Hi, my PC has been running really slow recently and I think I have some sort of malware on it, hope you can help thanks.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 3-07-2019
Ran by Home (administrator) on CALLUMS (MSI MS-7920) (08-07-2019 01:28:04)
Running from C:\Users\Home\Desktop
Loaded Profiles: Home (Available Profiles: Home)
Platform: Windows 10 Pro Version 1809 17763.557 (X64) Language: English (United Kingdom)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19061.410.0_x64__8wekyb3d8bbwe\YourPhone.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Discord Inc. -> Discord Inc.) C:\Users\Home\AppData\Local\Discord\app-0.0.305\Discord.exe
(Discord Inc. -> Discord Inc.) C:\Users\Home\AppData\Local\Discord\app-0.0.305\Discord.exe
(Discord Inc. -> Discord Inc.) C:\Users\Home\AppData\Local\Discord\app-0.0.305\Discord.exe
(Discord Inc. -> Discord Inc.) C:\Users\Home\AppData\Local\Discord\app-0.0.305\Discord.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel® Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1905.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1905.4-0\NisSrv.exe
(Nota Inc. -> Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.131.0.15\OverwolfHelper.exe
(Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.131.0.15\OverwolfHelper64.exe
(Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\Teamspeak\OverwolfTSHelper.exe
(Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Overwolf\0.131.0.15\OverwolfBrowser.exe
(Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Overwolf\0.131.0.15\OverwolfBrowser.exe
(Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(TeamSpeak Systems GmbH -> TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Windscribe Limited -> Windscribe Limited) C:\Program Files (x86)\Windscribe\WindscribeService.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645456 2019-04-01] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [598200 2019-06-12] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-2596707385-3445154772-733900174-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3148576 2019-06-18] (Valve -> Valve Corporation)
HKU\S-1-5-21-2596707385-3445154772-733900174-1001\...\Run: [Discord] => C:\Users\Home\AppData\Local\Discord\app-0.0.305\Discord.exe [81780056 2019-03-07] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-2596707385-3445154772-733900174-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [911752 2019-06-19] (Nota Inc. -> Nota Inc.)
HKU\S-1-5-21-2596707385-3445154772-733900174-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1668424 2019-06-24] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-2596707385-3445154772-733900174-1001\...\Run: [Windscribe] => C:\Program Files (x86)\Windscribe\Windscribe.exe [11405416 2017-11-12] (Windscribe Limited -> Windscribe Limited)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.100\Installer\chrmstp.exe [2019-06-20] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1F37DEDA-5315-432E-9CAC-93069943245E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-24] (Google Inc -> Google Inc.)
Task: {2FE31B66-6912-4156-99DD-F27A8B5DCC25} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-02-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {40114E21-DE9F-4B74-9C59-9CB047D835CB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MpCmdRun.exe [469960 2019-06-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4EF5C0AE-D0A7-4245-ACED-1CDF06A86987} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-02-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {508FEE9C-9A2B-419D-93C4-E000E7033E20} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [6785448 2019-06-19] (Nota Inc. -> Nota Inc.)
Task: {5382B0EA-9FBB-4947-A52A-D42169125AE8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MpCmdRun.exe [469960 2019-06-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7CDE1B1D-849D-4E4C-B635-FB7D0B0933F7} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130296 2019-05-22] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {88C83DA7-D13C-4C45-8061-9D5F04E06B80} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [6785448 2019-06-19] (Nota Inc. -> Nota Inc.)
