Jump to content
thisisus

PC infected, please help

Recommended Posts

So idk how but i got infected, the text log uploaded is from yesterday scan but today the virus is still there because :

image.thumb.png.ccfaa59ef5d22b7607a9953af0116594.png

 

 

 

-Software Information-
Version: 3.8.3.2965
Components Version: 1.0.613
Update Package Version: 1.0.12017
License: Free

-System Information-
OS: Windows 8.1
CPU: x64
File System: NTFS
User: SLOW\Administrator

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 231122
Threats Detected: 7
Threats Quarantined: 7
Time Elapsed: 1 min, 7 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 3
Trojan.Agent.VBS, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\nv4drv, Quarantined, [1141], [256145],1.0.12017
Trojan.Agent.VBS, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{66F30F82-5B51-420C-A1BA-34A6605CA2A3}, Quarantined, [1141], [256145],1.0.12017
Trojan.Agent.VBS, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\BOOT\{66F30F82-5B51-420C-A1BA-34A6605CA2A3}, Quarantined, [1141], [256145],1.0.12017

Registry Value: 2
PUM.Optional.DisableMRT, HKLM\SOFTWARE\POLICIES\MICROSOFT\MRT|DONTOFFERTHROUGHWUAU, Quarantined, [7032], [676880],1.0.12017
PUM.Optional.DisableMRT, HKLM\SOFTWARE\WOW6432NODE\POLICIES\MICROSOFT\MRT|DONTOFFERTHROUGHWUAU, Quarantined, [7032], [676880],1.0.12017

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 2
Trojan.Agent.VBS, C:\WINDOWS\SYSTEM32\TASKS\nv4drv, Quarantined, [1141], [256145],1.0.12017
Trojan.Agent.VBS, C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\steam.vbe, Quarantined, [1141], [256145],1.0.12017

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)

 

12.txt

Share this post


Link to post
Share on other sites

Hello, Welcome to Malwarebytes.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Please download the Farbar Recovery Scan Tool (FRST).
Choose the 32 or 64 bit version for your system.
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

How to attach a file:
In the Reply section in the bottom of the topic Select Click the Choose a File.
Navigate to the location of the File.
Click the file. It will appear in section.
Click the Saving button.

Let me know what problems persists.

Wait for further instructions
====

 

p.s.

Let me know if  your Default Browser is Synced with other devices.

Share this post


Link to post
Share on other sites

Hello nasdaq and thank you for your time.

No, my browser was never synced with another device and only extension i ever use is ublock origin.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-08-2019
Ran by Administrator (administrator) on SLOW (Gigabyte Technology Co., Ltd. B250M-DS3H) (16-08-2019 19:18:00)
Running from C:\Users\Administrator\Desktop\malwarebytes helping
Loaded Profiles: Administrator (Available Profiles: Administrator)
Platform: Windows 8.1 Pro (Update) (X64) Language: English (United States)
Default browser: "C:\Program Files\ungoogled-chromium_67.0.3396.87-3_windows\ungoogled-chromium_67.0.3396.87-3_windows\chrome.exe" -- "%1"
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(BitTorrent Inc -> BitTorrent, Inc.) C:\Program Files (x86)\uTorrent\uTorrent.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Users\Administrator\AppData\Local\NVIDIA Corporation\GeForceNOW\CEF\GeForceNOWReliabilityMonitor.exe
(Power Technology -> ) C:\Program Files (x86)\DFX\DFX.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Symantec Corporation -> Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.3335.1000.105\Bin\ccSvcHst.exe
(Symantec Corporation -> Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.3335.1000.105\Bin\ccSvcHst.exe
(Symantec Corporation -> Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.3335.1000.105\Bin64\sepWscSvc64.exe
(Symantec Corporation -> Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.3335.1000.105\SAEP\IDS\bin\SISIDSService.exe
(Symantec Corporation -> Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.3335.1000.105\SAEP\IPS\bin\SISIPSService.exe
(Symantec Corporation -> Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.3335.1000.105\SAEP\IPS\bin\sisipsutil.exe
(The browser authors) [File not signed] C:\Program Files\iridiumbrowser-2019.04.73.0-x64\Iridium\iridium.exe
(The browser authors) [File not signed] C:\Program Files\iridiumbrowser-2019.04.73.0-x64\Iridium\iridium.exe
(The browser authors) [File not signed] C:\Program Files\iridiumbrowser-2019.04.73.0-x64\Iridium\iridium.exe
(The browser authors) [File not signed] C:\Program Files\iridiumbrowser-2019.04.73.0-x64\Iridium\iridium.exe
(The browser authors) [File not signed] C:\Program Files\iridiumbrowser-2019.04.73.0-x64\Iridium\iridium.exe
(The browser authors) [File not signed] C:\Program Files\iridiumbrowser-2019.04.73.0-x64\Iridium\iridium.exe
(The browser authors) [File not signed] C:\Program Files\iridiumbrowser-2019.04.73.0-x64\Iridium\iridium.exe
(The browser authors) [File not signed] C:\Program Files\iridiumbrowser-2019.04.73.0-x64\Iridium\iridium.exe
(The browser authors) [File not signed] C:\Program Files\iridiumbrowser-2019.04.73.0-x64\Iridium\iridium.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9246656 2018-01-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [DFX] => C:\Program Files (x86)\DFX\DFX.exe [1596920 2016-10-13] (Power Technology -> )
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-812530616-1256042744-1401089867-500\...\Run: [uTorrent] => C:\Program Files (x86)\uTorrent\uTorrent.exe [399224 2019-07-11] (BitTorrent Inc -> BitTorrent, Inc.)
HKU\S-1-5-21-812530616-1256042744-1401089867-500\...\MountPoints2: {22df4042-afc6-11e9-8289-e0d55e13580d} - "V:\setup.exe" 
HKU\S-1-5-21-812530616-1256042744-1401089867-500\...\MountPoints2: {22df40d5-afc6-11e9-8289-e0d55e13580d} - "W:\setup.exe" 
HKU\S-1-5-21-812530616-1256042744-1401089867-500\...\MountPoints2: {293c1aa3-a838-11e9-826d-e0d55e13580d} - "V:\setup.exe" 
HKU\S-1-5-21-812530616-1256042744-1401089867-500\...\MountPoints2: {72b91e23-bb15-11e9-82a2-e0d55e13580d} - "V:\setup.exe" 
HKU\S-1-5-21-812530616-1256042744-1401089867-500\...\MountPoints2: {cee1ddbd-ab19-11e9-827e-e0d55e13580d} - "V:\setup.exe" 
HKU\S-1-5-18\...\RunOnce: [HttpAcceptLanguageOptOut] => REG ADD "HKCU\Control Panel\International\User Profile" /v "HttpAcceptLanguageOptOut" /t REG_DWORD /f /d 1
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] -> "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] -> "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
GroupPolicy: Restriction ? <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1C05B376-82F0-4325-8DDE-6C06FF58EE2A} - System32\Tasks\Symantec Endpoint Protection\Symantec Endpoint Protection Error Processor => C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.3335.1000.105\Bin\SymErr.exe [92176 2019-05-16] (Symantec Corporation -> Symantec Corporation)
Task: {41A24699-31A3-45CB-9722-5BAFEFE71467} - System32\Tasks\Symantec Endpoint Protection\Symantec Endpoint Protection Error Analyzer => C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.3335.1000.105\Bin\SymErr.exe [92176 2019-05-16] (Symantec Corporation -> Symantec Corporation)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - \Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task -> No File <==== ATTENTION
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - \Microsoft\Windows\SkyDrive\Routine Maintenance Task -> No File <==== ATTENTION
Task: {95189B0F-4559-4552-A6E1-1FA0B4B69A09} - System32\Tasks\WindowsTaskCoreUpdate => C:\Windows\system32\config\systemprofile\AppData\Roaming\9DF77D326AF645409FBB9DC8B80B0CF6\B522F7446E844F82950A17C0F2CE2D74.vbe [24316 2019-08-16] () [File not signed] <==== ATTENTION
Task: {CCF10460-C7CA-4D81-A2B3-F6734FFB9E6B} - System32\Tasks\NVIDIA GeForceNow_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Users\Administrator\AppData\Local\NVIDIA Corporation\GeForceNOW\CEF\GeForceNOW.exe [3310392 2019-08-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D906264F-F0E2-4988-A01D-E663664AB94D} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 176.9.62.62 104.207.131.11 45.77.138.206
Tcpip\..\Interfaces\{F5DD2FEA-9BEC-4DF5-B66F-6DB9C33AF62E}: [DhcpNameServer] 176.9.62.62 104.207.131.11 45.77.138.206

