Go Back   Tech Support Forum > Security Center > Virus/Trojan/Spyware Help

User Tag List

Soundmixer.exe trojan

This is a discussion on Soundmixer.exe trojan within the Virus/Trojan/Spyware Help forums, part of the Tech Support Forum category. Hello, I believe from the research i've done I have the soundmixer.exe trojan on my computer. I first discovered this


Closed Thread
 
Thread Tools Search this Thread
Old 04-24-2020, 08:07 PM   #1
Registered Member
 
Join Date: Dec 2005
Posts: 86
OS: Windows 10



Hello, I believe from the research i've done I have the soundmixer.exe trojan on my computer. I first discovered this when the command prompt wouldn't open correctly. I was just wondering if I could get instructions on getting rid of it. I've tried using Malwarebytes but it didn't detect it.

Thank you for your time.
HisHighness is offline  
Sponsored Links
Advertisement
 
Old 04-24-2020, 09:16 PM   #2
Moderator
Security Team
 
Gary R's Avatar
 
Join Date: Jul 2008
Location: Yorkshire
Posts: 662
OS: W8.1 x64, Mint Cinnamon 19.2 x64, MX Linux x64



Please read the following post ... https://www.techsupportforum.com/for...ml#post7728436 ... and then post me your FRST.txt and Addition.txt logs, along with a brief description of any problems you are experiencing.
__________________
Gary R is offline  
Old 04-24-2020, 11:03 PM   #3
Registered Member
 
Join Date: Dec 2005
Posts: 86
OS: Windows 10



Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-04-2020
Ran by lucas (administrator) on MAINPC (Hewlett-Packard h8-1221) (25-04-2020 02:41:57)
Running from C:\Users\lucas\Downloads
Loaded Profiles: lucas (Available Profiles: lucas & Administrator)
Platform: Windows 10 Home Version 1903 18362.778 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(BOGDAN BLAGOEV SHARKOV -> Bogdan Sharkov) E:\Program Files (x86)\ClownfishVoiceChanger\ClownfishVoiceChanger.exe
(Comodo Security Solutions, Inc. -> Comodo Inc.) E:\Program Files\Comodo\IceDragon\icedragon_updater.exe
(Discord Inc. -> Discord Inc.) C:\Users\lucas\AppData\Local\Discord\app-0.0.306\Discord.exe <6>
(Electronic Arts, Inc. -> Electronic Arts) E:\Program Files (x86)\Origin\OriginThinSetupInternal.exe
(Electronic Arts, Inc. -> Electronic Arts) E:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Evernote Corporation -> Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <51>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(IDT, Inc.) [File not signed] C:\Program Files\IDT\WDM\stacsv64.exe
(IDT, Inc.) [File not signed] C:\Program Files\IDT\WDM\sttray64.exe
(London Trust Media Incorporated -> ) C:\Program Files\Private Internet Access\pia-service.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\lucas\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\regedit.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2003.8-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2003.8-0\NisSrv.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(SoundMixer) [File not signed] C:\Users\lucas\AppData\Roaming\Microsoft\SoundMixer\SoundMixer.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TODO: <公司名>) [File not signed] E:\Program Files (x86)\Perixx Gaming mouse\SE61T-UserTools.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) E:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve -> Valve Corporation) E:\Program Files (x86)\Steam\steam.exe
(Vincent Burel -> VB-AUDIO Software) C:\Program Files (x86)\VB\Voicemeeter\voicemeeter.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-11-20] (IDT, Inc.) [File not signed]
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3022416 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [SE61T-UserTools] => E:\Program Files (x86)\Perixx Gaming mouse\SE61T-UserTools.exe [757248 2014-06-16] (TODO: <公司名>) [File not signed]
HKU\S-1-5-21-3291336225-27683785-918294902-1000\...\Run: [Steam] => E:\Program Files (x86)\Steam\steam.exe [3371296 2020-04-03] (Valve -> Valve Corporation)
HKU\S-1-5-21-3291336225-27683785-918294902-1000\...\Run: [Discord] => C:\Users\lucas\AppData\Local\Discord\app-0.0.306\Discord.exe [90950968 2020-02-24] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-3291336225-27683785-918294902-1000\...\Run: [Speech Recognition] => C:\WINDOWS\Speech\Common\sapisvr.exe [45056 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-3291336225-27683785-918294902-1000\...\Run: [Spotify] => C:\Users\lucas\AppData\Roaming\Spotify\Spotify.exe [22202272 2020-01-17] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-3291336225-27683785-918294902-1000\...\Run: [Medal] => C:\Users\lucas\AppData\Local\Medal\update.exe [1845072 2020-01-12] (Ferox Games B.V. -> )
HKU\S-1-5-21-3291336225-27683785-918294902-1000\...\Run: [ClownfishVoiceChanger] => E:\Program Files (x86)\ClownfishVoiceChanger\ClownfishVoiceChanger.exe [649448 2019-11-22] (BOGDAN BLAGOEV SHARKOV -> Bogdan Sharkov)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.122\Installer\chrmstp.exe [2020-04-21] (Google LLC -> Google LLC)
Lsa: [Authentication Packages] msv1_0 SshdPinAuthLsa
Startup: C:\Users\lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk [2020-04-23]
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corporation -> Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Voicemeeter (VB-Audio).LNK [2020-02-17]
ShortcutTarget: Voicemeeter (VB-Audio).LNK -> C:\Program Files (x86)\VB\Voicemeeter\voicemeeter.exe (Vincent Burel -> VB-AUDIO Software)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {186D2677-B7C7-4074-991C-CBB64AD3638B} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1876C7E1-B167-495E-A9CF-6A753614B01C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-11-04] (Google Inc -> Google LLC)
Task: {1A39A9F6-DE8E-4F9E-B954-07B90CFF4480} - System32\Tasks\Opera GX scheduled Autoupdate 1583519766 => C:\Users\lucas\AppData\Local\Programs\Opera GX\launcher.exe [1480216 2020-04-02] (Opera Software AS -> Opera Software)
Task: {259F0189-F405-4C04-B4D7-08632DED7033} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {48A23C28-5220-498E-8A83-985688272594} - System32\Tasks\SoftMakerUpdater => C:\Program Files (x86)\SoftMaker FreeOffice 2018\SoftMakerUpdaterTool.exe [6367440 2019-03-04] (SoftMaker Software GmbH -> )
Task: {4FA39BA7-D8D3-4378-8E5F-F868A53CA7EF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MpCmdRun.exe [480272 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {56F95233-90E9-445A-BFB8-3B70B7EC7AA9} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5D64262E-824A-4B69-80ED-7FD35331D479} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {675E6051-65D5-433C-80C4-1A994A753EDE} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6D7CA593-AD6A-4690-85DB-33C71D656ECE} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3022416 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {717ED51B-9142-4602-8995-002F1BE97AA7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MpCmdRun.exe [480272 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7C61D6B3-7E2E-4B85-A578-6CB0A5F0F93F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-11-04] (Google Inc -> Google LLC)
Task: {8336DF22-DC06-4D5F-A296-920FC262AF77} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C3334164-DDAD-4833-8BE7-B75F73C73F88} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C91730A2-37AE-4DBE-AF88-47718EAB1228} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CDEF63D7-BDBC-4E3B-AB1E-76CC9509FDDE} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3293168 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CF31B187-B17B-4192-8CB0-CE7EEFF39667} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MpCmdRun.exe [480272 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CFE7A544-8210-4F22-AAF8-04691C379660} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EF8DA3CF-DC6C-44E7-B546-7A92EE0A23EB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MpCmdRun.exe [480272 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{22cdd018-80ba-4bc0-a72c-0fcd243c042b}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{966ceb2c-341c-4ea9-a581-e56af8e894ff}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-3291336225-27683785-918294902-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2020-03-09] (Evernote Corporation -> Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)