Task: {8D73535D-C24B-405C-8980-48160CF7D4DD} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3787304 2019-05-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8D8FCD6A-20C0-4B71-B24A-4C1D1CB412FE} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [899056 2019-05-22] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9171C1B8-C85E-434B-9A8F-D4261181672A} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130296 2019-05-22] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {959DC294-EB0E-4AE0-B26B-3570181D0ED0} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130296 2019-05-22] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A3E0460F-DA7E-4EDC-AAEB-9DF4244509F3} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [899056 2019-05-22] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A438C6E5-76EB-43F6-AD39-5A4A7A584E6C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MpCmdRun.exe [469960 2019-06-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B170144D-4F3C-4E81-B82C-A07925A2943E} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [648504 2019-05-22] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D1D39C78-B5E6-465F-BB42-5FE1B9B59435} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130296 2019-05-22] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DDEB3422-120F-426E-B19E-0FABB2681CA4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MpCmdRun.exe [469960 2019-06-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E720A52D-6D3B-4348-A559-C20D0FA72372} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-24] (Google Inc -> Google Inc.)
Task: {F1C08748-9AFF-44A7-BD88-71469F958B5D} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2436936 2019-06-24] (Overwolf Ltd -> Overwolf LTD)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{3806f479-5756-4c30-83ca-c5aaf8cf6b93}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{6c99ecdd-07cf-4e46-8dd7-456bef01d7af}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{f540952d-191e-4fc0-881d-bb6287726dc3}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\ssv.dll [2019-05-29] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\jp2ssv.dll [2019-05-29] (Oracle America, Inc. -> Oracle Corporation)
FireFox:
========
FF Plugin-x32: @java.com/DTPlugin,version=11.211.2 -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\dtplugin\npDeployJava1.dll [2019-05-29] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.211.2 -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\plugin2\npjp2.dll [2019-05-29] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default [2019-07-08]
CHR Extension: (Slides) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-03-24]
CHR Extension: (Adblocker for Chrome - NoAds) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\alplpnakfeabeiebipdmaenpmbgknjce [2019-05-09]
CHR Extension: (Docs) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-03-24]
CHR Extension: (Google Drive) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-03-24]
CHR Extension: (YouTube) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-03-24]
CHR Extension: (Sheets) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-03-24]
CHR Extension: (Google Docs Offline) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-03-24]
CHR Extension: (Black red shards) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpjlkkaalgfbbegfnjoclhfidancjpch [2019-03-24]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-03-24]
CHR Extension: (Gmail) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-23]
CHR Extension: (Chrome Media Router) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-20]
CHR Profile: C:\Users\Home\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-04-03]
CHR Profile: C:\Users\Home\AppData\Local\Google\Chrome\User Data\System Profile [2019-04-03]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8457232 2019-06-24] (BattlEye Innovations e.K. -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [777856 2019-05-20] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [541896 2018-05-10] (Intel® Wireless Connectivity Solutions -> Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-02-27] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-02-27] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2436936 2019-06-24] (Overwolf Ltd -> Overwolf LTD)
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [439936 2018-01-10] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [943232 2018-01-10] (Razer USA Ltd. -> Razer Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5382448 2019-05-21] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11814232 2019-06-05] (TeamViewer GmbH -> TeamViewer GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\NisSrv.exe [2433136 2019-06-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MsMpEng.exe [109896 2019-06-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WindscribeService; C:\Program Files (x86)\Windscribe\WindscribeService.exe [442472 2017-11-12] (Windscribe Limited -> Windscribe Limited)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-04-26] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-04-26] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R3 CMUSBDAC; C:\WINDOWS\system32\DRIVERS\CMUSBDAC.sys [3792904 2016-11-30] (Microsoft Windows Hardware Compatibility Publisher -> C-MEDIA)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [136720 2018-05-10] (Intel® Wireless Connectivity Solutions -> Intel Corporation)
