARE\Eidos Montreal =>.Eidos Montreal
HKU\S-1-5-21-3132303913-1656691581-3202241647-1002\SOFTWARE\ElAmigos =>.ElAmigos
HKU\S-1-5-21-3132303913-1656691581-3202241647-1002\SOFTWARE\Epic Games =>.Epic Games
HKU\S-1-5-21-3132303913-1656691581-3202241647-1002\SOFTWARE\ESET =>.ESET
HKU\S-1-5-21-3132303913-1656691581-3202241647-1002\SOFTWARE\Google =>.Google
HKU\S-1-5-21-3132303913-1656691581-3202241647-1002\SOFTWARE\IM Providers =>.IM Providers
HKU\S-1-5-21-3132303913-1656691581-3202241647-1002\SOFTWARE\JavaSoft =>.JavaSoft
HKU\S-1-5-21-3132303913-1656691581-3202241647-1002\SOFTWARE\Khronos =>.Khronos
HKU\S-1-5-21-3132303913-1656691581-3202241647-1002\SOFTWARE\LAV =>.LAV Inc
HKU\S-1-5-21-3132303913-1656691581-3202241647-1002\SOFTWARE\Logitech =>.Logitech
HKU\S-1-5-21-3132303913-1656691581-3202241647-1002\SOFTWARE\MSI =>.MSI
HKU\S-1-5-21-3132303913-1656691581-3202241647-1002\SOFTWARE\Netscape =>.Netscape
HKU\S-1-5-21-3132303913-1656691581-3202241647-1002\SOFTWARE\NVIDIA Corporation =>.nVidia Corporation
HKU\S-1-5-21-3132303913-1656691581-3202241647-1002\SOFTWARE\O&O =>.O&O Software GmbH
HKU\S-1-5-21-3132303913-1656691581-3202241647-1002\SOFTWARE\ODBC =>.DB Connectivity Solutions
HKU\S-1-5-21-3132303913-1656691581-3202241647-1002\SOFTWARE\QtProject =>.QtProject
HKU\S-1-5-21-3132303913-1656691581-3202241647-1002\SOFTWARE\Razer =>.Razer
HKU\S-1-5-21-3132303913-1656691581-3202241647-1002\SOFTWARE\Realtek =>.Realtek Semiconductor Corp.
HKU\S-1-5-21-3132303913-1656691581-3202241647-1002\SOFTWARE\RegisteredApplications =>.Microsoft Corporation
HKU\S-1-5-21-3132303913-1656691581-3202241647-1002\SOFTWARE\RzAppEngine
HKU\S-1-5-21-3132303913-1656691581-3202241647-1002\SOFTWARE\Sysinternals =>.Sysinternals
HKU\S-1-5-21-3132303913-1656691581-3202241647-1002\SOFTWARE\Thrustmaster =>.Thrustmaster
HKU\S-1-5-21-3132303913-1656691581-3202241647-1002\SOFTWARE\Ubisoft =>.Ubisoft
HKU\S-1-5-21-3132303913-1656691581-3202241647-1002\SOFTWARE\Unknown Worlds =>.Unknown Worlds
HKU\S-1-5-21-3132303913-1656691581-3202241647-1002\SOFTWARE\Unwinder =>.Unwinder
HKU\S-1-5-21-3132303913-1656691581-3202241647-1002\SOFTWARE\Valve =>.Valve
HKU\S-1-5-21-3132303913-1656691581-3202241647-1002\SOFTWARE\WinRAR =>.WinRAR
HKU\S-1-5-21-3132303913-1656691581-3202241647-1002\SOFTWARE\WinRAR SFX =>.RarLab
HKU\S-1-5-21-3132303913-1656691581-3202241647-1002\SOFTWARE\Wow6432Node =>.Microsoft Corporation
HKU\S-1-5-21-3132303913-1656691581-3202241647-1002\SOFTWARE\ZHP =>.Nicolas Coolman
HKU\S-1-5-21-3132303913-1656691581-3202241647-1002\SOFTWARE\ZoomUMX
—\ Packages (3) - 0s
C:\Program Files (x86)\WindowsApps\MicrosoftWindows.UndockedDevKit_ 10.0.19041.1023_neutral_neutral_cw5n1h2txyewy - (.Microsoft Corporation.) [UDK Package] =>Microsoft Corporation
C:\Program Files (x86)\WindowsApps\NcsiUwpApp_1000.19041.1023.0_neu tral_neutral_8wekyb3d8bbwe - (.Microsoft.) [NcsiUwpApp] =>Microsoft
C:\Program Files (x86)\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8. 1.962.0_x64__56jybvy8sckqj - (.nVidia Corporation.) [NVIDIA Control Panel] =>nVidia Corporation
—\ Contents of the Common Files folders (232) - 6s
O43 - CFD: 29/01/2022 - D – C:\Program Files\Common Files =>.Microsoft Corporation
O43 - CFD: 01/02/2022 - D – C:\Program Files\ESET =>.ESET, spol. s r.o.®
O43 - CFD: 12/12/2021 - D – C:\Program Files\Google =>.Google LLC®
O43 - CFD: 16/12/2021 - D – C:\Program Files\Internet Explorer =>.Microsoft Corporation
O43 - CFD: 24/01/2022 - D – C:\Program Files\Java =>.Oracle
O43 - CFD: 25/01/2022 - D – C:\Program Files\Microsoft Office =>.Microsoft Corporation
O43 - CFD: 25/01/2022 - D – C:\Program Files\Microsoft Office 15 =>.Microsoft Corporation
O43 - CFD: 25/01/2022 - D – C:\Program Files\Microsoft OneDrive =>.Microsoft Corporation
O43 - CFD: 15/12/2021 - D – C:\Program Files\Microsoft Update Health Tools =>.Microsoft Corporation
O43 - CFD: 07/12/2019 - [0] D – C:\Program Files\ModifiableWindowsApps =>.Microsoft Corporation
O43 - CFD: 20/09/2021 - D – C:\Program Files\MSBuild =>.Microsoft Corporation
O43 - CFD: 17/12/2021 - D – C:\Program Files\NVIDIA Corporation =>.nVidia Corporation
O43 - CFD: 20/09/2021 - D – C:\Program Files\Reference Assemblies =>.Microsoft Corporation
O43 - CFD: 21/09/2021 - [0] HD – C:\Program Files\Uninstall Information =>.Microsoft Corporation
O43 - CFD: 12/12/2021 - D – C:\Program Files\Windows Defender =>.Microsoft Corporation
O43 - CFD: 30/01/2022 - D – C:\Program Files\Windows Defender Advanced Threat Protection =>.Microsoft Corporation
O43 - CFD: 06/08/2021 - D – C:\Program Files\Windows Mail =>.Microsoft Corporation
O43 - CFD: 16/12/2021 - D – C:\Program Files\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 07/12/2019 - D – C:\Program Files\Windows Multimedia Platform =>.Microsoft Corporation
O43 - CFD: 07/12/2019 - D – C:\Program Files\Windows NT =>.Microsoft Corporation
O43 - CFD: 12/12/2021 - D – C:\Program Files\Windows Photo Viewer =>.Microsoft Corporation
O43 - CFD: 07/12/2019 - D – C:\Program Files\Windows Portable Devices =>.Microsoft Corporation
O43 - CFD: 07/12/2019 - D – C:\Program Files\Windows Security =>.Microsoft Corporation
O43 - CFD: 07/12/2019 - SHD – C:\Program Files\Windows Sidebar =>.Microsoft Corporation
O43 - CFD: 29/01/2022 - HD – C:\Program Files\WindowsApps =>.Microsoft Corporation
O43 - CFD: 07/12/2019 - D – C:\Program Files\WindowsPowerShell =>.Microsoft Corporation
O43 - CFD: 12/12/2021 - D – C:\Program Files\WinRAR =>.win.rar GmbH®
O43 - CFD: 30/01/2022 - D – C:\Program Files (x86)\Common Files =>.Microsoft Corporation
O43 - CFD: 02/01/2022 - D – C:\Program Files (x86)\EasyAntiCheat =>.EasyAntiCheat
O43 - CFD: 31/12/2021 - D – C:\Program Files (x86)\Epic Games =>.Epic Games
O43 - CFD: 31/01/2022 - D – C:\Program Files (x86)\Google =>.Google LLC®
O43 - CFD: 01/02/2022 - HD – C:\Program Files (x86)\InstallShield Installation Information =>.InstallShield
O43 - CFD: 16/12/2021 - D – C:\Program Files (x86)\Internet Explorer =>.Microsoft Corporation
O43 - CFD: 31/01/2022 - [0] D – C:\Program Files (x86)\IObit =>.IObit
O43 - CFD: 24/01/2022 - D – C:\Program Files (x86)\Microsoft =>.Microsoft Corporation
O43 - CFD: 25/01/2022 - D – C:\Program Files (x86)\Microsoft.NET =>.Microsoft Corporation
O43 - CFD: 20/09/2021 - D – C:\Program Files (x86)\MSBuild =>.Microsoft Corporation
O43 - CFD: 17/12/2021 - D – C:\Program Files (x86)\NVIDIA Corporation =>.nVidia Corporation
O43 - CFD: 25/01/2022 - [0] D – C:\Program Files (x86)\Proton Technologies
O43 - CFD: 01/01/2022 - D – C:\Program Files (x86)\Realtek =>.Realtek
O43 - CFD: 20/09/2021 - D – C:\Program Files (x86)\Reference Assemblies =>.Microsoft Corporation
O43 - CFD: 01/01/2022 - [0] HD – C:\Program Files (x86)\Temp =>.Microsoft Corporation
O43 - CFD: 19/12/2021 - D – C:\Program Files (x86)\Webteh [Unsigned] =>.SUP.ABTeam
O43 - CFD: 12/12/2021 - D – C:\Program Files (x86)\Windows Defender =>.Microsoft Corporation
O43 - CFD: 06/08/2021 - D – C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation
O43 - CFD: 16/12/2021 - D – C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 07/12/2019 - D – C:\Program Files (x86)\Windows Multimedia Platform =>.Microsoft Corporation
O43 - CFD: 07/12/2019 - D – C:\Program Files (x86)\Windows NT =>.Microsoft Corporation
O43 - CFD: 12/12/2021 - D – C:\Program Files (x86)\Windows Photo Viewer =>.Microsoft Corporation
O43 - CFD: 07/12/2019 - D – C:\Program Files (x86)\Windows Portable Devices =>.Microsoft Corporation
O43 - CFD: 07/12/2019 - SHD – C:\Program Files (x86)\Windows Sidebar =>.Microsoft Corporation
O43 - CFD: 07/12/2019 - D – C:\Program Files (x86)\WindowsPowerShell =>.Microsoft Corporation
O43 - CFD: 06/08/2021 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility =>.Microsoft Corporation
O43 - CFD: 17/12/2021 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories =>.Microsoft Corporation
O43 - CFD: 16/12/2021 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools =>.Administrative Tools
O43 - CFD: 19/12/2021 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BS.Player
O43 - CFD: 22/01/2022 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\by.xatab
O43 - CFD: 31/01/2022 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cyberpunk 2077 =>.Legitimate
O43 - CFD: 01/02/2022 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET =>.ESET
O43 - CFD: 12/12/2021 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller =>.IObit
O43 - CFD: 24/01/2022 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java =>.Oracle
O43 - CFD: 24/01/2022 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit =>.Oracle
O43 - CFD: 07/12/2019 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance =>.Microsoft Corporation
O43 - CFD: 26/01/2022 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Max Payne 3
O43 - CFD: 25/01/2022 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools =>.Microsoft Corporation
O43 - CFD: 12/12/2021 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation =>.nVidia Corporation
O43 - CFD: 24/01/2022 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
O43 - CFD: 29/01/2022 - [0] D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer =>.Razer
O43 - CFD: 24/01/2022 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp =>.Microsoft Corporation
O43 - CFD: 16/12/2021 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools =>.Microsoft Corporation
O43 - CFD: 12/12/2021 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TLauncher
O43 - CFD: 07/12/2019 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell =>.Microsoft Corporation
O43 - CFD: 12/12/2021 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR =>.WinRAR
O43 - CFD: 31/01/2022 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wolfenstein Youngblood
O43 - CFD: 21/09/2021 - [0] SHD – C:\ProgramData\Application Data =>.Microsoft Corporation
O43 - CFD: 26/12/2021 - [0] D – C:\ProgramData\Battle.net_components
O43 - CFD: 26/12/2021 - [0] D – C:\ProgramData\Blizzard Entertainment =>.Blizzard Entertainment
O43 - CFD: 19/12/2021 - D – C:\ProgramData\Codemasters =>.Codemasters
O43 - CFD: 21/09/2021 - [0] SHD – C:\ProgramData\Desktop =>.Microsoft Corporation
O43 - CFD: 12/12/2021 - D – C:\ProgramData\Disc-Soft
O43 - CFD: 21/09/2021 - [0] SHD – C:\ProgramData\Documents =>.Microsoft Corporation
O43 - CFD: 31/12/2021 - D – C:\ProgramData\Epic =>.Epic
O43 - CFD: 01/02/2022 - D – C:\ProgramData\ESET =>.ESET
O43 - CFD: 30/01/2022 - D – C:\ProgramData\IObit =>.IObit
O43 - CFD: 19/12/2021 - D – C:\ProgramData\Logishrd =>.Logitech Inc.
O43 - CFD: 25/01/2022 - SD – C:\ProgramData\Microsoft =>.Microsoft Corporation
O43 - CFD: 01/02/2022 - D – C:\ProgramData\Microsoft OneDrive =>.Microsoft Corporation
O43 - CFD: 02/02/2022 - D – C:\ProgramData\NVIDIA =>.nVidia Corporation
O43 - CFD: 17/12/2021 - D – C:\ProgramData\NVIDIA Corporation =>.nVidia Corporation
O43 - CFD: 12/12/2021 - D – C:\ProgramData\Online_KMS_Activation
O43 - CFD: 24/01/2022 - D – C:\ProgramData\OO Software =>.O&O Software GmbH
O43 - CFD: 12/12/2021 - D – C:\ProgramData\Oracle =>.Oracle
O43 - CFD: 29/01/2022 - D – C:\ProgramData\Package Cache =>.Microsoft Corporation
O43 - CFD: 17/12/2021 - D – C:\ProgramData\Packages =>.Microsoft Corporation
O43 - CFD: 29/01/2022 - D – C:\ProgramData\ProductData =>.Microsoft Corporation
O43 - CFD: 29/01/2022 - D – C:\ProgramData\Razer =>.Razer
O43 - CFD: 02/02/2022 - D – C:\ProgramData\regid.1991-06.com.microsoft =>.Microsoft Corporation
O43 - CFD: 12/12/2021 - D – C:\ProgramData\Socialclub =>.Legitimate
O43 - CFD: 07/12/2019 - [0] D – C:\ProgramData\SoftwareDistribution =>.Microsoft Corporation
O43 - CFD: 06/08/2021 - [0] D – C:\ProgramData\ssh =>.Microsoft Corporation
O43 - CFD: 21/09/2021 - [0] SHD – C:\ProgramData\Start Menu =>.Microsoft Corporation
O43 - CFD: 23/12/2021 - D – C:\ProgramData\Steam =>.Steam Games
O43 - CFD: 12/12/2021 - D – C:\ProgramData\Sun =>.Oracle
O43 - CFD: 21/09/2021 - [0] SHD – C:\ProgramData\Templates =>.Microsoft Corporation
O43 - CFD: 25/12/2021 - D – C:\ProgramData\Unknown Worlds
O43 - CFD: 21/09/2021 - D – C:\ProgramData\USOPrivate =>.Microsoft Corporation
O43 - CFD: 07/12/2019 - D – C:\ProgramData\USOShared =>.Microsoft Corporation
O43 - CFD: 07/12/2019 - D – C:\ProgramData\WindowsHolographicDevices =>.Microsoft Corporation
O43 - CFD: 12/12/2021 - [0] D – C:\ProgramData{F86B0233-9A85-4589-8AAF-524CC4F8211B}
O43 - CFD: 30/01/2022 - D – C:\Program Files (x86)\Common Files\BattlEye =>.BattlEye
O43 - CFD: 29/01/2022 - D – C:\Program Files (x86)\Common Files\IObit =>.IObit
O43 - CFD: 24/01/2022 - D – C:\Program Files (x86)\Common Files\Java =>.Oracle
O43 - CFD: 25/01/2022 - D – C:\Program Files (x86)\Common Files\Microsoft Shared =>.Microsoft Corporation
O43 - CFD: 15/12/2021 - D – C:\Program Files (x86)\Common Files\Oracle =>.Oracle
O43 - CFD: 07/12/2019 - D – C:\Program Files (x86)\Common Files\Services =>.Microsoft Corporation
O43 - CFD: 30/01/2022 - D – C:\Program Files (x86)\Common Files\Steam =>.Steam Games
O43 - CFD: 12/12/2021 - D – C:\Program Files (x86)\Common Files\System =>.Microsoft Corporation
O43 - CFD: 28/12/2021 - D – C:\Users\Korisnik\AppData\Roaming.minecraft =>.Microsoft Corporation
O43 - CFD: 28/12/2021 - D – C:\Users\Korisnik\AppData\Roaming.tlauncher
O43 - CFD: 12/12/2021 - D – C:\Users\Korisnik\AppData\Roaming\Adobe =>.Adobe
O43 - CFD: 20/12/2021 - D – C:\Users\Korisnik\AppData\Roaming\BSplayer
O43 - CFD: 19/12/2021 - D – C:\Users\Korisnik\AppData\Roaming\BSplayer Pro
O43 - CFD: 18/12/2021 - D – C:\Users\Korisnik\AppData\Roaming\DAEMON Tools Lite =>.DAEMON Tools
O43 - CFD: 12/12/2021 - D – C:\Users\Korisnik\AppData\Roaming\Disc-Soft
O43 - CFD: 21/01/2022 - D – C:\Users\Korisnik\AppData\Roaming\discord
O43 - CFD: 02/01/2022 - D – C:\Users\Korisnik\AppData\Roaming\EasyAntiCheat =>.EasyAntiCheat
O43 - CFD: 28/01/2022 - D – C:\Users\Korisnik\AppData\Roaming\Eidos Montreal =>.Eidos Montreal
O43 - CFD: 07/05/2021 - D – C:\Users\Korisnik\AppData\Roaming\EMPRESS
O43 - CFD: 15/01/2022 - D – C:\Users\Korisnik\AppData\Roaming\FLT =>.FLT Software
O43 - CFD: 26/01/2022 - D – C:\Users\Korisnik\AppData\Roaming\Goldberg SocialClub Emu Saves
O43 - CFD: 04/01/2022 - D – C:\Users\Korisnik\AppData\Roaming\Goldberg SteamEmu Saves
O43 - CFD: 12/12/2021 - D – C:\Users\Korisnik\AppData\Roaming\Goldberg UplayEmu Saves
O43 - CFD: 30/01/2022 - D – C:\Users\Korisnik\AppData\Roaming\IObit =>.IObit
O43 - CFD: 12/12/2021 - D – C:\Users\Korisnik\AppData\Roaming\java =>.Oracle
O43 - CFD: 19/12/2021 - SD – C:\Users\Korisnik\AppData\Roaming\Microsoft =>.Microsoft Corporation
O43 - CFD: 12/12/2021 - D – C:\Users\Korisnik\AppData\Roaming\NVIDIA =>.nVidia Corporation
O43 - CFD: 01/02/2022 - D – C:\Users\Korisnik\AppData\Roaming\qBittorrent
O43 - CFD: 15/12/2021 - D – C:\Users\Korisnik\AppData\Roaming\Sun =>.Oracle
O43 - CFD: 01/02/2022 - D – C:\Users\Korisnik\AppData\Roaming\Vortex
O43 - CFD: 12/12/2021 - D – C:\Users\Korisnik\AppData\Roaming\WinRAR =>.WinRAR
O43 - CFD: 02/02/2022 - D – C:\Users\Korisnik\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 18/01/2022 - D – C:\Users\Korisnik\AppData\Roaming\Zoom =>.ZOOM
O43 - CFD: 07/01/2022 - [0] D – C:\Users\Korisnik\AppData\Local\Aiseesoft Studio =>.Aiseesoft Studio
O43 - CFD: 29/01/2022 - D – C:\Users\Korisnik\AppData\Local\BattlEye =>.BattlEye
O43 - CFD: 14/12/2021 - D – C:\Users\Korisnik\AppData\Local\Blizzard Entertainment =>.Blizzard Entertainment
O43 - CFD: 18/12/2021 - D – C:\Users\Korisnik\AppData\Local\BrightMemoryInfini te
O43 - CFD: 20/01/2022 - D – C:\Users\Korisnik\AppData\Local\cache =>.Legitimate
O43 - CFD: 12/12/2021 - D – C:\Users\Korisnik\AppData\Local\CD Projekt Red =>.CD Projekt RED
O43 - CFD: 12/12/2021 - D – C:\Users\Korisnik\AppData\Local\CEF =>.CEF
O43 - CFD: 12/12/2021 - D – C:\Users\Korisnik\AppData\Local\Comms =>.Microsoft Corporation
O43 - CFD: 12/12/2021 - D – C:\Users\Korisnik\AppData\Local\ConnectedDevicesPl atform =>.Microsoft Corporation
O43 - CFD: 31/01/2022 - D – C:\Users\Korisnik\AppData\Local\CrashDumps =>.Microsoft Corporation
O43 - CFD: 31/12/2021 - D – C:\Users\Korisnik\AppData\Local\CrashReportClient
O43 - CFD: 01/02/2022 - D – C:\Users\Korisnik\AppData\Local\D3DSCache =>.Legitimate
O43 - CFD: 01/01/2022 - [0] D – C:\Users\Korisnik\AppData\Local\DBG =>.DBG
O43 - CFD: 29/01/2022 - D – C:\Users\Korisnik\AppData\Local\Discord
O43 - CFD: 23/12/2021 - D – C:\Users\Korisnik\AppData\Local\Disc_Soft_Ltd =>.Disc Soft Ltd
O43 - CFD: 28/01/2022 - D – C:\Users\Korisnik\AppData\Local\Epic Games =>.Epic Games
O43 - CFD: 31/12/2021 - D – C:\Users\Korisnik\AppData\Local\EpicGamesLauncher =>.Epic Games
O43 - CFD: 01/02/2022 - D – C:\Users\Korisnik\AppData\Local\ESET =>.ESET
O43 - CFD: 31/01/2022 - D – C:\Users\Korisnik\AppData\Local\FLiNGTrainer
O43 - CFD: 31/12/2021 - D – C:\Users\Korisnik\AppData\Local\FortniteGame
O43 - CFD: 12/12/2021 - D – C:\Users\Korisnik\AppData\Local\GOG.com =>.GOG.com
O43 - CFD: 12/12/2021 - D – C:\Users\Korisnik\AppData\Local\Google =>.Google
O43 - CFD: 12/12/2021 - [0] SHD – C:\Users\Korisnik\AppData\Local\History =>.Microsoft Corporation
O43 - CFD: 25/01/2022 - SHD – C:\Users\Korisnik\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 22/01/2022 - D – C:\Users\Korisnik\AppData\Local\NVIDIA =>.nVidia Corporation
O43 - CFD: 02/01/2022 - D – C:\Users\Korisnik\AppData\Local\NVIDIA Corporation =>.nVidia Corporation
O43 - CFD: 24/01/2022 - D – C:\Users\Korisnik\AppData\Local\O&O =>.O&O Software GmbH
O43 - CFD: 24/01/2022 - D – C:\Users\Korisnik\AppData\Local\O&O_Software_GmbH
O43 - CFD: 12/12/2021 - D – C:\Users\Korisnik\AppData\Local\OneDrive =>.Microsoft Corporation
O43 - CFD: 25/01/2022 - D – C:\Users\Korisnik\AppData\Local\OO Software =>.O&O Software GmbH
O43 - CFD: 31/01/2022 - D – C:\Users\Korisnik\AppData\Local\Packages =>.Microsoft Corporation
O43 - CFD: 20/01/2022 - D – C:\Users\Korisnik\AppData\Local\PacketTracer
O43 - CFD: 12/12/2021 - [0] D – C:\Users\Korisnik\AppData\Local\PeerDistRepub =>.Microsoft Corporation
O43 - CFD: 02/02/2022 - D – C:\Users\Korisnik\AppData\Local\PlaceholderTileLog oFolder =>.Microsoft Corporation
O43 - CFD: 12/12/2021 - D – C:\Users\Korisnik\AppData\Local\Programs =>.Microsoft Corporation
O43 - CFD: 12/12/2021 - D – C:\Users\Korisnik\AppData\Local\Publishers =>.Microsoft Corporation
O43 - CFD: 18/12/2021 - D – C:\Users\Korisnik\AppData\Local\qBittorrent
O43 - CFD: 29/01/2022 - [0] D – C:\Users\Korisnik\AppData\Local\Razer =>.Razer
O43 - CFD: 12/12/2021 - D – C:\Users\Korisnik\AppData\Local\REDEngine
O43 - CFD: 18/12/2021 - D – C:\Users\Korisnik\AppData\Local\Remedy
O43 - CFD: 13/12/2021 - D – C:\Users\Korisnik\AppData\Local\Rockstar Games =>.Rockstar Games
O43 - CFD: 18/12/2021 - D – C:\Users\Korisnik\AppData\Local\Saints Row The Third
O43 - CFD: 26/01/2022 - D – C:\Users\Korisnik\AppData\Local\Skyrim =>.Skyrim Games
O43 - CFD: 26/01/2022 - D – C:\Users\Korisnik\AppData\Local\Skyrim Special Edition =>.Nogenious Skyrim Game
O43 - CFD: 21/01/2022 - D – C:\Users\Korisnik\AppData\Local\SquirrelTemp =>.Squirrels
O43 - CFD: 16/12/2021 - D – C:\Users\Korisnik\AppData\Local\Steam =>.Steam Games
O43 - CFD: 02/02/2022 - D – C:\Users\Korisnik\AppData\Local\Temp =>.Microsoft Corporation
O43 - CFD: 12/12/2021 - [0] SHD – C:\Users\Korisnik\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
O43 - CFD: 17/01/2022 - D – C:\Users\Korisnik\AppData\Local\ToastNotificationM anagerCompat
O43 - CFD: 29/01/2022 - D – C:\Users\Korisnik\AppData\Local\TslGame
O43 - CFD: 29/01/2022 - D – C:\Users\Korisnik\AppData\Local\UnrealEngine =>.Unreal Software
O43 - CFD: 31/12/2021 - D – C:\Users\Korisnik\AppData\Local\UnrealEngineLaunch er =>.Unreal Software
O43 - CFD: 12/12/2021 - [0] D – C:\Users\Korisnik\AppData\Local\VirtualStore =>.Microsoft Corporation
O43 - CFD: 01/01/2022 - D – C:\Users\Korisnik\AppData\Local\WB Games =>.WB Games
O43 - CFD: 30/01/2022 - D – C:\Users\Korisnik\AppData\Local\WELLBIA
O43 - CFD: 02/02/2022 - D – C:\Users\Korisnik\AppData\Local\ZHP =>.Nicolas Coolman
O43 - CFD: 12/12/2021 - D – C:\Users\Korisnik\AppData\Local\Programs\CD Projekt Red =>.CD Projekt RED
O43 - CFD: 12/12/2021 - [0] D – C:\Users\Korisnik\AppData\Local\Programs\Common =>.Microsoft Corporation
O43 - CFD: 30/01/2022 - D – C:\Users\Korisnik\AppData\LocalLow\IObit =>.IObit
O43 - CFD: 18/12/2021 - SD – C:\Users\Korisnik\AppData\LocalLow\Microsoft =>.Microsoft Corporation
O43 - CFD: 12/12/2021 - D – C:\Users\Korisnik\AppData\LocalLow\Oracle =>.Oracle
O43 - CFD: 12/12/2021 - D – C:\Users\Korisnik\AppData\LocalLow\Sun =>.Oracle
O43 - CFD: 25/12/2021 - D – C:\Users\Korisnik\AppData\LocalLow\Unknown Worlds
O43 - CFD: 01/02/2022 - D – C:\Users\Korisnik\Desktop\Alati
O43 - CFD: 01/02/2022 - D – C:\Users\Korisnik\Desktop\Arijan
O43 - CFD: 06/08/2021 - RD – C:\Users\Korisnik\AppData\Roaming\Microsoft\Window s\Start Menu\Programs\Accessibility =>.Microsoft Corporation
O43 - CFD: 12/12/2021 - RD – C:\Users\Korisnik\AppData\Roaming\Microsoft\Window s\Start Menu\Programs\Accessories =>.Microsoft Corporation
O43 - CFD: 12/12/2021 - RD – C:\Users\Korisnik\AppData\Roaming\Microsoft\Window s\Start Menu\Programs\Administrative Tools =>.Administrative Tools
O43 - CFD: 13/12/2021 - D – C:\Users\Korisnik\AppData\Roaming\Microsoft\Window s\Start Menu\Programs\Discord Inc =>.SUP.Discord
O43 - CFD: 07/12/2019 - D – C:\Users\Korisnik\AppData\Roaming\Microsoft\Window s\Start Menu\Programs\Maintenance =>.Microsoft Corporation
O43 - CFD: 12/12/2021 - D – C:\Users\Korisnik\AppData\Roaming\Microsoft\Window s\Start Menu\Programs\MSI Afterburner =>.Micro-Star International Co
O43 - CFD: 12/12/2021 - D – C:\Users\Korisnik\AppData\Roaming\Microsoft\Window s\Start Menu\Programs\RivaTuner Statistics Server =>.RivaTuner
O43 - CFD: 12/12/2021 - RD – C:\Users\Korisnik\AppData\Roaming\Microsoft\Window s\Start Menu\Programs\Startup =>.Microsoft Corporation
O43 - CFD: 28/01/2022 - D – C:\Users\Korisnik\AppData\Roaming\Microsoft\Window s\Start Menu\Programs\Steam =>.Steam Games
O43 - CFD: 07/12/2019 - RD – C:\Users\Korisnik\AppData\Roaming\Microsoft\Window s\Start Menu\Programs\System Tools =>.Microsoft Corporation
O43 - CFD: 07/12/2019 - D – C:\Users\Korisnik\AppData\Roaming\Microsoft\Window s\Start Menu\Programs\Windows PowerShell =>.Microsoft Corporation
O43 - CFD: 12/12/2021 - D – C:\Users\Korisnik\AppData\Roaming\Microsoft\Window s\Start Menu\Programs\WinRAR =>.WinRAR
O43 - CFD: 18/01/2022 - D – C:\Users\Korisnik\AppData\Roaming\Microsoft\Window s\Start Menu\Programs\Zoom =>.ZOOM
O43 - CFD: 21/09/2021 - [0] SHD – C:\Users\Default\AppData\Local\Application Data =>.Microsoft Corporation
O43 - CFD: 21/09/2021 - [0] SHD – C:\Users\Default\AppData\Local\History =>.Microsoft Corporation
O43 - CFD: 07/12/2019 - D – C:\Users\Default\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 07/12/2019 - [0] D – C:\Users\Default\AppData\Local\Temp =>.Microsoft Corporation
O43 - CFD: 21/09/2021 - [0] SHD – C:\Users\Default\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
O43 - CFD: 21/09/2021 - [0] SHD – C:\Users\Default User\AppData\Local\Application Data =>.Microsoft Corporation
O43 - CFD: 21/09/2021 - [0] SHD – C:\Users\Default User\AppData\Local\History =>.Microsoft Corporation
O43 - CFD: 07/12/2019 - D – C:\Users\Default User\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 07/12/2019 - [0] D – C:\Users\Default User\AppData\Local\Temp =>.Microsoft Corporation
O43 - CFD: 21/09/2021 - [0] SHD – C:\Users\Default User\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
O43 - CFD: 12/12/2021 - D – C:\Windows\System32\Config\systemprofile\AppData\L ocal\Microsoft =>.Microsoft Corporation
O43 - CFD: 12/12/2021 - – C:\Windows\System32\Config\systemprofile\AppData\R oaming\IObit =>.IObit
—\ ShellIconOverlayIdentifiers (SIOI) (2) - 0s
O106 - SIOI: [EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}. (.Microsoft Corporation - DLL proširenja ljuske za poboljšanu pohranu.) – C:\Windows\System32\EhStorShell.dll [Unsigned] =>.Microsoft Corporation
O106 - SIOI: [Offline Files] - {4E77131D-3629-431c-9818-C5679DC83E81}. (.Microsoft Corporation - Korisničko sučelje predmemoriranja na stran.) – C:\Windows\System32\cscui.dll [Unsigned] =>.Microsoft Corporation
—\ Search Context Menu Handlers (SCMH) (29) - 1s
O108 - CMH1: ESET Security Shell [64Bits] - {B089FE88-FB52-11D3-BDF1-0050DA34150D} . (.ESET - ESET Shell Extension.) – C:\Program Files\ESET\ESET Security\shellExt.dll =>.ESET, spol. s r.o.®
O108 - CMH1: IObitUnstaler [64Bits] - {836AB26C-2DE4-41D3-AC24-4C6C2699B960} . (.IObit - IUMenuRightExtension.) – G:\IObit Uninstaller\IUMenuRight.dll =>.IObit Information Technology®
O108 - CMH1: ModernSharing [64Bits] - {e2bf9676-5f8f-435c-97eb-11607a5bedf7} . (.Microsoft Corporation - Proširenja ljuske za zajedničko korištenje.) – C:\Windows\System32\ntshrui.dll [Unsigned] =>.Microsoft Corporation
O108 - CMH1: Open With [64Bits] - {09799AFB-AD67-11d1-ABCD-00C04FC30936} . (.Microsoft Corporation - Zajednički Dll ljuske sustava Windows.) – C:\Windows\System32\shell32.dll =>.Microsoft®
O108 - CMH1: Open With EncryptionMenu [64Bits] - {A470F8CF-A1E8-4f65-8335-227475AA5C46} . (.Microsoft Corporation - Zajednički Dll ljuske sustava Windows.) – C:\Windows\System32\shell32.dll =>.Microsoft®
O108 - CMH1: Sharing [64Bits] - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Proširenja ljuske za zajedničko korištenje.) – C:\Windows\System32\ntshrui.dll [Unsigned] =>.Microsoft Corporation
O108 - CMH1: WorkFolders [64Bits] - {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} . (.Microsoft Corporation - Microsoft (C) - proširenje ljuske za radne.) – C:\Windows\System32\WorkfoldersShell.dll [Unsigned] =>.Microsoft Corporation
O108 - CMH2: ESET Security Shell [64Bits] - {B089FE88-FB52-11D3-BDF1-0050DA34150D} . (.ESET - ESET Shell Extension.) – C:\Program Files\ESET\ESET Security\shellExt.dll =>.ESET, spol. s r.o.®
O108 - CMH2: IObitUnstaler [64Bits] - {836AB26C-2DE4-41D3-AC24-4C6C2699B960} . (.IObit - IUMenuRightExtension.) – G:\IObit Uninstaller\IUMenuRight.dll =>.IObit Information Technology®
O108 - CMH2: OpenContainingFolderMenu [64Bits] - {37ea3a21-7493-4208-a011-7f9ea79ce9f5} . (.Microsoft Corporation - Zajednički Dll ljuske sustava Windows.) – C:\Windows\System32\shell32.dll =>.Microsoft®
O108 - CMH3: CopyAsPathMenu [64Bits] - {f3d06e7c-1e45-4a26-847e-f9fcdee59be0} . (.Microsoft Corporation - Zajednički Dll ljuske sustava Windows.) – C:\Windows\System32\shell32.dll =>.Microsoft®
O108 - CMH3: SendTo [64Bits] - {7BA4C740-9E81-11CF-99D3-00AA004AE837} . (.Microsoft Corporation - Zajednički Dll ljuske sustava Windows.) – C:\Windows\System32\shell32.dll =>.Microsoft®
O108 - CMH4: EncryptionMenu [64Bits] - {A470F8CF-A1E8-4f65-8335-227475AA5C46} . (.Microsoft Corporation - Zajednički Dll ljuske sustava Windows.) – C:\Windows\System32\shell32.dll =>.Microsoft®
O108 - CMH4: IObitUnstaler [64Bits] - {836AB26C-2DE4-41D3-AC24-4C6C2699B960} . (.IObit - IUMenuRightExtension.) – G:\IObit Uninstaller\IUMenuRight.dll =>.IObit Information Technology®
O108 - CMH4: Offline Files [64Bits] - {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} . (.Microsoft Corporation - Korisničko sučelje predmemoriranja na stran.) – C:\Windows\System32\cscui.dll [Unsigned] =>.Microsoft Corporation
O108 - CMH4: Sharing [64Bits] - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Proširenja ljuske za zajedničko korištenje.) – C:\Windows\System32\ntshrui.dll [Unsigned] =>.Microsoft Corporation
O108 - CMH4: WorkFolders [64Bits] - {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} . (.Microsoft Corporation - Microsoft (C) - proširenje ljuske za radne.) – C:\Windows\System32\WorkfoldersShell.dll [Unsigned] =>.Microsoft Corporation
O108 - CMH5: New [64Bits] - {D969A300-E7FF-11d0-A93B-00A0C90F2719} . (.Microsoft Corporation - Zajednički Dll ljuske sustava Windows.) – C:\Windows\System32\shell32.dll =>.Microsoft®
O108 - CMH5: NvCplDesktopContext [64Bits] - {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} . (.NVIDIA Corporation - NVIDIA Display Shell Extension.) – C:\Windows\System32\DriverStore\FileRepository\nv_ dispi.inf_amd64_015fa42d67826549\nvshext.dll =>.Nvidia Corporation®
O108 - CMH5: Sharing [64Bits] - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Proširenja ljuske za zajedničko korištenje.) – C:\Windows\System32\ntshrui.dll [Unsigned] =>.Microsoft Corporation
O108 - CMH5: WorkFolders [64Bits] - {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} . (.Microsoft Corporation - Microsoft (C) - proširenje ljuske za radne.) – C:\Windows\System32\WorkfoldersShell.dll [Unsigned] =>.Microsoft Corporation
O108 - CMH6: ESET Security Shell [64Bits] - {B089FE88-FB52-11D3-BDF1-0050DA34150D} . (.ESET - ESET Shell Extension.) – C:\Program Files\ESET\ESET Security\shellExt.dll =>.ESET, spol. s r.o.®
O108 - CMH6: IObitUnstaler [64Bits] - {836AB26C-2DE4-41D3-AC24-4C6C2699B960} . (.IObit - IUMenuRightExtension.) – G:\IObit Uninstaller\IUMenuRight.dll =>.IObit Information Technology®
O108 - CMH6: Library Location [64Bits] - {3dad6c5d-2167-4cae-9914-f99e41c12cfa} . (.Microsoft Corporation - Zajednički Dll ljuske sustava Windows.) – C:\Windows\System32\shell32.dll =>.Microsoft®
O108 - CMH6: Offline Files [64Bits] - {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} . (.Microsoft Corporation - Korisničko sučelje predmemoriranja na stran.) – C:\Windows\System32\cscui.dll [Unsigned] =>.Microsoft Corporation
O108 - CMH6: PintoStartScreen [64Bits] - {470C0EBD-5D73-4d58-9CED-E91E22E23282} . (.Microsoft Corporation - Prevoditelj aplikacije.) – C:\Windows\System32\appresolver.dll =>.Microsoft®
O108 - CMH7: EnhancedStorageShell [64Bits] - {2854F705-3548-414C-A113-93E27C808C85} . (.Microsoft Corporation - DLL proširenja ljuske za poboljšanu pohranu.) – C:\Windows\System32\EhStorShell.dll [Unsigned] =>.Microsoft Corporation