FireFox:
========
FF DefaultProfile: zwcn2rx1.default
FF ProfilePath: C:\Users\lucas\AppData\Roaming\Comodo\IceDragon\Profiles\zwcn2rx1.default [2020-04-22]
FF Homepage: Comodo\IceDragon\Profiles\zwcn2rx1.default -> about:newtab
FF Extension: (Dark Reader) - C:\Users\lucas\AppData\Roaming\Comodo\IceDragon\Profiles\zwcn2rx1.default\Extensions\[email protected] [2020-04-03]
FF Extension: (Online Security Pro) - C:\Users\lucas\AppData\Roaming\Comodo\IceDragon\Profiles\zwcn2rx1.default\Extensions\[email protected] [2020-02-02]
FF Extension: (hxxps Enforcement) - C:\Users\lucas\AppData\Roaming\Comodo\IceDragon\Profiles\zwcn2rx1.default\Extensions\[email protected] [2019-03-15]
FF Extension: (Media Keys) - C:\Users\lucas\AppData\Roaming\Comodo\IceDragon\Profiles\zwcn2rx1.default\Extensions\[email protected] [2020-02-09]
FF Extension: (LastPass: Free Password Manager) - C:\Users\lucas\AppData\Roaming\Comodo\IceDragon\Profiles\zwcn2rx1.default\Extensions\[email protected] [2020-04-17]
FF Extension: (uBlock - free ad blocker) - C:\Users\lucas\AppData\Roaming\Comodo\IceDragon\Profiles\zwcn2rx1.default\Extensions\{2b10c1c8-a11f-4bad-fe9c-1c11e82cac42}.xpi [2020-02-02]
FF Extension: (Media Downloader) - C:\Users\lucas\AppData\Roaming\Comodo\IceDragon\Profiles\zwcn2rx1.default\Extensions\{5e9eca63-6e0d-47ce-9862-07d938121575}.xpi [2019-03-15] [Legacy]
FF Extension: (Persistent Video/Audio Volume) - C:\Users\lucas\AppData\Roaming\Comodo\IceDragon\Profiles\zwcn2rx1.default\Extensions\{6f06a23b-cde8-478b-b1b9-f559bb3e9e84}.xpi [2020-02-19]
FF Plugin-x32: @Videolan.org/vlc,version=3.0.8 -> E:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default [2020-04-25]
CHR StartupUrls: Default -> "hxxp://www.google.ca/"
CHR NewTab: Default -> Active:"chrome-extension://icpgjfneehieebagbmdbhnlpiopdcmna/main.html"
CHR Session Restore: Default -> is enabled.
CHR Extension: (Slides) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-11-04]
CHR Extension: (Web Video Downloader) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\adahebendgkgacfmpnmoddebbnfpfkcd [2019-11-23]
CHR Extension: (Free Download Manager) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmpjcflkgiildlgicmcieglgoilbfdp [2020-01-28]
CHR Extension: (Removes Taboola) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajdhffnbdccpannhhpeclanoojjloech [2019-11-06]
CHR Extension: (BetterTTV) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2020-04-22]
CHR Extension: (Docs) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-11-04]
CHR Extension: (Google Drive) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-11-04]
CHR Extension: (Reminders) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aplgdhgdhfeipojcjbhchmolaolealnd [2019-11-04]
CHR Extension: (Stencil) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjkdefgpgngdhagacbeajapgnoobjig [2019-11-06]
CHR Extension: (YouTube) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-11-04]
CHR Extension: (Honey) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2020-04-03]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-04-06]
CHR Extension: (Gmail™ Notifier) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\chchfhampioeijdffegkhnpccchjbfpk [2019-11-04]
CHR Extension: (uBlock Origin) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2020-04-21]
CHR Extension: (Tampermonkey) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2019-11-27]
CHR Extension: (Dark Reader) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\eimadpbcbfnmbkopoojfekhnkhdbieeh [2020-04-24]
CHR Extension: (ARC Welder) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\emfinbmielocnlhgmfkkmkngdoccbadn [2019-11-04]
CHR Extension: (Sheets) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-11-04]
CHR Extension: (Video Downloader PLUS) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhplmmllnpjjlncfjpbbpjadoeijkogc [2020-04-24]
CHR Extension: (Google Docs Offline) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-04-20]
CHR Extension: (Read Aloud: A Text to Speech Voice Reader) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhinadidafjejdhmfkjgnolgimiaplp [2020-03-16]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2020-04-16]
CHR Extension: (New Tab Redirect) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\icpgjfneehieebagbmdbhnlpiopdcmna [2019-11-04]
CHR Extension: (Twitch Live) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\iiljidcefnbhbpamageahhblhbbhhopm [2019-11-06]
CHR Extension: (Favicon Changer) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijaabbaphikljkkcbgpbaljfjpflpeoo [2019-11-06]
CHR Extension: (Reddit Notifier) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikingdipinldcfllekffnlgbojbbpilk [2019-11-06]
CHR Extension: (Chrome Remote Desktop) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2019-11-06]
CHR Extension: (GoodTwitter) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbanhionoclikdjnjlcmefiofgjimgca [2020-02-22]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2020-04-24]
CHR Extension: (Steam Database) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdbmhfkmnlmbkgbabkdealhhbfhlmmon [2019-12-05]
CHR Extension: (Get RSS Feed URL) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfghpdldaipanmkhfpdcjglncmilendn [2020-04-16]
CHR Extension: (The Great Suspender) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\klbibkeccnjlkjkiokjodocebajanakg [2019-11-27]
CHR Extension: (Morpheon Dark) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\mafbdhjdkjnoafhfelkjpchpaepjknad [2019-11-04]
CHR Extension: (Take Webpage Screenshots Entirely - FireShot) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg [2019-12-05]
CHR Extension: (Boomerang for Gmail) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdanidgdpmkimeiiojknlnekblgmpdll [2019-11-06]
CHR Extension: (App Runtime for Chrome (Beta)) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfaihdlpglflfgpfjcifdjdjcckigekc [2019-11-04]
CHR Extension: (DontBugMe) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\mknlnngolpglmlcadgdmlaokbfgppmma [2019-12-27]
CHR Extension: (Google Hangouts) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2019-11-06]
CHR Extension: (Google Images Restored) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncndcebmkibkhopclfdjfacgfholcghi [2020-04-20]
CHR Extension: (Rating Preview for Youtube) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nffaaiaecimonimfffldbfffnollobpc [2019-11-06]
CHR Extension: (Save to Pocket) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2019-11-04]
CHR Extension: (Chrome Web Store Payments) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-11-04]
CHR Extension: (Checker Plus for Gmail™) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj [2020-04-21]
CHR Extension: (Bookmax - Online Bookmark Manager) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjpkfadmfhloombfmmlllnbhkoehckm [2019-11-04]
CHR Extension: (Weather Forecast) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofobaelkgcpicbdoabokjlnmdcbjellg [2020-02-17]
CHR Extension: (Enhanced Steam) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\okadibdjfemgnhjiembecghcbfknbfhg [2019-11-06]
CHR Extension: (Mute Tab Shortcuts) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\opcjanmpjbdbdpnjfjbboacibokblbhl [2019-11-04]
CHR Extension: (Gmail) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-11-04]
CHR Extension: (Chrome Media Router) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-22]
CHR Profile: C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-12-27]
CHR Profile: C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Profile 1 [2020-02-19]
CHR Extension: (Slides) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-01-05]
CHR Extension: (BetterTTV) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2020-02-18]
CHR Extension: (Docs) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2020-01-05]
CHR Extension: (Google Drive) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-01-05]
CHR Extension: (YouTube) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-01-05]
CHR Extension: (uBlock Origin) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2020-02-19]
CHR Extension: (Dark Reader) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eimadpbcbfnmbkopoojfekhnkhdbieeh [2020-02-18]
CHR Extension: (Sheets) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-01-05]
CHR Extension: (Google Docs Offline) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-05]
CHR Extension: (Twitch Live) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\iiljidcefnbhbpamageahhblhbbhhopm [2020-01-07]
CHR Extension: (GoodTwitter) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jbanhionoclikdjnjlcmefiofgjimgca [2020-01-13]
CHR Extension: (Chrome Web Store Payments) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-01-05]
CHR Extension: (Gmail) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-01-05]
CHR Extension: (Chrome Media Router) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-02-19]
CHR Profile: C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Profile 2 [2020-04-25]
CHR Extension: (Slides) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-01-27]
CHR Extension: (Docs) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2020-01-27]
CHR Extension: (Google Drive) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-01-27]
CHR Extension: (Dark Reader) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\eimadpbcbfnmbkopoojfekhnkhdbieeh [2020-04-24]
CHR Extension: (uBlock - free ad blocker) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\epcnnfbjfcgphgdmggkamkmgojdagdnn [2020-01-27]
CHR Extension: (Sheets) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-01-27]
CHR Extension: (Google Docs Offline) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-04-22]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2020-04-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-01-27]
CHR Extension: (Gmail) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-01-27]
CHR Extension: (Chrome Media Router) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-22]
CHR Profile: C:\Users\lucas\AppData\Local\Google\Chrome\User Data\System Profile [2020-01-27]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3374160 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3103824 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8395968 2019-11-26] (BattlEye Innovations e.K. -> )
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [81280 2019-12-25] (Mixbyte Inc -> Freemake)
R2 IceDragonUpdater; E:\Program Files\Comodo\IceDragon\icedragon_updater.exe [2616792 2019-05-29] (Comodo Security Solutions, Inc. -> Comodo Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-03-07] (Malwarebytes Inc -> Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Origin Client Service; E:\Program Files (x86)\Origin\OriginClientService.exe [2495792 2020-04-18] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; E:\Program Files (x86)\Origin\OriginWebHelperService.exe [3447608 2020-04-18] (Electronic Arts, Inc. -> Electronic Arts)
R2 PrivateInternetAccessService; C:\Program Files\Private Internet Access\pia-service.exe [1571840 2020-02-06] (London Trust Media Incorporated -> )
S3 Rockstar Service; E:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1738368 2020-04-18] (Rockstar Games, Inc. -> Rockstar Games)
S3 sshd; C:\WINDOWS\System32\OpenSSH\sshd.exe [974848 2019-03-01] (Microsoft Windows -> )
S3 SshdBroker; C:\WINDOWS\System32\SshdBroker.dll [290816 2020-04-24] (Microsoft Windows -> Microsoft Corporation)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [339456 2013-11-20] (IDT, Inc.) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13216272 2020-03-20] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\NisSrv.exe [3294680 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MsMpEng.exe [103168 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 GPU-Z-v2; C:\Users\lucas\AppData\Local\Temp\GPU-Z-v2.sys [50216 2020-04-24] (TechPowerUp LLC -> ) <==== ATTENTION
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [214496 2020-04-24] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2020-03-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-04-24] (Malwarebytes Inc -> Malwarebytes)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_9952681a7bb1dfac\nvlddmkm.sys [23446968 2020-04-11] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2020-03-31] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [67456 2020-03-11] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [896752 2015-08-07] (Realtek Semiconductor Corp -> Realtek )
R3 SnapCameraVirtualDevice; C:\WINDOWS\System32\drivers\SnapCameraVirtualDevice.sys [2800232 2019-08-13] (Snap Inc. -> Windows (R) Win 7 DDK provider)
R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2017-07-28] (Valve Corp. -> )
R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2017-07-21] (Valve Corp. -> )
R3 STHDA; C:\WINDOWS\system32\DRIVERS\stwrt64.sys [551936 2013-11-20] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
R3 tap-pia-0901; C:\WINDOWS\System32\drivers\tap-pia-0901.sys [39944 2020-01-27] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R3 tilfilter; C:\WINDOWS\System32\drivers\TIxHCIlfilter.sys [34424 2016-08-20] (Texas Instruments, Inc. -> Texas Instruments, Inc.)
R3 tiufilter; C:\WINDOWS\System32\drivers\TIxHCIufilter.sys [39032 2016-08-20] (Texas Instruments, Inc. -> Texas Instruments, Inc.)
R3 VBAudioVMVAIOMME; C:\WINDOWS\System32\drivers\vbaudio_vmvaio64_win10.sys [71712 2020-02-16] (Vincent Burel -> Windows (R) Win 7 DDK provider)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45960 2020-03-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [391392 2020-03-25] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [59104 2020-03-25] (Microsoft Windows -> Microsoft Corporation)
R1 zeonetfilter; C:\WINDOWS\System32\drivers\zeonetfilter.sys [74816 2018-09-28] (Microsoft Windows Hardware Compatibility Publisher -> NOVNIFY LIMITED.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-04-25 02:41 - 2020-04-25 02:41 - 002282496 _____ (Farbar) C:\Users\lucas\Downloads\FRST64.exe
2020-04-24 23:51 - 2020-04-24 23:51 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-04-24 23:51 - 2020-04-24 23:51 - 000214496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-04-24 23:48 - 2020-04-24 23:48 - 000000093 _____ C:\Users\lucas\Desktop\test.bat
2020-04-24 20:59 - 2020-04-11 18:55 - 001729232 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2020-04-24 20:59 - 2020-04-11 18:55 - 001729232 _____ C:\WINDOWS\system32\vulkaninfo.exe
2020-04-24 20:59 - 2020-04-11 18:55 - 001329360 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-04-24 20:59 - 2020-04-11 18:55 - 001329360 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2020-04-24 20:59 - 2020-04-11 18:55 - 001078992 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2020-04-24 20:59 - 2020-04-11 18:55 - 001078992 _____ C:\WINDOWS\system32\vulkan-1.dll
2020-04-24 20:59 - 2020-04-11 18:55 - 000937680 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2020-04-24 20:59 - 2020-04-11 18:55 - 000937680 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2020-04-24 20:59 - 2020-04-11 18:55 - 000450280 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2020-04-24 20:59 - 2020-04-11 18:55 - 000346856 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2020-04-24 20:59 - 2020-04-11 18:54 - 011945872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2020-04-24 20:59 - 2020-04-11 18:54 - 010286480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2020-04-24 20:59 - 2020-04-11 18:53 - 017601632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2020-04-24 20:59 - 2020-04-11 18:53 - 005855856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2020-04-24 20:59 - 2020-04-11 18:53 - 005159520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2020-04-24 20:59 - 2020-04-11 18:53 - 002074232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2020-04-24 20:59 - 2020-04-11 18:53 - 001722480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6444587.dll
2020-04-24 20:59 - 2020-04-11 18:53 - 001566328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2020-04-24 20:59 - 2020-04-11 18:53 - 001483376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6444587.dll
2020-04-24 20:59 - 2020-04-11 18:53 - 001481328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2020-04-24 20:59 - 2020-04-11 18:53 - 001350792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2020-04-24 20:59 - 2020-04-11 18:53 - 001142200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2020-04-24 20:59 - 2020-04-11 18:53 - 001048504 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2020-04-24 20:59 - 2020-04-11 18:53 - 000817080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2020-04-24 20:59 - 2020-04-11 18:53 - 000679864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2020-04-24 20:59 - 2020-04-11 18:53 - 000676448 _____ C:\WINDOWS\system32\nvofapi64.dll