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\S-1-5-21-812530616-1256042744-1401089867-500\Software\Microsoft\Internet Explorer\Main,Local Page = C:\ProgramData\LGMOBILEAX\B2C_Client\LGUserCSTool.exe
URLSearchHook: [S-1-5-21-812530616-1256042744-1401089867-500] ATTENTION => Default URLSearchHook is missing
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2014-01-21] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation -> Microsoft Corporation)

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 heCAF; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.3335.1000.105\SAEP\Common Agent Framework\CAFServiceMain.exe [3527360 2019-07-11] (Symantec Corporation -> Symantec Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe [775904 2018-09-14] (Intel(R) Trust Services -> Intel(R) Corporation)
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe [705760 2018-09-14] (Intel(R) Trust Services -> Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [218176 2018-11-16] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
S4 SepLpsService; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.3335.1000.105\Bin\ccSvcHst.exe [157888 2019-05-16] (Symantec Corporation -> Symantec Corporation)
R2 SepMasterService; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.3335.1000.105\Bin\ccSvcHst.exe [157888 2019-05-16] (Symantec Corporation -> Symantec Corporation)
R2 sepWscSvc; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.3335.1000.105\Bin64\sepWscSvc64.exe [1819688 2019-05-16] (Symantec Corporation -> Symantec Corporation)
R2 SISIDSService; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.3335.1000.105\SAEP\IDS\bin\SISIDSService.exe [7937216 2019-07-11] (Symantec Corporation -> Symantec Corporation)
R2 SISIPSService; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.3335.1000.105\SAEP\IPS\bin\SISIPSService.exe [100544 2019-07-11] (Symantec Corporation -> Symantec Corporation)
R2 SISIPSUtil; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.3335.1000.105\SAEP\IPS\bin\SISIPSUtil.exe [274624 2019-07-11] (Symantec Corporation -> Symantec Corporation)
S3 SNAC; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.3335.1000.105\Bin64\snac64.exe [391816 2019-05-16] (Symantec Corporation -> Symantec Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2019-07-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2019-07-12] (Microsoft Corporation -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 
S4 TermService; no ImagePath

