Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

I got a Trojan Dropper [Closed]

Started by Eldon123 , Jun 19 2019 06:21 PM

This topic is locked

#1
Eldon123

Posted 19 June 2019 - 06:21 PM

Member

Member
31 posts

I decided to run a scan on malwarebytes today and it detected something called a Trojan Dropper I removed it with malwarebytes but I'm not sure if it put anything else on my pc. If you could please help me check my pc and make sure that nothing else is lingering on it that could potentially cause problems for me later on that would be great!

#2
iMacg3

Posted 19 June 2019 - 07:51 PM

GeekU PowerPC G3

GeekU Moderator
1,921 posts

Hi Eldon123, welcome to the Geeks to Go malware removal forum.

I am iMacg3 and will be helping you with your computer problems.

Please keep the following information in mind before we begin:

Back up any important data before we continue.
- Back up any important data on your computer to external media. I will not knowingly suggest any steps that will damage your computer; however, malware infections are often unpredictable and it may be necessary to reformat and reinstall your operating system depending on the infection.
Do not run any fixes or tools on your system unless I request that you do so.
- Running additional tools on your system can interfere with the clean-up process, or cause issues such as false positives.
Please read all instructions carefully, and complete them in the order listed.
- Items that are especially important will be highlighted in bold or red.
If your computer seems to start working normally, please don't abandon the topic.
- Even if your system is behaving normally, there may still be some malware remnants left over. Additionally, malware can re-infect the computer if some remnants are left. Therefore, please complete all requested steps to make sure any malware is successfully eradicated from your PC.
If you have pirated or illegal software on your computer, uninstall it now before proceeding.
- Using pirated/cracked software is an easy way to infect your computer - almost as easy as intentionally downloading malware. Therefore, please remove any, if present, before we begin the clean-up.
If you don't respond to your topic in 4 days, it will be closed.
- If your topic is closed and you still need assistance, send me or any Moderator a Private Message with a link to your topic.
If you have questions at any time during the cleanup, feel free to ask.

---------------------------------------------------

Open Malwarebytes. From the Dashboard, select Reports, then check the box next to the newest report and select View Reports.
When the report opens, click Export > Text file. Save the file to your desktop as mbam.txt
Open mbam.txt on your desktop and copy/paste its contents into your reply.

---------------------------------------------------
Farbar Recovery Scan Tool (FRST)

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system, download both of them and try to run them. Only one of them will run on your system, and that will be the right version.

Double-click FRST.exe/FRST64.exe to run it. When the tool opens click Yes to the disclaimer.
Make sure that under Optional Scans, the Addition.txt box is checked.
Press the Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The tool will also produce another log (Addition.txt). Please attach this to your reply.

#3
Eldon123

Posted 19 June 2019 - 08:43 PM

Member

Topic Starter
Member
31 posts

Malwarebytes

www.malwarebytes.com

-Log Details-

Scan Date: 6/19/19

Scan Time: 3:20 PM

Log File: 1aedc43c-92d8-11e9-b9c5-7c67a20c4fd5.json

-Software Information-

Version: 3.7.1.2839

Components Version: 1.0.586

Update Package Version: 1.0.11144

License: Free

-System Information-

OS: Windows 10 (Build 17134.829)

CPU: x64

File System: NTFS

User: DESKTOP-LBHF8BQ\Dohnovan

-Scan Summary-

Scan Type: Threat Scan

Scan Initiated By: Manual

Result: Completed

Objects Scanned: 277303

Threats Detected: 1

Threats Quarantined: 1

Time Elapsed: 7 min, 30 sec

-Scan Options-

Memory: Enabled

Startup: Enabled

Filesystem: Enabled

Archives: Enabled

Rootkits: Disabled

Heuristics: Enabled

PUP: Detect

PUM: Detect

-Scan Details-

Process: 0

(No malicious items detected)

Module: 0

(No malicious items detected)

Registry Key: 0

(No malicious items detected)

Registry Value: 0

(No malicious items detected)

Registry Data: 0

(No malicious items detected)

Data Stream: 0

(No malicious items detected)

Folder: 0

(No malicious items detected)

File: 1

Trojan.Dropper.SFX, C:\USERS\DOHNOVAN\DOWNLOADS\WINRAR-X64-550.EXE, Quarantined, [6099], [698392],1.0.11144

Physical Sector: 0

(No malicious items detected)

WMI: 0

(No malicious items detected)

(end)

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19-06-2019

Ran by Dohnovan (administrator) on DESKTOP-LBHF8BQ (Micro-Star International Co., Ltd MS-7A38) (19-06-2019 20:31:01)

Running from C:\Users\Dohnovan\Downloads

Loaded Profiles: Dohnovan (Available Profiles: Dohnovan)

Platform: Windows 10 Home Version 1803 17134.829 (X64) Language: English (United States)

Default browser: Edge

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.46.60.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe

() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19041.16510.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe

() [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1904.42.0_x64__8wekyb3d8bbwe\Calculator.exe

() [File not signed] C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_1.16.1012.0_x64__8wekyb3d8bbwe\GameBar.exe

() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe

(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amddvr.exe

(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe

(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe

(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe

(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0322990.inf_amd64_06c9aec2ef966091\atiesrxx.exe

(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe

(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\bdagent.exe

(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\bdredline.exe

(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe

(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\vsserv.exe

(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe

(Discord Inc. -> Discord Inc.) C:\Users\Dohnovan\AppData\Local\Discord\app-0.0.305\Discord.exe

(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe

(Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

(Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe

(Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe

(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe

(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe

(Microsoft Corporation -> Microsoft Corporation) C:\Users\Dohnovan\AppData\Local\Microsoft\OneDrive\OneDrive.exe

(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe

(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.46.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe

(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe

(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe

(Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe

(Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe

(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe

(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe

(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe

(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe

(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe

(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe

(Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe

(SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe

(SurfRight B.V. -> SurfRight B.V.) C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe

(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe

(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe

(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Windows -> Microsoft Corporation)

HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)

HKLM-x32\...\Run: [Discord] => C:\ProgramData\SquirrelMachineInstalls\Discord.exe [60074328 2018-06-22] (Discord Inc. -> Discord Inc.)

HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Windows -> Microsoft Corporation)

HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Windows -> Microsoft Corporation)

HKU\S-1-5-21-2108490749-413910539-1021375685-1003\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3148576 2019-06-17] (Valve -> Valve Corporation)

HKU\S-1-5-21-2108490749-413910539-1021375685-1003\...\Run: [Discord] => C:\Users\Dohnovan\AppData\Local\Discord\app-0.0.305\Discord.exe [81780056 2019-03-07] (Discord Inc. -> Discord Inc.)

HKU\S-1-5-21-2108490749-413910539-1021375685-1003\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [911752 2019-06-19] (Nota Inc. -> Nota Inc.)

HKU\S-1-5-21-2108490749-413910539-1021375685-1003\...\Run: [BitTorrent] => C:\Users\Dohnovan\AppData\Roaming\BitTorrent\BitTorrent.exe [1989824 2018-10-30] (BitTorrent Inc -> BitTorrent Inc.)

HKU\S-1-5-21-2108490749-413910539-1021375685-1003\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3482864 2019-06-03] (Razer USA Ltd. -> Razer Inc.)

HKU\S-1-5-21-2108490749-413910539-1021375685-1003\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22588760 2019-05-09] (Piriform Software Ltd -> Piriform Software Ltd)

HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3482864 2019-06-03] (Razer USA Ltd. -> Razer Inc.)

HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.169\Installer\chrmstp.exe [2019-05-22] (Google LLC -> Google Inc.)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2017-12-09]

ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS -> SteelSeries ApS)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0928E190-F287-4F5C-B4C2-C91EBEF0A617} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [6785448 2019-06-19] (Nota Inc. -> Nota Inc.)

Task: {0B749559-7623-4606-A7A8-CF69B7571B3F} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [462288 2018-11-15] (Bitdefender SRL -> Bitdefender)

Task: {2DB6A846-C084-4720-8225-CFEBE228F0EC} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2208896 2019-06-15] (Microsoft Corporation -> Microsoft Corporation)

Task: {3584292A-FACC-4A29-B2C5-58AF2D11B38C} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26167288 2019-06-07] (Microsoft Corporation -> Microsoft Corporation)

Task: {3DAF5E5A-9F1A-42AC-957C-C1DA521DCF24} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [49544 2018-01-12] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

Task: {3EAC682A-B39A-4C2D-972C-BC1CE5E263F9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16571320 2019-05-09] (Piriform Software Ltd -> Piriform Software Ltd)

Task: {568E4EEF-5E99-4C66-B8E9-DA74BFF2DCA1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-14] (Google Inc -> Google Inc.)

Task: {5E426AEE-B299-453C-9604-22F9438F870C} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2208896 2019-06-15] (Microsoft Corporation -> Microsoft Corporation)

Task: {6BEB3D48-367A-4CA9-9A3B-0B6A52AD1D37} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [149528 2019-06-15] (Microsoft Corporation -> Microsoft Corporation)

Task: {7D175ED4-61FE-450C-9073-38242E442B00} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [6785448 2019-06-19] (Nota Inc. -> Nota Inc.)

Task: {7D484749-46DF-40A9-AF50-007BE595726C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-14] (Google Inc -> Google Inc.)

