Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-09-2021
Ran by Dan (administrator) on WIN-KGJ2DPDON1K (09-09-2021 12:00:06)
Running from C:UsersDanDownloads
Loaded Profiles: Dan
Platform: Windows 10 Pro Version 1909 18363.1316 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:SetTimerResolutionService.exe
(Adobe Inc. -> Adobe Inc.) C:Program Files (x86)Common FilesAdobeAdobe Desktop CommonElevationManagerAdobeUpdateService.exe
(Advanced Micro Devices Inc. -> AMD) C:WindowsSystem32DriverStoreFileRepositoryu0371001.inf_amd64_c05f2cb8e5a0d295B370998atieclxx.exe
(Advanced Micro Devices Inc. -> AMD) C:WindowsSystem32DriverStoreFileRepositoryu0371001.inf_amd64_c05f2cb8e5a0d295B370998atiesrxx.exe
(Brave Software, Inc. -> BraveSoftware Inc.) C:Program Files (x86)BraveSoftwareUpdateBraveUpdate.exe
(Cloudflare, Inc. -> ) C:Program FilesCloudflareCloudflare WARPwarp-svc.exe
(Flexera Software LLC -> InstallShield Software Corporation) [File not signed] C:Program Files (x86)Common Filesinstallshieldengine8intel 32iKernel.exe
(Google LLC -> Google LLC) C:Program Files (x86)GoogleUpdate1.3.36.102GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:Program Files (x86)GoogleUpdate1.3.36.102GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:Program Files (x86)GoogleUpdateGoogleUpdate.exe
(Google LLC -> Google LLC) C:Program FilesGoogleChromeApplicationchrome.exe <13>
(Locktime Software s.r.o. -> Locktime Software) C:Program FilesLocktime SoftwareNetLimiter 4NLSvc.exe
(Logitech Inc -> Logitech, Inc.) C:Program FilesLGHUBlghub.exe <4>
(Logitech Inc -> Logitech, Inc.) C:Program FilesLGHUBlghub_agent.exe
(Logitech Inc -> Logitech, Inc.) C:Program FilesLGHUBlghub_updater.exe
(Logitech Inc -> Logitech, Inc.) C:Program FilesLGHUBlogi_crashpad_handler.exe <2>
(Microsoft Corporation -> Microsoft Corporation) C:Program FilesCommon Filesmicrosoft sharedClickToRunOfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:WindowsMicrosoft.NETFramework64v4.0.30319SMSvcHost.exe
(Microsoft Corporation) C:Program FilesWindowsAppsMicrosoft.GamingServices_2.51.3002.0_x64__8wekyb3d8bbweGamingServices.exe
(Microsoft Corporation) C:Program FilesWindowsAppsMicrosoft.GamingServices_2.51.3002.0_x64__8wekyb3d8bbweGamingServicesNet.exe
(Microsoft Windows -> ) C:WindowsSystem32OpenSSHsshd.exe
(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32pacjsworker.exe
(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32snmptrap.exe
(Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:WindowsSystem32amdfendrsr.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2108.7-0MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2108.7-0NisSrv.exe
(OpenVPN Inc. -> The OpenVPN Project) C:Program FilesOpenVPNbinopenvpnserv.exe
(OpenVPN Inc. -> The OpenVPN project) C:Program FilesOpenVPNbinopenvpnserv2.exe
(Popcorn Time) [File not signed] C:Program Files (x86)Popcorn TimeUpdater.exe
(SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.) C:Program FilesSoftEther VPN Clientvpnclient_x64.exe
(Windscribe Limited -> Windscribe Limited) C:Program Files (x86)WindscribeWindscribeService.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM…Run: [SoftEther VPN Client UI Helper] => C:Program FilesSoftEther VPN Clientvpnclient_x64.exe [5886264 2021-04-21] (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)
HKLM…Run: [ctfmon] => C:WindowsSystem32ctfmon.exe [11264 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKLM-x32…Run: [Autodesk Desktop App] => C:Program Files (x86)AutodeskAutodesk Desktop AppAutodeskDesktopApp.exe [657704 2019-01-11] (Autodesk, Inc. -> Autodesk, Inc.)
HKLM-x32…Run: [Adobe CCXProcess] => C:Program Files (x86)AdobeAdobe Creative Cloud ExperienceCCXProcess.exe [129288 2021-05-26] (Adobe Inc. -> )
HKLM-x32…Run: [Adobe Creative Cloud] => C:Program FilesAdobeAdobe Creative CloudACCCreative Cloud.exe [779504 2021-08-07] (Adobe Inc. -> Adobe Inc.)
HKLM-x32…Run: [SunJavaUpdateSched] => C:Program Files (x86)Common FilesJavaJava Updatejusched.exe [706344 2021-06-09] (Oracle America, Inc. -> Oracle Corporation)
HKLM…PoliciesExplorer: [SettingsPageVisibility] hide:maps;cortana;cortana-language;windowsinsider;windowsinsider-optin;findmydevice
HKLM…PoliciesExplorer: [DisableThumbnails] 0
HKUS-1-5-19…Run: [GoogleDriveFS] => C:Program FilesGoogleDrive File Stream46.0.3.0GoogleDriveFS.exe –startup_mode
HKUS-1-5-20…Run: [GoogleDriveFS] => C:Program FilesGoogleDrive File Stream46.0.3.0GoogleDriveFS.exe –startup_mode
HKUS-1-5-21-1100201080-1795771759-1847257070-1000…Run: [com.squirrel.Teams.Teams] => C:UsersDanAppDataLocalMicrosoftTeamsUpdate.exe [2453720 2021-03-03] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKUS-1-5-21-1100201080-1795771759-1847257070-1000…Run: [Discord] => C:UsersDanAppDataLocalDiscordUpdate.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKUS-1-5-21-1100201080-1795771759-1847257070-1000…Run: [TabletDriver] => C:Huion Tabletx64TabletDriverCore.exe [321256 2020-06-29] (Shenzhen Huion Animation Technology Co.,LTD -> )
HKUS-1-5-21-1100201080-1795771759-1847257070-1000…Run: [uTorrent] => C:UsersAdministratorAppDataRoaminguTorrentuTorrent.exe [2133032 2021-04-24] (BitTorrent Inc -> BitTorrent Inc.)
HKUS-1-5-21-1100201080-1795771759-1847257070-1000…Run: [electron.app.Guilded] => C:UsersDanAppDataLocalProgramsGuildedGuilded.exe
HKUS-1-5-21-1100201080-1795771759-1847257070-1000…Run: [Windscribe] => C:Program Files (x86)WindscribeWindscribe.exe [5461888 2021-05-18] (Windscribe Limited -> Windscribe Limited)
HKUS-1-5-21-1100201080-1795771759-1847257070-1000…Run: [winkit] => C:WindowsFontswinkit.exe
HKUS-1-5-21-1100201080-1795771759-1847257070-1000…Run: [ut] => C:UsersDanAppDataRoaminguTorrentuTorrent.exe [2131496 2021-08-27] (BitTorrent Inc -> BitTorrent Inc.)
HKUS-1-5-21-1100201080-1795771759-1847257070-1000…Run: [LGHUB] => C:Program FilesLGHUBlghub.exe [136443296 2021-07-31] (Logitech Inc -> Logitech, Inc.)
HKUS-1-5-21-1100201080-1795771759-1847257070-1000…Run: [CCleaner Smart Cleaning] => C:Program FilesCCleanerCCleaner64.exe [35062912 2021-07-16] (Piriform Software Ltd -> Piriform Software Ltd)
HKUS-1-5-21-1100201080-1795771759-1847257070-1000…Run: [Opera GX Browser Assistant] => C:UsersDanAppDataLocalProgramsOpera GXassistantbrowser_assistant.exe [3291288 2021-02-02] (Opera Software AS -> Opera Software)
HKUS-1-5-21-1100201080-1795771759-1847257070-1000…Run: [Steam] => D:Dan’s Steamsteamsteam.exe [4110568 2021-07-21] (Valve -> Valve Corporation)
HKUS-1-5-21-1100201080-1795771759-1847257070-1000…Run: [NetLimiter] => C:Program FilesLocktime SoftwareNetLimiter 4nlclientapp.exe [300160 2021-07-01] (Locktime Software s.r.o. -> Locktime Software)
HKUS-1-5-21-1100201080-1795771759-1847257070-1000…Run: [com.squirrel.slack.slack] => C:UsersAdministratorAppDataLocalslackslack.exe [309568 2021-09-04] (Slack Technologies, Inc. -> Slack Technologies Inc.)
HKUS-1-5-21-1100201080-1795771759-1847257070-1000…Run: [IDMan] => C:Program Files (x86)Internet Download ManagerIDMan.exe [5694464 2021-07-17] (Tonec Inc.) [File not signed]
HKUS-1-5-21-1100201080-1795771759-1847257070-1000…PoliciesExplorer: [LinkResolveIgnoreLinkInfo] 1
HKUS-1-5-21-1100201080-1795771759-1847257070-1000…PoliciesExplorer: [NoResolveSearch] 1
HKUS-1-5-21-1100201080-1795771759-1847257070-1000…PoliciesExplorer: [NoInternetOpenWith] 1
HKUS-1-5-21-1100201080-1795771759-1847257070-1000…PoliciesExplorer: [NoInstrumentation] 1
HKUS-1-5-21-1100201080-1795771759-1847257070-500…Run: [Steam] => C:Program Files (x86)Steamsteam.exe [4110568 2021-07-21] (Valve -> Valve Corporation)
HKUS-1-5-21-1100201080-1795771759-1847257070-500…Run: [com.squirrel.Teams.Teams] => C:UsersAdministratorAppDataLocalMicrosoftTeamsUpdate.exe [2453656 2021-02-13] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKUS-1-5-21-1100201080-1795771759-1847257070-500…Run: [uTorrent] => C:UsersAdministratorAppDataRoaminguTorrentuTorrent.exe [2133032 2021-04-24] (BitTorrent Inc -> BitTorrent Inc.)
