Go Back   Tech Support Forum > Security Center > Virus/Trojan/Spyware Help

User Tag List

RAT removal, 2nd attempt

This is a discussion on RAT removal, 2nd attempt within the Virus/Trojan/Spyware Help forums, part of the Tech Support Forum category. So, I need help getting rid of some really stubborn malware. The last time I tried this, the technician told


Like Tree1Likes
  • 1 Post By rocket.master
Reply
 
Thread Tools Search this Thread
Old 05-12-2020, 09:17 AM   #1
Registered Member
 
Join Date: Jul 2018
Posts: 18
OS:



So, I need help getting rid of some really stubborn malware. The last time I tried this, the technician told me I was running an obsolete OS. I hope everything is fine now.
rocket.master is offline   Reply With Quote
Sponsored Links
Advertisement
 
Old 05-12-2020, 12:27 PM   #2
Moderator, Editor, Articles Team
 
Deejay100six's Avatar
 
Join Date: Nov 2007
Location: Doncaster, Great Britain
Posts: 11,788
OS: Windows 7 Professional SP1

My System


Quote:
Originally Posted by rocket.master View Post
I hope everything is fine now.
Well, we wouldn't know because you forgot to follow the posting instructions again!
__________________
Regards, Dave.


Submit New Articles Here

Help us to help you by posting your System Specs
Deejay100six is offline   Reply With Quote
Old 05-12-2020, 12:32 PM   #3
Registered Member
 
Join Date: Jul 2018
Posts: 18
OS:



I did follow them.
rocket.master is offline   Reply With Quote
Sponsored Links
Advertisement
 
Old 05-12-2020, 12:38 PM   #4
Moderator, Editor, Articles Team
 
Deejay100six's Avatar
 
Join Date: Nov 2007
Location: Doncaster, Great Britain
Posts: 11,788
OS: Windows 7 Professional SP1

My System


No, you need to run the FRST app again so we can see what operating system you have installed this time.
__________________
Regards, Dave.


Submit New Articles Here

Help us to help you by posting your System Specs
Deejay100six is offline   Reply With Quote
Old 05-12-2020, 12:38 PM   #5
Registered Member
 
Join Date: Jul 2018
Posts: 18
OS:



Got it.
Deejay100six likes this.
rocket.master is offline   Reply With Quote
Old 05-12-2020, 12:46 PM   #6
Registered Member
 
Join Date: Jul 2018
Posts: 18
OS:



Okay, so here are my files:

https://drive.google.com/open?id=1Rt...8iueqAmf853P_Q

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-05-

2020
Ran by Ivan (administrator) on DESKTOP-EBUI53R (MICRO-STAR INTERNATIONAL

CO.,LTD MS-7599) (12-05-2020 21:40:47)
Running from C:\Users\Ivan\Desktop\FRST
Loaded Profiles: Ivan
Platform: Windows 10 Enterprise LTSC 2019 Version 1809 17763.1158 (X64)

Language: English (United States)
Default browser: "D:\Programs\Slimjet\slimjet.exe" -- "%1"
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:

FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The

file will not be moved.)

() [File not signed] D:\Programs\Notewhal\notewhal.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore

\FileRepository\u0346830.inf_amd64_35731e557194973d\B345901\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore

\FileRepository\u0346830.inf_amd64_35731e557194973d\B345901\atiesrxx.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast

Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast

Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast

Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast

Software\Avast\AvastUI.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast

Software\Avast\wsc_proxy.exe
(Discord Inc. -> Discord Inc.) C:\Users\Ivan\AppData\Local\Discord\app-

0.0.306\Discord.exe <6>
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games

\Launcher\Engine\Binaries\Win64\UnrealCEFSubProcess.exe
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games

\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(FlashPeak Inc. -> FlashPeak Inc.) D:\Programs\Slimjet\slimjet.exe <25>
(Ghisler Software GmbH -> Ghisler Software GmbH) D:\PortableApps

\TotalCommanderPortable\App\TotalCommander\TOTALCMD64.EXE
(London Jamocha Community CIC -> AdoptOpenJDK) C:\Program Files

(x86)\XDM\java-runtime\bin\javaw.exe
(Malwarebytes Corporation -> Malwarebytes Corporation) C:\Program Files

(x86)\Malwarebytes Anti-Malware\mbam.exe
(Malwarebytes Corporation -> Malwarebytes Corporation) C:\Program Files

(x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation -> Malwarebytes Corporation) C:\Program Files

(x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows

\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows

\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows

\System32\smartscreen.exe
(My Portable Software) [File not signed] D:\Programs\Free Clipboard

Manager\Free_Clipboard_Manager.exe
(OORT inc. -> oh!soft) C:\Program Files (x86)\oCam\oCamTask.exe
(PortableAppZ.blogspot.com) [File not signed] D:\PortableApps

\TotalCommanderPortable\TotalCommanderPortable.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files

\Realtek\Audio\HDA\RAVCpl64.exe
(Reason Software Company Inc. -> Reason Software Company Inc.) C:

\Program Files (x86)\Unchecky\bin\unchecky_bg.exe
(Reason Software Company Inc. -> Reason Software Company Inc.) C:

\Program Files (x86)\Unchecky\bin\unchecky_svc.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam

\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef

\cef.win7\steamwebhelper.exe <7>
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be

restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast

\AvLaunch.exe [108728 2020-05-09] (Avast Software s.r.o. -> AVAST

Software)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA

\RAVCpl64.exe [16781824 2017-01-11] (Realtek Semiconductor Corp. ->

Realtek Semiconductor)
HKLM-x32\...\Run: [Discord] => C:\ProgramData\SquirrelMachineInstalls

\Discord.exe [61370712 2020-02-03] (Discord Inc. -> Discord Inc.)
HKLM-x32\...\Run: [SsAAD.exe] => C:\Program Files (x86)\Sony\SonicStage

\SSAAD.exe [81920 2006-01-07] () [File not signed]
HKLM\...\Policies\Explorer: [NoRecentDocsNetHood] 0
HKU\S-1-5-21-96347536-3266256487-1710946608-1001\...\Run: [XDM] => "C:

\Program Files (x86)\XDM\java-runtime\bin\javaw.exe" -Xmx1024m -jar "C:

\Program Files (x86)\XDM\xdman.jar" -m
HKU\S-1-5-21-96347536-3266256487-1710946608-1001\...\Run: [Free

Clipboard Manager] => D:\Programs\Free Clipboard Manager

\Free_Clipboard_Manager.exe [336384 2020-05-06] (My Portable Software)

[File not signed]
HKU\S-1-5-21-96347536-3266256487-1710946608-1001\...\Run: [Discord] =>

C:\Users\Ivan\AppData\Local\Discord\app-0.0.306\Discord.exe [90950968

2020-02-24] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-96347536-3266256487-1710946608-1001\...\Run: [Steam] => C:

\Program Files (x86)\Steam\steam.exe [3372832 2020-04-28] (Valve ->

Valve Corporation)
HKU\S-1-5-21-96347536-3266256487-1710946608-1001\...\Run:

[EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher

\Portal\Binaries\Win64\EpicGamesLauncher.exe [31757200 2020-05-10] (Epic

Games Inc. -> Epic Games, Inc.)
Startup: C:\Users\Ivan\AppData\Roaming\Microsoft\Windows\Start Menu

\Programs\Startup\notewhal.lnk [2020-01-27]
ShortcutTarget: notewhal.lnk -> D:\Programs\Notewhal\notewhal.exe ()

[File not signed]
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the

registry. The file will not be moved unless listed separately.)

Task: {54EEB6E7-B170-4811-9154-18318FC1CCE0} - System32\Tasks\oCamTask

=> C:\Program Files (x86)\oCam\oCamTask.exe [148816 2019-09-06] (OORT

inc. -> oh!soft)
Task: {6FFDE743-1A1D-4D0D-A63D-67061359036A} - System32\Tasks\Avast

Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe

[3339472 2020-05-09] (Avast Software s.r.o. -> AVAST Software)
Task: {80660C59-1C02-4CFC-8B36-DE93674AFFB9} - System32\Tasks\Avast

Software\Overseer => C:\Program Files\Common Files\Avast Software

\Overseer\overseer.exe [1660520 2020-05-09] (Avast Software s.r.o. ->

Avast Software)
Task: {BD6DD155-44D4-4C17-9434-773F0AE49599} - System32\Tasks\Microsoft

\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-

47F3-9CC9-12C3F05817F1}

(If an entry is included in the fixlist, the task (.job) file will be

moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will

be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of

Addition.txt
Tcpip\Parameters: [DhcpNameServer] 89.216.1.30 89.216.1.50
Tcpip\..\Interfaces\{ccf75aae-87ff-4d81-a477-1aa8c9d6637d}:

[DhcpNameServer] 89.216.1.30 89.216.1.50

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer

\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer

\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =

FireFox:
========
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program

Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31]

(Microsoft Corporation -> Microsoft Corporation)

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the

registry. The file will not be moved unless listed separately.)

R2 AMD External Events Utility; C:\Windows\System32\DriverStore

\FileRepository\u0346830.inf_amd64_35731e557194973d\B345901\atiesrxx.exe

[508000 2019-09-18] (Advanced Micro Devices, Inc. -> AMD)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe

[6350752 2020-05-09] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe

[348968 2020-05-09] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe

[58048 2020-05-09] (Avast Software s.r.o. -> AVAST Software)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware

\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation ->

Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware

\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation ->

Malwarebytes Corporation)
S3 MSCSPTISRV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib

\MSCSPTISRV.exe [53337 2005-11-24] (Sony Corporation) [File not signed]
S3 PACSPTISVR; C:\Program Files (x86)\Common Files\Sony Shared\AVLib

\PACSPTISVR.exe [53337 2005-11-24] (Sony Corporation) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection

\MsSense.exe [5897960 2020-05-09] (Microsoft Windows Publisher ->

Microsoft Corporation)
S3 SPTISRV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib

\SPTISRV.exe [69718 2005-11-24] (Sony Corporation) [File not signed]
S3 SSScsiSV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib

\SSScsiSV.exe [69632 2006-01-06] (Sony Corporation) [File not signed]
R2 Unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe

[297240 2020-05-09] (Reason Software Company Inc. -> Reason Software

Company Inc.)
S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [744968 2020

-04-09] (Oracle Corporation -> Oracle Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3831576 2020

-03-29] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [110944

2018-09-15] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the

registry. The file will not be moved unless listed separately.)

R3 amdkmdag; C:\Windows\System32\DriverStore\FileRepository

\u0346830.inf_amd64_35731e557194973d\B345901\atikmdag.sys [55249504

2019-09-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices,

Inc.)
R3 amdkmdap; C:\Windows\System32\DriverStore\FileRepository

\u0346830.inf_amd64_35731e557194973d\B345901\atikmpag.sys [595040 2019-

09-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37136 2020-05-

09] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [205880 2020-05-

09] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [234560

2020-05-09] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [178760 2020-05-

09] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [60480 2020-05-09]

(Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\Windows\System32\drivers\aswElam.sys [16304 2020-05-09]

(Microsoft Windows Early Launch Anti-malware Publisher -> AVAST

Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42784 2020-05-09]

(Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [175704 2020-05

-09] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [109272 2020-05-09]

(Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84856 2020-05-09]

(Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [851592 2020-05-09]

(Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [460992 2020-05-09]

(Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [235488 2020-05-09]

(Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [319120 2020-05-09]

(Avast Software s.r.o. -> AVAST Software)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [111112

2017-11-17] (Microsoft Windows Hardware Compatibility Publisher ->

Advanced Micro Devices)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-

12] (Malwarebytes Corporation -> Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584

2020-05-12] (Malwarebytes Corporation -> Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216

2014-05-12] (Malwarebytes Corporation -> Malwarebytes Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [711968 2019-06-

04] (Realtek Semiconductor Corp. -> Realtek )
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46584 2018-09-15]

(Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft

Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [340008 2018-09-

15] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [61992 2018-09-15]

(Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the

registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-05-12 21:40 - 2020-05-12 21:41 - 000000000 ____D C:\FRST
2020-05-12 21:40 - 2020-05-12 21:40 - 000000000 ____D C:\Users\Ivan

\Desktop\FRST
2020-05-12 19:16 - 2020-05-12 19:16 - 000000000 ____D C:\Users\Ivan

\AppData\Local\CrashDumps
2020-05-12 18:43 - 2020-05-12 18:43 - 000001372 _____ C:\Users\Ivan

\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows XP

SP3.lnk
2020-05-12 17:06 - 2020-05-12 17:06 - 000000000 ____D C:\ProgramData

\SonicStage
2020-05-12 17:05 - 2001-08-31 15:07 - 000027255 ____N (Sony Corporation)