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AndnetBus; C:\Windows\System32\drivers\lgandnetbus64.sys [30208 2018-10-23] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
S3 AndNetDiag; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys [30720 2018-10-16] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [37376 2018-10-16] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Broadcom Corporation -> Windows (R) Win 7 DDK provider)
R1 BHDrvx64; C:\ProgramData\Symantec\Symantec Endpoint Protection\14.2.3335.1000.105\Data\Definitions\BASHDefs\20190812.001\BHDrvx64.sys [1935880 2019-07-08] (Symantec Corporation -> Symantec Corporation)
R1 ccSettings_{32447444-08D5-4B62-AF83-EE909CE470C6}; C:\Windows\System32\Drivers\SEP\0E020D07\03E8.105\x64\ccSetx64.sys [179416 2019-05-16] (Symantec Corporation -> Symantec Corporation)
S3 DFX11_1; C:\Windows\system32\drivers\dfx11_1x64.sys [28008 2015-08-31] (Power Technology -> Windows (R) Win 7 DDK provider)
R3 DFX12; C:\Windows\system32\drivers\dfx12x64.sys [29688 2015-11-12] (Power Technology -> Windows (R) Win 7 DDK provider)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [515592 2019-07-15] (Symantec Corporation -> Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [153096 2019-07-16] (Symantec Corporation -> Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Symantec\Symantec Endpoint Protection\14.2.3335.1000.105\Data\Definitions\IPSDefs\20190815.061\IDSvia64.sys [1441800 2019-08-06] (Symantec Corporation -> Symantec Corporation)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [275232 2019-08-16] (Malwarebytes Corporation -> Malwarebytes)
S3 SISIDSRegDrv; C:\Windows\system32\Drivers\SISIDSRegDrv.sys [52608 2019-07-11] (Symantec Corporation -> Symantec Corporation)
S3 SISIPSDeviceFilter; C:\Windows\system32\Drivers\SISIPSDeviceFilter.sys [52608 2019-07-11] (Symantec Corporation -> Symantec Corporation)
R1 SISIPSDriver; C:\Windows\System32\Drivers\SISIPSDriver.sys [350080 2019-07-11] (Symantec Corporation -> Symantec Corporation)
S3 SISIPSFileFilter; C:\Windows\system32\Drivers\SISIPSFileFilter.sys [86912 2019-07-11] (Symantec Corporation -> Symantec Corporation)
S3 SISIPSNetFilter; C:\Windows\system32\Drivers\SISIPSNetFilter.sys [65920 2019-07-11] (Symantec Corporation -> Symantec Corporation)
R1 SRTSP; C:\Windows\System32\Drivers\SEP\0E020D07\03E8.105\x64\SRTSP64.SYS [833544 2019-05-16] (Symantec Corporation -> Symantec Corporation)
R1 SRTSPX; C:\Windows\System32\Drivers\SEP\0E020D07\03E8.105\x64\SRTSPX64.SYS [49672 2019-05-16] (Symantec Corporation -> Symantec Corporation)
S3 SyDvCtrl; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.3335.1000.105\Bin64\SyDvCtrl64.sys [44568 2019-05-16] (Symantec Corporation -> Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\symefasi\0603030.024\symefasi64.sys [1820680 2019-07-11] (Symantec Corporation -> Symantec Corporation)
S0 SymELAM; C:\Windows\System32\Drivers\SEP\0E020D07\03E8.105\x64\SymELAM.sys [26000 2019-05-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [99920 2019-07-11] (Symantec Corporation -> Symantec Corporation)
R1 SymIRON; C:\Windows\System32\Drivers\SEP\0E020D07\03E8.105\x64\Ironx64.SYS [311264 2019-05-16] (Symantec Corporation -> Symantec Corporation)
R1 SYMNETS; C:\Windows\System32\Drivers\SEP\0E020D07\03E8.105\x64\SYMNETS.SYS [567512 2019-05-16] (Symantec Corporation -> Symantec Corporation)
R1 SysPlant; C:\Windows\System32\Drivers\SysPlant.sys [230760 2019-07-11] (Symantec Corporation -> Symantec Corporation)
R1 Teefer2; C:\Windows\system32\DRIVERS\Teefer.sys [132992 2019-05-16] (Symantec Corporation -> Symantec Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2019-07-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2019-07-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2019-07-12] (Microsoft Windows -> Microsoft Corporation)
S3 andnetadb; \SystemRoot\System32\Drivers\lgandnetadb.sys [X]
U4 Fax; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-08-16 19:17 - 2019-08-16 19:18 - 000000000 ____D C:\FRST
2019-08-16 19:16 - 2019-08-16 19:18 - 000000000 ____D C:\Users\Administrator\Desktop\malwarebytes helping
2019-08-16 17:09 - 2019-08-16 17:09 - 000000000 ____D C:\Users\Administrator\AppData\Local\CrashDumps
2019-08-16 15:21 - 2019-08-16 15:21 - 000002097 _____ C:\Users\Administrator\Desktop\12.txt
2019-08-16 14:46 - 2019-08-16 14:46 - 000275232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-08-16 04:52 - 2019-08-16 04:52 - 000000000 ____D C:\Users\Administrator\Desktop\New folder
2019-08-15 18:14 - 2019-08-15 18:14 - 001767936 _____ (LG Electronics) C:\Users\Administrator\Downloads\LGD855_20140526_LGFLASHv160.dll
2019-08-15 18:01 - 2019-08-15 18:01 - 000000000 ____D C:\Users\Administrator\Downloads\LGD855AT-V10e-EUR-16G
2019-08-15 17:52 - 2019-08-15 17:54 - 2293825722 _____ C:\Users\Administrator\Downloads\LGD855AT-V10e-EUR-16G.zip
2019-08-15 17:46 - 2019-08-15 17:46 - 000373621 _____ C:\Users\Administrator\Downloads\LGD855_20140526_LGFLASHv160.rar
2019-08-15 15:30 - 2019-08-15 15:31 - 1375690597 _____ C:\Users\Administrator\Downloads\France D85530n_00_0816_2.kdz
2019-08-15 15:15 - 2019-08-15 15:15 - 000000000 ____D C:\Windows\LastGood.Tmp
2019-08-15 15:00 - 2019-08-15 15:00 - 011469430 _____ C:\Users\Administrator\Downloads\Setup_LGFlashTool_2.0.1.6-ieatacid.zip
2019-08-15 15:00 - 2019-08-15 15:00 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\LG
2019-08-15 15:00 - 2019-08-15 15:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LGFlashTool
2019-08-15 15:00 - 2019-08-15 15:00 - 000000000 ____D C:\ProgramData\Caphyon
2019-08-15 15:00 - 2019-08-15 15:00 - 000000000 ____D C:\LG
2019-08-15 14:52 - 2019-08-15 14:52 - 000266320 _____ C:\Windows\Minidump\081519-7265-01.dmp
2019-08-15 14:24 - 2019-08-15 14:24 - 000006656 _____ C:\Users\Administrator\Downloads\MegaLock.dll
2019-08-15 13:14 - 2019-08-15 13:14 - 004989927 _____ (Igor Pavlov) C:\Users\Administrator\Downloads\LG_Root_Script_by_avicohh.exe
2019-08-15 13:14 - 2019-08-15 13:14 - 000000000 ____D C:\Users\Administrator\Downloads\2
2019-08-15 13:08 - 2019-08-15 13:08 - 003279745 _____ C:\Users\Administrator\Downloads\LG_Flash_Tool_2014.zip
2019-08-15 13:04 - 2018-10-23 19:53 - 000030208 _____ (LG Electronics Inc.) C:\Windows\system32\Drivers\lgandnetbus64.sys
2019-08-15 13:04 - 2018-10-16 15:53 - 000037376 _____ (LG Electronics Inc.) C:\Windows\system32\Drivers\lgandnetmodem64.sys
2019-08-15 13:04 - 2018-10-16 15:51 - 000030720 _____ (LG Electronics Inc.) C:\Windows\system32\Drivers\lgandnetdiag64.sys
2019-08-15 13:02 - 2019-08-15 13:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG PC Suite
2019-08-15 12:54 - 2019-08-15 12:54 - 236671736 _____ (LG Electronics) C:\Users\Administrator\Downloads\LGPCSuite_Setup (1).exe
2019-08-15 12:54 - 2019-08-15 12:54 - 001763528 _____ (LG Electronics) C:\Users\Administrator\Downloads\LGMobileSupportTool (1).exe
2019-08-15 12:47 - 2019-08-15 20:32 - 000000000 ____D C:\LGMobileUpgrade
2019-08-15 12:45 - 2019-08-15 13:02 - 000000000 ____D C:\Users\Administrator\AppData\Local\LG Electronics
2019-08-15 12:44 - 2019-08-15 20:32 - 000002760 _____ C:\Windows\SysWOW64\lgAxconfig.ini
2019-08-15 12:44 - 2019-08-15 20:32 - 000000000 ____D C:\ProgramData\LGMOBILEAX
2019-08-15 12:44 - 2019-08-15 14:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LGMobile Support Tool
2019-08-15 12:44 - 2019-08-15 12:44 - 236671736 _____ (LG Electronics) C:\Users\Administrator\Downloads\LGPCSuite_Setup.exe
2019-08-15 12:44 - 2019-08-15 12:44 - 016714472 _____ (LG Electronics) C:\Users\Administrator\Downloads\LGMobileDriver_WHQL_Ver_4.4.2.exe
2019-08-15 12:44 - 2019-08-15 12:44 - 001763528 _____ (LG Electronics) C:\Users\Administrator\Downloads\LGMobileSupportTool.exe
2019-08-15 12:44 - 2018-10-23 03:45 - 001730376 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2019-08-15 12:44 - 2018-10-23 03:45 - 001011528 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller2.dll
2019-08-15 12:44 - 2011-05-06 10:37 - 000655872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr90.dll
2019-08-15 12:44 - 2011-05-06 10:37 - 000568832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp90.dll
2019-08-15 12:44 - 2011-05-06 10:37 - 000224768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcm90.dll
2019-08-15 12:44 - 2006-04-30 05:33 - 000053248 _____ () C:\Windows\SysWOW64\CommonDL.dll
2019-08-15 12:44 - 2005-11-19 23:34 - 000082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml4r.dll
2019-08-15 12:44 - 2005-09-29 22:39 - 000044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml4a.dll
2019-08-15 12:44 - 2005-09-07 11:51 - 001233920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml4.dll
2019-08-15 12:40 - 2019-08-15 12:40 - 065477416 _____ (LG Electronics) C:\Users\Administrator\Downloads\LGBridge_Setup.exe
2019-08-15 12:36 - 2019-08-15 12:37 - 1301025191 _____ C:\Users\Administrator\Downloads\Germany D85510A_00.kdz
2019-08-15 12:36 - 2019-08-15 12:36 - 017716428 _____ C:\Users\Administrator\Downloads\LGUP_LG_G3.zip
2019-08-15 12:32 - 2019-08-15 12:32 - 000266320 _____ C:\Windows\Minidump\081519-6312-01.dmp
2019-08-15 12:30 - 2019-08-15 14:52 - 723958176 _____ C:\Windows\MEMORY.DMP
2019-08-15 12:30 - 2019-08-15 14:52 - 000000000 ____D C:\Windows\Minidump
2019-08-15 12:30 - 2019-08-15 12:30 - 000266320 _____ C:\Windows\Minidump\081519-6562-01.dmp
2019-08-15 12:25 - 2019-08-15 12:25 - 000000000 ____D C:\Users\Administrator\.android
2019-08-15 12:23 - 2019-08-15 12:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG One Click Root
2019-08-15 12:23 - 2019-08-15 12:23 - 000000000 ____D C:\Program Files (x86)\avicohh software
2019-08-15 12:21 - 2019-08-15 12:21 - 011454688 _____ (LG Electronics) C:\Users\Administrator\Downloads\LGUnitedMobileDriver_S51MAN312AP22_ML_WHQL_Ver_3.12.3.exe
2019-08-15 12:18 - 2019-08-16 08:14 - 000000000 ____D C:\Program Files (x86)\LG Electronics
2019-08-15 12:16 - 2019-08-15 12:16 - 005443202 _____ (Igor Pavlov) C:\Users\Administrator\Downloads\LG_One_Click_Root_by_avicohh.exe
2019-08-15 12:16 - 2019-08-15 12:16 - 000000000 ____D C:\Users\Administrator\Downloads\1
2019-08-15 11:23 - 2019-08-15 11:23 - 000000000 ____D C:\Windows\pss
2019-08-15 11:10 - 2019-08-15 11:10 - 025754624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-08-15 11:10 - 2019-08-15 11:10 - 020291584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-08-15 11:10 - 2019-08-15 11:10 - 015390720 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-08-15 11:10 - 2019-08-15 11:10 - 013791744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-08-15 11:10 - 2019-08-15 11:10 - 007363048 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-08-15 11:10 - 2019-08-15 11:10 - 005775872 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-08-15 11:10 - 2019-08-15 11:10 - 004859392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-08-15 11:10 - 2019-08-15 11:10 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-08-15 11:10 - 2019-08-15 11:10 - 004387840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-08-15 11:10 - 2019-08-15 11:10 - 004169728 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-08-15 11:10 - 2019-08-15 11:10 - 002909184 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-08-15 11:10 - 2019-08-15 11:10 - 002535456 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2019-08-15 11:10 - 2019-08-15 11:10 - 002446072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2019-08-15 11:10 - 2019-08-15 11:10 - 002301952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-08-15 11:10 - 2019-08-15 11:10 - 002132480 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-08-15 11:10 - 2019-08-15 11:10 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2019-08-15 11:10 - 2019-08-15 11:10 - 001902960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2019-08-15 11:10 - 2019-08-15 11:10 - 001756672 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2019-08-15 11:10 - 2019-08-15 11:10 - 001566208 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-08-15 11:10 - 2019-08-15 11:10 - 001492992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2019-08-15 11:10 - 2019-08-15 11:10 - 001385912 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2019-08-15 11:10 - 2019-08-15 11:10 - 001368288 