Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Register a free account to unlock additional features at BleepingComputer.com

Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Latest News: BORN Ontario child registry data breach affects 3.4 million people

Featured Deal: Get started in AI or make your own with this $19.97 course bundle

Latest Buyer's Guide: Best VPNs to unblock Stan outside Australia in 2023

Windows startup problems and treatments

Started by Kay07 , Sep 11 2023 09:28 AM

«
Prev

Please log in to reply

131 replies to this topic

#121 Oh My!

Adware and Spyware and Malware

Malware Response Instructor
55,541 posts
OFFLINE

Gender:Male
Location:California
Local time:06:23 PM

Posted 23 September 2023 - 08:17 PM

Greetings.

Thank you for providing the log.

There were 2 issues we were dealing with. The registry entries and the temp folder contents. Once we removed the randomly named registry startup entries they did not return.

This latest Process Monitor report helped to clarify the situation because the specialized Filter script eliminated all the noise from the report and left only those entries directly related to the Temp folder. After careful review of this report and additional investigation I have concluded the Temp folder contents are normal and not indicative of malware. Not only are all the entries related to legitimate activities, my own computer has similarly named entries.

Let me know your thoughts.

Gary

“Lord, to whom shall we go? You have the words of eternal life. We have come to believe and to know that you are the Holy One of God.”
Where to Start

Back to top"> Back to top

BC AdBot (Login to Remove)

BleepingComputer.com
Register to remove ads

#122 Kay07

Topic Starter

Members
61 posts
OFFLINE

Posted 23 September 2023 - 08:38 PM

Did you see the video I sent you of my startup? Or did you actually use the software on the test computer?

When we turn on our computers they stay there without opening any programs, but when I turn on my computer these files appear on the screen one after the other, and after 20 seconds they stop, and only then can I use the computer.

I had to change my email password because I almost lost it.

Anyway, I believe it's not normal for browsing data to go to the startup tab. was using another SSD and all files were deleted. but I am prevented from doing so, because even if I erase them, it is already in your command that they return....

There are many abnormalities that this software is causing me... I don't believe it is normal.

Back to top"> Back to top

#123 Oh My!

Adware and Spyware and Malware

Malware Response Instructor
55,541 posts
OFFLINE

Gender:Male
Location:California
Local time:06:23 PM

Posted Yesterday, 08:56 AM

Yes I did review the video and no, I have not launched the .exe file because at this point I don't believe it is necessary to potentially compromise my computer.

Please do this.

Please uninstall Internet Download Manager.

===================================================

Farbar Recovery Scan Tool Fix

--------------------

Right click on the FRST64 icon and select Run as administrator
Highlight the below information then hit the Ctrl + C keys at the same time and the text will be copied
There is no need to paste the information anywhere, FRST64 will do it for you

Start::
Folder: C:\Users\Kaique-Vidal\AppData\Local\Temp
End::

Click Fix
When completed the tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.

===================================================

Farbar Recovery Scan Tool Search

--------------------

Launch FRST
Type the following in the Search: box

*1224.crx*;*1322.crx*

Click Search Files button
When completed click OK and a Search.txt document will open on your desktop
Copy and paste the contents of that document your reply

===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it.

Internet Download Manager uninstalled?
Fixlog
Search.txt

Gary

“Lord, to whom shall we go? You have the words of eternal life. We have come to believe and to know that you are the Holy One of God.”
Where to Start

Back to top"> Back to top

#124 Kay07

Topic Starter

Members
61 posts
OFFLINE

Posted Yesterday, 03:02 PM

Fix result of Farbar Recovery Scan Tool (x64) Version: 20-09-2023

Ran by Kaique (24-09-2023 16:50:14) Run:22

Running from C:\Users\Kaique-Vidal\Desktop

Loaded Profiles: Kaique

Boot Mode: Normal

==============================================

fixlist content:

*****************

Start::

Folder: C:\Users\Kaique-Vidal\AppData\Local\Temp

End::

*****************

========================= Folder: C:\Users\Kaique-Vidal\AppData\Local\Temp ========================

2023-09-24 16:49 - 2023-09-24 16:49 - 000000000 ____A [D41D8CD98F00B204E9800998ECF8427E] () C:\Users\Kaique-Vidal\AppData\Local\Temp\0f4d281e-e90a-48a6-8cfa-02ab8b85c389.tmp

2023-09-24 16:49 - 2023-09-24 16:49 - 000000000 ____A [D41D8CD98F00B204E9800998ECF8427E] () C:\Users\Kaique-Vidal\AppData\Local\Temp\2fd7659b-e160-4f8c-a2ef-6f6a57df6f7b.tmp

2023-09-24 16:49 - 2023-09-24 16:49 - 000000000 ____A [D41D8CD98F00B204E9800998ECF8427E] () C:\Users\Kaique-Vidal\AppData\Local\Temp\5bc6f25f-8539-4ea2-9bd2-77a5d9c9f283.tmp

2023-09-24 16:49 - 2023-09-24 16:49 - 000000000 ____A [D41D8CD98F00B204E9800998ECF8427E] () C:\Users\Kaique-Vidal\AppData\Local\Temp\6336cbcb-01a3-4439-b8b2-1cef48414498.tmp

2023-09-24 16:49 - 2023-09-24 16:50 - 000537686 ____A [135A5EE3F081FD72E69DDDB66DBD75A9] () C:\Users\Kaique-Vidal\AppData\Local\Temp\9318c1f4-4a6b-49ad-ac1d-c9a1fbf51cd6.tmp

2023-09-24 16:48 - 2023-09-24 16:49 - 004299674 ____A [43855E4331514AFF9E9BA2DC36021816] () C:\Users\Kaique-Vidal\AppData\Local\Temp\a8d619dc-af43-4a5b-a6b5-a22f3e44bcba.tmp

2023-09-22 16:15 - 2023-09-24 16:48 - 000003036 ____A [6A10E098747C61428F43103E2186AE6F] () C:\Users\Kaique-Vidal\AppData\Local\Temp\AMDLinkDriverUpdate.xml

2023-09-22 16:22 - 2023-09-22 16:22 - 000000199 ____A [A86EE5DF8E3FE0A7DDC9A114E9D75183] () C:\Users\Kaique-Vidal\AppData\Local\Temp\assistant_installer_20230922162221.log

2023-09-22 21:50 - 2023-09-22 21:50 - 000000199 ____A [F01FD73B48BF34BB06861151B70070FF] () C:\Users\Kaique-Vidal\AppData\Local\Temp\assistant_installer_20230922215001.log

2023-09-22 22:06 - 2023-09-22 22:06 - 000000199 ____A [7ABFCF7744DBFFC6C000F564A2C27E80] () C:\Users\Kaique-Vidal\AppData\Local\Temp\assistant_installer_20230922220647.log

2023-09-22 22:58 - 2023-09-22 22:58 - 000000199 ____A [A39CA5C33758E68B93C4417FABC53BC8] () C:\Users\Kaique-Vidal\AppData\Local\Temp\assistant_installer_20230922225822.log

2023-09-22 16:15 - 2023-09-22 16:21 - 000024576 ____A [59CE890C73FDF0175006168C17C2BCC3] () C:\Users\Kaique-Vidal\AppData\Local\Temp\bc3902d8132f43e3ae086a009979fa88.db

2023-09-22 16:15 - 2023-09-22 16:15 - 000000053 ____A [E37EF5A510E11A0F39C03793006FDD8C] () C:\Users\Kaique-Vidal\AppData\Local\Temp\bc3902d8132f43e3ae086a009979fa88.db.ses

2023-09-22 21:45 - 2023-09-24 16:48 - 000032768 ____A [E3E97BA81F0D78FC783EF97617B2792C] () C:\Users\Kaique-Vidal\AppData\Local\Temp\bc3902d8132f43e3ae086a009979fa88.db-shm

2023-09-22 21:45 - 2023-09-24 16:48 - 000041232 ____A [5F07900419604E217EB40AB9411D0263] () C:\Users\Kaique-Vidal\AppData\Local\Temp\bc3902d8132f43e3ae086a009979fa88.db-wal

2023-09-22 16:22 - 2023-09-22 16:22 - 000000000 ____A [D41D8CD98F00B204E9800998ECF8427E] () C:\Users\Kaique-Vidal\AppData\Local\Temp\CUsersKaique-VidalAppDataLocalProgramsOpera102.0.4880.56opera_autoupdate.download.lock

2023-09-22 16:15 - 2023-09-24 16:49 - 000002594 ____A [247D755FDF7A1DF86F7671F8B4723071] () C:\Users\Kaique-Vidal\AppData\Local\Temp\cv_debug.log

2023-09-24 16:49 - 2023-09-24 16:49 - 000001588 ____A [5E54E8677A7DDAEDFECF9B64907599DC] () C:\Users\Kaique-Vidal\AppData\Local\Temp\d52c400b-49f4-4152-9e38-13881b1aa53f.tmp

2023-09-24 16:49 - 2023-09-24 16:49 - 000009982 ____A [5E6E42879FC6A356083F0A91DCCBA910] () C:\Users\Kaique-Vidal\AppData\Local\Temp\e784f064-bca8-4f43-8ff1-43039b632428.tmp

2023-09-22 22:53 - 2023-09-22 22:53 - 000000000 ____A [D41D8CD98F00B204E9800998ECF8427E] () C:\Users\Kaique-Vidal\AppData\Local\Temp\mat-debug-10620.log

2023-09-24 16:43 - 2023-09-24 16:43 - 000000000 ____A [D41D8CD98F00B204E9800998ECF8427E] () C:\Users\Kaique-Vidal\AppData\Local\Temp\mat-debug-10816.log

2023-09-22 21:45 - 2023-09-22 21:45 - 000000000 ____A [D41D8CD98F00B204E9800998ECF8427E] () C:\Users\Kaique-Vidal\AppData\Local\Temp\mat-debug-12768.log

2023-09-22 22:01 - 2023-09-22 22:01 - 000000000 ____A [D41D8CD98F00B204E9800998ECF8427E] () C:\Users\Kaique-Vidal\AppData\Local\Temp\mat-debug-4328.log

2023-09-22 22:53 - 2023-09-22 22:53 - 000000000 ____A [D41D8CD98F00B204E9800998ECF8427E] () C:\Users\Kaique-Vidal\AppData\Local\Temp\mat-debug-6264.log

2023-09-22 21:45 - 2023-09-22 21:45 - 000000000 ____A [D41D8CD98F00B204E9800998ECF8427E] () C:\Users\Kaique-Vidal\AppData\Local\Temp\mat-debug-7572.log

2023-09-24 16:43 - 2023-09-24 16:43 - 000000000 ____A [D41D8CD98F00B204E9800998ECF8427E] () C:\Users\Kaique-Vidal\AppData\Local\Temp\mat-debug-8028.log

2023-09-22 22:01 - 2023-09-22 22:01 - 000000000 ____A [D41D8CD98F00B204E9800998ECF8427E] () C:\Users\Kaique-Vidal\AppData\Local\Temp\mat-debug-8300.log

2023-09-24 16:48 - 2023-09-24 16:48 - 000000000 ____A [D41D8CD98F00B204E9800998ECF8427E] () C:\Users\Kaique-Vidal\AppData\Local\Temp\mat-debug-8552.log

2023-09-22 16:15 - 2023-09-22 16:15 - 000000000 ____A [D41D8CD98F00B204E9800998ECF8427E] () C:\Users\Kaique-Vidal\AppData\Local\Temp\mat-debug-8892.log

2023-09-24 16:48 - 2023-09-24 16:48 - 000000000 ____A [D41D8CD98F00B204E9800998ECF8427E] () C:\Users\Kaique-Vidal\AppData\Local\Temp\mat-debug-9084.log

2023-09-22 16:15 - 2023-09-22 16:15 - 000000000 ____A [D41D8CD98F00B204E9800998ECF8427E] () C:\Users\Kaique-Vidal\AppData\Local\Temp\mat-debug-9152.log

2023-09-22 22:55 - 2023-09-22 22:55 - 002714008 ___AH [E4086E56BEB16C4B4B57E381B8151232] (Microsoft Corporation -> Sysinternals - www.sysinternals.com) C:\Users\Kaique-Vidal\AppData\Local\Temp\Procmon64.exe

2023-09-22 16:17 - 2023-09-24 16:49 - 000003502 ____A [7237A76C03BE37A173B9CF02A6E9A414] () C:\Users\Kaique-Vidal\AppData\Local\Temp\vivaldi_installer.log

2023-09-22 16:22 - 2023-09-22 16:22 - 000000000 ___HD [00000000000000000000000000000000] C:\Users\Kaique-Vidal\AppData\Local\Temp\.opera

2023-09-22 16:22 - 2023-09-22 22:58 - 000000000 ____D [00000000000000000000000000000000] C:\Users\Kaique-Vidal\AppData\Local\Temp\.opera\4F0A7131560F

2023-09-22 16:22 - 2023-09-22 22:58 - 000000000 ____D [00000000000000000000000000000000] C:\Users\Kaique-Vidal\AppData\Local\Temp\.opera\D77531E8E090

2023-09-22 16:22 - 2023-09-22 22:58 - 000000000 ____D [00000000000000000000000000000000] C:\Users\Kaique-Vidal\AppData\Local\Temp\.opera\E587B10C2040

2023-09-22 21:48 - 2023-09-22 21:49 - 000000000 ____D [00000000000000000000000000000000] C:\Users\Kaique-Vidal\AppData\Local\Temp\chrome_BITS_10460_772086312

2023-09-22 17:35 - 2023-09-22 17:35 - 000001886 ____A [AC10D0246BF60033EE1ACC8BCC94B603] () C:\Users\Kaique-Vidal\AppData\Local\Temp\chrome_BITS_10460_772086312\db013f1ac0b7119540e3eec4c5357f4a1f600a183ba8616685e7407e989061b4.puff

2023-09-24 16:44 - 2023-09-24 16:44 - 000000000 ____D [00000000000000000000000000000000] C:\Users\Kaique-Vidal\AppData\Local\Temp\chrome_BITS_8696_1393931529

2023-09-24 08:39 - 2023-09-24 08:39 - 000001860 ____A [1A8BC8A00A02769DC9600FD26EF645F4] () C:\Users\Kaique-Vidal\AppData\Local\Temp\chrome_BITS_8696_1393931529\3c9512bd8ea1525f80e630f27aa2f5818800feaf039010e7df656efb8c910650.puff

2023-09-22 22:06 - 2023-09-22 22:06 - 000000000 ____D [00000000000000000000000000000000] C:\Users\Kaique-Vidal\AppData\Local\Temp\chrome_url_fetcher_11308_1124851356

2023-09-22 22:06 - 2023-09-22 22:06 - 000071348 ____A [8E8FA790F1F57693E28DB00F461A65E6] () C:\Users\Kaique-Vidal\AppData\Local\Temp\chrome_url_fetcher_11308_1124851356\extension_1_0_45.crx

2023-09-22 22:06 - 2023-09-22 22:06 - 000000000 ____D [00000000000000000000000000000000] C:\Users\Kaique-Vidal\AppData\Local\Temp\chrome_url_fetcher_11308_1200450410

2023-09-22 22:06 - 2023-09-22 22:06 - 000078983 ____A [D915439E59E790534AA8FAB99AB155A3] () C:\Users\Kaique-Vidal\AppData\Local\Temp\chrome_url_fetcher_11308_1200450410\extension_1_0_295.crx

2023-09-22 22:06 - 2023-09-22 22:06 - 000000000 ____D [00000000000000000000000000000000] C:\Users\Kaique-Vidal\AppData\Local\Temp\chrome_url_fetcher_11308_1401307541

2023-09-22 22:06 - 2023-09-22 22:06 - 001072129 ____A [BA6CF889E42B3B1BC16722ACCD71120C] () C:\Users\Kaique-Vidal\AppData\Local\Temp\chrome_url_fetcher_11308_1401307541\extension_1_0_165.crx

2023-09-22 22:06 - 2023-09-22 22:06 - 000000000 ____D [00000000000000000000000000000000] C:\Users\Kaique-Vidal\AppData\Local\Temp\chrome_url_fetcher_11308_1653383322

2023-09-22 22:06 - 2023-09-22 22:06 - 004248523 ____A [DE9728669A1DCC5C7AF7441D1809BA16] () C:\Users\Kaique-Vidal\AppData\Local\Temp\chrome_url_fetcher_11308_1653383322\extension_1_0_68.crx

2023-09-22 22:06 - 2023-09-22 22:06 - 000000000 ____D [00000000000000000000000000000000] C:\Users\Kaique-Vidal\AppData\Local\Temp\chrome_url_fetcher_11308_1886635209

2023-09-22 22:06 - 2023-09-22 22:06 - 000788448 ____A [C8055F14982AB1FBE5AA39DC5ECFA389] () C:\Users\Kaique-Vidal\AppData\Local\Temp\chrome_url_fetcher_11308_1886635209\extension_1_0_1282.crx

2023-09-22 22:06 - 2023-09-22 22:06 - 000000000 ____D [00000000000000000000000000000000] C:\Users\Kaique-Vidal\AppData\Local\Temp\chrome_url_fetcher_11308_1913887310

2023-09-22 22:06 - 2023-09-22 22:06 - 000010393 ____A [45838F5E89494E1030887A4FE2453D78] () C:\Users\Kaique-Vidal\AppData\Local\Temp\chrome_url_fetcher_11308_1913887310\extension_1_0_1328.crx

2023-09-22 22:06 - 2023-09-22 22:06 - 000000000 ____D [00000000000000000000000000000000] C:\Users\Kaique-Vidal\AppData\Local\Temp\chrome_url_fetcher_11308_488261226

2023-09-22 22:06 - 2023-09-22 22:06 - 000142487 ____A [D3334F3C6AE2C2C6F8CED904D9F65F13] () C:\Users\Kaique-Vidal\AppData\Local\Temp\chrome_url_fetcher_11308_488261226\extension_1_0_457.crx

2023-09-22 22:06 - 2023-09-22 22:06 - 000000000 ____D [00000000000000000000000000000000] C:\Users\Kaique-Vidal\AppData\Local\Temp\chrome_url_fetcher_11308_640942240

2023-09-22 22:06 - 2023-09-22 22:06 - 000026395 ____A [13D89440F1DF31C04D26015E94597ABF] () C:\Users\Kaique-Vidal\AppData\Local\Temp\chrome_url_fetcher_11308_640942240\hfnkpimlhhgieaddgfemjhofmfblmnib_8255_all_jhudig3yiqtrmx3cxogy7k2lpq.crx3

2023-09-22 22:06 - 2023-09-22 22:06 - 000000000 ____D [00000000000000000000000000000000] C:\Users\Kaique-Vidal\AppData\Local\Temp\chrome_url_fetcher_11308_641122739

2023-09-22 22:06 - 2023-09-22 22:06 - 001367774 ____A [42F21DC4A9480833386251870B83106C] () C:\Users\Kaique-Vidal\AppData\Local\Temp\chrome_url_fetcher_11308_641122739\extension_1_0_1279.crx

2023-09-22 22:06 - 2023-09-22 22:06 - 000000000 ____D [00000000000000000000000000000000] C:\Users\Kaique-Vidal\AppData\Local\Temp\chrome_url_fetcher_11308_947752014

2023-09-22 22:06 - 2023-09-22 22:06 - 000325401 ____A [CB28D7D57C93E0839F63F6A2B20EC255] () C:\Users\Kaique-Vidal\AppData\Local\Temp\chrome_url_fetcher_11308_947752014\extension_1_0_1431.crx

2023-09-24 16:44 - 2023-09-24 16:44 - 000000000 ____D [00000000000000000000000000000000] C:\Users\Kaique-Vidal\AppData\Local\Temp\edge_BITS_13784_1775400350

2023-09-24 04:16 - 2023-09-24 04:16 - 000116760 ____A [44832EE685933A0DBA3EBC1CD2F68633] () C:\Users\Kaique-Vidal\AppData\Local\Temp\edge_BITS_13784_1775400350\be6a5544-6945-470f-bc6f-bb583536273c

2023-09-22 23:00 - 2023-09-22 23:00 - 000000000 ____D [00000000000000000000000000000000] C:\Users\Kaique-Vidal\AppData\Local\Temp\edge_BITS_7268_904913905