O108 - CMH7: ESET Security Shell [64Bits] - {B089FE88-FB52-11D3-BDF1-0050DA34150D} . (.ESET - ESET Shell Extension.) – C:\Program Files\ESET\ESET Security\shellExt.dll =>.ESET, spol. s r.o.®
O108 - CMH7: Sharing [64Bits] - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Proširenja ljuske za zajedničko korištenje.) – C:\Windows\System32\ntshrui.dll [Unsigned] =>.Microsoft Corporation
—\ Image File Execution Options (10) - 0s
O50 - IFEO:C:\Windows\System32\ie4uinit.exe - (.Microsoft Corporation - Pomoćni program za pokretanje IE za pojedin.) [MitigationOptions\256] [Unsigned] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\ieUnatt.exe - (.Microsoft Corporation - Uslužni program za nenadziranu instalaciju.) [MitigationOptions\256] [Unsigned] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\MRT.exe - (.Microsoft Corporation - Microsoft Windows Malicious Software Remova.) [CFGOptions\1] [Unsigned] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\msfeedssync.exe - (.Microsoft Corporation - Microsoft Feeds Synchronization.) [MitigationOptions\256] [Unsigned] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\mshta.exe - (.Microsoft Corporation - Glavno računalo Microsoft (R) HTML aplikaci.) [MitigationOptions\256] [Unsigned] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\PresentationHost.exe - (.Microsoft Corporation - Windows Presentation Foundation Host.) [MitigationOptions\1118481] [Unsigned] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\PrintIsolationHost.exe - (.Microsoft Corporation - PrintIsolationHost.) [MitigationOptions\2097152] [Unsigned] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\runtimebroker.exe - (.Microsoft Corporation - Runtime Broker.) [MitigationOptions\4294967296] [Unsigned] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\spoolsv.exe - (.Microsoft Corporation - Spooler SubSystem App.) [MitigationOptions\2097152] [Unsigned] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\svchost.exe - (.Microsoft Corporation - Matični proces za Windows servise.) [MinimumStackCommitInBytes\32768] =>.Microsoft®
—\ System Drivers List (441) - 13s
O58 - SDL:2019/12/07 10:07:53 A . (.Microsoft Corporation - 1394 OpenHCI Driver.) – C:\Windows\System32\drivers\1394ohci.sys [266240] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:07:53 A . (.LSI - LSI 3ware SCSI Storport Driver.) – C:\Windows\System32\drivers\3ware.sys [107320] =>.Microsoft®
O58 - SDL:2021/08/06 19:51:46 A . (.Microsoft Corporation - ACPI Driver for NT.) – C:\Windows\System32\drivers\acpi.sys [809288] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:53 A . (.Microsoft Corporation - ACPI Devices Driver.) – C:\Windows\System32\drivers\AcpiDev.sys [23040] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:08:09 A . (.Microsoft Corporation - ACPIEx Driver.) – C:\Windows\System32\drivers\acpiex.sys [139792] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:54 A . (.Microsoft Corporation - ACPI Processor Aggregator Device Driver.) – C:\Windows\System32\drivers\acpipagr.sys [14336] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:07:50 A . (.Microsoft Corporation - ACPI Power Metering Driver.) – C:\Windows\System32\drivers\acpipmi.sys [18432] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:07:54 A . (.Microsoft Corporation - ACPI Wake Alarm.) – C:\Windows\System32\drivers\acpitime.sys [16384] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/01/29 23:55:45 A . (.Microsoft Corporation - Audio KMDF Class Extension.) – C:\Windows\System32\drivers\Acx01000.sys [694272] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:07:53 A . (.PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS.) – C:\Windows\System32\drivers\adp80xx.sys [1135416] =>.Microsoft®
O58 - SDL:2021/12/15 16:54:24 A . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) – C:\Windows\System32\drivers\afd.sys [650064] =>.Microsoft®
O58 - SDL:2021/08/06 19:52:57 A . (.Microsoft Corporation - AF_UNIX socket provider.) – C:\Windows\System32\drivers\afunix.sys [41984] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/01/29 23:56:00 A . (.Microsoft Corporation - RAS Agile Vpn Miniport Call Manager.) – C:\Windows\System32\drivers\agilevpn.sys [118784] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/08/06 19:52:53 A . (.Microsoft Corporation - Application Compatibility Cache.) – C:\Windows\System32\drivers\ahcache.sys [292352] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:07:47 A . (.Advanced Micro Devices, Inc - AMD GPIO Controller Driver.) – C:\Windows\System32\drivers\amdgpio2.sys [18432] [Unsigned] =>.Advanced Micro Devices, Inc
O58 - SDL:2019/12/07 10:07:47 A . (.Advanced Micro Devices, Inc - AMD I2C Controller Driver.) – C:\Windows\System32\drivers\amdi2c.sys [45568] [Unsigned] =>.Advanced Micro Devices, Inc
O58 - SDL:2021/08/06 19:51:46 A . (.Microsoft Corporation - Processor Device Driver.) – C:\Windows\System32\drivers\amdk8.sys [207160] =>.Microsoft®
O58 - SDL:2021/08/06 19:51:46 A . (.Microsoft Corporation - Processor Device Driver.) – C:\Windows\System32\drivers\amdppm.sys [211256] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:53 A . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) – C:\Windows\System32\drivers\amdsata.sys [83256] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:53 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) – C:\Windows\System32\drivers\amdsbs.sys [259384] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:53 A . (.Advanced Micro Devices - Storage Filter Driver.) – C:\Windows\System32\drivers\amdxata.sys [26936] =>.Microsoft®
O58 - SDL:2022/01/29 23:55:56 A . (.Microsoft Corporation - AppID Driver.) – C:\Windows\System32\drivers\appid.sys [214840] =>.Microsoft®
O58 - SDL:2022/01/29 23:55:56 A . (.Microsoft Corporation - Applocker Filter.) – C:\Windows\System32\drivers\applockerfltr.sys [18432] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/12/15 16:54:54 A . (.Microsoft Corporation - Microsoft Application Virtualization Stream.) – C:\Windows\System32\drivers\AppVStrm.sys [138056] =>.Microsoft®
O58 - SDL:2021/12/15 16:54:54 A . (.Microsoft Corporation - Microsoft Application Virtualization VE Man.) – C:\Windows\System32\drivers\AppvVemgr.sys [174408] =>.Microsoft®
O58 - SDL:2021/12/15 16:54:54 A . (.Microsoft Corporation - Microsoft Application Virtualization VFS Fi.) – C:\Windows\System32\drivers\AppvVfs.sys [154952] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:53 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) – C:\Windows\System32\drivers\arcsas.sys [131896] =>.Microsoft®
O58 - SDL:2019/12/07 10:09:07 A . (.Microsoft Corporation - MS Remote Access serial network driver.) – C:\Windows\System32\drivers\asyncmac.sys [31232] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/12/15 16:53:53 A . (.Microsoft Corporation - ATAPI IDE Miniport Driver.) – C:\Windows\System32\drivers\atapi.sys [30032] =>.Microsoft®
O58 - SDL:2021/12/15 16:53:53 A . (.Microsoft Corporation - ATAPI Driver Extension.) – C:\Windows\System32\drivers\ataport.sys [224080] =>.Microsoft®
O58 - SDL:2019/12/07 10:08:41 A . (.Microsoft Corporation - BAM Kernel Driver.) – C:\Windows\System32\drivers\bam.sys [78136] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:54 A . (.Microsoft Corporation - Battery Class Driver.) – C:\Windows\System32\drivers\battc.sys [41272] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:47 A . (. - BCM Function 2 Device Driver.) – C:\Windows\System32\drivers\bcmfn2.sys [9728] [Unsigned] =>.Broadcom Corporation
O58 - SDL:2019/12/07 10:09:00 A . (.Microsoft Corporation - BEEP Driver.) – C:\Windows\System32\drivers\beep.sys [10240] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/01/14 16:33:23 A . (.Microsoft Corporation - Windows Bind Filter Driver.) – C:\Windows\System32\drivers\bindflt.sys [149320] =>.Microsoft®
O58 - SDL:2021/08/06 19:52:01 A . (.Microsoft Corporation - NT Lan Manager Datagram Receiver Driver.) – C:\Windows\System32\drivers\bowser.sys [117760] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:09:39 A . (.Microsoft Corporation - MAC Bridge Driver.) – C:\Windows\System32\drivers\bridge.sys [127488] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:07:47 A . (.Microsoft Corporation - Microsoft Bluetooth Audio Multiprofile Mana.) – C:\Windows\System32\drivers\BtaMPM.sys [36352] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/12/15 16:53:53 A . (.Microsoft Corporation - Bluetooth A2DP Driver.) – C:\Windows\System32\drivers\BthA2dp.sys [279040] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/12/17 01:37:24 A . (.Microsoft Corporation - Proširenje Bluetooth sabirnice.) – C:\Windows\System32\drivers\bthenum.sys [113664] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/12/15 16:53:53 A . (.Microsoft Corporation - Bluetooth Hands-Free Audio and Call Control.) – C:\Windows\System32\drivers\BthHfEnum.sys [154112] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/12/17 01:37:24 A . (.Microsoft Corporation - Bluetooth Transport Extensibility Miniport.) – C:\Windows\System32\drivers\BthMini.SYS [45568] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:07:50 A . (.Microsoft Corporation - Bluetooth Communications Driver.) – C:\Windows\System32\drivers\bthmodem.sys [76800] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/12/17 01:37:24 A . (.Microsoft Corporation - Upravljački program Bluetooth sabirnice.) – C:\Windows\System32\drivers\bthport.sys [1559552] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/12/17 01:37:24 A . (.Microsoft Corporation - Bluetooth Miniport Driver.) – C:\Windows\System32\drivers\BTHUSB.SYS [110592] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:07:54 A . (.Microsoft Corporation - VHD BTT Filter Driver.) – C:\Windows\System32\drivers\bttflt.sys [43832] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:56 A . (.Microsoft Corporation - Button Converter Driver.) – C:\Windows\System32\drivers\buttonconverter.sys [44032] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:07:50 A . (.QLogic Corporation - QLogic Gigabit Ethernet VBD.) – C:\Windows\System32\drivers\bxvbda.sys [533816] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:47 A . (.Microsoft Corporation - Charge Arbiration Driver.) – C:\Windows\System32\drivers\CAD.sys [66576] =>.Microsoft®
O58 - SDL:2019/12/07 10:09:37 A . (.Microsoft Corporation - CD-ROM File System Driver.) – C:\Windows\System32\drivers\cdfs.sys [100864] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/12/15 16:53:53 A . (.Microsoft Corporation - SCSI CD-ROM Driver.) – C:\Windows\System32\drivers\cdrom.sys [175616] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/08/06 19:52:31 A . (.Microsoft Corporation - Event Aggregation Kernel Mode Library.) – C:\Windows\System32\drivers\CEA.sys [86320] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:54 A . (.Chelsio Communications - Chelsio iSCSI Crash Dump Driver.) – C:\Windows\System32\drivers\cht4dx64.sys [144184] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:54 A . (.Chelsio Communications - Chelsio iSCSI VMiniport Driver.) – C:\Windows\System32\drivers\cht4sx64.sys [319800] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:54 A . (.Chelsio Communications - VF library for Chelsio ® T5/T6 Chipset.) – C:\Windows\System32\drivers\cht4vfx.sys [28672] [Unsigned] =>.Chelsio Communications
O58 - SDL:2019/12/07 10:07:54 A . (.Chelsio Communications - Virtual Bus Driver for Chelsio ® T5/T6 Chip.) – C:\Windows\System32\drivers\cht4vx64.sys [1853752] =>.Microsoft®
O58 - SDL:2021/12/15 16:54:14 A . (…) – C:\Windows\System32\drivers\cimfs.sys [98304] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:07:50 A . (.Microsoft Corporation - Consumer IR Class Driver for eHome.) – C:\Windows\System32\drivers\circlass.sys [52224] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/12/15 16:54:23 A . (.Microsoft Corporation - SCSI Class System Dll.) – C:\Windows\System32\drivers\Classpnp.sys [417080] =>.Microsoft®
O58 - SDL:2022/01/29 23:55:56 A . (.Microsoft Corporation - Cloud Files Mini Filter Driver.) – C:\Windows\System32\drivers\cldflt.sys [500224] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/01/14 16:33:27 A . (.Microsoft Corporation - Common Log File System Driver.) – C:\Windows\System32\drivers\clfs.sys [414576] =>.Microsoft®
O58 - SDL:2022/01/29 23:55:48 A . (.Microsoft Corporation - CLIP Service.) – C:\Windows\System32\drivers\ClipSp.sys [1094456] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:54 A . (.Microsoft Corporation - Control Method Battery Driver.) – C:\Windows\System32\drivers\CmBatt.sys [36864] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/08/06 19:51:59 A . (.Microsoft Corporation - Kernel Configuration Manager Initial Config.) – C:\Windows\System32\drivers\cmimcext.sys [29000] =>.Microsoft®
O58 - SDL:2021/12/17 01:37:43 A . (.Microsoft Corporation - Kernel Cryptography, Next Generation.) – C:\Windows\System32\drivers\cng.sys [746416] =>.Microsoft®
O58 - SDL:2019/12/07 10:08:37 A . (.Microsoft Corporation - CNG Hardware Assist algorithm provider.) – C:\Windows\System32\drivers\cnghwassist.sys [40968] =>.Microsoft®
O58 - SDL:2021/08/06 19:52:32 A . (.Microsoft Corporation - Console Driver.) – C:\Windows\System32\drivers\condrv.sys [57144] =>.Microsoft®
O58 - SDL:2019/12/07 10:08:49 A . (.Microsoft Corporation - Crash Dump Driver.) – C:\Windows\System32\drivers\crashdmp.sys [99368] =>.Microsoft®
O58 - SDL:2021/12/17 01:38:00 A . (.Microsoft Corporation - Windows Client Side Caching Driver.) – C:\Windows\System32\drivers\csc.sys [586752] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/08/06 19:52:37 A . (.Microsoft Corporation - DAM Kernel Driver.) – C:\Windows\System32\drivers\dam.sys [97096] =>.Microsoft®
O58 - SDL:2021/12/17 01:37:24 A . (.Microsoft Corporation - Xbox Device Authentication Driver.) – C:\Windows\System32\drivers\devauthe.sys [47104] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/08/06 19:52:50 A . (.Microsoft Corporation - DFS Namespace Client Driver.) – C:\Windows\System32\drivers\dfsc.sys [152064] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/08/06 19:51:46 A . (.Microsoft Corporation - PnP Disk Driver.) – C:\Windows\System32\drivers\disk.sys [98624] =>.Microsoft®
O58 - SDL:2019/12/07 10:08:52 A . (.Microsoft Corporation - Crash Dump Disk Driver.) – C:\Windows\System32\drivers\Diskdump.sys [38200] =>.Microsoft®
O58 - SDL:2019/12/07 10:08:52 A . (.Microsoft Corporation - Boot Over USB Dump Driver.) – C:\Windows\System32\drivers\Dmpusbstor.sys [15360] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:07:57 A . (.Microsoft Corporation - Dynamic Memory.) – C:\Windows\System32\drivers\dmvsc.sys [59192] =>.Microsoft®
O58 - SDL:2021/08/06 19:51:46 A . (.Microsoft Corporation - Microsoft Trusted Audio Drivers.) – C:\Windows\System32\drivers\drmk.sys [97792] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/08/06 19:51:46 A . (.Microsoft Corporation - Microsoft Trusted Audio Drivers.) – C:\Windows\System32\drivers\drmkaud.sys [16128] =>.Microsoft®
O58 - SDL:2021/12/18 12:40:29 A . (.Disc Soft Ltd - DAEMON Tools Lite Virtual SCSI Bus Driver.) – C:\Windows\System32\drivers\dtlitescsibus.sys [42256] =>.AVB Disc Soft, SIA®
O58 - SDL:2021/12/18 12:40:30 A . (.Disc Soft Ltd - DAEMON Tools Lite Virtual USB Bus Driver.) – C:\Windows\System32\drivers\dtliteusbbus.sys [63696] {76CEA6897FE1FB6E06DF03619025CC50}. =>.Disc Soft Ltd
O58 - SDL:2019/12/07 10:08:46 A . (.Microsoft Corporation - ATAPI Dump Driver.) – C:\Windows\System32\drivers\Dumpata.sys [37392] =>.Microsoft®
O58 - SDL:2021/12/17 01:38:03 A . (.Microsoft Corporation - Bitlocker Drive Encryption Crashdump Filter.) – C:\Windows\System32\drivers\dumpfve.sys [94176] =>.Microsoft®
O58 - SDL:2021/08/06 19:51:48 A . (.Microsoft Corporation - SD Crashdump Port Driver.) – C:\Windows\System32\drivers\dumpsd.sys [195408] =>.Microsoft®
O58 - SDL:2019/12/07 10:08:37 A . (.Microsoft Corporation - SD Host Controller Crashdump Port Driver.) – C:\Windows\System32\drivers\dumpsdport.sys [32768] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:08:52 A . (.Microsoft Corporation - Storport Dump Driver.) – C:\Windows\System32\drivers\Dumpstorport.sys [35128] =>.Microsoft®
O58 - SDL:2022/01/14 16:33:22 A . (.Microsoft Corporation - DirectX Graphics Kernel.) – C:\Windows\System32\drivers\dxgkrnl.sys [3814216] =>.Microsoft®
O58 - SDL:2022/01/14 16:33:22 A . (.Microsoft Corporation - DirectX Graphics MMS.) – C:\Windows\System32\drivers\dxgmms1.sys [456040] =>.Microsoft®
O58 - SDL:2022/01/14 16:33:22 A . (.Microsoft Corporation - DirectX Graphics MMS.) – C:\Windows\System32\drivers\dxgmms2.sys [903016] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:53 A . (.Intel Corporation - Intel(R) PRO/1000 Adapter NDIS 6 deserializ.) – C:\Windows\System32\drivers\E1G6032E.sys [147584] [Unsigned] =>.Intel Corporation
O58 - SDL:2022/01/13 13:48:32 A . (.ESET - ESET real-time file system monitor.) – C:\Windows\System32\drivers\eamonm.sys [184464] =>.ESET, spol. s r.o.®
O58 - SDL:2022/01/13 13:48:32 A . (.ESET - Devmon monitor.) – C:\Windows\System32\drivers\edevmon.sys [122944] =>.ESET, spol. s r.o.®
O58 - SDL:2022/01/12 10:35:12 A . (.ESET - ESET ELAM driver.) – C:\Windows\System32\drivers\eelam.sys [15824] =>.Microsoft®
O58 - SDL:2022/01/13 13:48:32 A . (.ESET - ESET Helper driver.) – C:\Windows\System32\drivers\ehdrv.sys [201976] =>.ESET, spol. s r.o.®
O58 - SDL:2021/08/06 19:53:32 A . (.Microsoft Corporation - Enhanced Storage Class driver for IEEE 1667.) – C:\Windows\System32\drivers\EhStorClass.sys [95032] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:50 A . (.Microsoft Corporation - Microsoft driver for storage devices suppor.) – C:\Windows\System32\drivers\EhStorTcgDrv.sys [124728] =>.Microsoft®
O58 - SDL:2022/01/13 13:48:32 A . (.ESET - ESET OPP Keyboard Filter.) – C:\Windows\System32\drivers\ekbdflt.sys [43904] =>.ESET, spol. s r.o.®
O58 - SDL:2022/01/13 13:48:32 A . (.ESET - ESET Firewall Driver.) – C:\Windows\System32\drivers\epfw.sys [69704] =>.ESET, spol. s r.o.®
O58 - SDL:2022/01/13 13:48:32 A . (.ESET - ESET Firewall Driver.) – C:\Windows\System32\drivers\epfwwfp.sys [110560] =>.ESET, spol. s r.o.®
O58 - SDL:2019/12/07 10:07:54 A . (.Microsoft Corporation - Error Device Driver.) – C:\Windows\System32\drivers\errdev.sys [15872] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:07:50 A . (.QLogic Corporation - QLogic 10 GigE VBD.) – C:\Windows\System32\drivers\evbda.sys [3418936] =>.Microsoft®
O58 - SDL:2021/12/15 16:53:56 A . (.Microsoft Corporation - Microsoft Extended FAT File System.) – C:\Windows\System32\drivers\exfat.sys [417608] =>.Microsoft®
O58 - SDL:2021/12/15 16:53:56 A . (.Microsoft Corporation - Fast FAT File System Driver.) – C:\Windows\System32\drivers\fastfat.sys [425288] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:54 A . (.Microsoft Corporation - Floppy Disk Controller Driver.) – C:\Windows\System32\drivers\fdc.sys [34816] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:08:09 A . (.Microsoft Corporation - Windows sandboxing and encryption filter.) – C:\Windows\System32\drivers\filecrypt.sys [59392] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:08:46 A . (.Microsoft Corporation - FileInfo Filter Driver.) – C:\Windows\System32\drivers\fileinfo.sys [94736] =>.Microsoft®
O58 - SDL:2019/12/07 10:08:46 A . (.Microsoft Corporation - File Trace Filter Driver.) – C:\Windows\System32\drivers\filetrace.sys [40448] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:07:54 A . (.Microsoft Corporation - Floppy Driver.) – C:\Windows\System32\drivers\flpydisk.sys [28672] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/01/29 23:55:57 A . (.Microsoft Corporation - Microsoft Filesystem Filter Manager.) – C:\Windows\System32\drivers\fltMgr.sys [435568] =>.Microsoft®
O58 - SDL:2021/08/06 19:51:59 A . (.Microsoft Corporation - File System Dependency Manager Mini Filter.) – C:\Windows\System32\drivers\fsdepends.sys [69968] =>.Microsoft®
O58 - SDL:2019/12/07 10:08:49 A . (.Microsoft Corporation - File System Recognizer Driver.) – C:\Windows\System32\drivers\fs_rec.sys [33592] =>.Microsoft®
O58 - SDL:2021/12/17 01:38:03 A . (.Microsoft Corporation - BitLocker Drive Encryption Driver.) – C:\Windows\System32\drivers\fvevol.sys [801608] =>.Microsoft®
O58 - SDL:2022/01/29 23:55:58 A . (.Microsoft Corporation - FWP/IPsec Kernel-Mode API.) – C:\Windows\System32\drivers\FWPKCLNT.SYS [502584] =>.Microsoft®
O58 - SDL:2019/12/07 10:08:05 A . (.Microsoft Corporation - GPU Energy Kernel Driver.) – C:\Windows\System32\drivers\gpuenergydrv.sys [8704] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/08/06 19:51:46 A . (.Microsoft Corporation - High Definition Audio Bus Driver.) – C:\Windows\System32\drivers\hdaudbus.sys [139776] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/08/06 19:51:46 A . (.Microsoft Corporation - High Definition Audio Function Driver.) – C:\Windows\System32\drivers\HdAudio.sys [430080] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:07:54 A . (.Microsoft Corporation - Hid Battery Driver.) – C:\Windows\System32\drivers\hidbatt.sys [39440] =>.Microsoft®
O58 - SDL:2021/08/06 19:51:47 A . (.Microsoft Corporation - Upravljački program Bluetooth minipriključk.) – C:\Windows\System32\drivers\hidbth.sys [120320] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/08/06 19:51:47 A . (.Microsoft Corporation - Hid Class Library.) – C:\Windows\System32\drivers\hidclass.sys [225792] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:07:56 A . (.Microsoft Corporation - I2C HID Miniport Driver.) – C:\Windows\System32\drivers\hidi2c.sys [57344] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:07:56 A . (.Microsoft Corporation - HID Button over Interrupt Driver.) – C:\Windows\System32\drivers\hidinterrupt.sys [55824] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:50 A . (.Microsoft Corporation - Infrared Miniport Driver for Input Devices.) – C:\Windows\System32\drivers\hidir.sys [48640] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/08/06 19:51:47 A . (.Microsoft Corporation - Hid Parsing Library.) – C:\Windows\System32\drivers\hidparse.sys [46080] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:07:56 A . (.Microsoft Corporation - SPI HID Miniport Driver.) – C:\Windows\System32\drivers\hidspi.sys [66560] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/08/06 19:51:47 A . (.Microsoft Corporation - USB Miniport Driver for Input Devices.) – C:\Windows\System32\drivers\hidusb.sys [44032] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:07:53 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) – C:\Windows\System32\drivers\HpSAMD.sys [64312] =>.Microsoft®
O58 - SDL:2022/01/14 16:33:26 A . (.Microsoft Corporation - HTTP Protocol Stack.) – C:\Windows\System32\drivers\http.sys [1576760] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:57 A . (.Microsoft Corporation - Hyper-V Crashdump.) – C:\Windows\System32\drivers\hvcrash.sys [35128] =>.Microsoft®
O58 - SDL:2022/01/29 23:56:05 A . (.Microsoft Corporation - Hypervisor Boot Driver.) – C:\Windows\System32\drivers\hvservice.sys [95048] =>.Microsoft®
O58 - SDL:2021/08/06 19:53:43 A . (.Microsoft Corporation - Microsoft Hyper-V Socket Provider.) – C:\Windows\System32\drivers\hvsocket.sys [148280] =>.Microsoft®
O58 - SDL:2021/08/06 19:52:47 A . (.Microsoft Corporation - Hardware Policy Driver.) – C:\Windows\System32\drivers\hwpolicy.sys [33096] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:57 A . (.Microsoft Corporation - Microsoft VMBus Synthetic Keyboard Driver.) – C:\Windows\System32\drivers\hyperkbd.sys [27448] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:57 A . (.Microsoft Corporation - Microsoft VMBus Video Device Miniport Drive.) – C:\Windows\System32\drivers\HyperVideo.sys [41784] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:56 A . (.Microsoft Corporation - i8042 Port Driver.) – C:\Windows\System32\drivers\i8042prt.sys [118272] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:07:47 A . (.Intel(R) Corporation - Intel(R) Serial IO GPIO Controller Driver.) – C:\Windows\System32\drivers\iagpio.sys [36352] [Unsigned] =>.Intel(R) Corporation
O58 - SDL:2019/12/07 10:07:47 A . (.Intel(R) Corporation - Intel(R) Serial IO I2C Driver.) – C:\Windows\System32\drivers\iai2c.sys [91136] [Unsigned] =>.Intel(R) Corporation
O58 - SDL:2019/12/07 10:07:47 A . (.Intel Corporation - Intel(R) Serial IO GPIO Driver v2.) – C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys [79360] [Unsigned] =>.Intel Corporation
O58 - SDL:2019/12/07 10:07:47 A . (.Intel Corporation - Intel(R) Serial IO GPIO Driver v2.) – C:\Windows\System32\drivers\iaLPSS2i_GPIO2_BXT_P.s ys [93184] [Unsigned] =>.Intel Corporation
O58 - SDL:2019/12/07 10:07:47 A . (.Intel Corporation - Intel(R) Serial IO GPIO Driver v2.) – C:\Windows\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [112128] [Unsigned] =>.Intel Corporation
O58 - SDL:2019/12/07 10:07:47 A . (.Intel Corporation - Intel(R) Serial IO GPIO Driver v2.) – C:\Windows\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [96256] [Unsigned] =>.Intel Corporation
O58 - SDL:2019/12/07 10:07:47 A . (.Intel Corporation - Intel(R) Serial IO I2C Driver v2.) – C:\Windows\System32\drivers\iaLPSS2i_I2C.sys [171520] [Unsigned] =>.Intel Corporation
O58 - SDL:2019/12/07 10:07:47 A . (.Intel Corporation - Intel(R) Serial IO I2C Driver v2.) – C:\Windows\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [175104] [Unsigned] =>.Intel Corporation
O58 - SDL:2019/12/07 10:07:47 A . (.Intel Corporation - Intel(R) Serial IO I2C Driver v2.) – C:\Windows\System32\drivers\iaLPSS2i_I2C_CNL.sys [177152] [Unsigned] =>.Intel Corporation
O58 - SDL:2019/12/07 10:07:47 A . (.Intel Corporation - Intel(R) Serial IO I2C Driver v2.) – C:\Windows\System32\drivers\iaLPSS2i_I2C_GLK.sys [177664] [Unsigned] =>.Intel Corporation
O58 - SDL:2019/12/07 10:07:50 A . (.Intel Corporation - Intel(R) Serial IO GPIO Controller Driver.) – C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [38128] =>.Intel Corporation - Client Components Group®
O58 - SDL:2019/12/07 10:07:50 A . (.Intel Corporation - Intel(R) Serial IO I2C Controller Driver.) – C:\Windows\System32\drivers\iaLPSSi_I2C.sys [113152] [Unsigned] =>.Intel Corporation
O58 - SDL:2021/12/12 11:39:35 A . (.Intel Corporation - Intel(R) Rapid Storage Technology driver -.) – C:\Windows\System32\drivers\iaStorAC.sys [1545392] {34770BB53021480D308F5E5593B49D84}. =>.Intel Corporation
O58 - SDL:2019/12/07 10:07:54 A . (.Intel Corporation - Intel(R) Rapid Storage Technology driver (i.) – C:\Windows\System32\drivers\iaStorAVC.sys [884752] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:54 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) – C:\Windows\System32\drivers\iaStorV.sys [412176] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:54 A . (.Mellanox - InfiniBand Fabric Bus Driver.) – C:\Windows\System32\drivers\ibbus.sys [558904] =>.Microsoft®
O58 - SDL:2021/08/06 19:52:32 A . (.Microsoft Corporation - Indirect displays kernel-mode filter driver.) – C:\Windows\System32\drivers\IndirectKmd.sys [47104] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/12/15 16:53:53 A . (.Microsoft Corporation - Intel PCI IDE Driver.) – C:\Windows\System32\drivers\intelide.sys [19792] =>.Microsoft®
O58 - SDL:2021/12/15 16:53:53 A . (.Microsoft Corporation - Intel Power Engine Plugin.) – C:\Windows\System32\drivers\intelpep.sys [418800] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:47 A . (.Microsoft Corporation - Intel Power Limit Driver.) – C:\Windows\System32\drivers\intelpmax.sys [30720] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/08/06 19:51:46 A . (.Microsoft Corporation - Processor Device Driver.) – C:\Windows\System32\drivers\intelppm.sys [230728] =>.Microsoft®
O58 - SDL:2021/08/06 19:51:46 A . (.Microsoft Corporation - Intel Telemetry Driver.) – C:\Windows\System32\drivers\IntelTA.sys [26608] =>.Microsoft®
O58 - SDL:2021/08/06 19:51:56 A . (.Microsoft Corporation - I/O rate control Filter.) – C:\Windows\System32\drivers\iorate.sys [57168] =>.Microsoft®
O58 - SDL:2021/08/06 19:53:00 A . (.Microsoft Corporation - IP FILTER DRIVER.) – C:\Windows\System32\drivers\ipfltdrv.sys [90112] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/08/06 19:51:46 A . (.Microsoft Corporation - WMI IPMI DRIVER.) – C:\Windows\System32\drivers\IPMIDrv.sys [117584] =>.Microsoft®
O58 - SDL:2019/12/07 10:08:34 A . (.Microsoft Corporation - IP Network Address Translator.) – C:\Windows\System32\drivers\ipnat.sys [225280] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:08:09 A . (.Microsoft Corporation - IPT Driver.) – C:\Windows\System32\drivers\ipt.sys [59704] =>.Microsoft®
O58 - SDL:2021/12/15 16:53:53 A . (.Microsoft Corporation - PNP ISA Bus Driver.) – C:\Windows\System32\drivers\isapnp.sys [22864] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:53 A . (.Avago Technologies - Avago SAS Gen3.5 Driver (StorPort).) – C:\Windows\System32\drivers\ItSas35i.sys [172344] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:56 A . (.Microsoft Corporation - Keyboard Class Driver.) – C:\Windows\System32\drivers\kbdclass.sys [71480] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:56 A . (.Microsoft Corporation - HID Keyboard Filter Driver.) – C:\Windows\System32\drivers\kbdhid.sys [46592] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/08/06 19:53:58 A . (.Microsoft Corporation - Keyboard Lockdown Subsystem.) – C:\Windows\System32\drivers\kbldfltr.sys [29000] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:56 A . (.Microsoft Corporation - Microsoft Kernel Debugger Network Miniport.) – C:\Windows\System32\drivers\kdnic.sys [33296] =>.Microsoft®