S3 ISCT; C:\WINDOWS\System32\drivers\ISCTD64.sys [47008 2016-07-26] (Intel® Smart Connect software -> )
R3 KillerEth; C:\WINDOWS\System32\drivers\e2xw10x64.sys [145920 2018-09-15] (Microsoft Windows -> Qualcomm Atheros, Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [199768 2019-07-08] (Malwarebytes Corporation -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [224408 2019-07-08] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73584 2019-07-08] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [275232 2019-07-08] (Malwarebytes Corporation -> Malwarebytes)
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3485696 2018-09-15] (Microsoft Windows -> Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_4aa19ae78d94d8a3\nvlddmkm.sys [20706184 2019-02-01] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-05-10] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [75600 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
S3 RtlWlanu; C:\WINDOWS\System32\drivers\rtwlanu.sys [8206848 2018-09-15] (Microsoft Windows -> Realtek Semiconductor Corporation )
S3 rzbtendpt; C:\WINDOWS\System32\drivers\rzbtendpt.sys [52240 2016-10-30] (Razer USA Ltd. -> Razer Inc)
R3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [49544 2018-09-13] (Razer USA Ltd. -> Razer Inc)
S3 rzdaendpt; C:\WINDOWS\System32\drivers\rzdaendpt.sys [42000 2016-10-30] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_005c; C:\WINDOWS\System32\drivers\RzDev_005c.sys [51696 2018-04-22] (Razer USA Ltd. -> Razer Inc)
S3 rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [52240 2016-10-30] (Razer USA Ltd. -> Razer Inc)
S3 rzhnet; C:\WINDOWS\System32\Drivers\rzhnet.sys [29712 2016-10-30] (Razer USA Ltd. -> Razer Inc)
S3 rzjstk; C:\WINDOWS\System32\drivers\rzjstk.sys [36376 2016-10-30] (Razer USA Ltd. -> Razer Inc)
S3 rzkeypadendpt; C:\WINDOWS\System32\drivers\rzkeypadendpt.sys [45592 2016-10-30] (Razer USA Ltd. -> Razer Inc)
S3 rzmpos; C:\WINDOWS\System32\drivers\rzmpos.sys [48144 2016-10-30] (Razer USA Ltd. -> Razer Inc)
S3 rzp1endpt; C:\WINDOWS\System32\drivers\rzp1endpt.sys [52240 2016-10-30] (Razer USA Ltd. -> Razer Inc)
S3 rzvkeyboard; C:\WINDOWS\System32\drivers\rzvkeyboard.sys [44048 2016-10-30] (Razer USA Ltd. -> Razer Inc)
S3 rzvmouse; C:\WINDOWS\System32\drivers\rzvmouse.sys [44048 2016-10-30] (Razer USA Ltd. -> Razer Inc)
S3 sshid; C:\WINDOWS\System32\drivers\sshid.sys [52952 2016-10-03] (SteelSeries ApS -> SteelSeries ApS)
R3 tapwindscribe0901; C:\WINDOWS\System32\drivers\tapwindscribe0901.sys [54896 2017-09-13] (Windscribe Limited -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [47496 2019-06-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [337632 2019-06-04] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2019-06-04] (Microsoft Windows -> Microsoft Corporation)
R3 XtuAcpiDriver; C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys [63840 2015-06-06] (Intel® Software -> Intel Corporation)
S3 BEDaisy; \??\C:\Program Files (x86)\Common Files\BattlEye\BEDaisy.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-07-08 01:28 - 2019-07-08 01:28 - 000024859 _____ C:\Users\Home\Desktop\FRST.txt
2019-07-08 01:27 - 2019-07-08 01:28 - 000000000 ____D C:\FRST
2019-07-08 01:27 - 2019-07-08 01:27 - 002420224 _____ (Farbar) C:\Users\Home\Desktop\FRST64.exe
2019-07-08 01:20 - 2019-07-08 01:20 - 000000017 _____ C:\Users\Home\AppData\Local\resmon.resmoncfg
2019-07-08 01:14 - 2019-07-08 01:14 - 000000000 ____D C:\Users\Home\AppData\Local\mbam
2019-07-08 01:13 - 2019-07-08 01:13 - 022871808 _____ (TeamViewer GmbH) C:\Users\Home\Downloads\TeamViewer_Setup (4).exe
2019-07-08 01:13 - 2019-07-08 01:13 - 000001112 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 14.lnk
2019-07-08 01:13 - 2019-07-08 01:13 - 000001100 _____ C:\Users\Public\Desktop\TeamViewer 14.lnk
2019-07-08 01:12 - 2019-07-08 01:23 - 000275232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-07-08 01:12 - 2019-07-08 01:23 - 000073584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2019-07-08 01:12 - 2019-07-08 01:12 - 000224408 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2019-07-08 01:12 - 2019-07-08 01:12 - 000199768 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-07-08 01:12 - 2019-07-08 01:12 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-07-08 01:12 - 2019-07-08 01:12 - 000000000 ____D C:\Users\Home\AppData\Local\mbamtray
2019-07-08 01:12 - 2019-07-08 01:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-07-08 01:12 - 2019-07-08 01:12 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-07-08 01:12 - 2019-07-08 01:12 - 000000000 ____D C:\Program Files\Malwarebytes
2019-07-08 01:12 - 2019-06-26 13:00 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-07-08 01:12 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-07-08 01:11 - 2019-07-08 01:11 - 064455440 _____ (Malwarebytes ) C:\Users\Home\Downloads\mb3-setup-consumer-3.8.3.2965-1.0.613-1.0.11438.exe
2019-07-06 03:17 - 2019-07-06 03:17 - 006636796 _____ C:\Users\Home\Downloads\rpsoundboard1810_5d0667abeda4a.ts3_plugin