2023-09-22 04:22 - 2023-09-22 04:22 - 000116823 ___AH [72CDF92980C22319E4BC265874A785A7] () C:\Users\Kaique-Vidal\AppData\Local\Temp\edge_BITS_7268_904913905\BIT3091.tmp

2023-09-22 16:15 - 2023-09-24 16:48 - 000000000 ____D [00000000000000000000000000000000] C:\Users\Kaique-Vidal\AppData\Local\Temp\InstallManagerApp

2023-09-24 16:42 - 2023-09-24 16:43 - 000021614 ____A [169AD0FD4FF70C3DD293C0C69BDC3619] () C:\Users\Kaique-Vidal\AppData\Local\Temp\InstallManagerApp\AMDInstallManagerApp_11008_2023_09_24_16_42_59.log

2023-09-22 21:44 - 2023-09-22 21:45 - 000003584 ____A [1D7388F7E5CEBE6A26466CD23AEE26AE] () C:\Users\Kaique-Vidal\AppData\Local\Temp\InstallManagerApp\AMDInstallManagerApp_11272_2023_09_22_21_44_58.log

2023-09-22 22:53 - 2023-09-22 22:53 - 000021614 ____A [319E6D39D0ACA645103FF9685C353B03] () C:\Users\Kaique-Vidal\AppData\Local\Temp\InstallManagerApp\AMDInstallManagerApp_11600_2023_09_22_22_53_19.log

2023-09-22 16:15 - 2023-09-22 16:15 - 000021613 ____A [5DAC11935F327DEEFB0903683E262797] () C:\Users\Kaique-Vidal\AppData\Local\Temp\InstallManagerApp\AMDInstallManagerApp_3340_2023_09_22_16_15_15.log

2023-09-22 22:01 - 2023-09-22 22:01 - 000021613 ____A [42AB0D806BD4D1A76C9D730DE8EDE790] () C:\Users\Kaique-Vidal\AppData\Local\Temp\InstallManagerApp\AMDInstallManagerApp_3512_2023_09_22_22_01_45.log

2023-09-22 22:01 - 2023-09-22 22:01 - 000003583 ____A [2807BC8E5EB89F63500C11120AE942FA] () C:\Users\Kaique-Vidal\AppData\Local\Temp\InstallManagerApp\AMDInstallManagerApp_5096_2023_09_22_22_01_45.log

2023-09-24 16:48 - 2023-09-24 16:48 - 000003583 ____A [13695B7DF9E44E4C9D371575DDDD8CF8] () C:\Users\Kaique-Vidal\AppData\Local\Temp\InstallManagerApp\AMDInstallManagerApp_5976_2023_09_24_16_48_19.log

2023-09-24 16:48 - 2023-09-24 16:48 - 000021613 ____A [40E4A01E30E792E21E0472E6DB0275AA] () C:\Users\Kaique-Vidal\AppData\Local\Temp\InstallManagerApp\AMDInstallManagerApp_6052_2023_09_24_16_48_19.log

2023-09-22 16:15 - 2023-09-22 16:15 - 000003583 ____A [1F83149865CC36726404548DE2EA956C] () C:\Users\Kaique-Vidal\AppData\Local\Temp\InstallManagerApp\AMDInstallManagerApp_6096_2023_09_22_16_15_15.log

2023-09-22 21:44 - 2023-09-22 21:44 - 000021613 ____A [951C5F977580EB4A7BAE9456CFBF7BEA] () C:\Users\Kaique-Vidal\AppData\Local\Temp\InstallManagerApp\AMDInstallManagerApp_6364_2023_09_22_21_44_58.log

2023-09-22 22:53 - 2023-09-22 22:53 - 000003583 ____A [27CF345A19EAA041B3AA8E0CA6793488] () C:\Users\Kaique-Vidal\AppData\Local\Temp\InstallManagerApp\AMDInstallManagerApp_9264_2023_09_22_22_53_19.log

2023-09-24 16:42 - 2023-09-24 16:43 - 000003583 ____A [89AE0181AC4EE39E3E339831D84325AB] () C:\Users\Kaique-Vidal\AppData\Local\Temp\InstallManagerApp\AMDInstallManagerApp_9608_2023_09_24_16_42_59.log

2023-09-22 22:12 - 2023-09-22 22:12 - 000000000 ____D [00000000000000000000000000000000] C:\Users\Kaique-Vidal\AppData\Local\Temp\SoftwareUpdate_Temp

====== End of Folder: ======

==== End of Fixlog 16:50:14 ====

Farbar Recovery Scan Tool (x64) Version: 20-09-2023

Ran by Kaique (24-09-2023 16:50:46)

Running from C:\Users\Kaique-Vidal\Desktop

Boot Mode: Normal

================== Search Files: "*1224.crx*;*1322.crx*" =============

C:\FRST\Quarantine\C\Users\Kaique-Vidal\AppData\Local\Temp\Temp\Temp\chrome_url_fetcher_15224_820304799\extension_1_0_1322.crx

[2023-09-17 15:20][2023-09-17 15:20] 000324457 _____ () 05D6826526D6C597D27011AFB485B29A [File not signed]

C:\FRST\Quarantine\C\Users\Kaique-Vidal\AppData\Local\Temp\Temp\Temp\chrome_url_fetcher_15224_1978793546\extension_1_0_1224.crx

[2023-09-17 15:20][2023-09-17 15:20] 000010363 _____ () 4C2E091C673B38A8A7BD908C34F28FDF [File not signed]

====== End of Search ======

Back to top"> Back to top

#125 Oh My!

Adware and Spyware and Malware

Malware Response Instructor
55,541 posts
OFFLINE

Gender:Male
Location:California
Local time:06:23 PM

Posted Yesterday, 07:16 PM

I still do not believe this is malware related.

Did you reinstall Chrome? If not, I would like you to run a SearchAll: again.

Please do this.

===================================================

Farbar Recovery Scan Tool Fix

--------------------

Right click on the FRST64 icon and select Run as administrator
Highlight the below information then hit the Ctrl + C keys at the same time and the text will be copied
There is no need to paste the information anywhere, FRST64 will do it for you

Start::
cmd: type "C:\Users\Kaique-Vidal\AppData\Local\Temp\AMDLinkDriverUpdate.xml"
cmd: type "C:\Users\Kaique-Vidal\AppData\Local\Temp\assistant_installer_20230922162221.log"
cmd: type "C:\Users\Kaique-Vidal\AppData\Local\Temp\cv_debug.log"
cmd: type "C:\Users\Kaique-Vidal\AppData\Local\Temp\vivaldi_installer.log"
cmd: type "C:\Users\Kaique-Vidal\AppData\Local\Temp\InstallManagerApp\AMDInstallManagerApp_11272_2023_09_22_21_44_58.log"
End::

Click Fix
When completed the tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.

===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it.

Chrome installed?
Fixlog
Search.txt (only if Chrome not reinstalled)

Edited by Oh My!, Yesterday, 07:18 PM.

Gary

“Lord, to whom shall we go? You have the words of eternal life. We have come to believe and to know that you are the Holy One of God.”
Where to Start

Back to top"> Back to top

#126 Kay07

Topic Starter

Members
61 posts
OFFLINE

Posted Yesterday, 08:51 PM

I didn't reinstall Chrome

Fix result of Farbar Recovery Scan Tool (x64) Version: 20-09-2023

Ran by Kaique (24-09-2023 22:16:09) Run:23

Running from C:\Users\Kaique-Vidal\Desktop

Loaded Profiles: Kaique

Boot Mode: Normal

==============================================

fixlist content:

*****************

Start::

cmd: type "C:\Users\Kaique-Vidal\AppData\Local\Temp\AMDLinkDriverUpdate.xml"

cmd: type "C:\Users\Kaique-Vidal\AppData\Local\Temp\assistant_installer_20230922162221.log"

cmd: type "C:\Users\Kaique-Vidal\AppData\Local\Temp\cv_debug.log"

cmd: type "C:\Users\Kaique-Vidal\AppData\Local\Temp\vivaldi_installer.log"

cmd: type "C:\Users\Kaique-Vidal\AppData\Local\Temp\InstallManagerApp\AMDInstallManagerApp_11272_2023_09_22_21_44_58.log"

End::

*****************

========= type "C:\Users\Kaique-Vidal\AppData\Local\Temp\AMDLinkDriverUpdate.xml" =========

<?xml version="1.0" encoding="utf-16"?>

<Author>Advanced Micro Devices</Author>

<Description>AMDLinkUpdate</Description>

<URI>\AMD Link Driver</URI>

</RegistrationInfo>

</Triggers>

<UserId>DESKTOP-RTLM44P\Kaique</UserId>

<RunLevel>HighestAvailable</RunLevel>

</Principal>

</Principals>

<MultipleInstancesPolicy>IgnoreNew</MultipleInstancesPolicy>

<DisallowStartIfOnBatteries>false</DisallowStartIfOnBatteries>

<StopIfGoingOnBatteries>false</StopIfGoingOnBatteries>

<StartWhenAvailable>false</StartWhenAvailable>

<RunOnlyIfNetworkAvailable>false</RunOnlyIfNetworkAvailable>

<RestartOnIdle>false</RestartOnIdle>

</IdleSettings>

<RunOnlyIfIdle>false</RunOnlyIfIdle>

<WakeToRun>false</WakeToRun>

</Settings>

<Exec>

<Command>C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe</Command>

<Arguments>-AMDLinkUpdate</Arguments>

</Exec>

</Actions>

</Task>

========= End of CMD: =========

========= type "C:\Users\Kaique-Vidal\AppData\Local\Temp\assistant_installer_20230922162221.log" =========

[0922/162221.226:INFO:assistant_installer_main.cc(167)] Running assistant installer with command line "C:\Users\Kaique-Vidal\AppData\Local\Programs\Opera\assistant\assistant_installer.exe" --version

========= End of CMD: =========

========= type "C:\Users\Kaique-Vidal\AppData\Local\Temp\cv_debug.log" =========

{"logTime": "0922/191526", "correlationVector":"esKw5E8eFcpUCksK8ej2YU","action":"EXTENSION_UPDATER", "result":""}

{"logTime": "0922/191528", "correlationVector":"J/p8VoSuuVYl9jXuEFdCd/","action":"EXTENSION_UPDATER", "result":""}

{"logTime": "0922/191532", "correlationVector":"Gg+GdHUla4ikfh3VMmXLcR","action":"EXTENSION_UPDATER", "result":""}

{"logTime": "0922/191702", "correlationVector":"De45zva4nRWJnzeNAOyTmg","action":"EXTENSION_UPDATER", "result":""}

{"logTime": "0922/191704", "correlationVector":"AFeTJ0tDFBZvWpvW75Bof3","action":"EXTENSION_UPDATER", "result":""}

{"logTime": "0922/191708", "correlationVector":"IHNYRiO7cew47BbHaVINeZ","action":"EXTENSION_UPDATER", "result":""}

{"logTime": "0923/004513", "correlationVector":"24802FAAB2354D2DBA4D60859AF3AC5D","action":"FETCH_UX_CONFIG", "result":""}

{"logTime": "0923/004513", "correlationVector":"MUC/DC9WPnIx+U920AiP8t","action":"EXTENSION_UPDATER", "result":""}

{"logTime": "0923/004742", "correlationVector":"n4pG5NlXvHSOzbG/sIy16W","action":"EXTENSION_UPDATER", "result":""}

{"logTime": "0923/004743", "correlationVector":"F12A73395E3544259F75202EBDAC582F","action":"FETCH_UX_CONFIG", "result":""}

{"logTime": "0923/010157", "correlationVector":"FC1E77C3263C4530B6FC712B9463AE1E","action":"FETCH_UX_CONFIG", "result":""}

{"logTime": "0923/010157", "correlationVector":"WVAXwLojmZum5B1jNJ1uS0","action":"EXTENSION_UPDATER", "result":""}

{"logTime": "0923/015330", "correlationVector":"9AB8B0EB53B548D2B0E9549ECE42D259","action":"FETCH_UX_CONFIG", "result":""}

{"logTime": "0923/015331", "correlationVector":"0Ju/KbopErm4L4wk6NLmFn","action":"EXTENSION_UPDATER", "result":""}

{"logTime": "0923/015945", "correlationVector":"/wJOGcwazpvm4JOItCejNm","action":"EXTENSION_UPDATER", "result":""}

{"logTime": "0923/015946", "correlationVector":"FE02F522B2E7406E9CB94AAB7A198530","action":"FETCH_UX_CONFIG", "result":""}

{"logTime": "0924/194333", "correlationVector":"upBLhSY7SOVu0coJL2+Lvk","action":"EXTENSION_UPDATER", "result":""}

{"logTime": "0924/194333", "correlationVector":"36C90E3A783B45E08ABA596AB43217AD","action":"FETCH_UX_CONFIG", "result":""}

{"logTime": "0924/194830", "correlationVector":"DCEF8F9EAD6B45D189F0300576BE6DF6","action":"FETCH_UX_CONFIG", "result":""}

{"logTime": "0924/194830", "correlationVector":"QEeQ02dzMS1HoFm6p1TwQi","action":"EXTENSION_UPDATER", "result":""}

{"logTime": "0924/194913", "correlationVector":"0F149590iut36BcRExu7db","action":"EXTENSION_UPDATER", "result":""}

{"logTime": "0924/194914", "correlationVector":"AC14F46586E44F6491F88C840D0305E4","action":"FETCH_UX_CONFIG", "result":""}

{"logTime": "0925/010556", "correlationVector":"ueELfFMtWpbo79Ix3sCNwH","action":"EXTENSION_UPDATER", "result":""}

{"logTime": "0925/010556", "correlationVector":"D29DC628CE22460FAE0E40544C447398","action":"FETCH_UX_CONFIG", "result":""}

========= End of CMD: =========

========= type "C:\Users\Kaique-Vidal\AppData\Local\Temp\vivaldi_installer.log" =========

[0924/164318.411:ERROR:install_worker.cc(155)] Failed creating a firewall rules. Continuing with install.

[0924/164318.699:VERBOSE1:vivaldi_setup_util.cc(418)] Initial command line:

"C:\Users\KAIQUE~1\AppData\Local\Temp\VivaldiUpdate-jyhmsbwq7adknaekouq3la\2212_620272350\setup.exe" --vivaldi-install-dir="C:\Users\Kaique-Vidal\AppData\Local\Vivaldi" --verbose-logging --create-shortcuts=2 --install-level=0

[0924/164318.708:VERBOSE1:vivaldi_setup_util.cc(558)] Vivaldi: install for current user - install_dir=C:\Users\Kaique-Vidal\AppData\Local\Vivaldi

[0924/164318.708:VERBOSE1:setup_main.cc(1572)] Command Line: "C:\Users\KAIQUE~1\AppData\Local\Temp\VivaldiUpdate-jyhmsbwq7adknaekouq3la\2212_620272350\setup.exe" --vivaldi-install-dir="C:\Users\Kaique-Vidal\AppData\Local\Vivaldi" --verbose-logging --create-shortcuts=2 --install-level=0 --vivaldi-update --vivaldi-install-dir="C:\Users\Kaique-Vidal\AppData\Local\Vivaldi"

[0924/164318.724:VERBOSE1:setup_main.cc(1578)] system install is 0

[0924/164318.767:VERBOSE1:installer_state.cc(90)] Install Chrome

[0924/164318.768:VERBOSE1:install_util.cc(255)] Windows NT 10.0.22621

[0924/164318.769:VERBOSE1:install.cc(127)] Overwriting per-user Desktop "Vivaldi" shortcut to C:\Users\Kaique-Vidal\AppData\Local\Vivaldi\Application\vivaldi.exe.

[0924/164318.833:VERBOSE1:install.cc(127)] Overwriting per-user Quick Launch "Vivaldi" shortcut to C:\Users\Kaique-Vidal\AppData\Local\Vivaldi\Application\vivaldi.exe.

[0924/164318.865:VERBOSE1:install.cc(127)] Overwriting per-user Start menu "Vivaldi" shortcut to C:\Users\Kaique-Vidal\AppData\Local\Vivaldi\Application\vivaldi.exe.

[0924/164908.171:ERROR:delete_after_reboot_helper.cc(74)] Could not schedule C:\Users\Kaique-Vidal\AppData\Local\Vivaldi\Temp\scoped_dir11280_81396802\old_vivaldi.exe for deletion.: Acesso negado. (0x5)

[0924/164908.171:ERROR:delete_after_reboot_helper.cc(130)] Failed to schedule file for deletion: C:\Users\Kaique-Vidal\AppData\Local\Vivaldi\Temp\scoped_dir11280_81396802\old_vivaldi.exe

[0924/164908.171:ERROR:delete_after_reboot_helper.cc(145)] Failed to schedule subdirectory for deletion: C:\Users\Kaique-Vidal\AppData\Local\Vivaldi\Temp\scoped_dir11280_81396802

[0924/164908.171:VERBOSE1:vivaldi_setup_util.cc(418)] Initial command line:

"C:\Users\Kaique-Vidal\AppData\Local\Vivaldi\Application\6.2.3105.51\Installer\setup.exe" --vivaldi-install-dir="C:\Users\Kaique-Vidal\AppData\Local\Vivaldi" --delete-old-versions --verbose-logging

[0924/164908.171:VERBOSE1:vivaldi_setup_util.cc(558)] Vivaldi: install for current user - install_dir=C:\Users\Kaique-Vidal\AppData\Local\Vivaldi

[0924/164908.186:VERBOSE1:setup_main.cc(1572)] Command Line: "C:\Users\Kaique-Vidal\AppData\Local\Vivaldi\Application\6.2.3105.51\Installer\setup.exe" --vivaldi-install-dir="C:\Users\Kaique-Vidal\AppData\Local\Vivaldi" --delete-old-versions --verbose-logging --vivaldi-update --vivaldi-install-dir="C:\Users\Kaique-Vidal\AppData\Local\Vivaldi"

[0924/164908.186:VERBOSE1:setup_main.cc(1578)] system install is 0

[0924/164908.186:VERBOSE1:installer_state.cc(90)] Install Chrome

[0924/164908.186:VERBOSE1:install_util.cc(255)] Windows NT 10.0.22621

[0924/164908.186:VERBOSE1:installer_state.cc(90)] Install Chrome

[0924/164923.248:WARNING:delete_old_versions.cc(93)] Attempting to delete stray directory C:\Users\Kaique-Vidal\AppData\Local\Vivaldi\Application\6.2.3105.48

[0924/164923.523:VERBOSE1:setup_main.cc(516)] Successfully deleted all old files from --delete-old-versions process.

