Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-05-2022 Ran by Marie (administrator) on DESKTOP-KFRRP2F (ASUSTeK COMPUTER INC. UX330UAK) (26-05-2022 17:54:56) Running from C:\Users\Marie\Desktop Loaded Profiles: Marie Platform: Microsoft Windows 10 Home Version 21H2 19044.1706 (X64) Language: English (United Kingdom) Default browser: Chrome Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe ->) (Node.js Foundation -> Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe (C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe ->) (Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe (C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE ->) (Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE (C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe (C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7> (C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE (Discord Inc. -> Discord Inc.) C:\Users\Marie\AppData\Local\Discord\app-1.0.9004\Discord.exe <6> (DriverStore\FileRepository\igdlh64.inf_amd64_9f310939ec1eebf9\igfxCUIService.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_9f310939ec1eebf9\igfxEM.exe (explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe (explorer.exe ->) (F.lux Software LLC -> f.lux Software LLC) C:\Users\Marie\AppData\Local\FluxSoftware\Flux\flux.exe (explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <42> (explorer.exe ->) (Guangzhou Ugee Computers Technology Co.,Ltd -> Ugee Technology Company Ltd) C:\Program Files\Pentablet\PentabletService.exe (explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe (Intel\DPTF\esif_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (services.exe ->) (ICEpower a/s -> ICEpower A/S) C:\Windows\System32\ICEsoundService64.exe (services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (services.exe ->) (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe (services.exe ->) (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe (services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_9f310939ec1eebf9\igfxCUIService.exe (services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_9f310939ec1eebf9\IntelCpHDCPSvc.exe (services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_9f310939ec1eebf9\IntelCpHeciSvc.exe (services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\piecomponent.inf_amd64_caabc087e4b97a65\Intel_PIE_Service.exe (services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe (services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe (services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (svchost.exe ->) (ASUS) [File not signed] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (svchost.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [PentabletService] => C:\Program Files\Pentablet\PentabletService.exe [2242328 2020-07-20] (Guangzhou Ugee Computers Technology Co.,Ltd -> Ugee Technology Company Ltd) HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (Canon Inc. -> CANON INC.) HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [454248 2013-08-02] (Canon Inc. -> CANON INC.) HKLM\...\Policies\Explorer: [HideSCAHealth] 1 HKU\S-1-5-21-2964040095-1466076873-307546714-1001\...\Run: [f.lux] => C:\Users\Marie\AppData\Local\FluxSoftware\Flux\flux.exe [1515848 2021-06-18] (F.lux Software LLC -> f.lux Software LLC) HKU\S-1-5-21-2964040095-1466076873-307546714-1001\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-10-22] (Adobe Inc. -> Adobe Systems Incorporated) HKU\S-1-5-21-2964040095-1466076873-307546714-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [90951544 2020-09-08] (Skype Software Sarl -> Skype Technologies S.A.) HKU\S-1-5-21-2964040095-1466076873-307546714-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4282328 2022-05-21] (Valve Corp. -> Valve Corporation) HKU\S-1-5-21-2964040095-1466076873-307546714-1001\...\Run: [Discord] => C:\Users\Marie\AppData\Local\Discord\Update.exe [1512616 2022-02-17] (Discord Inc. -> GitHub) HKLM\...\Windows x64\Print Processors\Canon MX530 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDC3.DLL [30208 2013-09-12] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Canon BJ Language Monitor MX530 series XPS: C:\WINDOWS\system32\CNMXLMC3.DLL [394240 2013-09-12] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Canon BJNP Port: C:\WINDOWS\system32\CNMN6PPM.DLL [360448 2013-09-11] (CANON INC.) [File not signed] HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\101.0.4951.67\Installer\chrmstp.exe [2022-05-17] (Google LLC -> Google LLC) Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION ==================== Scheduled Tasks (Whitelisted) ============ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {28444F41-C1CE-4437-BA6E-9E217EC4B7BF} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [143160 2019-03-12] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.) Task: {49A5E556-56F8-4A37-A31F-907E63A41BA6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-12-26] (Google Inc -> Google Inc.) Task: {5B9228F2-A1A3-444A-9653-2FED75337954} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-12-26] (Google Inc -> Google Inc.) Task: {6D6443EF-340E-4168-AEFF-C497BDEBBF9C} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB" Task: {6DF62A57-1C82-475C-959E-3EFC46D72F51} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [61336 2022-04-29] (Microsoft Corporation -> Microsoft Corporation) Task: {766400F4-85C3-422E-ABD4-AF2D359B58B1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-05-22] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {778C5509-A13B-437E-A304-32DFFCB49E64} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122008 2015-09-22] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) Task: {7F57A0B6-F1C3-450C-88F5-F02AA2939B25} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144784 2022-05-19] (Microsoft Corporation -> Microsoft Corporation) Task: {86E6C6C7-4F28-407E-88F5-83574B89AF92} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22894016 2022-05-19] (Microsoft Corporation -> Microsoft Corporation) Task: {8C47DE1C-D445-427E-92ED-A0781B82730F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-05-22] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {8E04F12B-3FC0-46C6-8B45-84F6DFA79088} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [855352 2016-02-19] (Intel(R) Trusted Connect Service -> Intel(R) Corporation) Task: {8F5C82C0-CB28-48A6-BB1C-6D5FC224FEA5} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2019-12-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {90132FBD-DC3E-4874-AC9A-51AC73199040} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2019-12-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {97CEE327-5371-4101-A5A9-164434AE61F4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-05-22] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {9A650D74-D44B-4EC6-8F49-F3196B3C60D6} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144784 2022-05-19] (Microsoft Corporation -> Microsoft Corporation) Task: {9AFC5B5F-79BE-4008-8ACE-F9853D8395AD} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate Task: {A1853F58-F7C8-4088-9881-AE70B21C51D5} - System32\Tasks\Microsoft\VisualStudio\Updates\BackgroundDownload => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe [65432 2019-09-18] (Microsoft Corporation -> Microsoft) Task: {B926980B-5AFC-4DB7-8932-52991C158F48} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [1578784 2016-07-07] (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.) [File not signed] Task: {D00BE5AD-5D2E-463E-B360-4B6ACF58CA2D} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [55808 2016-10-12] (ASUS) [File not signed] Task: {D27FDE95-85E0-436F-9F63-A6A75516CEE8} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe repair (No File) Task: {E26F0484-114A-496E-8189-FFA96DA4727F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-05-22] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {EFE8E9D3-18A6-4008-B481-2C39D9CF5A3B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22894016 2022-05-19] (Microsoft Corporation -> Microsoft Corporation) Task: {F09AE91F-B519-4633-BD49-38B10EAFA36E} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122008 2015-09-22] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) Task: {F0D32C6A-8C92-4011-94F2-7251029765B2} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [19786024 2016-02-23] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{6c5ca7b3-1ba6-4e76-a3c8-8d1122af2f5a}: [DhcpNameServer] 10.66.96.1 Tcpip\..\Interfaces\{8ffe3e3d-7ddf-42a8-a290-c982f1ae8cd1}: [DhcpNameServer] 192.168.1.254 Edge: ======= Edge Profile: C:\Users\Marie\AppData\Local\Microsoft\Edge\User Data\Default [2022-05-25] FireFox: ======== FF DefaultProfile: iky6rfzc.default FF ProfilePath: C:\Users\Marie\AppData\Roaming\Mozilla\Firefox\Profiles\iky6rfzc.default [2022-05-25] FF ProfilePath: C:\Users\Marie\AppData\Roaming\Mozilla\Firefox\Profiles\kglk9uc8.default-release [2022-05-25] FF Extension: (ZenMate Free VPN – Best VPN) - C:\Users\Marie\AppData\Roaming\Mozilla\Firefox\Profiles\kglk9uc8.default-release\Extensions\firefox-webext@zenmate.com.xpi [2022-02-06] FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-04-06] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2019-07-02] (CANON INC.) [File not signed] FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-03-07] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-02-09] (VideoLAN -> VideoLAN) FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\bd_js_config.js [2021-01-19] <==== ATTENTION (Points to *.cfg file) FF ExtraCheck: C:\Program Files\mozilla firefox\bd_config.cfg [2021-01-19] <==== ATTENTION Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default [2022-05-26] CHR Notifications: Default -> hxxps://tinder.com; hxxps://www.facebook.com; hxxps://www.netflix.com CHR HomePage: Default -> hxxp://www.google.com/ CHR StartupUrls: Default -> "hxxp://capitadiscovery.co.uk/gsa","hxxp://www.google.co.uk/","hxxps://www.google.com/","hxxp://www.google.co.uk/|hxxp://mysearch.avg.com?cid={CAEB7B4F-C0D1-4087-A406-7A6A2F19F971}&mid=ba7031927b5947d39dc1314fa046d54b-fb3ef3b01386b7a64a45bfec614b38a473486cd1&lang=en&ds=AVG&coid=avgtbavg&pr=fr&d=2013-12-09 13:14:56&v=17.2.0.38&pid=safeguard&sg=0&sap=hp","hxxps://www.google.com/","hxxps://www.google.com/","hxxps://www.google.com/","hxxps://www.google.com/","hxxps://www.google.com/","hxxp://www.google.com/" CHR DefaultSearchURL: Default -> hxxps://duckduckgo.com/?q={searchTerms} CHR DefaultSearchKeyword: Default -> duckduckgo.com CHR DefaultNewTabURL: Default -> hxxps://duckduckgo.com/chrome_newtab CHR DefaultSuggestURL: Default -> hxxps://duckduckgo.com/ac/?q={searchTerms}&type=list CHR Session Restore: Default -> is enabled. CHR