2020-04-24 20:59 - 2020-04-11 18:53 - 000546744 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2020-04-24 20:59 - 2020-04-11 18:53 - 000543160 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2020-04-24 20:57 - 2020-04-24 20:57 - 001359872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebManagement.exe
2020-04-24 20:57 - 2020-04-24 20:57 - 000961536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdp.dll
2020-04-24 20:57 - 2020-04-24 20:57 - 000637952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdp.dll
2020-04-24 20:57 - 2020-04-24 20:57 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\SshdBroker.dll
2020-04-24 20:57 - 2020-04-24 20:57 - 000111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SshdPinAuthLsa.dll
2020-04-24 20:56 - 2020-04-24 20:56 - 000000000 __RSD C:\WINDOWS\SysWOW64\WindowsDevicePortal
2020-04-24 20:56 - 2020-04-24 20:56 - 000000000 __RSD C:\WINDOWS\system32\WindowsDevicePortal
2020-04-24 20:56 - 2020-04-24 20:56 - 000000000 ___RD C:\WINDOWS\WebManagement
2020-04-24 20:56 - 2019-03-18 19:32 - 000516648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftWebDriver.exe
2020-04-24 20:56 - 2019-03-18 18:27 - 000393768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftWebDriver.exe
2020-04-24 20:56 - 2019-03-18 15:19 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeployUtil.exe
2020-04-24 20:56 - 2019-03-18 15:19 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperTools.ProxyStub.dll
2020-04-24 20:56 - 2019-03-18 15:18 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\debugregsvcapi.dll
2020-04-24 20:56 - 2019-03-18 15:17 - 000099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevToolsLauncher.exe
2020-04-24 20:56 - 2019-03-18 15:16 - 000296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\PerceptionSimulationREST.dll
2020-04-24 20:56 - 2019-03-18 15:16 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperToolsSvc.exe
2020-04-24 20:56 - 2019-03-18 15:15 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperSetupCSP.dll
2020-04-24 20:56 - 2019-03-18 15:13 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\debugregsvc.dll
2020-04-24 02:12 - 2020-04-24 02:12 - 000586388 _____ C:\Users\lucas\Downloads\Barbara W. Tuchman - The Guns of August-Ballantine Books (1994).epub
2020-04-23 18:18 - 2020-04-23 18:18 - 158222309 _____ C:\Users\lucas\Downloads\Collateral Murder 10 years on_ Short documentary-1080p.mp4
2020-04-23 11:47 - 2020-04-23 11:47 - 000003582 _____ C:\Users\lucas\Documents\GameNotes
2020-04-23 11:02 - 2020-04-23 11:02 - 000000000 ____D C:\Users\lucas\Evernote
2020-04-23 11:01 - 2020-04-23 11:01 - 000002523 _____ C:\Users\Public\Desktop\Evernote.lnk
2020-04-23 11:01 - 2020-04-23 11:01 - 000002523 _____ C:\ProgramData\Desktop\Evernote.lnk
2020-04-23 11:01 - 2020-04-23 11:01 - 000000000 ____D C:\Users\lucas\AppData\LocalLow\Evernote
2020-04-23 11:01 - 2020-04-23 11:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
2020-04-23 11:01 - 2020-04-23 11:01 - 000000000 ____D C:\Program Files (x86)\Evernote
2020-04-23 11:00 - 2020-04-23 11:01 - 130880992 _____ (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Users\lucas\Downloads\Evernote_6.24.2.8919.exe
2020-04-23 00:19 - 2020-04-23 00:19 - 000279316 _____ C:\Users\lucas\Desktop\ProcessorPurchase.pdf
2020-04-22 03:48 - 2020-04-22 03:48 - 008538164 _____ C:\Users\lucas\Desktop\DeadsideDistanceToBuild.psd
2020-04-22 03:15 - 2020-04-22 03:19 - 069551014 _____ C:\Users\lucas\Downloads\20086_720p.mp4.mp4
2020-04-20 03:25 - 2020-04-20 03:25 - 000000000 ____D C:\Users\lucas\AppData\Local\Deadside
2020-04-19 21:00 - 2020-04-19 21:00 - 000000000 ____D C:\Users\lucas\AppData\Local\THG_DEMO_3
2020-04-19 13:10 - 2020-04-19 13:43 - 1016995651 _____ C:\Users\lucas\Downloads\Titanic_Honor_and_Glory_Demo_3.zip
2020-04-19 00:22 - 2020-04-19 00:22 - 000001089 _____ C:\Users\Public\Desktop\STAR WARS Battlefront II.lnk
2020-04-19 00:22 - 2020-04-19 00:22 - 000001089 _____ C:\ProgramData\Desktop\STAR WARS Battlefront II.lnk
2020-04-19 00:19 - 2020-04-19 00:19 - 000625141 _____ C:\Users\lucas\Documents\CanadianTireHours.pdf
2020-04-18 21:50 - 2020-04-18 21:50 - 000001273 _____ C:\Users\lucas\Desktop\Start Lucasland.lnk
2020-04-18 19:47 - 2020-04-18 19:49 - 325828601 _____ C:\Users\lucas\Downloads\big.mp4.mp4
2020-04-16 00:16 - 2020-04-16 00:16 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-04-16 00:16 - 2020-04-16 00:16 - 022636544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-04-16 00:16 - 2020-04-16 00:16 - 019850240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-04-16 00:16 - 2020-04-16 00:16 - 019812864 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-04-16 00:16 - 2020-04-16 00:16 - 018027520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-04-16 00:16 - 2020-04-16 00:16 - 008013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-04-16 00:16 - 2020-04-16 00:16 - 007756800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-04-16 00:16 - 2020-04-16 00:16 - 007017472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-04-16 00:16 - 2020-04-16 00:16 - 005910016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-04-16 00:16 - 2020-04-16 00:16 - 004611584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-04-16 00:16 - 2020-04-16 00:16 - 004129624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-04-16 00:16 - 2020-04-16 00:16 - 003512320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-04-16 00:16 - 2020-04-16 00:16 - 002951832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2020-04-16 00:16 - 2020-04-16 00:16 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSAT.exe
2020-04-16 00:16 - 2020-04-16 00:16 - 002494744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-04-16 00:16 - 2020-04-16 00:16 - 002180408 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2020-04-16 00:16 - 2020-04-16 00:16 - 001870408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2020-04-16 00:16 - 2020-04-16 00:16 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-04-16 00:16 - 2020-04-16 00:16 - 001545216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2020-04-16 00:16 - 2020-04-16 00:16 - 001397576 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-04-16 00:16 - 2020-04-16 00:16 - 001310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-04-16 00:16 - 2020-04-16 00:16 - 001264640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2020-04-16 00:16 - 2020-04-16 00:16 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-04-16 00:16 - 2020-04-16 00:16 - 001077064 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-04-16 00:16 - 2020-04-16 00:16 - 001013000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-04-16 00:16 - 2020-04-16 00:16 - 001008128 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2020-04-16 00:16 - 2020-04-16 00:16 - 000983040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2020-04-16 00:16 - 2020-04-16 00:16 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-04-16 00:16 - 2020-04-16 00:16 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2020-04-16 00:16 - 2020-04-16 00:16 - 000783480 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-04-16 00:16 - 2020-04-16 00:16 - 000775696 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2020-04-16 00:16 - 2020-04-16 00:16 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-04-16 00:16 - 2020-04-16 00:16 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-04-16 00:16 - 2020-04-16 00:16 - 000686080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-04-16 00:16 - 2020-04-16 00:16 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2020-04-16 00:16 - 2020-04-16 00:16 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2020-04-16 00:16 - 2020-04-16 00:16 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2020-04-16 00:16 - 2020-04-16 00:16 - 000525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2020-04-16 00:16 - 2020-04-16 00:16 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2020-04-16 00:16 - 2020-04-16 00:16 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2020-04-16 00:16 - 2020-04-16 00:16 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2020-04-16 00:16 - 2020-04-16 00:16 - 000420152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2020-04-16 00:16 - 2020-04-16 00:16 - 000381440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2020-04-16 00:16 - 2020-04-16 00:16 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2020-04-16 00:16 - 2020-04-16 00:16 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2020-04-16 00:16 - 2020-04-16 00:16 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2020-04-16 00:16 - 2020-04-16 00:16 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbadmin.exe
2020-04-16 00:16 - 2020-04-16 00:16 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2020-04-16 00:16 - 2020-04-16 00:16 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasrad.dll
2020-04-16 00:16 - 2020-04-16 00:16 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-04-16 00:16 - 2020-04-16 00:16 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2020-04-16 00:16 - 2020-04-16 00:16 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumsvc.dll
2020-04-16 00:16 - 2020-04-16 00:16 - 000211256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-04-16 00:16 - 2020-04-16 00:16 - 000187392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasrad.dll
2020-04-16 00:16 - 2020-04-16 00:16 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.XamlHost.dll
2020-04-16 00:16 - 2020-04-16 00:16 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumsvc.dll
2020-04-16 00:16 - 2020-04-16 00:16 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-04-16 00:16 - 2020-04-16 00:16 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-04-16 00:16 - 2020-04-16 00:16 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-04-16 00:16 - 2020-04-16 00:16 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.XamlHost.dll
2020-04-16 00:16 - 2020-04-16 00:16 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2020-04-16 00:16 - 2020-04-16 00:16 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-04-16 00:16 - 2020-04-16 00:16 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-04-16 00:16 - 2020-04-16 00:16 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2020-04-16 00:16 - 2020-04-16 00:16 - 000093712 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2020-04-16 00:16 - 2020-04-16 00:16 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-04-16 00:16 - 2020-04-16 00:16 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasacct.dll
2020-04-16 00:16 - 2020-04-16 00:16 - 000084280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2020-04-16 00:16 - 2020-04-16 00:16 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-04-16 00:16 - 2020-04-16 00:16 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasacct.dll
2020-04-16 00:16 - 2020-04-16 00:16 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumapi.dll
2020-04-16 00:16 - 2020-04-16 00:16 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumapi.dll
2020-04-16 00:16 - 2020-04-16 00:16 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\iaspolcy.dll
2020-04-16 00:16 - 2020-04-16 00:16 - 000040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iaspolcy.dll
2020-04-16 00:16 - 2020-04-16 00:16 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ias.dll
2020-04-16 00:16 - 2020-04-16 00:16 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-04-16 00:16 - 2020-04-16 00:16 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-04-16 00:16 - 2020-04-16 00:16 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ias.dll
2020-04-16 00:16 - 2020-04-16 00:16 - 000021520 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2020-04-16 00:16 - 2020-04-16 00:16 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-04-16 00:16 - 2020-04-16 00:16 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-04-16 00:16 - 2020-04-16 00:16 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-04-16 00:16 - 2020-04-16 00:16 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-04-16 00:16 - 2020-04-16 00:16 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-04-16 00:16 - 2020-04-16 00:16 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-04-16 00:16 - 2020-04-16 00:16 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-04-16 00:16 - 2020-04-16 00:16 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-04-16 00:16 - 2020-04-16 00:16 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-04-16 00:16 - 2020-04-16 00:16 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-04-16 00:16 - 2020-04-16 00:16 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-04-16 00:16 - 2020-04-16 00:16 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-04-16 00:15 - 2020-04-16 00:15 - 017790464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 014818816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 009930552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-04-16 00:15 - 2020-04-16 00:15 - 007849216 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 007604584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 006523048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 006168064 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 005040640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 004563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-04-16 00:15 - 2020-04-16 00:15 - 004538880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 003802624 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 003753472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 003742544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-04-16 00:15 - 2020-04-16 00:15 - 003708928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 003587384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-04-16 00:15 - 2020-04-16 00:15 - 003547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 003109376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 002986808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-04-16 00:15 - 2020-04-16 00:15 - 002871608 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2020-04-16 00:15 - 2020-04-16 00:15 - 002800128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-04-16 00:15 - 2020-04-16 00:15 - 002767928 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 002717184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-04-16 00:15 - 2020-04-16 00:15 - 002453504 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 002131456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 002126144 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 002114560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 002086656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 001999960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 001960448 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 001945600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 001942528 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 001918976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 001783296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 001764336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 001762816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 001757096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-04-16 00:15 - 2020-04-16 00:15 - 001729024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 001726264 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 001719808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 001665216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 001656904 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 001646048 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 001612800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 001603584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 001512832 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2020-04-16 00:15 - 2020-04-16 00:15 - 001497600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 001484384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 001480192 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-04-16 00:15 - 2020-04-16 00:15 - 001477112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 001427456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 001413840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 001413704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 001378528 _____ (Microsoft Corporation) C:\WINDOWS\system32\webservices.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 001368576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 001368576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 001318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 001300280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hxxp.sys