C:\Windows\SysWOW64\Drivers\NWWMUSB.sys
2020-05-12 17:04 - 2020-05-12 17:05 - 000000000 ____D C:\ProgramData

\Microsoft\Windows\Start Menu\Programs\SonicStage
2020-05-12 17:04 - 2020-05-12 17:05 - 000000000 ____D C:\Program Files

(x86)\Sony
2020-05-12 17:04 - 2020-05-12 17:04 - 000000000 ____D C:\ProgramData

\Sony Corporation
2020-05-12 17:04 - 2005-10-31 10:46 - 000036679 ____N (Sony Corporation)

C:\Windows\SysWOW64\Drivers\NETMD052.sys
2020-05-12 17:04 - 2005-10-11 21:46 - 000598016 _____ (Gracenote

(formerly CDDB, Inc.)) C:\Windows\SysWOW64\CDDBControlSony.dll
2020-05-12 17:04 - 2005-09-08 10:22 - 000765952 _____ (Gracenote) C:

\Windows\SysWOW64\CDDBUISony.dll
2020-05-12 17:04 - 2005-09-08 10:21 - 000073728 _____ (Gracenote) C:

\Windows\SysWOW64\CddbLinkSony.dll
2020-05-12 17:04 - 2005-09-08 10:09 - 000565248 _____ (Gracenote) C:

\Windows\SysWOW64\CddbMusicIDSony.dll
2020-05-12 17:04 - 2003-11-10 12:31 - 000036232 ____N (Sony Corporation)

C:\Windows\SysWOW64\Drivers\NETMD033.sys
2020-05-12 17:04 - 2003-04-01 18:55 - 000035319 ____N (Sony Corporation)

C:\Windows\SysWOW64\Drivers\NETMD031.sys
2020-05-12 17:04 - 2002-08-08 15:51 - 000038951 ____N (Sony Corporation)

C:\Windows\SysWOW64\Drivers\NETMDUSB.sys
2020-05-12 17:03 - 2020-05-12 17:07 - 000000000 ____D C:\Users\Ivan

\AppData\Roaming\Sony Corporation
2020-05-12 14:19 - 2020-05-12 20:19 - 000122584 _____ (Malwarebytes

Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2020-05-12 14:19 - 2020-05-12 14:19 - 000000000 ____D C:\ProgramData

\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2020-05-12 14:19 - 2020-05-12 14:19 - 000000000 ____D C:\ProgramData

\Malwarebytes
2020-05-12 14:19 - 2020-05-12 14:19 - 000000000 ____D C:\Program Files

(x86)\Malwarebytes Anti-Malware
2020-05-12 14:19 - 2014-05-12 07:26 - 000091352 _____ (Malwarebytes

Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2020-05-12 14:19 - 2014-05-12 07:26 - 000064216 _____ (Malwarebytes

Corporation) C:\Windows\system32\Drivers\mwac.sys
2020-05-12 14:19 - 2014-05-12 07:25 - 000025816 _____ (Malwarebytes

Corporation) C:\Windows\system32\Drivers\mbam.sys
2020-05-10 20:36 - 2020-05-10 20:36 - 000000000 ____D C:\Users\Ivan

\AppData\Local\PeerDistRepub
2020-05-10 08:29 - 2020-05-10 08:30 - 000000000 ____D C:\Users\Ivan

\AppData\Roaming\Scirra
2020-05-10 08:29 - 2010-06-02 04:55 - 000239960 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2020-05-10 08:29 - 2010-06-02 04:55 - 000176984 _____ (Microsoft

Corporation) C:\Windows\system32\xactengine3_7.dll
2020-05-10 08:29 - 2010-02-04 10:01 - 000530776 _____ (Microsoft

Corporation) C:\Windows\system32\XAudio2_6.dll
2020-05-10 08:29 - 2010-02-04 10:01 - 000528216 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2020-05-10 08:29 - 2010-02-04 10:01 - 000238936 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2020-05-10 08:29 - 2010-02-04 10:01 - 000176984 _____ (Microsoft

Corporation) C:\Windows\system32\xactengine3_6.dll
2020-05-10 08:29 - 2010-02-04 10:01 - 000078680 _____ (Microsoft

Corporation) C:\Windows\system32\XAPOFX1_4.dll
2020-05-10 08:29 - 2010-02-04 10:01 - 000074072 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2020-05-10 08:29 - 2009-09-04 17:44 - 000517960 _____ (Microsoft

Corporation) C:\Windows\system32\XAudio2_5.dll
2020-05-10 08:29 - 2009-09-04 17:44 - 000515416 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2020-05-10 08:29 - 2009-09-04 17:44 - 000238936 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2020-05-10 08:29 - 2009-09-04 17:44 - 000176968 _____ (Microsoft

Corporation) C:\Windows\system32\xactengine3_5.dll
2020-05-10 08:29 - 2009-09-04 17:44 - 000073544 _____ (Microsoft

Corporation) C:\Windows\system32\XAPOFX1_3.dll
2020-05-10 08:29 - 2009-09-04 17:44 - 000069464 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2020-05-10 08:29 - 2009-09-04 17:29 - 005554512 _____ (Microsoft

Corporation) C:\Windows\system32\d3dcsx_42.dll
2020-05-10 08:29 - 2009-09-04 17:29 - 005501792 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2020-05-10 08:29 - 2009-09-04 17:29 - 002582888 _____ (Microsoft

Corporation) C:\Windows\system32\D3DCompiler_42.dll
2020-05-10 08:29 - 2009-09-04 17:29 - 002475352 _____ (Microsoft

Corporation) C:\Windows\system32\D3DX9_42.dll
2020-05-10 08:29 - 2009-09-04 17:29 - 001974616 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2020-05-10 08:29 - 2009-09-04 17:29 - 001892184 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2020-05-10 08:29 - 2009-09-04 17:29 - 000285024 _____ (Microsoft

Corporation) C:\Windows\system32\d3dx11_42.dll
2020-05-10 08:29 - 2009-09-04 17:29 - 000235344 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2020-05-10 08:29 - 2009-03-16 14:18 - 000521560 _____ (Microsoft

Corporation) C:\Windows\system32\XAudio2_4.dll
2020-05-10 08:29 - 2009-03-16 14:18 - 000517448 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2020-05-10 08:29 - 2009-03-16 14:18 - 000235352 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2020-05-10 08:29 - 2009-03-16 14:18 - 000174936 _____ (Microsoft

Corporation) C:\Windows\system32\xactengine3_4.dll
2020-05-10 08:29 - 2009-03-16 14:18 - 000024920 _____ (Microsoft

Corporation) C:\Windows\system32\X3DAudio1_6.dll
2020-05-10 08:29 - 2009-03-16 14:18 - 000022360 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2020-05-10 08:29 - 2009-03-09 15:27 - 005425496 _____ (Microsoft

Corporation) C:\Windows\system32\D3DX9_41.dll
2020-05-10 08:29 - 2009-03-09 15:27 - 004178264 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2020-05-10 08:29 - 2009-03-09 15:27 - 002430312 _____ (Microsoft

Corporation) C:\Windows\system32\D3DCompiler_41.dll
2020-05-10 08:29 - 2009-03-09 15:27 - 000520544 _____ (Microsoft

Corporation) C:\Windows\system32\d3dx10_41.dll
2020-05-10 08:29 - 2008-10-27 10:04 - 000518480 _____ (Microsoft

Corporation) C:\Windows\system32\XAudio2_3.dll
2020-05-10 08:29 - 2008-10-27 10:04 - 000514384 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2020-05-10 08:29 - 2008-10-27 10:04 - 000235856 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2020-05-10 08:29 - 2008-10-27 10:04 - 000175440 _____ (Microsoft

Corporation) C:\Windows\system32\xactengine3_3.dll
2020-05-10 08:29 - 2008-10-27 10:04 - 000074576 _____ (Microsoft

Corporation) C:\Windows\system32\XAPOFX1_2.dll
2020-05-10 08:29 - 2008-10-27 10:04 - 000070992 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2020-05-10 08:29 - 2008-10-27 10:04 - 000025936 _____ (Microsoft

Corporation) C:\Windows\system32\X3DAudio1_5.dll
2020-05-10 08:29 - 2008-10-27 10:04 - 000023376 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2020-05-10 08:29 - 2008-07-31 10:41 - 000238088 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2020-05-10 08:29 - 2008-07-31 10:41 - 000177672 _____ (Microsoft

Corporation) C:\Windows\system32\xactengine3_2.dll
2020-05-10 08:29 - 2008-07-31 10:41 - 000072200 _____ (Microsoft

Corporation) C:\Windows\system32\XAPOFX1_1.dll
2020-05-10 08:29 - 2008-07-31 10:41 - 000068616 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2020-05-10 08:29 - 2008-07-31 10:40 - 000513544 _____ (Microsoft

Corporation) C:\Windows\system32\XAudio2_2.dll
2020-05-10 08:29 - 2008-07-31 10:40 - 000509448 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2020-05-10 08:29 - 2008-07-10 11:01 - 000467984 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2020-05-10 08:29 - 2008-07-10 11:00 - 004992520 _____ (Microsoft

Corporation) C:\Windows\system32\D3DX9_39.dll
2020-05-10 08:29 - 2008-07-10 11:00 - 003851784 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2020-05-10 08:29 - 2008-07-10 11:00 - 001942552 _____ (Microsoft

Corporation) C:\Windows\system32\D3DCompiler_39.dll
2020-05-10 08:29 - 2008-07-10 11:00 - 001493528 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2020-05-10 08:29 - 2008-07-10 11:00 - 000540688 _____ (Microsoft

Corporation) C:\Windows\system32\d3dx10_39.dll
2020-05-10 08:29 - 2008-05-30 14:19 - 000511496 _____ (Microsoft

Corporation) C:\Windows\system32\XAudio2_1.dll
2020-05-10 08:29 - 2008-05-30 14:19 - 000507400 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2020-05-10 08:29 - 2008-05-30 14:18 - 000238088 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2020-05-10 08:29 - 2008-05-30 14:18 - 000177672 _____ (Microsoft

Corporation) C:\Windows\system32\xactengine3_1.dll
2020-05-10 08:29 - 2008-05-30 14:17 - 000068104 _____ (Microsoft

Corporation) C:\Windows\system32\XAPOFX1_0.dll
2020-05-10 08:29 - 2008-05-30 14:17 - 000065032 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2020-05-10 08:29 - 2008-05-30 14:17 - 000025608 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2020-05-10 08:29 - 2008-05-30 14:16 - 000028168 _____ (Microsoft

Corporation) C:\Windows\system32\X3DAudio1_4.dll
2020-05-10 08:29 - 2008-05-30 14:11 - 004991496 _____ (Microsoft

Corporation) C:\Windows\system32\D3DX9_38.dll
2020-05-10 08:29 - 2008-05-30 14:11 - 003850760 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2020-05-10 08:29 - 2008-05-30 14:11 - 001941528 _____ (Microsoft

Corporation) C:\Windows\system32\D3DCompiler_38.dll
2020-05-10 08:29 - 2008-05-30 14:11 - 001491992 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2020-05-10 08:29 - 2008-05-30 14:11 - 000540688 _____ (Microsoft

Corporation) C:\Windows\system32\d3dx10_38.dll
2020-05-10 08:29 - 2008-05-30 14:11 - 000467984 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2020-05-10 08:29 - 2008-03-05 16:04 - 000489480 _____ (Microsoft

Corporation) C:\Windows\system32\XAudio2_0.dll
2020-05-10 08:29 - 2008-03-05 16:03 - 000479752 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2020-05-10 08:29 - 2008-03-05 16:03 - 000238088 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2020-05-10 08:29 - 2008-03-05 16:03 - 000177672 _____ (Microsoft

Corporation) C:\Windows\system32\xactengine3_0.dll
2020-05-10 08:29 - 2008-03-05 16:00 - 000028168 _____ (Microsoft

Corporation) C:\Windows\system32\X3DAudio1_3.dll
2020-05-10 08:29 - 2008-03-05 16:00 - 000025608 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2020-05-10 08:29 - 2008-03-05 15:56 - 004910088 _____ (Microsoft

Corporation) C:\Windows\system32\D3DX9_37.dll
2020-05-10 08:29 - 2008-03-05 15:56 - 003786760 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2020-05-10 08:29 - 2008-03-05 15:56 - 001860120 _____ (Microsoft

Corporation) C:\Windows\system32\D3DCompiler_37.dll
2020-05-10 08:29 - 2008-03-05 15:56 - 001420824 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2020-05-10 08:29 - 2008-02-05 23:07 - 000529424 _____ (Microsoft