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2019-08-15 11:10 - 2019-08-15 11:10 - 001331200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-08-15 11:10 - 2019-08-15 11:10 - 001208320 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2019-08-15 11:10 - 2019-08-15 11:10 - 001136760 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-08-15 11:10 - 2019-08-15 11:10 - 001124800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2019-08-15 11:10 - 2019-08-15 11:10 - 001085440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2019-08-15 11:10 - 2019-08-15 11:10 - 001033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2019-08-15 11:10 - 2019-08-15 11:10 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2019-08-15 11:10 - 2019-08-15 11:10 - 000861184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-08-15 11:10 - 2019-08-15 11:10 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-08-15 11:10 - 2019-08-15 11:10 - 000806912 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2019-08-15 11:10 - 2019-08-15 11:10 - 000804872 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2019-08-15 11:10 - 2019-08-15 11:10 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-08-15 11:10 - 2019-08-15 11:10 - 000790528 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-08-15 11:10 - 2019-08-15 11:10 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-08-15 11:10 - 2019-08-15 11:10 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2019-08-15 11:10 - 2019-08-15 11:10 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-08-15 11:10 - 2019-08-15 11:10 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-08-15 11:10 - 2019-08-15 11:10 - 000611656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2019-08-15 11:10 - 2019-08-15 11:10 - 000578560 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-08-15 11:10 - 2019-08-15 11:10 - 000496128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-08-15 11:10 - 2019-08-15 11:10 - 000391168 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2019-08-15 11:10 - 2019-08-15 11:10 - 000381952 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-08-15 11:10 - 2019-08-15 11:10 - 000375296 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2019-08-15 11:10 - 2019-08-15 11:10 - 000364032 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
2019-08-15 11:10 - 2019-08-15 11:10 - 000360448 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2019-08-15 11:10 - 2019-08-15 11:10 - 000353280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2019-08-15 11:10 - 2019-08-15 11:10 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2019-08-15 11:10 - 2019-08-15 11:10 - 000333312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2019-08-15 11:10 - 2019-08-15 11:10 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2019-08-15 11:10 - 2019-08-15 11:10 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd2x40.dll
2019-08-15 11:10 - 2019-08-15 11:10 - 000292352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2019-08-15 11:10 - 2019-08-15 11:10 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2019-08-15 11:10 - 2019-08-15 11:10 - 000269312 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2019-08-15 11:10 - 2019-08-15 11:10 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2019-08-15 11:10 - 2019-08-15 11:10 - 000249344 _____ (Microsoft Corporation) C:\Windows\system32\ssdpsrv.dll
2019-08-15 11:10 - 2019-08-15 11:10 - 000230752 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll
2019-08-15 11:10 - 2019-08-15 11:10 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2019-08-15 11:10 - 2019-08-15 11:10 - 000228864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2019-08-15 11:10 - 2019-08-15 11:10 - 000186024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
2019-08-15 11:10 - 2019-08-15 11:10 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2019-08-15 11:10 - 2019-08-15 11:10 - 000160256 _____ (Microsoft Corporation) C:\Windows\system32\MicrosoftAccountTokenProvider.dll
2019-08-15 11:10 - 2019-08-15 11:10 - 000148992 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2019-08-15 11:10 - 2019-08-15 11:10 - 000145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2019-08-15 11:10 - 2019-08-15 11:10 - 000128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2019-08-15 11:10 - 2019-08-15 11:10 - 000117760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MicrosoftAccountTokenProvider.dll
2019-08-15 11:10 - 2019-08-15 11:10 - 000113664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2019-08-15 11:10 - 2019-08-15 11:10 - 000096768 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2019-08-15 11:10 - 2019-08-15 11:10 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2019-08-15 11:10 - 2019-08-15 11:10 - 000089088 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc.dll
2019-08-15 11:10 - 2019-08-15 11:10 - 000078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2019-08-15 11:10 - 2019-08-15 11:10 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2019-08-15 11:10 - 2019-08-15 11:10 - 000066048 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2019-08-15 11:10 - 2019-08-15 11:10 - 000065024 _____ (Microsoft Corporation) C:\Windows\system32\ssdpapi.dll
2019-08-15 11:10 - 2019-08-15 11:10 - 000064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc.dll
2019-08-15 11:10 - 2019-08-15 11:10 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2019-08-15 11:10 - 2019-08-15 11:10 - 000057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2019-08-15 11:10 - 2019-08-15 11:10 - 000053248 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthenum.sys
2019-08-15 11:10 - 2019-08-15 11:10 - 000052736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ssdpapi.dll
2019-08-15 10:33 - 2019-08-15 10:33 - 481136284 _____ C:\Users\Administrator\Downloads\windows8.1-kb4512488-x64_d5a1a3f96004791981bf0d469e724fb97be4377d.msu
2019-08-15 09:05 - 2019-08-15 09:05 - 000000000 ____D C:\Users\Administrator\AppData\Local\mbamtray
2019-08-15 09:05 - 2019-08-15 09:05 - 000000000 ____D C:\Users\Administrator\AppData\Local\mbam
2019-08-15 09:04 - 2019-08-15 09:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-08-15 09:04 - 2019-08-15 09:04 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-08-15 09:04 - 2019-08-15 09:04 - 000000000 ____D C:\Program Files\Malwarebytes
2019-08-15 09:04 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-08-15 07:46 - 2019-08-15 07:46 - 000000000 ____D C:\Windows\CSC
2019-08-15 07:37 - 2019-08-15 07:37 - 003718144 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2019-08-15 07:37 - 2019-08-15 07:37 - 002013432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2019-08-15 07:37 - 2019-08-15 07:37 - 001994240 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2019-08-15 07:37 - 2019-08-15 07:37 - 001712640 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2019-08-15 07:37 - 2019-08-15 07:37 - 001559552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2019-08-15 07:37 - 2019-08-15 07:37 - 001549824 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2019-08-15 07:37 - 2019-08-15 07:37 - 001349120 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2019-08-15 07:37 - 2019-08-15 07:37 - 000956416 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2019-08-15 07:37 - 2019-08-15 07:37 - 000910848 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2019-08-15 07:37 - 2019-08-15 07:37 - 000827392 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2019-08-15 07:37 - 2019-08-15 07:37 - 000801792 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2019-08-15 07:37 - 2019-08-15 07:37 - 000732160 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2019-08-15 07:37 - 2019-08-15 07:37 - 000634368 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2019-08-15 07:37 - 2019-08-15 07:37 - 000501760 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2019-08-15 07:37 - 2019-08-15 07:37 - 000456192 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2019-08-15 07:37 - 2019-08-15 07:37 - 000445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2019-08-15 07:37 - 2019-08-15 07:37 - 000333552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2019-08-15 07:37 - 2019-08-15 07:37 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2019-08-15 07:37 - 2019-08-15 07:37 - 000315904 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2019-08-15 07:37 - 2019-08-15 07:37 - 000302080 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2019-08-15 07:37 - 2019-08-15 07:37 - 000302080 _____ (Microsoft Corporation) C:\Windows\system32\ProximityService.dll
2019-08-15 07:37 - 2019-08-15 07:37 - 000293888 _____ (Microsoft Corporation) C:\Windows\system32\Dism.exe
2019-08-15 07:37 - 2019-08-15 07:37 - 000269312 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2019-08-15 07:37 - 2019-08-15 07:37 - 000257024 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2019-08-15 07:37 - 2019-08-15 07:37 - 000238080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2019-08-15 07:37 - 2019-08-15 07:37 - 000215040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Dism.exe
2019-08-15 07:37 - 2019-08-15 07:37 - 000214528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2019-08-15 07:37 - 2019-08-15 07:37 - 000175616 _____ (Microsoft Corporation) C:\Windows\system32\TpmTasks.dll
2019-08-15 07:37 - 2019-08-15 07:37 - 000169256 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2019-08-15 07:37 - 2019-08-15 07:37 - 000166912 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2019-08-15 07:37 - 2019-08-15 07:37 - 000143360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2019-08-15 07:37 - 2019-08-15 07:37 - 000136800 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2019-08-15 07:37 - 2019-08-15 07:37 - 000128512 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2019-08-15 06:43 - 2019-08-15 06:43 - 002669663 _____ C:\Users\Administrator\Downloads\uBlock0_1.21.7b8.chromium.zip
2019-08-13 07:22 - 2011-07-18 02:33 - 001919968 _____ (Microsoft Corporation) C:\Windows\system32\wdfcoinstaller01005.dll
2019-08-13 07:12 - 2019-08-13 07:12 - 000001128 _____ C:\ProgramData\Microsoft\Windows\Start Menu\LG PC Suite.Lnk
2019-08-13 07:03 - 2019-08-16 04:53 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2019-08-13 07:02 - 2019-08-16 04:53 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\WhatsApp
2019-08-13 07:02 - 2019-08-13 07:03 - 000000000 ____D C:\Users\Administrator\AppData\Local\SquirrelTemp
2019-08-13 06:27 - 2019-08-13 06:27 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2019-08-13 06:20 - 2019-08-15 13:03 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\LG Electronics
2019-08-13 06:20 - 2019-08-13 06:20 - 002356592 _____ (Microsoft Corporation) C:\Windows\system32\WudfUpdate_01011.dll
2019-08-13 06:20 - 2019-08-13 06:20 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_LGAirDrive_01_11_00.Wdf
2019-08-13 06:20 - 2019-08-13 06:20 - 000000000 ____D C:\Users\Administrator\Documents\LG Bridge
2019-08-11 07:08 - 2019-08-11 07:08 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\ECSoftware
2019-08-11 07:08 - 2019-08-11 07:08 - 000000000 ____D C:\Program Files (x86)\HexEdit
2019-08-11 06:50 - 2019-08-11 06:15 - 316872192 _____ C:\Users\Administrator\Downloads\BeyondTwoSouls.exe
2019-08-11 06:39 - 2019-08-11 06:39 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Mael Horz
2019-08-11 06:20 - 2019-08-11 06:20 - 000000000 ____D C:\Users\Administrator\Documents\Quantic Dream
2019-08-11 06:14 - 2019-08-11 06:15 - 000000000 ____D C:\Program Files\Epic Games
2019-08-11 06:07 - 2019-08-16 17:06 - 000000000 ____D C:\Users\Administrator\AppData\Local\EpicGamesLauncher
2019-08-11 06:07 - 2019-08-11 06:08 - 000000000 ____D C:\ProgramData\Epic
2019-08-11 06:07 - 2019-08-11 06:07 - 000001270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2019-08-11 06:07 - 2019-08-11 06:07 - 000000000 ____D C:\Users\Administrator\AppData\Local\UnrealEngineLauncher
2019-08-11 06:07 - 2019-08-11 06:07 - 000000000 ____D C:\Program Files (x86)\Epic Games
2019-08-10 18:26 - 2019-08-16 14:46 - 000003274 _____ C:\Windows\System32\Tasks\WindowsTaskCoreUpdate
2019-08-08 20:25 - 2019-08-08 20:25 - 005003264 _____ (NC Interactive, LLC) C:\Users\Administrator\Downloads\AionInstaller.exe