========= End of CMD: =========

========= type "C:\Users\Kaique-Vidal\AppData\Local\Temp\InstallManagerApp\AMDInstallManagerApp_11272_2023_09_22_21_44_58.log" =========

Process Id:11272

Thread Id:8932 2023:09:22-21:44:58 DEBUG InstallManagerApp.exe:IsScheduleTaskCreated Launching command cmd.exe /C "SCHTASKS /Query /TN AMDLinkUpdate"

Thread Id:8932 2023:09:22-21:44:59 DEBUG InstallManagerApp.exe:IsScheduleTaskCreated Return value : 0

Thread Id:8932 2023:09:22-21:44:59 DEBUG InstallManagerApp.exe:IsScheduleTaskCreated Reading output buffer. Amount read: 255, Amount avaliable: 255

Thread Id:8932 2023:09:22-21:44:59 DEBUG InstallManagerApp.exe:IsScheduleTaskCreated Shedule task created

Thread Id:8932 2023:09:22-21:44:59 DEBUG InstallManagerApp.exe:IsScheduleTaskCreated Output from launched command:

Pasta: \

Nome da tarefa Hora da próxima execuç Status

======================================== ====================== ===============

AMDLinkUpdate N/A Pronto

Thread Id:8932 2023:09:22-21:44:59 DEBUG InstallManagerApp.exe:IsScheduleTaskCreated Launching command cmd.exe /C "SCHTASKS /Query /TN AMDLinkUpdate"

Thread Id:8932 2023:09:22-21:44:59 DEBUG InstallManagerApp.exe:IsScheduleTaskCreated Return value : 0

Thread Id:8932 2023:09:22-21:44:59 DEBUG InstallManagerApp.exe:IsScheduleTaskCreated Reading output buffer. Amount read: 255, Amount avaliable: 255

Thread Id:8932 2023:09:22-21:44:59 DEBUG InstallManagerApp.exe:IsScheduleTaskCreated Shedule task created

Thread Id:8932 2023:09:22-21:44:59 DEBUG InstallManagerApp.exe:IsScheduleTaskCreated Output from launched command:

Pasta: \

Nome da tarefa Hora da próxima execuç Status

======================================== ====================== ===============

AMDLinkUpdate N/A Pronto

Thread Id:8932 2023:09:22-21:44:59 DEBUG InstallManagerApp.exe:IsScheduleTaskCreated Launching command cmd.exe /C "SCHTASKS /Query /TN AMDInstallLauncher"

Thread Id:8932 2023:09:22-21:44:59 DEBUG InstallManagerApp.exe:IsScheduleTaskCreated Return value : 0

Thread Id:8932 2023:09:22-21:44:59 DEBUG InstallManagerApp.exe:IsScheduleTaskCreated Reading output buffer. Amount read: 255, Amount avaliable: 255

Thread Id:8932 2023:09:22-21:44:59 DEBUG InstallManagerApp.exe:IsScheduleTaskCreated Shedule task created

Thread Id:8932 2023:09:22-21:44:59 DEBUG InstallManagerApp.exe:IsScheduleTaskCreated Output from launched command:

Pasta: \

Nome da tarefa Hora da próxima execuç Status

======================================== ====================== ===============

AMDInstallLauncher N/A Pronto

Thread Id:8932 2023:09:22-21:45:00 DEBUG InstallManagerApp.exe:IsScheduleTaskCreated Launching command cmd.exe /C "SCHTASKS /Query /TN AMDInstallLauncher"

Thread Id:8932 2023:09:22-21:45:00 DEBUG InstallManagerApp.exe:IsScheduleTaskCreated Return value : 0

Thread Id:8932 2023:09:22-21:45:00 DEBUG InstallManagerApp.exe:IsScheduleTaskCreated Reading output buffer. Amount read: 255, Amount avaliable: 255

Thread Id:8932 2023:09:22-21:45:00 DEBUG InstallManagerApp.exe:IsScheduleTaskCreated Shedule task created

Thread Id:8932 2023:09:22-21:45:00 DEBUG InstallManagerApp.exe:IsScheduleTaskCreated Output from launched command:

Pasta: \

Nome da tarefa Hora da próxima execuç Status

======================================== ====================== ===============

AMDInstallLauncher N/A Pronto

========= End of CMD: =========

==== End of Fixlog 22:16:11 ====

Farbar Recovery Scan Tool (x64) Version: 20-09-2023

Ran by Kaique (24-09-2023 22:07:01)

Running from C:\Users\Kaique-Vidal\Desktop

Boot Mode: Normal

================== Search Files: "SearchAll: Chrome" =============

File:

========

C:\Windows.old\Windows\WinSxS\x86_netfx4-browser_files_b03f5f7f11d50a3a_4.0.15840.3_none_04eceb382218bb77\chrome.browser

[2019-12-07 06:10][2019-12-07 06:10] 000002107 _____ () 8C54E6C4F9E0CC3274EA6D04AAE9436B [File is digitally signed]

C:\Windows.old\Windows\WinSxS\x86_netfx4-browser_files_b03f5f7f11d50a3a_4.0.15805.0_none_04f1e78822144171\chrome.browser

[2019-12-07 06:10][2019-12-07 06:10] 000002107 _____ () 8C54E6C4F9E0CC3274EA6D04AAE9436B [File is digitally signed]

C:\Windows.old\Windows\WinSxS\amd64_netfx4-browser_files_b03f5f7f11d50a3a_4.0.15840.3_none_bd3fb4610d9c9271\chrome.browser

[2019-12-07 06:10][2019-12-07 06:10] 000002107 _____ () 8C54E6C4F9E0CC3274EA6D04AAE9436B [File is digitally signed]

C:\Windows.old\Windows\WinSxS\amd64_netfx4-browser_files_b03f5f7f11d50a3a_4.0.15805.0_none_bd44b0b10d98186b\chrome.browser

[2019-12-07 06:10][2019-12-07 06:10] 000002107 _____ () 8C54E6C4F9E0CC3274EA6D04AAE9436B [File is digitally signed]

C:\Windows.old\Windows\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.19041.3271_none_777fc25602cfdf98\backstack-chrome-breadcrumb-template.html

[2019-12-07 06:08][2019-12-07 06:08] 000000189 _____ () ED782E48C975894618735B7D86AB20DE [File is digitally signed]

C:\Windows.old\Windows\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.19041.3271_none_777fc25602cfdf98\backstack-chrome-breadcrumb-vm.js

[2019-12-07 06:08][2019-12-07 06:08] 000001086 _____ () A8F0A705896E2423EBDA1510A0FB547C [File is digitally signed]

C:\Windows.old\Windows\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.19041.3271_none_777fc25602cfdf98\close-chrome-breadcrumb-template.html

[2019-12-07 06:08][2019-12-07 06:08] 000000200 _____ () 2546227227FEA03E836D46B25EA978D0 [File is digitally signed]

C:\Windows.old\Windows\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.19041.3271_none_777fc25602cfdf98\close-chrome-breadcrumb-vm.js

[2019-12-07 06:08][2019-12-07 06:08] 000001076 _____ () CE54FAE2561C7B5A48CCD4FAF4A79562 [File is digitally signed]

C:\Windows.old\Windows\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.19041.3271_none_777fc25602cfdf98\oobe-chrome-breadcrumb-template.html

[2019-12-07 06:08][2019-12-07 06:08] 000000500 _____ () BCF3755195C7509246BF09528D323A26 [File is digitally signed]

C:\Windows.old\Windows\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.19041.3271_none_777fc25602cfdf98\oobe-chrome-breadcrumb-vm.js

[2019-12-07 06:08][2019-12-07 06:08] 000003934 _____ () 7E1CE425EDC8DC18A82E632F5AE49AEF [File is digitally signed]

C:\Windows.old\Windows\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.19041.3271_none_777fc25602cfdf98\oobe-chrome-contentview-template.html

[2019-12-07 06:08][2019-12-07 06:08] 000000166 _____ () 8E1BF30C9696C43FBF124F9911138442 [File is digitally signed]

C:\Windows.old\Windows\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.19041.3271_none_777fc25602cfdf98\oobe-chrome-contentview-vm.js

[2019-12-07 06:08][2019-12-07 06:08] 000000326 _____ () 6261C273B8A1B4A5259061D6674CC443 [File is digitally signed]

C:\Windows.old\Windows\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.19041.3271_none_777fc25602cfdf98\oobe-chrome-footer-template.html

[2019-12-07 06:08][2019-12-07 06:08] 000002798 _____ () 41E79E164080C6C587D9852DEE0EF98B [File is digitally signed]

C:\Windows.old\Windows\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.19041.3271_none_777fc25602cfdf98\oobe-chrome-footer-vm.js

[2022-09-08 00:05][2022-09-08 00:05] 000014787 _____ () 4D47FC0E1FF0B9880517DA32C21803F8 [File not signed]

C:\Windows.old\Windows\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.19041.3271_none_777fc25602cfdf98\r\oobe-chrome-footer-vm.js

[2022-09-08 00:05][2022-09-08 00:05] 000000074 _____ () A48AB7FBCD44EC079A820235F9BFAFA4 [File not signed]

C:\Windows.old\Windows\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.19041.3271_none_777fc25602cfdf98\f\oobe-chrome-footer-vm.js

[2022-09-08 00:05][2022-09-08 00:05] 000000065 _____ () 7040FF1532AF4D6FCFD05DB6CA3C568B [File not signed]

C:\Windows.old\Windows\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.19041.3155_none_7788368e02c9f77d\backstack-chrome-breadcrumb-template.html

[2019-12-07 06:08][2019-12-07 06:08] 000000189 _____ () ED782E48C975894618735B7D86AB20DE [File is digitally signed]

C:\Windows.old\Windows\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.19041.3155_none_7788368e02c9f77d\backstack-chrome-breadcrumb-vm.js

[2019-12-07 06:08][2019-12-07 06:08] 000001086 _____ () A8F0A705896E2423EBDA1510A0FB547C [File is digitally signed]

C:\Windows.old\Windows\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.19041.3155_none_7788368e02c9f77d\close-chrome-breadcrumb-template.html

[2019-12-07 06:08][2019-12-07 06:08] 000000200 _____ () 2546227227FEA03E836D46B25EA978D0 [File is digitally signed]

C:\Windows.old\Windows\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.19041.3155_none_7788368e02c9f77d\close-chrome-breadcrumb-vm.js

[2019-12-07 06:08][2019-12-07 06:08] 000001076 _____ () CE54FAE2561C7B5A48CCD4FAF4A79562 [File is digitally signed]

C:\Windows.old\Windows\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.19041.3155_none_7788368e02c9f77d\oobe-chrome-breadcrumb-template.html

[2019-12-07 06:08][2019-12-07 06:08] 000000500 _____ () BCF3755195C7509246BF09528D323A26 [File is digitally signed]

C:\Windows.old\Windows\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.19041.3155_none_7788368e02c9f77d\oobe-chrome-breadcrumb-vm.js

[2019-12-07 06:08][2019-12-07 06:08] 000003934 _____ () 7E1CE425EDC8DC18A82E632F5AE49AEF [File is digitally signed]

C:\Windows.old\Windows\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.19041.3155_none_7788368e02c9f77d\oobe-chrome-contentview-template.html

[2019-12-07 06:08][2019-12-07 06:08] 000000166 _____ () 8E1BF30C9696C43FBF124F9911138442 [File is digitally signed]

C:\Windows.old\Windows\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.19041.3155_none_7788368e02c9f77d\oobe-chrome-contentview-vm.js

[2019-12-07 06:08][2019-12-07 06:08] 000000326 _____ () 6261C273B8A1B4A5259061D6674CC443 [File is digitally signed]

C:\Windows.old\Windows\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.19041.3155_none_7788368e02c9f77d\oobe-chrome-footer-template.html

[2019-12-07 06:08][2019-12-07 06:08] 000002798 _____ () 41E79E164080C6C587D9852DEE0EF98B [File is digitally signed]

C:\Windows.old\Windows\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.19041.3155_none_7788368e02c9f77d\oobe-chrome-footer-vm.js

[2022-09-08 00:05][2022-09-08 00:05] 000014787 _____ () 4D47FC0E1FF0B9880517DA32C21803F8 [File not signed]

C:\Windows.old\Windows\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.19041.3155_none_7788368e02c9f77d\r\oobe-chrome-footer-vm.js

[2022-09-08 00:05][2022-09-08 00:05] 000000074 _____ () A48AB7FBCD44EC079A820235F9BFAFA4 [File not signed]

C:\Windows.old\Windows\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.19041.3155_none_7788368e02c9f77d\f\oobe-chrome-footer-vm.js

[2022-09-08 00:05][2022-09-08 00:05] 000000065 _____ () 7040FF1532AF4D6FCFD05DB6CA3C568B [File not signed]

C:\Windows.old\Windows\Temp\chrome_installer.log

[2023-04-19 00:20][2023-09-07 23:19] 000758165 _____ () D1EC8CC577E58760223362744F12A140 [File not signed]

C:\Windows.old\Windows\SystemApps\Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy\core\view\backstack-chrome-breadcrumb-template.html

[2019-12-07 06:08][2019-12-07 06:08] 000000189 _____ () ED782E48C975894618735B7D86AB20DE [File is digitally signed]

C:\Windows.old\Windows\SystemApps\Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy\core\view\close-chrome-breadcrumb-template.html

[2019-12-07 06:08][2019-12-07 06:08] 000000200 _____ () 2546227227FEA03E836D46B25EA978D0 [File is digitally signed]

C:\Windows.old\Windows\SystemApps\Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy\core\view\oobe-chrome-breadcrumb-template.html

[2019-12-07 06:08][2019-12-07 06:08] 000000500 _____ () BCF3755195C7509246BF09528D323A26 [File is digitally signed]

C:\Windows.old\Windows\SystemApps\Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy\core\view\oobe-chrome-contentview-template.html

[2019-12-07 06:08][2019-12-07 06:08] 000000166 _____ () 8E1BF30C9696C43FBF124F9911138442 [File is digitally signed]

C:\Windows.old\Windows\SystemApps\Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy\core\view\oobe-chrome-footer-template.html

[2019-12-07 06:08][2019-12-07 06:08] 000002798 _____ () 41E79E164080C6C587D9852DEE0EF98B [File is digitally signed]

C:\Windows.old\Windows\SystemApps\Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy\core\js\backstack-chrome-breadcrumb-vm.js

[2019-12-07 06:08][2019-12-07 06:08] 000001086 _____ () A8F0A705896E2423EBDA1510A0FB547C [File is digitally signed]

C:\Windows.old\Windows\SystemApps\Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy\core\js\close-chrome-breadcrumb-vm.js

[2019-12-07 06:08][2019-12-07 06:08] 000001076 _____ () CE54FAE2561C7B5A48CCD4FAF4A79562 [File is digitally signed]

C:\Windows.old\Windows\SystemApps\Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy\core\js\oobe-chrome-breadcrumb-vm.js

[2019-12-07 06:08][2019-12-07 06:08] 000003934 _____ () 7E1CE425EDC8DC18A82E632F5AE49AEF [File is digitally signed]

C:\Windows.old\Windows\SystemApps\Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy\core\js\oobe-chrome-contentview-vm.js

[2019-12-07 06:08][2019-12-07 06:08] 000000326 _____ () 6261C273B8A1B4A5259061D6674CC443 [File is digitally signed]

C:\Windows.old\Windows\SystemApps\Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy\core\js\oobe-chrome-footer-vm.js

[2022-09-08 00:05][2022-09-08 00:05] 000014787 _____ () 4D47FC0E1FF0B9880517DA32C21803F8 [File not signed]

C:\Windows.old\Windows\SoftwareDistribution\Download\8fa4a08484ee88d82274c7c7b37639d9\Package_for_RollupFix~~amd64~~22621.2134.1.5\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.22621.2070_none_e2d078bbc91009d6\f\backstack-chrome-breadcrumb-template.html

[2023-09-08 00:13][2023-07-19 23:43] 000000000 _____ () [File not signed]

C:\Windows.old\Windows\SoftwareDistribution\Download\8fa4a08484ee88d82274c7c7b37639d9\Package_for_RollupFix~~amd64~~22621.2134.1.5\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.22621.2070_none_e2d078bbc91009d6\f\backstack-chrome-breadcrumb-vm.js

[2023-09-08 00:13][2023-07-19 23:44] 000000000 _____ () [File not signed]

C:\Windows.old\Windows\SoftwareDistribution\Download\8fa4a08484ee88d82274c7c7b37639d9\Package_for_RollupFix~~amd64~~22621.2134.1.5\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.22621.2070_none_e2d078bbc91009d6\f\close-chrome-breadcrumb-template.html

[2023-09-08 00:13][2023-07-19 23:43] 000000000 _____ () [File not signed]

C:\Windows.old\Windows\SoftwareDistribution\Download\8fa4a08484ee88d82274c7c7b37639d9\Package_for_RollupFix~~amd64~~22621.2134.1.5\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.22621.2070_none_e2d078bbc91009d6\f\close-chrome-breadcrumb-vm.js

[2023-09-08 00:13][2023-07-19 23:44] 000000000 _____ () [File not signed]

C:\Windows.old\Windows\SoftwareDistribution\Download\8fa4a08484ee88d82274c7c7b37639d9\Package_for_RollupFix~~amd64~~22621.2134.1.5\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.22621.2070_none_e2d078bbc91009d6\f\oobe-chrome-breadcrumb-template.html

[2023-09-08 00:13][2023-07-19 23:43] 000000000 _____ () [File not signed]

C:\Windows.old\Windows\SoftwareDistribution\Download\8fa4a08484ee88d82274c7c7b37639d9\Package_for_RollupFix~~amd64~~22621.2134.1.5\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.22621.2070_none_e2d078bbc91009d6\f\oobe-chrome-breadcrumb-vm.js

[2023-09-08 00:13][2023-07-19 23:44] 000000000 _____ () [File not signed]

C:\Windows.old\Windows\SoftwareDistribution\Download\8fa4a08484ee88d82274c7c7b37639d9\Package_for_RollupFix~~amd64~~22621.2134.1.5\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.22621.2070_none_e2d078bbc91009d6\f\oobe-chrome-contentview-template.html

[2023-09-08 00:13][2023-07-19 23:43] 000000000 _____ () [File not signed]

C:\Windows.old\Windows\SoftwareDistribution\Download\8fa4a08484ee88d82274c7c7b37639d9\Package_for_RollupFix~~amd64~~22621.2134.1.5\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.22621.2070_none_e2d078bbc91009d6\f\oobe-chrome-contentview-vm.js

[2023-09-08 00:13][2023-07-19 23:44] 000000000 _____ () [File not signed]

C:\Windows.old\Windows\SoftwareDistribution\Download\8fa4a08484ee88d82274c7c7b37639d9\Package_for_RollupFix~~amd64~~22621.2134.1.5\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.22621.2070_none_e2d078bbc91009d6\f\oobe-chrome-footer-template.html

[2023-09-08 00:13][2023-07-19 23:43] 000000000 _____ () [File not signed]

C:\Windows.old\Windows\SoftwareDistribution\Download\8fa4a08484ee88d82274c7c7b37639d9\Package_for_RollupFix~~amd64~~22621.2134.1.5\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.22621.2070_none_e2d078bbc91009d6\f\oobe-chrome-footer-vm.js

[2023-09-08 00:14][2023-07-19 23:44] 000000052 ____N () CC0743AD201BD9A6E8D5BEB4448EB70C [File not signed]

C:\Windows.old\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.3324.1.7\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.19041.3271_none_777fc25602cfdf98\r\backstack-chrome-breadcrumb-template.html

[2023-08-13 03:44][2023-07-20 02:43] 000000048 ____N () 68B1C61E8441F85DC107533842BFCBB7 [File not signed]

C:\Windows.old\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.3324.1.7\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.19041.3271_none_777fc25602cfdf98\r\backstack-chrome-breadcrumb-vm.js

[2023-08-13 03:44][2023-07-20 02:44] 000000050 ____N () D12AF3B50EA0D3E658E926E97CB1812B [File not signed]

C:\Windows.old\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.3324.1.7\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.19041.3271_none_777fc25602cfdf98\r\close-chrome-breadcrumb-template.html

[2023-08-13 03:44][2023-07-20 02:43] 000000048 ____N () 02FC41B135A8DD5E6ED89BA0E94CB99C [File not signed]

C:\Windows.old\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.3324.1.7\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.19041.3271_none_777fc25602cfdf98\r\close-chrome-breadcrumb-vm.js

[2023-08-13 03:44][2023-07-20 02:44] 000000050 ____N () F13CBE83D5A67419E27F6333BF52D86E [File not signed]

C:\Windows.old\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.3324.1.7\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.19041.3271_none_777fc25602cfdf98\r\oobe-chrome-breadcrumb-template.html

[2023-08-13 03:44][2023-07-20 02:43] 000000049 ____N () AAE99EF2B3B7766A2926019404C8DFA1 [File not signed]

C:\Windows.old\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.3324.1.7\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.19041.3271_none_777fc25602cfdf98\r\oobe-chrome-breadcrumb-vm.js

[2023-08-13 03:44][2023-07-20 02:44] 000000050 ____N () 95D7E1090121512BEC7A337441992DC9 [File not signed]

C:\Windows.old\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.3324.1.7\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.19041.3271_none_777fc25602cfdf98\r\oobe-chrome-contentview-template.html

[2023-08-13 03:44][2023-07-20 02:43] 000000048 ____N () 6B615DC0000F14BCFAEFB0493E414716 [File not signed]

C:\Windows.old\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.3324.1.7\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.19041.3271_none_777fc25602cfdf98\r\oobe-chrome-contentview-vm.js

[2023-08-13 03:44][2023-07-20 02:44] 000000049 ____N () BA8F0E4077DFD428DFF13E375FB8C86B [File not signed]

C:\Windows.old\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.3324.1.7\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.19041.3271_none_777fc25602cfdf98\r\oobe-chrome-footer-template.html