2019-07-06 03:15 - 2019-07-06 03:15 - 088027400 _____ (TeamSpeak Systems GmbH) C:\Users\Home\Downloads\TeamSpeak3-Client-win64-3.3.0 (1).exe
2019-06-26 22:58 - 2019-06-26 22:58 - 000073885 _____ C:\Users\Home\Downloads\TS3MassMover-v06123_5d07b4de21a0d.ts3_plugin
2019-06-26 00:16 - 2019-06-26 00:16 - 000000000 ____D C:\Users\Home\Downloads\Xray+Ultimate+1.12+v2.2.1
2019-06-24 22:26 - 2019-06-24 22:26 - 027035616 _____ (Razer Inc.) C:\Users\Home\Downloads\Razer_Synapse_Installer_v2.21.21.1 (5).exe
2019-06-24 22:25 - 2019-06-24 22:25 - 000000000 ____D C:\Program Files\Razer Chroma SDK
2019-06-24 22:25 - 2019-06-24 22:25 - 000000000 ____D C:\Program Files (x86)\Razer Chroma SDK
2019-06-24 22:22 - 2019-06-24 22:22 - 027035616 _____ (Razer Inc.) C:\Users\Home\Downloads\Razer_Synapse_Installer_v2.21.21.1 (4).exe
2019-06-23 22:10 - 2019-06-23 22:10 - 000001140 _____ C:\Users\Public\Desktop\Windscribe.lnk
2019-06-23 22:10 - 2019-06-23 22:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windscribe
2019-06-23 22:09 - 2019-06-24 01:32 - 000000000 ____D C:\Program Files (x86)\Windscribe
2019-06-20 16:39 - 2019-06-20 16:39 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat
2019-06-19 14:08 - 2019-06-19 14:08 - 000001066 _____ C:\Users\Public\Desktop\Gyazo Replay.lnk
2019-06-19 02:45 - 2019-06-28 13:37 - 000000000 ____D C:\Program Files (x86)\Overwolf
2019-06-19 02:45 - 2019-06-19 04:15 - 000000000 ____D C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2019-06-19 02:45 - 2019-06-19 02:45 - 000004382 _____ C:\WINDOWS\System32\Tasks\Overwolf Updater Task
2019-06-19 02:45 - 2019-06-19 02:45 - 000001178 _____ C:\Users\Public\Desktop\Overwolf.lnk
2019-06-19 02:44 - 2019-07-08 01:24 - 000000000 ____D C:\Users\Home\AppData\Local\Overwolf
2019-06-19 02:44 - 2019-06-19 02:45 - 000000000 ____D C:\ProgramData\Overwolf
2019-06-19 02:43 - 2019-06-19 02:43 - 088027400 _____ (TeamSpeak Systems GmbH) C:\Users\Home\Downloads\TeamSpeak3-Client-win64-3.3.0.exe
2019-06-19 02:43 - 2019-06-19 02:43 - 000001008 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2019-06-19 02:43 - 2019-06-19 02:43 - 000000970 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk
2019-06-19 02:43 - 2019-06-19 02:43 - 000000000 ____D C:\Program Files\UNP
2019-06-17 03:01 - 2019-06-17 03:01 - 007576808 _____ C:\Users\Home\Documents\Untitled.aa3
2019-06-17 03:01 - 2019-06-17 03:01 - 002350176 _____ C:\Users\Home\Documents\AAAAAAAAAAAAAAAAAAAAAD.aa3
2019-06-17 03:01 - 2019-06-17 03:01 - 000000098 _____ C:\Users\Home\Documents\AAAAAAAAAAAAAAAAAAAAAD.aa3.sfl
2019-06-17 03:01 - 2019-06-17 03:01 - 000000084 _____ C:\Users\Home\Documents\Untitled.aa3.sfl
2019-06-13 17:58 - 2019-06-13 17:58 - 001993528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 026808320 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 023438336 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 022114960 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 020816384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 018999296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 017484800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 015221248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 012869120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 012162048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 009682744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-06-12 17:53 - 2019-06-12 17:53 - 007884288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 007875072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 007724992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 007687576 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 007645392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 006926336 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 006547144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 006441472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 006309256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 006068224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 005764608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 005588184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 005297152 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 005210904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 005112792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 005086208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 004997096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 004883968 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 004661760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 004627456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 004588544 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-06-12 17:53 - 2019-06-12 17:53 - 003983872 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 003906560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 003743744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 003637248 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-06-12 17:53 - 2019-06-12 17:53 - 003426816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 003385344 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 