O58 - SDL:2021/08/06 19:51:56 A . (.Microsoft Corporation - Network Power Dependency Broker.) – C:\Windows\System32\drivers\KNetPwrDepBroker.sys [32256] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/08/06 19:52:53 A . (.Microsoft Corporation - Kernel CSA Library.) – C:\Windows\System32\drivers\ks.sys [449024] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/12/15 16:54:24 A . (.Microsoft Corporation - Kernel Security Support Provider Interface.) – C:\Windows\System32\drivers\ksecdd.sys [147256] =>.Microsoft®
O58 - SDL:2022/01/29 23:55:57 A . (.Microsoft Corporation - Kernel Security Support Provider Interface.) – C:\Windows\System32\drivers\ksecpkg.sys [180024] =>.Microsoft®
O58 - SDL:2019/12/07 10:08:58 A . (.Microsoft Corporation - Kernel Streaming WOW Thunk Service.) – C:\Windows\System32\drivers\ksthunk.sys [29696] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:08:55 A . (.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) – C:\Windows\System32\drivers\lltdio.sys [72704] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/12/19 00:12:18 A . (.Logitech - Logitech G Driver.) – C:\Windows\System32\drivers\logi_joy_bus_enum.sys [37200] =>.Logitech Inc®
O58 - SDL:2021/12/19 00:12:18 A . (.Logitech - Logitech G Driver.) – C:\Windows\System32\drivers\logi_joy_xlcore.sys [66896] =>.Logitech Inc®
O58 - SDL:2019/12/07 10:07:53 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) – C:\Windows\System32\drivers\lsi_sas.sys [108856] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:53 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) – C:\Windows\System32\drivers\lsi_sas2i.sys [124216] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:53 A . (.Avago Technologies - Avago SAS Gen3 Driver (StorPort).) – C:\Windows\System32\drivers\lsi_sas3i.sys [135992] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:53 A . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) – C:\Windows\System32\drivers\lsi_sss.sys [82744] =>.Microsoft®
O58 - SDL:2021/08/06 19:52:53 A . (.Microsoft Corporation - LUA File Virtualization Filter Driver.) – C:\Windows\System32\drivers\luafv.sys [140800] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:07:54 A . (.Microsoft Corporation - MA-USB Host Controller Driver.) – C:\Windows\System32\drivers\mausbhost.sys [537608] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:54 A . (.Microsoft Corporation - MA-USB IP Driver.) – C:\Windows\System32\drivers\mausbip.sys [64016] =>.Microsoft®
O58 - SDL:2021/08/06 19:51:56 A . (.Microsoft Corporation - Windows Mobile Broadband Class Extension.) – C:\Windows\System32\drivers\MbbCx.sys [391168] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:09:00 A . (.Microsoft Corporation - Medium changer class driver.) – C:\Windows\System32\drivers\mcd.sys [25088] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:07:53 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) – C:\Windows\System32\drivers\megasas.sys [59704] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:53 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) – C:\Windows\System32\drivers\MegaSas2i.sys [81720] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:53 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) – C:\Windows\System32\drivers\megasas35i.sys [105480] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:53 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) – C:\Windows\System32\drivers\megasr.sys [575800] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:47 A . (.Microsoft Corporation - Microsoft Bluetooth Avrcp Transport Driver.) – C:\Windows\System32\drivers\Microsoft.Bluetooth.Av rcpTransport.sys [65024] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/08/06 19:51:47 A . (.Microsoft Corporation - Legacy Bluetooth LE Bus Enumerator.) – C:\Windows\System32\drivers\Microsoft.Bluetooth.Le gacy.LEEnumerator.sys [106496] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:07:54 A . (.Mellanox - MLX4 Bus Driver.) – C:\Windows\System32\drivers\mlx4_bus.sys [1131320] =>.Microsoft®
O58 - SDL:2021/08/06 19:51:58 A . (.Microsoft Corporation - MMCSS Driver.) – C:\Windows\System32\drivers\mmcss.sys [53248] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/08/06 19:53:41 A . (.Microsoft Corporation - Modem Device Driver.) – C:\Windows\System32\drivers\modem.sys [47104] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/08/06 19:51:46 A . (.Microsoft Corporation - Monitor Driver.) – C:\Windows\System32\drivers\monitor.sys [83968] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:07:56 A . (.Microsoft Corporation - Mouse Class Driver.) – C:\Windows\System32\drivers\mouclass.sys [67600] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:56 A . (.Microsoft Corporation - HID Mouse Filter Driver.) – C:\Windows\System32\drivers\mouhid.sys [35328] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:08:49 A . (.Microsoft Corporation - Mount Point Manager.) – C:\Windows\System32\drivers\mountmgr.sys [110392] =>.Microsoft®
O58 - SDL:2019/12/07 10:08:33 A . (.Microsoft Corporation - Microsoft Protection Service Driver.) – C:\Windows\System32\drivers\mpsdrv.sys [80896] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/12/15 16:54:46 A . (.Microsoft Corporation - Windows NT WebDav Minirdr.) – C:\Windows\System32\drivers\mrxdav.sys [157696] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/12/17 01:37:44 A . (.Microsoft Corporation - Windows NT SMB Minirdr.) – C:\Windows\System32\drivers\mrxsmb.sys [574800] =>.Microsoft®
O58 - SDL:2021/12/17 01:37:44 A . (.Microsoft Corporation - Longhorn SMB 2.0 Redirector.) – C:\Windows\System32\drivers\mrxsmb20.sys [264528] =>.Microsoft®
O58 - SDL:2019/12/07 10:08:49 A . (.Microsoft Corporation - Mailslot driver.) – C:\Windows\System32\drivers\msfs.sys [44048] =>.Microsoft®
O58 - SDL:2021/08/06 19:52:13 A . (.Microsoft Corporation - GPIO Class Extension Driver.) – C:\Windows\System32\drivers\msgpioclx.sys [183112] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:56 A . (.Microsoft Corporation - GPIO Button Driver.) – C:\Windows\System32\drivers\msgpiowin32.sys [56120] =>.Microsoft®
O58 - SDL:2019/12/07 10:08:36 A . (.Microsoft Corporation - Pass-through HID to KMDF Filter Driver.) – C:\Windows\System32\drivers\mshidkmdf.sys [8192] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:08:16 A . (.Microsoft Corporation - Pass-through Driver for HID-UMDF Interface.) – C:\Windows\System32\drivers\mshidumdf.sys [12288] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:08:36 A . (.Microsoft Corporation - Hardware Notification Class Extension Drive.) – C:\Windows\System32\drivers\mshwnclx.sys [30208] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/12/15 16:53:53 A . (.Microsoft Corporation - ISA Driver.) – C:\Windows\System32\drivers\msisadrv.sys [20280] =>.Microsoft®
O58 - SDL:2021/08/06 19:51:46 A . (.Microsoft Corporation - Microsoft iSCSI Initiator Driver.) – C:\Windows\System32\drivers\msiscsi.sys [293176] =>.Microsoft®
O58 - SDL:2021/08/06 19:52:53 A . (.Microsoft Corporation - MS KS Server.) – C:\Windows\System32\drivers\mskssrv.sys [34816] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:09:05 A . (.Microsoft Corporation - Microsoft Link-Layer Discovery Protocol Dri.) – C:\Windows\System32\drivers\mslldp.sys [78848] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:08:58 A . (.Microsoft Corporation - MS Proxy Clock.) – C:\Windows\System32\drivers\mspclock.sys [11264] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:08:58 A . (.Microsoft Corporation - MS Proxy Quality Manager.) – C:\Windows\System32\drivers\mspqm.sys [11264] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/08/06 19:52:44 A . (.Microsoft Corporation - Windows QUIC Driver.) – C:\Windows\System32\drivers\msquic.sys [322376] =>.Microsoft®
O58 - SDL:2022/01/14 16:33:27 A . (.Microsoft Corporation - Kernel Remote Procedure Call Provider.) – C:\Windows\System32\drivers\msrpc.sys [375608] =>.Microsoft®
O58 - SDL:2021/12/17 01:37:24 A . (.Microsoft Corporation - Microsoft Security Events Component file sy.) – C:\Windows\System32\drivers\mssecflt.sys [331064] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:54 A . (.Microsoft Corporation - System Management BIOS Driver.) – C:\Windows\System32\drivers\mssmbios.sys [47928] =>.Microsoft®
O58 - SDL:2019/12/07 10:08:58 A . (.Microsoft Corporation - WDM Tee/Communication Transform Filter.) – C:\Windows\System32\drivers\mstee.sys [12288] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:07:53 A . (.Microsoft Corporation - Microsoft Multi-Touch HID Driver.) – C:\Windows\System32\drivers\MTConfig.sys [17920] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/08/06 19:52:50 A . (.Microsoft Corporation - Multiple UNC Provider Driver.) – C:\Windows\System32\drivers\mup.sys [132920] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:53 A . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) – C:\Windows\System32\drivers\mvumis.sys [63800] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:54 A . (.Mellanox - NetworkDirect Support Filter Driver.) – C:\Windows\System32\drivers\ndfltr.sys [146232] =>.Microsoft®
O58 - SDL:2021/12/17 01:37:44 A . (.Microsoft Corporation - Network Driver Interface Specification (NDI.) – C:\Windows\System32\drivers\ndis.sys [1476944] =>.Microsoft®
O58 - SDL:2019/12/07 10:09:48 A . (.Microsoft Corporation - Microsoft NDIS Packet Capture Filter Driver.) – C:\Windows\System32\drivers\ndiscap.sys [54272] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/08/06 19:52:57 A . (.Microsoft Corporation - Microsoft Network Adapter Multiplexor.) – C:\Windows\System32\drivers\NdisImPlatform.sys [135168] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/08/06 19:53:00 A . (.Microsoft Corporation - NDIS 3.0 connection wrapper driver.) – C:\Windows\System32\drivers\ndistapi.sys [28672] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:08:49 A . (.Microsoft Corporation - NDIS User mode I/O driver.) – C:\Windows\System32\drivers\ndisuio.sys [70656] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:09:05 A . (.Microsoft Corporation - Microsoft Virtual Network Adapter Enumerato.) – C:\Windows\System32\drivers\NdisVirtualBus.sys [23040] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/12/15 16:54:28 A . (.Microsoft Corporation - MS PPP Framing Driver (Strong Encryption).) – C:\Windows\System32\drivers\ndiswan.sys [212992] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:09:48 A . (.Microsoft Corporation - RDMA Sample Driver.) – C:\Windows\System32\drivers\NDKPing.sys [72720] =>.Microsoft®
O58 - SDL:2021/08/06 19:53:00 A . (.Microsoft Corporation - NDIS Proxy.) – C:\Windows\System32\drivers\ndproxy.sys [93696] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:09:33 A . (.Microsoft Corporation - Windows Network Data Usage Monitoring Drive.) – C:\Windows\System32\drivers\Ndu.sys [131584] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/12/17 01:37:44 A . (.Microsoft Corporation - Network Adapter Class Extension for WDF.) – C:\Windows\System32\drivers\NetAdapterCx.sys [214528] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:09:04 A . (.Microsoft Corporation - NetBIOS interface driver.) – C:\Windows\System32\drivers\netbios.sys [64312] =>.Microsoft®
O58 - SDL:2021/08/06 19:52:57 A . (.Microsoft Corporation - MBT Transport driver.) – C:\Windows\System32\drivers\netbt.sys [341504] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/01/29 23:55:58 A . (.Microsoft Corporation - Network I/O Subsystem.) – C:\Windows\System32\drivers\netio.sys [600888] =>.Microsoft®
O58 - SDL:2022/01/14 16:33:19 A . (.Microsoft Corporation - Virtual NDIS Miniport.) – C:\Windows\System32\drivers\netvsc.sys [252264] =>.Microsoft®
O58 - SDL:2019/12/07 10:08:49 A . (.Microsoft Corporation - NPFS Driver.) – C:\Windows\System32\drivers\npfs.sys [87568] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:56 A . (.Microsoft Corporation - Named pipe service triggers.) – C:\Windows\System32\drivers\npsvctrig.sys [27648] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/08/06 19:52:48 A . (.Microsoft Corporation - NSI Proxy.) – C:\Windows\System32\drivers\nsiproxy.sys [48640] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/01/29 23:55:57 A . (.Microsoft Corporation - NT File System Driver.) – C:\Windows\System32\drivers\ntfs.sys [2850152] =>.Microsoft®
O58 - SDL:2019/12/07 10:08:58 A . (.Microsoft Corporation - NTOS extension host driver.) – C:\Windows\System32\drivers\ntosext.sys [20792] =>.Microsoft®
O58 - SDL:2019/12/07 10:08:49 A . (.Microsoft Corporation - NULL Driver.) – C:\Windows\System32\drivers\null.sys [7680] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:07:54 A . (.Microsoft Corporation - NVDIMM device driver.) – C:\Windows\System32\drivers\nvdimm.sys [168464] =>.Microsoft®
O58 - SDL:2022/01/11 00:54:58 A . (.NVIDIA Corporation - NVIDIA HDMI Audio Driver.) – C:\Windows\System32\drivers\nvhda64v.sys [118952] =>.Nvidia Corporation®
O58 - SDL:2021/06/03 14:56:36 A . (.NVIDIA Corporation - Process and module monitoring driver.) – C:\Windows\System32\drivers\NvModuleTracker.sys [43408] =>.NVIDIA Corporation®
O58 - SDL:2019/12/07 10:07:53 A . (.NVIDIA Corporation - NVIDIA® nForce™ RAID Driver.) – C:\Windows\System32\drivers\nvraid.sys [150328] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:53 A . (.NVIDIA Corporation - NVIDIA® nForce™ Sata Performance Driver.) – C:\Windows\System32\drivers\nvstor.sys [166200] =>.Microsoft®
O58 - SDL:2021/11/01 04:00:10 A . (.NVIDIA Corporation - NVIDIA Virtual Audio Driver.) – C:\Windows\System32\drivers\nvvad64v.sys [48552] =>.Microsoft®
O58 - SDL:2021/06/02 15:03:18 A . (.NVIDIA Corporation - Virtual USB Host Controller driver.) – C:\Windows\System32\drivers\nvvhci.sys [67464] =>.NVIDIA Corporation®
O58 - SDL:2021/12/17 01:37:26 A . (.Microsoft Corporation - NativeWiFi Miniport Driver.) – C:\Windows\System32\drivers\nwifi.sys [757760] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/08/06 19:52:31 A . (.Microsoft Corporation - QoS Packet Scheduler.) – C:\Windows\System32\drivers\pacer.sys [161608] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:54 A . (.Microsoft Corporation - Parallel Port Driver.) – C:\Windows\System32\drivers\parport.sys [109056] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/12/17 01:37:44 A . (.Microsoft Corporation - Partition driver.) – C:\Windows\System32\drivers\partmgr.sys [182608] =>.Microsoft®
O58 - SDL:2021/12/17 01:37:24 A . (.Microsoft Corporation - NT Plug and Play PCI Enumerator.) – C:\Windows\System32\drivers\pci.sys [469840] =>.Microsoft®
O58 - SDL:2021/12/15 16:53:53 A . (.Microsoft Corporation - Generic PCI IDE Bus Driver.) – C:\Windows\System32\drivers\pciide.sys [16712] =>.Microsoft®
O58 - SDL:2021/12/15 16:53:53 A . (.Microsoft Corporation - PCI IDE Bus Driver Extension.) – C:\Windows\System32\drivers\pciidex.sys [56656] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:50 A . (.Microsoft Corporation - PCMCIA Bus Driver.) – C:\Windows\System32\drivers\pcmcia.sys [127800] =>.Microsoft®
O58 - SDL:2022/01/14 16:33:25 A . (.Microsoft Corporation - Performance Counters for Windows Driver.) – C:\Windows\System32\drivers\pcw.sys [57656] =>.Microsoft®
O58 - SDL:2021/08/06 19:51:59 A . (.Microsoft Corporation - Power Dependency Coordinator Driver.) – C:\Windows\System32\drivers\pdc.sys [159056] =>.Microsoft®
O58 - SDL:2021/12/17 01:37:25 A . (.Microsoft Corporation - Protected Environment Authentication and Au.) – C:\Windows\System32\drivers\PEAuth.sys [823808] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:07:53 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) – C:\Windows\System32\drivers\percsas2i.sys [58680] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:53 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) – C:\Windows\System32\drivers\percsas3i.sys [68408] =>.Microsoft®
O58 - SDL:2022/01/14 16:33:35 A . (.Microsoft Corporation - Packet Monitor Driver.) – C:\Windows\System32\drivers\PktMon.sys [130360] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:54 A . (.Microsoft Corporation - Persistent memory driver.) – C:\Windows\System32\drivers\pmem.sys [138040] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:50 A . (.Microsoft Corporation - Plug and Play Memory Driver.) – C:\Windows\System32\drivers\pnpmem.sys [17408] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:08:36 A . (.Microsoft Corporation - Port Device Class Configuration Filter Driv.) – C:\Windows\System32\drivers\portcfg.sys [27136] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/08/06 19:51:46 A . (.Microsoft Corporation - Port Class (Class Driver for Port/Miniport.) – C:\Windows\System32\drivers\portcls.sys [388608] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/08/06 19:51:46 A . (.Microsoft Corporation - Processor Device Driver.) – C:\Windows\System32\drivers\processr.sys [216376] =>.Microsoft®
O58 - SDL:2019/12/07 10:08:33 A . (.Microsoft Corporation - Time Travel Debugging Process Launch Monito.) – C:\Windows\System32\drivers\ProcLaunchMon.sys [43448] =>.Microsoft®
O58 - SDL:2019/12/07 10:09:05 A . (.Microsoft Corporation - Microsoft Quality Windows Audio Video Exper.) – C:\Windows\System32\drivers\qwavedrv.sys [53248] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:08:09 A . (.Microsoft Corporation - RAM Disk Driver.) – C:\Windows\System32\drivers\ramdisk.sys [42296] =>.Microsoft®
O58 - SDL:2021/08/06 19:53:00 A . (.Microsoft Corporation - RAS Automatic Connection Driver.) – C:\Windows\System32\drivers\rasacd.sys [20480] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/08/06 19:53:00 A . (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) – C:\Windows\System32\drivers\rasl2tp.sys [110080] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:09:07 A . (.Microsoft Corporation - RAS PPPoE mini-port/call-manager driver.) – C:\Windows\System32\drivers\raspppoe.sys [87552] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/08/06 19:53:00 A . (.Microsoft Corporation - Peer-to-Peer Tunneling Protocol.) – C:\Windows\System32\drivers\raspptp.sys [101888] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/08/06 19:53:00 A . (.Microsoft Corporation - RAS SSTP Miniport Call Manager.) – C:\Windows\System32\drivers\rassstp.sys [86016] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/12/15 16:54:24 A . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) – C:\Windows\System32\drivers\rdbss.sys [456008] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:56 A . (.Microsoft Corporation - Microsoft RDP Bus Device driver.) – C:\Windows\System32\drivers\rdpbus.sys [28672] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/08/06 19:53:40 A . (.Microsoft Corporation - Microsoft RDP Device redirector.) – C:\Windows\System32\drivers\rdpdr.sys [169984] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/01/14 16:33:35 A . (.Microsoft Corporation - Microsoft RDP Video Miniport driver.) – C:\Windows\System32\drivers\rdpvideominiport.sys [32624] =>.Microsoft®
O58 - SDL:2019/12/07 10:09:54 A . (.Microsoft Corporation - ReadyBoost Driver.) – C:\Windows\System32\drivers\rdyboost.sys [297784] =>.Microsoft®
O58 - SDL:2022/01/29 23:55:56 A . (.Microsoft Corporation - NT ReFS FS Driver.) – C:\Windows\System32\drivers\refs.sys [2004792] =>.Microsoft®
O58 - SDL:2022/01/14 16:33:24 A . (.Microsoft Corporation - NT ReFS FS Driver.) – C:\Windows\System32\drivers\refsv1.sys [990536] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:56 A . (.Microsoft Corporation - Bluetooth RFCOMM Driver.) – C:\Windows\System32\drivers\rfcomm.sys [213504] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/08/06 19:51:48 A . (.Microsoft Corporation - Microsoft RemoteFX VM Transport.) – C:\Windows\System32\drivers\RfxVmt.sys [8192] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:07:50 A . (.Microsoft Corporation - ResourceHub Proxy Driver.) – C:\Windows\System32\drivers\rhproxy.sys [115712] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:09:41 A . (.Microsoft Corporation - Reliable Multicast Transport.) – C:\Windows\System32\drivers\rmcast.sys [158208] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:09:07 A . (.Microsoft Corporation - Remote NDIS Miniport.) – C:\Windows\System32\drivers\RNDISMP.sys [37376] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:09:51 A . (.Microsoft Corporation - Legacy Non-Pnp Modem Device Driver.) – C:\Windows\System32\drivers\rootmdm.sys [13824] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:08:55 A . (.Microsoft Corporation - Link-Layer Topology Responder Driver for ND.) – C:\Windows\System32\drivers\rspndr.sys [89088] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/01/12 11:57:38 A . (.Realtek - Realtek 8125/8136/8168/8169 NDIS 6.40 64-bi.) – C:\Windows\System32\drivers\rt640x64.sys [1159216] =>.Realtek Semiconductor Corp.®
O58 - SDL:2019/12/07 10:08:09 RA . (.Realtek - Realtek PCIe GBE Family Controller Flight.) – C:\Windows\System32\drivers\rteth.sys [48640] [Unsigned] =>.Realtek
O58 - SDL:2021/02/17 02:40:44 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) – C:\Windows\System32\drivers\RTKVHD64.sys [5977120] =>.Realtek Semiconductor Corp.®
O58 - SDL:2021/12/15 16:53:53 A . (.Microsoft Corporation - SBP-2 Protocol Driver.) – C:\Windows\System32\drivers\sbp2port.sys [118088] =>.Microsoft®
O58 - SDL:2021/08/06 19:53:02 A . (.Microsoft Corporation - Microsoft Smart Card Reader Filter Driver.) – C:\Windows\System32\drivers\scfilter.sys [44032] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/01/29 23:55:44 A . (.Microsoft Corporation - Storage Class Memory Bus Driver.) – C:\Windows\System32\drivers\scmbus.sys [158520] =>.Microsoft®
O58 - SDL:2021/12/15 16:54:26 A . (.Microsoft Corporation - SCSI Port Driver.) – C:\Windows\System32\drivers\scsiport.sys [188232] =>.Microsoft®
O58 - SDL:2021/08/06 19:51:48 A . (.Microsoft Corporation - SecureDigital Bus Driver.) – C:\Windows\System32\drivers\sdbus.sys [305472] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:50 A . (.Microsoft Corporation - SDF Reflector.) – C:\Windows\System32\drivers\SDFRd.sys [35128] =>.Microsoft®
O58 - SDL:2019/12/07 10:08:09 A . (.Microsoft Corporation - SD Host Controller Port Driver.) – C:\Windows\System32\drivers\sdport.sys [105488] =>.Microsoft®
O58 - SDL:2021/12/15 16:53:54 A . (.Microsoft Corporation - SD Storage Class Driver.) – C:\Windows\System32\drivers\sdstor.sys [104264] =>.Microsoft®
O58 - SDL:2019/12/07 10:08:36 A . (.Microsoft Corporation - Serial Class Extension.) – C:\Windows\System32\drivers\SerCx.sys [86328] =>.Microsoft®
O58 - SDL:2019/12/07 10:08:36 A . (.Microsoft Corporation - Serial Class Extension V2.) – C:\Windows\System32\drivers\SerCx2.sys [173072] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:54 A . (.Microsoft Corporation - Serial Port Enumerator.) – C:\Windows\System32\drivers\serenum.sys [27648] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:07:54 A . (.Microsoft Corporation - Serial Device Driver.) – C:\Windows\System32\drivers\serial.sys [90624] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:07:56 A . (.Microsoft Corporation - Serial Mouse Filter Driver.) – C:\Windows\System32\drivers\sermouse.sys [29184] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:07:54 A . (.Microsoft Corporation - SCSI Floppy Driver.) – C:\Windows\System32\drivers\sfloppy.sys [19456] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:09:33 A . (.Microsoft Corporation - System Guard Runtime Monitor Agent Driver.) – C:\Windows\System32\drivers\SgrmAgent.sys [88080] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:53 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) – C:\Windows\System32\drivers\sisraid2.sys [44856] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:53 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) – C:\Windows\System32\drivers\sisraid4.sys [81720] =>.Microsoft®
O58 - SDL:2019/12/07 10:08:49 A . (.Microsoft Corporation - Sleep Study Helper.) – C:\Windows\System32\drivers\SleepStudyHelper.sys [38200] =>.Microsoft®
O58 - SDL:2017/03/09 13:53:28 A . (.IObit - SmartDefrag Driver.) – C:\Windows\System32\drivers\SmartDefragDriver.sys [30744] =>.IObit Information Technology®
O58 - SDL:2019/12/07 10:07:53 A . (.Microsemi Corportation - Storport Miniport Driver for SmartRAID/Smar.) – C:\Windows\System32\drivers\SmartSAMD.sys [209720] =>.Microsoft®
O58 - SDL:2019/12/07 10:52:17 A . (.Microsoft Corporation - SMB Network Direct Driver.) – C:\Windows\System32\drivers\smbdirect.sys [172544] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:09:09 A . (.Microsoft Corporation - Smart Card Driver Library.) – C:\Windows\System32\drivers\smclib.sys [21504] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/01/29 23:55:44 A . (.Microsoft Corporation - Storage Spaces Dump Driver.) – C:\Windows\System32\drivers\spacedump.sys [215864] =>.Microsoft®
O58 - SDL:2019/12/07 10:09:34 A . (.Microsoft Corporation - Storage Spaces Parser.) – C:\Windows\System32\drivers\spaceparser.sys [26624] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/01/29 23:55:44 A . (.Microsoft Corporation - Storage Spaces Driver.) – C:\Windows\System32\drivers\spaceport.sys [679736] =>.Microsoft®
O58 - SDL:2019/12/07 10:52:15 A . (.Microsoft Corporation - Holographic Spatial Graph Filter.) – C:\Windows\System32\drivers\SpatialGraphFilter.sys [90936] =>.Microsoft®
O58 - SDL:2019/12/07 10:08:37 A . (.Microsoft Corporation - SPB Class Extension.) – C:\Windows\System32\drivers\SpbCx.sys [87352] =>.Microsoft®
O58 - SDL:2021/12/15 16:54:24 A . (.Microsoft Corporation - Smb 2.0 Server driver.) – C:\Windows\System32\drivers\srv2.sys [787968] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/08/06 19:52:50 A . (.Microsoft Corporation - Server Network driver.) – C:\Windows\System32\drivers\srvnet.sys [315392] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/10/08 11:00:36 A . (.Samsung Electronics Co., Ltd. - SAMSUNG USB Composite Device Driver.) – C:\Windows\System32\drivers\ssudbus2.sys [160376] =>.Samsung Electronics Co., Ltd.®
O58 - SDL:2019/12/07 10:07:53 A . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) – C:\Windows\System32\drivers\stexstor.sys [31032] =>.Microsoft®
O58 - SDL:2021/12/15 16:53:53 A . (.Microsoft Corporation - MS AHCI Storport Miniport Driver.) – C:\Windows\System32\drivers\storahci.sys [186168] =>.Microsoft®
O58 - SDL:2021/12/15 16:53:53 A . (.Microsoft Corporation - Microsoft NVM Express Storport Miniport Dri.) – C:\Windows\System32\drivers\stornvme.sys [158008] =>.Microsoft®
O58 - SDL:2022/01/14 16:33:20 A . (.Microsoft Corporation - Microsoft Storage Port Driver.) – C:\Windows\System32\drivers\storport.sys [723304] =>.Microsoft®
O58 - SDL:2019/12/07 10:08:37 A . (.Microsoft Corporation - Storage QoS Filter.) – C:\Windows\System32\drivers\storqosflt.sys [92984] =>.Microsoft®
O58 - SDL:2021/12/15 16:53:53 A . (.Microsoft Corporation - MS UFS Storport Miniport Driver.) – C:\Windows\System32\drivers\storufs.sys [61264] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:57 A . (.Microsoft Corporation - Storage VSC Driver.) – C:\Windows\System32\drivers\storvsc.sys [44048] =>.Microsoft®
O58 - SDL:2019/12/07 10:09:00 A . (.Microsoft Corporation - WDM CODEC Class Device Driver 2.0.) – C:\Windows\System32\drivers\stream.sys [82432] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/08/06 19:51:48 A . (.Microsoft Corporation - Microsoft RemoteFX Synth3D Video VSC.) – C:\Windows\System32\drivers\Synth3dVsc.sys [6656] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:09:00 A . (.Microsoft Corporation - SCSI Tape Class Driver.) – C:\Windows\System32\drivers\tape.sys [33280] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/05/28 11:42:20 A . (.The OpenVPN Project - TAP-Windows Virtual Network Driver (NDIS 6..) – C:\Windows\System32\drivers\tapprotonvpn.sys [49024] =>.Microsoft®
O58 - SDL:2021/08/06 19:52:02 A . (.Microsoft Corporation - Export driver for kernel mode TPM API.) – C:\Windows\System32\drivers\tbs.sys [31568] =>.Microsoft®
O58 - SDL:2022/01/29 23:55:58 A . (.Microsoft Corporation - Upravljački program za TCP/IP.) – C:\Windows\System32\drivers\tcpip.sys [2991416] =>.Microsoft®
O58 - SDL:2019/12/07 10:09:04 A . (.Microsoft Corporation - TCP/IP Registry Compatibility Driver.) – C:\Windows\System32\drivers\tcpipreg.sys [54784] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:08:49 A . (.Microsoft Corporation - TDI Wrapper.) – C:\Windows\System32\drivers\tdi.sys [39736] =>.Microsoft®
O58 - SDL:2021/12/15 16:54:39 A . (.Microsoft Corporation - TDI Translation Driver.) – C:\Windows\System32\drivers\tdx.sys [117584] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:56 A . (.Microsoft Corporation - Terminal Server Input Driver.) – C:\Windows\System32\drivers\terminpt.sys [41272] =>.Microsoft®
O58 - SDL:2021/12/15 16:54:24 A . (.Microsoft Corporation - Kernel Transaction Manager Driver.) – C:\Windows\System32\drivers\tm.sys [142136] =>.Microsoft®
O58 - SDL:2021/08/06 19:51:48 A . (.Microsoft Corporation - TPM Device Driver.) – C:\Windows\System32\drivers\tpm.sys [255288] =>.Microsoft®
O58 - SDL:2019/12/07 10:08:09 A . (.Microsoft Corporation - Remote Desktop USB Hub Filter Driver.) – C:\Windows\System32\drivers\TsUsbFlt.sys [66560] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/08/06 19:51:46 A . (.Microsoft Corporation - Remote Desktop Generic USB Driver.) – C:\Windows\System32\drivers\TsUsbGD.sys [37888] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/12/15 16:53:54 A . (.Microsoft Corporation - Remote Desktop USB Hub.) – C:\Windows\System32\drivers\tsusbhub.sys [137728] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:09:04 A . (.Microsoft Corporation - Microsoft Tunnel Interface Driver.) – C:\Windows\System32\drivers\tunnel.sys [129024] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/08/06 19:51:47 A . (.Microsoft Corporation - Microsoft Uasp Driver.) – C:\Windows\System32\drivers\uaspstor.sys [79160] =>.Microsoft®