2020-04-16 00:15 - 2020-04-16 00:15 - 001263856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2020-04-16 00:15 - 2020-04-16 00:15 - 001261808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 001257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 001245184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 001243648 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 001153024 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowsperformancerecordercontrol.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 001136128 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 001127424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 001083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 001081856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 001071616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 001055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 001011200 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 001009152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000993280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000982840 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhxxp.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000974336 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000915192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000912896 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000892416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000879616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-04-16 00:15 - 2020-04-16 00:15 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowsperformancerecordercontrol.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000865280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000865280 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000840704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2020-04-16 00:15 - 2020-04-16 00:15 - 000811320 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000785920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2020-04-16 00:15 - 2020-04-16 00:15 - 000768528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhxxp.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000759272 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000747320 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FlightSettings.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000722072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BTAGService.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000684560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000673704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000673464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2020-04-16 00:15 - 2020-04-16 00:15 - 000665088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000654912 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000647680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000638480 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000637240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2020-04-16 00:15 - 2020-04-16 00:15 - 000632832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000629760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000628616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000618296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-04-16 00:15 - 2020-04-16 00:15 - 000604984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000589384 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2020-04-16 00:15 - 2020-04-16 00:15 - 000561464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2020-04-16 00:15 - 2020-04-16 00:15 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-04-16 00:15 - 2020-04-16 00:15 - 000538160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000524264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2020-04-16 00:15 - 2020-04-16 00:15 - 000515600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000513576 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000510792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000507152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000491008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000487784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-04-16 00:15 - 2020-04-16 00:15 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000465208 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000459688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2020-04-16 00:15 - 2020-04-16 00:15 - 000456504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2020-04-16 00:15 - 2020-04-16 00:15 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-04-16 00:15 - 2020-04-16 00:15 - 000437560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2020-04-16 00:15 - 2020-04-16 00:15 - 000416016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000415760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000406480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\es.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000355328 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcApi.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpr.exe
2020-04-16 00:15 - 2020-04-16 00:15 - 000339304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\es.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2020-04-16 00:15 - 2020-04-16 00:15 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-04-16 00:15 - 2020-04-16 00:15 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000297272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2020-04-16 00:15 - 2020-04-16 00:15 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2020-04-16 00:15 - 2020-04-16 00:15 - 000277864 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2020-04-16 00:15 - 2020-04-16 00:15 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000268008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000259776 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoncli.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000251704 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000251392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2020-04-16 00:15 - 2020-04-16 00:15 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000231912 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000193848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2020-04-16 00:15 - 2020-04-16 00:15 - 000190048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logoncli.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000185952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000178192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2020-04-16 00:15 - 2020-04-16 00:15 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2020-04-16 00:15 - 2020-04-16 00:15 - 000164368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2020-04-16 00:15 - 2020-04-16 00:15 - 000163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000152408 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000151352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmbus.sys
2020-04-16 00:15 - 2020-04-16 00:15 - 000147696 _____ (Microsoft Corporation) C:\WINDOWS\system32\smss.exe
2020-04-16 00:15 - 2020-04-16 00:15 - 000142544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingUI.exe
2020-04-16 00:15 - 2020-04-16 00:15 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcDecoderHost.exe
2020-04-16 00:15 - 2020-04-16 00:15 - 000127280 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000123952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slc.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000115120 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2020-04-16 00:15 - 2020-04-16 00:15 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3msm.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000102216 _____ (Microsoft Corporation) C:\WINDOWS\system32\changepk.exe
2020-04-16 00:15 - 2020-04-16 00:15 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Custom.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3api.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000089912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2020-04-16 00:15 - 2020-04-16 00:15 - 000089336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2020-04-16 00:15 - 2020-04-16 00:15 - 000088352 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3api.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3msm.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Custom.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000071480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\keepaliveprovider.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000066624 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumcrypt.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudNotifications.exe
2020-04-16 00:15 - 2020-04-16 00:15 - 000059192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2020-04-16 00:15 - 2020-04-16 00:15 - 000058880 _____ C:\WINDOWS\system32\runexehelper.exe
2020-04-16 00:15 - 2020-04-16 00:15 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2020-04-16 00:15 - 2020-04-16 00:15 - 000050544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudNotifications.exe
2020-04-16 00:15 - 2020-04-16 00:15 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000047000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2020-04-16 00:15 - 2020-04-16 00:15 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.Common.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpgradeResultsUI.exe
2020-04-16 00:15 - 2020-04-16 00:15 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcProxyStubs.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2020-04-16 00:15 - 2020-04-16 00:15 - 000036152 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2020-04-16 00:15 - 2020-04-16 00:15 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxssrv.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000033080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hwpolicy.sys
2020-04-16 00:15 - 2020-04-16 00:15 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprtPS.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys
2020-04-16 00:15 - 2020-04-16 00:15 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmintegrator.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2020-04-16 00:15 - 2020-04-16 00:15 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicPS.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\flpydisk.sys
2020-04-16 00:15 - 2020-04-16 00:15 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Custom.ps.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbservicetrigger.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sfloppy.sys
2020-04-16 00:15 - 2020-04-16 00:15 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wksprtPS.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsunattend.exe
2020-04-16 00:15 - 2020-04-16 00:15 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Custom.ps.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\pacjsworker.exe
2020-04-16 00:15 - 2020-04-16 00:15 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2020-04-16 00:15 - 2020-04-16 00:15 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2020-04-16 00:09 - 2020-04-16 00:10 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-04-16 00:09 - 2020-04-16 00:10 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-04-14 23:24 - 2020-04-14 23:24 - 000662102 _____ C:\Users\lucas\Downloads\[Jack Ryan Book 5] Tom Clancy - Jack Ryan 05 The Cardinal of the Kremlin (1989, Berkley Books).epub
2020-04-14 23:23 - 2020-04-14 23:23 - 000711244 _____ C:\Users\lucas\Downloads\(Jack Ryan Book 3) Tom Clancy - Jack Ryan 03 Red Rabbit-Putnam Adult (2002).epub
2020-04-14 23:23 - 2020-04-14 23:23 - 000533388 _____ C:\Users\lucas\Downloads\(Jack Ryan Book 2) Tom Clancy - Jack Ryan 02 Patriot Games-Berkley (1988).epub
2020-04-14 23:21 - 2020-04-14 23:22 - 000874989 _____ C:\Users\lucas\Downloads\Tom Clancy - Hunt for Red October (Jack Ryan Novels) (1992).epub
2020-04-14 22:00 - 2020-04-22 06:11 - 000000000 ____D C:\Users\lucas\Documents\Autohotkey Scripts
2020-04-14 20:54 - 2020-04-14 21:59 - 000000633 _____ C:\Users\lucas\Documents\MenuTest.ahk
2020-04-14 03:04 - 2020-04-14 03:04 - 000392350 _____ C:\Users\lucas\Downloads\Online_Interiors (Version 0.4).zip
2020-04-14 03:00 - 2020-04-14 03:00 - 000044550 _____ C:\Users\lucas\Downloads\c6b6cf-Online Interiors V1 (Doomsday Heist Update).zip
2020-04-14 03:00 - 2020-04-14 03:00 - 000000000 ____D C:\Users\lucas\Downloads\e2e3f8-Online Interiors V1 (Doomsday Heist Update) - Hotfix
2020-04-14 02:59 - 2020-04-14 02:59 - 000044789 _____ C:\Users\lucas\Downloads\e2e3f8-Online Interiors V1 (Doomsday Heist Update) - Hotfix.zip
2020-04-14 02:45 - 2020-04-14 02:45 - 000002183 _____ C:\Users\lucas\Documents\TRPPlugins
2020-04-13 12:08 - 2020-04-13 12:13 - 000000000 ____D C:\Users\lucas\Desktop\Lucasland
2020-04-13 10:54 - 2020-04-13 10:54 - 000002097 _____ C:\Users\lucas\Downloads\esplugin_mysql (1).zip
2020-04-13 06:36 - 2020-04-13 06:36 - 000002097 _____ C:\Users\lucas\Downloads\esplugin_mysql.zip
2020-04-13 06:12 - 2020-04-13 06:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP
2020-04-13 06:07 - 2020-04-13 06:07 - 156159160 _____ (Bitnami) C:\Users\lucas\Downloads\xampp-windows-x64-7.4.4-0-VC15-installer.exe
2020-04-12 22:04 - 2020-04-12 22:04 - 000002155 _____ C:\Users\lucas\Desktop\Lucasland.lnk
2020-04-12 22:04 - 2020-04-12 22:04 - 000000000 ____D C:\Users\lucas\AppData\Local\ASP.NET
2020-04-12 21:50 - 2020-04-12 21:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git
2020-04-12 21:49 - 2020-04-12 21:49 - 046669192 _____ (The Git Development Community ) C:\Users\lucas\Downloads\Git-2.26.0-64-bit.exe
2020-04-11 21:47 - 2020-04-14 20:41 - 000005786 _____ C:\Users\lucas\Documents\NewGTARP.ahk
2020-04-11 21:09 - 2020-04-11 21:09 - 000001123 _____ C:\Users\lucas\Downloads\apm_syntax.zip
2020-04-10 22:56 - 2020-04-10 22:56 - 000003238 _____ C:\Users\lucas\Documents\Pixels.csv
2020-04-10 22:45 - 2020-04-11 22:09 - 000000024 _____ C:\Users\lucas\Documents\Pixels.txt
2020-04-10 19:19 - 2020-04-10 19:20 - 000000172 _____ C:\Users\lucas\Documents\testvar.ahk
2020-04-10 19:14 - 2020-04-10 22:49 - 000000657 _____ C:\Users\lucas\Documents\pixel.ahk
2020-04-09 14:37 - 2020-04-09 14:37 - 005223041 _____ C:\Users\lucas\Downloads\MenyooSP.zip
2020-04-09 14:33 - 2020-04-09 14:33 - 001239019 _____ C:\Users\lucas\Downloads\ScriptHookV_1.0.1868.1.zip
2020-04-09 14:32 - 2020-04-09 14:32 - 000210323 _____ C:\Users\lucas\Downloads\02f761-PC Trainer V 1.1.zip
2020-04-09 14:24 - 2020-04-11 00:06 - 000000977 _____ C:\Users\lucas\Documents\ahktest.ahk
2020-04-09 14:19 - 2020-04-09 14:19 - 000314984 _____ C:\Users\lucas\Downloads\keypose.zip
2020-04-09 14:19 - 2020-04-09 14:19 - 000000000 ____D C:\Users\lucas\Downloads\keypose
2020-04-09 14:17 - 2020-04-09 14:17 - 000001357 _____ C:\Users\lucas\Documents\Boat.ahk
2020-04-09 14:16 - 2020-04-09 14:16 - 000000000 ____D C:\Users\lucas\Downloads\ShowOff
2020-04-09 14:15 - 2020-04-09 14:15 - 000260400 _____ C:\Users\lucas\Downloads\ShowOff.zip
2020-04-08 19:42 - 2020-04-08 19:42 - 007094928 _____ (techPowerUp (www.techpowerup.com)) C:\Users\lucas\Downloads\GPU-Z.2.30.0.exe
2020-04-08 19:42 - 2020-04-08 19:42 - 000000000 ____D C:\Users\lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z
2020-04-01 23:25 - 2020-04-13 22:27 - 000000000 ____D C:\ProgramData\SoftMaker
2020-04-01 23:24 - 2020-04-22 03:31 - 000000000 ____D C:\Users\lucas\Documents\SoftMaker
2020-04-01 23:24 - 2020-04-05 13:29 - 000000000 ____D C:\Users\lucas\AppData\Roaming\SoftMaker
2020-04-01 23:24 - 2020-04-01 23:25 - 000000000 ____D C:\Program Files (x86)\SoftMaker FreeOffice 2018
2020-04-01 23:24 - 2020-04-01 23:24 - 000003854 _____ C:\WINDOWS\system32\Tasks\SoftMakerUpdater
2020-04-01 23:24 - 2020-04-01 23:24 - 000001830 _____ C:\Users\Public\Desktop\Presentations 2018.lnk
2020-04-01 23:24 - 2020-04-01 23:24 - 000001830 _____ C:\ProgramData\Desktop\Presentations 2018.lnk
2020-04-01 23:24 - 2020-04-01 23:24 - 000001802 _____ C:\Users\Public\Desktop\TextMaker 2018.lnk
2020-04-01 23:24 - 2020-04-01 23:24 - 000001802 _____ C:\Users\Public\Desktop\PlanMaker 2018.lnk
2020-04-01 23:24 - 2020-04-01 23:24 - 000001802 _____ C:\ProgramData\Desktop\TextMaker 2018.lnk
2020-04-01 23:24 - 2020-04-01 23:24 - 000001802 _____ C:\ProgramData\Desktop\PlanMaker 2018.lnk
2020-04-01 23:24 - 2020-04-01 23:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoftMaker FreeOffice 2018
2020-04-01 23:22 - 2020-04-01 23:23 - 116318208 _____ C:\Users\lucas\Downloads\freeoffice2018.msi
2020-04-01 22:42 - 2020-04-01 22:50 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-03-29 06:50 - 2020-03-29 06:50 - 000818166 _____ C:\Users\lucas\Desktop\TRPLog.txt
2020-03-28 23:49 - 2020-03-28 23:49 - 000000569 _____ C:\Users\Public\Desktop\DOOM Eternal.lnk
2020-03-28 23:49 - 2020-03-28 23:49 - 000000569 _____ C:\ProgramData\Desktop\DOOM Eternal.lnk