Corporation) C:\Windows\system32\d3dx10_37.dll
2020-05-10 08:29 - 2008-02-05 23:07 - 000462864 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2020-05-10 08:29 - 2007-10-22 03:40 - 000411656 _____ (Microsoft

Corporation) C:\Windows\system32\xactengine2_10.dll
2020-05-10 08:29 - 2007-10-22 03:39 - 000267272 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2020-05-10 08:29 - 2007-10-22 03:37 - 000021000 _____ (Microsoft

Corporation) C:\Windows\system32\X3DAudio1_2.dll
2020-05-10 08:29 - 2007-10-22 03:37 - 000017928 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2020-05-10 08:29 - 2007-10-12 15:14 - 005081608 _____ (Microsoft

Corporation) C:\Windows\system32\d3dx9_36.dll
2020-05-10 08:29 - 2007-10-12 15:14 - 003734536 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2020-05-10 08:29 - 2007-10-12 15:14 - 002006552 _____ (Microsoft

Corporation) C:\Windows\system32\D3DCompiler_36.dll
2020-05-10 08:29 - 2007-10-12 15:14 - 001374232 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2020-05-10 08:29 - 2007-10-02 09:56 - 000508264 _____ (Microsoft

Corporation) C:\Windows\system32\d3dx10_36.dll
2020-05-10 08:29 - 2007-10-02 09:56 - 000444776 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2020-05-10 08:29 - 2007-07-20 00:57 - 000411496 _____ (Microsoft

Corporation) C:\Windows\system32\xactengine2_9.dll
2020-05-10 08:29 - 2007-07-20 00:57 - 000267112 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2020-05-10 08:29 - 2007-07-19 18:14 - 005073256 _____ (Microsoft

Corporation) C:\Windows\system32\d3dx9_35.dll
2020-05-10 08:29 - 2007-07-19 18:14 - 003727720 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2020-05-10 08:29 - 2007-07-19 18:14 - 001985904 _____ (Microsoft

Corporation) C:\Windows\system32\D3DCompiler_35.dll
2020-05-10 08:29 - 2007-07-19 18:14 - 001358192 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2020-05-10 08:29 - 2007-07-19 18:14 - 000508264 _____ (Microsoft

Corporation) C:\Windows\system32\d3dx10_35.dll
2020-05-10 08:29 - 2007-07-19 18:14 - 000444776 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2020-05-10 08:29 - 2007-06-20 20:49 - 000409960 _____ (Microsoft

Corporation) C:\Windows\system32\xactengine2_8.dll
2020-05-10 08:29 - 2007-06-20 20:46 - 000266088 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2020-05-10 08:29 - 2007-05-16 16:45 - 004496232 _____ (Microsoft

Corporation) C:\Windows\system32\d3dx9_34.dll
2020-05-10 08:29 - 2007-05-16 16:45 - 003497832 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2020-05-10 08:29 - 2007-05-16 16:45 - 001401200 _____ (Microsoft

Corporation) C:\Windows\system32\D3DCompiler_34.dll
2020-05-10 08:29 - 2007-05-16 16:45 - 001124720 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2020-05-10 08:29 - 2007-05-16 16:45 - 000506728 _____ (Microsoft

Corporation) C:\Windows\system32\d3dx10_34.dll
2020-05-10 08:29 - 2007-05-16 16:45 - 000443752 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2020-05-10 08:29 - 2007-04-04 18:55 - 000403304 _____ (Microsoft

Corporation) C:\Windows\system32\xactengine2_7.dll
2020-05-10 08:29 - 2007-04-04 18:55 - 000261480 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2020-05-10 08:29 - 2007-03-15 16:57 - 000506728 _____ (Microsoft

Corporation) C:\Windows\system32\d3dx10_33.dll
2020-05-10 08:29 - 2007-03-15 16:57 - 000443752 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2020-05-10 08:29 - 2007-03-12 16:42 - 004494184 _____ (Microsoft

Corporation) C:\Windows\system32\d3dx9_33.dll
2020-05-10 08:29 - 2007-03-12 16:42 - 003495784 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2020-05-10 08:29 - 2007-03-12 16:42 - 001400176 _____ (Microsoft

Corporation) C:\Windows\system32\D3DCompiler_33.dll
2020-05-10 08:29 - 2007-03-12 16:42 - 001123696 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2020-05-10 08:29 - 2007-03-05 12:42 - 000017688 _____ (Microsoft

Corporation) C:\Windows\system32\x3daudio1_1.dll
2020-05-10 08:29 - 2007-03-05 12:42 - 000015128 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2020-05-10 08:29 - 2007-01-24 15:27 - 000393576 _____ (Microsoft

Corporation) C:\Windows\system32\xactengine2_6.dll
2020-05-10 08:29 - 2007-01-24 15:27 - 000255848 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2020-05-10 08:29 - 2006-12-08 12:02 - 000251672 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2020-05-10 08:29 - 2006-12-08 12:00 - 000390424 _____ (Microsoft

Corporation) C:\Windows\system32\xactengine2_5.dll
2020-05-10 08:29 - 2006-11-29 13:06 - 000469264 _____ (Microsoft

Corporation) C:\Windows\system32\d3dx10.dll
2020-05-10 08:29 - 2006-11-29 13:06 - 000440080 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\d3dx10.dll
2020-05-10 08:29 - 2006-09-28 16:05 - 003977496 _____ (Microsoft

Corporation) C:\Windows\system32\d3dx9_31.dll
2020-05-10 08:29 - 2006-09-28 16:05 - 002414360 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2020-05-10 08:29 - 2006-09-28 16:05 - 000237848 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2020-05-10 08:29 - 2006-09-28 16:04 - 000364824 _____ (Microsoft

Corporation) C:\Windows\system32\xactengine2_4.dll
2020-05-10 08:29 - 2006-07-28 09:31 - 000083736 _____ (Microsoft

Corporation) C:\Windows\system32\xinput1_2.dll
2020-05-10 08:29 - 2006-07-28 09:30 - 000363288 _____ (Microsoft

Corporation) C:\Windows\system32\xactengine2_3.dll
2020-05-10 08:29 - 2006-07-28 09:30 - 000236824 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2020-05-10 08:29 - 2006-07-28 09:30 - 000062744 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2020-05-10 08:29 - 2006-05-31 07:24 - 000230168 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2020-05-10 08:29 - 2006-05-31 07:22 - 000354072 _____ (Microsoft

Corporation) C:\Windows\system32\xactengine2_2.dll
2020-05-10 08:29 - 2006-03-31 12:41 - 003927248 _____ (Microsoft

Corporation) C:\Windows\system32\d3dx9_30.dll
2020-05-10 08:29 - 2006-03-31 12:40 - 002388176 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2020-05-10 08:29 - 2006-03-31 12:40 - 000352464 _____ (Microsoft

Corporation) C:\Windows\system32\xactengine2_1.dll
2020-05-10 08:29 - 2006-03-31 12:39 - 000229584 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2020-05-10 08:29 - 2006-03-31 12:39 - 000083664 _____ (Microsoft

Corporation) C:\Windows\system32\xinput1_1.dll
2020-05-10 08:29 - 2006-03-31 12:39 - 000062672 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2020-05-10 08:29 - 2006-02-03 08:43 - 003830992 _____ (Microsoft

Corporation) C:\Windows\system32\d3dx9_29.dll
2020-05-10 08:29 - 2006-02-03 08:43 - 002332368 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2020-05-10 08:29 - 2006-02-03 08:42 - 000355536 _____ (Microsoft

Corporation) C:\Windows\system32\xactengine2_0.dll
2020-05-10 08:29 - 2006-02-03 08:42 - 000230096 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2020-05-10 08:29 - 2006-02-03 08:41 - 000016592 _____ (Microsoft

Corporation) C:\Windows\system32\x3daudio1_0.dll
2020-05-10 08:29 - 2006-02-03 08:41 - 000014032 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2020-05-10 08:29 - 2005-12-05 18:09 - 003815120 _____ (Microsoft

Corporation) C:\Windows\system32\d3dx9_28.dll
2020-05-10 08:29 - 2005-12-05 18:09 - 002323664 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2020-05-10 08:29 - 2005-07-22 19:59 - 003807440 _____ (Microsoft

Corporation) C:\Windows\system32\d3dx9_27.dll
2020-05-10 08:29 - 2005-07-22 19:59 - 002319568 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2020-05-10 08:29 - 2005-05-26 15:34 - 003767504 _____ (Microsoft

Corporation) C:\Windows\system32\d3dx9_26.dll
2020-05-10 08:29 - 2005-05-26 15:34 - 002297552 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2020-05-10 08:29 - 2005-03-18 17:19 - 003823312 _____ (Microsoft

Corporation) C:\Windows\system32\d3dx9_25.dll
2020-05-10 08:29 - 2005-02-05 19:45 - 003544272 _____ (Microsoft

Corporation) C:\Windows\system32\d3dx9_24.dll
2020-05-10 08:29 - 2005-02-05 19:45 - 002222800 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2020-05-10 08:28 - 2020-05-10 08:29 - 000000000 ____D C:\Windows

\SysWOW64\directx
2020-05-10 08:28 - 2020-05-10 08:28 - 000000000 ____D C:\ProgramData

\Microsoft\Windows\Start Menu\Programs\Construct
2020-05-10 08:27 - 2020-05-10 08:27 - 000000000 ____D C:\Program Files

(x86)\Scirra
2020-05-10 08:10 - 2020-05-10 08:10 - 000000000 ____D C:\ProgramData

\Package Cache
2020-05-10 08:10 - 2010-05-26 11:41 - 002401112 _____ (Microsoft

Corporation) C:\Windows\system32\D3DX9_43.dll
2020-05-10 08:10 - 2010-05-26 11:41 - 001998168 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2020-05-10 08:10 - 2010-05-26 11:41 - 001907552 _____ (Microsoft

Corporation) C:\Windows\system32\d3dcsx_43.dll
2020-05-10 08:10 - 2010-05-26 11:41 - 000511328 _____ (Microsoft

Corporation) C:\Windows\system32\d3dx10_43.dll
2020-05-10 08:10 - 2010-02-04 10:01 - 000024920 _____ (Microsoft

Corporation) C:\Windows\system32\X3DAudio1_7.dll
2020-05-10 08:10 - 2010-02-04 10:01 - 000022360 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2020-05-10 08:10 - 2007-04-04 18:54 - 000107368 _____ (Microsoft

Corporation) C:\Windows\system32\xinput1_3.dll
2020-05-10 08:09 - 2020-05-10 08:10 - 000000000 ____D C:\Users\Ivan

\AppData\Local\UnrealEngine
2020-05-10 08:09 - 2020-05-10 08:10 - 000000000 ____D C:\ProgramData

\Epic
2020-05-10 08:09 - 2020-05-10 08:09 - 000001270 _____ C:\ProgramData

\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2020-05-10 08:09 - 2020-05-10 08:09 - 000000000 ____D C:\Users\Ivan

\AppData\Local\UnrealEngineLauncher
2020-05-10 08:09 - 2020-05-10 08:09 - 000000000 ____D C:\Users\Ivan

\AppData\Local\EpicGamesLauncher
2020-05-10 08:09 - 2020-05-10 08:09 - 000000000 ____D C:\Program Files

(x86)\Epic Games
2020-05-10 08:09 - 2010-05-26 11:41 - 001868128 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2020-05-10 08:09 - 2010-05-26 11:41 - 000470880 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2020-05-10 08:09 - 2007-04-04 18:53 - 000081768 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2020-05-10 07:57 - 2020-05-10 07:57 - 000000000 ____D C:\Users\Ivan

\Documents\Uru Live Minkata Shard
2020-05-10 07:56 - 2020-05-10 07:56 - 000000000 ____D C:\Users\Ivan

\Documents\Uru Live
2020-05-10 07:45 - 2015-11-05 09:00 - 001070232 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\mscomctl.ocx
2020-05-10 07:45 - 2015-11-05 09:00 - 000617896 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\comctl32.ocx
2020-05-10 07:45 - 2015-03-27 03:54 - 000163480 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\comDlg32.ocx
2020-05-10 07:45 - 2014-11-12 09:46 - 000354944 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\msvcr71.dll
2020-05-10 07:45 - 2011-01-12 06:06 - 001054208 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\mfc71u.dll
2020-05-10 07:45 - 2011-01-12 05:49 - 001060864 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\mfc71.dll
2020-05-10 07:45 - 2011-01-12 05:23 - 000090112 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\atl71.dll
2020-05-10 07:45 - 2007-02-01 14:43 - 000503808 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\msvcp71.dll
2020-05-10 07:26 - 2020-05-10 07:26 - 000000000 ____D C:\Users\Ivan