[2023-08-13 03:44][2023-07-20 02:43] 000000050 ____N () D6BFD569898B892DBD24FB09ECE7A556 [File not signed]

C:\Windows.old\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.3324.1.7\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.19041.3271_none_777fc25602cfdf98\r\oobe-chrome-footer-vm.js

[2023-08-13 03:44][2023-07-20 03:21] 000000074 ____N () E4598409CA8F094CD8255FBA910CD39C [File not signed]

C:\Windows.old\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.3324.1.7\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.19041.3271_none_777fc25602cfdf98\f\backstack-chrome-breadcrumb-template.html

[2023-08-13 03:44][2023-07-20 02:43] 000000048 ____N () 68B1C61E8441F85DC107533842BFCBB7 [File not signed]

C:\Windows.old\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.3324.1.7\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.19041.3271_none_777fc25602cfdf98\f\backstack-chrome-breadcrumb-vm.js

[2023-08-13 03:44][2023-07-20 02:44] 000000050 ____N () D12AF3B50EA0D3E658E926E97CB1812B [File not signed]

C:\Windows.old\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.3324.1.7\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.19041.3271_none_777fc25602cfdf98\f\close-chrome-breadcrumb-template.html

[2023-08-13 03:44][2023-07-20 02:43] 000000048 ____N () 02FC41B135A8DD5E6ED89BA0E94CB99C [File not signed]

C:\Windows.old\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.3324.1.7\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.19041.3271_none_777fc25602cfdf98\f\close-chrome-breadcrumb-vm.js

[2023-08-13 03:44][2023-07-20 02:44] 000000050 ____N () F13CBE83D5A67419E27F6333BF52D86E [File not signed]

C:\Windows.old\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.3324.1.7\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.19041.3271_none_777fc25602cfdf98\f\oobe-chrome-breadcrumb-template.html

[2023-08-13 03:44][2023-07-20 02:43] 000000049 ____N () AAE99EF2B3B7766A2926019404C8DFA1 [File not signed]

C:\Windows.old\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.3324.1.7\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.19041.3271_none_777fc25602cfdf98\f\oobe-chrome-breadcrumb-vm.js

[2023-08-13 03:44][2023-07-20 02:44] 000000050 ____N () 95D7E1090121512BEC7A337441992DC9 [File not signed]

C:\Windows.old\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.3324.1.7\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.19041.3271_none_777fc25602cfdf98\f\oobe-chrome-contentview-template.html

[2023-08-13 03:44][2023-07-20 02:43] 000000048 ____N () 6B615DC0000F14BCFAEFB0493E414716 [File not signed]

C:\Windows.old\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.3324.1.7\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.19041.3271_none_777fc25602cfdf98\f\oobe-chrome-contentview-vm.js

[2023-08-13 03:44][2023-07-20 02:44] 000000049 ____N () BA8F0E4077DFD428DFF13E375FB8C86B [File not signed]

C:\Windows.old\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.3324.1.7\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.19041.3271_none_777fc25602cfdf98\f\oobe-chrome-footer-template.html

[2023-08-13 03:44][2023-07-20 02:43] 000000050 ____N () D6BFD569898B892DBD24FB09ECE7A556 [File not signed]

C:\Windows.old\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.3324.1.7\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.19041.3271_none_777fc25602cfdf98\f\oobe-chrome-footer-vm.js

[2023-08-13 03:44][2023-07-20 03:21] 000000065 ____N () CB1CF8A33528C1C6111E9DF71196A62A [File not signed]

C:\Windows.old\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.3208.1.10\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.19041.3155_none_7788368e02c9f77d\r\backstack-chrome-breadcrumb-template.html

[2023-07-28 09:07][2023-07-07 09:56] 000000048 ____N () 06828E1328C9F7FF2298DB803F2BE37C [File not signed]

C:\Windows.old\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.3208.1.10\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.19041.3155_none_7788368e02c9f77d\r\backstack-chrome-breadcrumb-vm.js

[2023-07-28 09:07][2023-07-07 09:56] 000000050 ____N () 49B74D71F3497317B4FE5FF0E83CC79A [File not signed]

C:\Windows.old\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.3208.1.10\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.19041.3155_none_7788368e02c9f77d\r\close-chrome-breadcrumb-template.html

[2023-07-28 09:07][2023-07-07 09:56] 000000048 ____N () D4A4F7C679A49E4AEF5DF68208070C39 [File not signed]

C:\Windows.old\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.3208.1.10\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.19041.3155_none_7788368e02c9f77d\r\close-chrome-breadcrumb-vm.js

[2023-07-28 09:07][2023-07-07 09:56] 000000050 ____N () AE4F70D708F7071EDEC1327B976AC97A [File not signed]

C:\Windows.old\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.3208.1.10\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.19041.3155_none_7788368e02c9f77d\r\oobe-chrome-breadcrumb-template.html

[2023-07-28 09:08][2023-07-07 09:56] 000000049 ____N () FEB93ED1E74AFF28F09BF8F1B9E80361 [File not signed]

C:\Windows.old\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.3208.1.10\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.19041.3155_none_7788368e02c9f77d\r\oobe-chrome-breadcrumb-vm.js

[2023-07-28 09:08][2023-07-07 09:56] 000000050 ____N () 9745DB8321C82A650181F22EA94FD035 [File not signed]

C:\Windows.old\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.3208.1.10\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.19041.3155_none_7788368e02c9f77d\r\oobe-chrome-contentview-template.html

[2023-07-28 09:08][2023-07-07 09:56] 000000048 ____N () 319227890F9B0512073F62E2F5F6D211 [File not signed]

C:\Windows.old\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.3208.1.10\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.19041.3155_none_7788368e02c9f77d\r\oobe-chrome-contentview-vm.js

[2023-07-28 09:08][2023-07-07 09:56] 000000049 ____N () B10E3573C6C480ED93523A0255CD1E4E [File not signed]

C:\Windows.old\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.3208.1.10\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.19041.3155_none_7788368e02c9f77d\r\oobe-chrome-footer-template.html

[2023-07-28 09:08][2023-07-07 09:56] 000000050 ____N () E657FCF8FFFD45806D71AA5477D24B8C [File not signed]

C:\Windows.old\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.3208.1.10\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.19041.3155_none_7788368e02c9f77d\r\oobe-chrome-footer-vm.js

[2023-07-28 09:08][2023-07-07 09:56] 000000074 ____N () A48AB7FBCD44EC079A820235F9BFAFA4 [File not signed]

C:\Windows.old\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.3208.1.10\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.19041.3155_none_7788368e02c9f77d\f\backstack-chrome-breadcrumb-template.html

[2023-07-28 09:07][2023-07-07 09:56] 000000048 ____N () 06828E1328C9F7FF2298DB803F2BE37C [File not signed]

C:\Windows.old\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.3208.1.10\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.19041.3155_none_7788368e02c9f77d\f\backstack-chrome-breadcrumb-vm.js

[2023-07-28 09:07][2023-07-07 09:56] 000000050 ____N () 49B74D71F3497317B4FE5FF0E83CC79A [File not signed]

C:\Windows.old\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.3208.1.10\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.19041.3155_none_7788368e02c9f77d\f\close-chrome-breadcrumb-template.html

[2023-07-28 09:07][2023-07-07 09:56] 000000048 ____N () D4A4F7C679A49E4AEF5DF68208070C39 [File not signed]

C:\Windows.old\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.3208.1.10\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.19041.3155_none_7788368e02c9f77d\f\close-chrome-breadcrumb-vm.js

[2023-07-28 09:07][2023-07-07 09:56] 000000050 ____N () AE4F70D708F7071EDEC1327B976AC97A [File not signed]

C:\Windows.old\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.3208.1.10\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.19041.3155_none_7788368e02c9f77d\f\oobe-chrome-breadcrumb-template.html

[2023-07-28 09:08][2023-07-07 09:56] 000000049 ____N () FEB93ED1E74AFF28F09BF8F1B9E80361 [File not signed]

C:\Windows.old\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.3208.1.10\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.19041.3155_none_7788368e02c9f77d\f\oobe-chrome-breadcrumb-vm.js

[2023-07-28 09:08][2023-07-07 09:56] 000000050 ____N () 9745DB8321C82A650181F22EA94FD035 [File not signed]

C:\Windows.old\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.3208.1.10\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.19041.3155_none_7788368e02c9f77d\f\oobe-chrome-contentview-template.html

[2023-07-28 09:08][2023-07-07 09:56] 000000048 ____N () 319227890F9B0512073F62E2F5F6D211 [File not signed]

C:\Windows.old\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.3208.1.10\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.19041.3155_none_7788368e02c9f77d\f\oobe-chrome-contentview-vm.js

[2023-07-28 09:08][2023-07-07 09:56] 000000049 ____N () B10E3573C6C480ED93523A0255CD1E4E [File not signed]

C:\Windows.old\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.3208.1.10\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.19041.3155_none_7788368e02c9f77d\f\oobe-chrome-footer-template.html

[2023-07-28 09:08][2023-07-07 09:56] 000000050 ____N () E657FCF8FFFD45806D71AA5477D24B8C [File not signed]

C:\Windows.old\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.3208.1.10\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.19041.3155_none_7788368e02c9f77d\f\oobe-chrome-footer-vm.js

[2023-07-28 09:08][2023-07-07 09:56] 000000065 ____N () 7040FF1532AF4D6FCFD05DB6CA3C568B [File not signed]

C:\Windows\WinSxS\x86_netfx4-browser_files_b03f5f7f11d50a3a_4.0.15912.0_none_06d55e201f3d4256\chrome.browser

[2022-05-07 02:20][2022-05-07 02:20] 000002107 _____ () 8C54E6C4F9E0CC3274EA6D04AAE9436B [File is digitally signed]

C:\Windows\WinSxS\amd64_netfx4-browser_files_b03f5f7f11d50a3a_4.0.15912.0_none_bf2827490ac11950\chrome.browser

[2022-05-07 02:20][2022-05-07 02:20] 000002107 _____ () 8C54E6C4F9E0CC3274EA6D04AAE9436B [File is digitally signed]

C:\Windows\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.22621.2215_none_e2b4653fc92629d3\backstack-chrome-breadcrumb-template.html

[2022-05-07 02:19][2022-05-07 02:19] 000000189 _____ () ED782E48C975894618735B7D86AB20DE [File is digitally signed]

C:\Windows\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.22621.2215_none_e2b4653fc92629d3\backstack-chrome-breadcrumb-vm.js

[2022-05-07 02:19][2022-05-07 02:19] 000001086 _____ () A8F0A705896E2423EBDA1510A0FB547C [File is digitally signed]

C:\Windows\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.22621.2215_none_e2b4653fc92629d3\close-chrome-breadcrumb-template.html

[2022-05-07 02:19][2022-05-07 02:19] 000000200 _____ () 2546227227FEA03E836D46B25EA978D0 [File is digitally signed]

C:\Windows\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.22621.2215_none_e2b4653fc92629d3\close-chrome-breadcrumb-vm.js

[2022-05-07 02:19][2022-05-07 02:19] 000001076 _____ () CE54FAE2561C7B5A48CCD4FAF4A79562 [File is digitally signed]

C:\Windows\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.22621.2215_none_e2b4653fc92629d3\oobe-chrome-breadcrumb-template.html

[2022-05-07 02:19][2022-05-07 02:19] 000000500 _____ () BCF3755195C7509246BF09528D323A26 [File is digitally signed]

C:\Windows\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.22621.2215_none_e2b4653fc92629d3\oobe-chrome-breadcrumb-vm.js

[2022-05-07 02:19][2022-05-07 02:19] 000003934 _____ () 7E1CE425EDC8DC18A82E632F5AE49AEF [File is digitally signed]

C:\Windows\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.22621.2215_none_e2b4653fc92629d3\oobe-chrome-contentview-template.html

[2022-05-07 02:19][2022-05-07 02:19] 000000166 _____ () 8E1BF30C9696C43FBF124F9911138442 [File is digitally signed]

C:\Windows\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.22621.2215_none_e2b4653fc92629d3\oobe-chrome-contentview-vm.js

[2022-05-07 02:19][2022-05-07 02:19] 000000326 _____ () 6261C273B8A1B4A5259061D6674CC443 [File is digitally signed]

C:\Windows\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.22621.2215_none_e2b4653fc92629d3\oobe-chrome-footer-template.html

[2022-05-07 02:19][2022-05-07 02:19] 000002798 _____ () 41E79E164080C6C587D9852DEE0EF98B [File is digitally signed]

C:\Windows\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.22621.2215_none_e2b4653fc92629d3\oobe-chrome-footer-vm.js

[2022-05-07 02:19][2022-05-07 02:19] 000014963 _____ () 7681D41482276D556241CEA542F7E1A0 [File is digitally signed]

C:\Windows\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.22621.2070_none_e2d078bbc91009d6\backstack-chrome-breadcrumb-template.html

[2022-05-07 02:19][2022-05-07 02:19] 000000189 _____ () ED782E48C975894618735B7D86AB20DE [File is digitally signed]

C:\Windows\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.22621.2070_none_e2d078bbc91009d6\backstack-chrome-breadcrumb-vm.js

[2022-05-07 02:19][2022-05-07 02:19] 000001086 _____ () A8F0A705896E2423EBDA1510A0FB547C [File is digitally signed]

C:\Windows\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.22621.2070_none_e2d078bbc91009d6\close-chrome-breadcrumb-template.html

[2022-05-07 02:19][2022-05-07 02:19] 000000200 _____ () 2546227227FEA03E836D46B25EA978D0 [File is digitally signed]

C:\Windows\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.22621.2070_none_e2d078bbc91009d6\close-chrome-breadcrumb-vm.js

[2022-05-07 02:19][2022-05-07 02:19] 000001076 _____ () CE54FAE2561C7B5A48CCD4FAF4A79562 [File is digitally signed]

C:\Windows\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.22621.2070_none_e2d078bbc91009d6\oobe-chrome-breadcrumb-template.html

[2022-05-07 02:19][2022-05-07 02:19] 000000500 _____ () BCF3755195C7509246BF09528D323A26 [File is digitally signed]

C:\Windows\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.22621.2070_none_e2d078bbc91009d6\oobe-chrome-breadcrumb-vm.js

[2022-05-07 02:19][2022-05-07 02:19] 000003934 _____ () 7E1CE425EDC8DC18A82E632F5AE49AEF [File is digitally signed]

C:\Windows\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.22621.2070_none_e2d078bbc91009d6\oobe-chrome-contentview-template.html

[2022-05-07 02:19][2022-05-07 02:19] 000000166 _____ () 8E1BF30C9696C43FBF124F9911138442 [File is digitally signed]

C:\Windows\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.22621.2070_none_e2d078bbc91009d6\oobe-chrome-contentview-vm.js

[2022-05-07 02:19][2022-05-07 02:19] 000000326 _____ () 6261C273B8A1B4A5259061D6674CC443 [File is digitally signed]

C:\Windows\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.22621.2070_none_e2d078bbc91009d6\oobe-chrome-footer-template.html

[2022-05-07 02:19][2022-05-07 02:19] 000002798 _____ () 41E79E164080C6C587D9852DEE0EF98B [File is digitally signed]

C:\Windows\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.22621.2070_none_e2d078bbc91009d6\oobe-chrome-footer-vm.js

[2022-05-07 02:19][2022-05-07 02:19] 000014963 _____ () 7681D41482276D556241CEA542F7E1A0 [File is digitally signed]

C:\Windows\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.22621.1_none_644e4486415e262e\backstack-chrome-breadcrumb-template.html

[2022-05-07 02:19][2022-05-07 02:19] 000000189 _____ () ED782E48C975894618735B7D86AB20DE [File is digitally signed]

C:\Windows\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.22621.1_none_644e4486415e262e\backstack-chrome-breadcrumb-vm.js

[2022-05-07 02:19][2022-05-07 02:19] 000001086 _____ () A8F0A705896E2423EBDA1510A0FB547C [File is digitally signed]

C:\Windows\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.22621.1_none_644e4486415e262e\close-chrome-breadcrumb-template.html

[2022-05-07 02:19][2022-05-07 02:19] 000000200 _____ () 2546227227FEA03E836D46B25EA978D0 [File is digitally signed]

C:\Windows\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.22621.1_none_644e4486415e262e\close-chrome-breadcrumb-vm.js

[2022-05-07 02:19][2022-05-07 02:19] 000001076 _____ () CE54FAE2561C7B5A48CCD4FAF4A79562 [File is digitally signed]

C:\Windows\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.22621.1_none_644e4486415e262e\oobe-chrome-breadcrumb-template.html

[2022-05-07 02:19][2022-05-07 02:19] 000000500 _____ () BCF3755195C7509246BF09528D323A26 [File is digitally signed]

C:\Windows\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.22621.1_none_644e4486415e262e\oobe-chrome-breadcrumb-vm.js

[2022-05-07 02:19][2022-05-07 02:19] 000003934 _____ () 7E1CE425EDC8DC18A82E632F5AE49AEF [File is digitally signed]

C:\Windows\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.22621.1_none_644e4486415e262e\oobe-chrome-contentview-template.html

[2022-05-07 02:19][2022-05-07 02:19] 000000166 _____ () 8E1BF30C9696C43FBF124F9911138442 [File is digitally signed]

C:\Windows\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.22621.1_none_644e4486415e262e\oobe-chrome-contentview-vm.js

[2022-05-07 02:19][2022-05-07 02:19] 000000326 _____ () 6261C273B8A1B4A5259061D6674CC443 [File is digitally signed]

C:\Windows\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.22621.1_none_644e4486415e262e\oobe-chrome-footer-template.html

[2022-05-07 02:19][2022-05-07 02:19] 000002798 _____ () 41E79E164080C6C587D9852DEE0EF98B [File is digitally signed]

C:\Windows\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.22621.1_none_644e4486415e262e\oobe-chrome-footer-vm.js

[2022-05-07 02:19][2022-05-07 02:19] 000014963 _____ () 7681D41482276D556241CEA542F7E1A0 [File is digitally signed]

C:\Windows\SystemApps\Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy\core\view\backstack-chrome-breadcrumb-template.html

[2022-05-07 02:19][2022-05-07 02:19] 000000189 _____ () ED782E48C975894618735B7D86AB20DE [File is digitally signed]

C:\Windows\SystemApps\Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy\core\view\close-chrome-breadcrumb-template.html

[2022-05-07 02:19][2022-05-07 02:19] 000000200 _____ () 2546227227FEA03E836D46B25EA978D0 [File is digitally signed]

C:\Windows\SystemApps\Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy\core\view\oobe-chrome-breadcrumb-template.html

[2022-05-07 02:19][2022-05-07 02:19] 000000500 _____ () BCF3755195C7509246BF09528D323A26 [File is digitally signed]

C:\Windows\SystemApps\Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy\core\view\oobe-chrome-contentview-template.html

[2022-05-07 02:19][2022-05-07 02:19] 000000166 _____ () 8E1BF30C9696C43FBF124F9911138442 [File is digitally signed]

C:\Windows\SystemApps\Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy\core\view\oobe-chrome-footer-template.html

[2022-05-07 02:19][2022-05-07 02:19] 000002798 _____ () 41E79E164080C6C587D9852DEE0EF98B [File is digitally signed]

C:\Windows\SystemApps\Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy\core\js\backstack-chrome-breadcrumb-vm.js

[2022-05-07 02:19][2022-05-07 02:19] 000001086 _____ () A8F0A705896E2423EBDA1510A0FB547C [File is digitally signed]

C:\Windows\SystemApps\Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy\core\js\close-chrome-breadcrumb-vm.js

[2022-05-07 02:19][2022-05-07 02:19] 000001076 _____ () CE54FAE2561C7B5A48CCD4FAF4A79562 [File is digitally signed]

C:\Windows\SystemApps\Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy\core\js\oobe-chrome-breadcrumb-vm.js

[2022-05-07 02:19][2022-05-07 02:19] 000003934 _____ () 7E1CE425EDC8DC18A82E632F5AE49AEF [File is digitally signed]

C:\Windows\SystemApps\Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy\core\js\oobe-chrome-contentview-vm.js

[2022-05-07 02:19][2022-05-07 02:19] 000000326 _____ () 6261C273B8A1B4A5259061D6674CC443 [File is digitally signed]