2019-08-05 07:12 - 2019-08-05 07:12 - 000000000 ____D C:\Users\Administrator\Documents\Custom Office Templates
2019-08-02 22:11 - 2019-08-13 07:16 - 000000000 ____D C:\Windows\system32\appmgmt
2019-07-29 22:59 - 2019-07-29 22:59 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\MPC-HC
2019-07-29 22:48 - 2019-07-29 22:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64
2019-07-29 22:48 - 2019-07-29 22:48 - 000000000 ____D C:\Program Files\MPC-HC
2019-07-28 23:28 - 2019-07-28 23:38 - 2335895552 _____ C:\Users\Administrator\Downloads\manjaro-webdad-17.1.11-stable-alpha-8-x86_64.iso
2019-07-27 14:24 - 2019-07-27 14:24 - 000000000 ____D C:\ProgramData\boost_interprocess
2019-07-27 08:48 - 2019-07-18 22:18 - 001006800 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2019-07-27 08:48 - 2019-07-18 22:18 - 001006800 _____ C:\Windows\system32\vulkan-1.dll
2019-07-27 08:48 - 2019-07-18 22:18 - 000870096 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2019-07-27 08:48 - 2019-07-18 22:18 - 000870096 _____ C:\Windows\SysWOW64\vulkan-1.dll
2019-07-27 08:48 - 2019-07-18 22:18 - 000551168 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2019-07-27 08:48 - 2019-07-18 22:18 - 000456448 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2019-07-27 08:48 - 2019-07-18 22:18 - 000286416 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2019-07-27 08:48 - 2019-07-18 22:18 - 000286416 _____ C:\Windows\system32\vulkaninfo.exe
2019-07-27 08:48 - 2019-07-18 22:18 - 000260304 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2019-07-27 08:48 - 2019-07-18 22:18 - 000260304 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2019-07-27 08:48 - 2019-07-18 22:17 - 070434048 _____ (NVIDIA Corp.) C:\Windows\system32\nvoptix.dll
2019-07-27 08:48 - 2019-07-18 22:17 - 035347656 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl64.dll
2019-07-27 08:48 - 2019-07-18 22:17 - 029845704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl32.dll
2019-07-27 08:48 - 2019-07-18 22:17 - 024275904 _____ (NVIDIA Corporation) C:\Windows\system32\nvrtum64.dll
2019-07-27 08:48 - 2019-07-18 22:17 - 011059408 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2019-07-27 08:48 - 2019-07-18 22:17 - 009492680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2019-07-27 08:48 - 2019-07-18 22:17 - 000424320 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2019-07-27 08:48 - 2019-07-18 22:16 - 040925952 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2019-07-27 08:48 - 2019-07-18 22:16 - 030406344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2019-07-27 08:48 - 2019-07-18 22:16 - 021512584 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2019-07-27 08:48 - 2019-07-18 22:16 - 020189064 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2019-07-27 08:48 - 2019-07-18 22:16 - 005038792 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2019-07-27 08:48 - 2019-07-18 22:16 - 004501712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2019-07-27 08:48 - 2019-07-18 22:16 - 002041544 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2019-07-27 08:48 - 2019-07-18 22:16 - 001721600 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6443160.dll
2019-07-27 08:48 - 2019-07-18 22:16 - 001542864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2019-07-27 08:48 - 2019-07-18 22:16 - 001471880 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2019-07-27 08:48 - 2019-07-18 22:16 - 001468112 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6443160.dll
2019-07-27 08:48 - 2019-07-18 22:16 - 001164168 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2019-07-27 08:48 - 2019-07-18 22:16 - 001136008 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2019-07-27 08:48 - 2019-07-18 22:16 - 000957832 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcumd.dll
2019-07-27 08:48 - 2019-07-18 22:16 - 000914312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2019-07-27 08:48 - 2019-07-18 22:16 - 000633736 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2019-07-27 08:48 - 2019-07-18 22:16 - 000544968 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2019-07-27 08:48 - 2019-07-18 22:16 - 000523984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2019-07-27 08:48 - 2019-07-18 22:16 - 000471296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2019-07-27 08:48 - 2019-07-18 22:16 - 000430280 _____ C:\Windows\system32\nvofapi64.dll
2019-07-27 08:48 - 2019-07-18 22:16 - 000378624 _____ C:\Windows\SysWOW64\nvofapi.dll
2019-07-27 08:48 - 2019-07-18 22:16 - 000189648 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2019-07-27 08:48 - 2019-07-18 22:16 - 000176336 _____ (NVIDIA Corporation) C:\Windows\system32\nvdlistx.dll
2019-07-27 08:48 - 2019-07-18 22:16 - 000171208 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2019-07-27 08:48 - 2019-07-18 22:16 - 000167360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2019-07-27 08:48 - 2019-07-18 22:16 - 000155016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvdlist.dll
2019-07-27 08:48 - 2019-07-18 22:16 - 000149704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2019-07-27 08:48 - 2019-07-18 22:15 - 040411904 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2019-07-27 08:48 - 2019-07-18 22:15 - 035269568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2019-07-27 08:48 - 2019-07-18 22:15 - 017467272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2019-07-27 08:48 - 2019-07-18 22:15 - 000525000 _____ (NVIDIA Corporation) C:\Windows\system32\nvcbl64.dll
2019-07-27 08:48 - 2019-07-18 19:13 - 033434048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2019-07-27 08:48 - 2019-07-18 19:13 - 021659264 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2019-07-27 08:48 - 2019-07-18 19:13 - 018089824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2019-07-27 08:47 - 2019-07-27 08:47 - 000000000 ____D C:\Users\Administrator\Downloads\RTX 431.60-notebook-win8-win7-64bit-international-whql
2019-07-27 08:34 - 2019-07-27 08:34 - 000000000 ____D C:\Users\Administrator\Documents\My Games
2019-07-27 08:34 - 2019-07-27 08:34 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\A Plague Tale Innocence
2019-07-27 07:58 - 2019-08-13 22:42 - 000000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2019-07-27 07:58 - 2019-07-27 23:37 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2019-07-27 07:58 - 2019-07-27 07:58 - 000000000 ____D C:\Users\Administrator\Downloads\MSIAfterburnerSetup462Beta1
2019-07-27 07:58 - 2019-07-27 07:58 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server
2019-07-27 07:58 - 2019-07-27 07:58 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2019-07-27 07:53 - 2019-08-11 06:07 - 000000000 ____D C:\Users\Administrator\AppData\Local\UnrealEngine
2019-07-23 22:55 - 2019-07-23 22:55 - 000002835 _____ C:\Users\Administrator\Downloads\PreventW10_20160715.zip
2019-07-21 01:29 - 2019-07-21 01:29 - 001382042 _____ C:\Users\Administrator\Downloads\subtitrari-noi.ro-The Librarians (2014)-138.zip
2019-07-21 00:38 - 2010-06-02 04:55 - 000527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2019-07-21 00:38 - 2010-06-02 04:55 - 000518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2019-07-21 00:38 - 2010-06-02 04:55 - 000239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2019-07-21 00:38 - 2010-06-02 04:55 - 000176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2019-07-21 00:38 - 2010-06-02 04:55 - 000077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2019-07-21 00:38 - 2010-06-02 04:55 - 000074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2019-07-21 00:38 - 2010-05-26 11:41 - 002526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2019-07-21 00:38 - 2010-05-26 11:41 - 002401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2019-07-21 00:38 - 2010-05-26 11:41 - 002106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2019-07-21 00:38 - 2010-05-26 11:41 - 001998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2019-07-21 00:38 - 2010-05-26 11:41 - 001907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2019-07-21 00:38 - 2010-05-26 11:41 - 001868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2019-07-21 00:38 - 2010-05-26 11:41 - 000511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2019-07-21 00:38 - 2010-05-26 11:41 - 000470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2019-07-21 00:38 - 2010-05-26 11:41 - 000276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2019-07-21 00:38 - 2010-05-26 11:41 - 000248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2019-07-21 00:38 - 2010-02-04 10:01 - 000530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2019-07-21 00:38 - 2010-02-04 10:01 - 000528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2019-07-21 00:38 - 2010-02-04 10:01 - 000238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2019-07-21 00:38 - 2010-02-04 10:01 - 000176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2019-07-21 00:38 - 2010-02-04 10:01 - 000078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2019-07-21 00:38 - 2010-02-04 10:01 - 000074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2019-07-21 00:38 - 2010-02-04 10:01 - 000024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2019-07-21 00:38 - 2010-02-04 10:01 - 000022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2019-07-21 00:38 - 2009-09-04 17:44 - 000517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2019-07-21 00:38 - 2009-09-04 17:44 - 000515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2019-07-21 00:38 - 2009-09-04 17:44 - 000238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2019-07-21 00:38 - 2009-09-04 17:44 - 000176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2019-07-21 00:38 - 2009-09-04 17:44 - 000073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2019-07-21 00:38 - 2009-09-04 17:44 - 000069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2019-07-21 00:38 - 2009-09-04 17:29 - 005554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2019-07-21 00:38 - 2009-09-04 17:29 - 005501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2019-07-21 00:38 - 2009-09-04 17:29 - 002582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2019-07-21 00:38 - 2009-09-04 17:29 - 002475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2019-07-21 00:38 - 2009-09-04 17:29 - 001974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2019-07-21 00:38 - 2009-09-04 17:29 - 001892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2019-07-21 00:38 - 2009-09-04 17:29 - 000523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2019-07-21 00:38 - 2009-09-04 17:29 - 000453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2019-07-21 00:38 - 2009-09-04 17:29 - 000285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2019-07-21 00:38 - 2009-09-04 17:29 - 000235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2019-07-21 00:38 - 2009-03-16 14:18 - 000521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2019-07-21 00:38 - 2009-03-16 14:18 - 000517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2019-07-21 00:38 - 2009-03-16 14:18 - 000235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2019-07-21 00:38 - 2009-03-16 14:18 - 000174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2019-07-21 00:38 - 2009-03-16 14:18 - 000024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2019-07-21 00:38 - 2009-03-16 14:18 - 000022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2019-07-21 00:38 - 2009-03-09 15:27 - 005425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2019-07-21 00:38 - 2009-03-09 15:27 - 004178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2019-07-21 00:38 - 2009-03-09 15:27 - 002430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2019-07-21 00:38 - 2009-03-09 15:27 - 001846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2019-07-21 00:38 - 2009-03-09 15:27 - 000520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2019-07-21 00:38 - 2009-03-09 15:27 - 000453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2019-07-21 00:37 - 2019-07-27 07:59 - 000000000 ____D C:\Windows\SysWOW64\directx