\AppData\Local\DBG
2020-05-10 07:25 - 2020-05-10 07:25 - 000000000 ____D C:\Program Files

(x86)\1C
2020-05-10 07:19 - 2020-05-10 07:19 - 000003016 _____ C:\Windows

\system32\Tasks\oCamTask
2020-05-10 07:19 - 2020-05-10 07:19 - 000000000 ____D C:\Users\Ivan

\Documents\oCam
2020-05-10 07:19 - 2020-05-10 07:19 - 000000000 ____D C:\Users\Ivan

\AppData\Roaming\oCam
2020-05-10 07:19 - 2020-05-10 07:19 - 000000000 ____D C:\ProgramData

\Microsoft\Windows\Start Menu\Programs\oCam
2020-05-10 07:19 - 2020-05-10 07:19 - 000000000 ____D C:\Program Files

(x86)\oCam
2020-05-10 07:15 - 2020-05-10 07:15 - 000000000 ____D C:\ProgramData

\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2020-05-10 07:15 - 2020-05-10 07:15 - 000000000 ____D C:\Program Files

\Oracle
2020-05-10 07:11 - 2020-05-12 18:43 - 000001152 _____ C:\Users\Ivan

\Desktop\Windows XP SP3.lnk
2020-05-10 07:10 - 2020-05-10 07:15 - 000000000 ____D C:\Users\Ivan

\.VirtualBox
2020-05-10 07:10 - 2020-05-10 07:15 - 000000000 ____D C:\ProgramData

\VirtualBox
2020-05-10 07:10 - 2020-04-09 14:57 - 001029576 _____ (Oracle

Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2020-05-10 07:10 - 2020-04-09 14:57 - 000186936 _____ (Oracle

Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2020-05-10 07:07 - 2020-05-10 07:07 - 000000000 ____D C:\Users\Ivan

\AppData\LocalLow\Ludosity
2020-05-10 06:58 - 2020-05-12 19:12 - 000000000 ____D C:\Users\Ivan

\AppData\Roaming\qBittorrent
2020-05-10 06:58 - 2020-05-10 06:58 - 000000000 ____D C:\Users\Ivan

\AppData\Local\qBittorrent
2020-05-10 06:58 - 2020-05-10 06:58 - 000000000 ____D C:\ProgramData

\Microsoft\Windows\Start Menu\Programs\qBittorrent
2020-05-10 06:58 - 2020-05-10 06:58 - 000000000 ____D C:\Program Files

\qBittorrent
2020-05-10 06:52 - 2020-05-10 06:52 - 000000000 ____D C:\Program Files

(x86)\DAMN NFO Viewer
2020-05-10 06:51 - 2020-05-10 06:51 - 000000000 ____D C:\ProgramData

\Microsoft\Windows\Start Menu\Programs\7-Zip
2020-05-10 06:51 - 2020-05-10 06:51 - 000000000 ____D C:\Program Files

\7-Zip
2020-05-10 06:44 - 2020-05-10 06:44 - 000001447 _____ C:\ProgramData

\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2020-05-10 06:44 - 2020-05-10 06:44 - 000001378 _____ C:\ProgramData

\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2020-05-10 06:44 - 2020-05-10 06:44 - 000000000 ____D C:\Windows\en
2020-05-10 06:43 - 2020-05-10 06:46 - 000000000 ____D C:\Users\Ivan

\AppData\Local\Windows Live
2020-05-10 06:43 - 2020-05-10 06:43 - 000000000 ____D C:\Windows

\PCHEALTH
2020-05-10 06:43 - 2020-05-10 06:43 - 000000000 ____D C:\Program Files

(x86)\Windows Live
2020-05-10 06:43 - 2020-05-10 06:43 - 000000000 ____D C:\Program Files

(x86)\Microsoft SQL Server Compact Edition
2020-05-10 06:43 - 2010-06-02 04:55 - 000527192 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2020-05-10 06:43 - 2010-06-02 04:55 - 000518488 _____ (Microsoft

Corporation) C:\Windows\system32\XAudio2_7.dll
2020-05-10 06:43 - 2010-06-02 04:55 - 000077656 _____ (Microsoft

Corporation) C:\Windows\system32\XAPOFX1_5.dll
2020-05-10 06:43 - 2010-06-02 04:55 - 000074072 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2020-05-10 06:43 - 2010-05-26 11:41 - 002526056 _____ (Microsoft

Corporation) C:\Windows\system32\D3DCompiler_43.dll
2020-05-10 06:43 - 2010-05-26 11:41 - 002106216 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2020-05-10 06:43 - 2010-05-26 11:41 - 000276832 _____ (Microsoft

Corporation) C:\Windows\system32\d3dx11_43.dll
2020-05-10 06:43 - 2010-05-26 11:41 - 000248672 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2020-05-10 06:43 - 2009-09-04 17:29 - 000523088 _____ (Microsoft

Corporation) C:\Windows\system32\d3dx10_42.dll
2020-05-10 06:43 - 2009-09-04 17:29 - 000453456 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2020-05-10 06:43 - 2006-11-29 13:06 - 004398360 _____ (Microsoft

Corporation) C:\Windows\system32\d3dx9_32.dll
2020-05-10 06:43 - 2006-11-29 13:06 - 003426072 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2020-05-10 06:21 - 2020-05-10 06:21 - 000000000 ____D C:\Users\Ivan

\AppData\Local\Comms
2020-05-10 06:15 - 2020-05-10 08:54 - 000000000 ____D C:\Users\Ivan

\Desktop\Private Servers
2020-05-10 06:10 - 2020-05-12 16:22 - 000000000 ____D C:\Users\Ivan

\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2020-05-10 06:07 - 2020-05-10 06:07 - 000000000 ____D C:\Users\Ivan

\AppData\Local\Steam
2020-05-10 06:06 - 2020-05-12 17:06 - 000000000 ____D C:\Program Files

(x86)\Steam
2020-05-10 06:06 - 2020-05-10 06:06 - 000000000 ____D C:\ProgramData

\Microsoft\Windows\Start Menu\Programs\Steam
2020-05-10 05:01 - 2020-05-09 20:03 - 000000000 ____D C:\Windows\Panther
2020-05-10 04:31 - 2020-05-10 04:31 - 000000000 ____D C:\Program Files

\UNP
2020-05-09 22:30 - 2020-05-09 22:31 - 000000000 ____D C:\Windows

\system32\MRT
2020-05-09 22:30 - 2020-05-09 22:30 - 121542864 ____C (Microsoft

Corporation) C:\Windows\system32\MRT.exe
2020-05-09 22:30 - 2020-05-09 22:30 - 001993528 _____ (Microsoft

Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2020-05-09 22:28 - 2020-05-09 22:28 - 026806784 _____ (Microsoft

Corporation) C:\Windows\system32\edgehtml.dll
2020-05-09 22:28 - 2020-05-09 22:28 - 023463424 _____ (Microsoft

Corporation) C:\Windows\system32\mshtml.dll
2020-05-09 22:28 - 2020-05-09 22:28 - 020816384 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\edgehtml.dll
2020-05-09 22:28 - 2020-05-09 22:28 - 019020800 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\mshtml.dll
2020-05-09 22:28 - 2020-05-09 22:28 - 007871488 _____ (Microsoft

Corporation) C:\Windows\system32\Chakra.dll
2020-05-09 22:28 - 2020-05-09 22:28 - 006543528 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-05-09 22:28 - 2020-05-09 22:28 - 006060032 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\Chakra.dll
2020-05-09 22:28 - 2020-05-09 22:28 - 005436696 _____ (Microsoft

Corporation) C:\Windows\system32\mfcore.dll
2020-05-09 22:28 - 2020-05-09 22:28 - 005086208 _____ (Microsoft

Corporation) C:\Windows\system32\wininet.dll
2020-05-09 22:28 - 2020-05-09 22:28 - 004695552 _____ (Microsoft

Corporation) C:\Windows\system32\msi.dll
2020-05-09 22:28 - 2020-05-09 22:28 - 004628480 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\wininet.dll
2020-05-09 22:28 - 2020-05-09 22:28 - 004589056 _____ (Microsoft

Corporation) C:\Windows\system32\sppsvc.exe
2020-05-09 22:28 - 2020-05-09 22:28 - 003933184 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\msi.dll
2020-05-09 22:28 - 2020-05-09 22:28 - 003632128 _____ (Microsoft

Corporation) C:\Windows\system32\tellib.dll
2020-05-09 22:28 - 2020-05-09 22:28 - 003550400 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\mfcore.dll
2020-05-09 22:28 - 2020-05-09 22:28 - 002801664 _____ (Microsoft

Corporation) C:\Windows\system32\WinSAT.exe
2020-05-09 22:28 - 2020-05-09 22:28 - 002749800 _____ (Microsoft

Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2020-05-09 22:28 - 2020-05-09 22:28 - 002706496 _____ (Microsoft

Corporation) C:\Windows\system32\KernelBase.dll
2020-05-09 22:28 - 2020-05-09 22:28 - 002469440 _____ (Microsoft

Corporation) C:\Windows\system32\msmpeg2vdec.dll
2020-05-09 22:28 - 2020-05-09 22:28 - 002323696 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2020-05-09 22:28 - 2020-05-09 22:28 - 002182472 _____ (Microsoft

Corporation) C:\Windows\system32\workfolderssvc.dll
2020-05-09 22:28 - 2020-05-09 22:28 - 002078392 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\KernelBase.dll
2020-05-09 22:28 - 2020-05-09 22:28 - 001994768 _____ (Microsoft

Corporation) C:\Windows\system32\ntdll.dll
2020-05-09 22:28 - 2020-05-09 22:28 - 001709560 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2020-05-09 22:28 - 2020-05-09 22:28 - 001702400 _____ (Microsoft

Corporation) C:\Windows\system32\GdiPlus.dll
2020-05-09 22:28 - 2020-05-09 22:28 - 001675008 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\user32.dll
2020-05-09 22:28 - 2020-05-09 22:28 - 001674480 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\ntdll.dll
2020-05-09 22:28 - 2020-05-09 22:28 - 001668968 _____ (Microsoft

Corporation) C:\Windows\system32\gdi32full.dll
2020-05-09 22:28 - 2020-05-09 22:28 - 001485312 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2020-05-09 22:28 - 2020-05-09 22:28 - 001465344 _____ (Microsoft

Corporation) C:\Windows\system32\wsecedit.dll
2020-05-09 22:28 - 2020-05-09 22:28 - 001465272 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\gdi32full.dll
2020-05-09 22:28 - 2020-05-09 22:28 - 001388032 _____ (Microsoft

Corporation) C:\Windows\system32\bcastdvruserservice.dll
2020-05-09 22:28 - 2020-05-09 22:28 - 001323008 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\wsecedit.dll
2020-05-09 22:28 - 2020-05-09 22:28 - 001310720 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\msjet40.dll
2020-05-09 22:28 - 2020-05-09 22:28 - 001309696 _____ (Microsoft

Corporation) C:\Windows\system32\webplatstorageserver.dll
2020-05-09 22:28 - 2020-05-09 22:28 - 001257472 _____ (Microsoft

Corporation) C:\Windows\system32\mfmkvsrcsnk.dll
2020-05-09 22:28 - 2020-05-09 22:28 - 001249792 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\InstallService.dll
2020-05-09 22:28 - 2020-05-09 22:28 - 001200920 _____ (Microsoft

Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2020-05-09 22:28 - 2020-05-09 22:28 - 001024920 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2020-05-09 22:28 - 2020-05-09 22:28 - 001003008 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\wpnapps.dll
2020-05-09 22:28 - 2020-05-09 22:28 - 000988672 _____ (Microsoft

Corporation) C:\Windows\system32\StorSvc.dll
2020-05-09 22:28 - 2020-05-09 22:28 - 000982016 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\mfmkvsrcsnk.dll
2020-05-09 22:28 - 2020-05-09 22:28 - 000912384 _____ (Microsoft

Corporation) C:\Windows\system32\EdgeManager.dll
2020-05-09 22:28 - 2020-05-09 22:28 - 000837120 _____ (Microsoft

Corporation) C:\Windows\system32\jscript.dll
2020-05-09 22:28 - 2020-05-09 22:28 - 000833024 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
2020-05-09 22:28 - 2020-05-09 22:28 - 000808272 _____ (Microsoft

Corporation) C:\Windows\system32\fontdrvhost.exe
2020-05-09 22:28 - 2020-05-09 22:28 - 000725904 _____ (Microsoft