C:\Windows\SystemApps\Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy\core\js\oobe-chrome-footer-vm.js

[2022-05-07 02:19][2022-05-07 02:19] 000014963 _____ () 7681D41482276D556241CEA542F7E1A0 [File is digitally signed]

C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Config\Browsers\chrome.browser

[2019-12-07 06:14][2019-12-07 06:12] 000002107 _____ () 8C54E6C4F9E0CC3274EA6D04AAE9436B [File is digitally signed]

C:\Windows\Microsoft.NET\Framework\v4.0.30319\Config\Browsers\chrome.browser

[2019-12-07 06:14][2019-12-07 06:12] 000002107 _____ () 8C54E6C4F9E0CC3274EA6D04AAE9436B [File is digitally signed]

C:\Windows\Installer\$PatchCache$\Managed\68AB67CA330133017706CB5110E47A00\21.1.20135\chrome_elf.dll

[2021-02-01 21:49][2021-02-01 21:49] 000817832 ____R (The Chromium Authors) E9D7BA2ECB297B184D3C5FCAF80E0C53 [File is digitally signed]

C:\Windows\Installer\$PatchCache$\Managed\68AB67CA330133017706CB5110E47A00\21.1.20135\wcchromenativemessaginghost.exe

[2021-02-01 21:49][2021-02-01 21:49] 000181928 ____R (Adobe Systems Inc.) 702917C027AD7788DA5768F0B16D907B [File is digitally signed]

C:\Users\Kaique-Vidal\Downloads\ChromeSetup.exe

[2022-12-23 20:07][2022-12-23 20:07] 001427176 _____ (Google LLC) 726C348C5667406153AC0C7B06F0254E [File is digitally signed]

C:\Users\Kaique-Vidal\AppData\Local\Vivaldi\User Data\Safe Browsing\ChromeExtMalware.store

[2023-09-24 16:44][2023-09-24 16:44] 001992990 _____ () 5BB7CEE89417EFCA5A25DA8E27F84194 [File not signed]

C:\Users\Kaique-Vidal\AppData\Local\Vivaldi\Application\6.2.3105.51\resources\vivaldi\resources\welcomepage-chrome.svg

[2023-09-24 16:43][2020-12-16 02:23] 000005240 _____ () 1A32E30B0535E05EBB75992CCB31319A [File not signed]

C:\Users\Kaique-Vidal\AppData\Local\Microsoft\Edge\User Data\Safe Browsing\ChromeExtMalware.store

[2023-09-24 16:45][2023-09-24 16:45] 002087825 _____ () A9EE2E0C4F26F9E0C2BE30CE5D7304B5 [File not signed]

C:\Users\Kaique-Vidal\AppData\Local\CapCut\Apps\1.3.2.166\cef\chrome_elf.dll

[2022-12-27 16:01][2022-12-27 16:01] 000982704 _____ (The Chromium Authors) 2C542C4C3DEBC052B5A0BF9DD7DFE2C7 [File is digitally signed]

C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\com.microsoft.defender.be.chrome.json

[2023-08-31 20:48][2023-08-31 20:48] 000000411 _____ () 36CA2812EE9B49E0785121434B7DD136 [File not signed]

C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\com.microsoft.defender.be.chrome.json

[2023-08-10 22:14][2023-08-10 22:14] 000000411 _____ () 36CA2812EE9B49E0785121434B7DD136 [File not signed]

C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\com.microsoft.defender.be.chrome.json

[2023-07-25 03:26][2023-07-25 03:26] 000000411 _____ () 36CA2812EE9B49E0785121434B7DD136 [File not signed]

C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0\chrome_100_percent.pak

[2023-06-09 19:58][2023-06-09 19:58] 000622495 _____ () EAE66715D9A0D3A3574223E130DD3C83 [File not signed]

C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0\chrome_200_percent.pak

[2023-06-09 19:58][2023-06-09 19:58] 000937172 _____ () 7F25DC4230FBFB1B2EE7A2133F929FE4 [File not signed]

C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0\chrome_elf.dll

[2023-09-02 17:59][2023-09-02 17:59] 001448312 _____ (The Chromium Authors) 96C4CF9AC5DC822FBB178ECA1AC13A07 [File is digitally signed]

C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.103.3208.0_x64__kzf8qxf38zg5c\Skype\chrome_100_percent.pak

[2023-09-15 17:30][2023-09-15 17:30] 000128506 _____ () 0CF9DE69DCFD8227665E08C644B9499C [File not signed]

C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.103.3208.0_x64__kzf8qxf38zg5c\Skype\chrome_200_percent.pak

[2023-09-15 17:30][2023-09-15 17:30] 000179027 _____ () D88936315A5BD83C1550E5B8093EB1E6 [File not signed]

C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.102.3211.0_x64__kzf8qxf38zg5c\Skype\chrome_100_percent.pak

[2023-08-20 18:57][2023-08-20 18:57] 000128506 _____ () 0CF9DE69DCFD8227665E08C644B9499C [File not signed]

C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.102.3211.0_x64__kzf8qxf38zg5c\Skype\chrome_200_percent.pak

[2023-08-20 18:57][2023-08-20 18:57] 000179027 _____ () D88936315A5BD83C1550E5B8093EB1E6 [File not signed]

C:\Program Files\WindowsApps\Microsoft.Paint_11.2304.33.0_x64__8wekyb3d8bbwe\PaintApp\PaintUI\AppChrome.xbf

[2023-09-08 05:32][2023-09-08 05:32] 000001759 _____ () F019E158BA11F46894DAA9C19EAEB71A [File not signed]

C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_chromecast_plugin.dll

[2022-11-08 18:31][2022-11-08 18:31] 001117304 _____ (VideoLAN) 1D55E77F063F1E52EF402F279F06625F [File is digitally signed]

C:\Program Files\VideoLAN\VLC\plugins\demux\libdemux_chromecast_plugin.dll

[2022-11-08 18:26][2022-11-08 18:26] 000110200 _____ (VideoLAN) 0BE3746AA98B14DAB1673632A7728A83 [File is digitally signed]

C:\Program Files\McAfee\WebAdvisor\webadvisor.mcafee.chrome.extension.json

[2023-09-19 12:40][2023-09-19 12:40] 000000615 _____ () C818E90178C96918E3002C360B0287EE [File not signed]

C:\Program Files\McAfee\WebAdvisor\webadvisor_v2.mcafee.chrome.extension.json

[2023-09-19 12:40][2023-09-19 12:40] 000000614 _____ () 99EEDE6E82604A4788969A97A0D30123 [File not signed]

C:\Program Files\McAfee\WebAdvisor\telemetry\dimensions\handlers\chromebasedbrowserversion.luc

[2023-09-19 12:40][2023-09-19 12:40] 000001227 _____ () ADD14980FF9C67A9E1669A2FBD6C9F01 [File not signed]

C:\Program Files\McAfee\WebAdvisor\MFW\packages\webadvisor\chrome_extension_push_handler.luc

[2023-09-19 12:40][2023-09-19 12:40] 000001651 _____ () D621D6A18BEE8AA4E569BADF337E90E9 [File not signed]

C:\Program Files\Learnpulse\Screenpresso\FFmpeg\libvlc\plugins\stream_out\libstream_out_chromecast_plugin.dll

[2022-04-07 19:43][2022-04-07 19:43] 001112312 _____ (VideoLAN) D8040853CE83B78DDB06FC978E844061 [File is digitally signed]

C:\Program Files\Learnpulse\Screenpresso\FFmpeg\libvlc\plugins\demux\libdemux_chromecast_plugin.dll

[2022-04-07 19:43][2022-04-07 19:43] 000105208 _____ (VideoLAN) D20EA947A9ECFE436BE32BE422EEF253 [File is digitally signed]

C:\Program Files\BraveSoftware\Brave-Browser\Application\chrome.VisualElementsManifest.xml

[2023-09-21 11:38][2023-09-22 21:46] 000000407 _____ () 5DCE578004596FEB2260D46DD6E2CD70 [File not signed]

C:\Program Files\BraveSoftware\Brave-Browser\Application\chrome_proxy.exe

[2022-12-26 17:24][2023-09-22 07:20] 001217560 _____ (Brave Software, Inc.) FF552DD859DA216746D8318927DE436D [File is digitally signed]

C:\Program Files\BraveSoftware\Brave-Browser\Application\117.1.58.131\chrome.dll

[2023-09-22 21:46][2023-09-22 07:21] 241344536 _____ (Brave Software, Inc.) 00A67C2903E171B9FC47672DF2AD0719 [File is digitally signed]

C:\Program Files\BraveSoftware\Brave-Browser\Application\117.1.58.131\chrome.dll.sig

[2023-09-22 21:46][2023-09-22 07:20] 000001418 _____ () 8F4B111245C6F3DE770210B139C0FC53 [File not signed]

C:\Program Files\BraveSoftware\Brave-Browser\Application\117.1.58.131\chrome_100_percent.pak

[2023-09-22 21:46][2023-09-22 07:20] 000631801 _____ () D0745E9EEE4A580E3FCD50D79C6B7B04 [File not signed]

C:\Program Files\BraveSoftware\Brave-Browser\Application\117.1.58.131\chrome_200_percent.pak

[2023-09-22 21:46][2023-09-22 07:20] 000968849 _____ () 1196BBED617BFDEC0406F65F540FDCCC [File not signed]

C:\Program Files\BraveSoftware\Brave-Browser\Application\117.1.58.131\chrome_elf.dll

[2023-09-22 21:46][2023-09-22 07:20] 001422360 _____ (Brave Software, Inc.) AD69CEA1D2FC20829A68855A3F761321 [File is digitally signed]

C:\Program Files\BraveSoftware\Brave-Browser\Application\117.1.58.131\chrome_pwa_launcher.exe

[2023-09-22 21:46][2023-09-22 07:20] 001594392 _____ (Brave Software, Inc.) B21A0CCA34249DDA25CE9C2E635B454D [File is digitally signed]

C:\Program Files\BraveSoftware\Brave-Browser\Application\117.1.58.131\chrome_wer.dll

[2023-09-22 21:46][2023-09-22 07:20] 000124440 _____ (Brave Software, Inc.) B30371133C949126BC4E0AEF8BF8D9A6 [File is digitally signed]

C:\Program Files\BraveSoftware\Brave-Browser\Application\117.1.58.131\Installer\chrome.7z

[2023-09-22 21:46][2023-09-22 21:46] 368842120 _____ () 75D180C176C3F9AF9F590C29B0E8E3B3 [File not signed]

C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCChromeExtn\WCChromeNativeMessagingHost.exe

[2023-09-06 20:36][2023-09-06 20:36] 000203224 _____ (Adobe Systems Inc.) EC41052DE27A5B34B1031BCD9A21BFAF [File is digitally signed]

C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\chrome_elf.dll

[2023-09-14 09:47][2022-12-23 20:44] 001224144 _____ (The Chromium Authors) 645228190A7F23094EE958D058DDF80F [File is digitally signed]

C:\Program Files\Adobe\Acrobat DC\Acrobat\AcroCEF\chrome_elf.dll

[2022-12-23 20:44][2022-12-23 20:44] 001224144 _____ (The Chromium Authors) 645228190A7F23094EE958D058DDF80F [File is digitally signed]

C:\FRST\Quarantine\C\WINDOWS\WinSxS\x86_netfx4-browser_files_b03f5f7f11d50a3a_4.0.15912.0_none_06d55e201f3d4256\chrome.browser.xBAD

[2022-05-07 02:20][2022-05-07 02:20] 000002107 _____ () 8C54E6C4F9E0CC3274EA6D04AAE9436B [File is digitally signed]

C:\FRST\Quarantine\C\WINDOWS\WinSxS\amd64_netfx4-browser_files_b03f5f7f11d50a3a_4.0.15912.0_none_bf2827490ac11950\chrome.browser.xBAD

[2022-05-07 02:20][2022-05-07 02:20] 000002107 _____ () 8C54E6C4F9E0CC3274EA6D04AAE9436B [File is digitally signed]

C:\FRST\Quarantine\C\WINDOWS\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.22621.2215_none_e2b4653fc92629d3\backstack-chrome-breadcrumb-template.html.xBAD

[2022-05-07 02:19][2022-05-07 02:19] 000000189 _____ () ED782E48C975894618735B7D86AB20DE [File is digitally signed]

C:\FRST\Quarantine\C\WINDOWS\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.22621.2215_none_e2b4653fc92629d3\backstack-chrome-breadcrumb-vm.js.xBAD

[2022-05-07 02:19][2022-05-07 02:19] 000001086 _____ () A8F0A705896E2423EBDA1510A0FB547C [File is digitally signed]

C:\FRST\Quarantine\C\WINDOWS\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.22621.2215_none_e2b4653fc92629d3\close-chrome-breadcrumb-template.html.xBAD

[2022-05-07 02:19][2022-05-07 02:19] 000000200 _____ () 2546227227FEA03E836D46B25EA978D0 [File is digitally signed]

C:\FRST\Quarantine\C\WINDOWS\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.22621.2215_none_e2b4653fc92629d3\close-chrome-breadcrumb-vm.js.xBAD

[2022-05-07 02:19][2022-05-07 02:19] 000001076 _____ () CE54FAE2561C7B5A48CCD4FAF4A79562 [File is digitally signed]

C:\FRST\Quarantine\C\WINDOWS\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.22621.2215_none_e2b4653fc92629d3\oobe-chrome-breadcrumb-template.html.xBAD

[2022-05-07 02:19][2022-05-07 02:19] 000000500 _____ () BCF3755195C7509246BF09528D323A26 [File is digitally signed]

C:\FRST\Quarantine\C\WINDOWS\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.22621.2215_none_e2b4653fc92629d3\oobe-chrome-breadcrumb-vm.js.xBAD

[2022-05-07 02:19][2022-05-07 02:19] 000003934 _____ () 7E1CE425EDC8DC18A82E632F5AE49AEF [File is digitally signed]

C:\FRST\Quarantine\C\WINDOWS\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.22621.2215_none_e2b4653fc92629d3\oobe-chrome-contentview-template.html.xBAD

[2022-05-07 02:19][2022-05-07 02:19] 000000166 _____ () 8E1BF30C9696C43FBF124F9911138442 [File is digitally signed]

C:\FRST\Quarantine\C\WINDOWS\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.22621.2215_none_e2b4653fc92629d3\oobe-chrome-contentview-vm.js.xBAD

[2022-05-07 02:19][2022-05-07 02:19] 000000326 _____ () 6261C273B8A1B4A5259061D6674CC443 [File is digitally signed]

C:\FRST\Quarantine\C\WINDOWS\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.22621.2215_none_e2b4653fc92629d3\oobe-chrome-footer-template.html.xBAD

[2022-05-07 02:19][2022-05-07 02:19] 000002798 _____ () 41E79E164080C6C587D9852DEE0EF98B [File is digitally signed]

C:\FRST\Quarantine\C\WINDOWS\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.22621.2215_none_e2b4653fc92629d3\oobe-chrome-footer-vm.js.xBAD

[2022-05-07 02:19][2022-05-07 02:19] 000014963 _____ () 7681D41482276D556241CEA542F7E1A0 [File is digitally signed]

C:\FRST\Quarantine\C\WINDOWS\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.22621.2070_none_e2d078bbc91009d6\backstack-chrome-breadcrumb-template.html.xBAD

[2022-05-07 02:19][2022-05-07 02:19] 000000189 _____ () ED782E48C975894618735B7D86AB20DE [File is digitally signed]

C:\FRST\Quarantine\C\WINDOWS\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.22621.2070_none_e2d078bbc91009d6\backstack-chrome-breadcrumb-vm.js.xBAD

[2022-05-07 02:19][2022-05-07 02:19] 000001086 _____ () A8F0A705896E2423EBDA1510A0FB547C [File is digitally signed]

C:\FRST\Quarantine\C\WINDOWS\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.22621.2070_none_e2d078bbc91009d6\close-chrome-breadcrumb-template.html.xBAD

[2022-05-07 02:19][2022-05-07 02:19] 000000200 _____ () 2546227227FEA03E836D46B25EA978D0 [File is digitally signed]

C:\FRST\Quarantine\C\WINDOWS\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.22621.2070_none_e2d078bbc91009d6\close-chrome-breadcrumb-vm.js.xBAD

[2022-05-07 02:19][2022-05-07 02:19] 000001076 _____ () CE54FAE2561C7B5A48CCD4FAF4A79562 [File is digitally signed]

C:\FRST\Quarantine\C\WINDOWS\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.22621.2070_none_e2d078bbc91009d6\oobe-chrome-breadcrumb-template.html.xBAD

[2022-05-07 02:19][2022-05-07 02:19] 000000500 _____ () BCF3755195C7509246BF09528D323A26 [File is digitally signed]

C:\FRST\Quarantine\C\WINDOWS\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.22621.2070_none_e2d078bbc91009d6\oobe-chrome-breadcrumb-vm.js.xBAD

[2022-05-07 02:19][2022-05-07 02:19] 000003934 _____ () 7E1CE425EDC8DC18A82E632F5AE49AEF [File is digitally signed]

C:\FRST\Quarantine\C\WINDOWS\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.22621.2070_none_e2d078bbc91009d6\oobe-chrome-contentview-template.html.xBAD

[2022-05-07 02:19][2022-05-07 02:19] 000000166 _____ () 8E1BF30C9696C43FBF124F9911138442 [File is digitally signed]

C:\FRST\Quarantine\C\WINDOWS\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.22621.2070_none_e2d078bbc91009d6\oobe-chrome-contentview-vm.js.xBAD

[2022-05-07 02:19][2022-05-07 02:19] 000000326 _____ () 6261C273B8A1B4A5259061D6674CC443 [File is digitally signed]

C:\FRST\Quarantine\C\WINDOWS\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.22621.2070_none_e2d078bbc91009d6\oobe-chrome-footer-template.html.xBAD

[2022-05-07 02:19][2022-05-07 02:19] 000002798 _____ () 41E79E164080C6C587D9852DEE0EF98B [File is digitally signed]

C:\FRST\Quarantine\C\WINDOWS\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.22621.2070_none_e2d078bbc91009d6\oobe-chrome-footer-vm.js.xBAD

[2022-05-07 02:19][2022-05-07 02:19] 000014963 _____ () 7681D41482276D556241CEA542F7E1A0 [File is digitally signed]

C:\FRST\Quarantine\C\WINDOWS\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.22621.1_none_644e4486415e262e\backstack-chrome-breadcrumb-template.html.xBAD

[2022-05-07 02:19][2022-05-07 02:19] 000000189 _____ () ED782E48C975894618735B7D86AB20DE [File is digitally signed]

C:\FRST\Quarantine\C\WINDOWS\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.22621.1_none_644e4486415e262e\backstack-chrome-breadcrumb-vm.js.xBAD

[2022-05-07 02:19][2022-05-07 02:19] 000001086 _____ () A8F0A705896E2423EBDA1510A0FB547C [File is digitally signed]

C:\FRST\Quarantine\C\WINDOWS\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.22621.1_none_644e4486415e262e\close-chrome-breadcrumb-template.html.xBAD

[2022-05-07 02:19][2022-05-07 02:19] 000000200 _____ () 2546227227FEA03E836D46B25EA978D0 [File is digitally signed]

C:\FRST\Quarantine\C\WINDOWS\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.22621.1_none_644e4486415e262e\close-chrome-breadcrumb-vm.js.xBAD

[2022-05-07 02:19][2022-05-07 02:19] 000001076 _____ () CE54FAE2561C7B5A48CCD4FAF4A79562 [File is digitally signed]

C:\FRST\Quarantine\C\WINDOWS\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.22621.1_none_644e4486415e262e\oobe-chrome-breadcrumb-template.html.xBAD

[2022-05-07 02:19][2022-05-07 02:19] 000000500 _____ () BCF3755195C7509246BF09528D323A26 [File is digitally signed]

C:\FRST\Quarantine\C\WINDOWS\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.22621.1_none_644e4486415e262e\oobe-chrome-breadcrumb-vm.js.xBAD

[2022-05-07 02:19][2022-05-07 02:19] 000003934 _____ () 7E1CE425EDC8DC18A82E632F5AE49AEF [File is digitally signed]

C:\FRST\Quarantine\C\WINDOWS\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.22621.1_none_644e4486415e262e\oobe-chrome-contentview-template.html.xBAD