O58 - SDL:2021/12/15 16:54:15 A . (.Microsoft Corporation - USB Connector Manager KMDF Class Extension.) – C:\Windows\System32\drivers\UcmCx.sys [160256] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:08:37 A . (.Microsoft Corporation - UCM-TCPCI KMDF Class Extension.) – C:\Windows\System32\drivers\UcmTcpciCx.sys [188416] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:07:56 A . (.Microsoft Corporation - UCM-UCSI ACPI Client Driver.) – C:\Windows\System32\drivers\UcmUcsiAcpiClient.sys [36864] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/08/06 19:52:32 A . (.Microsoft Corporation - UCM-UCSI KMDF Class Extension.) – C:\Windows\System32\drivers\UcmUcsiCx.sys [113152] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:08:09 A . (.Microsoft Corporation - USB Controller Extension.) – C:\Windows\System32\drivers\Ucx01000.sys [259896] =>.Microsoft®
O58 - SDL:2019/12/07 10:08:09 A . (.Microsoft Corporation - “udecx.DRIVER”.) – C:\Windows\System32\drivers\Udecx.sys [52736] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:09:51 A . (.Microsoft Corporation - UDF File System Driver.) – C:\Windows\System32\drivers\udfs.sys [344064] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/12/15 16:54:54 A . (.Microsoft Corporation - Microsoft User Experience Virtualization Ag.) – C:\Windows\System32\drivers\UevAgentDriver.sys [41288] =>.Microsoft®
O58 - SDL:2021/12/15 16:54:15 A . (.Microsoft Corporation - USB Function Driver Class Extension.) – C:\Windows\System32\drivers\ufx01000.sys [324432] =>.Microsoft®
O58 - SDL:2021/08/06 19:51:47 A . (.Microsoft Corporation - UFX Synopsys Client Driver.) – C:\Windows\System32\drivers\ufxsynopsys.sys [168264] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:56 A . (.Microsoft Corporation - Generic pass-through driver.) – C:\Windows\System32\drivers\umpass.sys [15360] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:08:37 A . (.Microsoft Corporation - USB Role-Switch Class Extension.) – C:\Windows\System32\drivers\urscx01000.sys [76304] =>.Microsoft®
O58 - SDL:2019/12/07 10:09:07 A . (.Microsoft Corporation - Remote NDIS USB Driver.) – C:\Windows\System32\drivers\usb8023.sys [24064] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/12/15 16:53:53 A . (.Microsoft Corporation - USB Audio Class Driver.) – C:\Windows\System32\drivers\USBAUDIO.sys [209920] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:07:50 A . (.Microsoft Corporation - Microsoft USB Audio Class 2.0 Driver.) – C:\Windows\System32\drivers\usbaudio2.sys [260608] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:08:41 A . (.Microsoft Corporation - Universal Serial Bus Camera Driver.) – C:\Windows\System32\drivers\USBCAMD2.sys [40448] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/08/06 19:51:47 A . (.Microsoft Corporation - USB Common Class Generic Parent Driver.) – C:\Windows\System32\drivers\usbccgp.sys [185664] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:50 A . (.Microsoft Corporation - USB Consumer IR Driver for eHome.) – C:\Windows\System32\drivers\usbcir.sys [107520] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:07:56 A . (.Microsoft Corporation - Universal Serial Bus Driver.) – C:\Windows\System32\drivers\usbd.sys [33080] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:56 A . (.Microsoft Corporation - EHCI eUSB Miniport Driver.) – C:\Windows\System32\drivers\usbehci.sys [86544] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:56 A . (.Microsoft Corporation - Default Hub Driver for USB.) – C:\Windows\System32\drivers\usbhub.sys [528184] =>.Microsoft®
O58 - SDL:2021/12/15 16:53:54 A . (.Microsoft Corporation - USB3 HUB Driver.) – C:\Windows\System32\drivers\USBHUB3.SYS [648016] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:56 A . (.Microsoft Corporation - OHCI USB Miniport Driver.) – C:\Windows\System32\drivers\usbohci.sys [30208] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:08:37 A . (…) – C:\Windows\System32\drivers\UsbPmApi.sys [53248] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:07:56 A . (.Microsoft Corporation - USB 1.1 & 2.0 Port Driver.) – C:\Windows\System32\drivers\usbport.sys [473400] =>.Microsoft®
O58 - SDL:2022/01/29 23:55:44 A . (.Microsoft Corporation - USB Printer driver.) – C:\Windows\System32\drivers\usbprint.sys [40448] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/12/15 16:53:53 A . (.Microsoft Corporation - USB Serial Driver.) – C:\Windows\System32\drivers\usbser.sys [81408] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/12/15 16:53:54 A . (.Microsoft Corporation - USB Mass Storage Class Driver.) – C:\Windows\System32\drivers\USBSTOR.SYS [136528] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:56 A . (.Microsoft Corporation - UHCI USB Miniport Driver.) – C:\Windows\System32\drivers\usbuhci.sys [39424] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/01/29 23:55:44 A . (.Microsoft Corporation - USB XHCI Driver.) – C:\Windows\System32\drivers\USBXHCI.SYS [629048] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:54 A . (.Microsoft Corporation - Virtual Drive Root Enumerator.) – C:\Windows\System32\drivers\vdrvroot.sys [67384] =>.Microsoft®
O58 - SDL:2019/12/07 10:08:49 A . (.Microsoft Corporation - Driver Verifier Extension.) – C:\Windows\System32\drivers\VerifierExt.sys [347448] =>.Microsoft®
O58 - SDL:2021/12/15 16:53:53 A . (.Microsoft Corporation - VHD Miniport Driver.) – C:\Windows\System32\drivers\vhdmp.sys [820536] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:54 A . (.Microsoft Corporation - Virtual HID Framework (VHF) Driver.) – C:\Windows\System32\drivers\vhf.sys [47616] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/01/14 16:33:19 A . (.Microsoft Corporation - Microsoft Hyper-V Virtualization Infrastruc.) – C:\Windows\System32\drivers\Vid.sys [641352] =>.Microsoft®
O58 - SDL:2019/12/07 10:08:49 A . (.Microsoft Corporation - Video Port Driver.) – C:\Windows\System32\drivers\videoprt.sys [47104] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:09:51 A . (.Microsoft Corporation - Hyper-V VMBus KMCL.) – C:\Windows\System32\drivers\vmbkmcl.sys [114488] =>.Microsoft®
O58 - SDL:2022/01/14 16:33:19 A . (.Microsoft Corporation - Microsoft Hyper-V Virtual Machine Bus Child.) – C:\Windows\System32\drivers\vmbus.sys [160072] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:57 A . (.Microsoft Corporation - Microsoft VMBus HID Miniport.) – C:\Windows\System32\drivers\VMBusHID.sys [36664] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:57 A . (.Microsoft Corporation - Virtual Machine Generation Counter.) – C:\Windows\System32\drivers\vmgencounter.sys [23864] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:57 A . (.Microsoft Corporation - Virtual Machine Guest Infrastructure Driver.) – C:\Windows\System32\drivers\vmgid.sys [19768] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:57 A . (.Microsoft Corporation - Microsoft S3 Emulated Device Cap Driver.) – C:\Windows\System32\drivers\vms3cap.sys [18960] =>.Microsoft®
O58 - SDL:2021/08/06 19:51:48 A . (.Microsoft Corporation - Virtual Storage Filter Driver.) – C:\Windows\System32\drivers\vmstorfl.sys [54080] =>.Microsoft®
O58 - SDL:2021/08/06 19:51:46 A . (.Microsoft Corporation - Volume Manager Driver.) – C:\Windows\System32\drivers\volmgr.sys [90960] =>.Microsoft®
O58 - SDL:2019/12/07 10:09:37 A . (.Microsoft Corporation - Volume Manager Extension Driver.) – C:\Windows\System32\drivers\volmgrx.sys [389432] =>.Microsoft®
O58 - SDL:2021/08/06 19:52:06 A . (.Microsoft Corporation - Volume Shadow Copy driver.) – C:\Windows\System32\drivers\volsnap.sys [429880] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:53 A . (.Microsoft Corporation - Volume driver.) – C:\Windows\System32\drivers\volume.sys [16696] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:57 A . (.Microsoft Corporation - Virtual PCI Bus.) – C:\Windows\System32\drivers\vpci.sys [89400] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:54 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) – C:\Windows\System32\drivers\vsmraid.sys [166712] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:54 A . (.VIA Corporation - VIA StorX RAID Controller Driver.) – C:\Windows\System32\drivers\VSTXRAID.SYS [305464] =>.Microsoft®
O58 - SDL:2019/12/07 10:08:13 A . (.Microsoft Corporation - Virtual Wireless Bus Driver.) – C:\Windows\System32\drivers\vwifibus.sys [29184] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/12/15 16:54:00 A . (.Microsoft Corporation - Virtual WiFi Filter Driver.) – C:\Windows\System32\drivers\vwififlt.sys [77824] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:08:13 A . (.Microsoft Corporation - Virtual WiFi Miniport Driver.) – C:\Windows\System32\drivers\vwifimp.sys [50688] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:07:53 A . (.Microsoft Corporation - Wacom Serial Pen Tablet HID Driver.) – C:\Windows\System32\drivers\wacompen.sys [31232] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/08/06 19:53:00 A . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) – C:\Windows\System32\drivers\wanarp.sys [93184] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/08/06 19:52:13 A . (.Microsoft Corporation - Watchdog Driver.) – C:\Windows\System32\drivers\watchdog.sys [74752] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/12/15 16:54:14 A . (.Microsoft Corporation - Windows Container Isolation FS Filter Drive.) – C:\Windows\System32\drivers\wcifs.sys [202568] =>.Microsoft®
O58 - SDL:2021/08/06 19:52:32 A . (.Microsoft Corporation - Windows Container Name Virtualization FS Fi.) – C:\Windows\System32\drivers\wcnfs.sys [93184] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:08:15 A . (.Microsoft Corporation - Microsoft antimalware boot driver.) – C:\Windows\System32\drivers\WdBoot.sys [46688] =>.Microsoft®
O58 - SDL:2021/08/06 19:52:48 A . (.Microsoft Corporation - Kernel Mode Driver Framework Runtime.) – C:\Windows\System32\drivers\Wdf01000.sys [827696] =>.Microsoft®
O58 - SDL:2019/12/07 10:08:15 A . (.Microsoft Corporation - Microsoft antimalware file system filter dr.) – C:\Windows\System32\drivers\WdFilter.sys [350136] =>.Microsoft®
O58 - SDL:2021/08/06 19:52:48 A . (.Microsoft Corporation - Kernel Mode Driver Framework Loader.) – C:\Windows\System32\drivers\WdfLdr.sys [59192] =>.Microsoft®
O58 - SDL:2021/12/15 16:54:00 A . (.Microsoft Corporation - WDI Driver Framework Driver.) – C:\Windows\System32\drivers\WdiWiFi.sys [967168] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:08:39 A . (.Microsoft Corporation - WDM Companion Filter.) – C:\Windows\System32\drivers\WdmCompanionFilter.sys [23560] =>.Microsoft®
O58 - SDL:2019/12/07 10:08:16 A . (.Microsoft Corporation - Windows Defender Network Stream Filter.) – C:\Windows\System32\drivers\WdNisDrv.sys [54200] =>.Microsoft®
O58 - SDL:2019/12/07 10:08:49 A . (.Microsoft Corporation - Windows Error Reporting Kernel Driver.) – C:\Windows\System32\drivers\werkernel.sys [52024] =>.Microsoft®
O58 - SDL:2022/01/29 23:55:53 A . (.Microsoft Corporation - WFP NDIS 6.30 Lightweight Filter Driver.) – C:\Windows\System32\drivers\wfplwfs.sys [180024] =>.Microsoft®
O58 - SDL:2021/12/15 16:54:20 A . (.Microsoft Corporation - Wim file system Driver.) – C:\Windows\System32\drivers\wimmount.sys [39760] =>.Microsoft®
O58 - SDL:2019/12/07 10:08:37 A . (.Microsoft Corporation - Windows Trusted Runtime Interface Driver.) – C:\Windows\System32\drivers\WindowsTrustedRT.sys [76984] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:56 A . (.Microsoft Corporation - Windows Trusted Runtime Service Proxy Drive.) – C:\Windows\System32\drivers\WindowsTrustedRTProxy. sys [18920] =>.Microsoft®
O58 - SDL:2019/12/07 10:09:51 A . (.Microsoft Corporation - Windows Hypervisor Interface Driver.) – C:\Windows\System32\drivers\winhv.sys [32784] =>.Microsoft®
O58 - SDL:2019/12/07 10:09:33 A . (.Microsoft Corporation - Windows Hypervisor Root Interface Driver.) – C:\Windows\System32\drivers\winhvr.sys [96056] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:54 A . (.Mellanox - Kernel WinMad.) – C:\Windows\System32\drivers\winmad.sys [36152] =>.Microsoft®
O58 - SDL:2022/01/29 23:55:45 A . (.Microsoft Corporation - Windows NAT Driver.) – C:\Windows\System32\drivers\winnat.sys [266240] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/01/17 17:39:56 A . (.WireGuard LLC - Wintun Driver.) – C:\Windows\System32\drivers\wintun.sys [29680] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:56 A . (.Microsoft Corporation - Windows WinUSB Class Driver.) – C:\Windows\System32\drivers\winusb.sys [107008] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:07:54 A . (.Mellanox - Kernel WinVerbs.) – C:\Windows\System32\drivers\winverbs.sys [73016] =>.Microsoft®
O58 - SDL:2019/12/07 10:07:54 A . (.Microsoft Corporation - Windows Management Interface for ACPI.) – C:\Windows\System32\drivers\wmiacpi.sys [19456] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:08:49 A . (.Microsoft Corporation - WMILIB WMI support library Dll.) – C:\Windows\System32\drivers\wmilib.sys [19472] =>.Microsoft®
O58 - SDL:2021/08/06 19:52:43 A . (.Microsoft Corporation - Windows Overlay Filter.) – C:\Windows\System32\drivers\wof.sys [234296] =>.Microsoft®
O58 - SDL:2019/12/07 10:52:17 A . (.Microsoft Corporation - Windows Portable Device Upper Class Filter.) – C:\Windows\System32\drivers\WpdUpFltr.sys [32568] =>.Microsoft®
O58 - SDL:2019/12/07 10:08:49 A . (.Microsoft Corporation - WPP Trace Recorder.) – C:\Windows\System32\drivers\WppRecorder.sys [43832] =>.Microsoft®
O58 - SDL:2019/12/07 10:08:41 A . (.Microsoft Corporation - Winsock2 IFS Layer.) – C:\Windows\System32\drivers\ws2ifsl.sys [25088] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/01/14 16:33:28 A . (.Microsoft Corporation - Windows Driver Foundation - User-mode Drive.) – C:\Windows\System32\drivers\WUDFPf.sys [136192] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/01/14 16:33:28 A . (.Microsoft Corporation - Windows Driver Foundation - User-mode Drive.) – C:\Windows\System32\drivers\WUDFRd.sys [315392] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/12/17 01:37:24 A . (.Microsoft Corporation - Game Input Protocol Driver.) – C:\Windows\System32\drivers\xboxgip.sys [330752] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2021/12/17 01:37:24 A . (.Microsoft Corporation - XINPUT filter driver for HID.) – C:\Windows\System32\drivers\xinputhid.sys [51712] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:07:47 A . (.Microsoft Corporation - Xbox 360 Common Controller for Windows Driv.) – C:\Windows\System32\drivers\xusb22.sys [102400] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/01/14 16:33:23 A . (.Microsoft Corporation - Multi-User Win32 Driver.) – C:\Windows\System32\win32k.sys [596992] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/01/29 23:55:52 A . (.Microsoft Corporation - Osnovni Win32 jezgreni upravljački program.) – C:\Windows\System32\win32kbase.sys [2891776] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/01/29 23:55:53 A . (.Microsoft Corporation - Full/Desktop Win32k Kernel Driver.) – C:\Windows\System32\win32kfull.sys [3812864] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2019/12/07 10:08:34 A . (.Microsoft Corporation - Win32k non session driver.) – C:\Windows\System32\win32kns.sys [30208] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/01/14 16:33:32 A . (.Microsoft Corporation - Multi-User Win32 Driver.) – C:\Windows\SysWOW64\win32k.sys [329728] [Unsigned] =>.Microsoft Corporation
O58 - SDL:2022/01/29 23:56:04 A . (.Microsoft Corporation - Full/Desktop Win32k Kernel Driver.) – C:\Windows\SysWOW64\win32kfull.sys [2751488] [Unsigned] =>.Microsoft Corporation
—\ File Associations Shell Spawning (10) - 1s
O67 - Shell Spawning: <.bat> [HKLM..\open\Command] (…) – “%1” %* =>.Default.Value
O67 - Shell Spawning: <.cpl> [HKLM..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) – C:\Windows\System32\control.exe [Unsigned] =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> [HKLM..\open\Command] (…) – “%1” %* =>.Default.Value
O67 - Shell Spawning: <.com> [HKLM..\open\Command] (…) – “%1” %* =>.Default.Value
O67 - Shell Spawning: <.evt> [HKLM..\open\Command] (.Microsoft Corporation - Event Viewer Snapin Launcher.) – C:\Windows\System32\eventvwr.exe [Unsigned] =>.Microsoft Corporation
O67 - Shell Spawning: <.exe> [HKLM..\open\Command] (…) – “%1” %* =>.Default.Value
O67 - Shell Spawning: <.html> [HKLM..\open\Command] (.Microsoft Corporation - Internet Explorer.) – C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft®
O67 - Shell Spawning: <.js> [HKLM..\open\Command] (…) – C:\Windows\System32\WScript.exe “%1” %* =>.Default.Value
O67 - Shell Spawning: <.reg> [HKLM..\open\Command] (.Microsoft Corporation - Registry Editor.) – C:\Windows\regedit.exe [Unsigned] =>.Microsoft Corporation
O67 - Shell Spawning: <.scr> [HKLM..\open\Command] (…) – “%1” /S =>.Default.Value
—\ Start Menu Internet (8) - 0s
O68 - StartMenuInternet: [64Bits][HKLM..\Shell\open\Command] (.Google LLC - Google Chrome.) – C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google LLC®
O68 - StartMenuInternet: <IEXPLORE.EXE> [64Bits][HKLM..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) – C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft®
O68 - StartMenuInternet: [64Bits][HKLM..\InstallInfo\ShowIconsCommand] (.Google LLC - Google Chrome.) – C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google LLC
O68 - StartMenuInternet: <IEXPLORE.EXE> [64Bits][HKLM..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Show IE Icon Utility.) – C:\Windows\System32\ie4ushowIE.exe =>.Microsoft Corporation
O68 - StartMenuInternet: [64Bits][HKLM..\InstallInfo\ReinstallCommand] (.Google LLC - Google Chrome.) – C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google LLC
O68 - StartMenuInternet: <IEXPLORE.EXE> [64Bits][HKLM..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - Pomoćni program za pokretanje IE za pojedin.) – C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: [64Bits][HKLM..\InstallInfo\HideIconsCommand] (.Google LLC - Google Chrome.) – C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google LLC
O68 - StartMenuInternet: <IEXPLORE.EXE> [64Bits][HKLM..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Show IE Icon Utility.) – C:\Windows\System32\ie4ushowIE.exe =>.Microsoft Corporation
—\ Search Browser Infection (1) - 0s
O69 - SBI: SearchScopes [HKLM] [64Bits]{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (@ieframe.dll,-12512) - http://www.bing.com/ =>.Bing.com
—\ Search Svchost Services (51) - 1s
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoftov servis za raspačavanje certifik.) – C:\Windows\System32\certprop.dll [196608] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoftov servis za raspačavanje certifik.) – C:\Windows\System32\certprop.dll [196608] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) – C:\Windows\System32\srvsvc.dll [301568] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Klijent za pravilnik grupe.) – C:\Windows\System32\gpsvc.dll [1342976] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) – C:\Windows\System32\IKEEXT.DLL [1054208] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) – C:\Windows\System32\iphlpsvc.dll [836096] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL servisa za sekundarnu prijavu.) – C:\Windows\System32\seclogon.dll [32768] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) – C:\Windows\System32\iscsiexe.dll [160256] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) – C:\Windows\System32\eapsvc.dll [112640] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Servis Rasporeda zadataka.) – C:\Windows\System32\schedsvc.dll [814592] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) – C:\Windows\System32\wbem\WMIsvc.dll [243712] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) – C:\Windows\System32\profsvc.dll [492032] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) – C:\Windows\System32\SessEnv.dll [515072] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Izvješća o problemu.) – C:\Windows\System32\wercplsupport.dll [141312] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: InstallService (InstallService) . (.Microsoft Corporation - InstallService.) – C:\Windows\System32\InstallService.dll [2437632] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: PushToInstall (PushToInstall) . (.Microsoft Corporation - PushToInstall.) – C:\Windows\System32\PushToInstall.dll [347136] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: TroubleshootingSvc (TroubleshootingSvc) . (.Microsoft Corporation - MitigationClient.) – C:\Windows\System32\MitigationClient.dll [487936] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: LxpSvc (LxpSvc) . (.Microsoft Corporation - Provides infrastructure support for deployi.) – C:\Windows\System32\LanguageOverlayServer.dll [302080] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: shpamsvc (shpamsvc) . (.Microsoft Corporation - SharedPC.AccountManager.) – C:\Windows\System32\Windows.SharedPC.AccountManage r.dll [223232] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: XblGameSave (XblGameSave) . (.Microsoft Corporation - Xbox Live Game Save Service.) – C:\Windows\System32\XblGameSave.dll [1270272] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: DmEnrollmentSvc (DmEnrollmentSvc) . (.Microsoft Corporation - Windows Managent Service DLL.) – C:\Windows\System32\Windows.Internal.Management.dl l [1020416] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: WManSvc (WManSvc) . (.Microsoft Corporation - Windows Management Service DLL.) – C:\Windows\System32\Windows.Management.Service.dll [814080] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) – C:\Windows\System32\themeservice.dll [70656] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: UserManager (UserManager) . (.Microsoft Corporation - UserMgr.) – C:\Windows\System32\usermgr.dll [1487360] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: NetSetupSvc (NetSetupSvc) . (.Microsoft Corporation - Servis postavljanja mreže.) – C:\Windows\System32\NetSetupSvc.dll [338944] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Microsoft® Account Service.) – C:\Windows\System32\wlidsvc.dll [2249728] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: TokenBroker (TokenBroker) . (.Microsoft Corporation - Token Broker.) – C:\Windows\System32\TokenBroker.dll [1525760] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Geolocation Service.) – C:\Windows\System32\lfsvc.dll [48640] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: NaturalAuthentication (NaturalAuthentication) . (.Microsoft Corporation - Natural Authentication Service.) – C:\Windows\System32\NaturalAuth.dll [454656] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) – C:\Windows\System32\rasauto.dll [111616] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) – C:\Windows\System32\rasmans.dll [967680] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) – C:\Windows\System32\mprdim.dll [559616] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) – C:\Windows\System32\Sens.dll [77824] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) – C:\Windows\System32\ipnathlp.dll [619008] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows™ poslužitelj za telef.) – C:\Windows\System32\tapisrv.dll [316928] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent za ažuriranje Windows Update.) – C:\Windows\System32\wuaueng.dll [3403776] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) – C:\Windows\System32\qmgr.dll [1481216] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll servisi ljuske sustava Windows.) – C:\Windows\System32\shsvcs.dll [259584] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: dmwappushservice (dmwappushservice) . (.Microsoft Corporation - dmwappushsvc.) – C:\Windows\System32\dmwappushsvc.dll [58880] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: wisvc (wisvc) . (.Microsoft Corporation - Postavke prilikom leta.) – C:\Windows\System32\flightsettings.dll [939984] =>.Microsoft®
O83 - Search Svchost Services: WpnService (WpnService) . (.Microsoft Corporation - Windows Push Notification System Service.) – C:\Windows\System32\WpnService.dll [245248] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) – C:\Windows\System32\appinfo.dll [226816] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: XboxNetApiSvc (XboxNetApiSvc) . (.Microsoft Corporation - Xbox Live Networking Service.) – C:\Windows\System32\XboxNetApiSvc.dll [1295360] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: UsoSvc (UsoSvc) . (.Microsoft Corporation - Update Session Orchestrator Service.) – C:\Windows\System32\usosvc.dll [569856] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: XboxGipSvc (XboxGipSvc) . (.Microsoft Corporation - Xbox Gip Management Service.) – C:\Windows\System32\XboxGipSvc.dll [72704] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Microsoft Network Connectivity Assistant Se.) – C:\Windows\System32\NcaSvc.dll [171520] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: XblAuthManager (XblAuthManager) . (.Microsoft Corporation - Xbox Live Auth Manager.) – C:\Windows\System32\XblAuthManager.dll [1049088] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Device Setup Manager.) – C:\Windows\System32\DeviceSetupManager.dll [288256] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Servis za instalaciju softvera.) – C:\Windows\System32\appmgmts.dll [207360] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) – C:\Windows\System32\bdesvc.dll [555008] [Unsigned] =>.Microsoft Corporation
O83 - Search Svchost Services: MsKeyboardFilter (MsKeyboardFilter) . (.Microsoft Corporation - SvcHost Service for Microsoft Keyboard Filt.) – C:\Windows\System32\KeyboardFilterSvc.dll [161096] =>.Microsoft®
—\ Firewall Active Exception List (50) - 6s
O87 - FAEL: “{92A6165B-2442-4DE6-9072-385D406409C9}” [In-None-P17-FALSE] .(…) – C:\Program Files\Microsoft Office\root\Office16\Lync.exe [Unsigned] (.not file.) =>.SUP.Orphan
O87 - FAEL: “{E897EDF9-2430-4938-B7FB-716C9F00C71A}” [In-None-P17-FALSE] .(…) – C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe [Unsigned] (.not file.) =>.SUP.Orphan
O87 - FAEL: “{5E8F2E81-C6AC-482A-A584-6B1908311DCC}” [In-None-P6-TRUE] .(.Skype Technologies S.A. - Skype.) – C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x8 6__kzf8qxf38zg5c\Skype\Skype.exe =>.Skype Software Sarl®
O87 - FAEL: “{9F2E0F14-A3BD-4A10-8387-D27CF4F6709B}” [Out-None-P6-TRUE] .(.Skype Technologies S.A. - Skype.) – C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x8 6__kzf8qxf38zg5c\Skype\Skype.exe =>.Skype Software Sarl®
O87 - FAEL: “{A3A123C1-58FE-42EA-B1A4-1FCCB8DC96D3}” [In-None-P17-TRUE] .(.Skype Technologies S.A. - Skype.) – C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x8 6__kzf8qxf38zg5c\Skype\Skype.exe =>.Skype Software Sarl®
O87 - FAEL: “{CA252AC9-39F8-48CC-90EE-A265D519F41C}” [Out-None-P17-TRUE] .(.Skype Technologies S.A. - Skype.) – C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x8 6__kzf8qxf38zg5c\Skype\Skype.exe =>.Skype Software Sarl®
O87 - FAEL: “TCP Query User{9208624A-5CB2-498E-986E-8162BAA3FC6C}D:\igre\cyberpunk 2077\bin\x64\cyberpunk2077.exe” [In-None-P6-TRUE] .(.CD PROJEKT S.A. - Cyberpunk 2077.) – D:\igre\cyberpunk 2077\bin\x64\cyberpunk2077.exe =>.CD PROJEKT SPÓŁKA AKCYJNA®
O87 - FAEL: “UDP Query User{68A81671-590D-46CA-AD31-AC305888564A}D:\igre\cyberpunk 2077\bin\x64\cyberpunk2077.exe” [In-None-P17-TRUE] .(.CD PROJEKT S.A. - Cyberpunk 2077.) – D:\igre\cyberpunk 2077\bin\x64\cyberpunk2077.exe =>.CD PROJEKT SPÓŁKA AKCYJNA®
O87 - FAEL: “TCP Query User{C55B3A34-ED6A-4E29-A0CD-1FEA4AF53BF5}C:\users\korisnik\appdata\roaming.tla uncher\jvms\jre1.8.0_281\bin\javaw.exe” [In-None-P6-TRUE] .(.Oracle Corporation - Java™ Platform SE binary.) – C:\users\korisnik\appdata\roaming.tlauncher\jvms\j re1.8.0_281\bin\javaw.exe =>.Oracle America, Inc.®
O87 - FAEL: “UDP Query User{BFB97476-1FD4-415A-A736-8E08F4EF66F5}C:\users\korisnik\appdata\roaming.tla uncher\jvms\jre1.8.0_281\bin\javaw.exe” [In-None-P17-TRUE] .(.Oracle Corporation - Java™ Platform SE binary.) – C:\users\korisnik\appdata\roaming.tlauncher\jvms\j re1.8.0_281\bin\javaw.exe =>.Oracle America, Inc.®
O87 - FAEL: “TCP Query User{4B1A02B8-ADB3-464D-B68B-52B2C77CCEA3}D:\igre\forza horizon 5\forzahorizon5.exe” [In-None-P6-TRUE] .(…) – D:\igre\forza horizon 5\forzahorizon5.exe [Unsigned] (.not file.) =>.SUP.Orphan
O87 - FAEL: “UDP Query User{FDB5F165-9F4B-4D00-A7AF-9AFA3E9FEB13}D:\igre\forza horizon 5\forzahorizon5.exe” [In-None-P17-TRUE] .(…) – D:\igre\forza horizon 5\forzahorizon5.exe [Unsigned] (.not file.) =>.SUP.Orphan
O87 - FAEL: “{F9A199E2-071F-4970-84F8-0C25E069B82F}” [In-None-P6-TRUE] .(.NVIDIA Corporation - NVIDIA Container.) – C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe =>.NVIDIA Corporation®
O87 - FAEL: “{C695557B-548D-4226-98D4-04A46BA1B23A}” [In-None-P17-TRUE] .(.NVIDIA Corporation - NVIDIA Container.) – C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe =>.NVIDIA Corporation®
O87 - FAEL: “TCP Query User{9B12E97A-122E-471A-9CF6-E7BDF65C2ABD}D:\igre\resident evil village\re8.exe” [In-None-P6-TRUE] .(…) – D:\igre\resident evil village\re8.exe [Unsigned] (.not file.) =>.SUP.Orphan
O87 - FAEL: “UDP Query User{C9E27ECF-3641-4E44-8CE6-9A1F359ECD40}D:\igre\resident evil village\re8.exe” [In-None-P17-TRUE] .(…) – D:\igre\resident evil village\re8.exe [Unsigned] (.not file.) =>.SUP.Orphan
O87 - FAEL: “TCP Query User{C0931358-ACEC-46C1-AFDC-9B01F3117C25}D:\igre\sniper - ghost warrior contracts\win_x64\sgwcontracts.exe” [In-None-P6-TRUE] .(…) – D:\igre\sniper - ghost warrior contracts\win_x64\sgwcontracts.exe [Unsigned] =>.CI Games S.A.
O87 - FAEL: “UDP Query User{27B00C76-E8D5-422C-802E-10370E43D373}D:\igre\sniper - ghost warrior contracts\win_x64\sgwcontracts.exe” [In-None-P17-TRUE] .(…) – D:\igre\sniper - ghost warrior contracts\win_x64\sgwcontracts.exe [Unsigned] =>.CI Games S.A.