2019-07-21 00:37 - 2008-10-27 10:04 - 000518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2019-07-21 00:37 - 2008-10-27 10:04 - 000514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2019-07-21 00:37 - 2008-10-27 10:04 - 000235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2019-07-21 00:37 - 2008-10-27 10:04 - 000175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2019-07-21 00:37 - 2008-10-27 10:04 - 000074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2019-07-21 00:37 - 2008-10-27 10:04 - 000070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2019-07-21 00:37 - 2008-10-27 10:04 - 000025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2019-07-21 00:37 - 2008-10-27 10:04 - 000023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2019-07-21 00:37 - 2008-10-10 04:52 - 005631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2019-07-21 00:37 - 2008-10-10 04:52 - 004379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2019-07-21 00:37 - 2008-10-10 04:52 - 002605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2019-07-21 00:37 - 2008-10-10 04:52 - 002036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2019-07-21 00:37 - 2008-10-10 04:52 - 000519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2019-07-21 00:37 - 2008-10-10 04:52 - 000452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2019-07-21 00:37 - 2008-07-31 10:41 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2019-07-21 00:37 - 2008-07-31 10:41 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2019-07-21 00:37 - 2008-07-31 10:41 - 000072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2019-07-21 00:37 - 2008-07-31 10:40 - 000513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2019-07-21 00:37 - 2008-07-10 11:00 - 004992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2019-07-21 00:37 - 2008-07-10 11:00 - 001942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2019-07-21 00:37 - 2008-07-10 11:00 - 000540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2019-07-21 00:37 - 2008-05-30 14:19 - 000511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2019-07-21 00:37 - 2008-05-30 14:19 - 000507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2019-07-21 00:37 - 2008-05-30 14:18 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2019-07-21 00:37 - 2008-05-30 14:18 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2019-07-21 00:37 - 2008-05-30 14:17 - 000068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2019-07-21 00:37 - 2008-05-30 14:17 - 000065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2019-07-21 00:37 - 2008-05-30 14:17 - 000025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2019-07-21 00:37 - 2008-05-30 14:16 - 000028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2019-07-21 00:37 - 2008-05-30 14:11 - 004991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2019-07-21 00:37 - 2008-05-30 14:11 - 003850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2019-07-21 00:37 - 2008-05-30 14:11 - 001941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2019-07-21 00:37 - 2008-05-30 14:11 - 001491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2019-07-21 00:37 - 2008-05-30 14:11 - 000540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2019-07-21 00:37 - 2008-05-30 14:11 - 000467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2019-07-21 00:37 - 2008-03-05 16:04 - 000489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2019-07-21 00:37 - 2008-03-05 16:03 - 000479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2019-07-21 00:37 - 2008-03-05 16:03 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2019-07-21 00:37 - 2008-03-05 16:03 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2019-07-21 00:37 - 2008-03-05 16:00 - 000028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2019-07-21 00:37 - 2008-03-05 16:00 - 000025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2019-07-21 00:37 - 2008-03-05 15:56 - 004910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2019-07-21 00:37 - 2008-03-05 15:56 - 003786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2019-07-21 00:37 - 2008-03-05 15:56 - 001860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2019-07-21 00:37 - 2008-03-05 15:56 - 001420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2019-07-21 00:37 - 2008-02-05 23:07 - 000529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2019-07-21 00:37 - 2008-02-05 23:07 - 000462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2019-07-21 00:37 - 2007-10-22 03:40 - 000411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2019-07-21 00:37 - 2007-10-22 03:39 - 000267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2019-07-21 00:37 - 2007-10-22 03:37 - 000021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2019-07-21 00:37 - 2007-10-22 03:37 - 000017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2019-07-21 00:37 - 2007-10-12 15:14 - 005081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2019-07-21 00:37 - 2007-10-12 15:14 - 003734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2019-07-21 00:37 - 2007-10-12 15:14 - 002006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2019-07-21 00:37 - 2007-10-12 15:14 - 001374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2019-07-21 00:37 - 2007-10-02 09:56 - 000508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2019-07-21 00:37 - 2007-10-02 09:56 - 000444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2019-07-21 00:37 - 2007-07-20 00:57 - 000411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2019-07-21 00:37 - 2007-07-20 00:57 - 000267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2019-07-21 00:37 - 2007-07-19 18:14 - 005073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2019-07-21 00:37 - 2007-07-19 18:14 - 003727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2019-07-21 00:37 - 2007-07-19 18:14 - 001985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2019-07-21 00:37 - 2007-07-19 18:14 - 001358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2019-07-21 00:37 - 2007-07-19 18:14 - 000508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2019-07-21 00:37 - 2007-07-19 18:14 - 000444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2019-07-21 00:37 - 2007-06-20 20:49 - 000409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2019-07-21 00:37 - 2007-06-20 20:46 - 000266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2019-07-21 00:37 - 2007-05-16 16:45 - 004496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2019-07-21 00:37 - 2007-05-16 16:45 - 003497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2019-07-21 00:37 - 2007-05-16 16:45 - 001401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2019-07-21 00:37 - 2007-05-16 16:45 - 001124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2019-07-21 00:37 - 2007-05-16 16:45 - 000506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2019-07-21 00:37 - 2007-05-16 16:45 - 000443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2019-07-21 00:37 - 2007-04-04 18:55 - 000403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2019-07-21 00:37 - 2007-04-04 18:55 - 000261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2019-07-21 00:37 - 2007-04-04 18:54 - 000107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2019-07-21 00:37 - 2007-04-04 18:53 - 000081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2019-07-21 00:37 - 2007-03-15 16:57 - 000506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2019-07-21 00:37 - 2007-03-15 16:57 - 000443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2019-07-21 00:37 - 2007-03-12 16:42 - 004494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2019-07-21 00:37 - 2007-03-12 16:42 - 003495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2019-07-21 00:37 - 2007-03-12 16:42 - 001400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2019-07-21 00:37 - 2007-03-12 16:42 - 001123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2019-07-21 00:37 - 2007-03-05 12:42 - 000017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2019-07-21 00:37 - 2007-03-05 12:42 - 000015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2019-07-21 00:37 - 2007-01-24 15:27 - 000393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2019-07-21 00:37 - 2007-01-24 15:27 - 000255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2019-07-21 00:37 - 2006-12-08 12:02 - 000251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2019-07-21 00:37 - 2006-12-08 12:00 - 000390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2019-07-21 00:37 - 2006-11-29 13:06 - 004398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2019-07-21 00:37 - 2006-11-29 13:06 - 003426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2019-07-21 00:37 - 2006-11-29 13:06 - 000469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2019-07-21 00:37 - 2006-11-29 13:06 - 000440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2019-07-21 00:37 - 2006-09-28 16:05 - 003977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2019-07-21 00:37 - 2006-09-28 16:05 - 002414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2019-07-21 00:37 - 2006-09-28 16:05 - 000237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2019-07-21 00:37 - 2006-09-28 16:04 - 000364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2019-07-21 00:37 - 2006-07-28 09:31 - 000083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2019-07-21 00:37 - 2006-07-28 09:30 - 000363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2019-07-21 00:37 - 2006-07-28 09:30 - 000236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2019-07-21 00:37 - 2006-07-28 09:30 - 000062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2019-07-21 00:37 - 2006-05-31 07:24 - 000230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2019-07-21 00:37 - 2006-05-31 07:22 - 000354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2019-07-21 00:37 - 2006-03-31 12:41 - 003927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2019-07-21 00:37 - 2006-03-31 12:40 - 002388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2019-07-21 00:37 - 2006-03-31 12:40 - 000352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2019-07-21 00:37 - 2006-03-31 12:39 - 000229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2019-07-21 00:37 - 2006-03-31 12:39 - 000083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2019-07-21 00:37 - 2006-03-31 12:39 - 000062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2019-07-21 00:37 - 2006-02-03 08:43 - 003830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2019-07-21 00:37 - 2006-02-03 08:43 - 002332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2019-07-21 00:37 - 2006-02-03 08:42 - 000355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2019-07-21 00:37 - 2006-02-03 08:42 - 000230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2019-07-21 00:37 - 2006-02-03 08:41 - 000016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2019-07-21 00:37 - 2006-02-03 08:41 - 000014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2019-07-21 00:37 - 2005-12-05 18:09 - 003815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2019-07-21 00:37 - 2005-12-05 18:09 - 002323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2019-07-21 00:37 - 2005-07-22 19:59 - 003807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2019-07-21 00:37 - 2005-07-22 19:59 - 002319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2019-07-21 00:37 - 2005-05-26 15:34 - 003767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2019-07-21 00:37 - 2005-05-26 15:34 - 002297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2019-07-21 00:37 - 2005-03-18 17:19 - 003823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2019-07-21 00:37 - 2005-03-18 17:19 - 002337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2019-07-21 00:37 - 2005-02-05 19:45 - 003544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2019-07-21 00:37 - 2005-02-05 19:45 - 002222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2019-07-21 00:36 - 2019-07-21 00:37 - 000032768 _____ C:\Users\Public\Documents\crash_dump.bin
2019-07-21 00:35 - 2019-07-21 00:42 - 000000000 ____D C:\Users\Administrator\Documents\Shadow of the Tomb Raider
2019-07-20 11:26 - 2019-07-20 11:26 - 000000000 ____D C:\Users\Public\Documents\Steam