HKUS-1-5-21-1100201080-1795771759-1847257070-500…Run: [CCleaner Smart Cleaning] => C:Program FilesCCleanerCCleaner64.exe [35062912 2021-07-16] (Piriform Software Ltd -> Piriform Software Ltd)
HKUS-1-5-21-1100201080-1795771759-1847257070-500…Run: [Opera GX Browser Assistant] => C:UsersAdministratorAppDataLocalProgramsOpera GXassistantbrowser_assistant.exe [3291288 2021-02-02] (Opera Software AS -> Opera Software)
HKUS-1-5-21-1100201080-1795771759-1847257070-500…Run: [PicPick Start] => C:Program Files (x86)PicPickpicpick.exe [23970424 2021-03-31] (NGWIN Software co. -> NGWIN)
HKUS-1-5-21-1100201080-1795771759-1847257070-500…Run: [sws] => C:UsersAdministratorAppDataLocalProgramssafe-watchresourcesappswch_go_serviceswch_go_service.exe [10253872 2020-09-22] (OPEN VIDEO, TOV -> )
HKUS-1-5-21-1100201080-1795771759-1847257070-500…Run: [ZoomInfo Contact Contributor] => C:UsersAdministratorAppDataLocalZoomInfoCEUtilitylaunch.bat [108 2021-06-29] () [File not signed]
HKUS-1-5-21-1100201080-1795771759-1847257070-500…Run: [Discord] => C:UsersAdministratorAppDataLocalDiscordUpdate.exe [1512104 2021-05-24] (Discord Inc. -> GitHub)
HKUS-1-5-21-1100201080-1795771759-1847257070-500…Run: [LGHUB] => C:Program FilesLGHUBlghub.exe [136443296 2021-07-31] (Logitech Inc -> Logitech, Inc.)
HKUS-1-5-21-1100201080-1795771759-1847257070-500…Run: [Skype for Desktop] => C:Program Files (x86)MicrosoftSkype for DesktopSkype.exe [114017640 2021-08-10] (Skype Software Sarl -> Skype Technologies S.A.)
HKUS-1-5-21-1100201080-1795771759-1847257070-500…Run: [com.squirrel.slack.slack] => C:UsersAdministratorAppDataLocalslackslack.exe [309568 2021-09-04] (Slack Technologies, Inc. -> Slack Technologies Inc.)
HKUS-1-5-21-1100201080-1795771759-1847257070-500…PoliciesExplorer: [DisableThumbnails] 0
HKUS-1-5-21-1100201080-1795771759-1847257070-500…PoliciesExplorer: []
HKUS-1-5-18…Run: [GoogleDriveFS] => C:Program FilesGoogleDrive File Stream46.0.3.0GoogleDriveFS.exe –startup_mode
HKLM…Windows x64Print ProcessorsCanon E510 series Print Processor: C:WindowsSystem32spoolprtprocsx64CNMPDB7.DLL [30208 2012-11-05] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM…PrintMonitorsCanon BJ Language Monitor E510 series: C:Windowssystem32CNMLMB7.DLL [389120 2012-11-05] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLMSoftwareMicrosoftActive SetupInstalled Components: [8A69D345-D564-463c-AFF1-A69D9E530F96] -> C:Program FilesGoogleChromeApplication93.0.4577.63Installerchrmstp.exe [2021-09-08] (Google LLC -> Google LLC)
HKLMSoftwareMicrosoftActive SetupInstalled Components: [AFE6A462-C574-4B8A-AF43-4CC60DF4563B] -> C:Program FilesBraveSoftwareBrave-BrowserApplication93.1.29.77Installerchrmstp.exe [2021-09-04] (Brave Software, Inc. -> Brave Software, Inc.)
Startup: C:UsersAdministratorAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupGenuineService.lnk [2021-04-24]
ShortcutTarget: GenuineService.lnk -> C:UsersDanAutodeskGenuine ServiceGenuineService.exe (No File)
Startup: C:UsersAdministratorAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupShareX.lnk [2021-01-27]
ShortcutTarget: ShareX.lnk -> C:Program FilesShareXShareX.exe (ShareX Team) [File not signed]
Startup: C:UsersAdministratorAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupVoicemeeter (VB-Audio).LNK [2021-06-08]
ShortcutTarget: Voicemeeter (VB-Audio).LNK -> C:Program Files (x86)VBVoicemeetervoicemeeter.exe (Vincent Burel -> VB-AUDIO Software)
Startup: C:ProgramDataMicrosoftWindowsStart MenuProgramsStartupCloudflare WARP.lnk [2021-09-01]
ShortcutTarget: Cloudflare WARP.lnk -> C:Program FilesCloudflareCloudflare WARPCloudflare WARP.exe (Cloudflare, Inc. -> Cloudflare)
Startup: C:ProgramDataMicrosoftWindowsStart MenuProgramsStartupHuion Tablet.lnk [2021-02-25]
ShortcutTarget: Huion Tablet.lnk -> C:Huion TabletHuion Tablet.exe (Shenzhen Huion Animation Technology Co.,LTD -> )
Startup: C:ProgramDataMicrosoftWindowsStart MenuProgramsStartupSoftEther VPN Client Manager Startup.lnk [2021-04-21]
ShortcutTarget: SoftEther VPN Client Manager Startup.lnk -> C:Program FilesSoftEther VPN Clientvpncmgr_x64.exe (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)
GroupPolicy: Restriction ? <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: 0E49B877-C15A-4D4E-AA16-8EDCED2CAF4D – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Scheduled Scan => C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2108.7-0MpCmdRun.exe [851472 2021-09-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: 19209FDD-1F4A-470F-8F66-CD4D6F8D5DBF – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Cleanup => C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2108.7-0MpCmdRun.exe [851472 2021-09-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: 2660FA4E-EE52-4F4F-ABDF-80F17E7E466D – System32TasksInstallShield® Setup Engine Kernel => C:Program Files (x86)Common Filesinstallshieldengine8intel 32iKernel.exe [72880 2020-10-16] (Flexera Software LLC -> InstallShield Software Corporation) [File not signed]
Task: 458DC311-92DE-4C3D-A09A-EE754FAB9F22 – System32TasksOptimize Thumbnail Cache => C:Program Files (x86)Common Filesinstallshieldengine8intel 32isupdate.exe [61104 2020-09-26] (Flexera Software LLC -> InstallShield®) [File not signed]
Task: 7BF06FBD-3B11-484F-980F-9C30C304C82D – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Cache Maintenance => C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2108.7-0MpCmdRun.exe [851472 2021-09-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: D55790C3-CFB7-4850-A736-D40B82B3D3F9 – System32TasksMozillaFirefox Default Browser Agent 308046B0AF4A39CB => C:Program FilesMozilla Firefoxdefault-browser-agent.exe [690616 2021-06-25] (Mozilla Corporation -> Mozilla Foundation)
Task: FBA6B6E1-FED7-47D7-A2A0-1543C066AF89 – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Verification => C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2108.7-0MpCmdRun.exe [851472 2021-09-09] (Microsoft Windows Publisher -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLMSOFTWAREPoliciesMicrosoftWindowsCurrentVersionInternet Settings: [ProxySettingsPerUser] 0 <==== ATTENTION (Restriction – ProxySettings)
AutoConfigURL: [EE559D5E-72DF-452D-BFD0-E6E64FFFD31E] => hxxp://127.0.0.1:86/
AutoConfigURL: [.DEFAULT] => hxxp://127.0.0.1:86/
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
TcpipParameters: [DhcpNameServer] 192.168.254.254
Tcpip..Interfaces93116c9c-a51f-4d49-bc1d-42a59bf0eea0: [DhcpNameServer] 192.168.254.254
HKLMSOFTWAREPoliciesMicrosoftInternet Explorer: Restriction <==== ATTENTION
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:UsersDanAppDataLocalMicrosoftEdgeUser DataDefault [2021-09-08]
Edge Extension: (IDM Integration Module) – C:UsersDanAppDataLocalMicrosoftEdgeUser DataDefaultExtensionsllbjbkhnmlidjebalopleeepgdfgcpec [2021-09-08]
Edge Extension: (Google Translate) – C:ProgramData4ede5b3d0b9c80aeec2ecc6ce540b940 [2021-02-17]
FireFox:
========
FF DefaultProfile: oakuzhtp.default
FF ProfilePath: C:UsersDanAppDataRoamingMozillaFirefoxProfilesws2nf1ou.default-nightly [2021-08-17]
FF ProfilePath: C:UsersDanAppDataRoamingMozillaFirefoxProfilesoakuzhtp.default [2021-08-06]
FF Homepage: MozillaFirefoxProfilesoakuzhtp.default -> hxxps://www.google.com/
FF ProfilePath: C:UsersDanAppDataRoamingMozillaFirefoxProfilesvk89fvsy.default-release [2021-08-17]
FF Homepage: MozillaFirefoxProfilesvk89fvsy.default-release -> hxxps://www.google.com/
FF SearchPlugin: C:UsersDanAppDataRoamingMozillaFirefoxProfilesvk89fvsy.default-releasesearchpluginsMy Bing Search.xml [2021-03-12]
FF Plugin: @java.com/DTPlugin,version=11.301.2 -> C:Program FilesJavajre1.8.0_301bindtpluginnpDeployJava1.dll [2021-08-29] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.301.2 -> C:Program FilesJavajre1.8.0_301binplugin2npjp2.dll [2021-08-29] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:Program FilesMicrosoft OfficerootOffice16NPSPWRAP.DLL [2021-07-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:Program FilesVideoLANVLCnpvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:Program Files (x86)AdobeAdobe Creative CloudUtilsnpAdobeAAMDetect64.dll [2021-08-07] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Mozilla Firefoxpluginsnpmeetingjoinpluginoc.dll [2021-07-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16NPSPWRAP.DLL [2021-07-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:Program Files (x86)AdobeAdobe Creative CloudUtilsnpAdobeAAMDetect32.dll [2021-08-07] (Adobe Inc. -> Adobe Systems)
Chrome:
=======
CHR DefaultProfile: Profile 2
CHR Profile: C:UsersDanAppDataLocalGoogleChromeUser DataDefault [2021-09-02]
CHR DownloadDir: C:UsersDanDownloads
CHR DefaultSearchKeyword: Default -> hxxps://www.google.co.sg
CHR Extension: (Slides) – C:UsersDanAppDataLocalGoogleChromeUser DataDefaultExtensionsaapocclcgogkmnckokdopfmhonfmgoek [2021-02-12]
CHR Extension: (YouTube) – C:UsersDanAppDataLocalGoogleChromeUser DataDefaultExtensionsagimnkijcaahngcdmfeangaknmldooml [2021-05-26]
CHR Extension: (Docs) – C:UsersDanAppDataLocalGoogleChromeUser DataDefaultExtensionsaohghmighlieiainnegkcijnfilokake [2021-02-12]
CHR Extension: (Google Drive) – C:UsersDanAppDataLocalGoogleChromeUser DataDefaultExtensionsapdfllckaahabafndbhieahigkjlhalf [2021-02-12]
CHR Extension: (YouTube) – C:UsersDanAppDataLocalGoogleChromeUser DataDefaultExtensionsblpcfgokakmgnkcojhhkbfbldkacnbeo [2021-02-12]