Task: {9157B7DD-4D37-4D47-8035-C35001789655} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\dvrcmd.exe [69512 2018-01-12] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

Task: {B533BBCE-B862-4117-9D7A-B16434B52777} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26167288 2019-06-07] (Microsoft Corporation -> Microsoft Corporation)

Task: {D92CE4D5-8B16-463B-AECA-C37457464FEB} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [149528 2019-06-15] (Microsoft Corporation -> Microsoft Corporation)

Task: {F61CA315-F858-40A7-9969-3068F2714868} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-05-09] (Piriform Software Ltd -> Piriform Software Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

Tcpip\..\Interfaces\{1a8f5a04-83c8-490b-b4bc-64e8c2c6fd6d}: [DhcpNameServer] 192.168.42.129

Tcpip\..\Interfaces\{1cd6b0cf-5059-4ef2-9609-a8d02c0c81b4}: [DhcpNameServer] 192.168.0.1 205.171.2.25

Tcpip\..\Interfaces\{3c01823b-a919-4197-a2ce-b7ef6cd5d03a}: [DhcpNameServer] 192.168.43.1

Tcpip\..\Interfaces\{57a5de9c-d2e2-48be-96b9-44b1389dcc84}: [DhcpNameServer] 192.168.1.1

Tcpip\..\Interfaces\{8f09853e-c450-47d3-b7bc-5aedbe848278}: [DhcpNameServer] 192.168.43.1

Tcpip\..\Interfaces\{dad6bf82-733a-495c-84a7-154afa6ad446}: [DhcpNameServer] 192.168.42.129

Tcpip\..\Interfaces\{e0510115-42dc-46d8-842a-cc54eeda8aa9}: [DhcpNameServer] 10.0.1.1

Internet Explorer:

==================

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION

HKU\S-1-5-21-2108490749-413910539-1021375685-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://oem17win10.msn.com/?pc=NMTE

HKU\S-1-5-21-2108490749-413910539-1021375685-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://oem17win10.msn.com/?pc=NMTE

BHO: Webroot Vault -> {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} -> C:\ProgramData\WRData\pkg\LPBar64.dll => No File

BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2019-04-03] (Microsoft Corporation -> Microsoft Corporation)

BHO-x32: Webroot Vault -> {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} -> C:\ProgramData\WRData\pkg\LPBar.dll => No File

Toolbar: HKLM - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar64.dll No File

Toolbar: HKLM-x32 - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar.dll No File

Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-02] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-06-15] (Microsoft Corporation -> Microsoft Corporation)

Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-02] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-06-15] (Microsoft Corporation -> Microsoft Corporation)

Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-02] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-06-15] (Microsoft Corporation -> Microsoft Corporation)

Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-02] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-06-15] (Microsoft Corporation -> Microsoft Corporation)

Edge:

======

Edge Extension: (Adblock Plus) -> 10_EyeoGmbHAdblockPlus_d55gg7py3s0m0 => C:\Program Files\WindowsApps\EyeoGmbH.AdblockPlus_0.9.15.0_neutral__d55gg7py3s0m0 [2019-04-30]

Edge Extension: (AdGuard AdBlocker) -> EdgeExtension_AdguardAdguardAdBlocker_m055xr0c82818 => C:\Program Files\WindowsApps\Adguard.AdguardAdBlocker_3.1.3.0_neutral__m055xr0c82818 [2019-06-04]

FireFox:

========

FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-06-02] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2019-04-03] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)

Chrome:

=======

CHR HomePage: Default -> hxxps://www.google.com/

CHR Profile: C:\Users\Dohnovan\AppData\Local\Google\Chrome\User Data\Default [2019-06-19]

CHR Extension: (Slides) - C:\Users\Dohnovan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-01-14]

CHR Extension: (Docs) - C:\Users\Dohnovan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-14]

CHR Extension: (Google Drive) - C:\Users\Dohnovan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-25]

CHR Extension: (YouTube) - C:\Users\Dohnovan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-01-14]

CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Dohnovan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-04-19]

CHR Extension: (Sheets) - C:\Users\Dohnovan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-01-14]

CHR Extension: (Google Docs Offline) - C:\Users\Dohnovan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-27]

CHR Extension: (Chrome Web Store Payments) - C:\Users\Dohnovan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-11]

CHR Extension: (Gmail) - C:\Users\Dohnovan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-25]

CHR Extension: (Chrome Media Router) - C:\Users\Dohnovan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-05-26]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD External Events Utility; C:\WINDOWS\System32\DriverStore\FileRepository\c0322990.inf_amd64_06c9aec2ef966091\atiesrxx.exe [481768 2018-01-18] (Advanced Micro Devices, Inc. -> AMD)

R2 bdredline; C:\Program Files\Bitdefender Antivirus Free\bdredline.exe [2500144 2019-05-28] (Bitdefender SRL -> Bitdefender)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8403672 2019-04-17] (BattlEye Innovations e.K. -> )

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11146224 2019-06-06] (Microsoft Corporation -> Microsoft Corporation)

S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [802432 2019-06-12] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)

R2 hmpalertsvc; C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe [4544456 2019-06-19] (SurfRight B.V. -> SurfRight B.V.)

R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [184064 2017-01-13] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)

R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)

S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2016-12-27] (Intel Corporation-Wireless Connectivity Solutions -> )

R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1293936 2018-11-15] (Bitdefender SRL -> Bitdefender)

R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [449664 2018-08-28] (Razer USA Ltd. -> Razer Inc.)

R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [942720 2018-09-12] (Razer USA Ltd. -> Razer Inc.)

R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [253776 2019-02-21] (Razer USA Ltd. -> Razer Inc)

R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [287472 2019-06-02] (Razer USA Ltd. -> Razer Inc.)

R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [532864 2019-05-31] (Razer USA Ltd. -> Razer Inc.)

R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11293936 2018-04-03] (TeamViewer GmbH -> TeamViewer GmbH)

R2 updatesrv; C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe [238376 2019-05-28] (Bitdefender SRL -> Bitdefender)

R2 vsserv; C:\Program Files\Bitdefender Antivirus Free\vsserv.exe [238376 2019-05-28] (Bitdefender SRL -> Bitdefender)

R2 vsservppl; C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe [238376 2019-05-28] (Bitdefender SRL -> Bitdefender)

S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\NisSrv.exe [3851264 2019-04-23] (Microsoft Corporation -> Microsoft Corporation)

S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MsMpEng.exe [118144 2019-04-23] (Microsoft Corporation -> Microsoft Corporation)

R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3732896 2016-12-27] (Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdgpio2; C:\WINDOWS\System32\drivers\amdgpio2.sys [43400 2017-03-02] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc)

R3 amdgpio3; C:\WINDOWS\System32\drivers\amdgpio3.sys [33144 2017-08-29] (AMD PMP-PE CB Code Signer v20160415 -> Advanced Micro Devices, Inc)

S3 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

S3 amdkmcsp; C:\WINDOWS\system32\DRIVERS\amdkmcsp.sys [101232 2017-06-16] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. )

R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0322990.inf_amd64_06c9aec2ef966091\atikmdag.sys [41703912 2018-01-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0322990.inf_amd64_06c9aec2ef966091\atikmpag.sys [546280 2018-01-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

R3 AMDPCIDev; C:\WINDOWS\System32\drivers\AMDPCIDev.sys [31592 2018-04-25] (Advanced Micro Devices Inc. -> Advanced Micro Devices)

R0 amdpsp; C:\WINDOWS\System32\DRIVERS\amdpsp.sys [137496 2018-09-12] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc. )

R0 amd_sata; C:\WINDOWS\System32\drivers\amd_sata.sys [93240 2017-03-31] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)

R0 amd_xata; C:\WINDOWS\System32\drivers\amd_xata.sys [33336 2017-03-31] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)

R1 atc; C:\WINDOWS\System32\DRIVERS\atc.sys [1551768 2019-05-28] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)

R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [111112 2017-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)

R2 BdDci; C:\WINDOWS\system32\DRIVERS\bddci.sys [395728 2019-05-14] (Bitdefender SRL -> Bitdefender)

S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [22960 2019-03-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Bitdefender)

S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)

R3 edrsensor; C:\WINDOWS\System32\DRIVERS\edrsensor.sys [298488 2019-05-28] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)

R1 Gemma; C:\WINDOWS\System32\DRIVERS\gemma.sys [374632 2018-11-19] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)

R0 gzflt; C:\WINDOWS\System32\drivers\gzflt.sys [188384 2019-05-14] (Bitdefender SRL -> BitDefender LLC)

S3 Hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)

R1 hmpalert; C:\WINDOWS\system32\drivers\hmpalert.sys [315800 2019-06-19] (SurfRight B.V. -> SurfRight B.V.)

S3 IaNVMe; C:\WINDOWS\System32\drivers\IaNVMe.sys [113160 2016-11-04] (Intel® NVMe Windows Driver -> Intel Corporation)

R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [253696 2017-01-13] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)

S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)

R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [275232 2019-06-19] (Malwarebytes Corporation -> Malwarebytes)

R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [8717808 2018-05-21] (Intel® Wireless Connectivity Solutions -> Intel Corporation)

S3 ocznvme; C:\WINDOWS\System32\drivers\ocznvme.sys [99592 2016-06-10] (Toshiba America Electronic Components, Inc. -> TOSHIBA CORPORATION)

S3 ocztrimfilter; C:\WINDOWS\System32\drivers\ocztrimfilter.sys [29064 2016-06-10] (Toshiba America Electronic Components, Inc. -> TOSHIBA CORPORATION)

R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [943112 2016-08-22] (Realtek Semiconductor Corp. -> Realtek )

R3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [49032 2019-01-16] (Razer USA Ltd. -> Razer Inc)

R3 RzDev_0067; C:\WINDOWS\System32\drivers\RzDev_0067.sys [51696 2018-04-22] (Razer USA Ltd. -> Razer Inc)

S3 secnvme; C:\WINDOWS\System32\drivers\secnvme.sys [135688 2016-12-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd)

R3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [46408 2017-06-01] (SteelSeries ApS -> SteelSeries ApS)

S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)

R2 trufos; C:\WINDOWS\System32\drivers\trufos.sys [611152 2019-05-28] (Bitdefender SRL -> Bitdefender)

S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [22016 2018-04-11] (Microsoft Windows -> Microsoft Corporation)

S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46472 2019-04-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)

S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [344544 2019-04-23] (Microsoft Windows -> Microsoft Corporation)

S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [60896 2019-04-23] (Microsoft Windows -> Microsoft Corporation)

S3 xhunter1; C:\WINDOWS\xhunter1.sys [47096 2018-02-18] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)

R1 ZAM; C:\WINDOWS\System32\drivers\zam64.sys [203680 2019-06-19] (Zemana Ltd. -> Zemana Ltd.)