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-04-25 02:42 - 2020-01-22 12:22 - 000033605 _____ C:\Users\lucas\Downloads\FRST.txt
2020-04-25 02:42 - 2020-01-22 12:22 - 000000000 ____D C:\FRST
2020-04-25 02:28 - 2019-11-04 21:26 - 000000000 ____D C:\Users\lucas\AppData\Roaming\Discord
2020-04-25 02:15 - 2019-03-19 01:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-04-25 01:10 - 2020-01-12 19:48 - 000000002 _____ C:\Users\lucas\.babel.json
2020-04-25 01:10 - 2020-01-12 19:48 - 000000000 ____D C:\Users\lucas\Documents\Medal
2020-04-25 01:10 - 2020-01-12 19:47 - 000000000 ____D C:\Users\lucas\AppData\Roaming\Medal
2020-04-25 00:32 - 2020-01-11 17:03 - 000000000 ____D C:\Users\lucas\AppData\Local\Spotify
2020-04-24 23:57 - 2019-11-04 18:27 - 000840852 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-04-24 23:57 - 2019-03-19 01:50 - 000000000 ____D C:\WINDOWS\INF
2020-04-24 23:53 - 2019-11-04 22:17 - 000000000 ____D C:\ProgramData\NVIDIA
2020-04-24 23:51 - 2020-01-11 17:03 - 000000000 ____D C:\Users\lucas\AppData\Roaming\Spotify
2020-04-24 23:51 - 2020-01-10 03:42 - 000000619 _____ C:\Users\lucas\Documents\ClownfishVoiceChanger.ini
2020-04-24 23:51 - 2019-11-15 18:38 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-04-24 23:51 - 2019-11-04 22:16 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-04-24 23:50 - 2020-02-25 09:06 - 000004600 _____ C:\Users\lucas\AppData\Roaming\VoiceMeeterDefault.xml
2020-04-24 23:50 - 2019-03-19 01:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-04-24 21:14 - 2019-11-08 02:50 - 000000000 ____D C:\Users\lucas\AppData\Local\D3DSCache
2020-04-24 21:12 - 2019-03-19 01:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-04-24 21:11 - 2019-11-08 02:13 - 000000000 ____D C:\Users\lucas\AppData\Local\CrashDumps
2020-04-24 21:01 - 2019-11-06 22:18 - 000000000 ____D C:\Users\lucas\AppData\Local\NVIDIA
2020-04-24 20:57 - 2019-11-04 19:00 - 000000000 ____D C:\Users\lucas\AppData\Local\Packages
2020-04-24 20:57 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-04-24 20:56 - 2019-03-19 03:19 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2020-04-24 20:56 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\SystemApps
2020-04-24 20:54 - 2019-11-04 22:17 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2020-04-24 20:53 - 2019-11-06 22:18 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-24 20:53 - 2019-11-06 22:18 - 000004106 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-24 20:53 - 2019-11-06 22:18 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-24 20:53 - 2019-11-06 22:18 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-24 20:53 - 2019-11-06 22:18 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-24 20:53 - 2019-11-06 22:18 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-24 20:53 - 2019-11-06 22:18 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-24 20:53 - 2019-11-06 22:18 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-24 20:53 - 2019-11-06 22:18 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-24 20:53 - 2019-11-06 22:18 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-24 20:53 - 2019-11-04 22:17 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2020-04-24 20:53 - 2019-11-04 22:17 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2020-04-24 20:49 - 2020-01-05 07:43 - 000000000 ____D C:\Users\lucas\AppData\Local\FiveM
2020-04-24 12:05 - 2019-11-05 05:58 - 000000000 ____D C:\Users\lucas\AppData\Roaming\Kodi
2020-04-24 03:27 - 2019-11-17 07:08 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-04-24 03:27 - 2019-11-17 07:08 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2020-04-23 12:13 - 2019-11-04 20:35 - 000000000 ____D C:\Users\lucas\AppData\Roaming\vlc
2020-04-23 11:02 - 2019-11-04 18:59 - 000000000 ____D C:\Users\lucas
2020-04-22 01:28 - 2020-02-02 08:54 - 000000000 ____D C:\Users\lucas\AppData\LocalLow\Comodo
2020-04-22 00:18 - 2019-03-19 01:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-04-21 17:40 - 2019-11-04 19:09 - 000002307 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-04-20 03:25 - 2019-12-13 16:55 - 000000000 ____D C:\Users\lucas\AppData\Local\UnrealEngine
2020-04-20 03:25 - 2019-11-05 05:57 - 000000000 ____D C:\ProgramData\Package Cache
2020-04-20 03:24 - 2019-12-22 04:23 - 000000000 ____D C:\Users\lucas\AppData\Roaming\Origin
2020-04-20 03:24 - 2019-12-22 04:23 - 000000000 ____D C:\ProgramData\Origin
2020-04-18 21:16 - 2019-12-24 13:26 - 000000000 ____D C:\Program Files\Rockstar Games
2020-04-18 21:16 - 2019-12-24 13:26 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2020-04-18 20:44 - 2019-12-22 04:23 - 000000000 ____D C:\Users\lucas\AppData\Local\Origin
2020-04-17 23:26 - 2020-01-18 23:58 - 000002169 _____ C:\Users\lucas\Desktop\TwitchRP.lnk
2020-04-16 18:10 - 2019-11-04 22:13 - 000456992 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-04-16 18:10 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-04-16 18:10 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2020-04-16 18:10 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-04-16 18:10 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-04-16 18:10 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\Provisioning
2020-04-16 18:10 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-04-16 05:55 - 2020-01-23 04:43 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-04-14 01:49 - 2019-11-19 03:11 - 000000000 ____D C:\Users\lucas\AppData\Roaming\obs-studio
2020-04-14 01:39 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-04-13 13:41 - 2019-11-04 22:13 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-04-13 12:59 - 2020-01-05 07:50 - 000000000 ____D C:\Users\lucas\AppData\Local\DigitalEntitlements
2020-04-11 18:53 - 2020-03-23 16:49 - 015158384 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2020-04-11 18:53 - 2019-11-27 19:53 - 000811448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2020-04-11 18:53 - 2019-10-04 17:53 - 000655312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2020-04-11 18:52 - 2019-10-04 17:51 - 004927960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2020-04-11 18:51 - 2020-03-23 16:48 - 004195688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2020-04-08 19:58 - 2019-11-04 19:01 - 000003358 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3291336225-27683785-918294902-1000
2020-04-08 19:58 - 2019-11-04 19:01 - 000000000 ___RD C:\Users\lucas\OneDrive
2020-04-08 19:58 - 2019-11-04 18:59 - 000002368 _____ C:\Users\lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-04-07 14:58 - 2019-11-06 22:18 - 002799416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2020-04-07 14:58 - 2019-11-06 22:18 - 002159592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2020-04-07 14:58 - 2019-11-06 22:18 - 001314792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2020-04-06 14:37 - 2020-03-06 15:36 - 000004172 _____ C:\WINDOWS\system32\Tasks\Opera GX scheduled Autoupdate 1583519766
2020-04-06 14:37 - 2020-03-06 15:36 - 000001433 _____ C:\Users\lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera GX Browser.lnk
2020-04-04 19:03 - 2020-01-27 12:24 - 000002480 _____ C:\Users\lucas\Desktop\Emm (Blank) - Chrome.lnk
2020-04-04 14:49 - 2020-01-12 07:51 - 000004054 _____ C:\Users\lucas\Documents\TwitchRP
2020-04-03 21:21 - 2019-10-04 17:32 - 000057237 _____ C:\WINDOWS\system32\nvinfo.pb
2020-04-03 18:56 - 2019-11-04 22:17 - 005581808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2020-04-03 18:56 - 2019-11-04 22:17 - 002631664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2020-04-03 18:55 - 2019-11-04 22:17 - 001759032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2020-04-03 18:55 - 2019-11-04 22:17 - 001172464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2020-04-03 18:55 - 2019-11-04 22:17 - 000446264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2020-04-03 18:55 - 2019-11-04 22:17 - 000121144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2020-04-03 18:55 - 2019-11-04 22:17 - 000074736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2020-04-03 07:08 - 2019-11-04 22:17 - 009037867 _____ C:\WINDOWS\system32\nvcoproc.bin
2020-04-02 07:49 - 2019-11-04 21:06 - 000744808 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2020-04-01 22:42 - 2019-03-19 01:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-03-29 06:46 - 2020-01-05 07:50 - 000000000 ____D C:\Users\lucas\AppData\Roaming\CitizenFX
2020-03-27 19:56 - 2020-02-13 14:58 - 000001357 _____ C:\Users\lucas\Documents\FiveM.ahk
2020-03-27 02:55 - 2019-11-06 22:18 - 000170472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2020-03-27 02:55 - 2019-11-06 22:18 - 000146408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll

==================== Files in the root of some directories ========

2020-01-05 23:52 - 2019-01-11 17:30 - 000000248 _____ () C:\ProgramData\msdbsot.dll
2020-02-25 09:06 - 2020-04-24 23:50 - 000004600 _____ () C:\Users\lucas\AppData\Roaming\VoiceMeeterDefault.xml
2020-01-22 13:26 - 2020-01-22 23:08 - 000400419 _____ () C:\Users\lucas\AppData\Local\ars.cache
2020-01-22 13:27 - 2020-01-22 23:12 - 003810175 _____ () C:\Users\lucas\AppData\Local\census.cache
2020-01-22 13:04 - 2020-01-22 13:04 - 000000036 _____ () C:\Users\lucas\AppData\Local\housecall.guid.cache
2019-11-17 10:39 - 2019-11-17 10:39 - 000000000 _____ () C:\Users\lucas\AppData\Local\oobelibMkey.log
2019-12-24 05:48 - 2020-01-26 15:15 - 000007631 _____ () C:\Users\lucas\AppData\Local\Resmon.ResmonCfg
2020-01-22 13:07 - 2020-01-22 13:30 - 000000010 _____ () C:\Users\lucas\AppData\Local\sponge.last.runtime.cache

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
Attached Files
File Type: txt Addition.txt (45.4 KB, 9 views)
HisHighness is offline  
Sponsored Links
Advertisement
 
Old 04-26-2020, 06:40 AM   #4
Moderator
Security Team
 
Gary R's Avatar
 
Join Date: Jul 2008
Location: Yorkshire
Posts: 662
OS: W8.1 x64, Mint Cinnamon 19.2 x64, MX Linux x64



Sorry, didn't get a notification that you'd posted.

Looking over your logs now, get back to you as soon as I've finished.
__________________
Gary R is offline  
Old 04-26-2020, 07:29 AM   #5
Moderator
Security Team
 
Gary R's Avatar
 
Join Date: Jul 2008
Location: Yorkshire
Posts: 662
OS: W8.1 x64, Mint Cinnamon 19.2 x64, MX Linux x64



OK, there's a couple of things need attention, but before we do anything, I need a bit more information on some items (some I expect to be malicious, some I don't, but I need to check).

So ....
  • Start FRST in a similar manner to when you ran a scan earlier, but this time when it opens ....
  • Press Ctrl+y (Ctrl and y keys at the same time)
  • A blank randomly named .txt Notepad file will open.
  • Copy and paste the following into it ....
Code:
VirusTotal: C:\Users\lucas\AppData\Roaming\Microsoft\SoundMixer\SoundMixer.exe;E:\Program Files (x86)\Perixx Gaming mouse\SE61T-UserTools.exe;C:\Users\lucas\AppData\Local\Medal\update.exe;C:\WINDOWS\System32\OpenSSH\sshd.exe;C:\WINDOWS\System32\SshdBroker.dll;C:\Users\lucas\AppData\Local\Temp\GPU-Z-v2.sys;C:\WINDOWS\System32\drivers\SnapCameraVirtualDevice.sys;C:\WINDOWS\System32\drivers\vbaudio_vmvaio64_win10.sys
  • Press Ctrl+s to save fixlist.txt
NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system
  • Now press the Fix button once and wait.
  • FRST will process fixlist.txt
  • When finished, it will produce a log fixlog.txt in the same folder/directory as FRST64.exe
  • Please post me the log
__________________
Gary R is offline  
Old 04-26-2020, 09:02 PM   #6
Registered Member
 
Join Date: Dec 2005
Posts: 86
OS: Windows 10



Fix result of Farbar Recovery Scan Tool (x64) Version: 26-04-2020
Ran by lucas (27-04-2020 00:55:04) Run:1
Running from C:\Users\lucas\Downloads
Loaded Profiles: lucas (Available Profiles: lucas & Administrator)
Boot Mode: Normal
==============================================

fixlist content:
*****************
VirusTotal: C:\Users\lucas\AppData\Roaming\Microsoft\SoundMixer\SoundMixer.exe;E:\Program Files (x86)\Perixx Gaming mouse\SE61T-UserTools.exe;C:\Users\lucas\AppData\Local\Medal\update.exe;C:\WINDOWS\System32\OpenSSH\sshd.exe;C:\WINDOWS\System32\SshdBroker.dll;C:\Users\lucas\AppData\Local\Temp\GPU-Z-v2.sys;C:\WINDOWS\System32\drivers\SnapCameraVirtualDevice.sys;C:\WINDOWS\System32\drivers\vbaudio_vmvaio64_win10.sys

*****************

VirusTotal: C:\Users\lucas\AppData\Roaming\Microsoft\SoundMixer\SoundMixer.exe => hxxps://www.virustotal.com/file/b928dea30a7873e6afdc757835119673a6c9a7f6abd06ebacc914b0c9fd48ca5/analysis/1580686190/
VirusTotal: E:\Program Files (x86)\Perixx Gaming mouse\SE61T-UserTools.exe => hxxps://www.virustotal.com/file/4de13d87f65a47da70db6a53778e53ef3844c6c5d5c73c1f81bf873b879d2bf9/analysis/1565630189/
VirusTotal: C:\Users\lucas\AppData\Local\Medal\update.exe => hxxps://www.virustotal.com/file/42946f4a18a2adb33249146fdba12e314b0cf268df0e2adda0d9f32acebf956b/analysis/1574061551/
VirusTotal: C:\WINDOWS\System32\OpenSSH\sshd.exe => hxxps://www.virustotal.com/file/731e8034cb953abcd0fc86400ad55113efa302f77d276213198a76065601576b/analysis/1587231826/
VirusTotal: C:\WINDOWS\System32\SshdBroker.dll => hxxps://www.virustotal.com/file/af380343ae2a04b712e6a577508a8700e7713b88dd841ba48abbae1febfa9137/analysis/1574075855/
VirusTotal: C:\Users\lucas\AppData\Local\Temp\GPU-Z-v2.sys => hxxps://www.virustotal.com/file/486fb6aa996a2940cbbf4c2edf0523f7d463643d3d59eb09c5e1a74d67041a03/analysis/1579915522/
VirusTotal: C:\WINDOWS\System32\drivers\SnapCameraVirtualDevice.sys => hxxps://www.virustotal.com/file/70de6aedb8728b6be2abba29818afc36ef7ad3691089121b6d50d6fae7fc85bf/analysis/1569086061/
VirusTotal: C:\WINDOWS\System32\drivers\vbaudio_vmvaio64_win10.sys => hxxps://www.virustotal.com/file/c8d985ad4e3b52a9e2f77f6dde28effb66dac9f607892855e89e87ec269677cf/analysis/1548096001/