CHR Extension: (Sheets) – C:UsersDanAppDataLocalGoogleChromeUser DataDefaultExtensionsfelcaaldnbdncclmgdcncolpebgiejap [2021-02-12]
CHR Extension: (Google Docs Offline) – C:UsersDanAppDataLocalGoogleChromeUser DataDefaultExtensionsghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-25]
CHR Extension: (Google Docs Dark Mode) – C:UsersDanAppDataLocalGoogleChromeUser DataDefaultExtensionslgjhepbpjcmfmjlpkkdjlbgomamkgonb [2021-03-11]
CHR Extension: (Application Launcher For Drive (by Google)) – C:UsersDanAppDataLocalGoogleChromeUser DataDefaultExtensionslmjegmlicamnimmfhcmpkclmigmmcbeh [2021-03-11]
CHR Extension: (Chrome Web Store Payments) – C:UsersDanAppDataLocalGoogleChromeUser DataDefaultExtensionsnmmhkkegccagdldgiimedpiccmgmieda [2021-02-12]
CHR Extension: (Gmail) – C:UsersDanAppDataLocalGoogleChromeUser DataDefaultExtensionspjkljhegncpnkpknbcohdijeoejaedia [2021-02-12]
CHR Extension: (Chrome Media Router) – C:UsersDanAppDataLocalGoogleChromeUser DataDefaultExtensionspkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-08-01]
CHR Extension: (Google Translate) – C:ProgramData [2021-09-09]
CHR Profile: C:UsersDanAppDataLocalGoogleChromeUser DataGuest Profile [2021-08-17]
CHR Profile: C:UsersDanAppDataLocalGoogleChromeUser DataProfile 1 [2021-09-05]
CHR Extension: (Slides) – C:UsersDanAppDataLocalGoogleChromeUser DataProfile 1Extensionsaapocclcgogkmnckokdopfmhonfmgoek [2021-07-07]
CHR Extension: (Sheets) – C:UsersDanAppDataLocalGoogleChromeUser DataProfile 1Extensionsfelcaaldnbdncclmgdcncolpebgiejap [2021-07-07]
CHR Extension: (Google Docs Offline) – C:UsersDanAppDataLocalGoogleChromeUser DataProfile 1Extensionsghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-07-07]
CHR Extension: (Chrome Web Store Payments) – C:UsersDanAppDataLocalGoogleChromeUser DataProfile 1Extensionsnmmhkkegccagdldgiimedpiccmgmieda [2021-07-07]
CHR Extension: (Chrome Media Router) – C:UsersDanAppDataLocalGoogleChromeUser DataProfile 1Extensionspkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-07-22]
CHR Profile: C:UsersDanAppDataLocalGoogleChromeUser DataProfile 2 [2021-09-09]
CHR DownloadDir: D:Games download
CHR Extension: (Slides) – C:UsersDanAppDataLocalGoogleChromeUser DataProfile 2Extensionsaapocclcgogkmnckokdopfmhonfmgoek [2021-08-29]
CHR Extension: (Docs) – C:UsersDanAppDataLocalGoogleChromeUser DataProfile 2Extensionsaohghmighlieiainnegkcijnfilokake [2021-08-29]
CHR Extension: (Google Drive) – C:UsersDanAppDataLocalGoogleChromeUser DataProfile 2Extensionsapdfllckaahabafndbhieahigkjlhalf [2021-08-29]
CHR Extension: (YouTube) – C:UsersDanAppDataLocalGoogleChromeUser DataProfile 2Extensionsblpcfgokakmgnkcojhhkbfbldkacnbeo [2021-08-29]
CHR Extension: (Sheets) – C:UsersDanAppDataLocalGoogleChromeUser DataProfile 2Extensionsfelcaaldnbdncclmgdcncolpebgiejap [2021-08-29]
CHR Extension: (Google Docs Offline) – C:UsersDanAppDataLocalGoogleChromeUser DataProfile 2Extensionsghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-08-29]
CHR Extension: (Chrome Web Store Payments) – C:UsersDanAppDataLocalGoogleChromeUser DataProfile 2Extensionsnmmhkkegccagdldgiimedpiccmgmieda [2021-08-29]
CHR Extension: (Gmail) – C:UsersDanAppDataLocalGoogleChromeUser DataProfile 2Extensionspjkljhegncpnkpknbcohdijeoejaedia [2021-08-29]
CHR Profile: C:UsersDanAppDataLocalGoogleChromeUser DataSystem Profile [2021-08-29]
CHR HKUS-1-5-21-1100201080-1795771759-1847257070-1000SOFTWAREGoogleChromeExtensions…ChromeExtension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
Opera:
=======
StartMenuInternet: (HKUS-1-5-21-1100201080-1795771759-1847257070-1000) Opera GXStable – “C:UsersDanAppDataLocalProgramsOpera GXLauncher.exe”
StartMenuInternet: (HKUS-1-5-21-1100201080-1795771759-1847257070-500) Opera GXStable – “C:UsersAdministratorAppDataLocalProgramsOpera GXLauncher.exe”
Brave:
=======
BRA Profile: C:UsersDanAppDataLocalBraveSoftwareBrave-BrowserUser DataDefault [2021-08-17]
BRA Extension: (IDM Integration Module) – C:UsersDanAppDataLocalBraveSoftwareBrave-BrowserUser DataDefaultExtensionsngpampappnmepgilojfohadhhmbhlaek [2021-06-27]
BRA Extension: (Brave Local Data Files Updater) – C:UsersDanAppDataLocalBraveSoftwareBrave-BrowserUser Dataafalakplffnnnlkncjhbmahjfjhmlkal [2021-06-26]
BRA Extension: (Brave Ad Block Updater (Default)) – C:UsersDanAppDataLocalBraveSoftwareBrave-BrowserUser Datacffkpbalmllkdoenhmdmpbkajipdjfam [2021-06-27]
BRA Extension: (Brave NTP sponsored images) – C:UsersDanAppDataLocalBraveSoftwareBrave-BrowserUser Datagccbbckogglekeggclmmekihdgdpdgoe [2021-06-27]
BRA Extension: (Brave SpeedReader Updater) – C:UsersDanAppDataLocalBraveSoftwareBrave-BrowserUser Datajicbkmdloagakknpihibphagfckhjdih [2021-06-26]
BRA Extension: (Brave HTTPS Everywhere Updater) – C:UsersDanAppDataLocalBraveSoftwareBrave-BrowserUser Dataoofiananboodjbbmdelgdommihjbkfag [2021-06-26]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 AdAppMgrSvc; C:Program Files (x86)AutodeskAutodesk Desktop AppAdAppMgrSvc.exe [1165176 2019-01-11] (Autodesk, Inc. -> Autodesk Inc.)
R2 AdobeUpdateService; C:Program Files (x86)Common FilesAdobeAdobe Desktop CommonElevationManagerAdobeUpdateService.exe [842480 2021-08-07] (Adobe Inc. -> Adobe Inc.)
S4 AdskLicensingService; C:Program Files (x86)Common FilesAutodesk SharedAdskLicensingCurrentAdskLicensingServiceAdskLicensingService.exe [16939312 2019-01-09] (Autodesk, Inc. -> Autodesk)
S2 brave; C:Program Files (x86)BraveSoftwareUpdateBraveUpdate.exe [162456 2021-06-26] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:Program Files (x86)BraveSoftwareUpdateBraveUpdate.exe [162456 2021-06-26] (Brave Software, Inc. -> BraveSoftware Inc.)
R2 ClickToRunSvc; C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeClickToRun.exe [9166736 2021-08-23] (Microsoft Corporation -> Microsoft Corporation)
R2 CloudflareWARP; C:Program FilesCloudflareCloudflare WARP\warp-svc.exe [11314104 2021-07-22] (Cloudflare, Inc. -> )
R2 LGHUBUpdaterService; C:Program FilesLGHUBlghub_updater.exe [10787232 2021-07-31] (Logitech Inc -> Logitech, Inc.)
R2 nlsvc; C:Program FilesLocktime SoftwareNetLimiter 4NLSvc.exe [19072 2021-07-01] (Locktime Software s.r.o. -> Locktime Software)
R2 OpenVPNService; C:Program FilesOpenVPNbinopenvpnserv2.exe [24504 2021-02-24] (OpenVPN Inc. -> The OpenVPN project)
R2 OpenVPNServiceInteractive; C:Program FilesOpenVPNbinopenvpnserv.exe [73592 2021-02-24] (OpenVPN Inc. -> The OpenVPN Project)
S4 ProtonVPN Service; C:Program Files (x86)Proton TechnologiesProtonVPNProtonVPNService.exe [102648 2021-01-30] (Proton Technologies AG -> )
S4 ProtonVPN Update Service; C:Program Files (x86)Proton TechnologiesProtonVPNProtonVPN.UpdateService.exe [62712 2021-01-30] (Proton Technologies AG -> )
S4 Sense; C:Program FilesWindows Defender Advanced Threat ProtectionMsSense.exe [6264144 2021-01-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SEVPNCLIENT; C:Program FilesSoftEther VPN Clientvpnclient_x64.exe [5886264 2021-04-21] (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)
R2 STR; C:SetTimerResolutionService.exe [15360 2021-02-02] () [File not signed]
R2 Update service; C:Program Files (x86)Popcorn TimeUpdater.exe [339968 2020-08-27] (Popcorn Time) [File not signed]
R3 WdNisSvc; C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2108.7-0NisSrv.exe [2772856 2021-09-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2108.7-0MsMpEng.exe [136640 2021-09-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WindscribeService; C:Program Files (x86)WindscribeWindscribeService.exe [1300352 2021-05-18] (Windscribe Limited -> Windscribe Limited)
S2 Ds3Service; “C:UsersAdministratorDownloadsSCP-DS-Driver-Package-1.2.0.160ScpServerbinScpService.exe” [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdfendrmgr; C:WindowsSystem32driversamdfendrmgr.sys [41536 2021-07-07] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 AMDSAFD; C:WindowsSystem32DriverStoreFileRepositoryamdsafd.inf_amd64_8e2568524f674315amdsafd.sys [100768 2021-03-30] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R3 amdwddmg; C:WindowsSystem32DriverStoreFileRepositoryu0371001.inf_amd64_c05f2cb8e5a0d295B370998amdkmdag.sys [81601024 2021-08-25] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:WindowsSystem32driversamdxe.sys [65168 2021-08-18] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 dg_ssudbus; C:Windowssystem32DRIVERSssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 LGHUBTemperatureService; C:Program FilesLGHUBlogi_core_temp.sys [22864 2021-07-31] (Logitech Inc -> Logitech)
R3 logi_joy_bus_enum; C:Windowssystem32driverslogi_joy_bus_enum.sys [37200 2021-07-07] (Logitech Inc -> Logitech)
R3 logi_joy_vir_hid; C:Windowssystem32driverslogi_joy_vir_hid.sys [25928 2021-07-07] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:Windowssystem32driverslogi_joy_xlcore.sys [66896 2021-07-07] (Logitech Inc -> Logitech)
R3 Neo_VPN; C:WindowsSystem32driversNeo6_x64_VPN.sys [37824 2021-01-27] (SoftEther Corporation -> SoftEther Corporation)
S3 Neo_VPN127; C:WindowsSystem32driversNeo6_x64_VPN127.sys [37824 2021-04-21] (SoftEther Corporation -> SoftEther Corporation)
R0 nldrv; C:WindowsSystem32driversnldrv.sys [193688 2021-06-30] (Locktime Software s.r.o. -> Locktime Software)
R1 npcap; C:Windowssystem32DRIVERSnpcap.sys [74616 2020-12-12] (Insecure.Com LLC -> Insecure.Com LLC.)