O87 - FAEL: “{79536A55-DDE6-4960-869F-0146C8EF3E82}” [In-None-P6-TRUE] .(.Rockstar Games - Grand Theft Auto V.) – G:\Grand Theft Auto V\GTA5.exe [Unsigned] =>.Rockstar Games
O87 - FAEL: “{C389F29D-86CC-4037-A753-246814D022BE}” [In-None-P17-TRUE] .(.Rockstar Games - Grand Theft Auto V.) – G:\Grand Theft Auto V\GTA5.exe [Unsigned] =>.Rockstar Games
O87 - FAEL: “{A2B40E9F-FDCC-4F8C-812F-8A8304D1AF9E}” [In-None-P6-TRUE] .(.Valve Corporation - Steam.) – D:\Steam\steam.exe =>.Valve Corp.®
O87 - FAEL: “{B9D0ACF5-0C0C-4F70-83AD-0C0E712FBCD5}” [In-None-P17-TRUE] .(.Valve Corporation - Steam.) – D:\Steam\steam.exe =>.Valve Corp.®
O87 - FAEL: “{36196217-EAF7-4386-8F98-23D489157DE6}” [In-None-P6-TRUE] .(.Valve Corporation - Steam Client WebHelper.) – D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe =>.Valve Corp.®
O87 - FAEL: “{8564EC21-CE8F-48FA-A92A-FB54B5645811}” [In-None-P17-TRUE] .(.Valve Corporation - Steam Client WebHelper.) – D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe =>.Valve Corp.®
O87 - FAEL: “{6E8EA721-3913-4042-A189-CB9C1ACDBDBC}” [In-None-P6-TRUE] .(…) – D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe =>.Valve Corp.®
O87 - FAEL: “{D9926B84-E103-4A05-820C-30AAB23CE40A}” [In-None-P17-TRUE] .(…) – D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe =>.Valve Corp.®
O87 - FAEL: “{60016CEB-1A2E-438E-831E-69D219AC87C2}” [In-None-P17-TRUE] .(.NVIDIA Corporation - NVIDIA Container.) – C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe =>.NVIDIA Corporation®
O87 - FAEL: “{7CC462A2-BDC0-4B5A-89C9-645308664C56}” [In-None-P17-TRUE] .(.NVIDIA Corporation - NVIDIA Container.) – C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe =>.NVIDIA Corporation®
O87 - FAEL: “{07306863-6245-4D56-8DF1-04B46A72FF16}” [In-None-P6-TRUE] .(.NVIDIA Corporation - NVIDIA Streamer Server Component.) – C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe =>.Nvidia Corporation®
O87 - FAEL: “{D3A9DAAF-C68D-46E8-ACBE-8194E5F3D53D}” [In-None-P17-TRUE] .(.NVIDIA Corporation - NVIDIA Streamer Server Component.) – C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe =>.Nvidia Corporation®
O87 - FAEL: “{1C0C4906-9299-49AB-9849-368B13EEE23C}” [In-None-P17-FALSE] .(.Disc Soft Ltd - Disc Soft Bus Service Lite.) – E:\DAEMON Tools Lite\DiscSoftBusServiceLite.exe {73098091AB520B92B7825CB8493B55DC}. =>.Disc Soft Ltd
O87 - FAEL: “{F7F0C26C-1E7D-4253-BC80-979F4E4CAC92}” [Out-None-P17-TRUE] .(.Disc Soft Ltd - Disc Soft Bus Service Lite.) – E:\DAEMON Tools Lite\DiscSoftBusServiceLite.exe {73098091AB520B92B7825CB8493B55DC}. =>.Disc Soft Ltd
O87 - FAEL: “TCP Query User{C76CF870-F27E-4649-9F7D-9B47382746D3}C:\program files\lghub\lghub_agent.exe” [In-None-P6-FALSE] .(…) – C:\program files\lghub\lghub_agent.exe [Unsigned] (.not file.) =>.SUP.Orphan
O87 - FAEL: “UDP Query User{3AC8E318-0576-42BB-984A-04D5AA42E935}C:\program files\lghub\lghub_agent.exe” [In-None-P17-FALSE] .(…) – C:\program files\lghub\lghub_agent.exe [Unsigned] (.not file.) =>.SUP.Orphan
O87 - FAEL: “TCP Query User{DE3FD26B-EF7A-4B71-B304-5D0945085373}C:\users\korisnik\appdata\roaming.min ecraft\runtime\java-runtime-beta\windows\java-runtime-beta\bin\javaw.exe” [In-None-P6-TRUE] .(.Microsoft - OpenJDK Platform binary.) – C:\users\korisnik\appdata\roaming.minecraft\runtim e\java-runtime-beta\windows\java-runtime-beta\bin\javaw.exe [Unsigned] =>.Microsoft
O87 - FAEL: “UDP Query User{33146ABF-E773-4953-8FE5-29EDD7642CB6}C:\users\korisnik\appdata\roaming.min ecraft\runtime\java-runtime-beta\windows\java-runtime-beta\bin\javaw.exe” [In-None-P17-TRUE] .(.Microsoft - OpenJDK Platform binary.) – C:\users\korisnik\appdata\roaming.minecraft\runtim e\java-runtime-beta\windows\java-runtime-beta\bin\javaw.exe [Unsigned] =>.Microsoft
O87 - FAEL: “TCP Query User{B407939B-02CA-48C8-B370-060EE980A080}F:\subnautica - below zero\subnauticazero.exe” [In-None-P6-TRUE] .(…) – F:\subnautica - below zero\subnauticazero.exe [Unsigned] (.not file.) =>.SUP.Orphan
O87 - FAEL: “UDP Query User{3C0A1EB2-C136-4BF6-BD08-AE460F2C0797}F:\subnautica - below zero\subnauticazero.exe” [In-None-P17-TRUE] .(…) – F:\subnautica - below zero\subnauticazero.exe [Unsigned] (.not file.) =>.SUP.Orphan
O87 - FAEL: “TCP Query User{E43C76B7-5E50-463C-B897-E9346F3D05FA}D:\igre\sniper ghost warrior contracts 2\win_x64\sgwcontracts2.exe” [In-None-P6-TRUE] .(…) – D:\igre\sniper ghost warrior contracts 2\win_x64\sgwcontracts2.exe [Unsigned] =>.CI Games S.A.
O87 - FAEL: “UDP Query User{47FDF079-4637-4B7D-B063-D465B90BE293}D:\igre\sniper ghost warrior contracts 2\win_x64\sgwcontracts2.exe” [In-None-P17-TRUE] .(…) – D:\igre\sniper ghost warrior contracts 2\win_x64\sgwcontracts2.exe [Unsigned] =>.CI Games S.A.
O87 - FAEL: “{5DB4EB62-59C4-4CC6-85FD-3DAAD9217B65}” [In-None-P17-FALSE] .(.Zoom Video Communications, Inc. - Zoom Meetings.) – C:\Users\Korisnik\AppData\Roaming\Zoom\bin\Zoom.ex e =>.Zoom Video Communications, Inc.®
O87 - FAEL: “{B51B5B26-7A6A-427C-82A2-9882915751CB}” [In-None-P6-FALSE] .(.The qBittorrent Project - qBittorrent - A Bittorrent Client.) – E:\qBittorrent\qbittorrent.exe [Unsigned] =>.The qBittorrent project
O87 - FAEL: “{2650D425-2A7A-42C4-9C7F-F03A025106DE}” [In-None-P17-FALSE] .(.The qBittorrent Project - qBittorrent - A Bittorrent Client.) – E:\qBittorrent\qbittorrent.exe [Unsigned] =>.The qBittorrent project
O87 - FAEL: “{1B45D14C-CEAF-4B9F-89EF-B24EA6D5CD62}” [In-None-P17-TRUE] .(.Google LLC - Google Chrome.) – C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google LLC®
O87 - FAEL: “{80376D0B-038F-447B-9313-96870432D9BA}” [In-None-P6-TRUE] .(.KRAFTON, Inc. - PUBG Launcher.) – D:\Steam\steamapps\common\PUBG\TslGame\Binaries\Wi n64\ExecPubg.exe =>.PUBG CORPORATION®
O87 - FAEL: “{6190D7A7-5D25-4A3B-A0A9-924A9B0780BD}” [In-None-P17-TRUE] .(.KRAFTON, Inc. - PUBG Launcher.) – D:\Steam\steamapps\common\PUBG\TslGame\Binaries\Wi n64\ExecPubg.exe =>.PUBG CORPORATION®
O87 - FAEL: “{D9A2604F-9677-45E3-BCA5-F8A08F2EA178}” [In-None-P6-TRUE] .(…) – D:\IGRE\Rayman Origins.exe [Unsigned] (.not file.) =>.SUP.Orphan
O87 - FAEL: “{30F6BBF0-5806-4599-A691-26198E99B99C}” [In-None-P17-TRUE] .(…) – D:\IGRE\Rayman Origins.exe [Unsigned] (.not file.) =>.SUP.Orphan
O87 - FAEL: “{62B3BCA1-B9F8-45D1-9D7A-71A2095AFD84}” [In-None-P6-TRUE] .(…) – D:\IGRE\gu.exe [Unsigned] (.not file.) =>.SUP.Orphan
O87 - FAEL: “{40258A75-D79E-4813-B492-63C43366CC37}” [In-None-P17-TRUE] .(…) – D:\IGRE\gu.exe [Unsigned] (.not file.) =>.SUP.Orphan
—\ Product Upgrade Codes (30) - 0s
O90 - PUC: “00006109C80000000100000000F01FEC” [HKLM] . (.Office 16 Click-to-Run Extensibility Component.) =>.Microsoft Corporation
O90 - PUC: “00006109C80090400100000000F01FEC” [HKLM] . (.Office 16 Click-to-Run Localization Component.) =>.Microsoft Corporation
O90 - PUC: “00006109E70000000100000000F01FEC” [HKLM] . (.Office 16 Click-to-Run Licensing Component.) =>.Microsoft Corporation
O90 - PUC: “1926E8D15D0BCE53481466615F760A7F” [HKLM] . (.Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219.) =>.bl.org
O90 - PUC: “21EE4A31AE32173319EEFE3BD6FDFFE3” [HKLM] . (.Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005.) =>.Microsoft Corporation
O90 - PUC: “22BEFC8F7E2A1793E9ADB411DEFE1C58” [HKLM] . (.Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005.) =>.Microsoft Corporation
O90 - PUC: “39D86C23F23D10B428051646B2CF228F” [HKLM] . (.Epic Online Services.) – C:\Windows\Installer{32C68D93-D32F-4B01-8250-61642BFC22F8}\Installer.ico
O90 - PUC: “499C5C9F9B6F57D43B7EDA108B04379E” [HKLM] . (.Epic Games Launcher Prerequisites (x64).) – C:\Windows\Installer{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}\UnrealEngineLauncher.ico =>.Legitimate
O90 - PUC: “4EA42A62D9304AC4784BF2468130110F” [HKLM] . (.Java 8 Update 311 (64-bit).) – C:\Program Files\Java\jre1.8.0_311\bin\javaws.exe =>.Sun Microsystems
O90 - PUC: “4EA42A62D9304AC4784BF2468130120F” [HKLM] . (.Java 8 Update 321 (64-bit).) – C:\Program Files\Java\jre1.8.0_321\bin\javaws.exe =>.Sun Microsystems
O90 - PUC: “4EA42A62D9304AC4784BF2681408150F” [HKLM] . (.Java 8 Update 51 (64-bit).) =>.Sun Microsystems
O90 - PUC: “4F4A3A46297B6D117AA8000B0D813011” [HKLM] . (.Java SE Development Kit 8 Update 311 (64-bit).) – C:\Program Files\Java\jdk1.8.0_311\bin\javaws.exe =>.Sun Microsystems
O90 - PUC: “4F4A3A46297B6D117AA8000B0D813012” [HKLM] . (.Java SE Development Kit 8 Update 321 (64-bit).) – C:\Program Files\Java\jdk1.8.0_321\bin\javaws.exe =>.Sun Microsystems
O90 - PUC: “5040806F8AF9AAC49928419ED5A1D3CA” [HKLM] . (.Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.30.30704.) =>.Microsoft Corporation
O90 - PUC: “62DBF9290209B993A9A757D1160F9B24” [HKLM] . (.Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005.) =>.Microsoft Corporation
O90 - PUC: “679E80FBE29B63345BF612177149674C” [HKLM] . (.Microsoft Visual C++ 2022 X86 Additional Runtime - 14.30.30704.) =>.Microsoft Corporation
O90 - PUC: “67D6ECF5CD5FBA732B8B22BAC8DE1B4D” [HKLM] . (.Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161.) =>.bl.org
O90 - PUC: “6E815EB96CCE9A53884E7857C57002F0” [HKLM] . (.Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161.) =>.bl.org
O90 - PUC: “6E8D947A316B3EB3F8F540C548BE2AB9” [HKLM] . (.Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005.) =>.Microsoft Corporation
O90 - PUC: “7C9F8B73BF303523781852719CD9C700” [HKLM] . (.Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030.) =>.Microsoft Corporation
O90 - PUC: “8800A266DCF6DD54E97A86760485EA5D” [HKLM] . (.Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.30.30704.) =>.Microsoft Corporation
O90 - PUC: “8A567BD6FA501A947AD1F646E53EEC14” [HKLM] . (.Microsoft Visual C++ 2022 X64 Additional Runtime - 14.30.30704.) =>.Microsoft Corporation
O90 - PUC: “B4B4F9022FD3528499604D6D8AE00CE9” [HKLM] . (.Epic Games Launcher.) – C:\Windows\Installer{209F4B4B-3DF2-4825-9906-D4D6A80EC09E}\Installer.ico =>.Epic Games
O90 - PUC: “C025571B2A687A53689168CD7369889B” [HKLM] . (.Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030.) =>.Microsoft Corporation
O90 - PUC: “C3AEB2FCAE628F23AAB933F1E743AB79” [HKLM] . (.Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030.) =>.Microsoft Corporation
O90 - PUC: “CFD2C1F142D260E3CB8B271543DA9F98” [HKLM] . (.Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148.) =>.bl.org
O90 - PUC: “DC8A59DBF9D1DA5389A1E3975220E6BB” [HKLM] . (.Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030.) =>.Microsoft Corporation
O90 - PUC: “E9C3118C52035CD4988E177F0C0869A7” [HKLM] . (.ESET Security.) – C:\Windows\Installer{C8113C9E-3025-4DC5-89E8-71F7C080967A}\Icon_Product
O90 - PUC: “F60730A4A66673047777F5728467D401” [HKLM] . (.Java Auto Updater.) =>.Sun Microsystems
O90 - PUC: “F814678E95EBC8D49B5A470B656B67AF” [HKLM] . (.Microsoft Update Health Tools.) =>.Microsoft Corporation
—\ Windows Installer Scan (11) - 3s
[MD5.2D745181ABA3AA14862DDEC2128150B0] [WIS][2022/01/24 15:32:53] (.Oracle Corporation - Java SE Development Kit 8 Update 321 (64-bi.) – C:\Windows\Installer\18720fca.msi [1302528] =>.Oracle Corporation
[MD5.39BF9B1C9177645CEA379FCF282A4687] [WIS][2022/01/24 15:33:48] (.Oracle Corporation - Java SE Runtime Environment 8 Update 321.) – C:\Windows\Installer\18720fd2.msi [82358272] =>.Oracle Corporation
[MD5.A582FD8B0B1C2A0FAFE50B7C78A7F856] [WIS][2022/01/24 15:41:09] (.Oracle Corporation - Java Auto Updater.) – C:\Windows\Installer\18720fe3.msi [1032192] =>.Oracle Corporation
[MD5.EBDE67191BC1A483FD821DAF8E01CE46] [WIS][2021/12/31 12:11:23] (.Epic Games, Inc. - Epic Games Launcher.) – C:\Windows\Installer\4eba771.msi [157548544] =>.Epic Games, Inc.
[MD5.6C269C464C0846DB805CECEA8DD7D111] [WIS][2021/10/01 20:57:28] (.Epic Games, Inc. - Epic Online Services.) – C:\Windows\Installer\4eba77a.msi [112828416] =>.Epic Games, Inc.
[MD5.4D5C9A709F332236559D3BCB27BB81B1] [WIS][2020/06/18 11:28:42] (.Epic Games, Inc. - Epic Games Launcher Prerequisites (x64).) – C:\Windows\Installer\4eba783.msi [11530240] =>.Epic Games, Inc.
[MD5.07CE997FAACEBC30821283E8854A4A28] [WIS][2022/02/01 15:41:11] (.ESET, spol. s r.o. - ESET Security.) – C:\Windows\Installer\639f5.msi [49135616] =>.ESET, spol. s r.o.
[MD5.1EF598379FF589E452E9FC7F93563740] [WIS][2021/12/12 14:12:22] (.Oracle Corporation - Java SE Runtime Environment 8.0.) – C:\Windows\Installer\7aeee9.msi [40620032] =>.Oracle Corporation
[MD5.E55C86C73AB7AE6C7997C51E4FA80B5D] [WIS][2021/12/12 12:06:30] (.ESET, spol. s r.o. - ESET Security.) – C:\Windows\Installer\8201b.msi [49123328] =>.ESET, spol. s r.o.
[MD5.CA5DAB0CA5714635773000D4C502EFA1] [WIS][2021/12/15 19:32:13] (.Oracle Corporation - Java SE Development Kit 8 Update 311 (64-bi.) – C:\Windows\Installer\d04fbf7.msi [1302528] =>.Oracle Corporation
[MD5.5B5EB1EE4D31FA2F04CC33360ED0DEA6] [WIS][2021/12/15 22:13:34] (.Oracle Corporation - Java SE Runtime Environment 8 Update 311.) – C:\Windows\Installer\d04fbff.msi [82354176] =>.Oracle Corporation
—\ Search Tracing Registry Key (1) - 0s
HKLM\SOFTWARE\Microsoft\Tracing\svchost_RASCHAP =>SUP.Optional.AdvancedSystemCare
—\ FEATURE CONTROL. (141) - 0s
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ACTIVEX_REPUR POSEDETECTION]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEM ENT]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEM ENT]
revhost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEM ENT]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEM ENT]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS]:infopath.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_INPUT_P ROMPTS]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_INPUT_P ROMPTS]revhost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_IMG]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_IMG]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_OBJ ECT]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_OBJ ECT]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_SCR IPT]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_SCR IPT]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULA TION]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULA TION]revhost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULA TION]:OneDrive.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_LEGAC Y_COMPRESSION]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PR OTOCOL]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PR OTOCOL]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PR OTOCOL]:SAPfewgsrv.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PR OTOCOL]:SAPGUI.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PR OTOCOL]:SAPGuiIT.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PR OTOCOL]:SAPLgPad.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PR OTOCOL]:SAPLOGON.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PR OTOCOL]:Scale_for_R3.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PR OTOCOL]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_SQM_U PLOAD_FOR_APP]:ieuser.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_SQM_U PLOAD_FOR_APP]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_TELNE T_PROTOCOL]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_TELNE T_PROTOCOL]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_UNICO DE_HANDLE_CLOSING_CALLBACK]:YahooMusicEngine.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DOCUMENT_COMP ATIBLE_MODE]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT _PASTE_URLACTION_IF_PROMPT]:devenv.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT _PASTE_URLACTION_IF_PROMPT]:dexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT _PASTE_URLACTION_IF_PROMPT]:helppane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT _PASTE_URLACTION_IF_PROMPT]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FEEDS]:msfeedssync.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FORCE_ADDR_AN D_STATUS]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FORCE_ADDR_AN D_STATUS]revhost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME _PASSWORD_DISABLE]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME _PASSWORD_DISABLE]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME _PASSWORD_DISABLE]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IGNORE_XML_PR OLOG]:msiexec.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IMAGING_USE_A RT]:cs.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IMAGING_USE_A RT]:waol.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IMAGING_USE_A RT]:wm.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_INTERNET_SHEL L_FOLDERS]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DISPPA RAMS]:helppane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DLCONT ROL_BEHAVIORS]:wlmail.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_ LOCKDOWN]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_ LOCKDOWN]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_ LOCKDOWN]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_ LOCKDOWN]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_ LOCKDOWN]revhost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_ LOCKDOWN]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_ LOCKDOWN]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTION SPER1_0SERVER]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTION SPERSERVER]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]revhost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLO AD_IEFRAME]:mshta.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLO AD_IEFRAME]
utlook.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLO AD_IEFRAME]:sidebar.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHIN G]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHIN G]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHIN G]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHIN G]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCK DOWN]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCK DOWN]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCK DOWN]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCK DOWN]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RELEASE_CALLB ACK_ON_STOP_BINDING]:communicator.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ABOU T_PROTOCOL_IE7]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ABOU T_PROTOCOL_IE7]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ABOU T_PROTOCOL_IE7]revhost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTI VEXINSTALL]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTI VEXINSTALL]revhost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTI VEXINSTALL]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTI VEXINSTALL]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILE DOWNLOAD]:msimn.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILE DOWNLOAD]revhost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILE DOWNLOAD]:winmail.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILE DOWNLOAD]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILE DOWNLOAD]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_OBJE CT_DATA_ATTRIBUTE]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_RES_ TO_LMZ]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_RES_ TO_LMZ]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_RES_ TO_LMZ]revhost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOB JECT]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOB JECT]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOB JECT]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOB JECT]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOB JECT]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]revhost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHIM_MSHELP_C OMBINE]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHIM_MSHELP_C OMBINE]revhost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHOW_APP_PROT OCOL_WARN_DIALOG]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SSLUX]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SUBDOWNLOAD_L OCKDOWN]:msimn.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SUBDOWNLOAD_L OCKDOWN]utlook.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SUBDOWNLOAD_L OCKDOWN]:winmail.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILE CHECK]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILE CHECK]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILE CHECK]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_WINDOWEDS ELECTCONTROL]:infopath.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVI GATE_URL]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVI GATE_URL]revhost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVI GATE_URL]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVI GATE_URL]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VIEWLINKEDWEB OC_IS_UNSAFE]:HelpPane.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_MOVESIZ ECHILD]:msn.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMA NAGEMENT]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMA NAGEMENT]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMA NAGEMENT]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMA NAGEMENT]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRI CTIONS]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRI CTIONS]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRI CTIONS]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRI CTIONS]:VSTOInstaller.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XSSFILTER]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XSSFILTER]revhost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATIO N]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATIO N]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATIO N]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATIO N]revhost.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATIO N]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATIO N]:VSTOInstaller.exe =>.Legitimate
—\ Observer Of Events (153) - 24s
Application.Error: VSS (5)
~Numéro: 9735
~Date: 02/01/2022 04:58:36 PM
~ID: 13
~Description: Volume Shadow Copy Service information: The COM Server with CLSID %1 and name %2 cannot be started. [%3]
~Suggestion: Aucune
Application.Error: Application Error (70)
~Numéro: 9711
~Date: 02/01/2022 03:49:41 PM
~ID: 1000
~Description: Aplikacija koja je prouzročila pogrešku: %1, verzija: %2, vremenska oznaka: 0x5da7ab91 Modul koji je prouzročio pogrešku: %4, verzija: %5, vremenska oznaka: 0x00000000 Kôd iznimke: 0x80131623 Pomak pogreške 0x00007ffa4190200f Id postupka: 0x20bc Vrij
~Suggestion: Réparer ou réinstaller l’application.
Application.Error: .NET Runtime (5)
~Numéro: 9710
~ID: 1025
~Description: Application: wmiprvse.exeFramework Version: v4.0.30319Description: The application requested process termination through System.Environment.FailFast(string message).Message: Unexpected exception thrown from the provider: System.IO.FileLoadException:
Application.Error: Microsoft Security Client (15)
~Numéro: 9709
~Date: 02/01/2022 03:49:39 PM
~ID: 3002
~Description: 0x80041001
Application.Warning: Wlclntfy (9)
~Numéro: 9661
~Date: 02/01/2022 03:35:35 PM
~ID: 6000
~Description: Pretplatnik na obavijesti procesa winlogon <%1> nije bio dostupan za rukovanje događajem slanja obavijesti.
Application.Error: Microsoft-Windows-CAPI2 (9)
~Numéro: 9605
~Date: 02/01/2022 03:24:06 PM
~ID: 513
~Description: Servis usluga za šifriranje nije uspio obraditi poziv događaja OnIdentity() u objektu System Writer.%1.
Application.Warning: Steam Client Service (8)
~Numéro: 9114
~Date: 01/30/2022 12:13:17 PM
~ID: 2
~Description: Warning: Updated file “SteamService.dll” from version 0x0000000000000000 to version 0x00070000005b0055.
Application.Error: Microsoft-Windows-Spell-Checking (1)
~Numéro: 8836
~Date: 01/29/2022 11:38:11 PM
~ID: 29
~Description: Nije uspio nadzor nad promjenama u mogućnostima provjere pravopisa: %1. Alat za provjeru pravopisa i dalje je dostupan, ali se promjene neće prijavljivati.
Application.Warning: ESENT (14)
~Numéro: 8834
~Date: 01/29/2022 11:34:46 PM
~ID: 636
~Description: %1 (%2) %3Flush map file “%4” will be deleted. Reason: %5.
Application.Error: SecurityCenter (4)
~Numéro: 8830
~Date: 01/29/2022 11:30:23 PM
~ID: 17
~Description: Security Center failed to validate caller with error %1.
Application.Warning: Microsoft-Windows-PerfProc (9)
~Numéro: 8110
~Date: 01/25/2022 01:11:43 PM
~ID: 2002
~Description: Unable to open the job object %1 for query access. The calling process may not have permission to open this job. The first four bytes (DWORD) of the Data section contains the status code.
~Suggestion: Vérifier les compteurs de performances
Application.Warning: Windows Search Service (2)
~Numéro: 7898
~Date: 01/24/2022 01:19:11 PM
~ID: 10023
~Description: Proces protokola na radnom računalu %2 ne reagira te se prisilno prekida {filtriranje procesa na glavnom računalu %3}.
~Suggestion: Désactiver l’indexation des boîtes aux lettres
Application.Warning: Microsoft-Windows-Perflib (1)
~Numéro: 7732
~Date: 01/23/2022 01:06:40 AM
~ID: 1008
~Description: The Open procedure for service “%1” in DLL “%2” failed with error code %3. Performance data for this service will not be available.
~Suggestion: Rechercher le concerné et décocher «Compteurs de performances activés».
Application.Error: Application Hang (5)
~Numéro: 7384
~Date: 01/18/2022 11:30:28 AM
~ID: 1002
~Description: The program %1 version %2 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Process ID: 12c4 Start Time: 01d80c4f2183
~Suggestion: Essayer les commandes suivantes ipconfig /release et ipconfig / renew.
Application.Warning: LMS (1)
~Numéro: 6510
~Date: 01/12/2022 11:57:20 AM
~ID: 2001
~Description: LMS lost connection to Intel(R) MEI driver
Application.Error: Software Protection Platform Service (3)
~Numéro: 6209
~Date: 01/09/2022 12:00:48 PM
~ID: 8228
~Description: The rules engine failed to evaluate the rules. Reason:0x80070057 Stage:BUILD_FULL_MACHINE_STATE Additional Data:
System.Warning: DCOM (524)
~Numéro: 13551
~Date: 02/02/2022 02:38:20 PM
~ID: 10016
~Description: application-specificLocalActivation{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}{15C20B67-12E7-4BB6-92BB-7AFF07997402}DESKTOP-IRCP48CKorisnikS-1-5-21-3132303913-1656691581-3202241647-1002LocalHost (Using LRPC)UnavailableUnavailable
~Suggestion: Vérifier les autorisations pour l’accès DCOM
System.Warning: Microsoft-Windows-DNS-Client (217)
~Numéro: 13550
~Date: 02/02/2022 02:37:45 PM
~ID: 1014
~Description: Name resolution for the name %1 timed out after none of the configured DNS servers responded.
~Suggestion: Event ID 1014: Microsoft Windows DNS Client | Microsoft Learn
System.Error: Application Popup (39)
~Numéro: 13478
~Date: 02/02/2022 09:16:35 AM
~ID: 56
~Description: ACPI2
System.Error: Service Control Manager (24)
~Numéro: 12805
~Date: 02/01/2022 03:35:00 PM
~ID: 7030
~Description: Servis %1 označen je kao interaktivni servis. Međutim, sustav je konfiguriran tako da ne dozvoljava interaktivne servise. Servis možda neće ispravno funkcionirati.
System.Error: Microsoft-Windows-WindowsUpdateClient (2)
~Numéro: 11205
~Date: 01/30/2022 12:10:29 AM
~ID: 20
~Description: Instalacija nije uspjela: sustav Windows nije uspio instalirati sljedeće ažuriranje s pogreškom %1: %2.
~Suggestion: EventTracker KB --Event Id: 20 Source: Microsoft-Windows-WindowsUpdateClient
System.Warning: Microsoft-Windows-Ntfs (1)
~Numéro: 10610
~Date: 01/29/2022 07:35:44 PM
~ID: 98
~Description: H:\Device\HarddiskVolume111
System.Error: volmgr (1)
~Numéro: 9847
~Date: 01/25/2022 04:12:10 PM
~ID: 46
~Description: Crash dump initialization failed!
System.Error: volsnap (1)
~Numéro: 9442
~Date: 01/22/2022 04:42:49 PM
~ID: 36
~Description: The shadow copies of volume %2 were aborted because the shadow copy storage could not grow due to a user imposed limit.
System.Error: EventLog (1)
~Numéro: 9193
~Date: 01/19/2022 09:38:24 PM
~ID: 6008
~Description: The previous system shutdown at %1 on %2 was unexpected.
System.Error: Schannel (2)
~Numéro: 9131
~Date: 01/19/2022 10:22:07 AM
~ID: 4103
~Description: A fatal error occurred while creating a TLS %1 credential. The internal error state is %2.
System.Warning: Microsoft-Windows-Resource-Exhaustion-Detector (1)
~Numéro: 9093
~Date: 01/19/2022 12:27:48 AM
~ID: 2004
~Description: Windows successfully diagnosed a low virtual memory condition. The following programs consumed the most virtual memory: %21 (%22) consumed %24 bytes, %28 (%29) consumed %31 bytes, and %35 (%36) consumed %38 bytes.
System.Error: Microsoft-Windows-FilterManager (6)
~Numéro: 9002
~Date: 01/17/2022 03:36:12 PM
~ID: 3
~Description: Filter Manager failed to attach to volume ‘%3’. This volume will be unavailable for filtering until a reboot. The final status was %1.
System.Warning: disk (34)
~Numéro: 8998
~Date: 01/17/2022 03:33:57 PM
~ID: 51
~Description: An error was detected on device %1 during a paging operation.
—\ Additional Scan (O88) (39) - 6s
C:\Program Files (x86)\Webteh =>.SUP.ABTeam
C:\Users\Korisnik\AppData\Roaming\Microsoft\Window s\Start Menu\Programs\Discord Inc =>.SUP.Discord
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\svchos t_RASCHAP =>SUP.Optional.AdvancedSystemCare
C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\File System\000 =>.SUP.Temporary.Chrome
C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\File System\001 =>.SUP.Temporary.Chrome
C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\File System\002 =>.SUP.Temporary.Chrome
C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\File System\003 =>.SUP.Temporary.Chrome
C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\File System\004 =>.SUP.Temporary.Chrome
C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\File System\005 =>.SUP.Temporary.Chrome
C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\File System\006 =>.SUP.Temporary.Chrome
C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\File System\007 =>.SUP.Temporary.Chrome
C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\File System\008 =>.SUP.Temporary.Chrome
C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\File System\Plugins =>.SUP.Temporary.Chrome
HKLM\SOFTWARE\Wow6432Node\IObit\RealTimeProtector =>SUP.Optional.AdvancedSystemCare
HKLM\SOFTWARE\Wow6432Node\IObit\ASC =>SUP.Optional.AdvancedSystemCare
HKLM\SOFTWARE\IObit\RealTimeProtector =>SUP.Optional.AdvancedSystemCare
HKLM\SOFTWARE\Iobit\ASC =>SUP.Optional.AdvancedSystemCare
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:H:\setup.exe.FriendlyAppName =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:H:\setup.exe.ApplicationCompany =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
:\IGRE\Cyberpunk 2077\unins000.exe.FriendlyAppName =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Korisnik\Downloads\SystemUtilities.exe.F riendlyAppName =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Korisnik\Downloads\SystemUtilities.exe.A pplicationCompany =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Korisnik\Desktop\Cyberpunk 2077 v1.03-v1.3 Plus 32 Trainer.exe.FriendlyAppName =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Korisnik\Desktop\Cyberpunk 2077 v1.03-v1.3 Plus 32 Trainer.exe.ApplicationCompany =>.SUP.Orphan.MUICache
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:\IGRE\Rayman\Rayman Origins.exe.FriendlyAppName =>.Unsigned
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:\IGRE\Rayman\Rayman Origins.exe.ApplicationCompany =>.Unsigned
[HKU\S-1-5-21-3132303913-1656691581-3202241647-1002\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:H:\setup.exe.FriendlyAppName =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-3132303913-1656691581-3202241647-1002\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:H:\setup.exe.ApplicationCompany =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-3132303913-1656691581-3202241647-1002\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:\IGRE\Cyberpunk 2077\unins000.exe.FriendlyAppName =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-3132303913-1656691581-3202241647-1002\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Korisnik\Downloads\SystemUtilities.exe.F riendlyAppName =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-3132303913-1656691581-3202241647-1002\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Korisnik\Downloads\SystemUtilities.exe.A pplicationCompany =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-3132303913-1656691581-3202241647-1002\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Korisnik\Desktop\Cyberpunk 2077 v1.03-v1.3 Plus 32 Trainer.exe.FriendlyAppName =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-3132303913-1656691581-3202241647-1002\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Korisnik\Desktop\Cyberpunk 2077 v1.03-v1.3 Plus 32 Trainer.exe.ApplicationCompany =>.SUP.Orphan.MUICache
[HKU\S-1-5-21-3132303913-1656691581-3202241647-1002\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:\IGRE\Rayman\Rayman Origins.exe.FriendlyAppName =>.Unsigned
[HKU\S-1-5-21-3132303913-1656691581-3202241647-1002\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:\IGRE\Rayman\Rayman Origins.exe.ApplicationCompany =>.Unsigned
C:\Windows\SECOH-QAD.dll =>HackTool.KMSpico
C:\Windows\SECOH-QAD.exe =>HackTool.KMSpico
C:\Windows\SysWOW64\config\systemprofile\AppData\R oaming\IObit\Advanced SystemCare =>SUP.Optional.AdvancedSystemCare
C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare =>SUP.Optional.AdvancedSystemCare
—\ Summary of the elements found (10) - 0s
Zone Anti-Malware - ZAM =>SUP.Optional.Conduit
Zone Anti-Malware - ZAM =>.SUP.ABTeam
Zone Anti-Malware - ZAM =>.SUP.Discord
Zone Anti-Malware - ZAM =>.SUP.Orphan
Zone Anti-Malware - ZAM =>SUP.Optional.AdvancedSystemCare
Zone Anti-Malware - ZAM =>Warning.EventLogApp
Zone Anti-Malware - ZAM =>Warning.EventLogSys
Zone Anti-Malware - ZAM =>.SUP.Temporary.Chrome
Zone Anti-Malware - ZAM =>.SUP.Orphan.MUICache
Zone Anti-Malware - ZAM =>HackTool.KMSpico
—\ Serial Number
[008BA1F172FD50BA8D4C11B74FFAC8A282] [04/08/2021] (.IObit CO., LTD.) - G:\IObit Uninstaller\IUService.exe =>.IObit CO., LTD
[008BA1F172FD50BA8D4C11B74FFAC8A282] [12/12/2021] (.IObit CO., LTD.) - G:\IObit Uninstaller\unins000.exe =>.IObit CO., LTD
[008BA1F172FD50BA8D4C11B74FFAC8A282] [19/10/2021] (.IObit CO., LTD.) - G:\IObit Uninstaller\IObitUninstaler.exe =>.IObit CO., LTD
[01E20D5BE0B5190B1DBFDE9BEF380D9A] [21/09/2021] (.Discord Inc..) - C:\Users\Korisnik\AppData\Local\Discord\Update.exe =>.SUP.Discord
[0266ADFA176389D9B4301AC87EFD6A96] [01/12/2021] (.Nvidia Corporation.) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe =>.Nvidia Corporation
[0266ADFA176389D9B4301AC87EFD6A96] [11/01/2022] (.Nvidia Corporation.) - C:\Windows\System32\drivers\nvhda64v.sys =>.Nvidia Corporation
[0266ADFA176389D9B4301AC87EFD6A96] [11/01/2022] (.Nvidia Corporation.) - C:\Windows\System32\DriverStore\FileRepository\nv_ dispi.inf_amd64_015fa42d67826549\Display.NvContain er\NVDisplay.Container.exe =>.Nvidia Corporation
[0266ADFA176389D9B4301AC87EFD6A96] [11/01/2022] (.Nvidia Corporation.) - C:\Windows\System32\DriverStore\FileRepository\nv_ dispi.inf_amd64_015fa42d67826549\nvlddmkm.sys =>.Nvidia Corporation
[0266ADFA176389D9B4301AC87EFD6A96] [11/01/2022] (.Nvidia Corporation.) - C:\Windows\System32\DriverStore\FileRepository\nv_ dispi.inf_amd64_015fa42d67826549\nvshext.dll =>.Nvidia Corporation
[0266ADFA176389D9B4301AC87EFD6A96] [22/01/2022] (.Nvidia Corporation.) - C:\ProgramData\NVIDIA Corporation\Downloader\62e0d3938ecd62e0062d1fce4be 5ed16\511.23-desktop-win10-win11-64bit-international-dch-whql-g.exe =>.Nvidia Corporation
[0266ADFA176389D9B4301AC87EFD6A96] [27/01/2022] (.Nvidia Corporation.) - C:\Users\Korisnik\AppData\Local\NVIDIA\NvBackend\A pplicationOntology\NvOAWrapperCache.exe =>.Nvidia Corporation
[0266ADFA176389D9B4301AC87EFD6A96] [27/01/2022] (.Nvidia Corporation.) - C:\Users\Korisnik\AppData\Local\NVIDIA\NvBackend\A pplicationOntology\OAWrapper.exe =>.Nvidia Corporation
[0266ADFA176389D9B4301AC87EFD6A96] [27/01/2022] (.Nvidia Corporation.) - C:\Users\Korisnik\AppData\Local\NVIDIA\NvBackend\A pplicationOntology\Ontology64.dll =>.Nvidia Corporation
[0266ADFA176389D9B4301AC87EFD6A96] [27/09/2021] (.Nvidia Corporation.) - C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe =>.Nvidia Corporation
[0305EC138E94A1DB6EB7DC7905083F04] [30/01/2022] (.CPUID S.A.R.L.U..) - C:\Windows\Temp\cpuz150\cpuz150_x64.sys =>.CPUID S.A.R.L.U.