Corporation) C:\Windows\system32\kernel32.dll
2020-05-09 22:28 - 2020-05-09 22:28 - 000684032 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\jscript.dll
2020-05-09 22:28 - 2020-05-09 22:28 - 000663040 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\EdgeManager.dll
2020-05-09 22:28 - 2020-05-09 22:28 - 000661056 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2020-05-09 22:28 - 2020-05-09 22:28 - 000649272 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\kernel32.dll
2020-05-09 22:28 - 2020-05-09 22:28 - 000629760 _____ (Microsoft

Corporation) C:\Windows\system32\ipnathlp.dll
2020-05-09 22:28 - 2020-05-09 22:28 - 000596480 _____ (Microsoft

Corporation) C:\Windows\system32\vbscript.dll
2020-05-09 22:28 - 2020-05-09 22:28 - 000534016 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\vbscript.dll
2020-05-09 22:28 - 2020-05-09 22:28 - 000427520 _____ (Microsoft

Corporation) C:\Windows\system32\MSFlacDecoder.dll
2020-05-09 22:28 - 2020-05-09 22:28 - 000375296 _____ (Microsoft

Corporation) C:\Windows\system32\WinSATAPI.dll
2020-05-09 22:28 - 2020-05-09 22:28 - 000371712 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\MSFlacDecoder.dll
2020-05-09 22:28 - 2020-05-09 22:28 - 000353792 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2020-05-09 22:28 - 2020-05-09 22:28 - 000341504 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\msexcl40.dll
2020-05-09 22:28 - 2020-05-09 22:28 - 000307712 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\WinSATAPI.dll
2020-05-09 22:28 - 2020-05-09 22:28 - 000280136 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\Windows.Storage.ApplicationData.dll
2020-05-09 22:28 - 2020-05-09 22:28 - 000248832 _____ (Microsoft

Corporation) C:\Windows\system32\IndexedDbLegacy.dll
2020-05-09 22:28 - 2020-05-09 22:28 - 000241152 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\msltus40.dll
2020-05-09 22:28 - 2020-05-09 22:28 - 000192512 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\IndexedDbLegacy.dll
2020-05-09 22:28 - 2020-05-09 22:28 - 000180736 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\srumsvc.dll
2020-05-09 22:28 - 2020-05-09 22:28 - 000180224 _____ (Microsoft

Corporation) C:\Windows\system32\t2embed.dll
2020-05-09 22:28 - 2020-05-09 22:28 - 000167424 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\InstallServiceTasks.dll
2020-05-09 22:28 - 2020-05-09 22:28 - 000155136 _____ (Microsoft

Corporation) C:\Windows\system32\Chakradiag.dll
2020-05-09 22:28 - 2020-05-09 22:28 - 000138752 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\t2embed.dll
2020-05-09 22:28 - 2020-05-09 22:28 - 000125440 _____ (Microsoft

Corporation) C:\Windows\system32\fontsub.dll
2020-05-09 22:28 - 2020-05-09 22:28 - 000117248 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2020-05-09 22:28 - 2020-05-09 22:28 - 000098816 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\fontsub.dll
2020-05-09 22:28 - 2020-05-09 22:28 - 000060928 _____ (Microsoft

Corporation) C:\Windows\system32\mf3216.dll
2020-05-09 22:28 - 2020-05-09 22:28 - 000046080 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\mf3216.dll
2020-05-09 22:28 - 2020-05-09 22:28 - 000033792 _____ (Microsoft

Corporation) C:\Windows\system32\sxssrv.dll
2020-05-09 22:27 - 2020-05-09 22:27 - 009672208 _____ (Microsoft

Corporation) C:\Windows\system32\ntoskrnl.exe
2020-05-09 22:27 - 2020-05-09 22:27 - 007645392 _____ (Microsoft

Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2020-05-09 22:27 - 2020-05-09 22:27 - 003636224 _____ (Microsoft

Corporation) C:\Windows\system32\win32kfull.sys
2020-05-09 22:27 - 2020-05-09 22:27 - 003582976 _____ (Microsoft

Corporation) C:\Windows\system32\diagtrack.dll
2020-05-09 22:27 - 2020-05-09 22:27 - 003392000 _____ (Microsoft

Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2020-05-09 22:27 - 2020-05-09 22:27 - 003361080 _____ (Microsoft

Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2020-05-09 22:27 - 2020-05-09 22:27 - 003334496 _____ (Microsoft

Corporation) C:\Windows\system32\combase.dll
2020-05-09 22:27 - 2020-05-09 22:27 - 003005952 _____ (Microsoft

Corporation) C:\Windows\system32\wuaueng.dll
2020-05-09 22:27 - 2020-05-09 22:27 - 002706944 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\win32kfull.sys
2020-05-09 22:27 - 2020-05-09 22:27 - 002590736 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\combase.dll
2020-05-09 22:27 - 2020-05-09 22:27 - 002417664 _____ (Microsoft

Corporation) C:\Windows\system32\win32kbase.sys
2020-05-09 22:27 - 2020-05-09 22:27 - 002200576 _____ (Microsoft

Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2020-05-09 22:27 - 2020-05-09 22:27 - 001796408 _____ (Microsoft

Corporation) C:\Windows\system32\WindowsCodecs.dll
2020-05-09 22:27 - 2020-05-09 22:27 - 001671680 _____ (Microsoft

Corporation) C:\Windows\system32\InstallService.dll
2020-05-09 22:27 - 2020-05-09 22:27 - 001664696 _____ (Microsoft

Corporation) C:\Windows\system32\user32.dll
2020-05-09 22:27 - 2020-05-09 22:27 - 001647616 _____ (Microsoft

Corporation) C:\Windows\system32\wpncore.dll
2020-05-09 22:27 - 2020-05-09 22:27 - 001608192 _____ (Microsoft

Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2020-05-09 22:27 - 2020-05-09 22:27 - 001568768 _____ (Microsoft

Corporation) C:\Windows\system32\dosvc.dll
2020-05-09 22:27 - 2020-05-09 22:27 - 001519488 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2020-05-09 22:27 - 2020-05-09 22:27 - 001412096 _____ (Microsoft

Corporation) C:\Windows\system32\WpcDesktopMonSvc.dll
2020-05-09 22:27 - 2020-05-09 22:27 - 001387304 _____ (Microsoft

Corporation) C:\Windows\system32\WinTypes.dll
2020-05-09 22:27 - 2020-05-09 22:27 - 001320448 _____ (Microsoft

Corporation) C:\Windows\system32\wpnapps.dll
2020-05-09 22:27 - 2020-05-09 22:27 - 001258512 _____ (Microsoft

Corporation) C:\Windows\system32\hvix64.exe
2020-05-09 22:27 - 2020-05-09 22:27 - 001133056 _____ (Microsoft

Corporation) C:\Windows\system32\windowsperformancerecordercontrol.dll
2020-05-09 22:27 - 2020-05-09 22:27 - 001054928 _____ (Microsoft

Corporation) C:\Windows\system32\ApplyTrustOffline.exe
2020-05-09 22:27 - 2020-05-09 22:27 - 001050640 _____ (Microsoft

Corporation) C:\Windows\system32\hvax64.exe
2020-05-09 22:27 - 2020-05-09 22:27 - 000987520 _____ (Microsoft

Corporation) C:\Windows\system32\winhttp.dll
2020-05-09 22:27 - 2020-05-09 22:27 - 000902248 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\WinTypes.dll
2020-05-09 22:27 - 2020-05-09 22:27 - 000886272 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\windowsperformancerecordercontrol.dll
2020-05-09 22:27 - 2020-05-09 22:27 - 000861496 _____ (Microsoft

Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2020-05-09 22:27 - 2020-05-09 22:27 - 000770096 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\winhttp.dll
2020-05-09 22:27 - 2020-05-09 22:27 - 000758688 _____ (Microsoft

Corporation) C:\Windows\system32\tcblaunch.exe
2020-05-09 22:27 - 2020-05-09 22:27 - 000652600 _____ (Microsoft

Corporation) C:\Windows\system32\securekernel.exe
2020-05-09 22:27 - 2020-05-09 22:27 - 000505640 _____ (Microsoft

Corporation) C:\Windows\system32\wow64win.dll
2020-05-09 22:27 - 2020-05-09 22:27 - 000439096 _____ (Microsoft

Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2020-05-09 22:27 - 2020-05-09 22:27 - 000392704 _____ (Microsoft

Corporation) C:\Windows\system32\domgmt.dll
2020-05-09 22:27 - 2020-05-09 22:27 - 000357888 _____ (Microsoft

Corporation) C:\Windows\system32\WaaSMedicSvc.dll
2020-05-09 22:27 - 2020-05-09 22:27 - 000351744 _____ (Microsoft

Corporation) C:\Windows\system32\Windows.Storage.ApplicationData.dll
2020-05-09 22:27 - 2020-05-09 22:27 - 000215552 _____ (Microsoft

Corporation) C:\Windows\system32\InstallServiceTasks.dll
2020-05-09 22:27 - 2020-05-09 22:27 - 000214528 _____ (Microsoft

Corporation) C:\Windows\system32\srumsvc.dll
2020-05-09 22:27 - 2020-05-09 22:27 - 000203064 _____ (Microsoft

Corporation) C:\Windows\system32\tcbloader.dll
2020-05-09 22:27 - 2020-05-09 22:27 - 000160768 _____ (Microsoft

Corporation) C:\Windows\system32\umpo.dll
2020-05-09 22:27 - 2020-05-09 22:27 - 000103936 _____ (Microsoft

Corporation) C:\Windows\system32\utcutil.dll
2020-05-09 22:27 - 2020-05-09 22:27 - 000089928 _____ (Microsoft

Corporation) C:\Windows\system32\Drivers\volmgr.sys
2020-05-09 22:27 - 2020-05-09 22:27 - 000080896 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\dtdump.exe
2020-05-09 22:27 - 2020-05-09 22:27 - 000057856 _____ C:\Windows

\system32\runexehelper.exe
2020-05-09 22:27 - 2020-05-09 22:27 - 000000315 _____ C:\Windows

\system32\DrtmAuth8.bin
2020-05-09 22:27 - 2020-05-09 22:27 - 000000315 _____ C:\Windows

\system32\DrtmAuth7.bin
2020-05-09 22:27 - 2020-05-09 22:27 - 000000315 _____ C:\Windows

\system32\DrtmAuth6.bin
2020-05-09 22:27 - 2020-05-09 22:27 - 000000315 _____ C:\Windows

\system32\DrtmAuth5.bin
2020-05-09 22:27 - 2020-05-09 22:27 - 000000315 _____ C:\Windows

\system32\DrtmAuth4.bin
2020-05-09 22:27 - 2020-05-09 22:27 - 000000315 _____ C:\Windows

\system32\DrtmAuth3.bin
2020-05-09 22:27 - 2020-05-09 22:27 - 000000315 _____ C:\Windows

\system32\DrtmAuth2.bin
2020-05-09 22:27 - 2020-05-09 22:27 - 000000315 _____ C:\Windows

\system32\DrtmAuth1.bin
2020-05-09 22:11 - 2020-05-12 21:28 - 000000000 ____D C:\Users\Ivan

\AppData\Roaming\Discord
2020-05-09 22:11 - 2020-05-09 22:11 - 000000000 ____D C:\Users\Ivan

\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2020-05-09 22:11 - 2020-05-09 22:11 - 000000000 ____D C:\Users\Ivan

\AppData\LocalLow\AMD
2020-05-09 22:11 - 2020-05-09 22:11 - 000000000 ____D C:\Users\Ivan

\AppData\Local\SquirrelTemp
2020-05-09 22:11 - 2020-05-09 22:11 - 000000000 ____D C:\Users\Ivan

\AppData\Local\Discord
2020-05-09 22:11 - 2020-05-09 22:11 - 000000000 ____D C:\ProgramData

\SquirrelMachineInstalls
2020-05-09 22:08 - 2008-10-15 06:22 - 005631312 _____ (Microsoft

Corporation) C:\Windows\system32\D3DX9_40.dll
2020-05-09 22:08 - 2008-10-15 06:22 - 004379984 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2020-05-09 22:08 - 2008-10-15 06:22 - 002605920 _____ (Microsoft

Corporation) C:\Windows\system32\D3DCompiler_40.dll
2020-05-09 22:08 - 2008-10-15 06:22 - 002036576 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2020-05-09 22:08 - 2008-10-15 06:22 - 000519000 _____ (Microsoft

Corporation) C:\Windows\system32\d3dx10_40.dll
2020-05-09 22:08 - 2008-10-15 06:22 - 000452440 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2020-05-09 22:08 - 2005-03-18 17:19 - 002337488 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2020-05-09 22:07 - 2020-05-09 22:07 - 000000000 ____D C:\Users\Ivan