S3 ProtonVPNCallout; C:Program Files (x86)Proton TechnologiesProtonVPNx64Win10ProtonVPN.CalloutDriver.sys [34176 2021-01-27] (Microsoft Windows Hardware Compatibility Publisher -> Proton Technologies AG)
R3 ScpVBus; C:WindowsSystem32driversScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
R1 SeLow; C:Windowssystem32DRIVERSSeLow_x64.sys [50624 2021-04-21] (SoftEther Corporation -> SoftEther Corporation)
R3 SnapCameraVirtualDevice; C:WindowsSystem32driversSnapCameraVirtualDevice.sys [2800232 2020-10-12] (Snap Inc. -> Windows ® Win 7 DDK provider)
S3 ssudmdm; C:Windowssystem32DRIVERSssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 tap-tb-0901; C:WindowsSystem32driverstap-tb-0901.sys [38656 2020-09-23] (TunnelBear, Inc. -> The OpenVPN Project)
R3 tap0901; C:WindowsSystem32driverstap0901.sys [39920 2021-06-19] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 tapnordvpn; C:WindowsSystem32driverstapnordvpn.sys [44896 2020-06-09] (TEFINCOM S.A. -> The OpenVPN Project)
R3 tapprotonvpn; C:WindowsSystem32driverstapprotonvpn.sys [49024 2020-12-30] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R3 tapwindscribe0901; C:WindowsSystem32driverstapwindscribe0901.sys [57768 2021-04-11] (Windscribe Limited -> The OpenVPN Project)
R3 VBAudioVMVAIOMME; C:WindowsSystem32driversvbaudio_vmvaio64_win10.sys [71712 2021-06-08] (Vincent Burel -> Windows ® Win 7 DDK provider)
R3 vmulti; C:WindowsSystem32driversvmulti.sys [10752 2018-03-16] (Microsoft Windows Hardware Compatibility Publisher -> Windows ® Win 7 DDK provider)
U5 vsock; C:WindowsSystem32Driversvsock.sys [105912 2020-08-11] (VMware, Inc. -> VMware, Inc.)
S0 WdBoot; C:WindowsSystem32driverswdWdBoot.sys [48536 2021-09-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:WindowsSystem32driverswdWdFilter.sys [433384 2021-09-09] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:WindowsSystem32driverswdWdNisDrv.sys [86264 2021-09-09] (Microsoft Windows -> Microsoft Corporation)
S3 WindscribeSplitTunnel; C:Windowssystem32DRIVERSWindscribeSplitTunnel.sys [35752 2021-05-18] (Windscribe Limited -> )
R3 windtun420; C:WindowsSystem32driverswindtun420.sys [47544 2021-04-11] (Windscribe Limited -> WireGuard LLC)
R3 wintun; C:WindowsSystem32driverswintun.sys [38176 2021-06-19] (WireGuard LLC -> WireGuard LLC)
S2 AMDRyzenMasterDriver; ??C:Program FilesAMDPerformance Profile ClientAMDRyzenMasterDriver.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-09-09 12:00 – 2021-09-09 12:00 – 000033442 _____ C:UsersDanDownloadsFRST.txt
2021-09-09 11:51 – 2021-09-09 11:51 – 002302976 _____ (Farbar) C:UsersDanDownloadsFRST64.exe
2021-09-09 08:56 – 2021-09-09 08:56 – 000000000 ____D C:Windowssystem32TasksS-1-5-21-1100201080-1795771759-1847257070-500
2021-09-09 00:24 – 2021-09-09 00:24 – 000000000 ____D C:UsersAdministratorAppDataLocalCrashDumps
2021-09-08 19:07 – 2021-09-08 19:07 – 000000385 _____ C:UsersAdministratorDownloadsBackup-codes-felixisoriginal.txt
2021-09-08 16:00 – 2021-09-08 16:00 – 000003480 _____ C:Windowssystem32TasksMicrosoftEdgeUpdateTaskMachineUA
2021-09-08 16:00 – 2021-09-08 16:00 – 000003356 _____ C:Windowssystem32TasksMicrosoftEdgeUpdateTaskMachineCore
2021-09-08 12:46 – 2021-04-01 20:01 – 002896896 _____ () C:UsersDanDownloadsAnyDesk.exe
2021-09-08 12:01 – 2021-09-08 12:01 – 000003794 _____ C:Windowssystem32TasksOptimize Thumbnail Cache
2021-09-08 12:01 – 2021-09-08 12:01 – 000003434 _____ C:Windowssystem32TasksInstallShield® Setup Engine Kernel
2021-09-08 04:48 – 2021-09-08 04:48 – 000000000 ____D C:Program FilesGraalVM
2021-09-08 03:33 – 2021-09-08 03:33 – 000000000 ____D C:UsersDanAppDataLocalElevatedDiagnostics
2021-09-08 02:29 – 2021-09-08 02:30 – 031734851 _____ C:UsersDanDownloadsFlux.rar
2021-09-07 22:04 – 2021-09-07 22:05 – 000000000 _____ C:UsersDanDownloadsFlux b33.zip
2021-09-07 22:00 – 2021-09-07 22:00 – 000001036 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsAdobe Media Encoder 2020.lnk
2021-09-07 21:57 – 2021-09-07 21:57 – 000000000 ____D C:UsersPublicDocumentsAdobeInstalledCodecsTier2
2021-09-07 21:31 – 2021-09-07 21:31 – 001549781 _____ C:UsersDanDownloadsvideo0_5.mov
2021-09-07 21:24 – 2021-09-07 22:02 – 000000000 ____D C:UsersDanDocumentsAdobe
2021-09-07 21:23 – 2021-09-07 21:23 – 000001019 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsAdobe Premiere Pro 2020.lnk
2021-09-07 21:23 – 2021-09-07 21:23 – 000000000 ____D C:UsersPublicDocumentsAdobe
2021-09-07 21:19 – 2021-09-07 21:19 – 000000000 ____D C:UsersPublicDocumentsAdobeInstalledCodecs
2021-09-07 18:11 – 2021-09-08 04:26 – 000000000 ____D C:UsersDanAppDataLocalCrashDumps
2021-09-07 17:56 – 2021-09-07 17:59 – 125965907 _____ C:UsersDanDocumentsUntitled60 (upscaled).mp4
2021-09-07 12:02 – 2021-09-07 20:41 – 000000000 ____D C:UsersDanAppDataLocalLowuTorrent
2021-09-06 19:49 – 2021-09-06 19:49 – 000000000 ____D C:UsersDanAppDataLocalLowThe Irregular Corp
2021-09-06 19:45 – 2021-09-06 19:45 – 000000000 ____D C:ProgramDataGOG.com
2021-09-06 19:28 – 2021-09-06 19:28 – 000000000 ____D C:UsersDanAppDataLocalglasswire
2021-09-06 19:27 – 2021-09-06 19:28 – 000000000 ____D C:ProgramDataGlassWire
2021-09-06 19:26 – 2021-09-06 19:27 – 062080056 _____ (SecureMix LLC) C:UsersDanDownloadsGlassWireSetup.exe
2021-09-06 17:57 – 2021-09-06 19:26 – 000000000 ____D C:UsersDanAppDataRoamingIDM
2021-09-06 17:57 – 2021-09-06 17:57 – 000001098 _____ C:UsersDanDesktopInternet Download Manager.lnk
2021-09-06 17:57 – 2021-09-06 17:57 – 000000000 ____D C:UsersDanDownloadsVideo
2021-09-06 17:57 – 2021-09-06 17:57 – 000000000 ____D C:UsersDanDownloadsCompressed
2021-09-06 17:57 – 2021-09-06 17:57 – 000000000 ____D C:UsersDanAppDataRoamingMicrosoftWindowsStart MenuProgramsInternet Download Manager
2021-09-06 17:57 – 2021-09-06 17:57 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsInternet Download Manager
2021-09-06 17:57 – 2021-09-06 17:57 – 000000000 ____D C:Program Files (x86)Internet Download Manager
2021-09-06 16:56 – 2021-09-07 17:56 – 085490353 _____ C:UsersDanDocumentsUntitled (upscaled).mp4
2021-09-05 21:09 – 2021-09-05 21:09 – 000115770 _____ C:UsersDanDownloadsdownload.htm
2021-09-05 21:00 – 2021-09-05 21:00 – 000000000 ____D C:UsersDanAppDataLocalATI
2021-09-05 18:50 – 2021-06-10 21:27 – 000000000 ____D C:UsersDanDownloadsokuru-free-main
2021-09-05 13:10 – 2021-09-08 12:34 – 000001754 _____ C:UsersDanDownloadsConfig.ini
2021-09-05 07:21 – 2021-09-05 07:21 – 000000000 ____D C:UsersDanDownloadscouleurstoolbox-main
2021-09-05 07:01 – 2021-09-05 07:01 – 000000569 _____ C:UsersPublicDesktopVEGAS Pro 19.0.lnk
2021-09-05 07:00 – 2021-09-05 07:00 – 000000000 ____D C:Program Files (x86)VEGAS
2021-09-05 06:32 – 2021-09-08 13:29 – 000000000 ____D C:UsersDanAppDataRoamingobs-studio
2021-09-05 06:32 – 2021-09-05 06:32 – 000000000 ____D C:ProgramDataobs-studio-hook
2021-09-05 06:32 – 2021-09-05 06:32 – 000000000 ____D C:Program Filesobs-studio
2021-09-05 06:24 – 2021-09-05 06:24 – 000000000 ____D C:UsersDanAppDataLocalLowAMD
2021-09-05 06:23 – 2021-09-05 06:27 – 000000000 ____D C:UsersDanAppDataLocalAMD
2021-09-05 06:23 – 2021-09-05 06:23 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsAMD Link For Windows