Extension: (TooManyTabs for Chrome) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\amigcgbheognjmfkaieeeadojiibgbdp [2022-05-25] CHR Extension: (DuckDuckGo) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkdgflcldnnnapblkhphbgpggdiikppg [2022-05-25] CHR Extension: (uBlock Origin) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2022-05-25] CHR Extension: (AdBlock — best ad blocker) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-05-25] CHR Extension: (VPN Free - Betternet Unlimited VPN Proxy) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjknjjomckknofjidppipffbpoekiipm [2022-05-25] CHR Extension: (Save to Google Drive) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbmikajjgmnabiglmofipeabaddhgne [2022-05-25] CHR Extension: (LastPass: Free Password Manager) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2022-05-25] CHR Extension: (Social Fixer for Facebook) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifmhoabcaeehkljcfclfiieohkohdgbb [2022-05-25] CHR Extension: (When was this website published?) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ippcpkdkcjdghdnodahajpjdolfibjon [2022-05-25] CHR Extension: (Chrome Web Store Payments) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-05-25] CHR Profile: C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Profile 1 [2022-05-25] CHR HomePage: Profile 1 -> hxxp://www.google.com/ CHR Extension: (Slides) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-07-01] CHR Extension: (TooManyTabs for Chrome) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\amigcgbheognjmfkaieeeadojiibgbdp [2018-07-01] CHR Extension: (Docs) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2018-07-01] CHR Extension: (Google Drive) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-07-01] CHR Extension: (YouTube) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-07-01] CHR Extension: (Block Site - Website Blocker for Chrome™) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eiimnmioipafcokbfikbljfdeojpcgbh [2019-10-01] CHR Extension: (Google Play Music) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2019-07-30] CHR Extension: (Sheets) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-07-01] CHR Extension: (XKit) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fpfgeeomkfdefkckijiabdbogjkdaecd [2018-07-01] CHR Extension: (Google Docs Offline) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-07-01] CHR Extension: (AdBlock) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-10-03] CHR Extension: (Betternet Unlimited Free VPN Proxy) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gjknjjomckknofjidppipffbpoekiipm [2019-07-01] CHR Extension: (LastPass: Free Password Manager) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2019-10-03] CHR Extension: (AVG Secure Search) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2018-07-01] CHR Extension: (Chrome Web Store Payments) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-03] CHR Extension: (Gmail) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-07-01] CHR Extension: (Chrome Media Router) - C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-10-01] CHR Profile: C:\Users\Marie\AppData\Local\Google\Chrome\User Data\System Profile [2022-05-25] ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11762616 2022-05-19] (Microsoft Corporation -> Microsoft Corporation) S3 DevActSvc; C:\Program Files (x86)\ASUS\ASUS Device Activation\DevActSvc.exe [326032 2018-06-05] (ASUSTeK Computer Inc. -> ) R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2016-03-02] (Intel Corporation) [File not signed] S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [8704 2016-03-02] (Intel Corporation) [File not signed] R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8524512 2022-05-25] (Malwarebytes Inc. -> Malwarebytes) S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [147392 2019-04-30] (Microsoft Corporation -> Microsoft Corporation) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2203.5-0\NisSrv.exe [3116848 2022-05-22] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2203.5-0\MsMpEng.exe [133544 2022-05-22] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 AiCharger; C:\WINDOWS\system32\DRIVERS\AiCharger.sys [22656 2016-02-23] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.) R2 ASMMAP64; C:\WINDOWS\system32\DRIVERS\ASMMAP64.sys [36696 2016-04-27] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) R3 AsusHFilter; C:\WINDOWS\System32\drivers\AsusHFilter.sys [30200 2016-12-22] (ASUSTeK Computer Inc. -> ) R3 AsusPTPDrv; C:\WINDOWS\System32\drivers\AsusPTPFilter.sys [108504 2019-04-24] (ASUSTek Computer Inc. -> ASUSTek COMPUTER INC.) R1 atc; C:\WINDOWS\System32\DRIVERS\atc.sys [2638328 2020-12-08] (Bitdefender SRL -> Bitdefender S.R.L. Bucharest, ROMANIA) R1 ATKWMIACPIIO; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [20096 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.) R2 BdDci; C:\WINDOWS\system32\DRIVERS\bddci.sys [802976 2020-12-08] (Bitdefender SRL -> Bitdefender) S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [22960 2019-03-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Bitdefender) S3 edrsensor; C:\WINDOWS\System32\DRIVERS\edrsensor.sys [309120 2020-02-03] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA) R1 Gemma; C:\WINDOWS\System32\DRIVERS\gemma.sys [481936 