R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2019-06-19] (Zemana Ltd. -> Zemana Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-06-19 20:31 - 2019-06-19 20:32 - 000031923 _____ C:\Users\Dohnovan\Downloads\FRST.txt

2019-06-19 20:30 - 2019-06-19 20:31 - 000000000 ____D C:\FRST

2019-06-19 20:29 - 2019-06-19 20:29 - 002418688 _____ (Farbar) C:\Users\Dohnovan\Downloads\FRST64.exe

2019-06-19 16:17 - 2019-06-19 16:17 - 000000000 ____D C:\Users\Dohnovan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR

2019-06-19 16:17 - 2019-06-19 16:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR

2019-06-19 16:16 - 2019-06-19 16:16 - 003145336 _____ (Alexander Roshal) C:\Users\Dohnovan\Downloads\winrar-x64-571.exe

2019-06-19 16:03 - 2019-06-19 16:03 - 000275232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys

2019-06-19 15:56 - 2019-06-19 15:56 - 001955784 _____ (SurfRight B.V.) C:\WINDOWS\system32\hmpalert.dll

2019-06-19 15:56 - 2019-06-19 15:56 - 001034696 _____ (SurfRight B.V.) C:\WINDOWS\SysWOW64\hmpalert.dll

2019-06-19 15:54 - 2019-06-19 20:30 - 000000000 ____D C:\WINDOWS\CryptoGuard

2019-06-19 15:54 - 2019-06-19 16:03 - 000000000 ____D C:\ProgramData\HitmanPro.Alert

2019-06-19 15:54 - 2019-06-19 16:02 - 000000000 ____D C:\Program Files (x86)\HitmanPro.Alert

2019-06-19 15:54 - 2019-06-19 15:56 - 000315800 _____ (SurfRight B.V.) C:\WINDOWS\system32\Drivers\hmpalert.sys

2019-06-19 15:54 - 2019-06-19 15:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro.Alert

2019-06-19 15:53 - 2019-06-19 15:53 - 004461704 _____ (SurfRight B.V.) C:\Users\Dohnovan\Downloads\hmpalert3.exe

2019-06-19 15:49 - 2019-06-19 16:33 - 000000000 ____D C:\ProgramData\HitmanPro

2019-06-19 15:49 - 2019-06-19 15:49 - 010960168 _____ (SurfRight B.V.) C:\Users\Dohnovan\Downloads\HitmanPro (1).exe

2019-06-19 15:48 - 2019-06-19 20:32 - 000554637 _____ C:\WINDOWS\ZAM.krnl.trace

2019-06-19 15:48 - 2019-06-19 20:32 - 000097441 _____ C:\WINDOWS\ZAM_Guard.krnl.trace

2019-06-19 15:48 - 2019-06-19 15:48 - 000203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zamguard64.sys

2019-06-19 15:48 - 2019-06-19 15:48 - 000203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zam64.sys

2019-06-19 15:48 - 2019-06-19 15:48 - 000001224 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk

2019-06-19 15:48 - 2019-06-19 15:48 - 000000000 ____D C:\Users\Dohnovan\AppData\Local\Zemana

2019-06-19 15:48 - 2019-06-19 15:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware

2019-06-19 15:48 - 2019-06-19 15:48 - 000000000 ____D C:\Program Files (x86)\Zemana AntiMalware

2019-06-19 15:47 - 2019-06-19 15:47 - 012946608 _____ (Zemana Ltd. ) C:\Users\Dohnovan\Downloads\Zemana.AntiMalware.Setup.exe

2019-06-19 15:40 - 2019-06-19 15:40 - 000001312 _____ C:\Users\Dohnovan\Desktop\Mbam.txt.txt

2019-06-19 12:59 - 2019-06-19 12:59 - 000001073 _____ C:\Users\Public\Desktop\Gyazo Replay.lnk

2019-06-19 10:56 - 2019-06-19 10:56 - 000000000 ____D C:\Program Files\UNP

2019-06-14 03:07 - 2019-06-19 16:08 - 000000000 ____D C:\Users\Dohnovan\AppData\LocalLow\BitTorrent

2019-06-13 14:14 - 2019-06-13 14:14 - 000019680 _____ (EasyAntiCheat Oy) C:\WINDOWS\system32\eac_usermode_242340567693922.dll

2019-06-13 02:11 - 2019-06-13 02:11 - 000000000 ____D C:\Users\Dohnovan\AppData\Roaming\EasyAntiCheat

2019-06-13 02:11 - 2019-06-13 02:11 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat

2019-06-12 21:29 - 2019-06-12 21:29 - 000000222 _____ C:\Users\Dohnovan\Desktop\Paladins.url

2019-06-12 06:39 - 2019-06-07 05:04 - 021388752 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll

2019-06-12 06:39 - 2019-06-07 05:04 - 001633136 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll

2019-06-12 06:39 - 2019-06-07 04:48 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll

2019-06-12 06:39 - 2019-06-07 04:47 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll

2019-06-12 06:39 - 2019-06-07 04:45 - 012756480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

2019-06-12 06:39 - 2019-06-07 04:42 - 003613696 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys

2019-06-12 06:39 - 2019-06-07 04:41 - 004055552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll

2019-06-12 06:39 - 2019-06-07 04:40 - 001663488 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll

2019-06-12 06:39 - 2019-06-07 04:40 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll

2019-06-12 06:39 - 2019-06-07 04:23 - 001453920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll

2019-06-12 06:39 - 2019-06-07 04:19 - 020383832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll

2019-06-12 06:39 - 2019-06-07 04:10 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll

2019-06-12 06:39 - 2019-06-07 04:07 - 011942400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll

2019-06-12 06:39 - 2019-06-07 04:04 - 004056064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll

2019-06-12 06:39 - 2019-06-07 04:04 - 002881536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys

2019-06-12 06:39 - 2019-06-07 04:04 - 001471488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll

2019-06-12 06:39 - 2019-06-07 00:07 - 000707384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys

2019-06-12 06:39 - 2019-06-07 00:01 - 001035040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe

2019-06-12 06:39 - 2019-06-06 23:58 - 001220112 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe

2019-06-12 06:39 - 2019-06-06 23:58 - 001027384 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe

2019-06-12 06:39 - 2019-06-06 23:58 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe

2019-06-12 06:39 - 2019-06-06 23:58 - 000422416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmicmiplugin.dll

2019-06-12 06:39 - 2019-06-06 23:58 - 000135176 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll

2019-06-12 06:39 - 2019-06-06 23:58 - 000076304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys

2019-06-12 06:39 - 2019-06-06 23:57 - 007519896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll

2019-06-12 06:39 - 2019-06-06 23:57 - 007436536 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll

2019-06-12 06:39 - 2019-06-06 23:57 - 002811192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys

2019-06-12 06:39 - 2019-06-06 23:57 - 002719032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys

2019-06-12 06:39 - 2019-06-06 23:57 - 001934808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll

2019-06-12 06:39 - 2019-06-06 23:57 - 001209696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll

2019-06-12 06:39 - 2019-06-06 23:57 - 000792888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys

2019-06-12 06:39 - 2019-06-06 23:57 - 000709728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys

2019-06-12 06:39 - 2019-06-06 23:57 - 000594024 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe

2019-06-12 06:39 - 2019-06-06 23:57 - 000494304 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll

2019-06-12 06:39 - 2019-06-06 23:57 - 000435000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll

2019-06-12 06:39 - 2019-06-06 23:57 - 000413720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll

2019-06-12 06:39 - 2019-06-06 23:57 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys

2019-06-12 06:39 - 2019-06-06 23:57 - 000383504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys

2019-06-12 06:39 - 2019-06-06 23:57 - 000170296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys

2019-06-12 06:39 - 2019-06-06 23:57 - 000148280 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll

2019-06-12 06:39 - 2019-06-06 23:57 - 000137448 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll

2019-06-12 06:39 - 2019-06-06 23:56 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe

2019-06-12 06:39 - 2019-06-06 23:56 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll

2019-06-12 06:39 - 2019-06-06 23:47 - 000380432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll

2019-06-12 06:39 - 2019-06-06 23:47 - 000097272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll

2019-06-12 06:39 - 2019-06-06 23:46 - 006569344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll

2019-06-12 06:39 - 2019-06-06 23:46 - 006043496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll

2019-06-12 06:39 - 2019-06-06 23:46 - 001805656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll

2019-06-12 06:39 - 2019-06-06 23:46 - 001011872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll

2019-06-12 06:39 - 2019-06-06 23:46 - 000581048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll

2019-06-12 06:39 - 2019-06-06 23:46 - 000357072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll

2019-06-12 06:39 - 2019-06-06 23:46 - 000128792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll

2019-06-12 06:39 - 2019-06-06 23:38 - 025857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll

2019-06-12 06:39 - 2019-06-06 23:37 - 022019584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll

2019-06-12 06:39 - 2019-06-06 23:31 - 019372544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2019-06-12 06:39 - 2019-06-06 23:27 - 022718976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2019-06-12 06:39 - 2019-06-06 23:24 - 005784064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll

2019-06-12 06:39 - 2019-06-06 23:24 - 003400704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll

2019-06-12 06:39 - 2019-06-06 23:23 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll

2019-06-12 06:39 - 2019-06-06 23:23 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll

2019-06-12 06:39 - 2019-06-06 23:22 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll

2019-06-12 06:39 - 2019-06-06 23:22 - 003710976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll

2019-06-12 06:39 - 2019-06-06 23:22 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll

2019-06-12 06:39 - 2019-06-06 23:22 - 000216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdigest.dll

2019-06-12 06:39 - 2019-06-06 23:21 - 007588864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll

2019-06-12 06:39 - 2019-06-06 23:21 - 004866048 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll

2019-06-12 06:39 - 2019-06-06 23:21 - 001778688 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll

2019-06-12 06:39 - 2019-06-06 23:21 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll

2019-06-12 06:39 - 2019-06-06 23:21 - 000473600 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll

2019-06-12 06:39 - 2019-06-06 23:21 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll

2019-06-12 06:39 - 2019-06-06 23:20 - 002610688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll

2019-06-12 06:39 - 2019-06-06 23:20 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll

2019-06-12 06:39 - 2019-06-06 23:20 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll

2019-06-12 06:39 - 2019-06-06 23:20 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll

2019-06-12 06:39 - 2019-06-06 23:19 - 003212288 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll

2019-06-12 06:39 - 2019-06-06 23:19 - 002175488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll

2019-06-12 06:39 - 2019-06-06 23:19 - 001560576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll

2019-06-12 06:39 - 2019-06-06 23:19 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll

2019-06-12 06:39 - 2019-06-06 23:19 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll

2019-06-12 06:39 - 2019-06-06 23:19 - 000369664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskcomp.dll

2019-06-12 06:39 - 2019-06-06 23:18 - 002166784 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys

2019-06-12 06:39 - 2019-06-06 23:18 - 000686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll

2019-06-12 06:39 - 2019-06-06 23:18 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll

2019-06-12 06:39 - 2019-06-06 23:17 - 001920000 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll

2019-06-12 06:39 - 2019-06-06 23:17 - 000961024 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll

2019-06-12 06:39 - 2019-06-06 23:17 - 000889344 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll

2019-06-12 06:39 - 2019-06-06 23:16 - 001102336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys

2019-06-12 06:39 - 2019-06-06 23:16 - 000900096 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll

2019-06-12 06:39 - 2019-06-06 23:16 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll

2019-06-12 06:39 - 2019-06-06 23:16 - 000478720 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll

2019-06-12 06:39 - 2019-05-18 16:12 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll

2019-06-12 06:39 - 2019-05-18 16:12 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll

2019-06-12 06:39 - 2019-05-18 16:12 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll

2019-06-12 06:39 - 2019-05-18 16:12 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll

2019-06-12 06:39 - 2019-05-17 06:44 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe

2019-06-12 06:39 - 2019-05-17 06:40 - 002394960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL

2019-06-12 06:39 - 2019-05-17 06:40 - 000280888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys

2019-06-12 06:39 - 2019-05-17 06:27 - 006586880 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll

2019-06-12 06:39 - 2019-05-17 06:26 - 004393984 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll

2019-06-12 06:39 - 2019-05-17 06:25 - 004718080 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll

2019-06-12 06:39 - 2019-05-17 06:25 - 004491264 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe

2019-06-12 06:39 - 2019-05-17 06:24 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll

2019-06-12 06:39 - 2019-05-17 06:24 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rndismp6.sys

2019-06-12 06:39 - 2019-05-17 06:22 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll

2019-06-12 06:39 - 2019-05-17 06:22 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll

2019-06-12 06:39 - 2019-05-17 06:21 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll

2019-06-12 06:39 - 2019-05-17 06:21 - 000878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll

2019-06-12 06:39 - 2019-05-17 06:21 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3gpui.dll

2019-06-12 06:39 - 2019-05-17 06:21 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe

2019-06-12 06:39 - 2019-05-17 06:20 - 002084864 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl

2019-06-12 06:39 - 2019-05-17 06:19 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll

2019-06-12 06:39 - 2019-05-17 06:07 - 002206424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL

2019-06-12 06:39 - 2019-05-17 06:00 - 005658112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll

2019-06-12 06:39 - 2019-05-17 05:58 - 003397632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe

2019-06-12 06:39 - 2019-05-17 05:56 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll

2019-06-12 06:39 - 2019-05-17 05:56 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3gpui.dll

2019-06-12 06:39 - 2019-05-17 05:55 - 000704000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll

2019-06-12 06:39 - 2019-05-17 05:55 - 000668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll

2019-06-12 06:39 - 2019-05-17 05:55 - 000470528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll

2019-06-12 06:39 - 2019-05-17 05:54 - 002016768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl

2019-06-12 06:39 - 2019-05-17 03:33 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll

2019-06-12 06:39 - 2019-05-17 02:52 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll

2019-06-12 06:39 - 2019-05-17 01:07 - 000105272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys

2019-06-12 06:39 - 2019-05-17 00:44 - 000829960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe

2019-06-12 06:39 - 2019-05-17 00:44 - 000550520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll

2019-06-12 06:39 - 2019-05-17 00:43 - 000297688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll

2019-06-12 06:39 - 2019-05-17 00:42 - 005625160 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll

2019-06-12 06:39 - 2019-05-17 00:42 - 004789944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll

2019-06-12 06:39 - 2019-05-17 00:42 - 002256560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll

2019-06-12 06:39 - 2019-05-17 00:42 - 001989552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll

2019-06-12 06:39 - 2019-05-17 00:42 - 001980256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll

2019-06-12 06:39 - 2019-05-17 00:42 - 001620264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll

2019-06-12 06:39 - 2019-05-17 00:42 - 001380096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll

2019-06-12 06:39 - 2019-05-17 00:42 - 001130568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll

2019-06-12 06:39 - 2019-05-17 00:42 - 000129088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll

2019-06-12 06:39 - 2019-05-17 00:42 - 000125504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll

2019-06-12 06:39 - 2019-05-17 00:30 - 013878784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll

2019-06-12 06:39 - 2019-05-17 00:26 - 002969600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll

2019-06-12 06:39 - 2019-05-17 00:23 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe

2019-06-12 06:39 - 2019-05-17 00:23 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll

2019-06-12 06:39 - 2019-05-17 00:21 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll

2019-06-12 06:39 - 2019-05-17 00:21 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esentutl.exe

2019-06-12 06:39 - 2019-05-17 00:21 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll

2019-06-12 06:39 - 2019-05-17 00:20 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll

2019-06-12 06:39 - 2019-05-17 00:20 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll

2019-06-12 06:39 - 2019-05-17 00:19 - 004515840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll

2019-06-12 06:39 - 2019-05-17 00:19 - 001630720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll

2019-06-12 06:39 - 2019-05-17 00:19 - 001110528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll

2019-06-12 06:39 - 2019-05-17 00:19 - 000873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll

2019-06-12 06:39 - 2019-05-17 00:19 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll

2019-06-12 06:39 - 2019-05-17 00:18 - 002796032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll

2019-06-12 06:39 - 2019-05-17 00:18 - 001006592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll

2019-06-12 06:39 - 2019-05-17 00:08 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi

2019-06-12 06:39 - 2019-05-17 00:08 - 000723432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll

2019-06-12 06:39 - 2019-05-17 00:08 - 000491200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll

2019-06-12 06:39 - 2019-05-17 00:08 - 000401328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll

2019-06-12 06:39 - 2019-05-17 00:07 - 004404720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll

2019-06-12 06:39 - 2019-05-17 00:07 - 002768960 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll

2019-06-12 06:39 - 2019-05-17 00:07 - 002571640 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll

2019-06-12 06:39 - 2019-05-17 00:07 - 002467320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll

2019-06-12 06:39 - 2019-05-17 00:07 - 001459120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi

2019-06-12 06:39 - 2019-05-17 00:07 - 001288712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll

2019-06-12 06:39 - 2019-05-17 00:07 - 001260272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe

2019-06-12 06:39 - 2019-05-17 00:07 - 000930616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe

2019-06-12 06:39 - 2019-05-17 00:07 - 000275768 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll

2019-06-12 06:39 - 2019-05-17 00:07 - 000260800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll

2019-06-12 06:39 - 2019-05-17 00:06 - 001943136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll

2019-06-12 06:39 - 2019-05-17 00:06 - 001784696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll

2019-06-12 06:39 - 2019-05-17 00:06 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll

2019-06-12 06:39 - 2019-05-17 00:06 - 001140992 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi

2019-06-12 06:39 - 2019-05-17 00:06 - 001098056 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll

2019-06-12 06:39 - 2019-05-17 00:06 - 000983424 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe

2019-06-12 06:39 - 2019-05-17 00:06 - 000151888 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll

2019-06-12 06:39 - 2019-05-17 00:04 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll

2019-06-12 06:39 - 2019-05-17 00:00 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll

2019-06-12 06:39 - 2019-05-16 23:44 - 016597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll

2019-06-12 06:39 - 2019-05-16 23:38 - 004709376 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll

2019-06-12 06:39 - 2019-05-16 23:37 - 004385280 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll

2019-06-12 06:39 - 2019-05-16 23:37 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DuCsps.dll

2019-06-12 06:39 - 2019-05-16 23:36 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys

2019-06-12 06:39 - 2019-05-16 23:36 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll

2019-06-12 06:39 - 2019-05-16 23:36 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll

2019-06-12 06:39 - 2019-05-16 23:35 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe

2019-06-12 06:39 - 2019-05-16 23:35 - 000362496 _____ (Microsoft Corporation) C:\WINDOWS\system32\esentutl.exe

2019-06-12 06:39 - 2019-05-16 23:35 - 000322560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe

2019-06-12 06:39 - 2019-05-16 23:34 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll

2019-06-12 06:39 - 2019-05-16 23:34 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll

2019-06-12 06:39 - 2019-05-16 23:34 - 000671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll

2019-06-12 06:39 - 2019-05-16 23:34 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll

2019-06-12 06:39 - 2019-05-16 23:34 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll

2019-06-12 06:39 - 2019-05-16 23:34 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll

2019-06-12 06:39 - 2019-05-16 23:34 - 000047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscore.dll

2019-06-12 06:39 - 2019-05-16 23:33 - 003091456 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll

2019-06-12 06:39 - 2019-05-16 23:33 - 002912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll

2019-06-12 06:39 - 2019-05-16 23:33 - 002370560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll

2019-06-12 06:39 - 2019-05-16 23:33 - 001487360 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll

2019-06-12 06:39 - 2019-05-16 23:33 - 001214464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll

2019-06-12 06:39 - 2019-05-16 23:33 - 000787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys

2019-06-12 06:39 - 2019-05-16 23:32 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll

2019-06-12 06:39 - 2019-05-16 23:32 - 000815104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll

2019-06-12 06:39 - 2019-05-16 23:31 - 004937216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll

2019-06-12 06:39 - 2019-05-16 23:31 - 003376640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll

2019-06-12 06:39 - 2019-05-16 23:31 - 003293184 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll

2019-06-12 06:39 - 2019-05-16 23:31 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll

2019-06-12 06:39 - 2019-05-16 23:31 - 001805312 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll

2019-06-12 06:39 - 2019-05-16 23:31 - 001383424 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll

2019-06-12 06:39 - 2019-05-16 23:31 - 001215488 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll

2019-06-12 06:39 - 2019-05-16 23:31 - 001211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll

2019-06-12 06:39 - 2019-05-16 23:31 - 001027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll

2019-06-12 06:39 - 2019-05-16 23:31 - 000620032 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll

2019-06-12 06:39 - 2019-05-16 23:31 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll

2019-06-12 06:39 - 2019-05-16 23:30 - 000917504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll

2019-06-12 06:39 - 2019-05-16 23:30 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll

2019-06-12 06:39 - 2019-05-16 23:30 - 000276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll

2019-06-12 06:38 - 2019-06-06 23:24 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll

2019-06-12 06:38 - 2019-06-06 23:23 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll

2019-06-12 06:38 - 2019-06-06 23:22 - 000233984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll

2019-06-12 06:38 - 2019-06-06 22:00 - 000001308 _____ C:\WINDOWS\system32\tcbres.wim

2019-06-12 06:38 - 2019-05-17 06:25 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsUpdateElevatedInstaller.exe

2019-06-12 06:38 - 2019-05-17 06:23 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll

2019-06-12 06:38 - 2019-05-17 06:21 - 001121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll

2019-06-12 06:38 - 2019-05-17 05:54 - 000908288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll

2019-06-12 06:38 - 2019-05-17 00:23 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll

2019-06-12 06:38 - 2019-05-17 00:22 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll

2019-06-12 06:38 - 2019-05-17 00:22 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll

2019-06-12 06:38 - 2019-05-17 00:19 - 001073664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll

2019-06-12 06:38 - 2019-05-17 00:18 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll

2019-06-12 06:38 - 2019-05-16 23:37 - 000185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll

2019-06-12 06:38 - 2019-05-16 23:36 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll

2019-06-12 06:38 - 2019-05-16 23:36 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe

2019-06-12 06:38 - 2019-05-16 23:36 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll

2019-06-12 06:38 - 2019-05-16 23:36 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll

2019-06-12 06:38 - 2019-05-16 23:34 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe

2019-06-12 06:38 - 2019-05-16 23:33 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll

2019-06-08 05:54 - 2019-06-08 05:54 - 000000080 ___SH C:\bootTel.dat

2019-06-07 12:35 - 2019-06-07 12:35 - 000002500 _____ C:\Users\Dohnovan\Downloads\New_Text_Document.txt.tr9u2hz.partial

2019-05-31 15:17 - 2019-02-12 23:47 - 001909560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll

2019-05-26 23:59 - 2019-06-05 11:23 - 000000000 ____D C:\Users\Dohnovan\Documents\Path of Building

2019-05-26 23:58 - 2019-06-05 11:23 - 000000000 ____D C:\ProgramData\Path of Building

2019-05-26 23:58 - 2019-05-26 23:58 - 000001179 _____ C:\Users\Public\Desktop\Path of Building.lnk

2019-05-26 23:58 - 2019-05-26 23:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Path of Building

2019-05-26 23:58 - 2019-05-26 23:58 - 000000000 ____D C:\Program Files (x86)\Path of Building

2019-05-26 23:57 - 2019-05-26 23:57 - 023365310 _____ (Openarl ) C:\Users\Dohnovan\Downloads\PathOfBuilding-Setup-1.4.137.exe

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-06-19 20:25 - 2018-05-21 16:15 - 000000000 ____D C:\WINDOWS\system32\SleepStudy

2019-06-19 20:25 - 2018-04-11 17:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft

2019-06-19 18:26 - 2019-05-14 10:38 - 000000000 ____D C:\Program Files\Bitdefender Antivirus Free

2019-06-19 17:07 - 2018-04-11 15:04 - 000065536 _____ C:\WINDOWS\system32\config\ELAM

2019-06-19 16:55 - 2017-12-08 22:06 - 000000000 ____D C:\Program Files (x86)\Steam

2019-06-19 16:54 - 2018-05-21 16:36 - 000000000 ____D C:\Users\Dohnovan\AppData\Local\D3DSCache

2019-06-19 16:17 - 2017-12-31 18:37 - 000000000 ____D C:\Program Files\WinRAR

2019-06-19 16:08 - 2018-01-25 15:56 - 000000000 ____D C:\Users\Dohnovan\AppData\Roaming\BitTorrent

2019-06-19 16:06 - 2017-12-08 22:16 - 000000000 ____D C:\Users\Dohnovan\AppData\Roaming\discord

2019-06-19 16:03 - 2018-06-22 15:04 - 000000000 ____D C:\Program Files (x86)\TeamViewer

2019-06-19 16:03 - 2018-05-21 16:35 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT

2019-06-19 16:03 - 2018-04-11 17:38 - 000000000 ____D C:\WINDOWS\AppReadiness

2019-06-19 16:01 - 2018-04-11 15:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI

2019-06-19 16:01 - 2017-04-11 10:49 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin

2019-06-19 15:37 - 2018-05-21 16:18 - 000000000 ____D C:\Users\Dohnovan

2019-06-19 14:46 - 2018-07-01 09:24 - 000000236 _____ C:\Users\Dohnovan\Downloads\things I am working on.txt

2019-06-19 14:01 - 2017-12-09 19:50 - 000000000 ____D C:\Users\Dohnovan\AppData\Local\Packages

2019-06-19 13:59 - 2018-07-01 09:24 - 000001468 _____ C:\Users\Dohnovan\Downloads\#Pro Life Advice.txt

2019-06-19 13:49 - 2018-07-01 09:24 - 000001113 _____ C:\Users\Dohnovan\Downloads\Important.txt

2019-06-19 12:59 - 2018-05-21 16:35 - 000003556 _____ C:\WINDOWS\System32\Tasks\GyazoUpdateTaskMachineDaily

2019-06-19 12:59 - 2018-05-21 16:35 - 000003420 _____ C:\WINDOWS\System32\Tasks\GyazoUpdateTaskMachine

2019-06-19 12:59 - 2017-12-27 19:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gyazo

2019-06-19 12:59 - 2017-12-27 19:08 - 000000000 ____D C:\Program Files (x86)\Gyazo

2019-06-18 22:49 - 2018-04-11 17:38 - 000000000 ___HD C:\Program Files\WindowsApps

2019-06-15 18:42 - 2017-12-09 20:29 - 000000000 ____D C:\Users\Dohnovan\AppData\Local\Arma 3 Launcher

2019-06-15 17:18 - 2018-04-11 17:38 - 000000000 ____D C:\Program Files\Common Files\microsoft shared

2019-06-15 17:16 - 2017-04-07 15:15 - 000000000 ____D C:\Program Files\Microsoft Office

2019-06-15 16:26 - 2017-12-09 20:32 - 000000000 ____D C:\Users\Dohnovan\AppData\Local\Arma 3

2019-06-14 03:08 - 2018-04-14 10:45 - 000000000 ____D C:\Users\Dohnovan\AppData\Local\CrashDumps

2019-06-13 14:25 - 2018-04-11 17:30 - 000000000 ____D C:\WINDOWS\CbsTemp

2019-06-13 02:12 - 2017-12-31 21:42 - 000000000 ____D C:\Users\Dohnovan\Documents\My Games

2019-06-12 21:29 - 2017-12-09 13:16 - 000000000 ____D C:\Users\Dohnovan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam

2019-06-12 17:19 - 2018-05-21 16:27 - 000838560 _____ C:\WINDOWS\system32\PerfStringBackup.INI

2019-06-12 17:19 - 2018-04-11 17:36 - 000000000 ____D C:\WINDOWS\INF

2019-06-12 17:16 - 2017-12-09 20:01 - 000000000 ___RD C:\Users\Dohnovan\3D Objects

2019-06-12 17:16 - 2017-04-03 11:54 - 000000000 __RHD C:\Users\Public\AccountPictures

2019-06-12 17:14 - 2018-05-21 16:15 - 000403048 _____ C:\WINDOWS\system32\FNTCACHE.DAT

2019-06-12 17:11 - 2018-04-11 17:38 - 000000000 ____D C:\WINDOWS\TextInput

2019-06-12 17:10 - 2018-04-11 17:38 - 000000000 ____D C:\WINDOWS\ShellExperiences

2019-06-12 17:10 - 2018-04-11 17:38 - 000000000 ____D C:\WINDOWS\Provisioning

2019-06-12 17:10 - 2018-04-11 17:38 - 000000000 ____D C:\WINDOWS\bcastdvr

2019-06-12 06:38 - 2017-12-09 11:41 - 000000000 ____D C:\WINDOWS\system32\MRT

2019-06-12 06:35 - 2017-12-09 11:40 - 135349160 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2019-06-11 18:53 - 2017-12-09 20:02 - 000000000 ___HD C:\Users\Dohnovan\MicrosoftEdgeBackups

2019-06-11 18:52 - 2017-12-09 11:27 - 000000000 ____D C:\Users\Dohnovan\AppData\Local\ConnectedDevicesPlatform