2021-09-05 06:23 – 2021-09-05 06:23 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsAMD Bug Report Tool
2021-09-05 06:21 – 2021-09-07 18:48 – 000000000 ____D C:Program FilesAMD
2021-09-05 06:21 – 2021-09-05 06:24 – 000000000 ____D C:ProgramDataAMD
2021-09-05 06:21 – 2021-09-05 06:21 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsAMD Radeon Software
2021-09-05 06:21 – 2021-08-25 07:04 – 002443640 _____ (AMD Inc.) C:WindowsSysWOW64AMDBugReportTool.exe
2021-09-05 06:14 – 2021-08-25 06:44 – 003471376 _____ C:WindowsSysWOW64atiumdva.cap
2021-09-05 06:14 – 2021-08-25 06:43 – 003437632 _____ C:Windowssystem32atiumd6a.cap
2021-09-05 06:14 – 2021-08-25 06:42 – 000204952 _____ C:WindowsSysWOW64ativvsvl.dat
2021-09-05 06:14 – 2021-08-25 06:42 – 000204952 _____ C:Windowssystem32ativvsvl.dat
2021-09-05 06:14 – 2021-08-25 06:42 – 000157144 _____ C:WindowsSysWOW64ativvsva.dat
2021-09-05 06:14 – 2021-08-25 06:42 – 000157144 _____ C:Windowssystem32ativvsva.dat
2021-09-05 06:14 – 2021-08-25 05:30 – 001869296 _____ C:Windowssystem32vulkaninfo-1-999-0-0-0.exe
2021-09-05 06:14 – 2021-08-25 05:30 – 001869296 _____ C:Windowssystem32vulkaninfo.exe
2021-09-05 06:14 – 2021-08-25 05:30 – 001448944 _____ C:WindowsSysWOW64vulkaninfo-1-999-0-0-0.exe
2021-09-05 06:14 – 2021-08-25 05:30 – 001448944 _____ C:WindowsSysWOW64vulkaninfo.exe
2021-09-05 06:14 – 2021-08-25 05:30 – 001107176 _____ C:Windowssystem32vulkan-1-999-0-0-0.dll
2021-09-05 06:14 – 2021-08-25 05:30 – 001107176 _____ C:Windowssystem32vulkan-1.dll
2021-09-05 06:14 – 2021-08-25 05:30 – 000959856 _____ C:WindowsSysWOW64vulkan-1-999-0-0-0.dll
2021-09-05 06:14 – 2021-08-25 05:30 – 000959856 _____ C:WindowsSysWOW64vulkan-1.dll
2021-09-05 06:14 – 2021-08-25 05:30 – 000737296 _____ (Advanced Micro Devices, Inc.) C:Windowssystem32Rapidfire64.dll
2021-09-05 06:14 – 2021-08-25 05:30 – 000621568 _____ (Advanced Micro Devices, Inc.) C:WindowsSysWOW64Rapidfire.dll
2021-09-05 06:14 – 2021-08-25 05:30 – 000047088 _____ (Advanced Micro Devices, Inc.) C:Windowssystem32RapidFireServer64.dll
2021-09-05 06:14 – 2021-08-25 05:30 – 000044048 _____ (Advanced Micro Devices, Inc.) C:WindowsSysWOW64RapidFireServer.dll
2021-09-05 06:14 – 2021-08-25 05:29 – 000832512 _____ (AMD) C:Windowssystem32atieclxx.exe
2021-09-05 06:14 – 2021-08-25 05:29 – 000500208 _____ C:Windowssystem32dgtrayicon.exe
2021-09-05 06:14 – 2021-08-25 05:29 – 000497168 _____ C:Windowssystem32GameManager64.dll
2021-09-05 06:14 – 2021-08-25 05:29 – 000456704 _____ C:Windowssystem32atieah64.exe
2021-09-05 06:14 – 2021-08-25 05:29 – 000433168 _____ C:Windowssystem32EEURestart.exe
2021-09-05 06:14 – 2021-08-25 05:29 – 000380432 _____ C:WindowsSysWOW64GameManager32.dll
2021-09-05 06:14 – 2021-08-25 05:29 – 000352256 _____ C:WindowsSysWOW64atieah32.exe
2021-09-05 06:14 – 2021-08-25 05:29 – 000347120 _____ C:Windowssystem32clinfo.exe
2021-09-05 06:14 – 2021-08-25 05:29 – 000245760 _____ (Advanced Micro Devices, Inc. ) C:Windowssystem32atig6txx.dll
2021-09-05 06:14 – 2021-08-25 05:29 – 000213504 _____ (Advanced Micro Devices, Inc. ) C:WindowsSysWOW64atigktxx.dll
2021-09-05 06:14 – 2021-08-25 05:29 – 000187408 _____ (Advanced Micro Devices, Inc. ) C:Windowssystem32mantle64.dll
2021-09-05 06:14 – 2021-08-25 05:29 – 000167408 _____ (Advanced Micro Devices, Inc. ) C:Windowssystem32atisamu64.dll
2021-09-05 06:14 – 2021-08-25 05:29 – 000166928 _____ (Advanced Micro Devices, Inc. ) C:Windowssystem32mantleaxl64.dll
2021-09-05 06:14 – 2021-08-25 05:29 – 000166912 _____ (AMD) C:Windowssystem32atimuixx.dll
2021-09-05 06:14 – 2021-08-25 05:29 – 000157200 _____ (Advanced Micro Devices, Inc. ) C:WindowsSysWOW64mantle32.dll
2021-09-05 06:14 – 2021-08-25 05:29 – 000142864 _____ (Advanced Micro Devices, Inc. ) C:WindowsSysWOW64mantleaxl32.dll
2021-09-05 06:14 – 2021-08-25 05:29 – 000141312 _____ (Advanced Micro Devices, Inc. ) C:WindowsSysWOW64atisamu32.dll
2021-09-05 06:14 – 2021-08-25 05:29 – 000136192 _____ C:Windowssystem32atidxx64.dll
2021-09-05 06:14 – 2021-08-25 05:29 – 000114688 _____ C:WindowsSysWOW64atidxx32.dll
2021-09-05 06:14 – 2021-08-25 05:29 – 000091144 _____ (Advanced Micro Devices, Inc. ) C:Windowssystem32mcl64.dll
2021-09-05 06:14 – 2021-08-25 05:29 – 000075792 _____ (Advanced Micro Devices, Inc. ) C:WindowsSysWOW64mcl32.dll
2021-09-05 06:14 – 2021-08-25 05:29 – 000019936 _____ (Microsoft Corporation) C:WindowsSysWOW64detoured.dll
2021-09-05 06:14 – 2021-08-25 05:29 – 000019936 _____ (Microsoft Corporation) C:Windowssystem32detoured.dll
2021-09-05 06:14 – 2021-08-25 05:27 – 000130392 _____ (Advanced Micro Devices, Inc. ) C:Windowssystem32atimpc64.dll
2021-09-05 06:14 – 2021-08-25 05:27 – 000108408 _____ (Advanced Micro Devices, Inc. ) C:WindowsSysWOW64atimpc32.dll
2021-09-05 06:14 – 2021-08-18 00:34 – 000065168 _____ (Advanced Micro Devices, Inc.) C:Windowssystem32Driversamdxe.sys
2021-09-05 06:14 – 2021-07-07 16:17 – 000584632 _____ (Advanced Micro Devices, Inc.) C:Windowssystem32amdfendrsr.exe
2021-09-05 06:14 – 2021-07-07 16:17 – 000161856 _____ (Advanced Micro Devices, Inc.) C:Windowssystem32Driversamdfendr.sys
2021-09-05 06:14 – 2021-07-07 16:17 – 000041536 _____ (Advanced Micro Devices, Inc.) C:Windowssystem32Driversamdfendrmgr.sys
2021-09-05 06:14 – 2020-12-09 04:15 – 000128048 _____ C:Windowssystem32kapp_ci.sbin
2021-09-05 06:14 – 2020-12-02 14:56 – 000012344 _____ C:Windowssystem32brandingRSX.bmp
2021-09-05 06:14 – 2020-10-22 12:36 – 000012344 _____ C:Windowssystem32brandingWS_RSX.bmp
2021-09-05 06:14 – 2020-05-22 23:23 – 000000822 _____ C:Windowssystem32branding.bmp
2021-09-05 06:14 – 2019-01-12 06:27 – 000121168 _____ C:Windowssystem32kapp_si.sbin
2021-09-05 06:14 – 2016-09-02 23:24 – 000154384 _____ C:Windowssystem32samu_krnl_ci.sbin
2021-09-05 06:14 – 2013-12-12 21:53 – 000138832 _____ C:Windowssystem32samu_krnl_isv_ci.sbin
2021-09-05 06:13 – 2021-08-25 06:37 – 058037336 _____ C:Windowssystem32amdxc64.so
2021-09-05 06:13 – 2021-08-25 06:35 – 000562464 _____ C:WindowsSysWOW64atiapfxx.blb
2021-09-05 06:13 – 2021-08-25 06:35 – 000562464 _____ C:Windowssystem32atiapfxx.blb
2021-09-05 06:13 – 2021-08-25 05:29 – 001757184 _____ (Advanced Micro Devices, Inc.) C:Windowssystem32atiadlxx.dll
2021-09-05 06:13 – 2021-08-25 05:29 – 001537040 _____ (Advanced Micro Devices, Inc.) C:Windowssystem32atiacm64.dll
2021-09-05 06:13 – 2021-08-25 05:29 – 001337856 _____ (Advanced Micro Devices, Inc.) C:WindowsSysWOW64atiadlxy.dll
2021-09-05 06:13 – 2021-08-25 05:29 – 001337856 _____ (Advanced Micro Devices, Inc.) C:WindowsSysWOW64atiadlxx.dll
2021-09-05 06:13 – 2021-08-25 05:29 – 000468992 _____ (Advanced Micro Devices, Inc.) C:Windowssystem32atidemgy.dll
2021-09-05 06:13 – 2021-08-25 05:29 – 000182640 _____ (Advanced Micro Devices, Inc. ) C:Windowssystem32aticfx64.dll
2021-09-05 06:13 – 2021-08-25 05:29 – 000158896 _____ (Advanced Micro Devices, Inc. ) C:WindowsSysWOW64aticfx32.dll
2021-09-05 06:13 – 2021-08-25 05:29 – 000070656 _____ (Advanced Micro Devices, Inc.) C:Windowssystem32ati2erec.dll
2021-09-05 06:13 – 2021-08-25 05:28 – 083184144 _____ C:Windowssystem32amd_comgr.dll