2020-12-08] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA) S3 HidGuardian; C:\WINDOWS\System32\drivers\HidGuardian.sys [26736 2017-04-17] (Microsoft Windows Hardware Compatibility Publisher -> Benjamin Höglinger-Stelzer) R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. -> ASUS) S3 libusbK; C:\WINDOWS\System32\drivers\libusbK.sys [47200 2019-08-27] (Travis Lee Robinson -> hxxp://libusb-win32.sourceforge.net) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2022-05-26] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-05-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239560 2022-05-25] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MpKsl687f5637; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EAD9DCFF-2C07-416B-A617-9C64C4BB123E}\MpKslDrv.sys [137464 2022-05-26] (Microsoft Windows -> Microsoft Corporation) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R2 trufos; C:\WINDOWS\System32\drivers\trufos.sys [640760 2020-10-02] (Bitdefender SRL -> Bitdefender) R1 vlflt; C:\WINDOWS\System32\DRIVERS\vlflt.sys [386800 2020-12-08] (Bitdefender SRL -> Bitdefender) R3 vmulti; C:\WINDOWS\System32\drivers\vmulti.sys [10752 2018-12-11] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49600 2022-05-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [443664 2022-05-22] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90384 2022-05-22] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) (Whitelisted) ========= (If an entry is included in the fixlist, the file/folder will be moved.) 2022-05-26 17:54 - 2022-05-26 17:54 - 000000000 ___DC C:\Users\Marie\Desktop\FRST-OlderVersion 2022-05-26 17:31 - 2022-05-26 17:31 - 000002463 ____C C:\Users\Marie\Desktop\FSS.txt 2022-05-26 17:30 - 2022-05-26 17:30 - 000909824 _____ (Farbar) C:\Users\Marie\Desktop\FSS.exe 2022-05-26 15:18 - 2022-05-26 15:18 - 000001252 ____C C:\Users\Marie\Desktop\eset.txt 2022-05-26 12:09 - 2022-05-26 12:09 - 000001274 ____C C:\Users\Marie\Desktop\ESET Online Scanner.lnk 2022-05-26 12:08 - 2022-05-26 12:08 - 015274968 _____ (ESET) C:\Users\Marie\Desktop\esetonlinescanner.exe 2022-05-26 12:08 - 2022-05-26 12:08 - 000001380 ____C C:\Users\Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk 2022-05-26 12:08 - 2022-05-26 12:08 - 000000000 ____D C:\Users\Marie\AppData\Local\ESET 2022-05-26 11:42 - 2022-05-26 11:42 - 000223176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2022-05-25 22:02 - 2022-05-25 22:02 - 000239560 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2022-05-25 22:02 - 2022-05-25 22:02 - 000002035 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2022-05-25 22:02 - 2022-05-25 22:02 - 000002023 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2022-05-25 22:02 - 2022-05-25 22:01 - 000103888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2022-05-25 22:02 - 2022-05-25 22:01 - 000021480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys 2022-05-25 22:00 - 2022-05-25 22:00 - 000000000 ____D C:\ProgramData\Malwarebytes 2022-05-25 22:00 - 2022-05-25 22:00 - 000000000 ____D C:\Program Files\Malwarebytes 2022-05-25 21:51 - 2022-05-25 21:51 - 002546400 _____ (Malwarebytes) C:\Users\Marie\Desktop\MBSetup.exe 2022-05-25 21:50 - 2022-05-26 11:16 - 000000000 ____D C:\AdwCleaner 2022-05-25 21:49 - 2022-05-25 21:49 - 008551608 _____ (Malwarebytes) C:\Users\Marie\Desktop\AdwCleaner.exe 2022-05-25 21:33 - 2022-05-25 21:36 - 000000295 ____C C:\Users\Marie\Desktop\Search.txt 2022-05-25 21:31 - 2022-05-25 21:31 - 000000008 __RSH C:\ProgramData\ntuser.pol 2022-05-25 21:26 - 2022-05-25 21:30 - 000032819 ____C C:\Users\Marie\Desktop\Fixlog.txt 2022-05-25 16:46 - 2022-05-25 16:48 - 000054013 ____C C:\Users\Marie\Desktop\Addition.txt 2022-05-25 16:44 - 2022-05-26 17:55 - 000028190 ____C C:\Users\Marie\Desktop\FRST.txt 2022-05-25 16:44 - 2022-05-26 17:54 - 002367488 _____ (Farbar) C:\Users\Marie\Desktop\FRST64.exe 2022-05-25 15:47 - 2022-05-26 11:41 - 109051904 _____ C:\WINDOWS\system32\config\SOFTWARE 2022-05-25 15:46 - 2022-05-25 15:46 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware 2022-05-25 15:00 - 2022-05-26 17:55 - 000000000 ____D C:\FRST 2022-05-23 16:24 - 2022-05-23 16:24 - 000001148 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk 2022-05-23 16:24 - 2022-05-23 16:24 - 000000000 ____D C:\Program Files\PCHealthCheck 2022-05-21 02:40 - 2022-05-23 13:38 - 000000000 ____D C:\Program Files\Mozilla Firefox 2022-05-21 01:17 - 2022-05-21 01:22 - 000000000 ___DC C:\Users\Marie\Desktop\The.Holy.Mountain.1973.720p.BluRay.X264-AMIABLE 2022-05-21 01:12 - 2022-05-21 01:19 - 000000000 ___DC C:\Users\Marie\Desktop\Evangelion.3.0+1.01.Thrice.Upon.a.Time.2021.1080p.AMZN.WEB-DL.DDP5.1.H.264-EVO[TGx] 2022-05-21 01:07 - 2022-05-21 00:14 - 000000000 ____D C:\Windows.old 2022-05-21 01:02 - 2022-05-21 01:02 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime 2022-05-21 01:01 - 2022-05-21 01:01 - 000000000 ____D C:\ProgramData\Microsoft OneDrive 2022-05-21 01:00 - 2022-05-21 01:00 - 000000020 ___SH C:\Users\Marie\ntuser.ini 2022-05-21 00:16 - 2022-05-26 11:47 - 000840598 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2022-05-21 00:14 - 2022-05-26 11:42 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2022-05-21 00:14 - 2022-05-21 16:17 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2022-05-21 00:14 - 2022-05-21 00:14 - 000007623 _____ C:\WINDOWS\diagwrn.xml 2022-05-21 00:14 - 2022-05-21 00:14 - 000007623 _____ C:\WINDOWS\diagerr.xml 2022-05-21 00:14 - 2022-05-21 00:14 - 000003464 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2022-05-21 00:14 - 2022-05-21 00:14 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2022-05-21 00:14 - 2022-05-21 00:14 - 000003240 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2022-05-21 00:14 - 2022-05-21 00:14 - 000003124 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2022-05-21 00:14 - 2022-05-21 00:14 - 000003118 _____ C:\WINDOWS\system32\Tasks\Intel PTT EK Recertification 2022-05-21 00:14 - 2022-05-21 00:14 - 000003062 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2964040095-1466076873-307546714-1001 2022-05-21 00:14 - 2022-05-21 00:14 - 000002974 _____ C:\WINDOWS\system32\Tasks\Update Checker 2022-05-21 00:14 - 2022-05-21 00:14 - 000002924 _____ C:\WINDOWS\system32\Tasks\ATK Package 36D18D69AFC3 2022-05-21 00:14 - 2022-05-21 00:14 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2964040095-1466076873-307546714-1001 2022-05-21 00:14 - 2022-05-21 00:14 - 000002664 _____ C:\WINDOWS\system32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 2022-05-21 00:14 - 2022-05-21 00:14 - 000002346 _____ C:\WINDOWS\system32\Tasks\RtHDVBg_ListenToDevice 2022-05-21 00:14 - 2022-05-21 00:14 - 000002340 _____ C:\WINDOWS\system32\Tasks\ASUS USB Charger Plus 2022-05-21 00:14 - 2022-05-21 00:14 - 000002302 _____ C:\WINDOWS\system32\Tasks\RTKCPL 2022-05-21 00:14 - 2022-05-21 00:14 - 000002214 _____ C:\WINDOWS\system32\Tasks\ATK Package A22126881260 2022-05-21 00:14 - 2022-05-21 00:14 - 000001984 _____ C:\WINDOWS\system32\Tasks\ASUS Splendid ACMON 2022-05-21 00:14 - 2022-05-21 00:14 - 000000000 ____D C:\WINDOWS\system32\Tasks\OfficeSoftwareProtectionPlatform 2022-05-21 00:14 - 2022-05-21 00:14 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfee 2022-05-21 00:14 - 2022-05-21 00:14 - 000000000 ____D C:\WINDOWS\system32\Tasks\ASUS 2022-05-21 00:08 - 2022-05-26 17:27 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2022-05-21 00:08 - 2022-05-21 00:08 - 000443272 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2022-05-20 23:44 - 2022-05-21 01:07 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate 2022-05-20 23:43 - 2022-05-21 01:00 - 000000000 ____D C:\Users\Marie 2022-05-20 23:43 - 2019-12-07 10:10 - 000001105 _____ C:\Users\Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2022-05-20 23:42 - 2022-05-20 23:44 - 000000000 ____D C:\WINDOWS\ServiceProfiles 2022-05-20 23:39 - 2022-05-20 23:39 - 000000000 ____D C:\WINDOWS\SystemTemp 2022-05-20 23:36 - 2022-05-20 23:36 - 001328408 _____ C:\WINDOWS\system32\FaceTrackerInternal.dll 2022-05-20 23:36 - 2022-05-20 23:36 - 001321984 _____ C:\WINDOWS\system32\FaceProcessor.dll 2022-05-20 23:36 - 2022-05-20 23:36 - 000523776 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe 2022-05-20 23:36 - 2022-05-20 23:36 - 000503576 _____ C:\WINDOWS\system32\FaceProcessorCore.dll 2022-05-20 23:36 - 2022-05-20 23:36 - 000464384 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe 2022-05-20 23:36 - 2022-05-20 23:36 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2022-05-20 23:36 - 2022-05-20 23:36 - 000011799 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2022-05-20 23:35 - 2022-05-20 23:35 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll 2022-05-20 23:35 - 2022-05-20 23:35 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll 2022-05-20 23:35 - 2022-05-20 23:35 - 000272896 _____ C:\WINDOWS\system32\TpmTool.exe 2022-05-20 23:35 - 2022-05-20 23:35 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe 2022-05-20 23:35 - 2022-05-20 23:35 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe 2022-05-20 23:35 - 2022-05-20 23:35 - 000093696 _____ C:\WINDOWS\system32\Drivers\cimfs.sys 2022-05-20 23:35 - 2022-05-20 23:35 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe 2022-05-20 23:35 - 2022-05-20 23:35 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2022-05-20 23:34 - 2022-05-20 23:34 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll 2022-05-20 23:26 - 2019-10-15 13:53 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml 2022-05-20 23:26 - 2019-04-18 18:49 - 000076060 _____ C:\WINDOWS\SysWOW64\xpsrchvw.xml 2022-05-20 23:22 - 2022-05-21 01:07 - 000000000 ____D C:\Program Files (x86)\MSBuild 2022-05-20 23:22 - 2022-05-20 23:22 - 000000000 ____D C:\Program Files\Reference Assemblies 2022-05-20 23:22 - 2022-05-20 23:22 - 000000000 ____D C:\Program Files\MSBuild 2022-05-20 23:22 - 2022-05-20 23:22 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies 2022-05-20 23:17 - 2022-05-20 23:17 - 000008192 _____ C:\WINDOWS\system32\config\userdiff 2022-05-20 21:12 - 2022-05-21 01:00 - 000000000 ___DC C:\WINDOWS\Panther 2022-05-20 20:34 - 2022-05-20 21:12 - 000000000 ____D C:\ESD 2022-05-20 20:32 - 2022-05-20 20:32 - 000000000 ___HD C:\$Windows.~WS 2022-05-20 20:07 - 2022-05-20 20:07 - 000000000 ___HD C:\$SysReset 2022-05-20 16:57 - 2022-05-20 16:57 - 000000000 ____D C:\Users\Marie\AppData\Roaming\OHRRPGCE 2022-05-19 21:36 - 2022-05-19 21:36 - 000000000 ____D C:\Users\Marie\AppData\Roaming\KADOKAWA 2022-05-17 13:35 - 2022-05-17 13:36 - 000000000 ___DC C:\Users\Marie\Desktop\Paperwork 2022-05-10 13:17 - 2022-05-26 17:45 - 000000000 ____D C:\Users\Marie\AppData\Roaming\discord 2022-05-10 13:17 - 2022-05-26 17:43 - 000000000 ____D C:\Users\Marie\AppData\Local\Discord 2022-05-10 13:17 - 2022-05-21 01:07 - 000000000 ___DC C:\Users\Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc 2022-04-30 22:21 - 2022-04-30 22:21 - 000000000 ___DC C:\Users\Marie\Desktop\Tenshi.no.Tamago.