[2022-05-07 02:19][2022-05-07 02:19] 000000166 _____ () 8E1BF30C9696C43FBF124F9911138442 [File is digitally signed]

C:\FRST\Quarantine\C\WINDOWS\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.22621.1_none_644e4486415e262e\oobe-chrome-contentview-vm.js.xBAD

[2022-05-07 02:19][2022-05-07 02:19] 000000326 _____ () 6261C273B8A1B4A5259061D6674CC443 [File is digitally signed]

C:\FRST\Quarantine\C\WINDOWS\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.22621.1_none_644e4486415e262e\oobe-chrome-footer-template.html.xBAD

[2022-05-07 02:19][2022-05-07 02:19] 000002798 _____ () 41E79E164080C6C587D9852DEE0EF98B [File is digitally signed]

C:\FRST\Quarantine\C\WINDOWS\WinSxS\amd64_microsoft-windows-c..riencehost.appxmain_31bf3856ad364e35_10.0.22621.1_none_644e4486415e262e\oobe-chrome-footer-vm.js.xBAD

[2022-05-07 02:19][2022-05-07 02:19] 000014963 _____ () 7681D41482276D556241CEA542F7E1A0 [File is digitally signed]

C:\FRST\Quarantine\C\WINDOWS\SystemApps\Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy\core\view\backstack-chrome-breadcrumb-template.html.xBAD

[2022-05-07 02:19][2022-05-07 02:19] 000000189 _____ () ED782E48C975894618735B7D86AB20DE [File is digitally signed]

C:\FRST\Quarantine\C\WINDOWS\SystemApps\Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy\core\view\close-chrome-breadcrumb-template.html.xBAD

[2022-05-07 02:19][2022-05-07 02:19] 000000200 _____ () 2546227227FEA03E836D46B25EA978D0 [File is digitally signed]

C:\FRST\Quarantine\C\WINDOWS\SystemApps\Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy\core\view\oobe-chrome-breadcrumb-template.html.xBAD

[2022-05-07 02:19][2022-05-07 02:19] 000000500 _____ () BCF3755195C7509246BF09528D323A26 [File is digitally signed]

C:\FRST\Quarantine\C\WINDOWS\SystemApps\Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy\core\view\oobe-chrome-contentview-template.html.xBAD

[2022-05-07 02:19][2022-05-07 02:19] 000000166 _____ () 8E1BF30C9696C43FBF124F9911138442 [File is digitally signed]

C:\FRST\Quarantine\C\WINDOWS\SystemApps\Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy\core\view\oobe-chrome-footer-template.html.xBAD

[2022-05-07 02:19][2022-05-07 02:19] 000002798 _____ () 41E79E164080C6C587D9852DEE0EF98B [File is digitally signed]

C:\FRST\Quarantine\C\WINDOWS\SystemApps\Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy\core\js\backstack-chrome-breadcrumb-vm.js.xBAD

[2022-05-07 02:19][2022-05-07 02:19] 000001086 _____ () A8F0A705896E2423EBDA1510A0FB547C [File is digitally signed]

C:\FRST\Quarantine\C\WINDOWS\SystemApps\Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy\core\js\close-chrome-breadcrumb-vm.js.xBAD

[2022-05-07 02:19][2022-05-07 02:19] 000001076 _____ () CE54FAE2561C7B5A48CCD4FAF4A79562 [File is digitally signed]

C:\FRST\Quarantine\C\WINDOWS\SystemApps\Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy\core\js\oobe-chrome-breadcrumb-vm.js.xBAD

[2022-05-07 02:19][2022-05-07 02:19] 000003934 _____ () 7E1CE425EDC8DC18A82E632F5AE49AEF [File is digitally signed]

C:\FRST\Quarantine\C\WINDOWS\SystemApps\Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy\core\js\oobe-chrome-contentview-vm.js.xBAD

[2022-05-07 02:19][2022-05-07 02:19] 000000326 _____ () 6261C273B8A1B4A5259061D6674CC443 [File is digitally signed]

C:\FRST\Quarantine\C\WINDOWS\SystemApps\Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy\core\js\oobe-chrome-footer-vm.js.xBAD

[2022-05-07 02:19][2022-05-07 02:19] 000014963 _____ () 7681D41482276D556241CEA542F7E1A0 [File is digitally signed]

C:\FRST\Quarantine\C\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\Config\Browsers\chrome.browser.xBAD

[2019-12-07 06:14][2019-12-07 06:12] 000002107 _____ () 8C54E6C4F9E0CC3274EA6D04AAE9436B [File is digitally signed]

C:\FRST\Quarantine\C\WINDOWS\Microsoft.NET\Framework\v4.0.30319\Config\Browsers\chrome.browser.xBAD

[2019-12-07 06:14][2019-12-07 06:12] 000002107 _____ () 8C54E6C4F9E0CC3274EA6D04AAE9436B [File is digitally signed]

C:\FRST\Quarantine\C\WINDOWS\Installer\$PatchCache$\Managed\68AB67CA330133017706CB5110E47A00\21.1.20135\chrome_elf.dll.xBAD

[2021-02-01 21:49][2021-02-01 21:49] 000817832 _____ (The Chromium Authors) E9D7BA2ECB297B184D3C5FCAF80E0C53 [File is digitally signed]

C:\FRST\Quarantine\C\WINDOWS\Installer\$PatchCache$\Managed\68AB67CA330133017706CB5110E47A00\21.1.20135\wcchromenativemessaginghost.exe.xBAD

[2021-02-01 21:49][2021-02-01 21:49] 000181928 _____ (Adobe Systems Inc.) 702917C027AD7788DA5768F0B16D907B [File is digitally signed]

C:\FRST\Quarantine\C\Users\Kaique-Vidal\Downloads\ChromeSetup.exe.xBAD

[2022-12-23 20:07][2022-12-23 20:07] 001427176 _____ (Google LLC) 726C348C5667406153AC0C7B06F0254E [File is digitally signed]

C:\FRST\Quarantine\C\Users\Kaique-Vidal\AppData\Roaming\utorrent\chrome_native.json.xBAD

[2023-02-01 19:11][2023-05-07 11:47] 000000396 _____ () C6EF62BB4B5F2CE4E768594667944716 [File not signed]

C:\FRST\Quarantine\C\Users\Kaique-Vidal\AppData\Roaming\Opera Software\Opera Stable\Safe Browsing\ChromeExtMalware.store.xBAD

[2023-09-13 22:19][2023-09-13 22:19] 001990366 _____ () B5ADCB805B25C8933DB83870B68C1C82 [File not signed]

C:\FRST\Quarantine\C\Users\Kaique-Vidal\AppData\Roaming\IDM\idmmzcc5\chrome.manifest.xBAD

[2023-01-25 12:31][2023-01-25 12:31] 000001783 _____ () BBC14A39B1036A5A55720FB033F5D678 [File not signed]

C:\FRST\Quarantine\C\Users\Kaique-Vidal\AppData\Local\Vivaldi\User Data\Safe Browsing\ChromeExtMalware.store.xBAD

[2023-08-08 19:59][2023-08-08 19:59] 001982174 _____ () 4DE34B706F11367E21102F43D047168B [File not signed]

C:\FRST\Quarantine\C\Users\Kaique-Vidal\AppData\Local\Vivaldi\User Data\Default\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb\1.3.0_0\img\assets\faq\chrome-store-logo.png.xBAD

[2023-03-20 19:13][2023-02-16 06:42] 000002343 _____ () F65E0C30AC29EA684B5F8FA6870A56E3 [File not signed]

C:\FRST\Quarantine\C\Users\Kaique-Vidal\AppData\Local\Vivaldi\Application\6.2.3105.48\resources\vivaldi\resources\welcomepage-chrome.svg.xBAD

[2023-09-12 17:25][2020-12-16 02:23] 000005240 _____ () 1A32E30B0535E05EBB75992CCB31319A [File not signed]

C:\FRST\Quarantine\C\Users\Kaique-Vidal\AppData\Local\Temp\Temp\Temp\chrome_installer.log

[2023-09-18 12:20][2023-09-18 12:20] 000014651 _____ () 9EE495A700B9123F8A2C3DD9DC660657 [File not signed]

C:\FRST\Quarantine\C\Users\Kaique-Vidal\AppData\Local\Microsoft\Office\SolutionPackages\a685d304dddffc9a409e2bdc2de7daac\PackageResources\assets\src\assets\images\chrome.png.xBAD

[2023-07-07 16:16][2023-07-07 16:16] 000001635 _____ () 645AAD86530C41BD39876E4DC3D78160 [File not signed]

C:\FRST\Quarantine\C\Users\Kaique-Vidal\AppData\Local\Microsoft\Office\SolutionPackages\a685d304dddffc9a409e2bdc2de7daac\PackageResources\assets\src\assets\images\chrome@2x.png.xBAD

[2023-07-07 16:16][2023-07-07 16:16] 000002854 _____ () B9224053A3571D88CECE66B485C48108 [File not signed]

C:\FRST\Quarantine\C\Users\Kaique-Vidal\AppData\Local\Microsoft\Edge\User Data\Safe Browsing\ChromeExtMalware.store.xBAD

[2023-09-14 09:45][2023-09-14 09:45] 002085617 _____ () 2409F0C1339862ADB78996046D2B7F0D [File not signed]

C:\FRST\Quarantine\C\Users\Kaique-Vidal\AppData\Local\CapCut\Apps\1.3.2.166\cef\chrome_elf.dll.xBAD

[2022-12-27 16:01][2022-12-27 16:01] 000982704 _____ (The Chromium Authors) 2C542C4C3DEBC052B5A0BF9DD7DFE2C7 [File is digitally signed]

C:\FRST\Quarantine\C\Users\Kaique-Vidal\AppData\Local\BraveSoftware\Brave-Browser\User Data\Safe Browsing\ChromeExtMalware.store.xBAD

[2023-09-18 12:26][2023-09-18 12:26] 001992414 _____ () 2605C575EB8910E155F5D211B477A0E3 [File not signed]

C:\FRST\Quarantine\C\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0\chrome_100_percent.pak.xBAD

[2023-06-09 19:58][2023-06-09 19:58] 000622495 _____ () EAE66715D9A0D3A3574223E130DD3C83 [File not signed]

C:\FRST\Quarantine\C\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0\chrome_200_percent.pak.xBAD

[2023-06-09 19:58][2023-06-09 19:58] 000937172 _____ () 7F25DC4230FBFB1B2EE7A2133F929FE4 [File not signed]

C:\FRST\Quarantine\C\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0\chrome_elf.dll.xBAD

[2023-09-02 17:59][2023-09-02 17:59] 001448312 _____ (The Chromium Authors) 96C4CF9AC5DC822FBB178ECA1AC13A07 [File is digitally signed]

C:\FRST\Quarantine\C\Program Files\WindowsApps\Microsoft.SkypeApp_15.103.3208.0_x64__kzf8qxf38zg5c\Skype\chrome_100_percent.pak.xBAD

[2023-09-15 17:30][2023-09-15 17:30] 000128506 _____ () 0CF9DE69DCFD8227665E08C644B9499C [File not signed]

C:\FRST\Quarantine\C\Program Files\WindowsApps\Microsoft.SkypeApp_15.103.3208.0_x64__kzf8qxf38zg5c\Skype\chrome_200_percent.pak.xBAD

[2023-09-15 17:30][2023-09-15 17:30] 000179027 _____ () D88936315A5BD83C1550E5B8093EB1E6 [File not signed]

C:\FRST\Quarantine\C\Program Files\WindowsApps\Microsoft.SkypeApp_15.102.3211.0_x64__kzf8qxf38zg5c\Skype\chrome_100_percent.pak.xBAD

[2023-08-20 18:57][2023-08-20 18:57] 000128506 _____ () 0CF9DE69DCFD8227665E08C644B9499C [File not signed]

C:\FRST\Quarantine\C\Program Files\WindowsApps\Microsoft.SkypeApp_15.102.3211.0_x64__kzf8qxf38zg5c\Skype\chrome_200_percent.pak.xBAD

[2023-08-20 18:57][2023-08-20 18:57] 000179027 _____ () D88936315A5BD83C1550E5B8093EB1E6 [File not signed]

C:\FRST\Quarantine\C\Program Files\WindowsApps\Microsoft.Paint_11.2304.33.0_x64__8wekyb3d8bbwe\PaintApp\PaintUI\AppChrome.xbf.xBAD

[2023-09-08 05:32][2023-09-08 05:32] 000001759 _____ () F019E158BA11F46894DAA9C19EAEB71A [File not signed]

C:\FRST\Quarantine\C\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_chromecast_plugin.dll.xBAD

[2022-11-08 18:31][2022-11-08 18:31] 001117304 _____ (VideoLAN) 1D55E77F063F1E52EF402F279F06625F [File is digitally signed]

C:\FRST\Quarantine\C\Program Files\VideoLAN\VLC\plugins\demux\libdemux_chromecast_plugin.dll.xBAD

[2022-11-08 18:26][2022-11-08 18:26] 000110200 _____ (VideoLAN) 0BE3746AA98B14DAB1673632A7728A83 [File is digitally signed]

C:\FRST\Quarantine\C\Program Files\McAfee\WebAdvisor\webadvisor.mcafee.chrome.extension.json.xBAD

[2023-02-01 18:47][2023-09-07 23:17] 000000615 _____ () C818E90178C96918E3002C360B0287EE [File not signed]

C:\FRST\Quarantine\C\Program Files\McAfee\WebAdvisor\webadvisor_v2.mcafee.chrome.extension.json.xBAD

[2023-02-01 18:47][2023-09-07 23:17] 000000614 _____ () 99EEDE6E82604A4788969A97A0D30123 [File not signed]

C:\FRST\Quarantine\C\Program Files\McAfee\WebAdvisor\telemetry\dimensions\handlers\chromebasedbrowserversion.luc.xBAD

[2023-02-01 18:47][2023-09-07 23:17] 000001227 _____ () 6BE8B7A8EAA28B5BF963DB14C84A70E7 [File not signed]

C:\FRST\Quarantine\C\Program Files\McAfee\WebAdvisor\MFW\packages\webadvisor\chrome_extension_push_handler.luc.xBAD

[2023-02-01 18:47][2023-09-07 23:17] 000001651 _____ () 4734DDD7D0E55AC97461552035BD18D6 [File not signed]

C:\FRST\Quarantine\C\Program Files\Learnpulse\Screenpresso\FFmpeg\libvlc\plugins\stream_out\libstream_out_chromecast_plugin.dll.xBAD

[2022-04-07 19:43][2022-04-07 19:43] 001112312 _____ (VideoLAN) D8040853CE83B78DDB06FC978E844061 [File is digitally signed]

C:\FRST\Quarantine\C\Program Files\Learnpulse\Screenpresso\FFmpeg\libvlc\plugins\demux\libdemux_chromecast_plugin.dll.xBAD

[2022-04-07 19:43][2022-04-07 19:43] 000105208 _____ (VideoLAN) D20EA947A9ECFE436BE32BE422EEF253 [File is digitally signed]

C:\FRST\Quarantine\C\Program Files\Fortect\chrome_100_percent.pak.xBAD

[2023-09-09 20:14][2023-08-03 07:55] 000129228 _____ () A3D4515D3A33A407D313A62818E82A5D [File not signed]

C:\FRST\Quarantine\C\Program Files\Fortect\chrome_200_percent.pak.xBAD

[2023-09-09 20:14][2023-08-03 07:55] 000179318 _____ () 3BAB45C70F22646CF8452C30903810CB [File not signed]

C:\FRST\Quarantine\C\Program Files\BraveSoftware\Brave-Browser\Application\chrome.VisualElementsManifest.xml.xBAD

[2022-12-26 17:24][2023-09-17 12:20] 000000407 _____ () AD57B66DADC425CC20A865AFDAB91C0F [File not signed]

C:\FRST\Quarantine\C\Program Files\BraveSoftware\Brave-Browser\Application\chrome_proxy.exe.xBAD

[2022-12-26 17:24][2023-09-16 16:48] 001217560 _____ (Brave Software, Inc.) 39D2502ED8F27D21A21E2287E0EC844E [File is digitally signed]

C:\FRST\Quarantine\C\Program Files\BraveSoftware\Brave-Browser\Application\117.1.58.127\chrome.dll.sig.xBAD

[2023-09-17 12:20][2023-09-16 16:48] 000001418 _____ () 8B55F5742BA15FEE49977D0C633DF3FA [File not signed]

C:\FRST\Quarantine\C\Program Files\BraveSoftware\Brave-Browser\Application\117.1.58.127\chrome.dll.xBAD

[2023-09-17 12:20][2023-09-16 16:49] 241341464 _____ (Brave Software, Inc.) B92447747D56391E06C4645FA205798E [File is digitally signed]

C:\FRST\Quarantine\C\Program Files\BraveSoftware\Brave-Browser\Application\117.1.58.127\chrome_100_percent.pak.xBAD

[2023-09-17 12:20][2023-09-16 16:48] 000631801 _____ () D0745E9EEE4A580E3FCD50D79C6B7B04 [File not signed]

C:\FRST\Quarantine\C\Program Files\BraveSoftware\Brave-Browser\Application\117.1.58.127\chrome_200_percent.pak.xBAD

[2023-09-17 12:20][2023-09-16 16:48] 000968849 _____ () 1196BBED617BFDEC0406F65F540FDCCC [File not signed]

C:\FRST\Quarantine\C\Program Files\BraveSoftware\Brave-Browser\Application\117.1.58.127\chrome_elf.dll.xBAD

[2023-09-17 12:20][2023-09-16 16:49] 001422360 _____ (Brave Software, Inc.) D90AB104617E2BF706AE0C3570BAEAE0 [File is digitally signed]

C:\FRST\Quarantine\C\Program Files\BraveSoftware\Brave-Browser\Application\117.1.58.127\chrome_pwa_launcher.exe.xBAD

[2023-09-17 12:20][2023-09-16 16:49] 001594392 _____ (Brave Software, Inc.) 4AE32AB4CB59CB6574CB70CA7FBA71BF [File is digitally signed]

C:\FRST\Quarantine\C\Program Files\BraveSoftware\Brave-Browser\Application\117.1.58.127\chrome_wer.dll.xBAD

[2023-09-17 12:20][2023-09-16 16:49] 000124440 _____ (Brave Software, Inc.) C183F6CCBB1EEC135F254C1156168A4F [File is digitally signed]

C:\FRST\Quarantine\C\Program Files\BraveSoftware\Brave-Browser\Application\117.1.58.127\Installer\chrome.7z.xBAD

[2023-09-17 12:20][2023-09-16 16:49] 368839271 _____ () 305761248ABAC4053BA59A43F2B346E5 [File not signed]

C:\FRST\Quarantine\C\Program Files\Adobe\Acrobat DC\Acrobat\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\chrome-ext-2x.png.xBAD

[2023-09-05 12:17][2023-09-05 12:17] 000034263 _____ () 6A780F2000240020B00E1C027D546021 [File not signed]

C:\FRST\Quarantine\C\Program Files\Adobe\Acrobat DC\Acrobat\WebResources\Resource0\static\js\plugins\on-boarding\images\themeless\chrome-ext.png.xBAD

[2023-09-05 12:17][2023-09-05 12:17] 000015722 _____ () 96FF7F6D471EA6D74109AE826FC008FF [File not signed]

C:\FRST\Quarantine\C\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCChromeExtn\WCChromeNativeMessagingHost.exe.xBAD

[2023-09-06 20:36][2023-09-06 20:36] 000203224 _____ (Adobe Systems Inc.) EC41052DE27A5B34B1031BCD9A21BFAF [File is digitally signed]

C:\FRST\Quarantine\C\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\chrome_100_percent.pak.xBAD

[2023-09-14 09:47][2022-12-23 20:44] 000614598 _____ () 690DCC40A5489BBA50F7936EA930EDA7 [File not signed]

C:\FRST\Quarantine\C\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\chrome_200_percent.pak.xBAD

[2023-09-14 09:47][2022-12-23 20:44] 000918509 _____ () F4CCF1C3D3330F7952D4040FC6677ECD [File not signed]

C:\FRST\Quarantine\C\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\chrome_elf.dll.xBAD