2019-06-08 06:02 - 2018-03-13 16:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer

2019-06-05 17:43 - 2018-05-21 16:35 - 000003384 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2108490749-413910539-1021375685-1003

2019-06-05 17:43 - 2018-05-21 16:18 - 000002379 _____ C:\Users\Dohnovan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

2019-06-05 17:43 - 2017-12-09 11:39 - 000000000 ___RD C:\Users\Dohnovan\OneDrive

2019-05-30 19:57 - 2018-09-18 19:36 - 000835688 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe

2019-05-30 19:57 - 2018-09-18 19:36 - 000179816 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

2019-05-30 13:43 - 2017-12-09 15:53 - 000000000 ____D C:\Users\Dohnovan\AppData\Roaming\steelseries-engine-3-client

2019-05-28 19:16 - 2017-12-08 22:16 - 000002255 _____ C:\Users\Dohnovan\Desktop\Discord.lnk

2019-05-28 07:56 - 2019-05-14 10:40 - 000611152 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\trufos.sys

2019-05-28 07:56 - 2019-05-14 10:39 - 001551768 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\WINDOWS\system32\Drivers\atc.sys

2019-05-28 07:56 - 2019-05-14 10:39 - 000298488 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\WINDOWS\system32\Drivers\edrsensor.sys

2019-05-23 16:49 - 2017-12-27 20:08 - 000000000 ____D C:\Program Files\Rockstar Games

2019-05-23 16:49 - 2017-12-27 20:08 - 000000000 ____D C:\Program Files (x86)\Rockstar Games

2019-05-22 16:18 - 2018-01-14 11:42 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

2019-05-22 16:18 - 2018-01-14 11:42 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk

==================== Files in the root of some directories ================

2017-12-18 14:43 - 2017-12-18 14:43 - 018102328 _____ (Webroot Software, Inc.) C:\Program Files (x86)\Common Files\wruninstall.exe

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-06-2019

Ran by Dohnovan (19-06-2019 20:33:27)

Running from C:\Users\Dohnovan\Downloads

Windows 10 Home Version 1803 17134.829 (X64) (2018-05-21 22:36:00)

Boot Mode: Normal

==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-2108490749-413910539-1021375685-500 - Administrator - Disabled)

DefaultAccount (S-1-5-21-2108490749-413910539-1021375685-503 - Limited - Disabled)

defaultuser0 (S-1-5-21-2108490749-413910539-1021375685-1002 - Limited - Disabled)

Dohnovan (S-1-5-21-2108490749-413910539-1021375685-1003 - Administrator - Enabled) => C:\Users\Dohnovan

Guest (S-1-5-21-2108490749-413910539-1021375685-501 - Limited - Disabled)

WDAGUtilityAccount (S-1-5-21-2108490749-413910539-1021375685-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Bitdefender Antivirus Free Antimalware (Enabled - Up to date) {EA21BCE8-A461-99C3-3A0D-4C964E75494E}

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Bitdefender Antivirus Free Antimalware (Enabled - Up to date) {51405D0C-825B-964D-00BD-77E435F203F3}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 18.01 (x64) (HKLM\...\7-Zip) (Version: 18.01 - Igor Pavlov)

AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)

ArcheRage.to NA (HKLM-x32\...\{1B621355-A68A-48B0-879B-5E903411063D}) (Version: 1.0.0 - ArcheRage.to NA Private Server)

ArmA3Sync 1.6.92 (HKLM-x32\...\{F097E7D7-D093-4394-9EED-43AFCCD12B7A}_is1) (Version: 1.6.92 - The [S.o.E] team)

Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.36.1 - Asmedia Technology)

Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 1.0.1 - Bitdefender)

Bitdefender Antivirus Free (HKLM\...\{1FCCF41D-5F00-4FE2-9653-162D0486C8B4}) (Version: 1.0.15.108 - Bitdefender)

BitTorrent (HKU\S-1-5-21-2108490749-413910539-1021375685-1003\...\BitTorrent) (Version: 7.10.4.44633 - BitTorrent Inc.)

Black Desert Online (HKLM-x32\...\{C1F96C92-7B8C-485F-A9CD-37A0708A2A60}) (Version: 1.0.0.7 - Kakao Games Europe B.V.)

Brave (HKU\S-1-5-21-2108490749-413910539-1021375685-1003\...\Brave) (Version: 0.23.31 - Brave Software)

CCleaner (HKLM\...\CCleaner) (Version: 5.57 - Piriform)

Discord (HKU\S-1-5-21-2108490749-413910539-1021375685-1003\...\Discord) (Version: 0.0.305 - Discord Inc.)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 74.0.3729.169 - Google Inc.)

Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden

Gyazo 3.6.2.0 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc.)

HitmanPro.Alert 3 (HKLM\...\HitmanPro.Alert) (Version: 3.7.9.779 - SurfRight B.V.)

Intel® Wireless Bluetooth® (HKLM-x32\...\{0E13241D-76B0-4A4C-9665-3969F55C08D5}) (Version: 19.40.1702.1091 - Intel Corporation)

Intel® PROSet/Wireless Software (HKLM-x32\...\{475ea806-cb2a-455b-bb1b-9f99342b2fe2}) (Version: 19.40.0 - Intel Corporation)

Intel® PROSet/Wireless Software (HKLM-x32\...\{b67c644b-bbfa-45cf-a1fa-2e1ef2f99be6}) (Version: 20.60.0 - Intel Corporation)

Malwarebytes version 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)

Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.11629.20246 - Microsoft Corporation)

Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)

Microsoft OneDrive (HKU\S-1-5-21-2108490749-413910539-1021375685-1003\...\OneDriveSetup.exe) (Version: 19.086.0502.0006 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)

Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)

Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.65.2 - Black Tree Gaming)

NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)

Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.11629.20246 - Microsoft Corporation) Hidden

Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.11629.20246 - Microsoft Corporation) Hidden

Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.11629.20246 - Microsoft Corporation) Hidden

OldSchool RuneScape Launcher 1.2.7 (HKLM-x32\...\{FEDDCE73-34B8-4980-90B8-8619A78C902C}) (Version: 1.2.7 - Jagex Ltd)

Path of Building version 1.4.137 (HKLM-x32\...\{72FA9AB7-189F-4BDE-8856-72DEB90C157B}_is1) (Version: 1.4.137 - Openarl)

PlanetSide 2 (HKU\S-1-5-21-2108490749-413910539-1021375685-1003\...\DG0-PlanetSide 2) (Version: - Sony Online Entertainment)

Razer Chroma SDK (HKLM-x32\...\Razer Chroma SDK) (Version: 2.21.1 - Razer Inc.)

Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.4.0604.060316 - Razer Inc.)

Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.10.714.2016 - Realtek)

Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.4.1 - Rockstar Games)

Shotcut (HKLM-x32\...\Shotcut) (Version: - )

Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)

SteelSeries Engine 3.11.7 (HKLM\...\SteelSeries Engine 3) (Version: 3.11.7 - SteelSeries ApS)

TeamSpeak 3 Client (HKU\S-1-5-21-2108490749-413910539-1021375685-1003\...\TeamSpeak 3 Client) (Version: 3.1.6 - TeamSpeak Systems GmbH)

TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.1.3629 - TeamViewer)

Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C3ACFCEA-240F-4DCC-A0C3-DD55FEE6C3C2}) (Version: 2.58.0.0 - Microsoft Corporation)

Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.)

Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden

Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden

Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0-2) (Version: 1.0.65.0 - LunarG, Inc.) Hidden

Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0-3) (Version: 1.0.65.0 - LunarG, Inc.) Hidden

WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)

Wondershare Filmora(Build 8.5.1) (HKLM\...\Wondershare Filmora_is1) (Version: - Wondershare Software)

Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)

Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.74.0.664 - Zemana Ltd.)

Packages:

=========

9 zip -> C:\Program Files\WindowsApps\184MagikHub.9zip_3.1.58.0_x64__hvr7qkvwfhvx6 [2019-02-21] (Magik Hub) [MS Ad]

Adblock Plus -> C:\Program Files\WindowsApps\EyeoGmbH.AdblockPlus_0.9.15.0_neutral__d55gg7py3s0m0 [2019-04-30] (eyeo GmbH)

AdGuard AdBlocker -> C:\Program Files\WindowsApps\Adguard.AdguardAdBlocker_3.1.3.0_neutral__m055xr0c82818 [2019-06-04] (Performix)

Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.0.2.0_x64__tf1gferkr813w [2019-05-28] (Autodesk Inc.)

Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_5.6.3.0_x86__kgqvnymyfvs32 [2019-06-12] (king.com)

Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.140.300.0_x86__kgqvnymyfvs32 [2019-05-28] (king.com)

Keeper - Password Manager & Secure File Storage -> C:\Program Files\WindowsApps\KeeperSecurityInc.Keeper_14.0.20.0_x64__kejf07qmg0jnm [2019-05-03] (Keeper Security Inc)

Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20174.0_x64__8wekyb3d8bbwe [2019-05-30] (Microsoft Corporation) [MS Ad]

March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_4.1.0.6_x86__h6adky7gbf63m [2019-06-18] (Gameloft.)

Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]

Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]

Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.30.10924.0_x64__8wekyb3d8bbwe [2019-04-03] (Microsoft Corporation) [MS Ad]

Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-06-16] (Microsoft Studios) [MS Ad]

Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.11.402.0_x64__8wekyb3d8bbwe [2019-05-24] (Microsoft Studios)

MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.28.10351.0_x64__8wekyb3d8bbwe [2019-02-13] (Microsoft Corporation) [MS Ad]

Plex -> C:\Program Files\WindowsApps\CAF9E577.Plex_3.2.20.0_x64__aam28m9va5cke [2017-12-09] (Plex)

Xbox One SmartGlass -> C:\Program Files\WindowsApps\Microsoft.XboxOneSmartGlass_2.2.1702.2004_x64__8wekyb3d8bbwe [2017-12-27] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll [2019-06-19] (Zemana D.O.O. Sarajevo -> )

ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov) [File not signed]

ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)

ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov) [File not signed]

ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2018-01-12] (Advanced Micro Devices, Inc.) [File not signed]

ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll [2019-06-19] (Zemana D.O.O. Sarajevo -> )

ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov) [File not signed]

ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)

ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2017-12-23 08:51 - 2016-07-21 11:54 - 000137728 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll

2017-12-23 08:51 - 2017-09-12 11:34 - 001506304 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll

2017-06-05 06:13 - 2017-06-05 06:13 - 000015360 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.DLL

2017-06-05 06:13 - 2017-06-05 06:13 - 002519040 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll

2018-01-12 17:59 - 2018-01-12 17:59 - 000155688 _____ (AMD PMP-PE CB Code Signer v20170331 -> Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\SYSTEM32\amdihk64.dll

2017-10-27 14:01 - 2017-10-27 14:01 - 002146304 _____ (Holtek Semiconductor Inc.) [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine 3\HIDDLL.dll

2017-10-27 14:01 - 2017-10-27 14:01 - 002284032 _____ (Holtek) [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine 3\ISPDLL.dll

2018-04-11 15:30 - 2018-01-28 09:00 - 000075776 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll

2017-06-05 06:13 - 2017-06-05 06:13 - 000032768 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll

2017-06-05 06:13 - 2017-06-05 06:13 - 000039936 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll

2017-06-05 06:13 - 2017-06-05 06:13 - 000034816 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll

2017-06-05 06:13 - 2017-06-05 06:13 - 000237568 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll

2017-06-05 06:13 - 2017-06-05 06:13 - 000025600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll

2017-06-05 06:13 - 2017-06-05 06:13 - 000025600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll

2017-06-05 06:13 - 2017-06-05 06:13 - 000024064 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll

2017-06-05 06:13 - 2017-06-05 06:13 - 000481792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll

2017-06-05 06:13 - 2017-06-05 06:13 - 001336832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll

2018-01-12 17:42 - 2018-01-12 17:42 - 005766144 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll

2017-06-05 06:13 - 2017-06-05 06:13 - 006045696 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll

2017-06-05 06:13 - 2017-06-05 06:13 - 001204736 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll

2017-06-05 06:13 - 2017-06-05 06:13 - 000279552 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll

2017-06-05 06:13 - 2017-06-05 06:13 - 003234304 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll

2017-06-05 06:13 - 2017-06-05 06:13 - 003406848 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll

2017-06-05 06:13 - 2017-06-05 06:13 - 000328704 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll

2017-06-05 06:13 - 2017-06-05 06:13 - 000110080 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll

2017-06-05 06:13 - 2017-06-05 06:13 - 000325632 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll

2017-06-05 06:13 - 2017-06-05 06:13 - 068669952 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll

2017-06-05 06:13 - 2017-06-05 06:13 - 005523456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll

2017-06-05 06:13 - 2017-06-05 06:13 - 000283136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll

2017-06-05 06:13 - 2017-06-05 06:13 - 000194560 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll

2017-06-05 06:13 - 2017-06-05 06:13 - 003281408 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll

2017-06-05 06:13 - 2017-06-05 06:13 - 000049152 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll

2017-06-05 06:13 - 2017-06-05 06:13 - 000018432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll

2017-06-05 06:13 - 2017-06-05 06:13 - 000018432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll

2017-06-05 06:13 - 2017-06-05 06:13 - 000311296 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll

2017-06-05 06:13 - 2017-06-05 06:13 - 000089600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll

2017-06-05 06:13 - 2017-06-05 06:13 - 000018432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll

2017-12-23 08:51 - 2017-09-12 11:36 - 000708608 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ZAM.exe" /service => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ZAM.exe" /service => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\zam64.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\zamguard64.sys => ""="Driver"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-03-18 15:03 - 2017-03-18 15:01 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Users\Dohnovan\AppData\Local\Microsoft\WindowsApps;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\WindowsApps;%SYSTEMROOT%\System32\OpenSSH\

HKU\S-1-5-21-2108490749-413910539-1021375685-1003\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg

DNS Servers: 192.168.1.1

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )

Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKU\S-1-5-21-2108490749-413910539-1021375685-1003\...\StartupApproved\Run: => "Gyazo"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{ECA178D8-528C-4290-90CD-378DCDA874EF}C:\program files (x86)\black desert online\bin64\blackdesert64.exe] => (Allow) C:\program files (x86)\black desert online\bin64\blackdesert64.exe (PearlAbyss Corp. -> )

FirewallRules: [TCP Query User{9576E5A7-DF59-4818-86D2-34172E43C52C}C:\program files (x86)\black desert online\bin64\blackdesert64.exe] => (Allow) C:\program files (x86)\black desert online\bin64\blackdesert64.exe (PearlAbyss Corp. -> )

FirewallRules: [{FAAC4190-AAB5-476D-B457-425E1A0ABB84}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe (Bohemia Interactive a.s. -> Bohemia Interactive)

FirewallRules: [{7F0805B7-A355-4BD2-9551-ECD236EF4ABF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe (Bohemia Interactive a.s. -> Bohemia Interactive)

FirewallRules: [{8B20679D-6B13-4526-A9F9-DA769BDB75F4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Real Pool 3D\Poolians.exe () [File not signed]

FirewallRules: [{6194837C-5728-41B2-9102-A3C8FA70A4DD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Real Pool 3D\Poolians.exe () [File not signed]

FirewallRules: [{91D362F2-6951-4A68-8DC2-D0E277558CBF}] => (Allow) C:\Program Files (x86)\ArcheRage.to NA\Launcher.exe () [File not signed]

FirewallRules: [{D635A9A0-FBF0-4262-BAA6-8ED864813B1C}] => (Allow) C:\Users\Dohnovan\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)

FirewallRules: [{554FCCC7-DC36-4FC9-9E1B-41936F8A8C6C}] => (Allow) C:\Users\Dohnovan\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)

FirewallRules: [{C092A980-3B3D-445E-8A53-F98558DC7F4A}] => (Block) C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe (Bohemia Interactive a.s. -> Bohemia Interactive)

FirewallRules: [{2ABA4955-24BC-489B-B6C0-F302A4559430}] => (Block) C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe (Bohemia Interactive a.s. -> Bohemia Interactive)

FirewallRules: [UDP Query User{6A777D30-7E2F-4112-A21B-AAED9B1B008A}C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe (Bohemia Interactive a.s. -> Bohemia Interactive)

FirewallRules: [TCP Query User{2CB2887F-9C0A-4189-8115-989C649280E5}C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe (Bohemia Interactive a.s. -> Bohemia Interactive)

FirewallRules: [{F08B20B3-30A9-4064-AD0C-07262E42995E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe (Bethesda Softworks) [File not signed]

FirewallRules: [{EE461569-00C7-41B8-8472-BDEAC603A159}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe (Bethesda Softworks) [File not signed]

FirewallRules: [{1B80F6F2-8EF0-4212-9E1D-FB85B42C2FC9}] => (Block) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)

FirewallRules: [{232AE631-95E2-4FC8-9159-C5D8FBE9666B}] => (Block) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)

FirewallRules: [UDP Query User{E5ED1490-2A71-46E8-A4A0-2A43E7B0381F}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)

FirewallRules: [TCP Query User{43E4CB35-73BD-4E4F-86C3-2C20A6BC9EEF}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)

FirewallRules: [{E246DB11-0299-4E9E-BAF1-F9600C9E1E87}] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google Inc.)

FirewallRules: [{F01FBF58-567C-4C2D-9E09-69501E7126D0}] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google Inc.)

FirewallRules: [UDP Query User{0C6F481E-F930-4C76-AE5C-202166C80AE3}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google Inc.)

FirewallRules: [TCP Query User{3A8F03ED-1DF4-4EFC-AB24-470F3D8E2A04}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google Inc.)

FirewallRules: [{10AD0384-925B-4807-9B11-9F2438D13796}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File

FirewallRules: [{AC676D52-4BFD-48EF-8A10-52C4983F8D1A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File

FirewallRules: [{A73A6A68-3D6E-4ACB-BB1C-69891D2BC2E1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)

FirewallRules: [{D98FA1A5-1463-4F80-B944-62DCFE82B0DA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)

FirewallRules: [{B725E07C-1C34-4E68-908A-89765A5C9B38}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe (Rockstar Games, Inc. -> Rockstar Games)

FirewallRules: [{DF56E8B7-939E-45A2-B634-70256C0D8A9A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe (Rockstar Games, Inc. -> Rockstar Games)

FirewallRules: [{DF23A227-FB0F-4E83-B5A0-2C1A2EAD5C3E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)

FirewallRules: [{3C8F0CBE-B06C-4A4E-85AA-9FC708D18D21}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)

FirewallRules: [{D9992790-A135-4151-9A11-450FE8A931D0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)

FirewallRules: [{C12210A8-7499-47F0-8B4C-2E89010E95D9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)

FirewallRules: [{21FC1428-1EFB-47FF-BF78-DB5B1945382E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)

FirewallRules: [{A8E5B1A0-6D7D-4D9C-96E1-B72039726CC2}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)

FirewallRules: [{23907ADC-7EDC-4830-97BB-A7AFA8E43B29}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DDDA\DDDA.exe (Capcom U.S.A., Inc.) [File not signed]

FirewallRules: [{C0B1518B-2F82-479D-A6D7-67C6C8C57E81}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DDDA\DDDA.exe (Capcom U.S.A., Inc.) [File not signed]

FirewallRules: [{3D351B8C-C55C-4E63-8639-18CAD54C17A3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dishonored\Binaries\Win32\Dishonored.exe (Bethesda Softworks -> ZeniMax Media Inc.)

FirewallRules: [{F51AAC48-DBDB-4C61-8F51-A45DA1FA8EB5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dishonored\Binaries\Win32\Dishonored.exe (Bethesda Softworks -> ZeniMax Media Inc.)