[03B4BC5EE79D842C03930B8619EDEAE4] [18/01/2022] (.Zoom Video Communications, Inc..) - C:\Users\Korisnik\AppData\Roaming\Zoom\bin\Zoom.ex e =>.Zoom Video Communications, Inc.
[03B4BC5EE79D842C03930B8619EDEAE4] [26/12/2021] (.Zoom Video Communications, Inc..) - C:\Users\Korisnik\AppData\Roaming\Zoom\uninstall\I nstaller.exe =>.Zoom Video Communications, Inc.
[05101D15D8F858EE5327DC9BF4B5E60B] [12/01/2022] (.Realtek Semiconductor Corp..) - C:\Windows\System32\drivers\rt640x64.sys =>.Realtek Semiconductor Corp.
[05B5D9D6BB2960FBD330C5D6B9B7B7D2] [12/12/2021] (.GOG Sp. z o.o..) - C:\Users\Korisnik\AppData\Local\Programs\CD Projekt Red\REDlauncher\unins000.exe =>.GOG Sp. z o.o.
[0689B3BCEB4409890A32D71976B132A4] [16/01/2022] (.Valve Corp..) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe =>.Valve Corp.
[0689B3BCEB4409890A32D71976B132A4] [16/01/2022] (.Valve Corp..) - D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe =>.Valve Corp.
[0689B3BCEB4409890A32D71976B132A4] [16/01/2022] (.Valve Corp..) - D:\Steam\steam.exe =>.Valve Corp.
[0689B3BCEB4409890A32D71976B132A4] [16/12/2021] (.Valve Corp..) - D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe =>.Valve Corp.
[068BE2F53452C882F18ED41A5DD4E7A3] [24/01/2022] (.Oracle America, Inc..) - C:\Program Files\Java\jre1.8.0_321\bin\jp2ssv.dll =>.Not verified
[068BE2F53452C882F18ED41A5DD4E7A3] [24/01/2022] (.Oracle America, Inc..) - C:\Program Files\Java\jre1.8.0_321\bin\ssv.dll =>.Not verified
[06AEA76BAC46A9E8CFE6D29E45AAF033] [12/12/2021] (.Google LLC.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google LLC
[06DBE19411438F282930348586B67EE7] [30/01/2022] (.PUBG CORPORATION.) - C:\Program Files\Common Files\PUBG\zksvc.exe =>.Not verified
[06DBE19411438F282930348586B67EE7] [30/01/2022] (.PUBG CORPORATION.) - C:\Users\Korisnik\AppData\Local\Temp\reporter.exe =>.Not verified
[07169B8D9CB085E52753792FF9F6C56A443A10] [11/12/2021] (.TLauncher Inc..) - C:\Users\Korisnik\AppData\Roaming.minecraft\TLaunc her.exe =>.TLauncher Inc.
[07169B8D9CB085E52753792FF9F6C56A443A10] [12/12/2021] (.TLauncher Inc..) - C:\Users\Korisnik\AppData\Roaming.tlauncher\tl-uninstall.exe =>.TLauncher Inc.
[088AB3FB7E651A29FC3CF969B1F4A5BE] [18/08/2021] (.CD PROJEKT SPÓŁKA AKCYJNA.) - D:\IGRE\Cyberpunk 2077\bin\x64\Cyberpunk2077.exe =>.CD PROJEKT SPÓŁKA AKCYJNA
[08FC2A6C411D88E7253C3D99170EAE62] [19/12/2021] (.Logitech Inc.) - C:\Windows\System32\drivers\logi_joy_bus_enum.sys =>.Logitech Inc
[08FC2A6C411D88E7253C3D99170EAE62] [19/12/2021] (.Logitech Inc.) - C:\Windows\System32\drivers\logi_joy_xlcore.sys =>.Logitech Inc
[09105884EB959D3BC8B994F918A7B6EE] [12/12/2021] (.Oracle America, Inc..) - C:\users\korisnik\appdata\roaming.tlauncher\jvms\j re1.8.0_281\bin\javaw.exe =>.Oracle America, Inc.
[0964B50A745C484789A9A6E114626ED2] [28/01/2022] (.PUBG CORPORATION.) - D:\Steam\steamapps\common\PUBG\TslGame\Binaries\Wi n64\ExecPubg.exe =>.PUBG CORPORATION
[0BFCFAC08E216A1C1FDAA6B77BB2D66E] [17/02/2021] (.Realtek Semiconductor Corp..) - C:\Windows\System32\drivers\RTKVHD64.sys =>.Realtek Semiconductor Corp.
[0BFCFAC08E216A1C1FDAA6B77BB2D66E] [17/02/2021] (.Realtek Semiconductor Corp..) - C:\Windows\System32\DriverStore\FileRepository\rea ltekservice.inf_amd64_bc81681eb27bc1ae\RtkAudUServ ice64.exe =>.Realtek Semiconductor Corp.
[0C067D0F436427B359B7A6BABD673873] [30/01/2022] (.Wellbia.com Co., Ltd..) - C:\Windows\xhunter1.sys =>.Not verified
[0C6CE636CA14021AEB0CA7BDE5DF8D59] [27/08/2016] (.CD PROJEKT S.A..) - D:\IGRE\The Witcher 3 Wild Hunt\bin\x64\witcher3.exe =>.CD PROJEKT S.A.
[0D683E6AD0CDA9B4475CF8AE1D7D2133] [28/01/2022] (.BattlEye Innovations e.K..) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe =>.Not verified
[0DFE7BA482F076DB90BCC22B2C487CBD] [01/10/2021] (.Epic Games Inc..) - C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe =>.Epic Games Inc.
[0DFE7BA482F076DB90BCC22B2C487CBD] [25/01/2022] (.Epic Games Inc..) - D:\IGRE\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLaun cher.exe =>.Epic Games Inc.
[0E4418E2DEDE36DD2974C3443AFB5CE5] [11/01/2022] (.Google LLC.) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\SwReporter\96.276.200\software_reporter_tool. exe =>.Google LLC
[0E4418E2DEDE36DD2974C3443AFB5CE5] [19/01/2022] (.Google LLC.) - C:\Program Files\Google\Chrome\Application\97.0.4692.99\eleva tion_service.exe =>.Google LLC
[0E4418E2DEDE36DD2974C3443AFB5CE5] [19/01/2022] (.Google LLC.) - C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google LLC
[0E4418E2DEDE36DD2974C3443AFB5CE5] [24/01/2022] (.Google LLC.) - C:\Program Files\Google\Chrome\Application\97.0.4692.99\Insta ller\chrmstp.exe =>.Google LLC
[0E4418E2DEDE36DD2974C3443AFB5CE5] [24/01/2022] (.Google LLC.) - C:\Program Files\Google\Chrome\Application\97.0.4692.99\Insta ller\setup.exe =>.Google LLC
[1044F31AE1F93A0BB95F19AB9FAAC6BB] [28/01/2022] (.ESET, spol. s r.o..) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\SwReporter\96.276.200\em000_64.dll =>.ESET, spol. s r.o.
[112118064096D257C3E074269A27F3B97FB0] [06/03/2012] (.Ubisoft Entertainment SA.) - C:\Program Files (x86)\InstallShield Installation Information{DE491AB9-1D47-4FED-A8F5-4D4325B2EB4B}\setup.exe =>.Ubisoft Entertainment SA
[112118064096D257C3E074269A27F3B97FB0] [06/03/2012] (.Ubisoft Entertainment SA.) - D:\IGRE\Rayman\Rayman Origins.exe =>.Ubisoft Entertainment SA
[136D3EC438310A8C000000005565FC5E] [25/03/2020] (.Take-Two Interactive Software, Inc..) - D:\IGRE\Max Payne 3\MaxPayne3.exe =>.Not verified
[17DF1E696D347A2530B48532] [18/12/2021] (.AVB Disc Soft, SIA.) - C:\Windows\System32\drivers\dtlitescsibus.sys =>.AVB Disc Soft, SIA
[1E323D42FFE7B81CA944E95B3773DD38] [26/10/2021] (.AB Team d. o. o..) - C:\Program Files (x86)\Webteh\BSPlayer\bsplayer.exe =>.Not verified
[26504E0645C8DDDC8C28CC15] [31/12/2021] (.EasyAntiCheat Oy.) - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe =>.EasyAntiCheat Oy
[32EE75217E5A98EF4FF2764D] [03/12/2021] (.MICRO-STAR INTERNATIONAL CO., LTD..) - G:\MSI Afterburner\MSIAfterburner.exe =>.MICRO-STAR INTERNATIONAL CO., LTD.
[33000002198C0A9FB2162B10E6000000000219] [12/12/2021] (.Skype Software Sarl.) - C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x8 6__kzf8qxf38zg5c\Skype\Skype.exe =>.Skype Software Sarl
[420B1AD8D94118DCF821B8CBD6E142F9] [30/01/2022] (.Wellbia.com Co., Ltd..) - C:\Program Files\Common Files\UNCHEATER\ucldr_battlegrounds_gl.exe =>.Not verified
[420B1AD8D94118DCF821B8CBD6E142F9] [30/01/2022] (.Wellbia.com Co., Ltd..) - C:\Users\Korisnik\AppData\Local\WELLBIA\ucsvc.exe =>.Not verified
[4925507D1EF02B011B4FD1079B0A0B5E] [03/12/2021] (.Alexey Nicolaychuk.) - G:\RivaTuner Statistics Server\EncoderServer.exe =>.Not verified
[4925507D1EF02B011B4FD1079B0A0B5E] [03/12/2021] (.Alexey Nicolaychuk.) - G:\RivaTuner Statistics Server\RTSS.exe =>.Not verified
[4925507D1EF02B011B4FD1079B0A0B5E] [03/12/2021] (.Alexey Nicolaychuk.) - G:\RivaTuner Statistics Server\RTSSHooksLoader64.exe =>.Not verified
[51029B3B9CB48FA076FA2DA87A91DB42] [31/12/2021] (.Epic Games Inc..) - C:\ProgramData\Package Cache{43a03b9c-4770-409c-a999-587b60700b63}\LauncherPrereqSetup_x64.exe =>.Epic Games Inc.
[5600000C970A207F2C4F00043D000000000C97] [16/06/2021] (.Intel(R) Embedded Subsystems and IP Blocks Group.) - C:\Windows\System32\DriverStore\FileRepository\dal .inf_amd64_b5484efd38adbe8d\jhi_service.exe =>.Intel(R) Embedded Subsystems and IP Blocks Group
[58EB3F3A0B0D9C195DAFCA1A28D43C41] [09/03/2017] (.IObit Information Technology.) - C:\Windows\System32\Drivers\SmartDefragDriver.sys =>.IObit Information Technology
[5CD0502920C27EEAEC2A184D0452E53A] [31/01/2020] (.IObit Information Technology.) - G:\IObit Uninstaller\UninstallExplorer.dll =>.IObit Information Technology
[5CD0502920C27EEAEC2A184D0452E53A] [31/07/2020] (.IObit Information Technology.) - G:\IObit Uninstaller\IUMenuRight.dll =>.IObit Information Technology
[62E745E92165213C971F5C490AEA12A5] [03/06/2021] (.NVIDIA Corporation.) - C:\Windows\System32\drivers\NvModuleTracker.sys =>.NVIDIA Corporation
[62E745E92165213C971F5C490AEA12A5] [16/11/2021] (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe =>.NVIDIA Corporation
[65628C146ACE93037FC58659F14BD35F] [01/02/2022] (.ESET, spol. s r.o..) - C:\ProgramData\IObit\IObit Uninstaller\Downloader{99F57F1E-F93B-44A6-A802-2FDBF356D1D9}.exe =>.ESET, spol. s r.o.
[65628C146ACE93037FC58659F14BD35F] [13/01/2022] (.ESET, spol. s r.o..) - C:\Program Files\ESET\ESET Security\callmsi.exe =>.ESET, spol. s r.o.
[65628C146ACE93037FC58659F14BD35F] [13/01/2022] (.ESET, spol. s r.o..) - C:\Program Files\ESET\ESET Security\ecmds.exe =>.ESET, spol. s r.o.
[65628C146ACE93037FC58659F14BD35F] [13/01/2022] (.ESET, spol. s r.o..) - C:\Program Files\ESET\ESET Security\eguiproxy.exe =>.ESET, spol. s r.o.
[65628C146ACE93037FC58659F14BD35F] [13/01/2022] (.ESET, spol. s r.o..) - C:\Program Files\ESET\ESET Security\ekrn.exe =>.ESET, spol. s r.o.
[65628C146ACE93037FC58659F14BD35F] [13/01/2022] (.ESET, spol. s r.o..) - C:\Program Files\ESET\ESET Security\shellExt.dll =>.ESET, spol. s r.o.
[65628C146ACE93037FC58659F14BD35F] [13/01/2022] (.ESET, spol. s r.o..) - C:\Windows\System32\DRIVERS\eamonm.sys =>.ESET, spol. s r.o.
[65628C146ACE93037FC58659F14BD35F] [13/01/2022] (.ESET, spol. s r.o..) - C:\Windows\System32\DRIVERS\edevmon.sys =>.ESET, spol. s r.o.
[65628C146ACE93037FC58659F14BD35F] [13/01/2022] (.ESET, spol. s r.o..) - C:\Windows\System32\DRIVERS\ehdrv.sys =>.ESET, spol. s r.o.
[65628C146ACE93037FC58659F14BD35F] [13/01/2022] (.ESET, spol. s r.o..) - C:\Windows\System32\DRIVERS\ekbdflt.sys =>.ESET, spol. s r.o.
[65628C146ACE93037FC58659F14BD35F] [13/01/2022] (.ESET, spol. s r.o..) - C:\Windows\System32\DRIVERS\epfw.sys =>.ESET, spol. s r.o.
[65628C146ACE93037FC58659F14BD35F] [13/01/2022] (.ESET, spol. s r.o..) - C:\Windows\System32\DRIVERS\epfwwfp.sys =>.ESET, spol. s r.o.
[65628C146ACE93037FC58659F14BD35F] [28/01/2022] (.ESET, spol. s r.o..) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\SwReporter\96.276.200\edls_64.dll =>.ESET, spol. s r.o.
[65628C146ACE93037FC58659F14BD35F] [28/01/2022] (.ESET, spol. s r.o..) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\SwReporter\96.276.200\em001_64.dll =>.ESET, spol. s r.o.
[65628C146ACE93037FC58659F14BD35F] [28/01/2022] (.ESET, spol. s r.o..) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\SwReporter\96.276.200\em002_64.dll =>.ESET, spol. s r.o.
[65628C146ACE93037FC58659F14BD35F] [28/01/2022] (.ESET, spol. s r.o..) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\SwReporter\96.276.200\em003_64.dll =>.ESET, spol. s r.o.
[65628C146ACE93037FC58659F14BD35F] [28/01/2022] (.ESET, spol. s r.o..) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\SwReporter\96.276.200\em004_64.dll =>.ESET, spol. s r.o.
[65628C146ACE93037FC58659F14BD35F] [28/01/2022] (.ESET, spol. s r.o..) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\SwReporter\96.276.200\em005_64.dll =>.ESET, spol. s r.o.
[71E68684F7A885A24ABF921CBBF4E0C3] [02/06/2021] (.NVIDIA Corporation.) - C:\Windows\System32\drivers\nvvhci.sys =>.NVIDIA Corporation
[73098091AB520B92B7825CB8493B55DC] [18/12/2021] (.AVB Disc Soft, SIA.) - E:\DAEMON Tools Lite\DiscSoftBusServiceLite.exe =>.Not verified
[73098091AB520B92B7825CB8493B55DC] [18/12/2021] (.AVB Disc Soft, SIA.) - E:\DAEMON Tools Lite\uninst.exe =>.Not verified
[731D40AE3F3A1FB2BC3D8395] [11/06/2021] (.win.rar GmbH.) - C:\Program Files\WinRAR\Rar.exe =>.win.rar GmbH
[731D40AE3F3A1FB2BC3D8395] [14/06/2021] (.win.rar GmbH.) - C:\Program Files\WinRAR\uninstall.exe =>.win.rar GmbH
[75B5499C96D676A5FAE2656B351E1FD6] [08/10/2021] (.Samsung Electronics Co., Ltd..) - C:\Windows\System32\DRIVERS\ssudbus2.sys =>.Samsung Electronics Co., Ltd.
[76CEA6897FE1FB6E06DF03619025CC50] [18/12/2021] (.AVB Disc Soft, SIA.) - C:\Windows\System32\drivers\dtliteusbbus.sys =>.Not verified
~ Unselected Options: WR,
~ End of the scan, 8124 items in 02mn35s (2100)(0)Comment
-
Did you reinstall ESET? Or is what I am seeing remnants of the Antivirus?Comment
-
I have reinstalled it since I don’t like my pc without an antivirusComment
-
Download ZHP Suite.
[ul]
[li]Then right clcick the ZHP suite icon Run as admin.[/li][li]Then Click on Repar[/li][li]Copy the entire content of the code box below, the next step will grab it from your clipboard.[/li][li]Then click on paste Script.[/li][li]Then click start script[/li][li]Allow completion.[/li][li]A log file will appear on your desktop.[/li][li]Post it here in your next reply.[/li][li]Reboot your machine.[/li][/ul]
[ICODE] Start:: HKLM\SOFTWARE\Wow6432Node\IObit\RealTimeProtector HKLM\SOFTWARE\Wow6432Node\IObit\ASC HKLM\SOFTWARE\IObit\RealTimeProtector HKLM\SOFTWARE\Iobit\ASC HKLM\SOFTWARE\WOW6432Node\Conduit HKLM\SOFTWARE\WOW6432Node\Webteh HKCU\SOFTWARE\Conduit HKCU\SOFTWARE\Discord HKU\S-1-5-21-3132303913-1656691581-3202241647-1002\SOFTWARE\Conduit HKU\S-1-5-21-3132303913-1656691581-3202241647-1002\SOFTWARE\Discord HKLM\SOFTWARE\Microsoft\Tracing\svchost_RASCHAP C:\Program Files (x86)\Webteh HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\svchos t_RASCHAP C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\File System\000 C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\File System\001 C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\File System\002 C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\File System\003 C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\File System\004 C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\File System\005 C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\File System\006 C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\File System\007 C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\File System\008 C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\File System\Plugins HKLM\SOFTWARE\Wow6432Node\IObit\RealTimeProtector HKLM\SOFTWARE\Wow6432Node\IObit\ASC HKLM\SOFTWARE\IObit\RealTimeProtector HKLM\SOFTWARE\Iobit\ASC [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:H:\setup.exe.FriendlyAppName [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:H:\setup.exe.ApplicationCompany [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:\IGRE\Cyberpunk 2077\unins000.exe.FriendlyAppName [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Korisnik\Downloads\SystemUtilities.exe.F riendlyAppName [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Korisnik\Downloads\SystemUtilities.exe.A pplicationCompany [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Korisnik\Desktop\Cyberpunk 2077 v1.03-v1.3 Plus 32 Trainer.exe.FriendlyAppName [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Korisnik\Desktop\Cyberpunk 2077 v1.03-v1.3 Plus 32 Trainer.exe.ApplicationCompany [HKU\S-1-5-21-3132303913-1656691581-3202241647-1002\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:H:\setup.exe.FriendlyAppName [HKU\S-1-5-21-3132303913-1656691581-3202241647-1002\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:H:\setup.exe.ApplicationCompany [HKU\S-1-5-21-3132303913-1656691581-3202241647-1002\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:\IGRE\Cyberpunk 2077\unins000.exe.FriendlyAppName [HKU\S-1-5-21-3132303913-1656691581-3202241647-1002\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Korisnik\Downloads\SystemUtilities.exe.F riendlyAppName [HKU\S-1-5-21-3132303913-1656691581-3202241647-1002\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Korisnik\Downloads\SystemUtilities.exe.A pplicationCompany [HKU\S-1-5-21-3132303913-1656691581-3202241647-1002\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Korisnik\Desktop\Cyberpunk 2077 v1.03-v1.3 Plus 32 Trainer.exe.FriendlyAppName [HKU\S-1-5-21-3132303913-1656691581-3202241647-1002\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Korisnik\Desktop\Cyberpunk 2077 v1.03-v1.3 Plus 32 Trainer.exe.ApplicationCompany C:\Windows\SECOH-QAD.dll C:\Windows\SECOH-QAD.exe C:\Windows\SysWOW64\config\systemprofile\AppData\R oaming\IObit\Advanced SystemCare C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare EmptyPrefetch EmptyClsid[/ICODE]
Adware Cleaner Scan.
Please download AdwCleaner by Xplode onto your desktop.
[ul]
[li]Close all open programs and internet browsers.[/li][li]Right Click on adwcleaner.exe and run as admin to run the tool.[/li][li]Click on Scan button.[/li][li]When the scan has finished click on Clean button.[/li][li]Your computer will be rebooted automatically. A text file will open after the restart.[/li][li]Please post the contents of that logfile with your next reply.[/li][li]You can find the logfile at C:\AdwCleaner[S1].txt as well.[/li][/ul]Comment
-
I will post and copy the files here.
Adware Cleaner:
[HEADING=1]-------------------------------[/HEADING]
[HEADING=1]Malwarebytes AdwCleaner 8.3.1.0[/HEADING]
[HEADING=1]-------------------------------[/HEADING]
[HEADING=1]Build: 11-18-2021[/HEADING]
[HEADING=1]Database: 2021-12-02.1 (Cloud)[/HEADING]
[HEADING=1]Support: https://www.malwarebytes.com/support[/HEADING]
[HEADING=1]-------------------------------[/HEADING]
[HEADING=1]Mode: Clean[/HEADING]
[HEADING=1]-------------------------------[/HEADING]
[HEADING=1]Start: 02-02-2022[/HEADING]
[HEADING=1]Duration: 00:00:00[/HEADING]
[HEADING=1]OS: Windows 10 Pro[/HEADING]
[HEADING=1]Cleaned: 2[/HEADING]
[HEADING=1]Failed: 0[/HEADING]
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
Deleted C:\Windows\System32\REGISTRYDEFRAGBOOTTIME.EXE
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
Deleted Free VPN for Chrome - VPN Proxy VeePN - majdfhpaihoncoakbjgbdhglocklcgno
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
[+] Delete Tracing Keys
[+] Reset Winsock
AdwCleaner[S00].txt - [1526 octets] - [02/02/2022 20:13:23]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
ZHP Fix:
~ ZHPFix v2022.2.2.10 by Nicolas Coolman (2022/02/02)
~ Run by Korisnik (Administrator) (02/02/2022 20:10:40)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Report : C:\Users\Korisnik\Desktop\ZHPFix.txt
~ Quarantine : HKCU\SOFTWARE\ZHP\ZHPFix\Quarantine
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Pro, 64-bit (Build 19044)
—\ USER SCRIPT. (48)
Start::
HKLM\SOFTWARE\Wow6432Node\IObit\RealTimeProtector
HKLM\SOFTWARE\Wow6432Node\IObit\ASC
HKLM\SOFTWARE\IObit\RealTimeProtector
HKLM\SOFTWARE\Iobit\ASC
HKLM\SOFTWARE\WOW6432Node\Conduit
HKLM\SOFTWARE\WOW6432Node\Webteh
HKCU\SOFTWARE\Conduit
HKCU\SOFTWARE\Discord
HKU\S-1-5-21-3132303913-1656691581-3202241647-1002\SOFTWARE\Conduit
HKU\S-1-5-21-3132303913-1656691581-3202241647-1002\SOFTWARE\Discord
HKLM\SOFTWARE\Microsoft\Tracing\svchost_RASCHAP
C:\Program Files (x86)\Webteh
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\svchos t_RASCHAP
C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\File System\000
C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\File System\001
C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\File System\002
C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\File System\003
C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\File System\004
C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\File System\005
C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\File System\006
C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\File System\007
C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\File System\008
C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\File System\Plugins
HKLM\SOFTWARE\Wow6432Node\IObit\RealTimeProtector
HKLM\SOFTWARE\Wow6432Node\IObit\ASC
HKLM\SOFTWARE\IObit\RealTimeProtector
HKLM\SOFTWARE\Iobit\ASC
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:H:\setup.exe.FriendlyAppName
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:H:\setup.exe.ApplicationCompany
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:\IGRE\Cyberpunk 2077\unins000.exe.FriendlyAppName
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Korisnik\Downloads\SystemUtilities.exe.F riendlyAppName
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Korisnik\Downloads\SystemUtilities.exe.A pplicationCompany
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Korisnik\Desktop\Cyberpunk 2077 v1.03-v1.3 Plus 32 Trainer.exe.FriendlyAppName
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Korisnik\Desktop\Cyberpunk 2077 v1.03-v1.3 Plus 32 Trainer.exe.ApplicationCompany
[HKU\S-1-5-21-3132303913-1656691581-3202241647-1002\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:H:\setup.exe.FriendlyAppName
[HKU\S-1-5-21-3132303913-1656691581-3202241647-1002\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:H:\setup.exe.ApplicationCompany
[HKU\S-1-5-21-3132303913-1656691581-3202241647-1002\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:\IGRE\Cyberpunk 2077\unins000.exe.FriendlyAppName
[HKU\S-1-5-21-3132303913-1656691581-3202241647-1002\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Korisnik\Downloads\SystemUtilities.exe.F riendlyAppName
[HKU\S-1-5-21-3132303913-1656691581-3202241647-1002\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Korisnik\Downloads\SystemUtilities.exe.A pplicationCompany
[HKU\S-1-5-21-3132303913-1656691581-3202241647-1002\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Korisnik\Desktop\Cyberpunk 2077 v1.03-v1.3 Plus 32 Trainer.exe.FriendlyAppName
[HKU\S-1-5-21-3132303913-1656691581-3202241647-1002\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Korisnik\Desktop\Cyberpunk 2077 v1.03-v1.3 Plus 32 Trainer.exe.ApplicationCompany
C:\Windows\SECOH-QAD.dll
C:\Windows\SECOH-QAD.exe
C:\Windows\SysWOW64\config\systemprofile\AppData\R oaming\IObit\Advanced SystemCare
C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare
EmptyPrefetch
EmptyClsid
—\ SOFTWARE. (0)
—\ SERVICE. (0)
—\ SCHEDULED TASK. (0)
—\ INTERNET BROWSER. (0)
—\ EXPLORER (folders, files). (15)
DELETED Folder : C:\Program Files (x86)\Webteh
DELETED Folder : C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\File System\000
DELETED Reboot Folder ^: C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\File System\001
DELETED Folder : C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\File System\002
DELETED Folder : C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\File System\003
DELETED Folder : C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\File System\004
DELETED Folder : C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\File System\005
DELETED Folder : C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\File System\006
DELETED Folder : C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\File System\007
DELETED Folder : C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\File System\008
DELETED Folder : C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\File System\Plugins
MOVED File : C:\Windows\SECOH-QAD.dll
MOVED File : C:\Windows\SECOH-QAD.exe
DELETED Folder : C:\Windows\SysWOW64\config\systemprofile\AppData\R oaming\IObit\Advanced SystemCare
DELETED Folder : C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare
—\ REGISTRY (keys, values, data). (36)
DELETED Key: HKLM\SOFTWARE\Wow6432Node\IObit\RealTimeProtector [RealTimeProtector]
DELETED Key: HKLM\SOFTWARE\Wow6432Node\IObit\ASC [ASC]
NOT FOUND Key: HKLM\SOFTWARE\IObit\RealTimeProtector
NOT FOUND Key: HKLM\SOFTWARE\Iobit\ASC
DELETED Key: HKLM\SOFTWARE\WOW6432Node\Conduit [Conduit]
DELETED Key: HKLM\SOFTWARE\WOW6432Node\Webteh [Webteh]
DELETED Key: HKCU\SOFTWARE\Conduit [Conduit]
DELETED Key: HKCU\SOFTWARE\Discord [Discord]
NOT FOUND Key: HKU\S-1-5-21-3132303913-1656691581-3202241647-1002\SOFTWARE\Conduit
NOT FOUND Key: HKU\S-1-5-21-3132303913-1656691581-3202241647-1002\SOFTWARE\Discord
NOT FOUND Key Tracing: HKLM\SOFTWARE\Microsoft\Tracing\svchost_RASCHAP
NOT FOUND Key Tracing: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\svchos t_RASCHAP
NOT FOUND Key: HKLM\SOFTWARE\Wow6432Node\IObit\RealTimeProtector
NOT FOUND Key: HKLM\SOFTWARE\Wow6432Node\IObit\ASC
DELETED Value : H:\setup.exe.FriendlyAppName [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
DELETED Value : H:\setup.exe.ApplicationCompany [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
DELETED Value : D:\IGRE\Cyberpunk 2077\unins000.exe.FriendlyAppName [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
DELETED Value : C:\Users\Korisnik\Downloads\SystemUtilities.exe.Fr iendlyAppName [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
DELETED Value : C:\Users\Korisnik\Downloads\SystemUtilities.exe.Ap plicationCompany [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
DELETED Value : C:\Users\Korisnik\Desktop\Cyberpunk 2077 v1.03-v1.3 Plus 32 Trainer.exe.FriendlyAppName [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
DELETED Value : C:\Users\Korisnik\Desktop\Cyberpunk 2077 v1.03-v1.3 Plus 32 Trainer.exe.ApplicationCompany [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
NOT FOUND Value: HKU\S-1-5-21-3132303913-1656691581-3202241647-1002\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
DELETED Value: H:\setup.exe.FriendlyAppName [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
DELETED Value: H:\setup.exe.ApplicationCompany [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
DELETED Value: D:\IGRE\Cyberpunk 2077\unins000.exe.FriendlyAppName [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
DELETED Value: C:\Users\Korisnik\Downloads\SystemUtilities.exe.Fr iendlyAppName [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
DELETED Value: C:\Users\Korisnik\Downloads\SystemUtilities.exe.Ap plicationCompany [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
DELETED Value: C:\Users\Korisnik\Desktop\Cyberpunk 2077 v1.03-v1.3 Plus 32 Trainer.exe.FriendlyAppName [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
DELETED Value: C:\Users\Korisnik\Desktop\Cyberpunk 2077 v1.03-v1.3 Plus 32 Trainer.exe.ApplicationCompany [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
DELETED Value: H:\setup.exe.FriendlyAppName [HKU\S-1-5-21-3132303913-1656691581-3202241647-1002\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
DELETED Value: H:\setup.exe.ApplicationCompany [HKU\S-1-5-21-3132303913-1656691581-3202241647-1002\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
DELETED Value: D:\IGRE\Cyberpunk 2077\unins000.exe.FriendlyAppName [HKU\S-1-5-21-3132303913-1656691581-3202241647-1002\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
DELETED Value: C:\Users\Korisnik\Downloads\SystemUtilities.exe.Fr iendlyAppName [HKU\S-1-5-21-3132303913-1656691581-3202241647-1002\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
DELETED Value: C:\Users\Korisnik\Downloads\SystemUtilities.exe.Ap plicationCompany [HKU\S-1-5-21-3132303913-1656691581-3202241647-1002\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
DELETED Value: C:\Users\Korisnik\Desktop\Cyberpunk 2077 v1.03-v1.3 Plus 32 Trainer.exe.FriendlyAppName [HKU\S-1-5-21-3132303913-1656691581-3202241647-1002\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
DELETED Value: C:\Users\Korisnik\Desktop\Cyberpunk 2077 v1.03-v1.3 Plus 32 Trainer.exe.ApplicationCompany [HKU\S-1-5-21-3132303913-1656691581-3202241647-1002\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
—\ COMMAND. (2)
~ EmptyPrefetch: deleted prefetcher files (767)
~ EmptyCSID: Empty CLSID folders deleted (0)
—\ UNPROCESSED. (0)
~ The system has been restarted.
***** ~ End of report completed in 00mn00s
I quarantined some files the adware cleaner found, that was the only optionComment
-
Please download the FRST 32 bit or FRST 64bit version to suit your operating system. It is important FRST is downloaded to your desktop.
If you are unsure if your operating system is 32 or 64 Bit please go HERE.
Once downloaded right click the FRST desktop icon and select “Run as administrator” from the menu"
[IMG alt=“icon2.jpg”]https://pchelpforum.net/attachments/icon2-jpg.794/
If you receive any security warnings, or the User Account Control warning opens at any time whilst using FRST you can safely allow FRST to proceed.
FRST will open with two dialogue boxes, accept the disclaimer.