003363640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-06-12 17:53 - 2019-06-12 17:53 - 003344896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 003270144 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 003091968 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 002999808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 002928640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 002926096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-06-12 17:53 - 2019-06-12 17:53 - 002777736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 002707968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-06-12 17:53 - 2019-06-12 17:53 - 002690048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 002653696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 002638336 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2019-06-12 17:53 - 2019-06-12 17:53 - 002627600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-06-12 17:53 - 2019-06-12 17:53 - 002469440 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 002422272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-06-12 17:53 - 2019-06-12 17:53 - 002323696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 002276192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 002189312 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 002096128 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2019-06-12 17:53 - 2019-06-12 17:53 - 002085168 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 002017280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2019-06-12 17:53 - 2019-06-12 17:53 - 001929216 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 001903616 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 001899160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 001860608 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 001860096 ____R (The ICU Project) C:\WINDOWS\system32\icuin.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 001761280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 001750016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 001701888 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 001700312 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-06-12 17:53 - 2019-06-12 17:53 - 001670840 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 001644544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 001618944 ____R (The ICU Project) C:\WINDOWS\SysWOW64\icuin.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 001616384 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 001605120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 001485312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 001483872 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 001471040 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-06-12 17:53 - 2019-06-12 17:53 - 001466496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 001462272 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 001387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 001342904 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-06-12 17:53 - 2019-06-12 17:53 - 001331536 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 001315328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 001309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 001298952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 001260048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-06-12 17:53 - 2019-06-12 17:53 - 001256448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 001255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 001254912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 001253688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-06-12 17:53 - 2019-06-12 17:53 - 001229824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2019-06-12 17:53 - 2019-06-12 17:53 - 001223168 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloSI.PCShell.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 001219424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 001180184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-06-12 17:53 - 2019-06-12 17:53 - 001098136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 001072640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 001054712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-06-12 17:53 - 2019-06-12 17:53 - 001048592 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-06-12 17:53 - 2019-06-12 17:53 - 001032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 001005056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000998912 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000927744 _____ (Microsoft Corporation) C:\WINDOWS\system32\assignedaccessmanagersvc.