==== End of Fixlog 00:57:09 ====
HisHighness is offline  
Old 04-26-2020, 10:10 PM   #7
Moderator
Security Team
 
Gary R's Avatar
 
Join Date: Jul 2008
Location: Yorkshire
Posts: 662
OS: W8.1 x64, Mint Cinnamon 19.2 x64, MX Linux x64



OK, let's deal with what your FRST logs show, and see where it gets us.
  • Start FRST in a similar manner to when you ran a scan earlier, but this time when it opens ....
  • Press Ctrl+y (Ctrl and y keys at the same time)
  • A blank randomly named .txt Notepad file will open.
  • Copy and paste the following into it ....
Code:
(SoundMixer) [File not signed] C:\Users\lucas\AppData\Roaming\Microsoft\SoundMixer\SoundMixer.exe
HKU\S-1-5-21-3291336225-27683785-918294902-1000\...\Run: [Medal] => C:\Users\lucas\AppData\Local\Medal\update.exe [1845072 2020-01-12] (Ferox Games B.V. -> )
C:\Users\lucas\AppData\Local\Medal\update.exe
FirewallRules: [{859F3DF6-25C5-450C-820A-7BA98B05F374}] => (Allow) C:\Users\lucas\AppData\Local\Temp\HouseCall\tmase\nmap\nmap.exe No File
FirewallRules: [{006EE962-3751-4976-A239-8E4721F73B83}] => (Allow) C:\Users\lucas\AppData\Local\Temp\HouseCall\tmase\nmap\nmap.exe No File
FirewallRules: [{CB72D15B-C86B-4CBF-A2C7-CBB6947DA04F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe No File
FirewallRules: [{63EF04BF-C529-47C6-BD7E-75CC03E9F11F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe No File
FirewallRules: [TCP Query User{D0496311-6716-4B22-9E0B-3BFF7BE48D24}C:\users\lucas\desktop\fivem server\fxserver.exe] => (Allow) C:\users\lucas\desktop\fivem server\fxserver.exe No File
FirewallRules: [UDP Query User{0EF77327-7CB3-4BA2-A430-C9ECAD2AEF52}C:\users\lucas\desktop\fivem server\fxserver.exe] => (Allow) C:\users\lucas\desktop\fivem server\fxserver.exe No File
FirewallRules: [TCP Query User{96B7BDDA-6E3B-4F25-AC60-7154BA4C4E24}C:\users\lucas\desktop\fivem-server\fxserver.exe] => (Allow) C:\users\lucas\desktop\fivem-server\fxserver.exe No File
FirewallRules: [UDP Query User{8FA8E91E-7AA7-4615-8F7D-AACA9560C2C4}C:\users\lucas\desktop\fivem-server\fxserver.exe] => (Allow) C:\users\lucas\desktop\fivem-server\fxserver.exe No File
FirewallRules: [TCP Query User{B915437A-2D29-45FB-9245-A156D5EB16B6}C:\users\lucas\desktop\defiantrp\fxserver.exe] => (Allow) C:\users\lucas\desktop\defiantrp\fxserver.exe No File
FirewallRules: [UDP Query User{11E015B3-8408-4FAE-BF7E-28D5128CAA18}C:\users\lucas\desktop\defiantrp\fxserver.exe] => (Allow) C:\users\lucas\desktop\defiantrp\fxserver.exe No File
FirewallRules: [OpenSSH-Server-In-TCP] => (Allow) %SystemRoot%\system32\OpenSSH\sshd.exe No File
  • Press Ctrl+s to save fixlist.txt
NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system
  • Now press the Fix button once and wait.
  • FRST will process fixlist.txt
  • When finished, it will produce a log fixlog.txt in the same folder/directory as FRST64.exe
  • Please post me the log

Next ....

I'd like you to run an online scan for me ...

Download ESET Online Scanner and save it to your desktop.
  • Right-click on esetonlinescanner_enu.exe and select Run as Administrator.
  • When the tool opens, click Get Started.
  • Read and accept the license agreement.
  • At the Welcome to ESET Online Scanner window, click Get Started.
  • Select whether you would like to send anonymous data to ESET.
  • Note: if you see the "Welcome Back to ESET Online Scanner" screen, click Computer Scan > Full Scan.
  • Click on the Full Scan option.
  • Select Enable ESET to detect and remove potentially unwanted applications, then click Start scan.
  • ESET will now begin scanning your computer. This may take some time.
  • When the scan is finished and if threats have been detected, select Save scan log. Save it to your desktop as eset.txt. Click on Continue.
  • ESET Online Scanner may ask if you'd like to turn on the Periodic Scan feature. Click on Continue.
  • On the next screen, you can leave feedback about the program if you wish. Check the box for Delete application data on closing. If you left feedback, click Submit and continue. If not, Close without feedback.
  • Open the scan log on your desktop (eset.txt) and copy and paste its contents into your next reply.
__________________
Gary R is offline  
Old 04-27-2020, 05:11 AM   #8
Registered Member
 
Join Date: Dec 2005
Posts: 86
OS: Windows 10



4/27/2020 941 AM
Files scanned: 1309048
Detected files: 15
Cleaned files: 15
Total scan time 04:47:45
Scan status: Finished


C:\Users\lucas\AppData\Roaming\Microsoft\SoundMixer\SoundMixer.exe a variant of Win64/Packed.Themida.IY trojan cleaned by deleting
C:\Windows.old\Users\luca\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc\31.2.9_0\js\contentScripts\contentScript.js JS/Chromex.Agent.AP trojan cleaned by deleting
C:\Windows.old\Users\luca\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc\31.2.9_0\js\background.js JS/Chromex.Agent.AP trojan cleaned by deleting
C:\Windows.old\Users\luca\AppData\Roaming\Microsoft\SoundMixer\SoundMixer.exe a variant of Win64/Packed.Themida.IY trojan cleaned by deleting
C:\Windows.old\Users\luca\AppData\Roaming\pacificpoker\WebInstaller.exe a variant of Win32/CasinoRandLogic.A potentially unwanted application cleaned by deleting
D:\Downloads\888poker_installer.exe a variant of Win32/CasinoRandLogic.A potentially unwanted application cleaned by deleting
D:\Downloads\networx_setup.exe Win32/NetFilter.AK potentially unsafe application cleaned by deleting
E:\Users\luca\Pictures\duplicate-file-finder-setup.exe Win32/Auslogics.AA potentially unwanted application,a variant of Win32/Auslogics.AA potentially unwanted application cleaned by deleting
F:\C Documents\Pre Sep 2018\Pre January 2018\EasyPHP-Webserver-14.1b2-setup.exe Win32/ServiceEx.A potentially unsafe application cleaned by deleting
F:\C Documents\Pre Sep 2018\Pre January 2018\voxal-voice-changer-1-03-en-win.exe a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application deleted
F:\FileHistory\luca\MAINPC\Data\E\Users\luca\Downloads\888poker_installer (2019_03_16 22_44_29 UTC).exe a variant of Win32/CasinoRandLogic.A potentially unwanted application cleaned by deleting
F:\FileHistory\luca\MAINPC\Data\E\Users\luca\Downloads\networx_setup (2019_03_29 14_46_56 UTC).exe Win32/NetFilter.AK potentially unsafe application cleaned by deleting
F:\FileHistory\luca\MAINPC\Data\E\Users\luca\Downloads\OptifineInstaller (1) (2019_07_24 19_14_46 UTC).exe Win32/InstallCore.Gen.A potentially unwanted application cleaned by deleting
F:\FileHistory\luca\MAINPC\Data\E\Users\luca\Downloads\OptifineInstaller (2019_07_24 19_14_46 UTC).exe Win32/InstallCore.Gen.A potentially unwanted application cleaned by deleting
F:\FileHistory\luca\MAINPC\Data\E\Users\luca\Pictures\duplicate-file-finder-setup (2019_11_01 19_38_54 UTC).exe Win32/Auslogics.AA potentially unwanted application,a variant of Win32/Auslogics.AA potentially unwanted application cleaned by deleting
HisHighness is offline  
Old 04-27-2020, 06:28 AM   #9
Moderator
Security Team
 
Gary R's Avatar
 
Join Date: Jul 2008
Location: Yorkshire
Posts: 662
OS: W8.1 x64, Mint Cinnamon 19.2 x64, MX Linux x64



Please run a new scan with FRST, and then post me the new FRST.txt and Addition.txt logs.

How is your computer behaving now ?
__________________
Gary R is offline  
Old 04-28-2020, 01:01 AM   #10
Registered Member
 
Join Date: Dec 2005
Posts: 86
OS: Windows 10



The problem that originally brought me here, not being able to open cmd, is fixed. :)

It said the text was too long for this post, so I just attached both of the logs, hopefully that is satisfactory.
Attached Files
File Type: txt Addition.txt (46.0 KB, 4 views)
File Type: txt FRST.txt (19.7 KB, 6 views)
HisHighness is offline  
Old 04-28-2020, 04:42 AM   #11
Moderator
Security Team
 
Gary R's Avatar
 
Join Date: Jul 2008
Location: Yorkshire
Posts: 662
OS: W8.1 x64, Mint Cinnamon 19.2 x64, MX Linux x64



Attaching them is fine. Looking over them now, to see if there's any sign of re-infection, back as soon as I've finished.
__________________
Gary R is offline  
Old 04-28-2020, 04:46 AM   #12
Moderator
Security Team
 
Gary R's Avatar
 
Join Date: Jul 2008
Location: Yorkshire
Posts: 662
OS: W8.1 x64, Mint Cinnamon 19.2 x64, MX Linux x64



Don't know what you did with the FRST.txt, but I'm not getting the log, just a lot of source code for a web page.

Please try attaching your FRST.txt again please.