2021-09-05 06:13 – 2021-08-25 05:28 – 068445696 _____ C:WindowsSysWOW64amd_comgr32.dll
2021-09-05 06:13 – 2021-08-25 05:28 – 000941568 _____ (Advanced Micro Devices, Inc.) C:Windowssystem32amdlvr64.dll
2021-09-05 06:13 – 2021-08-25 05:28 – 000769024 _____ (Advanced Micro Devices, Inc.) C:WindowsSysWOW64amdlvr32.dll
2021-09-05 06:13 – 2021-08-25 05:28 – 000466928 _____ C:Windowssystem32amdlogum.exe
2021-09-05 06:13 – 2021-08-25 05:28 – 000202680 _____ (Advanced Micro Devices, Inc.) C:Windowssystem32amdihk64.dll
2021-09-05 06:13 – 2021-08-25 05:28 – 000170224 _____ (Advanced Micro Devices, Inc.) C:WindowsSysWOW64amdihk32.dll
2021-09-05 06:13 – 2021-08-25 05:28 – 000150528 _____ (Khronos Group) C:Windowssystem32OpenCL.dll
2021-09-05 06:13 – 2021-08-25 05:28 – 000137216 _____ (Advanced Micro Devices, Inc.) C:Windowssystem32amfrt64.dll
2021-09-05 06:13 – 2021-08-25 05:28 – 000133648 _____ (Advanced Micro Devices, Inc. ) C:Windowssystem32amdxc64.dll
2021-09-05 06:13 – 2021-08-25 05:28 – 000131584 _____ (Khronos Group) C:WindowsSysWOW64OpenCL.dll
2021-09-05 06:13 – 2021-08-25 05:28 – 000113680 _____ (Advanced Micro Devices, Inc.) C:WindowsSysWOW64amfrt32.dll
2021-09-05 06:13 – 2021-08-25 05:28 – 000113680 _____ (Advanced Micro Devices, Inc. ) C:WindowsSysWOW64amdxc32.dll
2021-09-05 06:13 – 2021-08-25 05:27 – 072865264 _____ (Advanced Micro Devices Inc.) C:Windowssystem32amdhip64.dll
2021-09-05 06:13 – 2021-08-25 05:27 – 001686272 _____ (AMD) C:Windowssystem32amf-mft-mjpeg-decoder64.dll
2021-09-05 06:13 – 2021-08-25 05:27 – 001365632 _____ (AMD) C:WindowsSysWOW64amf-mft-mjpeg-decoder32.dll
2021-09-05 06:13 – 2021-08-25 05:27 – 000546944 _____ C:Windowssystem32amdmiracast.dll
2021-09-05 06:13 – 2021-08-25 05:27 – 000489968 _____ C:Windowssystem32amdgfxinfo64.dll
2021-09-05 06:13 – 2021-08-25 05:27 – 000380432 _____ C:WindowsSysWOW64amdgfxinfo32.dll
2021-09-05 06:13 – 2021-08-25 05:27 – 000136072 _____ (Advanced Micro Devices, Inc. ) C:Windowssystem32amdave64.dll
2021-09-05 06:13 – 2021-08-25 05:27 – 000130392 _____ (Advanced Micro Devices, Inc. ) C:Windowssystem32amdpcom64.dll
2021-09-05 06:13 – 2021-08-25 05:27 – 000120424 _____ (Advanced Micro Devices, Inc. ) C:WindowsSysWOW64amdave32.dll
2021-09-05 06:13 – 2021-08-25 05:27 – 000108408 _____ (Advanced Micro Devices, Inc. ) C:WindowsSysWOW64amdpcom32.dll
2021-09-05 06:13 – 2021-05-11 20:56 – 000247200 _____ (Advanced Micro Devices) C:Windowssystem32DriversAtihdWT6.sys
2021-09-05 06:13 – 2020-08-05 15:50 – 000011014 _____ C:Windowssystem32atiacmLocalisation.ini
2021-09-05 06:13 – 2020-07-18 02:29 – 000076237 _____ C:Windowssystem32AMDKernelEvents.man
2021-09-05 06:03 – 2021-09-05 19:22 – 000000000 ____D C:UsersDanDownloadsEverything-1.4.1.1009.x64
2021-09-05 05:25 – 2021-09-05 05:25 – 000001210 _____ C:UsersDanAppDataRoamingMicrosoftWindowsStart MenuProgramsblur.lnk
2021-09-05 05:25 – 2021-09-05 05:25 – 000001202 _____ C:UsersDanDesktopblur.lnk
2021-09-04 06:48 – 2021-09-04 06:48 – 000002239 _____ C:UsersAdministratorDesktopSlack.lnk
2021-09-04 00:02 – 2021-09-04 01:14 – 000000000 ____D C:UsersDanDownloadsvegas pro
2021-09-04 00:00 – 2021-09-04 00:00 – 000000000 ____D C:UsersDanDownloadsResources
2021-09-03 23:11 – 2021-09-03 23:11 – 000001416 _____ C:UsersDanDesktopRoblox Player.lnk
2021-09-03 23:10 – 2021-09-03 23:11 – 000001227 _____ C:UsersDanDesktopRoblox Studio.lnk
2021-09-03 12:15 – 2021-09-03 12:15 – 000050104 _____ C:UsersDanDocumentsUntitled.veg
2021-09-02 06:22 – 2021-09-02 06:22 – 000068880 _____ (Oracle Corporation) C:Windowssystem32WindowsAccessBridge-64.dll
2021-09-02 06:22 – 2021-09-02 06:22 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsJava Development Kit
2021-09-02 06:22 – 2021-09-02 06:22 – 000000000 ____D C:Program FilesCommon FilesOracle
2021-09-02 06:17 – 2021-09-02 06:17 – 000501760 _____ C:UsersDanDownloadsLCL.exe
2021-09-01 22:10 – 2021-09-01 22:10 – 000038912 _____ C:UsersDanDocumentsRETARD.veg
2021-09-01 06:15 – 2021-09-01 06:15 – 000001532 _____ C:UsersAdministratorAppDataRoamingMicrosoftWindowsStart MenuProgramsOpera GX Browser.lnk
2021-09-01 00:42 – 2021-09-01 00:42 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsCloudflare
2021-09-01 00:41 – 2021-09-01 00:41 – 000000000 ____D C:Program FilesCloudflare
2021-08-31 15:13 – 2021-09-09 00:54 – 000000000 ____D C:UsersDanAppDataRoaming.minecraft
2021-08-31 15:13 – 2021-08-31 15:45 – 000001121 _____ C:UsersPublicDesktopMinecraft Launcher.lnk
2021-08-31 15:13 – 2021-08-31 15:40 – 000000000 ____D C:Program Files (x86)Minecraft Launcher
2021-08-31 15:13 – 2021-08-31 15:13 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsMinecraft Launcher
2021-08-30 11:24 – 2021-08-30 11:24 – 000001064 _____ C:UsersAdministratorDesktopGenshin Impact.lnk
2021-08-30 06:49 – 2021-08-30 06:49 – 000000000 ____D C:UsersAdministratorTracing
2021-08-30 06:48 – 2021-08-30 06:48 – 084362600 _____ (Skype Technologies S.A.) C:UsersAdministratorDownloadsSkype-8.75.0.140.exe
2021-08-30 06:48 – 2021-08-30 06:48 – 000001387 _____ C:UsersPublicDesktopSkype.lnk
2021-08-30 06:48 – 2021-08-30 06:48 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsSkype
2021-08-30 05:38 – 2021-08-30 05:38 – 000117347 _____ C:UsersAdministratorDownloadsSantos,Don resume.pdf
2021-08-29 22:52 – 2021-09-02 06:22 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsJava
2021-08-29 22:52 – 2021-08-29 22:52 – 000000000 ____D C:UsersDanAppDataRoamingSun
2021-08-29 22:51 – 2021-09-02 06:22 – 000000000 ____D C:Program FilesJava
2021-08-29 17:55 – 2021-09-03 23:14 – 000000000 ____D C:UsersDanDownloadsrbxfpsunlocker-x64
2021-08-29 01:40 – 2021-08-29 01:40 – 000013264 _____ C:UsersDanDocumentsgd.veg
2021-08-29 01:38 – 2021-08-29 01:39 – 000000000 ____D C:ProgramDatachocolatey
2021-08-29 01:38 – 2021-08-29 01:38 – 000000000 ____D C:ProgramDatashimgen
2021-08-29 00:22 – 2021-08-29 00:23 – 270857763 _____ C:UsersAdministratorDocumentsUntitled.mp4
2021-08-28 17:04 – 2021-08-28 17:04 – 000000071 _____ C:UsersDanBootInit
2021-08-28 14:50 – 2021-08-28 14:51 – 000000000 ____D C:ProgramDataBLSquad
2021-08-28 07:24 – 2021-08-28 07:24 – 000001432 _____ C:UsersDanAppDataRoamingMicrosoftWindowsStart MenuProgramsOpera GX Browser.lnk
2021-08-28 03:28 – 2021-08-28 03:28 – 000559281 _____ C:UsersAdministratorDownloadsdownload (4).htm
2021-08-28 02:38 – 2021-08-28 02:38 – 000535128 _____ C:UsersAdministratorDownloadsdownload (3).htm
2021-08-27 22:12 – 2021-08-27 22:12 – 000298598 _____ C:UsersAdministratorDownloadsSDR Account Tracker Team Aiko – Don Francis Santos.xlsx
2021-08-27 17:50 – 2021-08-27 17:50 – 025247673 _____ C:UsersAdministratorDownloadsDefault-Pack-1.17.X.zip
2021-08-27 16:14 – 2021-08-27 16:14 – 010580386 _____ C:UsersAdministratorDownloadsliquidbounce-bd72fd4.zip
2021-08-27 14:29 – 2021-08-27 14:29 – 000421215 _____ (Fabric Team) C:UsersAdministratorDownloadsfabric-installer-0.7.4.exe
2021-08-26 18:27 – 2021-08-26 18:27 – 000015216 _____ C:UsersAdministratorDocumentsUntitled.veg
2021-08-26 17:33 – 2021-08-26 17:33 – 000019168 _____ C:UsersAdministratorDocumentsnickgerr.veg