\Documents\Spartan
2020-05-09 22:00 - 2020-05-12 16:23 - 000000000 ____D C:\Users\Ivan

\Desktop\Games
2020-05-09 20:29 - 2020-05-09 20:29 - 000000000 ____D C:\ProgramData

\Unchecky
2020-05-09 20:29 - 2020-05-09 20:29 - 000000000 ____D C:\ProgramData

\Microsoft\Windows\Start Menu\Programs\WinCDEmu
2020-05-09 20:29 - 2020-05-09 20:29 - 000000000 ____D C:\ProgramData

\Microsoft\Windows\Start Menu\Programs\Unchecky
2020-05-09 20:29 - 2020-05-09 20:29 - 000000000 ____D C:\Program Files

(x86)\WinCDEmu
2020-05-09 20:29 - 2020-05-09 20:29 - 000000000 ____D C:\Program Files

(x86)\Unchecky
2020-05-09 20:13 - 2020-05-09 20:13 - 000000000 ____H C:\ProgramData

\DP45977C.lfl
2020-05-09 20:13 - 2020-05-09 20:13 - 000000000 ____D C:\Windows

\SysWOW64\RTCOM
2020-05-09 20:13 - 2020-05-09 20:13 - 000000000 ____D C:\Windows

\system32\DAX3
2020-05-09 20:13 - 2020-05-09 20:13 - 000000000 ____D C:\Windows

\system32\DAX2
2020-05-09 20:13 - 2020-05-09 20:13 - 000000000 ____D C:\ProgramData

\Audyssey Labs
2020-05-09 20:13 - 2020-05-09 20:13 - 000000000 ____D C:\Program Files

\Realtek
2020-05-09 20:12 - 2020-05-12 17:05 - 000000000 ___HD C:\Program Files

(x86)\InstallShield Installation Information
2020-05-09 20:12 - 2020-05-09 20:13 - 000000000 ___HD C:\Program Files

(x86)\Temp
2020-05-09 20:12 - 2020-05-09 20:12 - 000000000 ____D C:\Program Files

(x86)\Realtek
2020-05-09 20:12 - 2017-01-11 11:38 - 072520712 _____ (Realtek

Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2020-05-09 20:12 - 2017-01-11 11:38 - 023547544 _____ (Waves Audio Ltd.)

C:\Windows\system32\MaxxAudioRenderAVX64.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 023447352 _____ (Waves Audio Ltd.)

C:\Windows\system32\MaxxAudioRender64.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 017398616 _____ (Waves Audio Ltd.)

C:\Windows\system32\MaxxAudioCapture64.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 015202032 _____ (Yamaha

Corporation) C:\Windows\system32\YamahaAE3.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 014057248 _____ (Waves Audio Ltd.)

C:\Windows\system32\MaxxAudioRealtek64.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 013122576 _____ (Waves Audio Ltd.)

C:\Windows\system32\MaxxVoiceAPO3064.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 012988344 _____ (Waves Audio Ltd.)

C:\Windows\system32\MaxxVoiceAPO4064.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 010536160 _____ (Intel

Corporation) C:\Windows\system32\IntelSSTAPO.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 009124224 _____ C:\Windows

\system32\Drivers\RTAIODAT.DAT
2020-05-09 20:12 - 2017-01-11 11:38 - 007172912 _____ (Dolby

Laboratories) C:\Windows\system32\R4EEP64A.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 006244200 _____ (Nahimic Inc) C:

\Windows\system32\NAHIMICV3apo.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 005922376 _____ (Nahimic Inc) C:

\Windows\system32\NAHIMICV2apo.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 005804772 _____ C:\Windows

\system32\Drivers\rtvienna.dat
2020-05-09 20:12 - 2017-01-11 11:38 - 005593608 _____ (Nahimic Inc) C:

\Windows\system32\NAHIMICAPOlfx.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 005545472 _____ (Realtek

Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2020-05-09 20:12 - 2017-01-11 11:38 - 003503048 _____ (Realtek

Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 003410832 _____ (DTS, Inc.) C:

\Windows\system32\slcnt64.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 003299816 _____ (Yamaha

Corporation) C:\Windows\system32\YamahaAE2.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 003203584 _____ (Realtek

Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 003203424 _____ (Realtek

Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 003122656 _____ (DTS, Inc.) C:

\Windows\system32\sltech64.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 003014144 _____ (Realtek

Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2020-05-09 20:12 - 2017-01-11 11:38 - 002830480 _____ (Realtek

Semiconductor Corp.) C:\Windows\SysWOW64\RltkAPO.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 002291304 _____ (Waves Audio Ltd.)

C:\Windows\system32\MaxxAudioAPO7064.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 002201600 _____ (Realtek

Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 002190984 _____ (Yamaha

Corporation) C:\Windows\system32\YamahaAE.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 002110592 _____ (Waves Audio Ltd.)

C:\Windows\system32\WavesGUILib64.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 002050176 _____ (Waves Audio Ltd.)

C:\Windows\system32\MaxxAudioEQ64.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 001920870 _____ C:\Windows

\system32\Drivers\rtkSSTsetting.dat
2020-05-09 20:12 - 2017-01-11 11:38 - 001435136 _____ (Synopsys, Inc.)

C:\Windows\system32\SRRPTR64.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 001422920 _____ (Waves Audio Ltd.)

C:\Windows\system32\MaxxAudioAPO6064.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 001382232 _____ (TOSHIBA

Corporation) C:\Windows\system32\tosade.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 001353824 _____ (Realtek

Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 001337640 _____ (Toshiba Client

Solutions Co., Ltd.) C:\Windows\system32\tossaeapo64.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 001334376 _____ (Waves Audio Ltd.)

C:\Windows\system32\MaxxSpeechAPO64.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 001213656 _____ (Waves Audio Ltd.)

C:\Windows\system32\MaxxAudioAPO5064.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 001186840 _____ (Intel

Corporation) C:\Windows\system32\IntelSstCApoPropPage.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 001166152 _____ (Waves Audio Ltd.)

C:\Windows\system32\MaxxAudioAPO4064.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 001003856 _____ (Nahimic Inc) C:

\Windows\system32\NahimicAPONSControl.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 001003512 _____ (Sound Research,

Corp.) C:\Windows\system32\SEHDHF64.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 000999848 _____ (Waves Audio Ltd.)

C:\Windows\system32\MaxxVoiceAPO2064.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 000984912 _____ (DTS, Inc.) C:

\Windows\system32\sl3apo64.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 000965024 _____ (Sony Corporation)

C:\Windows\system32\SFSS_APO.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 000962128 _____ (Toshiba Client

Solutions Co., Ltd.) C:\Windows\system32\tosasfapo64.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 000931616 _____ (Waves Audio Ltd.)

C:\Windows\system32\MaxxAudioAPOShell64.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 000923736 _____ (Sony Corporation)

C:\Windows\system32\MISS_APO.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 000873464 _____ (TOSHIBA

Corporation) C:\Windows\system32\tadefxapo264.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 000866096 _____ (Sound Research,

Corp.) C:\Windows\SysWOW64\SEHDHF32.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 000859912 _____ (Sound Research,

Corp.) C:\Windows\system32\SEHDRA64.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 000854208 _____ (Sound Research,

Corp.) C:\Windows\system32\SECOMN64.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 000726112 _____ (Sound Research,

Corp.) C:\Windows\SysWOW64\SECOMN32.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 000689880 _____ (Realtek

Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 000678176 _____ (Waves Audio Ltd.)

C:\Windows\system32\MaxxAudioAPO30.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 000677672 _____ (Waves Audio Ltd.)

C:\Windows\system32\MaxxVolumeSDAPO.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 000618184 _____ (Knowles Acoustics

) C:\Windows\system32\KAAPORT64.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 000601144 _____ (Toshiba Client

Solutions Co., Ltd.) C:\Windows\system32\tossaemaxapo64.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 000588032 _____ (ICEpower a/s) C:

\Windows\system32\ICEsoundAPO64.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 000571376 _____ (Intel

Corporation) C:\Windows\system32\tbb_waves.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 000532376 _____ (SRS Labs, Inc.)

C:\Windows\system32\SRSTSX64.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 000514872 _____ (Sound Research,

Corp.) C:\Windows\system32\SEAPO64.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 000467152 _____ (Synopsys, Inc.)

C:\Windows\system32\SRAPO64.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 000447720 _____ (Dolby

Laboratories) C:\Windows\system32\R4EED64A.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 000447176 _____ (Toshiba Client

Solutions Co., Ltd.) C:\Windows\system32\toseaeapo64.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 000426568 _____ (Dolby

Laboratories) C:\Windows\system32\HiFiDAX2APIPCLL.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 000416504 _____ (Harman) C:

\Windows\system32\HMUI.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 000387312 _____ (Dolby

Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 000381408 _____ (Synopsys, Inc.)

C:\Windows\system32\SRCOM64.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 000378384 _____ (Dolby

Laboratories) C:\Windows\system32\HiFiDAX2API.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 000366120 _____ (Windows (R) Win 7

DDK provider) C:\Windows\system32\HMAPO.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 000360344 _____ (Harman) C:

\Windows\system32\HMClariFi.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 000343704 _____ (Realtek

Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 000341144 _____ (Synopsys, Inc.)

C:\Windows\SysWOW64\SRCOM.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 000341144 _____ (Synopsys, Inc.)

C:\Windows\system32\SRCOM.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 000330560 _____ (Waves Audio Ltd.)

C:\Windows\system32\MaxxAudioAPO20.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 000321712 _____ (Dolby

Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 000321712 _____ (Dolby

Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 000258864 _____ (TODO: <Company

name>) C:\Windows\system32\slprp64.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 000231912 _____ (Synopsys, Inc.)

C:\Windows\system32\SFNHK64.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 000221968 _____ (SRS Labs, Inc.)

C:\Windows\system32\SRSTSH64.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 000214832 _____ (Dolby

Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 000209536 _____ (SRS Labs, Inc.)

C:\Windows\system32\SRSHP64.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 000203840 _____ (Harman) C:

\Windows\system32\HMHVS.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 000192976 _____ (Realtek

Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 000190928 _____ (Harman) C:

\Windows\system32\HMEQ_Voice.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 000190928 _____ (Harman) C:

\Windows\system32\HMEQ.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 000179592 _____ (Harman) C:

\Windows\system32\HMLimiter.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 000166200 _____ (SRS Labs, Inc.)

C:\Windows\system32\SRSWOW64.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 000158696 _____ (TOSHIBA

Corporation) C:\Windows\system32\tadefxapo.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 000151784 _____ (Dolby

Laboratories) C:\Windows\system32\R4EEL64A.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 000134200 _____ (Dolby

Laboratories) C:\Windows\system32\R4EEA64A.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 000110984 _____ (Dolby

Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 000090912 _____ (Synopsys, Inc.)

C:\Windows\system32\SFCOM64.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 000088344 _____ (Dolby

Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 000088320 _____ (Synopsys, Inc.)