(Angels.Egg).by.Mamoru.Oshii.en.subs ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2022-05-26 17:46 - 2020-10-31 23:11 - 000000000 ____D C:\Program Files (x86)\Steam 2022-05-26 17:42 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-05-26 17:07 - 2017-12-26 18:27 - 000000000 ____D C:\Program Files (x86)\Google 2022-05-26 16:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2022-05-26 15:40 - 2020-02-26 18:16 - 000000000 ___DC C:\Users\Marie\AppData\LocalLow\Mozilla 2022-05-26 12:34 - 2018-02-24 17:11 - 000000000 ____D C:\Program Files (x86)\AddSoft 2022-05-26 11:47 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF 2022-05-26 11:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState 2022-05-26 11:42 - 2017-12-26 12:21 - 000000000 __SHD C:\Users\Marie\IntelGraphicsProfiles 2022-05-26 11:41 - 2021-09-13 21:46 - 000000000 ____D C:\Users\Marie\Downloads\UminekoWhenTheyCry 2022-05-26 11:41 - 2021-04-24 17:40 - 000000000 ____D C:\Users\Marie\Downloads\Clip_Studio_Paint_EX_1.8.2.fix 2022-05-26 11:41 - 2020-11-27 17:10 - 000000000 ___DC C:\Users\Marie\Desktop\Tools 2022-05-26 11:41 - 2020-10-09 16:11 - 000008192 ___SH C:\DumpStack.log.tmp 2022-05-26 11:41 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2022-05-26 11:14 - 2017-07-13 09:32 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2022-05-26 01:02 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2022-05-25 22:02 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2022-05-25 21:29 - 2018-01-06 17:28 - 000000000 ___DC C:\Users\Marie\AppData\LocalLow\Temp 2022-05-25 21:27 - 2016-07-16 12:47 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy 2022-05-25 17:58 - 2020-11-27 17:09 - 000000000 ___DC C:\Users\Marie\Desktop\Media 2022-05-25 14:36 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2022-05-23 16:28 - 2020-08-22 05:57 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2022-05-23 16:27 - 2017-12-26 15:03 - 000000000 ____D C:\WINDOWS\system32\MRT 2022-05-23 16:24 - 2017-12-26 15:03 - 145501456 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2022-05-23 13:38 - 2020-02-26 18:16 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2022-05-23 01:49 - 2018-06-17 12:28 - 000000000 ____D C:\ProgramData\Packages 2022-05-23 01:44 - 2017-12-28 16:19 - 000000000 ___DC C:\Users\Marie\AppData\Local\Packages 2022-05-22 15:43 - 2021-01-07 19:35 - 000000000 ___DC C:\Users\Marie\Desktop\Projects 2022-05-22 15:37 - 2018-05-15 18:45 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2022-05-21 16:18 - 2018-05-26 14:49 - 000803176 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2022-05-21 16:17 - 2020-02-26 18:16 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2022-05-21 16:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\appcompat 2022-05-21 01:27 - 2020-07-31 18:45 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-05-21 01:16 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog 2022-05-21 01:07 - 2022-01-08 02:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ultimate Doom Builder 2022-05-21 01:07 - 2021-07-30 03:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoulseekQt 2022-05-21 01:07 - 2021-03-21 16:15 - 000000000 ___DC C:\Users\Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blender 2022-05-21 01:07 - 2021-01-06 04:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RPG Maker VX Ace 2022-05-21 01:07 - 2020-12-05 17:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pentablet 2022-05-21 01:07 - 2020-12-02 23:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thief GOLD [GOG.com] 2022-05-21 01:07 - 2020-11-28 17:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CLIP STUDIO 2022-05-21 01:07 - 2020-10-31 23:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2022-05-21 01:07 - 2020-09-17 17:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MX530 series User Registration 2022-05-21 01:07 - 2020-09-17 17:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MX530 series Manual 2022-05-21 01:07 - 2020-09-12 03:02 - 000000000 ___DC C:\Users\Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom 2022-05-21 01:07 - 2020-09-01 17:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management 2022-05-21 01:07 - 2020-08-13 16:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2022-05-21 01:07 - 2020-07-03 01:18 - 000000000 ___DC C:\Users\Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Yume Nikki 0.10 English 2022-05-21 01:07 - 2020-03-07 22:54 - 000000000 ____D C:\WINDOWS\system32\STRING 2022-05-21 01:07 - 2019-12-07 10:14 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template 2022-05-21 01:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase 2022-05-21 01:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated 2022-05-21 01:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\spool 2022-05-21 01:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF 2022-05-21 01:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Registration 2022-05-21 01:07 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2022-05-21 01:07 - 2019-09-17 00:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\S.T.A.L.K.E.R. Shadow of Chernobyl [GOG.com] 2022-05-21 01:07 - 2019-09-09 22:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pathologic Classic HD [GOG.com] 2022-05-21 01:07 - 2019-08-26 20:17 - 000000000 ___DC C:\Users\Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Shock 2 2022-05-21 01:07 - 2019-08-14 18:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Shock 2 [GOG.com] 2022-05-21 01:07 - 2019-08-10 19:39 - 000000000 ____D C:\WINDOWS\SysWOW64\3082 2022-05-21 01:07 - 2019-08-10 19:39 - 000000000 ____D C:\WINDOWS\SysWOW64\1055 2022-05-21 01:07 - 2019-08-10 19:39 - 000000000 ____D C:\WINDOWS\SysWOW64\1049 2022-05-21 01:07 - 2019-08-10 19:39 - 000000000 ____D C:\WINDOWS\SysWOW64\1046 2022-05-21 01:07 - 2019-08-10 19:39 - 000000000 ____D C:\WINDOWS\SysWOW64\1045 2022-05-21 01:07 - 2019-08-10 19:39 - 000000000 ____D C:\WINDOWS\SysWOW64\1040 2022-05-21 01:07 - 2019-08-10 19:39 - 000000000 ____D C:\WINDOWS\SysWOW64\1036 2022-05-21 01:07 - 2019-08-10 19:39 - 000000000 ____D C:\WINDOWS\SysWOW64\1033 2022-05-21 01:07 - 2019-08-10 19:39 - 000000000 ____D C:\WINDOWS\SysWOW64\1029 2022-05-21 01:07 - 2019-08-10 19:39 - 000000000 ____D C:\WINDOWS\system32\3082 2022-05-21 01:07 - 2019-08-10 19:39 - 000000000 ____D C:\WINDOWS\system32\1055 2022-05-21 01:07 - 2019-08-10 19:39 - 000000000 ____D C:\WINDOWS\system32\1049 2022-05-21 01:07 - 2019-08-10 19:39 - 000000000 ____D C:\WINDOWS\system32\1046 2022-05-21 01:07 - 2019-08-10 19:39 - 000000000 ____D C:\WINDOWS\system32\1045 2022-05-21 01:07 - 2019-08-10 19:39 - 000000000 ____D C:\WINDOWS\system32\1040 2022-05-21 01:07 - 2019-08-10 19:39 - 000000000 ____D C:\WINDOWS\system32\1036 2022-05-21 01:07 - 2019-08-10 19:39 - 000000000 ____D C:\WINDOWS\system32\1033 2022-05-21 01:07 - 2019-08-10 19:39 - 000000000 ____D C:\WINDOWS\system32\1029 2022-05-21 01:07 - 2019-07-31 02:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thief 2 - The Metal Age [GOG.com] 2022-05-21 01:07 - 2019-07-31 01:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deus Ex GOTY [GOG.com] 2022-05-21 01:07 - 2019-04-21 19:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech 2022-05-21 01:07 - 2019-04-15 01:45 - 000000000 ___DC C:\Users\Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp 2022-05-21 01:07 - 2018-12-02 14:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip 2022-05-21 01:07 - 2018-10-03 21:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools 2022-05-21 01:07 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\MsDtc 2022-05-21 01:07 - 2018-02-24 22:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2022-05-21 01:07 - 2018-01-02 19:50 - 000000000 ___DC C:\Users\Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2022-05-21 01:07 - 2017-12-26 21:49 - 000000000 ___DC C:\Users\Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps 2022-05-21 01:07 - 2017-12-26 15:00 - 000000000 ____D C:\Program Files\UNP 2022-05-21 01:07 - 2017-07-13 09:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools 2022-05-21 01:07 - 2017-07-13 09:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS 2022-05-21 01:07 - 2017-07-13 09:38 - 000000000 ___HD C:\WINDOWS\system32\WLANProfiles 2022-05-21 01:07 - 2017-07-13 09:27 - 000000000 ____D C:\Program Files (x86)\Intel 2022-05-21 01:07 - 2017-07-13 09:26 - 000000000 ____D C:\Program Files\Intel 2022-05-21 01:00 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2022-05-21 01:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2022-05-21 01:00 - 2017-12-28 16:24 - 000000000 ___RD C:\Users\Marie\3D Objects 2022-05-21 01:00 - 2017-07-13 09:23 - 000000000 __RHD C:\Users\Public\AccountPictures 2022-05-21 00:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2022-05-21 00:14 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender 2022-05-21 00:14 - 2019-12-07 10:03 - 000065536 _____ C:\WINDOWS\system32\config\ELAM 2022-05-21 00:12 - 2017-12-26 18:28 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2022-05-21 00:11 - 2019-12-07 10:14 - 000000000 __RSD C:\WINDOWS\Media 2022-05-21 00:09 - 2018-06-17 18:55 - 000000000 ____D C:\WINDOWS\system32\DAX3 2022-05-21 00:09 - 2017-07-13 09:33 - 000000000 ____D C:\WINDOWS\system32\DAX2 2022-05-21 00:09 - 2017-07-13 09:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek 2022-05-21 00:08 - 2017-07-13 09:33 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM 2022-05-21 00:06 - 2019-12-07 10:18 - 000000000 ____D C:\WINDOWS\Setup 2022-05-21 00:04 - 2019-12-07 10:14 - 000000000 __RHD C:\Users\Public\Libraries 2022-05-21 00:04 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\USOPrivate 2022-05-20 23:45 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2022-05-20 23:44 - 2020-03-07 22:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities 2022-05-20 23:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Macromed 2022-05-20 23:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Resources 2022-05-20 23:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Help 2022-05-20 23:44 - 2019-08-10 19:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2019 2022-05-20 23:44 - 2019-06-14 20:08 - 000000000 ____D C:\WINDOWS\Firmware 2022-05-20 23:44 - 2018-03-19 11:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com 2022-05-20 23:44 - 2017-07-13 09:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICEpower 2022-05-20 23:44 - 2017-07-13 09:34 - 000000000 ____D C:\WINDOWS\system32\Intel 2022-05-20 23:44 - 2017-07-13 09:33 - 000000000 ____D C:\Program Files\Realtek 2022-05-20 23:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2022-05-20 23:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV 2022-05-20 23:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT 2022-05-20 23:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE 2022-05-20 23:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX 2022-05-20 23:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2022-05-20 23:39 - 2019-12-07 15:44 - 000000000 ____D C:\WINDOWS\en-GB 2022-05-20 23:39 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP 2022-05-20 23:39 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2022-05-20 23:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources 2022-05-20 23:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup 2022-05-20 23:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz 2022-05-20 23:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV 2022-05-20 23:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT 2022-05-20 23:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE 2022-05-20 23:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX 2022-05-20 23:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2022-05-20 23:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser 2022-05-20 23:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences 2022-05-20 23:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning 2022-05-20 23:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2022-05-20 23:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2022-05-20 23:39 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System 2022-05-20 23:39 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing 2022-05-20 23:22 - 2019-12-07 10:10 - 000383488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll 2022-05-20 23:22 - 2019-12-07 10:10 - 000215552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll 2022-05-20 23:22 - 2019-12-07 10:10 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll 2022-05-20 23:22 - 2019-12-07 10:10 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll 2022-05-20 23:22 - 2019-12-07 10:10 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll 2022-05-20 23:22 - 2019-12-07 10:10 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe 2022-05-20 23:22 - 2019-12-07 10:10 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe 2022-05-20 23:22 - 2019-12-07 10:10 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll 2022-05-20 23:22 - 2019-12-07 10:10 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll 2022-05-20 23:22 - 2019-12-07 10:10 - 000005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll 2022-05-20 23:22 - 2019-12-07 10:10 - 000005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll 2022-05-20 23:22 - 2019-12-07 10:09 - 000494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll 2022-05-20 23:22 - 2019-12-07 10:09 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\telnet.exe 2022-05-20 23:22 - 2019-12-07 10:09 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll 2022-05-20 23:22 - 2019-12-07 10:09 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe 2022-05-20 23:22 - 2019-12-07 10:09 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll 2022-05-20 23:22 - 2019-12-07 10:09 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll 2022-05-20 23:22 - 2019-12-07 10:09 - 000006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll 2022-05-20 23:22 - 2019-12-07 10:09 - 000006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll 2022-05-20 16:12 - 2022-01-08 02:18 - 000000000 ____D C:\Users\Marie\AppData\Local\Doom Builder 2022-05-20 14:47 - 2021-03-21 21:18 - 000000168 _____ C:\WINDOWS\system32\perfdish001.dat 2022-05-20 14:41 - 2022-01-08 02:17 - 000000000 ____D C:\Program Files (x86)\Ultimate Doom Builder 2022-05-19 22:45 - 2017-07-13 09:52 - 000000000 ____D C:\Program Files\Microsoft Office 2022-05-15 20:33 - 2020-10-09 16:13 - 000002381 ____C C:\Users\Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive (2).lnk 2022-05-11 01:17 - 2018-02-24 22:20 - 000000000 ___DC C:\Users\Marie\AppData\Roaming\vlc 2022-05-10 13:17 - 2018-02-01 18:37 - 000000000 ___DC C:\Users\Marie\AppData\Local\SquirrelTemp 2022-05-06 21:34 - 2022-01-18 18:46 - 000063488 _____ C:\Users\Marie\xobglu16.dll 2022-05-06 21:34 - 2022-01-18 18:46 - 000023552 _____ C:\Users\Marie\xobglu32.dll 2022-05-01 01:01 - 2019-08-10 19:39 - 000000000 ____D C:\Users\Marie\AppData\Local\.IdentityService ==================== Files in the root of some directories ======== 2019-08-21 01:31 - 2019-08-21 01:31 - 003266488 _____ (Microsoft Corporation) C:\Users\Marie\haloce-patch-1.0.10.exe 2019-08-21 01:38 - 2019-08-21 01:38 - 003180472 _____ (Microsoft Corporation) C:\Users\Marie\halopc-patch-1.0.10.exe 2022-01-18 18:46 - 2022-05-06 21:34 - 000063488 _____ () C:\Users\Marie\xobglu16.dll 2022-01-18 18:46 - 2022-05-06 21:34 - 000023552 _____ () C:\Users\Marie\xobglu32.dll 2017-12-26 12:24 - 2019-08-09 14:27 - 000000200 ____C () C:\Users\Marie\AppData\Roaming\sp_data.sys 2021-06-22 22:08 - 2022-01-15 01:35 - 000001536 _____ () C:\Users\Marie\AppData\Local\GfxMetrics.cfg ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ========================