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000924160 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000898048 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000887808 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000863544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-06-12 17:53 - 2019-06-12 17:53 - 000853504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000850760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000833024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000804352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000791040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000773632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000769536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2019-06-12 17:53 - 2019-06-12 17:53 - 000758688 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-06-12 17:53 - 2019-06-12 17:53 - 000756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000752144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2019-06-12 17:53 - 2019-06-12 17:53 - 000749568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000730592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-06-12 17:53 - 2019-06-12 17:53 - 000699392 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000676048 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000651576 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-06-12 17:53 - 2019-06-12 17:53 - 000651064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-06-12 17:53 - 2019-06-12 17:53 - 000618496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessManager.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000615440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2019-06-12 17:53 - 2019-06-12 17:53 - 000604344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-06-12 17:53 - 2019-06-12 17:53 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000586040 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000555232 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000553664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-06-12 17:53 - 2019-06-12 17:53 - 000540720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000522752 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000515152 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000513904 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000506192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000495616 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000478720 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000474936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2019-06-12 17:53 - 2019-06-12 17:53 - 000462136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000451104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000430904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2019-06-12 17:53 - 2019-06-12 17:53 - 000427688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000424960 _____ (Microsoft Corporation) C:\WINDOWS\system32\SDDS.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000419368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmicmiplugin.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000404792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2019-06-12 17:53 - 2019-06-12 17:53 - 000398848 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000398208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000389120 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingASDS.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000386576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000375544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2019-06-12 17:53 - 2019-06-12 17:53 - 000375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\esentutl.exe
2019-06-12 17:53 - 2019-06-12 17:53 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskcomp.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-06-12 17:53 - 2019-06-12 17:53 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000351744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000351232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000345600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esentutl.exe
2019-06-12 17:53 - 2019-06-12 17:53 - 000311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000292664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2019-06-12 17:53 - 2019-06-12 17:53 - 000287912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2019-06-12 17:53 - 2019-06-12 17:53 - 000282424 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000262160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2019-06-12 17:53 - 2019-06-12 17:53 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000247608 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000244224 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpnServiceDS.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000240128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2019-06-12 17:53 - 2019-06-12 17:53 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2019-06-12 17:53 - 2019-06-12 17:53 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdigest.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000196920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-06-12 17:53 - 2019-06-12 17:53 - 000195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSrv.exe