[2023-09-14 09:47][2022-12-23 20:44] 001224144 _____ (The Chromium Authors) 645228190A7F23094EE958D058DDF80F [File is digitally signed]

C:\FRST\Quarantine\C\Program Files\Adobe\Acrobat DC\Acrobat\AcroCEF\chrome_100_percent.pak.xBAD

[2022-12-23 20:44][2022-12-23 20:44] 000614598 _____ () 690DCC40A5489BBA50F7936EA930EDA7 [File not signed]

C:\FRST\Quarantine\C\Program Files\Adobe\Acrobat DC\Acrobat\AcroCEF\chrome_200_percent.pak.xBAD

[2022-12-23 20:44][2022-12-23 20:44] 000918509 _____ () F4CCF1C3D3330F7952D4040FC6677ECD [File not signed]

C:\FRST\Quarantine\C\Program Files\Adobe\Acrobat DC\Acrobat\AcroCEF\chrome_elf.dll.xBAD

[2022-12-23 20:44][2022-12-23 20:44] 001224144 _____ (The Chromium Authors) 645228190A7F23094EE958D058DDF80F [File is digitally signed]

C:\FRST\Quarantine\C\FRST\Quarantine\C\WINDOWS\Temp\chrome_installer.log.xBAD

[2023-09-12 21:39][2023-09-13 14:20] 000033549 _____ () 39CA07DA9C4CC6306425F707E5816232 [File not signed]

C:\FRST\Quarantine\C\FRST\Quarantine\C\Users\Kaique-Vidal\AppData\Local\Temp\chrome_BITS_1856_1277387048.xBAD.xBAD

[2023-09-13 03:26][2023-09-13 03:26] 000001911 _____ () 9276E794C565DC6713853700B417A5F2 [File not signed]

C:\FRST\Quarantine\C\FRST\Quarantine\C\Users\Kaique-Vidal\AppData\Local\Temp\chrome_BITS_1856_436215170.xBAD.xBAD

[2023-09-12 17:39][2023-09-12 17:39] 000002070 _____ () 54D2562C397466C52CD172EB5FA523AB [File not signed]

folder:

========

2023-01-17 21:49 - 2023-09-24 22:05 _____ C:\Users\Kaique-Vidal\AppData\Local\Vivaldi\User Data\Default\Storage\ext\mpognobbkildjkofajifpdfhcoklimli\def\IndexedDB\chrome-extension_mpognobbkildjkofajifpdfhcoklimli_0.indexeddb.leveldb

2023-09-22 21:48 - 2023-09-22 21:49 _____ C:\Users\Kaique-Vidal\AppData\Local\Temp\chrome_BITS_10460_772086312

2023-09-24 22:07 - 2023-09-24 22:07 _____ C:\Users\Kaique-Vidal\AppData\Local\Temp\chrome_BITS_10520_1079529108

2023-09-24 22:07 - 2023-09-24 22:07 _____ C:\Users\Kaique-Vidal\AppData\Local\Temp\chrome_BITS_10520_1805954119

2023-09-24 16:44 - 2023-09-24 16:44 _____ C:\Users\Kaique-Vidal\AppData\Local\Temp\chrome_BITS_8696_1393931529

2023-09-22 22:06 - 2023-09-22 22:06 _____ C:\Users\Kaique-Vidal\AppData\Local\Temp\chrome_url_fetcher_11308_1124851356

2023-09-22 22:06 - 2023-09-22 22:06 _____ C:\Users\Kaique-Vidal\AppData\Local\Temp\chrome_url_fetcher_11308_1200450410

2023-09-22 22:06 - 2023-09-22 22:06 _____ C:\Users\Kaique-Vidal\AppData\Local\Temp\chrome_url_fetcher_11308_1401307541

2023-09-22 22:06 - 2023-09-22 22:06 _____ C:\Users\Kaique-Vidal\AppData\Local\Temp\chrome_url_fetcher_11308_1653383322

2023-09-22 22:06 - 2023-09-22 22:06 _____ C:\Users\Kaique-Vidal\AppData\Local\Temp\chrome_url_fetcher_11308_1886635209

2023-09-22 22:06 - 2023-09-22 22:06 _____ C:\Users\Kaique-Vidal\AppData\Local\Temp\chrome_url_fetcher_11308_1913887310

2023-09-22 22:06 - 2023-09-22 22:06 _____ C:\Users\Kaique-Vidal\AppData\Local\Temp\chrome_url_fetcher_11308_488261226

2023-09-22 22:06 - 2023-09-22 22:06 _____ C:\Users\Kaique-Vidal\AppData\Local\Temp\chrome_url_fetcher_11308_640942240

2023-09-22 22:06 - 2023-09-22 22:06 _____ C:\Users\Kaique-Vidal\AppData\Local\Temp\chrome_url_fetcher_11308_641122739

2023-09-22 22:06 - 2023-09-22 22:06 _____ C:\Users\Kaique-Vidal\AppData\Local\Temp\chrome_url_fetcher_11308_947752014

2023-01-16 00:29 - 2023-09-18 20:25 _____ C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCChromeExtn

2023-03-23 12:00 - 2023-03-23 12:00 _____ C:\FRST\Quarantine\C\Users\Kaique-Vidal\AppData\Roaming\Opera Software\Opera Stable\IndexedDB\chrome-extension_obhaigpnhcioanniiaepcgkdilopflbb_0.indexeddb.leveldb

2023-01-17 21:49 - 2023-09-18 20:25 _____ C:\FRST\Quarantine\C\Users\Kaique-Vidal\AppData\Local\Vivaldi\User Data\Default\Storage\ext\mpognobbkildjkofajifpdfhcoklimli\def\IndexedDB\chrome-extension_mpognobbkildjkofajifpdfhcoklimli_0.indexeddb.leveldb

2023-09-13 23:24 - 2023-09-13 23:24 _____ C:\FRST\Quarantine\C\Users\Kaique-Vidal\AppData\Local\Temp\chrome_BITS_1856_436215170

2023-09-13 21:36 - 2023-09-13 21:37 _____ C:\FRST\Quarantine\C\Users\Kaique-Vidal\AppData\Local\Temp\Temp\Temp\chrome_BITS_11356_282163370

2023-09-12 18:00 - 2023-09-12 18:00 _____ C:\FRST\Quarantine\C\Users\Kaique-Vidal\AppData\Local\Temp\Temp\Temp\chrome_BITS_12232_968283320

2023-09-17 22:05 - 2023-09-17 22:06 _____ C:\FRST\Quarantine\C\Users\Kaique-Vidal\AppData\Local\Temp\Temp\Temp\chrome_BITS_12600_406011378

2023-09-21 11:41 - 2023-09-21 11:41 _____ C:\FRST\Quarantine\C\Users\Kaique-Vidal\AppData\Local\Temp\Temp\Temp\chrome_BITS_13444_1246100489

2023-09-21 11:41 - 2023-09-21 11:41 _____ C:\FRST\Quarantine\C\Users\Kaique-Vidal\AppData\Local\Temp\Temp\Temp\chrome_BITS_13444_430594783

2023-09-13 22:17 - 2023-09-13 22:17 _____ C:\FRST\Quarantine\C\Users\Kaique-Vidal\AppData\Local\Temp\Temp\Temp\chrome_BITS_15916_1975587407

2023-09-13 09:55 - 2023-09-13 22:56 _____ C:\FRST\Quarantine\C\Users\Kaique-Vidal\AppData\Local\Temp\Temp\Temp\chrome_BITS_1856_1277387048

2023-09-12 18:40 - 2023-09-13 14:17 _____ C:\FRST\Quarantine\C\Users\Kaique-Vidal\AppData\Local\Temp\Temp\Temp\chrome_BITS_1856_436215170

2023-09-17 12:24 - 2023-09-17 12:24 _____ C:\FRST\Quarantine\C\Users\Kaique-Vidal\AppData\Local\Temp\Temp\Temp\chrome_BITS_5696_464532896

2023-09-17 18:04 - 2023-09-17 18:05 _____ C:\FRST\Quarantine\C\Users\Kaique-Vidal\AppData\Local\Temp\Temp\Temp\chrome_BITS_7188_1840872782

2023-09-18 12:23 - 2023-09-18 12:23 _____ C:\FRST\Quarantine\C\Users\Kaique-Vidal\AppData\Local\Temp\Temp\Temp\chrome_url_fetcher_12908_1260522977

2023-09-18 12:23 - 2023-09-18 12:23 _____ C:\FRST\Quarantine\C\Users\Kaique-Vidal\AppData\Local\Temp\Temp\Temp\chrome_url_fetcher_12908_1533741462

2023-09-18 12:23 - 2023-09-18 12:23 _____ C:\FRST\Quarantine\C\Users\Kaique-Vidal\AppData\Local\Temp\Temp\Temp\chrome_url_fetcher_12908_1543766075

2023-09-18 12:23 - 2023-09-18 12:23 _____ C:\FRST\Quarantine\C\Users\Kaique-Vidal\AppData\Local\Temp\Temp\Temp\chrome_url_fetcher_12908_1565500044

2023-09-18 12:23 - 2023-09-18 12:23 _____ C:\FRST\Quarantine\C\Users\Kaique-Vidal\AppData\Local\Temp\Temp\Temp\chrome_url_fetcher_12908_1726499021

2023-09-18 12:23 - 2023-09-18 12:23 _____ C:\FRST\Quarantine\C\Users\Kaique-Vidal\AppData\Local\Temp\Temp\Temp\chrome_url_fetcher_12908_2040669223

2023-09-18 12:23 - 2023-09-18 12:23 _____ C:\FRST\Quarantine\C\Users\Kaique-Vidal\AppData\Local\Temp\Temp\Temp\chrome_url_fetcher_12908_225574683

2023-09-18 12:23 - 2023-09-18 12:23 _____ C:\FRST\Quarantine\C\Users\Kaique-Vidal\AppData\Local\Temp\Temp\Temp\chrome_url_fetcher_12908_511598960

2023-09-18 12:23 - 2023-09-18 12:23 _____ C:\FRST\Quarantine\C\Users\Kaique-Vidal\AppData\Local\Temp\Temp\Temp\chrome_url_fetcher_12908_741400440

2023-09-18 12:23 - 2023-09-18 12:23 _____ C:\FRST\Quarantine\C\Users\Kaique-Vidal\AppData\Local\Temp\Temp\Temp\chrome_url_fetcher_12908_887230342

2023-09-18 16:32 - 2023-09-18 16:32 _____ C:\FRST\Quarantine\C\Users\Kaique-Vidal\AppData\Local\Temp\Temp\Temp\chrome_url_fetcher_13260_1219361294

2023-09-18 16:32 - 2023-09-18 16:32 _____ C:\FRST\Quarantine\C\Users\Kaique-Vidal\AppData\Local\Temp\Temp\Temp\chrome_url_fetcher_13260_2127701769

2023-09-18 16:32 - 2023-09-18 16:32 _____ C:\FRST\Quarantine\C\Users\Kaique-Vidal\AppData\Local\Temp\Temp\Temp\chrome_url_fetcher_13260_709163433

2023-09-17 15:20 - 2023-09-17 15:20 _____ C:\FRST\Quarantine\C\Users\Kaique-Vidal\AppData\Local\Temp\Temp\Temp\chrome_url_fetcher_15224_1616493341

2023-09-17 15:20 - 2023-09-17 15:20 _____ C:\FRST\Quarantine\C\Users\Kaique-Vidal\AppData\Local\Temp\Temp\Temp\chrome_url_fetcher_15224_1978793546

2023-09-17 15:20 - 2023-09-17 15:20 _____ C:\FRST\Quarantine\C\Users\Kaique-Vidal\AppData\Local\Temp\Temp\Temp\chrome_url_fetcher_15224_208405230

2023-09-17 15:21 - 2023-09-17 15:21 _____ C:\FRST\Quarantine\C\Users\Kaique-Vidal\AppData\Local\Temp\Temp\Temp\chrome_url_fetcher_15224_454781627

2023-09-17 15:20 - 2023-09-17 15:20 _____ C:\FRST\Quarantine\C\Users\Kaique-Vidal\AppData\Local\Temp\Temp\Temp\chrome_url_fetcher_15224_599107927

2023-09-17 15:20 - 2023-09-17 15:20 _____ C:\FRST\Quarantine\C\Users\Kaique-Vidal\AppData\Local\Temp\Temp\Temp\chrome_url_fetcher_15224_820304799

2022-12-23 20:08 - 2023-09-18 12:20 _____ C:\FRST\Quarantine\C\Program Files\Google\Chrome

2022-12-23 20:10 - 2022-12-23 21:38 _____ C:\FRST\Quarantine\C\Program Files\Google\Chrome\ChromeRecovery

2023-09-18 16:33 - 2023-09-18 16:33 _____ C:\FRST\Quarantine\C\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCChromeExtn

2023-01-16 00:29 - 2023-09-18 16:33 _____ C:\FRST\Quarantine\C\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCChromeExtn\WCChromeExtn

Registry:

========

[HKEY_LOCAL_MACHINE\SOFTWARE\Adobe\Adobe Acrobat\DC\Installer]

"ENABLE_CHROMEEXT"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{418DFBFA-4DE8-41C0-A272-727307252DBD}]

""="Enterprise Chrome"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d8a04f01-4570-45cc-bffa-37c79cf7208c}]

""="Chrome Controls"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{418DFBFA-4DE8-41C0-A272-727307252DBD}]

""="Enterprise Chrome"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{d8a04f01-4570-45cc-bffa-37c79cf7208c}]

""="Chrome Controls"

[HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome]

[HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\NativeMessagingHosts\com.microsoft.defender.browser_extension.native_message_host]

""="C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\com.microsoft.defender.be.chrome.json"

[HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\NativeMessagingHosts\siteadvisor.mcafee.chrome.extension]

""="C:\Program Files\McAfee\WebAdvisor\webadvisor.mcafee.chrome.extension.json"

[HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\NativeMessagingHosts\webadvisor.mcafee.chrome.extension]

""="C:\Program Files\McAfee\WebAdvisor\webadvisor_v2.mcafee.chrome.extension.json"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Edge\NativeMessagingHosts]

""="C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCChromeExtn\manifest.json"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Edge\NativeMessagingHosts\com.microsoft.defender.browser_extension.native_message_host]

""="C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\com.microsoft.defender.be.chrome.json"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Edge\NativeMessagingHosts\siteadvisor.mcafee.chrome.extension]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Edge\NativeMessagingHosts\webadvisor.mcafee.chrome.extension]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\chrome.exe]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]

"C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCChromeExtn\"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0B247A437CFC49043BF7843D96465C42]

"728573e182354ad4ea5de7b298337727"="C:\Program Files\Learnpulse\Screenpresso\FFmpeg\libvlc\plugins\demux\libdemux_chromecast_plugin.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\378D0D9F5F2A17941B5057CA3B54B0F6]

"728573e182354ad4ea5de7b298337727"="22:\Software\Google\Chrome\NativeMessagingHosts\"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6658366D8D7616048A875C5240685A5E]

"728573e182354ad4ea5de7b298337727"="22:\Software\Google\Chrome\NativeMessagingHosts\com.screenpresso.api\"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A87937B2F4300464EB18C97B36FBB180]

"68AB67CA330133017706CB5110E47A00"="C:\Program Files\Adobe\Acrobat DC\Acrobat\AcroCEF\chrome_elf.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A87937B2F4300464EB18C97B36FBB180\68AB67CA330133017706CB5110E47A00]

"File"="chrome_elf.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BAFCD9C90A1419D4A951D567FB1A6F3B]

"728573e182354ad4ea5de7b298337727"="C:\Program Files\Learnpulse\Screenpresso\FFmpeg\libvlc\plugins\stream_out\libstream_out_chromecast_plugin.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C106736BA1D9E704093C7D2CCF1F8D9C]

"728573e182354ad4ea5de7b298337727"="22:\Software\Google\Chrome\"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA199C7B23B7FC44D8CC2FC4A91C6170]

"68AB67CA330133017706CB5110E47A00"="C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCChromeExtn\WCChromeNativeMessagingHost.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA199C7B23B7FC44D8CC2FC4A91C6170\68AB67CA330133017706CB5110E47A00]

"File"="wcchromenativemessaginghost.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\RuntimeExceptionHelperModules]

"C:\Program Files\BraveSoftware\Brave-Browser\Application\117.1.58.131\chrome_wer.dll"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.ComposableShell.ChromePresentationOption]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\WindowsUdk.ComposableShell.ChromePresentationOption]

[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\NativeMessagingHosts\siteadvisor.mcafee.chrome.extension]

[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\NativeMessagingHosts\webadvisor.mcafee.chrome.extension]

[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Chrome]

[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Chrome\NativeMessagingHosts\siteadvisor.mcafee.chrome.extension]

""="C:\Program Files\McAfee\WebAdvisor\webadvisor.mcafee.chrome.extension.json"

[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Chrome\NativeMessagingHosts\webadvisor.mcafee.chrome.extension]

""="C:\Program Files\McAfee\WebAdvisor\webadvisor_v2.mcafee.chrome.extension.json"

[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\McAfee NGI\packages\WebAdvisor_BrowserHost]

"manifest"="local install_dir = [[%FOLDERID_ProgramFiles%McAfee\WebAdvisor]]

package = {

header = {

id = "WebAdvisor_BrowserHost",

version = "4.1.1.836",

name = "WebAdvisor Browser Host"

},

dependencies = {

{ meta="SD", path = { install_dir }, version = "*", },

},

install = {

commands = {

{ command = "Extract", patterns = {

{[[^BrowserHost.exe$]], install_dir},

{[[^webadvisor.*.mcafee.chrome.extension.json$]], install_dir},

{[[^webadvisor.*.mcafee.firefox.extension.json$]], install_dir},

{[[^edge.com.mcafee.webadvisor.*.json$]], install_dir},

}

},

{ command = "SetRegistry", entries = {

{ key = "HKLM",

{ subkey = [[SOFTWARE\McAfee\WebAdvisor\BrowserHost]],

{ valuename = "Version", type = "REG_SZ", value = "4.1.1.836", flags = { REG64 = true } },

},

{ subkey = [[SOFTWARE\Google\Chrome\NativeMessagingHosts\siteadvisor.mcafee.chrome.extension]],

{ valuename = "", type = "REG_SZ", value = install_dir .. [[\webadvisor.mcafee.chrome.extension.json]], flags = { REG64 = true } },

},

{ subkey = [[SOFTWARE\Google\Chrome\NativeMessagingHosts\siteadvisor.mcafee.chrome.extension]],

{ valuename = "", type = "REG_SZ", value = install_dir .. [[\webadvisor.mcafee.chrome.extension.json]], flags = { REG32 = true } },

},

{ subkey = [[SOFTWARE\Mozilla\NativeMessagingHosts\siteadvisor.mcafee.chrome.extension]],

{ valuename = "", type = "REG_SZ", value = install_dir .. [[\webadvisor.mcafee.firefox.extension.json]], flags = { REG64 = true } },

},

{ subkey = [[SOFTWARE\Mozilla\NativeMessagingHosts\siteadvisor.mcafee.chrome.extension]],

{ valuename = "", type = "REG_SZ", value = install_dir .. [[\webadvisor.mcafee.firefox.extension.json]], flags = { REG32 = true } },

},

{ subkey = [[SOFTWARE\Microsoft\Edge\NativeMessagingHosts\siteadvisor.mcafee.chrome.extension]],

{ valuename = "", type = "REG_SZ", value = install_dir .. [[\edge.com.mcafee.webadvisor.json]], flags = { REG32 = true } },

},

{ subkey = [[SOFTWARE\Microsoft\Edge\NativeMessagingHosts\siteadvisor.mcafee.chrome.extension]],

{ valuename = "", type = "REG_SZ", value = install_dir .. [[\edge.com.mcafee.webadvisor.json]], flags = { REG64 = true } },

},

{ subkey = [[SOFTWARE\Google\Chrome\NativeMessagingHosts\webadvisor.mcafee.chrome.extension]],

{ valuename = "", type = "REG_SZ", value = install_dir .. [[\webadvisor_v2.mcafee.chrome.extension.json]], flags = { REG64 = true } },

},

{ subkey = [[SOFTWARE\Google\Chrome\NativeMessagingHosts\webadvisor.mcafee.chrome.extension]],