2021-08-26 17:15 – 2021-08-26 17:15 – 000000000 ____D C:UsersAdministratorAppDataLocalLooksBuilder
2021-08-26 17:14 – 2021-08-26 17:14 – 000000000 ____D C:Program Files (x86)REVisionEffects
2021-08-23 22:48 – 2021-08-23 22:48 – 003419133 _____ C:UsersAdministratorDownloadsDave Goldstein_Replicated.pdf
2021-08-23 14:45 – 2021-08-23 14:45 – 000337682 _____ C:UsersAdministratorDownloadsclumsy-0.2-win64.zip
2021-08-23 14:45 – 2021-08-23 14:45 – 000000000 ____D C:UsersAdministratorDownloadsclumsy-0.2-win64
2021-08-23 11:37 – 2021-08-23 11:37 – 000000000 ____D C:UsersDanAppDataRoamingSlack
2021-08-21 22:05 – 2021-08-21 22:05 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsREVisionEffects
2021-08-21 22:05 – 2021-08-21 22:05 – 000000000 ____D C:Program FilesREVisionEffects
2021-08-21 00:14 – 2021-08-30 20:27 – 000000000 ____D C:UsersDanAppDataRoamingmods
2021-08-20 23:20 – 2021-08-20 23:20 – 000120263 _____ C:UsersAdministratorDownloads7bccc2b8-af08-4dee-a762-fe5bb8ac6fe9.tmp
2021-08-20 13:54 – 2021-08-20 13:54 – 000000000 ____D C:UsersAdministratorAppDataLocalRoblox
2021-08-20 13:53 – 2021-08-20 13:53 – 000001412 _____ C:UsersAdministratorDesktopRoblox Player.lnk
2021-08-20 13:52 – 2021-09-03 23:11 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsRoblox
2021-08-20 13:52 – 2021-08-20 13:54 – 000000176 _____ C:UsersAdministratorAppDataLocalLowrbxcsettings.rbx
2021-08-20 13:52 – 2021-08-20 13:53 – 000001223 _____ C:UsersAdministratorDesktopRoblox Studio.lnk
2021-08-20 13:52 – 2021-08-20 13:52 – 000000000 ____D C:ProgramDataRoblox
2021-08-19 13:32 – 2021-08-19 13:32 – 000301538 _____ C:UsersAdministratorDownloadsamcap_EN_V3.0.9.zip
2021-08-19 13:22 – 2021-08-19 13:22 – 000002673 _____ C:UsersAdministratorDesktopYouTube Music.lnk
2021-08-19 13:20 – 2021-08-19 13:20 – 000000000 ____D C:UsersAdministratorAppDataLocalSnap
2021-08-19 13:20 – 2021-08-19 13:20 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsSnap Inc
2021-08-19 13:20 – 2021-08-19 13:20 – 000000000 ____D C:Program FilesSnap Inc
2021-08-19 13:19 – 2021-08-19 13:20 – 101565592 _____ (Snap Inc. ) C:UsersAdministratorDownloadsSnap Camera 1.14.0.exe
2021-08-18 12:26 – 2021-08-18 12:26 – 000001283 _____ C:UsersPublicDesktopNetLimiter 4 (x64).lnk
2021-08-18 12:26 – 2021-08-18 12:26 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsNetLimiter 4
2021-08-18 12:26 – 2021-08-18 12:26 – 000000000 ____D C:Program FilesLocktime Software
2021-08-17 14:33 – 2021-08-17 14:33 – 000022100 _____ C:UsersAdministratorDownloadsDonFrancisSantos_August2021.pdf
2021-08-17 10:36 – 2021-08-17 10:36 – 000000000 ____D C:UsersDanAppDataRoamingLocktime
2021-08-17 10:35 – 2021-08-17 10:35 – 000000000 ____D C:ProgramDataLocktime
2021-08-15 17:38 – 2021-08-15 17:40 – 000000000 ____D C:UsersDanAppDataLocalLooksBuilder
2021-08-15 17:38 – 2021-08-15 17:38 – 000000000 ____D C:UsersDanAppDataRoamingRed Giant Link
2021-08-15 17:38 – 2021-08-15 17:38 – 000000000 ____D C:ProgramDataRedGiant
2021-08-15 17:38 – 2021-08-15 17:38 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsRed Giant
2021-08-15 17:38 – 2021-08-15 17:38 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsMagic Bullet Looks
2021-08-15 17:38 – 2021-08-15 17:38 – 000000000 ____D C:Program FilesMagic Bullet Looks Vegas
2021-08-15 17:38 – 2021-08-15 17:38 – 000000000 ____D C:Program Files (x86)Red Giant Link
2021-08-15 17:38 – 2021-08-15 17:38 – 000000000 ____D C:Program Files (x86)LooksBuilder
2021-08-15 17:38 – 2021-08-15 17:38 – 000000000 ____D C:Program Files (x86)InstallShield Installation Information
2021-08-15 17:37 – 2021-08-15 17:37 – 000000000 ____D C:UsersDanAppDataLocalDownloaded Installations
2021-08-14 16:07 – 2021-08-14 16:07 – 000000000 ____D C:UsersDanAppDataRoamingMicrosoftWindowsStart MenuProgramsRoblox
2021-08-14 15:17 – 2021-08-14 15:17 – 000000000 ____D C:UsersDanAppDataRoamingMicrosoftWindowsStart MenuProgramsRoshade
2021-08-14 15:17 – 2021-08-14 15:17 – 000000000 ____D C:UsersDanAppDataLocalRoshade
2021-08-13 12:52 – 2021-08-30 04:41 – 000000000 ____D C:UsersDanAppDataRoamingversions
2021-08-12 19:12 – 2021-08-12 19:12 – 000041984 _____ C:UsersAdministratorpasswords.txt
2021-08-12 18:34 – 2021-08-12 18:34 – 000539042 _____ C:UsersAdministratorDownloadsdownload (2).htm
2021-08-12 02:03 – 2021-08-12 02:05 – 000000000 ____D C:UsersAdministratorDownloads! §bDefault Revamp 1.16
2021-08-12 02:03 – 2021-08-12 02:03 – 000000000 ____D C:UsersAdministratorAppDataLocalpaint.net
2021-08-10 21:21 – 2021-08-10 21:21 – 000354275 _____ C:UsersAdministratorDownloadsCognyte(formerly Verint).pdf
2021-08-10 16:37 – 2021-08-10 16:37 – 000522146 _____ C:UsersAdministratorDownloadsN.Rich vs competitors (1).pdf
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-09-09 12:00 – 2021-08-05 09:46 – 000000000 ____D C:FRST
2021-09-09 11:59 – 2021-01-22 00:57 – 000000000 ____D C:Program Files (x86)Google
2021-09-09 11:58 – 2021-07-07 18:27 – 000000000 ____D C:UsersDanAppDataLocalLGHUB
2021-09-09 11:58 – 2021-07-07 11:51 – 000000000 ____D C:UsersAdministratorAppDataLocalLGHUB
2021-09-09 11:58 – 2021-07-07 11:50 – 000000000 ____D C:UsersAdministratorAppDataRoamingLGHUB
2021-09-09 11:58 – 2021-01-22 08:33 – 000000000 ____D C:Program Files (x86)Steam
2021-09-09 11:57 – 2021-07-07 18:27 – 000000000 ____D C:UsersDanAppDataRoamingLGHUB
2021-09-09 11:57 – 2021-01-27 23:50 – 000000000 ____D C:Program FilesSoftEther VPN Client
2021-09-09 11:57 – 2019-03-19 12:52 – 000000000 ____D C:ProgramDataregid.1991-06.com.microsoft
2021-09-09 11:56 – 2021-01-22 16:46 – 000000006 ____H C:WindowsTasksSA.DAT
2021-09-09 11:56 – 2019-03-19 12:37 – 000524288 _____ C:Windowssystem32configBBI
2021-09-09 11:55 – 2021-05-26 07:27 – 000000000 ____D C:UsersAdministratorAppDataRoamingSlack
2021-09-09 11:53 – 2021-01-22 00:56 – 000005054 _____ C:Windowssystem32PerfStringBackup.INI
2021-09-09 11:52 – 2021-06-09 07:16 – 000006109 _____ C:UsersDanAppDataRoamingVoiceMeeterDefault.xml
2021-09-09 11:47 – 2021-01-13 21:18 – 000000000 ____D C:ProgramDatassh
2021-09-09 11:13 – 2021-06-08 09:54 – 000006093 _____ C:UsersAdministratorAppDataRoamingVoiceMeeterDefault.xml
2021-09-09 09:14 – 2021-01-22 08:40 – 000000000 ____D C:Program FilesGenshin Impact
2021-09-09 08:53 – 2021-01-22 02:21 – 000000000 ____D C:UsersAdministratorAppDataRoamingdiscord
2021-09-09 08:26 – 2021-06-19 20:15 – 000000000 ____D C:UsersAdministratorAppDataLocalDiscord
2021-09-09 08:14 – 2021-01-22 16:46 – 000000000 ____D C:Windowssystem32Driverswd
2021-09-09 00:47 – 2021-02-12 12:54 – 000000000 ____D C:UsersDanAppDataRoamingdiscord
2021-09-09 00:47 – 2021-02-12 12:54 – 000000000 ____D C:UsersDanAppDataLocalDiscord
2021-09-09 00:44 – 2021-02-12 12:34 – 000000000 ____D C:UsersDanAppDataRoaminglunarclient
2021-09-09 00:24 – 2021-04-12 16:37 – 000000000 ____D C:UsersAdministratorAppDataLocalGeometryDash
2021-09-08 12:43 – 2021-04-19 15:14 – 000000000 ____D C:funkin-windows-64bit
2021-09-08 12:40 – 2021-02-17 21:10 – 000000000 ____D C:UsersDanAppDataRoamingvlc
2021-09-08 10:07 – 2021-02-12 21:57 – 000000000 ____D C:UsersDanAppDataLocalD3DSCache
2021-09-08 10:04 – 2021-02-06 08:20 – 000000000 ____D C:Program FilesCCleaner