C:\Windows\system32\SFAPO64.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 000084616 _____ (Dolby

Laboratories) C:\Windows\system32\R4EEG64A.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 000083624 _____ (Virage Logic

Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 000075536 _____ (TOSHIBA

CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2020-05-09 20:12 - 2017-01-11 11:38 - 000023688 _____ (Realtek

Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2020-05-09 20:12 - 2017-01-11 11:37 - 007096184 _____ (Dolby

Laboratories) C:\Windows\system32\DDPP64A.dll
2020-05-09 20:12 - 2017-01-11 11:37 - 006264632 _____ (Dolby

Laboratories) C:\Windows\system32\DDPP64AF3.dll
2020-05-09 20:12 - 2017-01-11 11:37 - 005347000 _____ (Dolby

Laboratories) C:\Windows\system32\DolbyDAX2APOv211.dll
2020-05-09 20:12 - 2017-01-11 11:37 - 003302272 _____ (Fortemedia

Corporation) C:\Windows\system32\FMAPO64.dll
2020-05-09 20:12 - 2017-01-11 11:37 - 002993720 _____ (Audyssey Labs)

C:\Windows\system32\AudysseyEfx.dll
2020-05-09 20:12 - 2017-01-11 11:37 - 002444688 _____ (Dolby

Laboratories) C:\Windows\system32\DolbyDAX2APOv201.dll
2020-05-09 20:12 - 2017-01-11 11:37 - 001965808 _____ (Dolby

Laboratories) C:\Windows\system32\DDPD64A.dll
2020-05-09 20:12 - 2017-01-11 11:37 - 001959600 _____ (Dolby

Laboratories) C:\Windows\system32\DDPD64AF3.dll
2020-05-09 20:12 - 2017-01-11 11:37 - 001780616 _____ (DTS) C:\Windows

\system32\DTSS2SpeakerDLL64.dll
2020-05-09 20:12 - 2017-01-11 11:37 - 001615656 _____ (Conexant Systems

Inc.) C:\Windows\system32\CX64APO.dll
2020-05-09 20:12 - 2017-01-11 11:37 - 001591056 _____ (DTS) C:\Windows

\system32\DTSS2HeadphoneDLL64.dll
2020-05-09 20:12 - 2017-01-11 11:37 - 001529136 _____ (Conexant Systems

Inc.) C:\Windows\system32\CX64Proxy.dll
2020-05-09 20:12 - 2017-01-11 11:37 - 001516896 _____ (Dolby

Laboratories) C:\Windows\system32\DAX3APOProp.dll
2020-05-09 20:12 - 2017-01-11 11:37 - 001508928 _____ (DTS) C:\Windows

\system32\DTSBoostDLL64.dll
2020-05-09 20:12 - 2017-01-11 11:37 - 001363096 _____ (Dolby

Laboratories) C:\Windows\system32\DAX3APOv251.dll
2020-05-09 20:12 - 2017-01-11 11:37 - 001133584 _____ (Dolby

Laboratories) C:\Windows\system32\DolbyDAX2APOProp.dll
2020-05-09 20:12 - 2017-01-11 11:37 - 000785608 _____ (Dolby

Laboratories) C:\Windows\system32\DolbyDAX2APOvlldp.dll
2020-05-09 20:12 - 2017-01-11 11:37 - 000743960 _____ (DTS) C:\Windows

\system32\DTSBassEnhancementDLL64.dll
2020-05-09 20:12 - 2017-01-11 11:37 - 000727432 _____ (DTS) C:\Windows

\system32\DTSSymmetryDLL64.dll
2020-05-09 20:12 - 2017-01-11 11:37 - 000708312 _____ (DTS) C:\Windows

\system32\DTSVoiceClarityDLL64.dll
2020-05-09 20:12 - 2017-01-11 11:37 - 000574752 _____ (Andrea

Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2020-05-09 20:12 - 2017-01-11 11:37 - 000514520 _____ (DTS) C:\Windows

\system32\DTSU2PLFX64.dll
2020-05-09 20:12 - 2017-01-11 11:37 - 000504304 _____ (DTS) C:\Windows

\system32\DTSNeoPCDLL64.dll
2020-05-09 20:12 - 2017-01-11 11:37 - 000500552 _____ (DTS) C:\Windows

\system32\DTSU2PGFX64.dll
2020-05-09 20:12 - 2017-01-11 11:37 - 000445400 _____ (DTS) C:\Windows

\system32\DTSLimiterDLL64.dll
2020-05-09 20:12 - 2017-01-11 11:37 - 000441264 _____ (DTS) C:\Windows

\system32\DTSGainCompensatorDLL64.dll
2020-05-09 20:12 - 2017-01-11 11:37 - 000438688 _____ (Conexant Systems,

Inc.) C:\Windows\system32\CAF64APO2.dll
2020-05-09 20:12 - 2017-01-11 11:37 - 000428224 _____ (DTS) C:\Windows

\system32\DTSU2PREC64.dll
2020-05-09 20:12 - 2017-01-11 11:37 - 000362048 _____ (Dolby

Laboratories) C:\Windows\system32\DDPO64AF3.dll
2020-05-09 20:12 - 2017-01-11 11:37 - 000327448 _____ (Dolby

Laboratories) C:\Windows\system32\DDPO64A.dll
2020-05-09 20:12 - 2017-01-11 11:37 - 000310416 _____ (Dolby

Laboratories) C:\Windows\system32\DDPA64F3.dll
2020-05-09 20:12 - 2017-01-11 11:37 - 000272712 _____ (Dolby

Laboratories) C:\Windows\system32\DDPA64.dll
2020-05-09 20:12 - 2017-01-11 11:37 - 000253896 _____ (DTS) C:\Windows

\system32\DTSGFXAPO64.dll
2020-05-09 20:12 - 2017-01-11 11:37 - 000253864 _____ (DTS) C:\Windows

\system32\DTSLFXAPO64.dll
2020-05-09 20:12 - 2017-01-11 11:37 - 000252872 _____ (DTS) C:\Windows

\system32\DTSGFXAPONS64.dll
2020-05-09 20:12 - 2017-01-11 11:37 - 000154360 _____ (Harman) C:

\Windows\system32\HarmanAudioInterface.dll
2020-05-09 20:12 - 2017-01-11 11:37 - 000122320 _____ (Real Sound Lab

SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2020-05-09 20:12 - 2017-01-11 11:37 - 000118592 _____ C:\Windows

\system32\AcpiServiceVnA64.dll
2020-05-09 20:12 - 2017-01-11 11:37 - 000118592 _____ (Andrea

Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2020-05-09 20:12 - 2017-01-11 11:37 - 000112488 _____ (Conexant Systems,

Inc.) C:\Windows\system32\Caf64api.dll
2020-05-09 20:12 - 2017-01-11 11:37 - 000105304 _____ C:\Windows

\system32\audioLibVc.dll
2020-05-09 20:12 - 2017-01-11 11:37 - 000005604 _____ C:\Windows

\system32\cxapo.lncs
2020-05-09 20:12 - 2017-01-11 11:37 - 000000736 _____ C:\Windows

\system32\cxapo.prop
2020-05-09 20:12 - 2016-09-22 14:55 - 002839520 _____ (Realtek

Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2020-05-09 20:09 - 2020-05-09 20:09 - 000000000 ____H C:\Windows

\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2020-05-09 20:03 - 2020-05-12 17:05 - 000000006 ____H C:\Windows\Tasks

\SA.DAT
2020-05-09 20:03 - 2020-05-09 20:03 - 000000000 _SHDL C:\Documents and

Settings
2020-05-09 20:03 - 2020-05-09 20:03 - 000000000 ____D C:\Windows

\system32\Drivers\wd
2020-05-09 20:02 - 2020-05-12 21:22 - 000000000 ____D C:\Windows

\system32\SleepStudy
2020-05-09 20:02 - 2020-05-10 06:01 - 000257744 _____ C:\Windows

\system32\FNTCACHE.DAT
2020-05-09 20:02 - 2020-05-09 20:02 - 000000000 ____D C:\Windows

\ServiceProfiles
2020-05-09 19:57 - 2020-05-09 19:57 - 000000000 ____D C:\Users\Ivan

\AppData\Local\GHISLER
2020-05-09 19:44 - 2020-05-12 17:06 - 000000833 _____ C:\Users\Ivan

\AppData\Roaming\notewhal.ini
2020-05-09 19:33 - 2020-05-09 19:33 - 000003990 _____ C:\Windows

\system32\Tasks\Avast Emergency Update
2020-05-09 19:33 - 2020-05-09 19:33 - 000002160 _____ C:\ProgramData

\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2020-05-09 19:33 - 2020-05-09 19:33 - 000000000 ____D C:\Windows

\system32\Tasks\Avast Software
2020-05-09 19:33 - 2020-05-09 19:33 - 000000000 ____D C:\Users\Ivan

\AppData\Roaming\Avast Software
2020-05-09 19:33 - 2020-05-09 19:33 - 000000000 ____D C:\Users\Ivan

\AppData\Local\CEF
2020-05-09 19:33 - 2020-05-09 19:33 - 000000000 ____D C:\Program Files

\Common Files\Avast Software
2020-05-09 19:33 - 2020-05-09 19:32 - 000851592 _____ (AVAST Software)

C:\Windows\system32\Drivers\aswSnx.sys
2020-05-09 19:33 - 2020-05-09 19:32 - 000460992 _____ (AVAST Software)

C:\Windows\system32\Drivers\aswSP.sys
2020-05-09 19:33 - 2020-05-09 19:32 - 000337560 _____ (AVAST Software)

C:\Windows\system32\aswBoot.exe
2020-05-09 19:33 - 2020-05-09 19:32 - 000319120 _____ (AVAST Software)

C:\Windows\system32\Drivers\aswVmm.sys
2020-05-09 19:33 - 2020-05-09 19:32 - 000235488 _____ (AVAST Software)

C:\Windows\system32\Drivers\aswStm.sys
2020-05-09 19:33 - 2020-05-09 19:32 - 000234560 _____ (AVAST Software)

C:\Windows\system32\Drivers\aswbidsdriver.sys
2020-05-09 19:33 - 2020-05-09 19:32 - 000205880 _____ (AVAST Software)

C:\Windows\system32\Drivers\aswArPot.sys
2020-05-09 19:33 - 2020-05-09 19:32 - 000178760 _____ (AVAST Software)

C:\Windows\system32\Drivers\aswbidsh.sys
2020-05-09 19:33 - 2020-05-09 19:32 - 000175704 _____ (AVAST Software)

C:\Windows\system32\Drivers\aswMonFlt.sys
2020-05-09 19:33 - 2020-05-09 19:32 - 000109272 _____ (AVAST Software)

C:\Windows\system32\Drivers\aswRdr2.sys
2020-05-09 19:33 - 2020-05-09 19:32 - 000084856 _____ (AVAST Software)

C:\Windows\system32\Drivers\aswRvrt.sys
2020-05-09 19:33 - 2020-05-09 19:32 - 000060480 _____ (AVAST Software)

C:\Windows\system32\Drivers\aswbuniv.sys
2020-05-09 19:33 - 2020-05-09 19:32 - 000042784 _____ (AVAST Software)

C:\Windows\system32\Drivers\aswKbd.sys
2020-05-09 19:33 - 2020-05-09 19:32 - 000037136 _____ (AVAST Software)

C:\Windows\system32\Drivers\aswArDisk.sys
2020-05-09 19:33 - 2020-05-09 19:32 - 000016304 _____ (AVAST Software)

C:\Windows\system32\Drivers\aswElam.sys
2020-05-09 19:32 - 2020-05-09 19:33 - 000000000 ____D C:\ProgramData

\Avast Software
2020-05-09 19:32 - 2020-05-09 19:32 - 000000000 ____D C:\Program Files

\Avast Software
2020-05-09 19:30 - 2020-05-09 22:16 - 000000000 ____D C:\Users\Ivan

\.xdman
2020-05-09 19:30 - 2020-05-09 19:30 - 000000000 ____D C:\Users\Ivan

\Downloads\Video
2020-05-09 19:30 - 2020-05-09 19:30 - 000000000 ____D C:\Users\Ivan

\Downloads\Compressed
2020-05-09 19:30 - 2020-05-09 19:30 - 000000000 ____D C:\ProgramData

\Microsoft\Windows\Start Menu\Programs\Xtreme Download Manager
2020-05-09 19:30 - 2020-05-09 19:30 - 000000000 ____D C:\Program Files

(x86)\XDM
2020-05-09 19:12 - 2020-05-09 19:51 - 000000000 ____D C:\Users\Ivan

\AppData\Local\AMD
2020-05-09 19:11 - 2020-05-12 17:06 - 000000000 ____D C:\Users\Ivan

\AppData\Local\D3DSCache
2020-05-09 19:10 - 2020-05-12 17:11 - 000840852 _____ C:\Windows

\system32\PerfStringBackup.INI
2020-05-09 19:09 - 2020-05-12 17:05 - 000065536 _____ C:\Windows

\system32\spu_storage.bin
2020-05-09 19:09 - 2020-05-09 19:09 - 000000000 ____D C:\Windows

\system32\AMD
2020-05-09 19:07 - 2020-05-12 17:06 - 000000000 ____D C:\Users\Ivan

\AppData\Local\VirtualStore
2020-05-09 19:07 - 2020-05-09 19:28 - 000000000 ____D C:\Users\Ivan

\AppData\Local\Packages
2020-05-09 19:07 - 2020-05-09 19:07 - 000000000 __RHD C:\Users\Public

\AccountPictures
2020-05-09 19:07 - 2020-05-09 19:07 - 000000000 ___RD C:\Users\Ivan\3D

Objects
2020-05-09 19:07 - 2020-05-09 19:07 - 000000000 ____D C:\Users\Ivan

\AppData\Roaming\Adobe
2020-05-09 19:07 - 2020-05-09 19:07 - 000000000 ____D C:\Users\Ivan

\AppData\Local\ConnectedDevicesPlatform
2020-05-09 19:06 - 2020-05-10 07:10 - 000000000 ____D C:\Users\Ivan
2020-05-09 19:06 - 2020-05-09 19:06 - 000000020 ___SH C:\Users\Ivan

\ntuser.ini
2020-05-09 19:06 - 2020-05-09 19:06 - 000000000 ____D C:\Program Files

\Common Files\logishrd
2020-05-09 19:05 - 2020-03-29 02:33 - 002865152 _____ (Microsoft