No need for the Attach.txt, because that's OK.
__________________
Gary R is offline  
Old 04-28-2020, 05:37 AM   #13
Registered Member
 
Join Date: Dec 2005
Posts: 86
OS: Windows 10



Weird, try it now.
Attached Files
File Type: txt FRST.txt (101.9 KB, 6 views)
HisHighness is offline  
Old 04-28-2020, 05:52 AM   #14
Moderator
Security Team
 
Gary R's Avatar
 
Join Date: Jul 2008
Location: Yorkshire
Posts: 662
OS: W8.1 x64, Mint Cinnamon 19.2 x64, MX Linux x64



OK, that one looks good.

Looking it over now, back when finished.
__________________
Gary R is offline  
Old 04-28-2020, 06:05 AM   #15
Moderator
Security Team
 
Gary R's Avatar
 
Join Date: Jul 2008
Location: Yorkshire
Posts: 662
OS: W8.1 x64, Mint Cinnamon 19.2 x64, MX Linux x64



Question ... you have a large number of Chrome Extensions installed ...

Quote:
CHR Extension: (Slides) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-11-04]
CHR Extension: (Web Video Downloader) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\adahebendgkgacfmpnmoddebbnfpfkcd [2019-11-23]
CHR Extension: (Free Download Manager) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmpjcflkgiildlgicmcieglgoilbfdp [2020-01-28]
CHR Extension: (Removes Taboola) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajdhffnbdccpannhhpeclanoojjloech [2019-11-06]
CHR Extension: (BetterTTV) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2020-04-22]
CHR Extension: (Docs) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-11-04]
CHR Extension: (Google Drive) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-11-04]
CHR Extension: (Reminders) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aplgdhgdhfeipojcjbhchmolaolealnd [2019-11-04]
CHR Extension: (Stencil) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjkdefgpgngdhagacbeajapgnoobjig [2019-11-06]
CHR Extension: (YouTube) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-11-04]
CHR Extension: (Honey) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2020-04-03]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-04-06]
CHR Extension: (Gmail™ Notifier) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\chchfhampioeijdffegkhnpccchjbfpk [2019-11-04]
CHR Extension: (uBlock Origin) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2020-04-21]
CHR Extension: (Tampermonkey) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2019-11-27]
CHR Extension: (Dark Reader) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\eimadpbcbfnmbkopoojfekhnkhdbieeh [2020-04-24]
CHR Extension: (ARC Welder) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\emfinbmielocnlhgmfkkmkngdoccbadn [2019-11-04]
CHR Extension: (Emoji Keyboard - Emojis For Chrome) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbcgkphadgmbalmlklhbdagcicajenei [2020-04-27]
CHR Extension: (Sheets) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-11-04]
CHR Extension: (Video Downloader PLUS) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhplmmllnpjjlncfjpbbpjadoeijkogc [2020-04-24]
CHR Extension: (Google Docs Offline) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-04-20]
CHR Extension: (Read Aloud: A Text to Speech Voice Reader) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhinadidafjejdhmfkjgnolgimiaplp [2020-03-16]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2020-04-16]
CHR Extension: (New Tab Redirect) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\icpgjfneehieebagbmdbhnlpiopdcmna [2019-11-04]
CHR Extension: (Twitch Live) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\iiljidcefnbhbpamageahhblhbbhhopm [2019-11-06]
CHR Extension: (Favicon Changer) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijaabbaphikljkkcbgpbaljfjpflpeoo [2019-11-06]
CHR Extension: (Reddit Notifier) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikingdipinldcfllekffnlgbojbbpilk [2019-11-06]
CHR Extension: (Chrome Remote Desktop) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2019-11-06]
CHR Extension: (GoodTwitter) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbanhionoclikdjnjlcmefiofgjimgca [2020-02-22]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2020-04-24]
CHR Extension: (Steam Database) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdbmhfkmnlmbkgbabkdealhhbfhlmmon [2019-12-05]
CHR Extension: (Get RSS Feed URL) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfghpdldaipanmkhfpdcjglncmilendn [2020-04-16]
CHR Extension: (The Great Suspender) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\klbibkeccnjlkjkiokjodocebajanakg [2019-11-27]
CHR Extension: (Morpheon Dark) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\mafbdhjdkjnoafhfelkjpchpaepjknad [2019-11-04]
CHR Extension: (Take Webpage Screenshots Entirely - FireShot) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg [2019-12-05]
CHR Extension: (Boomerang for Gmail) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdanidgdpmkimeiiojknlnekblgmpdll [2019-11-06]
CHR Extension: (App Runtime for Chrome (Beta)) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfaihdlpglflfgpfjcifdjdjcckigekc [2019-11-04]
CHR Extension: (DontBugMe) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\mknlnngolpglmlcadgdmlaokbfgppmma [2019-12-27]
CHR Extension: (Google Hangouts) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2019-11-06]
CHR Extension: (Google Images Restored) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncndcebmkibkhopclfdjfacgfholcghi [2020-04-20]
CHR Extension: (Rating Preview for Youtube) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nffaaiaecimonimfffldbfffnollobpc [2019-11-06]
CHR Extension: (Save to Pocket) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2019-11-04]
CHR Extension: (Chrome Web Store Payments) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-11-04]
CHR Extension: (Checker Plus for Gmail™) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj [2020-04-21]
CHR Extension: (Bookmax - Online Bookmark Manager) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjpkfadmfhloombfmmlllnbhkoehckm [2019-11-04]
CHR Extension: (Weather Forecast) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofobaelkgcpicbdoabokjlnmdcbjellg [2020-02-17]
CHR Extension: (Enhanced Steam) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\okadibdjfemgnhjiembecghcbfknbfhg [2019-11-06]
CHR Extension: (Mute Tab Shortcuts) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\opcjanmpjbdbdpnjfjbboacibokblbhl [2019-11-04]
CHR Extension: (Gmail) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-11-04]
CHR Extension: (Chrome Media Router) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-22]
CHR Profile: C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-12-27]
CHR Profile: C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Profile 1 [2020-02-19]
CHR Extension: (Slides) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-01-05]
CHR Extension: (BetterTTV) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2020-02-18]
CHR Extension: (Docs) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2020-01-05]
CHR Extension: (Google Drive) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-01-05]
CHR Extension: (YouTube) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-01-05]
CHR Extension: (uBlock Origin) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2020-02-19]
CHR Extension: (Dark Reader) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eimadpbcbfnmbkopoojfekhnkhdbieeh [2020-02-18]
CHR Extension: (Sheets) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-01-05]
CHR Extension: (Google Docs Offline) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-05]
CHR Extension: (Twitch Live) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\iiljidcefnbhbpamageahhblhbbhhopm [2020-01-07]
CHR Extension: (GoodTwitter) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jbanhionoclikdjnjlcmefiofgjimgca [2020-01-13]
CHR Extension: (Chrome Web Store Payments) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-01-05]
CHR Extension: (Gmail) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-01-05]
CHR Extension: (Chrome Media Router) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-02-19]
CHR Profile: C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Profile 2 [2020-04-26]
CHR Extension: (Slides) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-01-27]
CHR Extension: (Docs) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2020-01-27]
CHR Extension: (Google Drive) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-01-27]
CHR Extension: (Dark Reader) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\eimadpbcbfnmbkopoojfekhnkhdbieeh [2020-04-24]
CHR Extension: (uBlock - free ad blocker) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\epcnnfbjfcgphgdmggkamkmgojdagdnn [2020-01-27]
CHR Extension: (Sheets) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-01-27]
CHR Extension: (Google Docs Offline) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-04-22]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2020-04-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-01-27]
CHR Extension: (Gmail) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-01-27]
CHR Extension: (Chrome Media Router) - C:\Users\lucas\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-22]
.... much more than most Users will commonly install.

Did you install all these yourself ? (please check through the list and unistall any that you do not recognise)

https://www.timeatlas.com/uninstall-chrome-extensions/
__________________
Gary R is offline  
Old 04-28-2020, 06:13 AM   #16
Registered Member
 
Join Date: Dec 2005
Posts: 86
OS: Windows 10



Yes, I installed all of them myself. I'm a pretty power Chrome user. lol
HisHighness is offline  
Old 04-28-2020, 07:46 AM   #17
Moderator
Security Team
 
Gary R's Avatar
 
Join Date: Jul 2008
Location: Yorkshire
Posts: 662
OS: W8.1 x64, Mint Cinnamon 19.2 x64, MX Linux x64



OK, well in that case, I don't see any signs of re-infection in your latest FRST logs, so if your computer is behaving normally then I think we can bring this topic to a conclusion.

If there is anything you'd like to bring to my attention, please tell me now. If not ...

To uninstall FRST and remove all its files, please do the following ...
  • Rename FRST64.exe to Uninstall.exe
  • Double click on Uninstall.exe to launch it.
    • Your computer will reboot, and on reboot will remove FRST and all its files.
__________________
Gary R is offline  
Old 04-28-2020, 12:35 PM   #18
Registered Member
 
Join Date: Dec 2005
Posts: 86
OS: Windows 10



The only other thing I was wondering is if you can point me in the direction of the best free programs to protect myself in the future, like malware protection, etc. If there are any that are recommended by the site.

Otherwise, thank you very kindly for your help!
HisHighness is offline  
Old 04-28-2020, 03:04 PM   #19
Moderator
Security Team
 
Gary R's Avatar
 
Join Date: Jul 2008
Location: Yorkshire
Posts: 662
OS: W8.1 x64, Mint Cinnamon 19.2 x64, MX Linux x64



It's not so much the programs you use to defend you that will determine how safe/secure you are online, but understanding what and where the risks are, and adjusting your browsing habits to minimise them.

A few years ago I wrote a brief article on computer security for another forum that I'm involved with ... https://www.malwareremoval.com/forum...557960#p557960 ... it's a bit dated now, but much of what I wrote then still holds true.

As far as Anti-Virus goes, I'd personally recommend Windows Defender (or whatever they're calling it these days) for a W10 user.
__________________
Gary R is offline  
Closed Thread

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is on
Smilies are on
[IMG] code is on
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Post a Question


» Site Navigation
 > FAQ
  > 10.0.0.2
Powered by vBadvanced CMPS v3.2.3


All times are GMT -7. The time now is 04:17 PM.


Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2020, vBulletin Solutions, Inc.
vBulletin Security provided by vBSecurity v2.2.2 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
User Alert System provided by Advanced User Tagging v3.1.0 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
Copyright 2001 - 2018, Tech Support Forum

Windows 10 - Windows 7 - Windows XP - Windows Vista - Trojan Removal - Spyware Removal - Virus Removal - Networking - Security - Top Web Hosts