2021-09-08 05:05 – 2021-02-17 21:02 – 000000000 ____D C:UsersDanAppDataRoamingDMCache
2021-09-08 04:35 – 2021-01-22 01:03 – 000002283 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle Chrome.lnk
2021-09-08 04:32 – 2021-03-12 16:30 – 000000000 ____D C:UsersDanAppDataRoaminguTorrent
2021-09-08 04:32 – 2021-02-12 14:33 – 000000000 ____D C:UsersDanDocumentsShareX
2021-09-08 03:42 – 2019-03-19 12:52 – 000000000 ____D C:WindowsAppReadiness
2021-09-08 03:35 – 2021-02-12 12:20 – 000000000 ____D C:UsersDanAppDataLocalPackages
2021-09-08 02:58 – 2021-02-26 13:40 – 000000000 ____D C:UsersDanAppDataLocalBitTorrentHelper
2021-09-07 22:00 – 2021-02-12 12:20 – 000000000 ____D C:UsersDanAppDataRoamingAdobe
2021-09-07 21:23 – 2021-05-26 07:42 – 000000000 ____D C:Program FilesCommon FilesAdobe
2021-09-06 17:16 – 2019-03-19 12:52 – 000000000 ____D C:WindowsLiveKernelReports
2021-09-06 15:15 – 2021-01-25 20:04 – 000000000 ____D C:UsersAdministratorAppDataRoamingvlc
2021-09-06 15:10 – 2021-01-22 16:03 – 000000000 ____D C:UsersAdministratorAppDataRoamingobs-studio
2021-09-05 20:03 – 2021-05-09 20:33 – 000628384 _____ C:Windowssystem32FNTCACHE.DAT
2021-09-05 14:08 – 2021-03-23 23:07 – 000000014 _____ C:UsersDanAppDataRoamingobs-virtualcam.txt
2021-09-05 07:01 – 2021-06-11 23:15 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsVEGAS
2021-09-05 07:00 – 2021-03-04 08:36 – 000000000 ____D C:ProgramDataVEGAS Pro
2021-09-05 07:00 – 2021-02-15 15:48 – 000000000 ____D C:UsersDanAppDataRoamingSony
2021-09-05 06:32 – 2021-07-09 08:23 – 000001054 _____ C:UsersPublicDesktopOBS Studio.lnk
2021-09-05 06:23 – 2019-03-19 12:50 – 000000000 ____D C:WindowsINF
2021-09-05 06:18 – 2021-05-04 10:47 – 000000000 ____D C:AMD
2021-09-05 06:11 – 2021-02-12 12:22 – 000000000 ____D C:UsersDanAppDataLocalAMD_Common
2021-09-05 06:09 – 2021-03-07 18:05 – 000000000 ____D C:Windowssystem32TasksMozilla
2021-09-05 06:09 – 2021-03-07 18:05 – 000000000 ____D C:ProgramDataMozilla
2021-09-05 06:09 – 2021-02-26 12:36 – 000000000 ____D C:Program FilesBadlion Client
2021-09-05 06:09 – 2021-02-20 00:07 – 000000001 _____ C:Windowsvgkbootstatus.dat
2021-09-05 06:08 – 2021-02-19 23:35 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsRiot Games
2021-09-05 06:06 – 2021-04-01 19:41 – 000000000 ____D C:Program FilesVEGAS
2021-09-05 06:00 – 2021-02-15 15:48 – 000000000 ____D C:ProgramDataVEGAS
2021-09-05 05:25 – 2021-02-28 01:06 – 000000000 ____D C:ProgramDataPackage Cache
2021-09-04 09:11 – 2021-01-22 01:02 – 000002555 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsMicrosoft Edge.lnk
2021-09-04 06:48 – 2021-05-26 07:27 – 000000000 ____D C:UsersAdministratorAppDataRoamingMicrosoftWindowsStart MenuProgramsSlack Technologies Inc
2021-09-04 06:48 – 2021-05-26 07:27 – 000000000 ____D C:UsersAdministratorAppDataLocalslack
2021-09-04 06:47 – 2021-01-22 02:21 – 000000000 ____D C:UsersAdministratorAppDataLocalSquirrelTemp
2021-09-04 00:36 – 2021-06-26 07:27 – 000002374 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsBrave.lnk
2021-09-04 00:36 – 2021-06-26 07:27 – 000002333 _____ C:UsersPublicDesktopBrave.lnk
2021-09-03 23:58 – 2021-03-04 08:36 – 000000000 ____D C:UsersDanAppDataRoamingVEGAS
2021-09-03 23:57 – 2021-03-04 08:36 – 000000000 ____D C:UsersDanAppDataRoamingVEGAS Pro
2021-09-03 23:57 – 2021-03-04 08:36 – 000000000 ____D C:UsersDanAppDataLocalVEGAS Pro
2021-09-02 01:58 – 2021-06-17 11:58 – 000000000 ____D C:UsersDanAppDataLocalCloudflare
2021-09-01 10:43 – 2021-01-22 08:40 – 000000000 ____D C:UsersAdministratorAppDataLocalmiHoYo
2021-08-31 10:05 – 2021-02-12 12:20 – 000000000 ____D C:UsersDan
2021-08-31 10:04 – 2021-01-22 16:46 – 000000000 ____D C:Windowssystem32SleepStudy
2021-08-30 20:04 – 2021-01-26 01:05 – 000000000 ____D C:UsersAdministratorDocumentsShareX
2021-08-30 11:08 – 2021-06-11 02:14 – 000002450 _____ C:UsersAdministratorDesktopHilary Cook – Chrome.lnk
2021-08-30 06:49 – 2021-01-22 00:48 – 000000000 ____D C:UsersAdministrator
2021-08-29 02:50 – 2021-04-30 16:52 – 000000000 ____D C:ProgramDataGenArts
2021-08-29 01:17 – 2021-06-01 18:03 – 000000000 ____D C:UsersDanAppDataLocalGeometryDash
2021-08-28 15:16 – 2021-03-08 15:22 – 000000000 ____D C:UsersDanAppDataRoamingAnyDesk
2021-08-27 23:31 – 2021-01-25 23:25 – 000000000 ____D C:UsersAdministratorAppDataRoaminglunarclient
2021-08-27 14:40 – 2021-06-28 16:40 – 000000000 ____D C:UsersAdministratorAppDataRoamingBrackets
2021-08-27 14:40 – 2021-01-22 12:39 – 000000000 ____D C:Program FilesMicrosoft Office
2021-08-27 08:29 – 2021-04-30 17:11 – 000000000 ____D C:UsersDanDocumentsOFX Presets
2021-08-26 17:13 – 2021-05-23 09:19 – 000001064 _____ C:UsersDanDesktopVegas Pro 16.lnk
2021-08-22 22:04 – 2021-02-19 23:35 – 000000000 ____D C:ProgramDataRiot Games
2021-08-21 10:56 – 2021-02-11 17:30 – 000000016 _____ C:UsersAdministratorAppDataRoamingobs-virtualcam.txt
2021-08-19 18:48 – 2021-01-22 01:10 – 000000000 ____D C:UsersAdministratorAppDataLocalAMD_Common
2021-08-19 13:33 – 2019-03-19 12:49 – 000000384 _____ C:Windowswin.ini
2021-08-19 13:22 – 2021-06-14 12:22 – 000000000 ____D C:UsersAdministratorAppDataRoamingMicrosoftWindowsStart MenuProgramsChrome Apps
2021-08-18 13:35 – 2021-07-22 14:31 – 000041984 _____ C:UsersDanpasswords.txt
2021-08-15 15:16 – 2021-07-22 16:35 – 000000024 _____ C:UsersDanazura.login
2021-08-14 16:08 – 2021-02-15 11:23 – 000000000 ____D C:UsersDanAppDataLocalRoblox
2021-08-14 16:07 – 2021-02-15 11:23 – 000000254 _____ C:UsersDanAppDataLocalLowrbxcsettings.rbx
2021-08-13 21:15 – 2021-01-22 00:48 – 000000000 ____D C:UsersAdministratorAppDataLocalPackages
2021-08-12 01:02 – 2021-01-25 23:25 – 000000000 ____D C:UsersAdministrator.lunarclient
==================== Files in the root of some directories ========
2021-03-29 21:26 – 2021-08-01 21:44 – 000002623 _____ () C:UsersDanAppDataRoaming.cache~$
2021-03-15 22:33 – 2021-03-15 22:33 – 000000000 _____ () C:UsersDanAppDataRoaming729d49eb86c57ddaef4a529600393b56.tmp
2021-06-03 01:59 – 2021-06-03 01:59 – 000000699 _____ () C:UsersDanAppDataRoamingjd-gui.cfg
2021-03-23 23:07 – 2021-09-05 14:08 – 000000014 _____ () C:UsersDanAppDataRoamingobs-virtualcam.txt
2021-06-09 07:16 – 2021-09-09 11:52 – 000006109 _____ () C:UsersDanAppDataRoamingVoiceMeeterDefault.xml
2021-04-08 02:44 – 2021-04-08 03:03 – 000001157 _____ () C:UsersDanAppDataLocalAngst-[Dan].zip
2021-04-08 02:44 – 2021-04-08 03:03 – 000081920 _____ () C:UsersDanAppDataLocalLogin Data
2021-06-15 10:42 – 2021-06-15 10:42 – 000000000 _____ () C:UsersDanAppDataLocaloobelibMkey.log
2021-02-19 22:32 – 2021-06-25 07:35 – 000007601 _____ () C:UsersDanAppDataLocalResmon.ResmonCfg
2021-04-08 03:03 – 2021-04-08 03:03 – 000081920 _____ () C:UsersDanAppDataLocalsqlite_file
==================== FLock ==============================
2021-01-27 22:44 C:ProgramData�44da522aac28f604861c7136aee39ae
2021-01-27 22:44 C:ProgramData29aeffc56acfcc1f786648d69864cf12
2021-02-04 15:03 C:ProgramData40174f5acd21e8fdd7273c389840269c
2021-01-27 22:49 C:ProgramData7f995967804b771a3e6fee56b74d59aa
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