{ valuename = "", type = "REG_SZ", value = install_dir .. [[\webadvisor_v2.mcafee.chrome.extension.json]], flags = { REG32 = true } },

},

{ subkey = [[SOFTWARE\Mozilla\NativeMessagingHosts\webadvisor.mcafee.chrome.extension]],

{ valuename = "", type = "REG_SZ", value = install_dir .. [[\webadvisor_v2.mcafee.firefox.extension.json]], flags = { REG64 = true } },

},

{ subkey = [[SOFTWARE\Mozilla\NativeMessagingHosts\webadvisor.mcafee.chrome.extension]],

{ valuename = "", type = "REG_SZ", value = install_dir .. [[\webadvisor_v2.mcafee.firefox.extension.json]], flags = { REG32 = true } },

},

{ subkey = [[SOFTWARE\Microsoft\Edge\NativeMessagingHosts\webadvisor.mcafee.chrome.extension]],

{ valuename = "", type = "REG_SZ", value = install_dir .. [[\edge.com.mcafee.webadvisor_v2.json]], flags = { REG32 = true } },

},

{ subkey = [[SOFTWARE\Microsoft\Edge\NativeMessagingHosts\webadvisor.mcafee.chrome.extension]],

{ valuename = "", type = "REG_SZ", value = install_dir .. [[\edge.com.mcafee.webadvisor_v2.json]], flags = { REG64 = true } },

},

}

},

}

},

update = {

commands = {

{ command = "Extract", patterns = {

{[[^BrowserHost.exe$]], install_dir, flags = { RenameCopy = true } },

{[[^webadvisor.*.mcafee.chrome.extension.json$]], install_dir, flags = { RenameCopy = true } },

{[[^webadvisor.*.mcafee.firefox.extension.json$]], install_dir, flags = { RenameCopy = true } },

{[[^edge.com.mcafee.webadvisor.*.json$]], install_dir, flags = { RenameCopy = true } },

}

},

{ command = "SetRegistry", entries = {

{ key = "HKLM",

{ subkey = [[SOFTWARE\McAfee\WebAdvisor\BrowserHost]],

{ valuename = "Version", type = "REG_SZ", value = "4.1.1.836", flags = { REG64 = true } },

},

{ subkey = [[SOFTWARE\Google\Chrome\NativeMessagingHosts\siteadvisor.mcafee.chrome.extension]],

{ valuename = "", type = "REG_SZ", value = install_dir .. [[\webadvisor.mcafee.chrome.extension.json]], flags = { REG64 = true } },

},

{ subkey = [[SOFTWARE\Google\Chrome\NativeMessagingHosts\siteadvisor.mcafee.chrome.extension]],

{ valuename = "", type = "REG_SZ", value = install_dir .. [[\webadvisor.mcafee.chrome.extension.json]], flags = { REG32 = true } },

},

{ subkey = [[SOFTWARE\Mozilla\NativeMessagingHosts\siteadvisor.mcafee.chrome.extension]],

{ valuename = "", type = "REG_SZ", value = install_dir .. [[\webadvisor.mcafee.firefox.extension.json]], flags = { REG64 = true } },

},

{ subkey = [[SOFTWARE\Mozilla\NativeMessagingHosts\siteadvisor.mcafee.chrome.extension]],

{ valuename = "", type = "REG_SZ", value = install_dir .. [[\webadvisor.mcafee.firefox.extension.json]], flags = { REG32 = true } },

},

{ subkey = [[SOFTWARE\Microsoft\Edge\NativeMessagingHosts\siteadvisor.mcafee.chrome.extension]],

{ valuename = "", type = "REG_SZ", value = install_dir .. [[\edge.com.mcafee.webadvisor.json]], flags = { REG32 = true } },

},

{ subkey = [[SOFTWARE\Microsoft\Edge\NativeMessagingHosts\siteadvisor.mcafee.chrome.extension]],

{ valuename = "", type = "REG_SZ", value = install_dir .. [[\edge.com.mcafee.webadvisor.json]], flags = { REG64 = true } },

},

{ subkey = [[SOFTWARE\Google\Chrome\NativeMessagingHosts\webadvisor.mcafee.chrome.extension]],

{ valuename = "", type = "REG_SZ", value = install_dir .. [[\webadvisor_v2.mcafee.chrome.extension.json]], flags = { REG64 = true } },

},

{ subkey = [[SOFTWARE\Google\Chrome\NativeMessagingHosts\webadvisor.mcafee.chrome.extension]],

{ valuename = "", type = "REG_SZ", value = install_dir .. [[\webadvisor_v2.mcafee.chrome.extension.json]], flags = { REG32 = true } },

},

{ subkey = [[SOFTWARE\Mozilla\NativeMessagingHosts\webadvisor.mcafee.chrome.extension]],

{ valuename = "", type = "REG_SZ", value = install_dir .. [[\webadvisor_v2.mcafee.firefox.extension.json]], flags = { REG64 = true } },

},

{ subkey = [[SOFTWARE\Mozilla\NativeMessagingHosts\webadvisor.mcafee.chrome.extension]],

{ valuename = "", type = "REG_SZ", value = install_dir .. [[\webadvisor_v2.mcafee.firefox.extension.json]], flags = { REG32 = true } },

},

{ subkey = [[SOFTWARE\Microsoft\Edge\NativeMessagingHosts\webadvisor.mcafee.chrome.extension]],

{ valuename = "", type = "REG_SZ", value = install_dir .. [[\edge.com.mcafee.webadvisor_v2.json]], flags = { REG32 = true } },

},

{ subkey = [[SOFTWARE\Microsoft\Edge\NativeMessagingHosts\webadvisor.mcafee.chrome.extension]],

{ valuename = "", type = "REG_SZ", value = install_dir .. [[\edge.com.mcafee.webadvisor_v2.json]], flags = { REG64 = true } },

},

}

},

}

},

uninstall = {

commands = {

{ command = "DeleteRegistry", entries = {

{ key = "HKLM",

{ subkey = [[SOFTWARE\McAfee\WebAdvisor\BrowserHost]], flags = { REG64 = true } },

{ subkey = [[SOFTWARE\Google\Chrome\NativeMessagingHosts\siteadvisor.mcafee.chrome.extension]], flags = { REG64 = true } },

{ subkey = [[SOFTWARE\Google\Chrome\NativeMessagingHosts\siteadvisor.mcafee.chrome.extension]], flags = { REG32 = true } },

{ subkey = [[SOFTWARE\Mozilla\NativeMessagingHosts\siteadvisor.mcafee.chrome.extension]], flags = { REG64 = true } },

{ subkey = [[SOFTWARE\Mozilla\NativeMessagingHosts\siteadvisor.mcafee.chrome.extension]], flags = { REG32 = true } },

{ subkey = [[SOFTWARE\Microsoft\Edge\NativeMessagingHosts\siteadvisor.mcafee.chrome.extension]], flags = { REG32 = true } },

{ subkey = [[SOFTWARE\Microsoft\Edge\NativeMessagingHosts\siteadvisor.mcafee.chrome.extension]], flags = { REG64 = true } },

}

},

}

--3413F3980E1B1158FD531399D1C21F87950E4DBBA3E6CFD155A3FA12A7E8A9221234987B82DBD2E49D3A8E94B6C025B2D4B4530A259AFEB370E75C52AED58531++"

[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\McAfee NGI\packages\WebAdvisor_BrowserPlugin]

"manifest"="local install_dir = [[%FOLDERID_ProgramFiles%McAfee\WebAdvisor]]

package = {

header = {

id = "WebAdvisor_BrowserPlugin",

version = "4.1.1.836",

name = "WebAdvisor Browser Plugin"

},

dependencies = {

{ "WebAdvisor_BrowserHost", "*" },

{ "WebAdvisor_DownloadScan", "*" },

{ meta="SD", path = { install_dir }, version = "*", },

},

install = {

commands = {

{ command = "Extract", patterns = {

{[[^e10ssaffplg.xpi$]], install_dir},

}

},

}

},

update = {

commands = {

{ command = "Extract", patterns = {

{[[^e10ssaffplg.xpi$]], install_dir, flags = { RenameCopy = true } },

}

},

}

},

uninstall = {

commands = {

{ command = "DeleteRegistry", entries = {

{ key = "HKLM",

-- Chrome: WebAdvisor Extension

{ subkey = [[SOFTWARE\Google\Chrome\Extensions\fheoggkfdfchfphceeifdbepaooicaho]], flags = { REG64 = true } },

{ subkey = [[SOFTWARE\Google\Chrome\Extensions\fheoggkfdfchfphceeifdbepaooicaho]], flags = { REG32 = true } },

-- Chrome: PPS Extension

{ subkey = [[SOFTWARE\Google\Chrome\Extensions\mfifoblohohmjoaiclakcbicbeklikgl]], flags = { REG64 = true } },

{ subkey = [[SOFTWARE\Google\Chrome\Extensions\mfifoblohohmjoaiclakcbicbeklikgl]], flags = { REG32 = true } },

{ subkey = [[Software\Mozilla\Firefox\Extensions]],

-- FireFox: WebAdvisor Extension

{ valuename = "{4ED1F68A-5463-4931-9384-8FFF5ED91D92}", flags = { REG32 = true } },

{ valuename = "{4ED1F68A-5463-4931-9384-8FFF5ED91D92}", flags = { REG64 = true } },

-- FireFox: WebBoost Extension

{ valuename = "{EF0645D5-78D6-4B33-BC45-95B1874977AF}", flags = { REG32 = true } },

{ valuename = "{EF0645D5-78D6-4B33-BC45-95B1874977AF}", flags = { REG64 = true } },

},

-- EDGE: WebAdvisor Extension

{ subkey = [[Software\Microsoft\Edge\Extensions\fdhgeoginicibhagdmblfikbgbkahibd]], flags = { REG32 = true } },

}

},

}

--5641F6840DA7A4E172976886E3C660502578C42A4D24D2D50EA170A6E838B1BEDE4234F4352AAC2B9B4268C40B562D8182821110B00931ED444FAAA254C5F96B++"

[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Edge\NativeMessagingHosts\com.adobe.acrobat.chrome_webcapture]

""="C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCChromeExtn\manifest.json"

[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Edge\NativeMessagingHosts\siteadvisor.mcafee.chrome.extension]

[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Edge\NativeMessagingHosts\webadvisor.mcafee.chrome.extension]

[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}]

"experiment_labels"="chromerec3=202251R|Thu, 23 Mar 2023 23:13:41 GMT"

[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\EdgeUpdate\ClientState\{F3C4FE00-EFD5-403B-9569-398A20F1BA4A}]

"InstallSource"="chromerecovery"

[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\EdgeUpdate\ClientState\{F3C4FE00-EFD5-403B-9569-398A20F1BA4A}]

"experiment_labels"="chromerec3=202251R|Thu, 23 Mar 2023 23:13:41 GMT"

[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\WindowsRuntime\ActivatableClassId\WindowsUdk.ComposableShell.ChromePresentationOption]

[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Mozilla\NativeMessagingHosts\siteadvisor.mcafee.chrome.extension]

[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Mozilla\NativeMessagingHosts\webadvisor.mcafee.chrome.extension]

[HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services\GoogleChromeElevationService]

"ServiceName"="GoogleChromeElevationService"

[HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services\GoogleChromeElevationService]

"Path"=""C:\Program Files\Google\Chrome\Application\116.0.5845.180\elevation_service.exe""

[HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services\GoogleChromeElevationService]

"Path.Org"=""C:\Program Files\Google\Chrome\Application\116.0.5845.180\elevation_service.exe""

[HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services\GoogleChromeElevationService]

"Path.Win32"="C:\Program Files\Google\Chrome\Application\116.0.5845.180\elevation_service.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services\GoogleChromeElevationService]

"DisplayName"="Google Chrome Elevation Service (GoogleChromeElevationService)"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\AppIso\FirewallRules]

"{EE2BA72B-874D-4B65-949A-84B58192EA65}"="v2.30|Action=Block|Active=TRUE|Dir=In|Name=Chrome Sandbox|Desc=Profile for Chrome Sandbox|LUOwn=S-1-5-21-1323333070-3634341992-397913038-1001|AppPkgId=S-1-15-2-2007313292-2239395077-2651852023-3090155050-4294210220-3691981829-2485832933|EmbedCtxt=Chrome Sandbox|"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\AppIso\FirewallRules]

"{A3CDE04A-0BFB-4021-96CE-690620F4770F}"="v2.30|Action=Block|Active=TRUE|Dir=Out|Name=Chrome Sandbox|Desc=Profile for Chrome Sandbox|LUOwn=S-1-5-21-1323333070-3634341992-397913038-1001|AppPkgId=S-1-15-2-2007313292-2239395077-2651852023-3090155050-4294210220-3691981829-2485832933|EmbedCtxt=Chrome Sandbox|"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\AppIso\FirewallRules]

"{190727E1-1D1B-4936-9606-5A364490D863}"="v2.30|Action=Block|Active=TRUE|Dir=In|Name=Chrome Sandbox|Desc=Profile for Chrome Sandbox|LUOwn=S-1-5-21-1323333070-3634341992-397913038-1001|AppPkgId=S-1-15-2-344281599-1769194578-1146580776-1412347810-510615695-2441257774-3165305218|EmbedCtxt=Chrome Sandbox|"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\AppIso\FirewallRules]

"{14D3A885-38DA-4D5E-82FF-424DA7C9CBB9}"="v2.30|Action=Block|Active=TRUE|Dir=Out|Name=Chrome Sandbox|Desc=Profile for Chrome Sandbox|LUOwn=S-1-5-21-1323333070-3634341992-397913038-1001|AppPkgId=S-1-15-2-344281599-1769194578-1146580776-1412347810-510615695-2441257774-3165305218|EmbedCtxt=Chrome Sandbox|"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\AppIso\FirewallRules]

"{A15012F4-6E89-437F-B235-3EDD19EA82B1}"="v2.30|Action=Block|Active=TRUE|Dir=In|Name=Chrome Sandbox|Desc=Profile for Chrome Sandbox|LUOwn=S-1-5-21-1323333070-3634341992-397913038-1001|AppPkgId=S-1-15-2-3602573060-2454142040-2033484844-3486235527-4012652543-3575806694-2633199979|EmbedCtxt=Chrome Sandbox|"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\AppIso\FirewallRules]

"{552321F0-0298-4F1F-8903-88714A33DF6F}"="v2.30|Action=Block|Active=TRUE|Dir=Out|Name=Chrome Sandbox|Desc=Profile for Chrome Sandbox|LUOwn=S-1-5-21-1323333070-3634341992-397913038-1001|AppPkgId=S-1-15-2-3602573060-2454142040-2033484844-3486235527-4012652543-3575806694-2633199979|EmbedCtxt=Chrome Sandbox|"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\AppIso\FirewallRules]

"{43D9F27A-0824-4381-91E1-B509EC57C680}"="v2.32|Action=Block|Active=TRUE|Dir=In|Name=Chrome Sandbox|Desc=Profile for Chrome Sandbox|LUOwn=S-1-5-21-1323333070-3634341992-397913038-1001|AppPkgId=S-1-15-2-4207504079-2037791486-1217130867-4051048121-2920232717-328079776-314211323|EmbedCtxt=Chrome Sandbox|"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\AppIso\FirewallRules]

"{16B0A4E9-2FE4-4D1A-B1A1-369AB7BF0230}"="v2.32|Action=Block|Active=TRUE|Dir=Out|Name=Chrome Sandbox|Desc=Profile for Chrome Sandbox|LUOwn=S-1-5-21-1323333070-3634341992-397913038-1001|AppPkgId=S-1-15-2-4207504079-2037791486-1217130867-4051048121-2920232717-328079776-314211323|EmbedCtxt=Chrome Sandbox|"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\AppIso\FirewallRules]

"{80062BDF-6222-43B1-82D5-603CABDF4D1A}"="v2.32|Action=Block|Active=TRUE|Dir=In|Name=Chrome Sandbox|Desc=Profile for Chrome Sandbox|LUOwn=S-1-5-21-1323333070-3634341992-397913038-1001|AppPkgId=S-1-15-2-993994543-2095643028-780254397-2751782349-1045596949-3142982554-3368930949|EmbedCtxt=Chrome Sandbox|"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\AppIso\FirewallRules]

"{F25C7CAD-A5FE-4095-B406-245636925D76}"="v2.32|Action=Block|Active=TRUE|Dir=Out|Name=Chrome Sandbox|Desc=Profile for Chrome Sandbox|LUOwn=S-1-5-21-1323333070-3634341992-397913038-1001|AppPkgId=S-1-15-2-993994543-2095643028-780254397-2751782349-1045596949-3142982554-3368930949|EmbedCtxt=Chrome Sandbox|"

[HKEY_USERS\.DEFAULT\Software\Google\Chrome]

[HKEY_USERS\S-1-5-21-1323333070-3634341992-397913038-1001\Software\Google\Chrome]

[HKEY_USERS\S-1-5-21-1323333070-3634341992-397913038-1001\Software\Google\Chrome\NativeMessagingHosts\com.utorrent.native]

""="C:\Users\Kaique-Vidal\AppData\Roaming\uTorrent\chrome_native.json"

[HKEY_USERS\S-1-5-21-1323333070-3634341992-397913038-1001\Software\McAfee\WebBoost]

"ChromeExtensionStatus"="4294967295"

[HKEY_USERS\S-1-5-21-1323333070-3634341992-397913038-1001\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\1d262262_0]

""="{2}.\\?\usb#vid_04e8&pid_a05e&mi_00#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\global/00010003|\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe%b{00000000-0000-0000-0000-000000000000}"

[HKEY_USERS\S-1-5-21-1323333070-3634341992-397913038-1001\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\3e5d2ea7_0]

""="{2}.\\?\hdaudio#func_01&ven_10ec&dev_0256&subsys_1025152b&rev_1000#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\rearlineouttopohap3/00010001|\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe%b{00000000-0000-0000-0000-000000000000}"

[HKEY_USERS\S-1-5-21-1323333070-3634341992-397913038-1001\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\5b7c0d6a_0]

""="{2}.\\?\hdaudio#func_01&ven_1002&dev_aa01&subsys_00aa0100&rev_1007#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\e0hdmiout2topo/00010001|\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe%b{00000000-0000-0000-0000-000000000000}"

[HKEY_USERS\S-1-5-21-1323333070-3634341992-397913038-1001\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\69ed8a1c_0]

""="{2}.\\?\usb#vid_0d8c&pid_013c&mi_00#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\global/00010003|\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe%b{00000000-0000-0000-0000-000000000000}"

[HKEY_USERS\S-1-5-21-1323333070-3634341992-397913038-1001\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\6b3bd89c_0]

""="{2}.\\?\bthhfenum#bthhfpaudio#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\wave/00010001|\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe%b{00000000-0000-0000-0000-000000000000}"

[HKEY_USERS\S-1-5-21-1323333070-3634341992-397913038-1001\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\88616ac1_0]

""="{2}.\\?\usb#vid_001f&pid_0b21&mi_00#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\global/00010002|\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe%b{00000000-0000-0000-0000-000000000000}"

[HKEY_USERS\S-1-5-21-1323333070-3634341992-397913038-1001\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\971d7794_0]

""="{2}.\\?\hdaudio#func_01&ven_10ec&dev_0256&subsys_1025152b&rev_1000#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\rearlineouttopohap/00010001|\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe%b{00000000-0000-0000-0000-000000000000}"

[HKEY_USERS\S-1-5-21-1323333070-3634341992-397913038-1001\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\9af3e786_0]

""="{2}.\\?\bthenum#{0000110b-0000-1000-8000-00805f9b34fb}_vid&000105d6_pid&000a#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\src/00010001|\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe%b{00000000-0000-0000-0000-000000000000}"

[HKEY_USERS\S-1-5-21-1323333070-3634341992-397913038-1001\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\cfd8c20_0]

""="{2}.\\?\usb#vid_054c&pid_09cc&mi_00#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\global/00010002|\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe%b{00000000-0000-0000-0000-000000000000}"

[HKEY_USERS\S-1-5-21-1323333070-3634341992-397913038-1001\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\dcadcbbe_0]

""="{2}.\\?\root#media#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\topology/00010004|\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe%b{00000000-0000-0000-0000-000000000000}"