Corporation) C:\Windows\SysWOW64\PrintConfig.dll

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-05-12 17:11 - 2018-09-15 09:31 - 000000000 ____D C:\Windows\INF
2020-05-12 17:08 - 2018-09-15 09:33 - 000000000 ____D C:\ProgramData

\regid.1991-06.com.microsoft
2020-05-12 17:05 - 2018-09-15 08:09 - 000032768 _____ C:\Windows

\system32\config\BBI
2020-05-12 15:22 - 2018-09-15 09:33 - 000000000 ____D C:\Windows

\system32\NDF
2020-05-12 15:15 - 2018-09-15 09:23 - 000000000 ____D C:\Windows\CbsTemp
2020-05-12 15:14 - 2018-09-15 09:33 - 000000000 ____D C:\Windows

\PolicyDefinitions
2020-05-10 07:45 - 2018-09-15 09:33 - 000000000 ____D C:\Program Files

\Common Files\microsoft shared
2020-05-10 06:01 - 2018-09-15 11:10 - 000000000 ____D C:\Program Files

\Windows Defender Advanced Threat Protection
2020-05-10 06:01 - 2018-09-15 09:33 - 000000000 ____D C:\Windows

\ShellExperiences
2020-05-10 06:01 - 2018-09-15 09:33 - 000000000 ____D C:\Windows

\bcastdvr
2020-05-10 05:01 - 2018-09-15 09:31 - 000028672 _____ C:\Windows

\system32\config\BCD-Template
2020-05-10 04:30 - 2018-09-15 09:33 - 000000000 ____D C:\Windows

\appcompat
2020-05-09 22:34 - 2018-09-15 08:09 - 000000000 ____D C:\Windows

\servicing
2020-05-09 20:03 - 2018-09-15 09:33 - 000000000 ___RD C:\Windows

\PrintDialog
2020-05-09 20:03 - 2018-09-15 09:33 - 000000000 ___RD C:\Windows

\ImmersiveControlPanel
2020-05-09 20:03 - 2018-09-15 08:09 - 000032768 _____ C:\Windows

\system32\config\ELAM
2020-05-09 19:33 - 2018-09-15 09:33 - 000000000 ___HD C:\Windows

\ELAMBKUP
2020-05-09 19:32 - 2018-09-15 09:33 - 000000000 ____D C:\Windows

\AppReadiness
2020-05-09 19:08 - 2018-09-15 09:33 - 000000000 ____D C:\Windows

\system32\WinBioDatabase
2020-05-09 19:07 - 2018-09-15 09:33 - 000000000 ____D C:\ProgramData

\USOPrivate
2020-05-09 19:05 - 2020-03-29 02:35 - 000000000 ____D C:\Windows\CSC
2020-05-09 19:05 - 2018-09-15 09:33 - 000000000 ____D C:\Windows

\system32\spool
2020-05-09 19:05 - 2018-09-15 09:33 - 000000000 ____D C:\Windows

\system32\FxsTmp
2020-05-09 19:04 - 2018-09-15 09:36 - 000000000 ____D C:\Windows\Setup

==================== Files in the root of some directories ========

2020-05-09 19:44 - 2020-05-12 17:06 - 000000833 _____ () C:\Users\Ivan

\AppData\Roaming\notewhal.ini

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
Attached Files
File Type: txt Addition.txt (34.2 KB, 2 views)
rocket.master is offline   Reply With Quote
Old 05-12-2020, 12:54 PM   #7
Security Team Moderator
 
iMacg3's Avatar
 
Join Date: Nov 2018
Location: US
Posts: 218
OS: Windows 10



Hi rocket.master, welcome to the TSF malware removal forum.

I am iMacg3 and will be helping you with your computer problems.

Please keep the following information in mind before we begin:
  • Back up any important data before we continue.
    • Back up any important data on your computer to external media. I will not knowingly suggest any steps that will damage your computer; however, malware infections are often unpredictable and it may be necessary to reformat and reinstall your operating system depending on the infection.
  • Do not install any new software or run any fixes/tools on your system unless I request that you do so.
    • Running additional tools on your system can interfere with the clean-up process, or cause issues such as false positives.
  • Please read all instructions carefully, and complete them in the order listed.
    • Items that are especially important will be highlighted in bold or red.
  • If your computer seems to start working normally, please don't abandon the topic.
    • Even if your system is behaving normally, there may still be some malware remnants left over. Additionally, malware can re-infect the computer if some remnants are left. Therefore, please complete all requested steps to make sure any malware is successfully eradicated from your PC.
  • If you have pirated or illegal software on your computer, uninstall it now before proceeding.
    • Using pirated/cracked software is an easy way to infect your computer - almost as easy as intentionally downloading malware. Therefore, please remove any, if present, before we begin the clean-up.
  • If you don't respond to your topic in 5 days, it will be closed.
    • If your topic is closed and you still need assistance, start a new thread in the Virus/Malware Removal forum with a link to this one.
  • If you have questions at any time during the cleanup, feel free to ask.


---------------------------------------------------

Are you able to attach the FRST logs directly to your post, or copy and paste their contents into your reply?


(If you receive an error that your post is too long, you can copy/paste the logs into separate replies)
__________________
Proud member of UNITE
iMacg3 is offline   Reply With Quote
Old 05-12-2020, 01:16 PM   #8
Moderator, Editor, Articles Team
 
Deejay100six's Avatar
 
Join Date: Nov 2007
Location: Doncaster, Great Britain
Posts: 11,788
OS: Windows 7 Professional SP1

My System


Others have had problems posting logs. I managed to get them posted after doing one of those captcha things.
__________________
Regards, Dave.


Submit New Articles Here

Help us to help you by posting your System Specs
Deejay100six is offline   Reply With Quote
Old 05-13-2020, 09:28 AM   #9
Security Team Moderator
 
iMacg3's Avatar
 
Join Date: Nov 2018
Location: US
Posts: 218
OS: Windows 10



Quote:
Originally Posted by Deejay100six View Post
Others have had problems posting logs. I managed to get them posted after doing one of those captcha things.

OK, thanks for the info.
__________________
Proud member of UNITE
iMacg3 is offline   Reply With Quote
Old 05-13-2020, 09:47 AM   #10
Registered Member
 
Join Date: Jul 2018
Posts: 18
OS:



So, what happens now?
rocket.master is offline   Reply With Quote
Old 05-13-2020, 08:38 PM   #11
Security Team Moderator
 
iMacg3's Avatar
 
Join Date: Nov 2018
Location: US
Posts: 218
OS: Windows 10



Hi rocket.master,

Looks like the logs are now posted.

I noticed that you're running Windows 10 Enterprise. Is this a business/work computer, and if so, do you have permission to have this machine checked for malware?
__________________
Proud member of UNITE
iMacg3 is offline   Reply With Quote
Old 05-13-2020, 10:59 PM   #12
Registered Member
 
Join Date: Jul 2018
Posts: 18
OS:



No, it's a home computer. I was told this was the best version of Windows 10, and no, I don't work for a company.
rocket.master is offline   Reply With Quote
Old 05-15-2020, 07:43 PM   #13
Security Team Moderator
 
iMacg3's Avatar
 
Join Date: Nov 2018
Location: US
Posts: 218
OS: Windows 10



Apologies for the delay.



I'm reviewing your logs and will get back to you as soon as possible.
__________________
Proud member of UNITE
iMacg3 is offline   Reply With Quote
Old 05-16-2020, 02:50 PM   #14
Security Team Moderator
 
iMacg3's Avatar
 
Join Date: Nov 2018
Location: US
Posts: 218
OS: Windows 10



Hi rocket.master,

From your previous topic:

Quote:
Those problems are that my settings are being changed for ANY program I'm using without my knowledge.
Can you give some examples of the programs/settings being changed?


Please download and run the following tools:

---------------------------------------------------
AdwCleaner

Download AdwCleaner and save it to your desktop.
  • Double click AdwCleaner.exe to run it.
  • Click Scan Now ...
    • When the scan has finished a Scan Results window will open.
    • Click Cancel (at this point do not attempt to Quarantine anything that is found)
  • Now click the Log Files tab ...
    • Double click on the latest scan log (Scan logs have a [S0*] suffix, where * is replaced by a number, the latest scan will have the largest number)
    • A Notepad file will open containing the results of the scan.
    • Please post the contents of the file in your next reply.

---------------------------------------------------
ESET Online Scanner

Download ESET Online Scanner and save it to your desktop.
  • Right-click on esetonlinescanner_enu.exe and select Run as Administrator.
  • When the tool opens, click Get Started.
  • Read and accept the license agreement.
  • At the Welcome to ESET Online Scanner window, click Get Started.
  • Select whether you would like to send anonymous data to ESET.
  • Note: if you see the "Welcome Back to ESET Online Scanner" screen, click Computer Scan > Full Scan.
  • Click on the Full Scan option.
  • Select Enable ESET to detect and remove potentially unwanted applications, then click Start scan.
  • ESET will now begin scanning your computer. This may take some time.
  • When the scan is finished and if threats have been detected, select Save scan log. Save it to your desktop as eset.txt. Click on Continue.
  • ESET Online Scanner may ask if you'd like to turn on the Periodic Scan feature. Click on Continue.
  • On the next screen, you can leave feedback about the program if you wish. Check the box for Delete application data on closing. If you left feedback, click Submit and continue. If not, Close without feedback.
  • Open the scan log on your desktop (eset.txt) and copy and paste its contents into your next reply.

---------------------------------------------------

In your next reply

- Please include both logs and let me know about which programs/settings are changed
__________________
Proud member of UNITE
iMacg3 is offline   Reply With Quote
Old 05-16-2020, 10:40 PM   #15
Registered Member
 
Join Date: Jul 2018
Posts: 18
OS:



Um... it doesn't show up in scans, because it's not normal malware. For example, settings in my web browser and operating system get changed without my knowledge. Those are some of the programs, there are others... too many to mention.
rocket.master is offline   Reply With Quote
Old 05-20-2020, 11:06 AM   #16
Security Team Moderator
 
iMacg3's Avatar
 
Join Date: Nov 2018
Location: US
Posts: 218
OS: Windows 10



My apologies for this delay. I missed the notification of your topic.

Can you please run the scans with AdwCleaner and ESET and post the results in your reply.

Which specific settings in your browser have been changed?
__________________
Proud member of UNITE
iMacg3 is offline   Reply With Quote
Old Yesterday, 11:59 AM   #17
Registered Member
 
Join Date: Jul 2018
Posts: 18
OS:



The display of some web pages was altered, and the other changes are to my programs I use.
Attached Files
File Type: txt AdwCleaner[S03].txt (1.6 KB, 5 views)
File Type: txt eset.txt (1.6 KB, 4 views)
rocket.master is offline   Reply With Quote
Old Today, 09:55 AM   #18
Security Team Moderator
 
iMacg3's Avatar
 
Join Date: Nov 2018
Location: US
Posts: 218
OS: Windows 10



Hi rocket.master,

Unfortunately, there is evidence of tools used to illegitimately activate Windows on your computer. Please remove any pirated software/activators from your computer, then do the following:


  • Click the Start button and type Command Prompt in the search box.
  • Right-click "Command Prompt" in the search results and select Run as Administrator.
  • At the command prompt, type slmgr -dlv and press Enter.
  • A window will open after a few seconds. Press Ctrl + C on your keyboard to copy its contents.
    • Press the Windows key + R. Type Notepad and click OK.
    • A new text file will appear. Press Ctrl + V to paste the contents of the window into the text file.
    • Click File > Save and save the file to your desktop.
Copy and paste the contents of the text file in your next reply.
__________________
Proud member of UNITE
iMacg3 is offline   Reply With Quote
Old Today, 10:05 AM   #19
Registered Member
 
Join Date: Jul 2018
Posts: 18
OS:



I'm sorry, but I can't afford to purchase Windows, so I am forced to use a pirated version. The file will be attached.
Attached Files
File Type: txt slmgr.txt (1.3 KB, 4 views)
rocket.master is offline   Reply With Quote
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is on
Smilies are on
[IMG] code is on
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Post a Question


» Site Navigation
 > FAQ
  > 10.0.0.2
Powered by vBadvanced CMPS v3.2.3


All times are GMT -7. The time now is 04:56 PM.


Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2020, vBulletin Solutions, Inc.
vBulletin Security provided by vBSecurity v2.2.2 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
User Alert System provided by Advanced User Tagging v3.1.0 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
Copyright 2001 - 2018, Tech Support Forum

Windows 10 - Windows 7 - Windows XP - Windows Vista - Trojan Removal - Spyware Removal - Virus Removal - Networking - Security - Top Web Hosts