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-08-16 19:18 - 2019-07-11 22:16 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\uTorrent
2019-08-16 19:14 - 2019-07-13 07:08 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\slobs-client
2019-08-16 14:52 - 2019-07-11 21:59 - 000003594 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-812530616-1256042744-1401089867-500
2019-08-16 14:51 - 2014-11-21 11:43 - 000996428 _____ C:\Windows\system32\PerfStringBackup.INI
2019-08-16 14:51 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\Inf
2019-08-16 14:46 - 2019-07-11 21:49 - 000000000 ____D C:\ProgramData\NVIDIA
2019-08-16 14:46 - 2013-08-22 17:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-08-16 09:07 - 2019-07-11 21:53 - 000000000 ____D C:\ProgramData\Symantec
2019-08-16 08:14 - 2019-07-11 21:47 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2019-08-16 06:01 - 2019-07-11 21:39 - 000000000 ____D C:\Users\Administrator
2019-08-16 04:23 - 2019-07-11 22:00 - 000000000 ____D C:\Users\Administrator\AppData\Local\Mirillis
2019-08-15 13:44 - 2013-08-22 18:36 - 000000000 ____D C:\Windows\rescache
2019-08-15 11:19 - 2019-07-12 07:37 - 000354016 _____ C:\Windows\system32\FNTCACHE.DAT
2019-08-15 11:18 - 2013-08-22 18:36 - 000000000 ____D C:\Windows\PolicyDefinitions
2019-08-15 11:11 - 2013-08-22 18:20 - 000000000 ____D C:\Windows\CbsTemp
2019-08-15 07:39 - 2019-07-12 06:53 - 000000000 ____D C:\Windows\system32\Appraiser
2019-08-15 07:39 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\SysWOW64\Dism
2019-08-15 07:39 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\system32\Dism
2019-08-13 06:19 - 2019-07-11 21:46 - 000000000 ____D C:\ProgramData\Package Cache
2019-08-11 08:13 - 2019-07-13 07:08 - 000000000 ____D C:\Program Files\Streamlabs OBS
2019-08-10 04:22 - 2013-08-22 16:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2019-08-09 20:08 - 2013-08-22 16:25 - 000262144 ___SH C:\Windows\system32\config\ELAM
2019-08-08 20:21 - 2019-07-11 22:06 - 000003706 _____ C:\Windows\System32\Tasks\NVIDIA GeForceNow_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-08-08 20:21 - 2019-07-11 22:06 - 000000000 ____D C:\Users\Administrator\AppData\Local\NVIDIA Corporation
2019-07-27 07:59 - 2013-08-22 18:36 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-07-26 23:57 - 2019-07-11 21:49 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2019-07-20 15:45 - 2019-07-11 22:17 - 000000000 ____D C:\Program Files (x86)\Steam
2019-07-18 22:17 - 2019-07-11 21:49 - 000508864 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2019-07-18 19:13 - 2019-07-11 21:49 - 038756680 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2019-07-18 19:12 - 2019-07-11 21:49 - 004934728 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2019-07-18 19:12 - 2019-07-11 21:49 - 004375904 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2019-07-18 02:31 - 2019-07-11 21:49 - 000049491 _____ C:\Windows\system32\nvinfo.pb
2019-07-18 00:10 - 2019-07-11 21:49 - 005435192 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2019-07-18 00:10 - 2019-07-11 21:49 - 002637352 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2019-07-18 00:10 - 2019-07-11 21:49 - 001767920 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2019-07-18 00:10 - 2019-07-11 21:49 - 000650608 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2019-07-18 00:10 - 2019-07-11 21:49 - 000451056 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2019-07-18 00:10 - 2019-07-11 21:49 - 000125424 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2019-07-18 00:10 - 2019-07-11 21:49 - 000083440 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll

==================== Files in the root of some directories ================

2019-07-14 02:29 - 2019-07-14 02:32 - 000007629 _____ () C:\Users\Administrator\AppData\Local\Resmon.ResmonCfg

==================== FLock ================

2019-08-15 07:46 C:\Windows\CSC

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-08-15 13:21
==================== End of FRST.txt ============================

Addition.txt

Share this post


Link to post
Share on other sites

Hi,

Please download the attached Fixlist.txt file to  the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the FRST.txt log you have submitted.

Run FRST and click Fix only once and wait.

The Computer will restart when the fix is completed.

It will create a log (Fixlog.txt) please post it to your reply.
===

Please post the Fixlog.txt and let me know if the problem is solved.

fixlist.txt

Share this post


Link to post
Share on other sites

I need to wait one day to see if problem is fixed because those files were downloaded once a day. If i wont receive any warning i will announce and i think everything is ok.

Big thanks.

Fixlog.txt

Share this post


Link to post
Share on other sites

May i ask one question? Because i dont want your help be in vain.

Can i run these commands bellow and block again in firewall >> explorer.exe , skydrive.exe ?

sc config DiagTrack start= disabled
sc stop DiagTrack
reg delete HKLM\SYSTEM\ControlSet001\Control\WMI\AutoLogger\AutoLogger-Diagtrack-Listener /f
reg delete HKLM\SYSTEM\ControlSet001\Control\WMI\AutoLogger\Diagtrack-Listener /f
reg delete HKLM\SYSTEM\ControlSet001\Control\WMI\AutoLogger\SQMLogger /f
reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Diagnostics\DiagTrack /f
reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\DataCollection /f
takeown /f %ProgramData%\Microsoft\Diagnosis /A /r /d y
icacls %ProgramData%\Microsoft\Diagnosis /grant:r *S-1-5-32-544:F /T /C
del /f /q %ProgramData%\Microsoft\Diagnosis\*.rbs
del /f /q /s %ProgramData%\Microsoft\Diagnosis\ETLLogs\*

Share this post


Link to post
Share on other sites

Hi,

The only thing I found about Diagrrack is this article.

http://m.majorgeeks.com/content/page/how_to_disable_diagnostics_tracking_(diagtrack)_or_connected_user_experiences_and_telemetry.html

If you need more information I suggest you ask in this Windows 8.1 Forum.
https://www.bleepingcomputer.com/forums/f/209/windows-8-and-windows-81/
====

Glad we could help.

Share this post


Link to post
Share on other sites

image.thumb.png.e57c84120f18388f084f781f94de8d22.png

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 8/20/19
Scan Time: 2:53 AM
Log File: 9b94ceb2-c2dc-11e9-bec7-e0d55e13580d.json

-Software Information-
Version: 3.8.3.2965
Components Version: 1.0.613
Update Package Version: 1.0.12089
License: Trial

-System Information-
OS: Windows 8.1
CPU: x64
File System: NTFS
User: System

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Scheduler
Result: Completed
Objects Scanned: 231180
Threats Detected: 2
Threats Quarantined: 2
Time Elapsed: 1 min, 49 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 1
Trojan.Agent.VBS.Generic, C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\1BF6515FF7FF4220A003D542B6D57157, Quarantined, [3752], [721982],1.0.12089

File: 1
Trojan.Agent.VBS.Generic, C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\1BF6515FF7FF4220A003D542B6D57157\2FAB15AB4DA04D1898DEFA453E89ED05.vbe, Quarantined, [3752], [721982],1.0.12089

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)

Share this post


Link to post
Share on other sites

Hi,

Your copy of Chrome may have been compromised.
Remove and re-install Chrome.

step1.gif Remove Chrome from your Computer and reinstall a fresh copy later.

step2.gifIf you remove the syncing of your account you must remove it before you save your bookmarks etc...
Delete Your Google Chrome Browser Sync Data if you sync with other devices. <- Important ...
https://forums.malwarebytes.com/topic/214325-chrome-secure-preferences-detection-always-comes-back/

step3.gif Before you remove Chrome Export your Bookmarks
Chrome will export your bookmarks as a HTML file, which you can then import into another browser.
How To: http://ccm.net/faq/31791-how-to-backup-your-google-chrome-bookmarks

step4.gif Before you remove Chrome Export your Passwords
How to export your saved passwords from Chrome
https://www.google.com/search?q=chrome+export+password&oq=chrome+export+password&aqs=chrome..69i57j69i60l2.7991j0j7&sourceid=chrome&ie=UTF-8

step5.gif Clear your Chrome cache and cookies
https://support.google.com/chromebook/answer/183083?hl=en

step6.gif Remove Chrome using the the instructions on this page.
https://support.google.com/chrome/answer/95319?hl=en

step7.gif Re-install Chrome and the Bookmarks.
<<<>>

Is the problem solved?

Share this post


Link to post
Share on other sites

Resolved, seems it was from Iridium browser. I had a feeling something is wrong when their site was down for 2 weeks. i asked them on twitter if they were hacked but they didnt said anything. Seems the gut its still the best.

Share this post


Link to post
Share on other sites

Hi,

Did you download and install the Iridium Browser?

If yes was it downloaded from the owner's site?

If you still have a copy of the iridium.exe can you please submit the file to VirusTotal for an inspection.

Navigate to this page and follow the instructions.
https://www.virustotal.com/gui/home

Submit the link for my review.

Share this post


Link to post
Share on other sites

Due to the lack of feedback, this topic is closed to prevent others from posting here.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this topic. Other members who need assistance please start your own topic in a new thread.

Thanks

 

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.