FirewallRules: [{778DC5E1-C574-45F8-B392-C78E46DEBF4C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deus Ex Mankind Divided\retail\DXMD.exe () [File not signed]

FirewallRules: [{9D6CABF9-DFDA-4F3C-9AC8-6092BAA007E7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deus Ex Mankind Divided\retail\DXMD.exe () [File not signed]

FirewallRules: [TCP Query User{39B135F4-AD48-43A5-96AF-295CFAEEF2B6}C:\program files (x86)\steam\steamapps\common\killingfloor2\binaries\win64\kfgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\killingfloor2\binaries\win64\kfgame.exe (Tripwire Interactive, LLC.) [File not signed]

FirewallRules: [UDP Query User{E45FE399-9D56-4734-A53A-860B139CF28A}C:\program files (x86)\steam\steamapps\common\killingfloor2\binaries\win64\kfgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\killingfloor2\binaries\win64\kfgame.exe (Tripwire Interactive, LLC.) [File not signed]

FirewallRules: [{8D6BD339-6DB0-4B01-B064-950E1CB534FD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dishonored2\Dishonored2.exe (Arkane Studios) [File not signed]

FirewallRules: [{D37551E3-AE21-495A-90C1-0CE6907D3259}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dishonored2\Dishonored2.exe (Arkane Studios) [File not signed]

FirewallRules: [{9AAFDA42-99DA-4021-AFBD-28A2E46F344D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PlanetSide 2\LaunchPad.exe (Daybreak Game Company LLC -> Daybreak Game Company)

FirewallRules: [{BBA99857-C7B3-45B3-AC09-17B44883A3CC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PlanetSide 2\LaunchPad.exe (Daybreak Game Company LLC -> Daybreak Game Company)

FirewallRules: [{47CDB22F-7783-4CED-BF1C-D9ACDD81E0D3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe (Grinding Gear Games Limited -> )

FirewallRules: [{7F676C03-41AA-4617-AA13-BC0B88A05086}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe (Grinding Gear Games Limited -> )

FirewallRules: [{D1DCF785-EAFA-4E9B-A0A1-9D914B0B7030}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)

FirewallRules: [{F70CA5AD-3D9D-461C-9264-D1526D7C5774}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{F2E459D0-8C52-44F9-B805-AFDA263B500D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win64\PaladinsEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)

FirewallRules: [{AE0EC883-ECC1-4257-9241-1C9586835901}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win64\PaladinsEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)

FirewallRules: [TCP Query User{2C813A9F-F998-4D44-8B34-6963CF481A47}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe (Hirez Studios, Inc.) [File not signed]

FirewallRules: [UDP Query User{355EBCE9-2330-4B92-8E46-C7C76C402DA4}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe (Hirez Studios, Inc.) [File not signed]

FirewallRules: [TCP Query User{4F7CACBF-BBB5-428E-B6EE-D1163044D084}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Block) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe (Hirez Studios, Inc.) [File not signed]

FirewallRules: [UDP Query User{31B319D4-01B2-48FE-81A7-51110CE771B7}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Block) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe (Hirez Studios, Inc.) [File not signed]

FirewallRules: [{00294285-8DCB-4F6B-86D3-9A2070AFD3B3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe (Tripwire Interactive, LLC.) [File not signed]

FirewallRules: [{0AF8A769-4CF4-4EF8-8E53-1DE76E63E44A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe (Tripwire Interactive, LLC.) [File not signed]

==================== Restore Points =========================

04-06-2019 02:10:13 Scheduled Checkpoint

12-06-2019 06:34:50 Windows Update

19-06-2019 19:39:30 Scheduled Checkpoint

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:

==================

Error: (06/19/2019 03:58:23 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: The program PathOfExile_x64Steam.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 49f0

Start Time: 01d526e071a0d527

Termination Time: 1008

Application Path: C:\Program Files (x86)\Steam\steamapps\common\Path of Exile\PathOfExile_x64Steam.exe

Report Id: 91d2dacb-bdf8-4998-848c-aeff5114e1a0

Faulting package full name:

Faulting package-relative application ID:

Error: (06/14/2019 03:07:59 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: Razer Central.exe, version: 7.3.17.3987, time stamp: 0x5cf19f0d

Faulting module name: KERNELBASE.dll, version: 10.0.17134.799, time stamp: 0x0117c7be

Exception code: 0xe0434352

Fault offset: 0x00112c92

Faulting process id: 0x2ca0

Faulting application start time: 0x01d52290a247f656

Faulting application path: C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe

Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll

Report Id: 3a955f92-3dde-4b28-8f9a-145ca53f387e

Faulting package full name:

Faulting package-relative application ID:

Error: (06/14/2019 03:07:54 AM) (Source: .NET Runtime) (EventID: 1026) (User: )

Description: Application: Razer Central.exe

Framework Version: v4.0.30319

Description: The process was terminated due to an unhandled exception.

Exception Info: System.Runtime.Remoting.RemotingException

Server stack trace:

at System.Runtime.Remoting.Channels.Ipc.IpcPort.Connect(String portName, Boolean secure, TokenImpersonationLevel impersonationLevel, Int32 timeout)

at System.Runtime.Remoting.Channels.Ipc.ConnectionCache.GetConnection(String portName, Boolean secure, TokenImpersonationLevel level, Int32 timeout)

at System.Runtime.Remoting.Channels.Ipc.IpcClientTransportSink.ProcessMessage(IMessage msg, ITransportHeaders requestHeaders, Stream requestStream, ITransportHeaders& responseHeaders, Stream& responseStream)

at System.Runtime.Remoting.Channels.BinaryClientFormatterSink.SyncProcessMessage(IMessage msg)

at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(System.Runtime.Remoting.Messaging.IMessage, System.Runtime.Remoting.Messaging.IMessage)

at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(System.Runtime.Remoting.Proxies.MessageData ByRef, Int32)

at Microsoft.Shell.SingleInstance`1+IPCRemoteService[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].InvokeFirstInstance(System.Collections.Generic.IList`1<System.String>)

at Microsoft.Shell.SingleInstance`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].SignalFirstInstance(System.String, System.Collections.Generic.IList`1<System.String>)

at Microsoft.Shell.SingleInstance`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].InitializeAsFirstInstance(System.String)

at RazerCentralApp.App.Main()

Error: (06/14/2019 01:12:29 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: PathOfExile_x64Steam.exe, version: 0.0.0.0, time stamp: 0x5d02df86

Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000

Exception code: 0xc0000005

Fault offset: 0x0000000000002a78

Faulting process id: 0x23b8

Faulting application start time: 0x01d52266272c580c

Faulting application path: C:\Program Files (x86)\Steam\steamapps\common\Path of Exile\PathOfExile_x64Steam.exe

Faulting module path: unknown

Report Id: ad040836-2f13-4fde-8e01-2c91c449c5ed

Faulting package full name:

Faulting package-relative application ID:

Error: (06/13/2019 02:22:57 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: Razer Central.exe, version: 7.3.17.3987, time stamp: 0x5cf19f0d

Faulting module name: KERNELBASE.dll, version: 10.0.17134.799, time stamp: 0x0117c7be

Exception code: 0xe0434352

Fault offset: 0x00112c92

Faulting process id: 0x2ce8

Faulting application start time: 0x01d52225c56f6be4

Faulting application path: C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe

Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll

Report Id: a3ae7718-dc4b-489f-b9cb-6e225634ffc0

Faulting package full name:

Faulting package-relative application ID:

Error: (06/13/2019 02:22:54 PM) (Source: .NET Runtime) (EventID: 1026) (User: )

Description: Application: Razer Central.exe

Framework Version: v4.0.30319

Description: The process was terminated due to an unhandled exception.

Exception Info: System.Runtime.Remoting.RemotingException

Server stack trace:

at System.Runtime.Remoting.Channels.Ipc.IpcPort.Connect(String portName, Boolean secure, TokenImpersonationLevel impersonationLevel, Int32 timeout)

at System.Runtime.Remoting.Channels.Ipc.ConnectionCache.GetConnection(String portName, Boolean secure, TokenImpersonationLevel level, Int32 timeout)

at System.Runtime.Remoting.Channels.BinaryClientFormatterSink.SyncProcessMessage(IMessage msg)

at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(System.Runtime.Remoting.Messaging.IMessage, System.Runtime.Remoting.Messaging.IMessage)

at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(System.Runtime.Remoting.Proxies.MessageData ByRef, Int32)

at Microsoft.Shell.SingleInstance`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].InitializeAsFirstInstance(System.String)

at RazerCentralApp.App.Main()

Error: (06/12/2019 06:12:25 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: PathOfExile_x64Steam.exe, version: 0.0.0.0, time stamp: 0x5d003074

Faulting module name: PathOfExile_x64Steam.exe, version: 0.0.0.0, time stamp: 0x5d003074

Exception code: 0xc0000005

Fault offset: 0x0000000000961ca2

Faulting process id: 0x2e24

Faulting application start time: 0x01d5217a657de77c

Faulting application path: C:\Program Files (x86)\Steam\steamapps\common\Path of Exile\PathOfExile_x64Steam.exe

Faulting module path: C:\Program Files (x86)\Steam\steamapps\common\Path of Exile\PathOfExile_x64Steam.exe

Report Id: 1c1ab54a-3ed0-4ada-9f09-78f0bd65d9a5

Faulting package full name:

Faulting package-relative application ID:

Error: (06/12/2019 05:17:44 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: Razer Central.exe, version: 7.3.17.3987, time stamp: 0x5cf19f0d

Faulting module name: KERNELBASE.dll, version: 10.0.17134.799, time stamp: 0x0117c7be

Exception code: 0xe0434352

Fault offset: 0x00112c92

Faulting process id: 0x2d5c

Faulting application start time: 0x01d5217501c6bda0

Faulting application path: C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe

Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll

Report Id: 8b71b818-de8d-4ed8-a443-b8ef13437b7f

Faulting package full name:

Faulting package-relative application ID:

System errors:

=============

Error: (06/19/2019 07:40:01 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-LBHF8BQ)