[IMG alt=“frst disclaimer.jpg”]https://pchelpforum.net/attachments/...aimer-jpg.795/
[ol]
[li]Accept the default whitelist options,[/li][li]If the additions.txt options box is not checked please select it.[/li][li]Then select Scan[/li][/ol]
[IMG alt=“frst.jpg”]https://pchelpforum.net/attachments/frst-jpg.796/
Frst will take a few minutes to scan your computer, and when finished will produce two log files on your desktop, FRST.txt, and Addition.txt. They will display immediately on the desktop, but can be reopened later as a notepad file.
[IMG alt=“2016-08-12_152002.jpg”]https://pchelpforum.net/attachments/...52002-jpg.797/
Please Copy and Paste the contents of these logs in your next post for review by our Security Team[/IMG]Comment
-
Addition.txt
[HEADING=1]Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-01-2022
Ran by Korisnik (02-02-2022 23:14:38)
Running from C:\Users\Korisnik\Downloads
Microsoft Windows 10 Pro Version 21H2 19044.1503 (X64) (2021-12-12 10:27:50)
Boot Mode: Normal[/HEADING]
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-3132303913-1656691581-3202241647-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3132303913-1656691581-3202241647-503 - Limited - Disabled)
Guest (S-1-5-21-3132303913-1656691581-3202241647-501 - Limited - Disabled)
Korisnik (S-1-5-21-3132303913-1656691581-3202241647-1002 - Administrator - Enabled) => C:\Users\Korisnik
WDAGUtilityAccount (S-1-5-21-3132303913-1656691581-3202241647-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET Security (Enabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {B18EDDE1-72EE-79EA-3ABD-EEAF1EE45FED}
==================== Installed Programs ======================
(Only the adware programs with “Hidden” flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
BS.Player FREE (HKLM-x32...\BSPlayerf) (Version: 2.77.1092 - AB Team, d.o.o.)
Cyberpunk 2077 (HKLM-x32...\Cyberpunk 2077_is1) (Version: 0.0.0 - DODI-Repacks)
DAEMON Tools Lite (HKLM...\DAEMON Tools Lite) (Version: 11.0.0.1932 - Disc Soft Ltd)
Discord (HKU\S-1-5-21-3132303913-1656691581-3202241647-1002...\Discord) (Version: 1.0.9003 - Discord Inc.)
Epic Games Launcher (HKLM-x32...{209F4B4B-3DF2-4825-9906-D4D6A80EC09E}) (Version: 1.3.0.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM...{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32...{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.)
ESET Security (HKLM...{C8113C9E-3025-4DC5-89E8-71F7C080967A}) (Version: 15.0.23.0 - ESET, spol. s r.o.)
God of War (HKLM-x32...\God of War_is1) (Version: - )
Google Chrome (HKLM-x32...\Google Chrome) (Version: 97.0.4692.99 - Google LLC)
Grand Theft Auto V (HKLM-x32...\Grand Theft Auto V_is1) (Version: - )
IObit Uninstaller 11 (HKLM-x32...\IObitUninstall) (Version: 11.1.0.18 - IObit)
Java 8 Update 311 (64-bit) (HKLM...{26A24AE4-039D-4CA4-87B4-2F64180311F0}) (Version: 8.0.3110.11 - Oracle Corporation)
Java 8 Update 321 (64-bit) (HKLM...{26A24AE4-039D-4CA4-87B4-2F64180321F0}) (Version: 8.0.3210.7 - Oracle Corporation)
Java 8 Update 51 (64-bit) (HKLM...{26A24AE4-039D-4CA4-87B4-2F86418051F0}) (Version: 8.0.510 - Oracle Corporation)
Java SE Development Kit 8 Update 311 (64-bit) (HKLM...{64A3A4F4-B792-11D6-A78A-00B0D0180311}) (Version: 8.0.3110.11 - Oracle Corporation)
Java SE Development Kit 8 Update 321 (64-bit) (HKLM...{64A3A4F4-B792-11D6-A78A-00B0D0180321}) (Version: 8.0.3210.7 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32...{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Max Payne 3 (HKLM-x32...\Max Payne 3_is1) (Version: 0.0.0 - DODI-Repacks)
Microsoft Office Professional Plus 2019 - en-us (HKLM...\ProPlus2019Volume - en-us) (Version: 16.0.10382.20034 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM...{E876418F-BE59-4D8C-B9A5-74B056B676FA}) (Version: 2.93.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM...{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32...{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32...{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM...{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32...{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32...{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32...{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32...{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.30.30704 (HKLM-x32...{57a73df6-4ba9-4c1d-bbbb-517289ff6c13}) (Version: 14.30.30704.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.30.30704 (HKLM-x32...{4d8dcf8c-a72a-43e1-9833-c12724db736e}) (Version: 14.30.30704.0 - Microsoft Corporation)
MSI Afterburner 4.6.4 (HKLM-x32...\Afterburner) (Version: 4.6.4 - MSI Co., LTD)
NVIDIA FrameView SDK 1.2.4999.30397803 (HKLM...{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.2.4999.30397803 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.24.0.126 (HKLM...{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.24.0.126 - NVIDIA Corporation)
NVIDIA Graphics Driver 511.23 (HKLM...{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 511.23 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.39.1 (HKLM...{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.39.1 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.21.0713 (HKLM...{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM...{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.10382.20034 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM...{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.10382.20034 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM...{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.10382.20034 - Microsoft Corporation) Hidden
qBittorrent 4.4.0 (HKLM-x32...\qBittorrent) (Version: 4.4.0 - The qBittorrent project)
Rayman Origins (HKLM-x32...{DE491AB9-1D47-4FED-A8F5-4D4325B2EB4B}) (Version: 1.00 - Ubisoft)
REDlauncher (HKU\S-1-5-21-3132303913-1656691581-3202241647-1002...{7258BA11-600C-430E-A759-27E2C691A335}-REDlauncher_is1) (Version: - GOG.com)
RivaTuner Statistics Server 7.3.3 (HKLM-x32...\RTSS) (Version: 7.3.3 - Unwinder)
Sniper Ghost Warrior Contracts 2 (HKLM-x32...\Sniper Ghost Warrior Contracts 2_is1) (Version: - )
Sniper: Ghost Warrior Contracts (HKLM-x32...\Sniper: Ghost Warrior Contracts_is1) (Version: - )
The Witcher 3 Wild Hunt v.1.31 (HKLM-x32...\The Witcher 3 Wild Hunt_is1) (Version: - )
TLauncher (HKLM-x32...\TLauncher) (Version: 2.831 - TLauncher Inc.)
WinRAR 6.02 (64-bit) (HKLM...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)
Wolfenstein Youngblood Deluxe Edition MULTi12 - ElAmigos version 1.0.3 (HKLM-x32...{8D2A84ED-62F8-4817-A798-A7487A91BEAE}_is1) (Version: 1.0.3 - Bethesda Softworks)
Zoom (HKU\S-1-5-21-3132303913-1656691581-3202241647-1002...\ZoomUMX) (Version: 5.9.1 (2581) - Zoom Video Communications, Inc.)
[HEADING=1]Packages:[/HEADING]
Microsoft Advertising SDK for XAML → C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.18 11.1.0_x64__8wekyb3d8bbwe [2021-12-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML → C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.18 11.1.0_x86__8wekyb3d8bbwe [2021-12-12] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel → C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8. 1.962.0_x64__56jybvy8sckqj [2022-01-19] (NVIDIA Corp.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [ESET Security Shell] → {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2022-01-13] (ESET, spol. s r.o. → ESET)
ContextMenuHandlers1: [IObitUnstaler] → {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => G:\IObit Uninstaller\IUMenuRight.dll [2020-07-31] (IObit Information Technology → IObit)
ContextMenuHandlers2: [ESET Security Shell] → {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2022-01-13] (ESET, spol. s r.o. → ESET)
ContextMenuHandlers4: [IObitUnstaler] → {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => G:\IObit Uninstaller\IUMenuRight.dll [2020-07-31] (IObit Information Technology → IObit)
ContextMenuHandlers5: [NvCplDesktopContext] → {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nv_ dispi.inf_amd64_015fa42d67826549\nvshext.dll [2022-01-11] (Nvidia Corporation → NVIDIA Corporation)
ContextMenuHandlers6: [ESET Security Shell] → {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2022-01-13] (ESET, spol. s r.o. → ESET)
ContextMenuHandlers6: [IObitUnstaler] → {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => G:\IObit Uninstaller\IUMenuRight.dll [2020-07-31] (IObit Information Technology → IObit)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2021-12-03 14:36 - 2021-12-03 14:36 - 000232960 _____ () [File not signed] G:\MSI Afterburner\RTCore.dll
2021-12-03 14:36 - 2021-12-03 14:36 - 000057344 _____ () [File not signed] G:\MSI Afterburner\RTFC.dll
2021-12-03 14:36 - 2021-12-03 14:36 - 000668672 _____ () [File not signed] G:\MSI Afterburner\RTHAL.dll
2021-12-03 14:36 - 2021-12-03 14:36 - 000074240 _____ () [File not signed] G:\MSI Afterburner\RTMUI.dll
2021-12-03 14:36 - 2021-12-03 14:36 - 000371712 _____ () [File not signed] G:\MSI Afterburner\RTUI.dll
2021-12-03 14:32 - 2021-12-03 14:32 - 000057344 _____ () [File not signed] G:\RivaTuner Statistics Server\RTFC.dll
2021-12-03 14:32 - 2021-12-03 14:32 - 000074240 _____ () [File not signed] G:\RivaTuner Statistics Server\RTMUI.dll
2021-12-03 14:32 - 2021-12-03 14:32 - 000368640 _____ () [File not signed] G:\RivaTuner Statistics Server\RTUI.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Korisnik\Application Data:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\Korisnik\AppData\Roaming:00e481b5e22dbe1f 649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [6256]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO: ExplorerWnd Helper → {10921475-03CE-4E04-90CE-E2E7EF20C814} → G:\IObit Uninstaller\UninstallExplorer.dll [2020-01-31] (IObit Information Technology → IObit)
BHO: Java™ Plug-In SSV Helper → {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} → C:\Program Files\Java\jre1.8.0_321\bin\ssv.dll [2022-01-24] (Oracle America, Inc. → Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper → {DBC80044-A445-435b-BC74-9C25C1C588A9} → C:\Program Files\Java\jre1.8.0_321\bin\jp2ssv.dll [2022-01-24] (Oracle America, Inc. → Oracle Corporation)
BHO-x32: Skype for Business Browser Helper → {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} → C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-01-25] (Microsoft Corporation → Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-25] (Microsoft Corporation → Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-01-25] (Microsoft Corporation → Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-25] (Microsoft Corporation → Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-01-25] (Microsoft Corporation → Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-25] (Microsoft Corporation → Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-01-25] (Microsoft Corporation → Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-25] (Microsoft Corporation → Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-01-25] (Microsoft Corporation → Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 10:14 - 2021-12-13 13:29 - 000002552 _____ C:\Windows\system32\drivers\etc\hosts
109.94.209.70 fitgirlrepacks.in # Fake FitGirl site
109.94.209.70 www.fitgirlrepacks.in # Fake FitGirl site
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirl-repack.org # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.org # Fake FitGirl site
109.94.209.70 fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 fitgirl-repacks.to # Fake FitGirl site
109.94.209.70 fitgirl-repack.com # Fake FitGirl site
109.94.209.70 fitgirl-repacks.website # Fake FitGirl site
109.94.209.70 fitgirlrepack.games # Fake FitGirl site
109.94.209.70 www.fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.to # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.com # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.website # Fake FitGirl site
109.94.209.70 ww9.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 www.fitgirlrepack.games # Fake FitGirl site
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirl-repack.net # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.net # Fake FitGirl site
109.94.209.70 fitgirlpack.site # Fake FitGirl site
109.94.209.70 www.fitgirlpack.site # Fake FitGirl site
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\Path → C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\J ava\javapath;C:\Windows\system32;C:\Windows;C:\Win dows\System32\Wbem;C:\Windows\System32\WindowsPowe rShell\v1.0;C:\Windows\System32\OpenSSH;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common
HKU\S-1-5-21-3132303913-1656691581-3202241647-1002\Control Panel\Desktop\Wallpaper → c:\users\korisnik\appdata\local\packages\microsoft .windows.photos_8wekyb3d8bbwe\localstate\photosapp background\11034324.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Pol icies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\Services: BEService => 3
MSCONFIG\Services: Disc Soft Lite Bus Service => 3
MSCONFIG\Services: EasyAntiCheat => 3
MSCONFIG\Services: EpicOnlineServices => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: IObitUnSvr => 2
MSCONFIG\Services: LGHUBUpdaterService => 3
MSCONFIG\Services: NvContainerLocalSystem => 3
MSCONFIG\Services: Razer Update Service => 3
MSCONFIG\Services: RtkAudioUniversalService => 3
MSCONFIG\Services: RzSndSrv => 3
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: ucldr_battlegrounds_gl => 3
MSCONFIG\Services: zksvc => 3
HKLM...\StartupApproved\Run32: => “SunJavaUpdateSched”
HKU\S-1-5-21-3132303913-1656691581-3202241647-1002...\StartupApproved\Run: => “LGHUB”
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{92A6165B-2442-4DE6-9072-385D406409C9}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe => No File
FirewallRules: [{E897EDF9-2430-4938-B7FB-716C9F00C71A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe => No File
FirewallRules: [{5E8F2E81-C6AC-482A-A584-6B1908311DCC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x8 6__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl → Skype Technologies S.A.)
FirewallRules: [{9F2E0F14-A3BD-4A10-8387-D27CF4F6709B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x8 6__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl → Skype Technologies S.A.)
FirewallRules: [{A3A123C1-58FE-42EA-B1A4-1FCCB8DC96D3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x8 6__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl → Skype Technologies S.A.)
FirewallRules: [{CA252AC9-39F8-48CC-90EE-A265D519F41C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x8 6__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl → Skype Technologies S.A.)
FirewallRules: [TCP Query User{9208624A-5CB2-498E-986E-8162BAA3FC6C}D:\igre\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) D:\igre\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA → CD PROJEKT S.A.)
FirewallRules: [UDP Query User{68A81671-590D-46CA-AD31-AC305888564A}D:\igre\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) D:\igre\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA → CD PROJEKT S.A.)
FirewallRules: [TCP Query User{C55B3A34-ED6A-4E29-A0CD-1FEA4AF53BF5}C:\users\korisnik\appdata\roaming.tla uncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\users\korisnik\appdata\roaming.tlauncher\jvms\j re1.8.0_281\bin\javaw.exe
FirewallRules: [UDP Query User{BFB97476-1FD4-415A-A736-8E08F4EF66F5}C:\users\korisnik\appdata\roaming.tla uncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\users\korisnik\appdata\roaming.tlauncher\jvms\j re1.8.0_281\bin\javaw.exe
FirewallRules: [TCP Query User{4B1A02B8-ADB3-464D-B68B-52B2C77CCEA3}D:\igre\forza horizon 5\forzahorizon5.exe] => (Allow) D:\igre\forza horizon 5\forzahorizon5.exe => No File
FirewallRules: [UDP Query User{FDB5F165-9F4B-4D00-A7AF-9AFA3E9FEB13}D:\igre\forza horizon 5\forzahorizon5.exe] => (Allow) D:\igre\forza horizon 5\forzahorizon5.exe => No File
FirewallRules: [{F9A199E2-071F-4970-84F8-0C25E069B82F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation → NVIDIA Corporation)
FirewallRules: [{C695557B-548D-4226-98D4-04A46BA1B23A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation → NVIDIA Corporation)
FirewallRules: [TCP Query User{9B12E97A-122E-471A-9CF6-E7BDF65C2ABD}D:\igre\resident evil village\re8.exe] => (Allow) D:\igre\resident evil village\re8.exe => No File
FirewallRules: [UDP Query User{C9E27ECF-3641-4E44-8CE6-9A1F359ECD40}D:\igre\resident evil village\re8.exe] => (Allow) D:\igre\resident evil village\re8.exe => No File
FirewallRules: [TCP Query User{C0931358-ACEC-46C1-AFDC-9B01F3117C25}D:\igre\sniper - ghost warrior contracts\win_x64\sgwcontracts.exe] => (Allow) D:\igre\sniper - ghost warrior contracts\win_x64\sgwcontracts.exe (CI Games S.A.) [File not signed]
FirewallRules: [UDP Query User{27B00C76-E8D5-422C-802E-10370E43D373}D:\igre\sniper - ghost warrior contracts\win_x64\sgwcontracts.exe] => (Allow) D:\igre\sniper - ghost warrior contracts\win_x64\sgwcontracts.exe (CI Games S.A.) [File not signed]
FirewallRules: [{79536A55-DDE6-4960-869F-0146C8EF3E82}] => (Allow) G:\Grand Theft Auto V\GTA5.exe (Rockstar Games) [File not signed]
FirewallRules: [{C389F29D-86CC-4037-A753-246814D022BE}] => (Allow) G:\Grand Theft Auto V\GTA5.exe (Rockstar Games) [File not signed]
FirewallRules: [{A2B40E9F-FDCC-4F8C-812F-8A8304D1AF9E}] => (Allow) D:\Steam\steam.exe (Valve Corp. → Valve Corporation)
FirewallRules: [{B9D0ACF5-0C0C-4F70-83AD-0C0E712FBCD5}] => (Allow) D:\Steam\steam.exe (Valve Corp. → Valve Corporation)
FirewallRules: [{36196217-EAF7-4386-8F98-23D489157DE6}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. → Valve Corporation)
FirewallRules: [{8564EC21-CE8F-48FA-A92A-FB54B5645811}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. → Valve Corporation)
FirewallRules: [{6E8EA721-3913-4042-A189-CB9C1ACDBDBC}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. → )
FirewallRules: [{D9926B84-E103-4A05-820C-30AAB23CE40A}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. → )
FirewallRules: [{60016CEB-1A2E-438E-831E-69D219AC87C2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation → NVIDIA Corporation)
FirewallRules: [{7CC462A2-BDC0-4B5A-89C9-645308664C56}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation → NVIDIA Corporation)
FirewallRules: [{07306863-6245-4D56-8DF1-04B46A72FF16}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation → NVIDIA Corporation)
FirewallRules: [{D3A9DAAF-C68D-46E8-ACBE-8194E5F3D53D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation → NVIDIA Corporation)
FirewallRules: [{1C0C4906-9299-49AB-9849-368B13EEE23C}] => (Allow) E:\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA → Disc Soft Ltd)
FirewallRules: [{F7F0C26C-1E7D-4253-BC80-979F4E4CAC92}] => (Allow) E:\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA → Disc Soft Ltd)
FirewallRules: [TCP Query User{C76CF870-F27E-4649-9F7D-9B47382746D3}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe => No File
FirewallRules: [UDP Query User{3AC8E318-0576-42BB-984A-04D5AA42E935}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe => No File
FirewallRules: [TCP Query User{DE3FD26B-EF7A-4B71-B304-5D0945085373}C:\users\korisnik\appdata\roaming.min ecraft\runtime\java-runtime-beta\windows\java-runtime-beta\bin\javaw.exe] => (Allow) C:\users\korisnik\appdata\roaming.minecraft\runtim e\java-runtime-beta\windows\java-runtime-beta\bin\javaw.exe
FirewallRules: [UDP Query User{33146ABF-E773-4953-8FE5-29EDD7642CB6}C:\users\korisnik\appdata\roaming.min ecraft\runtime\java-runtime-beta\windows\java-runtime-beta\bin\javaw.exe] => (Allow) C:\users\korisnik\appdata\roaming.minecraft\runtim e\java-runtime-beta\windows\java-runtime-beta\bin\javaw.exe
FirewallRules: [TCP Query User{B407939B-02CA-48C8-B370-060EE980A080}F:\subnautica - below zero\subnauticazero.exe] => (Allow) F:\subnautica - below zero\subnauticazero.exe => No File
FirewallRules: [UDP Query User{3C0A1EB2-C136-4BF6-BD08-AE460F2C0797}F:\subnautica - below zero\subnauticazero.exe] => (Allow) F:\subnautica - below zero\subnauticazero.exe => No File
FirewallRules: [TCP Query User{E43C76B7-5E50-463C-B897-E9346F3D05FA}D:\igre\sniper ghost warrior contracts 2\win_x64\sgwcontracts2.exe] => (Allow) D:\igre\sniper ghost warrior contracts 2\win_x64\sgwcontracts2.exe (CI Games S.A.) [File not signed]
FirewallRules: [UDP Query User{47FDF079-4637-4B7D-B063-D465B90BE293}D:\igre\sniper ghost warrior contracts 2\win_x64\sgwcontracts2.exe] => (Allow) D:\igre\sniper ghost warrior contracts 2\win_x64\sgwcontracts2.exe (CI Games S.A.) [File not signed]
FirewallRules: [{5DB4EB62-59C4-4CC6-85FD-3DAAD9217B65}] => (Allow) C:\Users\Korisnik\AppData\Roaming\Zoom\bin\Zoom.ex e (Zoom Video Communications, Inc. → Zoom Video Communications, Inc.)
FirewallRules: [{B51B5B26-7A6A-427C-82A2-9882915751CB}] => (Allow) E:\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{2650D425-2A7A-42C4-9C7F-F03A025106DE}] => (Allow) E:\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{1B45D14C-CEAF-4B9F-89EF-B24EA6D5CD62}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC → Google LLC)
FirewallRules: [{80376D0B-038F-447B-9313-96870432D9BA}] => (Allow) D:\Steam\steamapps\common\PUBG\TslGame\Binaries\Wi n64\ExecPubg.exe (PUBG CORPORATION → KRAFTON, Inc.)
FirewallRules: [{6190D7A7-5D25-4A3B-A0A9-924A9B0780BD}] => (Allow) D:\Steam\steamapps\common\PUBG\TslGame\Binaries\Wi n64\ExecPubg.exe (PUBG CORPORATION → KRAFTON, Inc.)
FirewallRules: [{D9A2604F-9677-45E3-BCA5-F8A08F2EA178}] => (Allow) D:\IGRE\Rayman Origins.exe => No File
FirewallRules: [{30F6BBF0-5806-4599-A691-26198E99B99C}] => (Allow) D:\IGRE\Rayman Origins.exe => No File
FirewallRules: [{62B3BCA1-B9F8-45D1-9D7A-71A2095AFD84}] => (Allow) D:\IGRE\gu.exe => No File
FirewallRules: [{40258A75-D79E-4813-B492-63C43366CC37}] => (Allow) D:\IGRE\gu.exe => No File
==================== Restore Points =========================
30-01-2022 19:00:01 Windows Backup
01-02-2022 15:24:04 Removed ESET Security
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
[HEADING=1]Application errors:[/HEADING]
Error: (02/02/2022 08:11:36 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
Error: (02/02/2022 05:09:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Aplikacija koja je prouzročila pogrešku: wmiprvse.exe, verzija: 10.0.19041.546, vremenska oznaka: 0x5da7ab91
Modul koji je prouzročio pogrešku: unknown, verzija: 0.0.0.0, vremenska oznaka: 0x00000000
Kôd iznimke: 0x80131623
Pomak pogreške 0x00007ff88f5f200f
Id postupka: 0x1f44
Vrijeme pokretanja aplikacije koja je prouzročila pogrešku: 0x01d8184f50687f5a
Put aplikacije koja je prouzročila pogrešku: C:\Windows\system32\wbem\wmiprvse.exe
Put modula koji je prouzročio pogrešku: unknown
Id izvješća: 5c5c0a63-603c-4216-894b-d48b6e5884aa
Puni naziv paketa koji je prouzročio pogrešku:
Relativni ID aplikacije paketa koji je prouzročio pogrešku:
Error: (02/02/2022 05:09:54 PM) (Source: .NET Runtime) (EventID: 1025) (User: )
Description: Application: wmiprvse.exe
Framework Version: v4.0.30319
Description: The application requested process termination through System.Environment.FailFast(string message).
Message: Unexpected exception thrown from the provider:
System.IO.FileLoadException:
File name: ‘Microsoft.AppV.AppvClientComConsumer, Version=10.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35’
at Microsoft.AppV.AppvPublishingServerWMI.AppvPublish ingServer.EnumeratePublishingServers()
Stack:
at System.Environment.FailFast(System.String)
at WmiNative.WbemProvider.WmiNative.IWbemServices.Cre ateInstanceEnumAsync(System.String, Int32, WmiNative.IWbemContext, WmiNative.IWbemObjectSink)
Error: (02/02/2022 05:09:53 PM) (Source: Microsoft Security Client) (EventID: 3002) (User: )
Description: Event-ID 3002
Error: (02/02/2022 05:09:53 PM) (Source: Microsoft Security Client) (EventID: 2002) (User: )
Description: Event-ID 2002
Error: (02/02/2022 05:09:53 PM) (Source: Microsoft Security Client) (EventID: 2003) (User: )
Description: Event-ID 2003
Error: (02/01/2022 04:58:36 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
Error: (02/01/2022 03:49:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Aplikacija koja je prouzročila pogrešku: wmiprvse.exe, verzija: 10.0.19041.546, vremenska oznaka: 0x5da7ab91
Modul koji je prouzročio pogrešku: unknown, verzija: 0.0.0.0, vremenska oznaka: 0x00000000
Kôd iznimke: 0x80131623
Pomak pogreške 0x00007ffa4190200f
Id postupka: 0x20bc
Vrijeme pokretanja aplikacije koja je prouzročila pogrešku: 0x01d8177af08c926c
Put aplikacije koja je prouzročila pogrešku: C:\Windows\system32\wbem\wmiprvse.exe
Put modula koji je prouzročio pogrešku: unknown
Id izvješća: 13a96642-38c9-46b6-812e-16e33948d61d
Puni naziv paketa koji je prouzročio pogrešku:
Relativni ID aplikacije paketa koji je prouzročio pogrešku:
[HEADING=1]System errors:[/HEADING]
Error: (02/02/2022 09:10:21 PM) (Source: Application Popup) (EventID: 56) (User: )
Description: ACPI2
Error: (02/02/2022 09:10:03 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-IRCP48C)
Description: The server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} did not register with DCOM within the required timeout.
Error: (02/02/2022 08:14:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Servis Microsoft Office Click-to-Run Service neočekivano je prekinut. To se dogodilo 1 puta. Za 0 ms bit će poduzeta sljedeća akcija ispravljanja: Restart the service.
Error: (02/02/2022 08:14:04 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Servis Intel(R) Storage Middleware Service neočekivano je prekinut. To se dogodilo 1 puta.
Error: (02/02/2022 08:14:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Servis NVIDIA Display Container LS neočekivano je prekinut. To se dogodilo 1 puta. Za 6000 ms bit će poduzeta sljedeća akcija ispravljanja: Restart the service.
Error: (02/02/2022 08:11:58 PM) (Source: Application Popup) (EventID: 56) (User: )
Description: ACPI2
Error: (02/02/2022 02:43:57 PM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-IRCP48C)
Description: Unable to start a DCOM Server: Microsoft.MicrosoftEdge_44.19041.1266.0_neutral__8 wekyb3d8bbwe!MicrosoftEdge.AppXre20k58eaa822f0smsz c2fbv5y0azn7k.mca as Unavailable/Unavailable. The error:
“2147942402”
Happened while starting this command:
“C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8we kyb3d8bbwe\MicrosoftEdge.exe” -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jt qr00qdm0khc.mca
Error: (02/02/2022 02:43:45 PM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-IRCP48C)
Description: Unable to start a DCOM Server: Microsoft.MicrosoftEdge_44.19041.1266.0_neutral__8 wekyb3d8bbwe!MicrosoftEdge.AppXre20k58eaa822f0smsz c2fbv5y0azn7k.mca as Unavailable/Unavailable. The error:
“2147942402”
Happened while starting this command:
“C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8we kyb3d8bbwe\MicrosoftEdge.exe” -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jt qr00qdm0khc.mca
[HEADING=1]CodeIntegrity:[/HEADING]
Date: 2022-02-02 21:12:30
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume8\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: American Megatrends International, LLC. F1 05/14/2021
Motherboard: Gigabyte Technology Co., Ltd. B560M DS3H V2
Processor: Intel(R) Core™ i5-10400F CPU @ 2.90GHz
Percentage of memory in use: 23%
Total physical RAM: 16253.29 MB
Available physical RAM: 12460.21 MB
Total Virtual: 30589.29 MB
Available Virtual: 24386.17 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:214.24 GB) (Free:138.59 GB) NTFS
Drive d: (Nova jedinica) (Fixed) (Total:976.56 GB) (Free:537.66 GB) NTFS
Drive e: (Nova jedinica) (Fixed) (Total:292.97 GB) (Free:245.87 GB) NTFS
Drive f: (Nova jedinica) (Fixed) (Total:593.47 GB) (Free:378.33 GB) NTFS
Drive g: (Nova jedinica) (Fixed) (Total:250.92 GB) (Free:178.1 GB) NTFS
\?\Volume{3caca965-574a-4151-838e-2df5047aa778}\ (Recovery) (Fixed) (Total:0.49 GB) (Free:0.07 GB) NTFS
\?\Volume{0dd22b59-2a77-47af-afca-ed30fa423303}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
================================================== ========
Disk: 0 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)
Partition: GPT.
================================================== ========
Disk: 1 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================
FRST.txt
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-01-2022
Ran by Korisnik (administrator) on DESKTOP-IRCP48C (Gigabyte Technology Co., Ltd. B560M DS3H V2) (02-02-2022 23:13:44)
Running from C:\Users\Korisnik\Downloads
Loaded Profiles: Korisnik
Platform: Microsoft Windows 10 Pro Version 21H2 19044.1503 (X64) Language: engleski (Sjedinjene Države) → hrvatski (Hrvatska)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Alexey Nicolaychuk → ) G:\RivaTuner Statistics Server\EncoderServer.exe
(Alexey Nicolaychuk → ) G:\RivaTuner Statistics Server\RTSS.exe
(Alexey Nicolaychuk → ) G:\RivaTuner Statistics Server\RTSSHooksLoader64.exe
(ESET, spol. s r.o. → ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. → ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Google LLC → Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <11>
(Intel Corporation → Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaa hcic.inf_amd64_ec6acb81b9300f24\RstMwService.exe
(Intel Corporation → Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms .inf_amd64_fddb643595e0b8d0\LMS.exe
(Microsoft Corporation → Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Windows → Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows → Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(MICRO-STAR INTERNATIONAL CO., LTD. → ) G:\MSI Afterburner\MSIAfterburner.exe
(Nvidia Corporation → NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_ dispi.inf_amd64_015fa42d67826549\Display.NvContain er\NVDisplay.Container.exe <2>
(The qBittorrent Project) [File not signed] E:\qBittorrent\qbittorrent.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [167496 2022-01-13] (ESET, spol. s r.o. → ESET)
HKU\S-1-5-21-3132303913-1656691581-3202241647-1002...\Policies\Explorer: [HideSCAMeetNow] 1
HKU\S-1-5-21-3132303913-1656691581-3202241647-1002...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-3132303913-1656691581-3202241647-1002...\MountPoints2: {64941ade-5b3a-11ec-af29-d85ed301c0da} - “I:\setup.exe”
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] → C:\Program Files\Google\Chrome\Application\97.0.4692.99\Insta ller\chrmstp.exe [2022-01-24] (Google LLC → Google LLC)
BootExecute: autocheck autochk * SmartDefragBootTime.exe
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
HKU\S-1-5-21-3132303913-1656691581-3202241647-1002\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {040A9AAA-D675-4DC4-AE41-25E5707C45D4} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23563696 2022-01-06] (Microsoft Corporation → Microsoft Corporation)
Task: {098599EF-8D99-44DE-BE19-6DE2A9F510D8} - System32\Tasks\Microsoft\Office\OfficeBackgroundTa skHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.e xe [2208208 2022-01-25] (Microsoft Corporation → Microsoft Corporation)
Task: {18305FCC-6D41-4331-943B-EFE6D9E41F30} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-12-12] (Google LLC → Google LLC)
Task: {2DBCE23D-2264-49B5-AA1F-CFD31E268C3C} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3132303913-1656691581-3202241647-1003 => C:\Users\Korisnik\AppData\Local\Microsoft\OneDrive \OneDriveStandaloneUpdater.exe (No File)
Task: {3BFE5F00-41A0-4D96-B94B-950393CB6D84} - System32\Tasks\Intel PTT EK Recertification => C:\Windows\System32\DriverStore\FileRepository\icl sclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKR ecertification.exe [818008 2021-09-15] (Intel Corporation → Intel(R) Corporation)
Task: {6254464A-FC4A-43F7-8BEE-7E1C4EA520EA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAge ntFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [3513800 2022-01-25] (Microsoft Corporation → Microsoft Corporation)
Task: {6DA18C18-E5A3-4A69-8798-B0FFAB290663} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation → NVIDIA Corporation)
Task: {74D07083-70C8-4C94-9E05-1DC8BF9919FC} - System32\Tasks\Uninstaller_SkipUac_Korisnik => G:\IObit Uninstaller\IObitUninstaler.exe [7350808 2021-10-19] (IObit CO., LTD → IObit)
Task: {7723D9A7-4B06-41C8-94C6-4BD519518D69} - System32\Tasks\MSIAfterburner => G:\MSI Afterburner\MSIAfterburner.exe [804408 2021-12-03] (MICRO-STAR INTERNATIONAL CO., LTD. → )
Task: {82CF67A4-283A-46D3-8143-0B93D013CC51} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation → NVIDIA Corporation)
Task: {84D9B6B8-549C-405D-B1C7-414A03D4CBDA} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [904904 2021-12-08] (Nvidia Corporation → NVIDIA Corporation)
Task: {8A3CBC76-D705-412C-AF3F-73737880E7D7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAge ntLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [3513800 2022-01-25] (Microsoft Corporation → Microsoft Corporation)
Task: {9381E5B5-D8EE-4060-A065-A0FAE708343E} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NoUACCheck
Task: {93B41730-1062-43BA-96A1-5BA4003FE29D} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3132303913-1656691581-3202241647-1003 => C:\Users\Korisnik\AppData\Local\Microsoft\OneDrive \OneDriveStandaloneUpdater.exe /reporting (No File)
Task: {A29AB79F-A6A7-4831-B32E-67B107EB77FE} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3341312 2021-12-09] (Nvidia Corporation → NVIDIA Corporation)
Task: {A43E9B5C-7867-4431-AF7F-935B08ACA267} - System32\Tasks\Online_KMS_Activation_Script-Renewal => %ProgramData%\Online_KMS_Activation\Activate.cmd Task
Task: {AA87C4B7-C6BD-4D38-92E9-79922EC358F0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-12-12] (Google LLC → Google LLC)
Task: {B426CABB-ED5B-466B-A06F-CCA04D4913C6} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [904904 2021-12-08] (Nvidia Corporation → NVIDIA Corporation)
Task: {C805E389-27CA-415F-B3B0-F8F3B460B853} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649216 2021-12-08] (Nvidia Corporation → NVIDIA Corporation)
Task: {DFA42C47-FE47-4E43-B5AD-545C6AD1C0A2} - System32\Tasks\Microsoft\Office\OfficeBackgroundTa skHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.e xe [2208208 2022-01-25] (Microsoft Corporation → Microsoft Corporation)
Task: {E45A65AC-5AC5-4ABD-A93E-605E7C282C4F} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-11-16] (NVIDIA Corporation → NVIDIA Corporation) → -d “C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck” -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck .log
Task: {E6C1DE8C-14F4-4F12-B9A4-58ED0BD734DC} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23563696 2022-01-06] (Microsoft Corporation → Microsoft Corporation)
Task: {EA9E889F-D0C8-4F5B-A8D3-1E89331B9E6D} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation → NVIDIA Corporation)
Task: {F509D6B5-62FA-48A1-8D0F-DBACCD7A3FF3} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation → NVIDIA Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask .job => C:\Windows\explorer.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip..\Interfaces{0da5278c-291d-47f9-9274-9251109cc5ca}: [DhcpNameServer] 192.168.1.1 192.168.1.1
[HEADING=1]FireFox:[/HEADING]
FF Plugin: @java.com/DTPlugin,version=11.321.2 → C:\Program Files\Java\jre1.8.0_321\bin\dtplugin\npDeployJava1 .dll [2022-01-24] (Oracle America, Inc. → Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.321.2 → C:\Program Files\Java\jre1.8.0_321\bin\plugin2\npjp2.dll [2022-01-24] (Oracle America, Inc. → Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 → C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-01-25] (Microsoft Corporation → Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 → C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-01-25] (Microsoft Corporation → Microsoft Corporation)
[HEADING=1]Chrome:[/HEADING]
CHR Profile: C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default [2022-02-02]
CHR Extension: (Slides) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhon fmgoek [2021-12-12]
CHR Extension: (Docs) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfi lokake [2021-12-12]
CHR Extension: (Google Drive) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigk jlhalf [2021-12-12]
CHR Extension: (YouTube) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldk acnbeo [2021-12-12]
CHR Extension: (Email Finder by Snov.io) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\einnffiilpmgldkapbikhkeico hlaapj [2022-01-17]
CHR Extension: (Sheets) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpeb giejap [2021-12-12]
CHR Extension: (Google Docs Offline) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdl olhkhi [2022-01-19]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbi glidom [2022-01-26]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccm gmieda [2021-12-12]
CHR Extension: (Gmail) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoe jaedia [2021-12-12]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8901960 2022-01-28] (BattlEye Innovations e.K. → )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9482176 2022-01-06] (Microsoft Corporation → Microsoft Corporation)
S3 Disc Soft Lite Bus Service; E:\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4958096 2021-12-18] (AVB Disc Soft, SIA → Disc Soft Ltd)
S4 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [813032 2021-12-31] (EasyAntiCheat Oy → Epic Games, Inc)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3141480 2022-01-13] (ESET, spol. s r.o. → ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3141480 2022-01-13] (ESET, spol. s r.o. → ESET)
S4 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934368 2021-10-01] (Epic Games Inc. → Epic Games, Inc.)
S4 IObitUnSvr; G:\IObit Uninstaller\IUService.exe [158232 2021-08-04] (IObit CO., LTD → IObit)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6136536 2022-01-29] (Microsoft Windows Publisher → Microsoft Corporation)
S4 ucldr_battlegrounds_gl; C:\Program Files\Common Files\UNCHEATER\ucldr_battlegrounds_gl.exe [7152880 2022-01-30] (Wellbia.com Co., Ltd. → Wellbia.com Co., Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher → Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher → Microsoft Corporation)
S4 zksvc; C:\Program Files\Common Files\PUBG\zksvc.exe [8737992 2022-01-30] (PUBG CORPORATION → PUBG Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_ dispi.inf_amd64_015fa42d67826549\Display.NvContain er\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSyste m.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_ dispi.inf_amd64_015fa42d67826549\Display.NvContain er\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 cpuz150; C:\Windows\temp\cpuz150\cpuz150_x64.sys [44832 2022-01-30] (CPUID S.A.R.L.U. → CPUID)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. → Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [42256 2021-12-18] (AVB Disc Soft, SIA → Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [63696 2021-12-18] (AVB Disc Soft, SIA → Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [184464 2022-01-13] (ESET, spol. s r.o. → ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [122944 2022-01-13] (ESET, spol. s r.o. → ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [15824 2022-01-12] (Microsoft Windows Early Launch Anti-malware Publisher → ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [201976 2022-01-13] (ESET, spol. s r.o. → ESET)
R2 ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [43904 2022-01-13] (ESET, spol. s r.o. → ESET)
R1 epfw; C:\Windows\system32\DRIVERS\epfw.sys [69704 2022-01-13] (ESET, spol. s r.o. → ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [110560 2022-01-13] (ESET, spol. s r.o. → ESET)
R3 iaLPSS2_GPIO2_TGL; C:\Windows\System32\DriverStore\FileRepository\ial pss2_gpio2_tgl.inf_amd64_2546dafe2183e972\iaLPSS2_ GPIO2_TGL.sys [131224 2021-12-17] (Intel Corporation → Intel Corporation)
S3 IUFileFilter; G:\IObit Uninstaller\drivers\win10_amd64\IUFileFilter.sys [43896 2020-07-31] (IObit Information Technology → IObit)
S3 IUProcessFilter; G:\IObit Uninstaller\drivers\win10_amd64\IUProcessFilter.sy s [37112 2020-07-31] (IObit Information Technology → IObit)
S3 IURegistryFilter; G:\IObit Uninstaller\drivers\win10_amd64\IURegistryFilter.s ys [51128 2020-07-31] (IObit Information Technology → IObit)
S3 logi_joy_bus_enum; C:\Windows\system32\drivers\logi_joy_bus_enum.sys [37200 2021-12-19] (Logitech Inc → Logitech)
S3 logi_joy_xlcore; C:\Windows\system32\drivers\logi_joy_xlcore.sys [66896 2021-12-19] (Logitech Inc → Logitech)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [48552 2021-11-01] (Microsoft Windows Hardware Compatibility Publisher → NVIDIA Corporation)
R3 RTCore64; G:\MSI Afterburner\RTCore64.sys [36824 2020-07-13] (MICRO-STAR INTERNATIONAL CO., LTD. → )
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [30744 2017-03-09] (IObit Information Technology → IObit)
S3 tapprotonvpn; C:\Windows\System32\drivers\tapprotonvpn.sys [49024 2021-05-28] (Microsoft Windows Hardware Compatibility Publisher → The OpenVPN Project)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher → Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows → Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows → Microsoft Corporation)
S3 xhunter1; C:\Windows\xhunter1.sys [2522256 2022-01-30] (Wellbia.com Co., Ltd. → Wellbia.com Co., Ltd.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-02-02 23:13 - 2022-02-02 23:14 - 000018197 _____ C:\Users\Korisnik\Downloads\FRST.txt
2022-02-02 23:13 - 2022-02-02 23:13 - 000000000 ____D C:\FRST
2022-02-02 23:12 - 2022-02-02 23:13 - 002311680 _____ (Farbar) C:\Users\Korisnik\Downloads\FRST64.exe
2022-02-02 21:10 - 2022-02-02 21:10 - 000003108 _____ C:\Windows\system32\Tasks\MSIAfterburner
2022-02-02 14:39 - 2022-02-02 20:11 - 000000000 ____D C:\Users\Korisnik\AppData\Roaming\ZHP
2022-02-02 14:39 - 2022-02-02 20:09 - 000000000 ____D C:\Users\Korisnik\AppData\Local\ZHP
2022-02-01 23:39 - 2022-02-01 23:39 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3132303913-1656691581-3202241647-1003
2022-02-01 23:39 - 2022-02-01 23:39 - 000003392 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3132303913-1656691581-3202241647-1003
2022-02-01 23:39 - 2022-02-01 23:39 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2022-02-01 22:14 - 2022-02-01 22:14 - 000000483 _____ C:\Users\Public\Desktop\God of War.lnk
2022-02-01 22:12 - 2022-02-01 22:12 - 000001082 _____ C:\Users\Korisnik\Desktop\Rayman Origins.lnk
2022-02-01 22:10 - 2022-02-01 22:10 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2022-02-01 15:48 - 2022-02-01 15:48 - 000000000 ____D C:\Users\Korisnik\AppData\Local\ESET
2022-02-01 15:42 - 2022-02-01 15:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2022-02-01 15:42 - 2022-02-01 15:42 - 000000000 ____D C:\ProgramData\ESET
2022-02-01 15:42 - 2022-02-01 15:42 - 000000000 ____D C:\Program Files\ESET
2022-02-01 15:34 - 2022-02-01 15:34 - 000000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask .job
2022-01-31 23:13 - 2022-01-31 23:13 - 000032768 _____ C:\Users\Public\Documents\crash_dump.bin
2022-01-31 21:36 - 2022-01-31 21:36 - 000000911 _____ C:\Users\Public\Desktop\Wolfenstein Youngblood.lnk
2022-01-31 21:36 - 2022-01-31 21:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wolfenstein Youngblood
2022-01-31 20:04 - 2022-01-31 20:04 - 000000914 _____ C:\Users\Public\Desktop\Play Cyberpunk 2077.lnk
2022-01-31 20:04 - 2022-01-31 20:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cyberpunk 2077
2022-01-31 17:26 - 2022-01-31 17:26 - 000000000 ____D C:\Users\Korisnik\AppData\Local\FLiNGTrainer
2022-01-31 17:25 - 2021-08-20 01:28 - 001469440 _____ (3DMGAME) C:\Users\Korisnik\Desktop\Cyberpunk 2077 v1.03-v1.3 Plus 32 Trainer.exe
2022-01-30 22:58 - 2022-02-01 15:35 - 000691512 _____ C:\Windows\ntbtlog.txt
2022-01-30 22:00 - 2022-01-30 22:00 - 000000706 __RSH C:\ProgramData\ntuser.pol
2022-01-30 21:59 - 2022-01-30 21:59 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2022-01-30 19:00 - 2022-01-30 19:00 - 000164313 _____ C:\Windows\system32\sleepstudy-report.html
2022-01-30 18:45 - 2022-01-30 18:45 - 000003662 _____ C:\Windows\system32\Tasks\CreateExplorerShellUnele vatedTask
2022-01-30 00:12 - 2022-01-30 00:12 - 000000000 ___HD C:$WinREAgent
2022-01-29 23:56 - 2022-01-29 23:56 - 000223744 _____ C:\Windows\SysWOW64\TpmTool.exe
2022-01-29 23:56 - 2022-01-29 23:56 - 000011805 _____ C:\Windows\system32\DrtmAuthTxt.wim
2022-01-29 23:55 - 2022-01-29 23:55 - 000288768 _____ C:\Windows\system32\Windows.Management.InprocObjec ts.dll
2022-01-29 23:55 - 2022-01-29 23:55 - 000272384 _____ C:\Windows\system32\TpmTool.exe
2022-01-29 23:55 - 2022-01-29 23:55 - 000162816 _____ C:\Windows\system32\DataStoreCacheDumpTool.exe
2022-01-29 23:14 - 2022-01-29 23:14 - 000000000 ____D C:\Windows\Tasks\ImCleanDisabled
2022-01-29 00:24 - 2022-01-29 00:24 - 000000000 ____D C:\Users\Korisnik\AppData\Local\TslGame
2022-01-29 00:23 - 2022-01-29 00:23 - 000000000 ____D C:\Users\Korisnik\AppData\Local\BattlEye
2022-01-29 00:22 - 2022-01-30 23:58 - 000000000 ____D C:\Program Files\Common Files\PUBG
2022-01-29 00:22 - 2022-01-30 23:26 - 002522256 _____ (Wellbia.com Co., Ltd.) C:\Windows\xhunter1.sys
2022-01-29 00:22 - 2022-01-30 12:21 - 000000000 ____D C:\Users\Korisnik\AppData\Local\WELLBIA
2022-01-29 00:22 - 2022-01-29 00:22 - 000000000 ____D C:\Program Files\Common Files\UNCHEATER
2022-01-28 23:16 - 2022-01-28 23:16 - 000000202 _____ C:\Users\Korisnik\Desktop\PUBG BATTLEGROUNDS.url
2022-01-28 23:16 - 2022-01-28 23:16 - 000000000 ____D C:\Users\Korisnik\AppData\Roaming\Microsoft\Window s\Start Menu\Programs\Steam
2022-01-28 19:33 - 2022-01-29 23:22 - 000000000 ____D C:\Users\Korisnik\Documents\Shadow of the Tomb Raider
2022-01-28 19:33 - 2022-01-28 19:33 - 000000000 ____D C:\Users\Korisnik\AppData\Roaming\Eidos Montreal
2022-01-26 22:02 - 2022-01-26 22:19 - 000000000 ____D C:\Users\Korisnik\AppData\Local\Skyrim Special Edition
2022-01-26 19:41 - 2022-02-01 20:05 - 000000000 ____D C:\Users\Korisnik\AppData\Roaming\Vortex
2022-01-26 17:45 - 2022-01-26 17:45 - 000000000 ____D C:\Users\Korisnik\AppData\Roaming\Goldberg SocialClub Emu Saves
2022-01-26 12:28 - 2022-01-26 12:28 - 000000457 _____ C:\Users\Public\Desktop\Play Max Payne 3.lnk
2022-01-26 12:28 - 2022-01-26 12:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Max Payne 3
2022-01-26 12:27 - 2022-01-26 19:41 - 000000000 ____D C:\Users\Korisnik\AppData\Local\Skyrim
2022-01-25 22:26 - 2022-01-25 22:26 - 000002459 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2022-01-25 22:26 - 2022-01-25 22:26 - 000002458 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2022-01-25 22:26 - 2022-01-25 22:26 - 000002421 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2022-01-25 22:26 - 2022-01-25 22:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2022-01-25 22:26 - 2022-01-25 22:26 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2022-01-25 22:24 - 2022-01-25 22:26 - 000000000 ____D C:\Program Files\Microsoft Office
2022-01-25 22:24 - 2022-01-25 22:24 - 000000000 ____D C:\Program Files\Microsoft Office 15
2022-01-25 16:11 - 2022-02-02 21:10 - 103546880 _____ C:\Windows\system32\config\SOFTWARE
2022-01-25 16:11 - 2022-02-02 21:10 - 000786432 _____ C:\Windows\system32\config\DEFAULT
2022-01-25 16:11 - 2022-02-02 21:10 - 000049152 _____ C:\Windows\system32\config\SAM
2022-01-25 16:11 - 2022-02-02 21:10 - 000045056 _____ C:\Windows\system32\config\SECURITY
2022-01-25 16:11 - 2022-01-25 16:11 - 103448576 _____ C:\Windows\system32\config\SOFTWARE.iodefrag.bak
2022-01-25 16:11 - 2022-01-25 16:11 - 002428928 _____ C:\Windows\system32\config\DEFAULT.iodefrag.bak
2022-01-25 16:11 - 2022-01-25 16:11 - 000049152 _____ C:\Windows\system32\config\SAM.iodefrag.bak
2022-01-25 16:11 - 2022-01-25 16:11 - 000045056 _____ C:\Windows\system32\config\SECURITY.iodefrag.bak
2022-01-25 09:34 - 2019-09-12 09:59 - 000178960 _____ (IObit) C:\Windows\system32\IObitSmartDefragExtension.dll
2022-01-25 09:34 - 2017-03-09 13:53 - 000030744 _____ (IObit) C:\Windows\system32\Drivers\SmartDefragDriver.sys
2022-01-25 01:20 - 2022-01-25 01:20 - 103448576 _____ C:\Windows\system32\config\SOFTWARE.iobit
2022-01-25 01:20 - 2022-01-25 01:20 - 002428928 _____ C:\Windows\system32\config\DEFAULT.iobit
2022-01-25 01:20 - 2022-01-25 01:20 - 000049152 _____ C:\Windows\system32\config\SAM.iobit
2022-01-25 01:20 - 2022-01-25 01:20 - 000045056 _____ C:\Windows\system32\config\SECURITY.iobit
2022-01-25 00:53 - 2022-01-25 00:53 - 000002089 _____ C:\Windows\system32\ooshutup10.cfg
2022-01-25 00:53 - 2022-01-25 00:53 - 000000000 ____D C:\Users\Korisnik\AppData\Local\OO Software
2022-01-25 00:32 - 2022-01-25 00:32 - 000000000 ____D C:\Temp
2022-01-24 22:26 - 2022-01-24 22:26 - 000000000 ____D C:\Users\Korisnik\AppData\Local\O&O_Software_GmbH
2022-01-24 22:26 - 2022-01-24 22:26 - 000000000 ____D C:\Users\Korisnik\AppData\Local\O&O
2022-01-24 22:25 - 2022-01-24 22:27 - 000000000 ____D C:\Windows\system32\oodag
2022-01-24 22:25 - 2022-01-24 22:25 - 000000000 ____D C:\ProgramData\OO Software
2022-01-24 15:41 - 2022-01-24 15:40 - 000192736 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2022-01-24 15:26 - 2022-01-24 15:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2022-01-24 15:12 - 2022-01-24 15:12 - 000000000 ____D C:\Windows\pss
2022-01-23 20:50 - 2022-01-23 20:50 - 000000000 ____D C:\Windows\system32\Tasks\Agent Activation Runtime
2022-01-23 01:36 - 2022-01-23 01:36 - 000040763 _____ C:\Windows\system32\energy-report.html
2022-01-22 23:51 - 2022-01-28 00:31 - 000000000 ____D C:\Users\Korisnik\Documents\The Witcher 3
2022-01-22 19:23 - 2022-01-22 19:23 - 000001016 _____ C:\Users\Korisnik\Desktop\The Witcher 3 Wild Hunt.lnk
2022-01-22 19:23 - 2022-01-22 19:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\by.xatab
2022-01-22 18:37 - 2022-01-11 00:54 - 000118952 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2022-01-22 18:37 - 2022-01-11 00:54 - 000039080 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhdap64.dll
2022-01-22 18:36 - 2022-01-11 13:28 - 001879784 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2022-01-22 18:36 - 2022-01-11 13:28 - 001879784 _____ C:\Windows\system32\vulkaninfo.exe
2022-01-22 18:36 - 2022-01-11 13:28 - 001467872 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2022-01-22 18:36 - 2022-01-11 13:28 - 001454824 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-01-22 18:36 - 2022-01-11 13:28 - 001454824 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2022-01-22 18:36 - 2022-01-11 13:28 - 001206400 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2022-01-22 18:36 - 2022-01-11 13:28 - 001115368 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2022-01-22 18:36 - 2022-01-11 13:28 - 001115368 _____ C:\Windows\system32\vulkan-1.dll
2022-01-22 18:36 - 2022-01-11 13:28 - 000969448 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2022-01-22 18:36 - 2022-01-11 13:28 - 000969448 _____ C:\Windows\SysWOW64\vulkan-1.dll
2022-01-22 18:36 - 2022-01-11 13:25 - 001529512 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2022-01-22 18:36 - 2022-01-11 13:25 - 001179096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2022-01-22 18:36 - 2022-01-11 13:25 - 000797096 _____ C:\Windows\system32\nvofapi64.dll
2022-01-22 18:36 - 2022-01-11 13:25 - 000710824 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe
2022-01-22 18:36 - 2022-01-11 13:25 - 000710776 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll
2022-01-22 18:36 - 2022-01-11 13:25 - 000637864 _____ C:\Windows\SysWOW64\nvofapi.dll
2022-01-22 18:36 - 2022-01-11 13:24 - 002119792 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2022-01-22 18:36 - 2022-01-11 13:24 - 001601144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2022-01-22 18:36 - 2022-01-11 13:24 - 000983208 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2022-01-22 18:36 - 2022-01-11 13:24 - 000792688 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2022-01-22 18:36 - 2022-01-11 13:24 - 000455792 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe
2022-01-22 18:36 - 2022-01-11 13:23 - 008609920 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2022-01-22 18:36 - 2022-01-11 13:23 - 007713392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2022-01-22 18:36 - 2022-01-11 13:23 - 005734568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2022-01-22 18:36 - 2022-01-11 13:23 - 005099176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2022-01-22 18:36 - 2022-01-11 13:23 - 002934696 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2022-01-22 18:36 - 2022-01-11 13:22 - 000850088 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe
2022-01-22 18:36 - 2022-01-11 13:21 - 007610232 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2022-01-22 18:36 - 2022-01-11 13:21 - 006455824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2022-01-22 18:36 - 2022-01-11 00:54 - 000089178 _____ C:\Windows\system32\nvinfo.pb
2022-01-20 13:17 - 2022-01-20 13:17 - 000000146 _____ C:\Users\Korisnik.packettracer
2022-01-20 13:17 - 2022-01-20 13:17 - 000000000 ____D C:\Users\Korisnik\AppData\Local\PacketTracer
2022-01-18 10:54 - 2022-01-18 11:01 - 000000000 ____D C:\Users\Korisnik\Documents\Zoom
2022-01-18 10:06 - 2022-01-18 10:06 - 000000000 ____D C:\Users\Korisnik\AppData\Roaming\Zoom
2022-01-18 10:06 - 2022-01-18 10:06 - 000000000 ____D C:\Users\Korisnik\AppData\Roaming\Microsoft\Window s\Start Menu\Programs\Zoom
2022-01-17 17:39 - 2022-01-25 01:11 - 000000000 ____D C:\Program Files (x86)\Proton Technologies
2022-01-17 17:39 - 2022-01-17 17:39 - 000029680 _____ (WireGuard LLC) C:\Windows\system32\Drivers\wintun.sys
2022-01-17 17:39 - 2022-01-17 17:39 - 000000000 ____D C:\Users\Korisnik\AppData\Local\ToastNotificationM anagerCompat
2022-01-17 17:09 - 2022-01-17 17:09 - 000000805 _____ C:\Users\Public\Desktop\Sniper Ghost Warrior Contracts 2.lnk
2022-01-17 09:10 - 2022-01-17 09:10 - 000000000 ____D C:\Users\Korisnik\Documents\Custom Office Templates
2022-01-15 13:12 - 2022-01-15 13:12 - 000000000 ____D C:\Users\Korisnik\AppData\Roaming\FLT
2022-01-14 16:33 - 2022-01-14 16:33 - 000523776 _____ (curl, hxxps://curl.se/) C:\Windows\system32\curl.exe
2022-01-14 16:33 - 2022-01-14 16:33 - 000464384 _____ (curl, hxxps://curl.se/) C:\Windows\SysWOW64\curl.exe
2022-01-13 13:48 - 2022-01-13 13:48 - 000201976 _____ (ESET) C:\Windows\system32\Drivers\ehdrv.sys
2022-01-13 13:48 - 2022-01-13 13:48 - 000184464 _____ (ESET) C:\Windows\system32\Drivers\eamonm.sys
2022-01-13 13:48 - 2022-01-13 13:48 - 000122944 _____ (ESET) C:\Windows\system32\Drivers\edevmon.sys
2022-01-13 13:48 - 2022-01-13 13:48 - 000110560 _____ (ESET) C:\Windows\system32\Drivers\epfwwfp.sys
2022-01-13 13:48 - 2022-01-13 13:48 - 000069704 _____ (ESET) C:\Windows\system32\Drivers\epfw.sys
2022-01-13 13:48 - 2022-01-13 13:48 - 000043904 _____ (ESET) C:\Windows\system32\Drivers\ekbdflt.sys
2022-01-12 11:57 - 2022-01-12 11:57 - 001159216 _____ (Realtek ) C:\Windows\system32\Drivers\rt640x64.sys
2022-01-12 10:35 - 2022-01-12 10:35 - 000015824 _____ (ESET) C:\Windows\system32\Drivers\eelam.sys
2022-01-07 14:26 - 2022-01-07 14:39 - 000000000 ____D C:\Users\Korisnik\AppData\Local\Aiseesoft Studio
2022-01-07 14:26 - 2022-01-07 14:26 - 000000000 ____D C:\Users\Korisnik.android
2022-01-05 00:30 - 2022-01-05 00:30 - 000028672 _____ C:\Users\Korisnik\AppData\Roaming\crash.bin
2022-01-04 13:56 - 2022-01-04 13:57 - 000000000 ____D C:\Users\Korisnik\AppData\Roaming\Goldberg SteamEmu Saves
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-02-02 23:02 - 2021-12-18 12:40 - 000000000 ____D C:\Users\Korisnik\AppData\Roaming\qBittorrent
2022-02-02 21:17 - 2021-09-20 19:25 - 000840598 _____ C:\Windows\system32\PerfStringBackup.INI
2022-02-02 21:17 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2022-02-02 21:12 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-02-02 21:10 - 2021-12-12 11:41 - 000000000 ____D C:\ProgramData\NVIDIA
2022-02-02 21:10 - 2021-09-21 04:15 - 000008192 ___SH C:\DumpStack.log.tmp
2022-02-02 21:10 - 2021-09-21 04:15 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-02-02 21:10 - 2019-12-07 10:03 - 000524288 _____ C:\Windows\system32\config\BBI
2022-02-02 20:32 - 2021-12-18 12:35 - 000000000 ____D C:\Users\Korisnik\Desktop\Alati
2022-02-02 14:53 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2022-02-02 00:02 - 2021-12-12 11:32 - 000000000 ____D C:\Users\Korisnik\AppData\Local\PlaceholderTileLog oFolder
2022-02-01 23:50 - 2021-12-12 11:30 - 000000000 ____D C:\Users\Korisnik\AppData\Local\D3DSCache
2022-02-01 23:48 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\Registration
2022-02-01 23:37 - 2021-09-20 19:20 - 000000000 __RHD C:\Users\Public\AccountPictures
2022-02-01 23:37 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2022-02-01 22:20 - 2021-12-19 18:55 - 000000000 ____D C:\Users\Korisnik\Documents\My Games
2022-02-01 22:06 - 2021-12-13 23:57 - 000000000 ____D C:\Users\Korisnik\Desktop\Arijan
2022-02-01 15:42 - 2019-12-07 10:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2022-02-01 15:23 - 2021-12-12 12:54 - 000002498 _____ C:\Windows\system32\Tasks\Uninstaller_SkipUac_Kori snik
2022-01-31 22:46 - 2021-12-12 11:33 - 000000000 ____D C:\Program Files (x86)\Google
2022-01-31 22:10 - 2021-12-12 11:30 - 000000000 __D C:\Users\Korisnik\AppData\Local\Packages
2022-01-31 21:36 - 2021-12-12 11:27 - 000004116 _____ C:\Windows\system32\Tasks\Online_KMS_Activation_Sc ript-Renewal
2022-01-31 21:29 - 2021-12-17 01:48 - 000003212 _____ C:\Windows\system32\Tasks\NVIDIA GeForce Experience SelfUpdate{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-01-31 21:28 - 2021-12-17 01:48 - 000003458 _____ C:\Windows\system32\Tasks\NvDriverUpdateCheckDaily{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-01-31 19:03 - 2021-12-16 17:19 - 000000000 ____D C:\Users\Korisnik\AppData\Local\CrashDumps
2022-01-31 18:36 - 2021-12-18 12:21 - 000000000 ____D C:\Program Files (x86)\IObit
2022-01-30 18:52 - 2021-12-17 01:18 - 000007601 _____ C:\Users\Korisnik\AppData\Local\Resmon.ResmonCfg
2022-01-30 18:45 - 2021-12-12 11:35 - 000000000 ____D C:\Users\Korisnik\AppData\LocalLow\IObit
2022-01-30 18:45 - 2021-12-12 11:34 - 000000000 ____D C:\Users\Korisnik\AppData\Roaming\IObit
2022-01-30 18:45 - 2021-12-12 11:34 - 000000000 ____D C:\ProgramData\IObit
2022-01-30 15:49 - 2021-12-12 11:29 - 000000000 ____D C:\Users\Korisnik
2022-01-30 00:29 - 2021-09-21 04:15 - 000440696 _____ C:\Windows\system32\FNTCACHE.DAT
2022-01-30 00:28 - 2019-12-07 10:52 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-01-30 00:28 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2022-01-30 00:28 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2022-01-30 00:28 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\et-EE
2022-01-30 00:28 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\es-MX
2022-01-30 00:28 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Dism
2022-01-30 00:28 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\appraiser
2022-01-30 00:28 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ShellExperiences
2022-01-30 00:28 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2022-01-30 00:28 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2022-01-30 00:16 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2022-01-29 23:55 - 2021-09-20 19:18 - 002877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2022-01-29 23:31 - 2021-12-12 11:36 - 000000000 ____D C:\ProgramData\ProductData
2022-01-29 23:22 - 2021-12-13 23:47 - 000000000 ____D C:\Users\Korisnik\AppData\Local\Discord
2022-01-29 23:16 - 2021-12-18 00:28 - 000000000 ____D C:\Users\Korisnik\AppData\Local\Razer
2022-01-29 23:16 - 2021-12-18 00:28 - 000000000 ____D C:\ProgramData\Razer
2022-01-29 23:16 - 2021-12-18 00:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2022-01-29 11:04 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-01-29 00:24 - 2021-12-18 12:42 - 000000000 ____D C:\Users\Korisnik\AppData\Local\UnrealEngine
2022-01-29 00:22 - 2021-12-12 19:50 - 000000000 ____D C:\ProgramData\Package Cache
2022-01-28 19:34 - 2021-12-31 12:12 - 000000000 ____D C:\Users\Korisnik\AppData\Local\Epic Games
2022-01-26 17:45 - 2021-12-12 12:22 - 000000000 ____D C:\Users\Korisnik\Documents\Rockstar Games
2022-01-25 22:26 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2022-01-25 01:10 - 2021-12-13 12:00 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2022-01-24 22:28 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\LiveKernelReports
2022-01-24 15:41 - 2021-12-15 22:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2022-01-24 15:41 - 2021-12-12 14:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2022-01-24 15:40 - 2021-12-12 14:12 - 000000000 ____D C:\Program Files\Java
2022-01-24 15:31 - 2021-12-12 11:33 - 000002319 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-01-24 15:31 - 2021-12-12 11:33 - 000002278 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-01-24 15:26 - 2021-12-12 11:33 - 000003408 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineU A
2022-01-24 15:26 - 2021-12-12 11:33 - 000003184 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineC ore
2022-01-22 19:23 - 2021-12-12 12:26 - 000000000 ____D C:\Windows\SysWOW64\directx
2022-01-22 18:38 - 2021-12-12 12:02 - 000000000 ____D C:\Users\Korisnik\AppData\Local\NVIDIA
2022-01-21 22:35 - 2021-12-13 23:47 - 000000000 ____D C:\Users\Korisnik\AppData\Local\SquirrelTemp
2022-01-21 00:51 - 2021-12-13 23:47 - 000000000 ____D C:\Users\Korisnik\AppData\Roaming\discord
2022-01-20 13:17 - 2021-12-16 22:52 - 000000000 ____D C:\Users\Korisnik\AppData\Local\cache
2022-01-19 21:38 - 2021-09-21 04:15 - 000000000 ____D C:\Windows\system32\SleepStudy
2022-01-14 17:06 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2022-01-14 17:06 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\setup
2022-01-14 17:06 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
2022-01-14 16:29 - 2021-12-17 01:30 - 000000000 ____D C:\Windows\system32\MRT
2022-01-14 16:27 - 2021-12-17 01:30 - 145765912 _C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2022-01-12 11:47 - 2021-12-12 11:59 - 000003840 _____ C:\Windows\system32\Tasks\Intel PTT EK Recertification
2022-01-03 10:37 - 2021-12-17 01:48 - 000003008 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport3{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-01-03 10:37 - 2021-12-17 01:48 - 000003008 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport2{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-01-03 10:37 - 2021-12-17 01:48 - 000003008 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport1{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
==================== Files in the root of some directories ========
2022-01-05 00:30 - 2022-01-05 00:30 - 000028672 _____ () C:\Users\Korisnik\AppData\Roaming\crash.bin
2021-05-07 09:37 - 2021-05-07 09:39 - 000012288 _____ () C:\Users\Korisnik\AppData\Roaming\emp.bin
2021-12-17 01:18 - 2022-01-30 18:52 - 000007601 _____ () C:\Users\Korisnik\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================Comment
-
Download attached fixlist.txt file and save it to the Desktop. NOTE. It’s important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work. NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system. Run FRST/FRST64 and press the Fix button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run. When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.
Seems windows defender is still running, use this tool to disable it,
Comment
-
Here is the fixlog.
Btw I really appreciate you taking your time to write thisComment
-
I can’t disable the windows defender, the program starts and shows something among the lines : “The IT admin has limited acces…” I have tried adding an exclusion but can’t since ESET manages that. Should I be disabling the windows defender? The PC slept fine with it before.
[ATTACH type=“full”]8917[/ATTACH]Comment
-
I see that Bittorrent is running on the machine, I’d uninstall that to see if it is preventing the machine from sleeping. You can use the tool I sent you to disable windows defender. There is no need to have two antivirus running, ESET can more than handle the antivirus needs of your machine, as a general rule, only one antivirus per machine.
ZHP Scan.
Please download Zhp Cleaner to your desktop. Right Click the icon and select run as administrator.- Once you have started the program, you will need to click the scanner button.
The program will close all open browsers! - Once the scan is completed, the you will want to click the Repair button.
At the end of the process you may be asked to reboot your machine. After you reboot a report will open on your desktop.
Copy and paste the report here in your next reply.Comment
- Once you have started the program, you will need to click the scanner button.
-
Also, please attach new FRST and Additon.txt logs when you have uninstalled bittorrent and ran the ZHP clean tool please. As well let me know if uninstalling the torrent software has allowed the machine to sleep.Comment
-
I have uninstalled the qBittorrent and run the fix. The ZHP Cleaner showed some error at the end of a scan the first time so I ran it a second time. I will attach both logs.The pc still doesn’t sleep after uninstalling torrent.
My windows defender is disabled automatically (replaced with ESET)Comment
Comment