2019-06-12 17:53 - 2019-06-12 17:53 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000156984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000152896 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000152400 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000137056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000125528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000122680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000114648 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000101176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingFilterDS.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000091424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CompPkgSup.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys
2019-06-12 17:53 - 2019-06-12 17:53 - 000090424 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000087864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000080400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-06-12 17:53 - 2019-06-12 17:53 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2019-06-12 17:53 - 2019-06-12 17:53 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessRuntime.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2019-06-12 17:53 - 2019-06-12 17:53 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AssignedAccessRuntime.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryCore.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-06-12 17:53 - 2019-06-12 17:53 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-06-12 17:53 - 2019-06-12 17:53 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-06-12 17:53 - 2019-06-12 17:53 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-06-12 17:53 - 2019-06-12 17:53 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-06-12 17:53 - 2019-06-12 17:53 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-06-12 17:53 - 2019-06-12 17:53 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-06-12 17:53 - 2019-06-12 17:53 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-06-12 17:53 - 2019-06-12 17:53 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2019-06-10 16:09 - 2019-06-10 16:09 - 000000000 ____D C:\Users\Home\Documents\My Games
2019-06-10 15:22 - 2019-06-10 15:22 - 000000221 _____ C:\Users\Home\Desktop\Borderlands 2.url
2019-06-09 04:35 - 2019-05-24 06:43 - 000590594 _____ C:\Users\Home\Downloads\JOHN_SMITH_LEGACY_CHANGELOG.txt
2019-06-09 04:35 - 2019-04-28 08:50 - 000000000 ____D C:\Users\Home\Downloads\assets
2019-06-09 04:35 - 2019-04-24 05:47 - 000000153 _____ C:\Users\Home\Downloads\pack.mcmeta
2019-06-09 04:35 - 2019-02-14 07:05 - 000002596 _____ C:\Users\Home\Downloads\__READ ME.txt
2019-06-09 04:35 - 2018-07-17 19:21 - 000000000 ____D C:\Users\Home\Downloads\helper_files
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-07-08 01:25 - 2019-04-19 00:59 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-07-08 01:25 - 2019-03-24 20:39 - 000000000 ____D C:\ProgramData\NVIDIA
2019-07-08 01:24 - 2019-04-05 00:11 - 000000000 ____D C:\Users\Home\AppData\Roaming\discord
2019-07-08 01:24 - 2019-03-24 20:48 - 000000000 ____D C:\Program Files (x86)\Steam
2019-07-08 01:24 - 2019-03-24 20:44 - 000000000 ____D C:\Users\Home\AppData\Roaming\TS3Client
2019-07-08 01:23 - 2019-05-21 09:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-07-08 01:23 - 2019-05-21 09:42 - 000266728 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-07-08 01:23 - 2019-05-21 09:42 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-07-08 01:23 - 2018-09-15 08:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-07-08 01:12 - 2018-09-15 08:33 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-07-08 01:11 - 2019-05-21 09:50 - 000795988 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-07-08 01:11 - 2018-09-15 08:31 - 000000000 ____D C:\WINDOWS\INF
2019-07-08 01:10 - 2019-05-27 20:51 - 000004148 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{5157220B-FBA4-44DF-A766-9C9804211B78}
2019-07-06 06:58 - 2019-04-05 00:02 - 000000000 ____D C:\Users\Home\AppData\Local\Arma 3 Launcher
2019-07-06 05:06 - 2019-04-05 00:02 - 000000000 ____D C:\Users\Home\AppData\Local\Arma 3
2019-07-05 23:15 - 2017-12-26 02:39 - 000000000 ____D C:\Users\Home\Documents\Arma 3 - Other Profiles
2019-07-05 23:11 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-07-04 15:55 - 2019-05-21 09:43 - 000000000 ____D C:\Users\Home
2019-06-30 17:34 - 2019-05-30 23:06 - 000000000 ____D C:\Users\Home\AppData\Roaming\.minecraft
2019-06-30 01:36 - 2018-09-15 07:09 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-06-29 19:15 - 2019-04-06 23:30 - 000000000 ____D C:\Users\Home\AppData\Local\CrashDumps
2019-06-29 14:26 - 2018-09-15 08:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-06-26 00:15 - 2019-05-30 23:06 - 000000000 ____D C:\Program Files (x86)\Minecraft
2019-06-25 23:44 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-06-24 22:25 - 2019-03-24 20:35 - 000000000 ____D C:\Program Files (x86)\Razer
2019-06-24 22:24 - 2019-04-29 21:53 - 000000000 ____D C:\Users\Home\AppData\Local\Razer
2019-06-24 22:24 - 2018-12-26 02:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2019-06-21 03:51 - 2019-04-05 15:32 - 000000000 ____D C:\Users\Home\AppData\Local\D3DSCache
2019-06-20 17:59 - 2018-09-15 08:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-06-20 00:03 - 2019-03-24 20:46 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-06-20 00:03 - 2019-03-24 20:46 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-06-19 14:08 - 2019-05-21 09:45 - 000003508 _____ C:\WINDOWS\System32\Tasks\GyazoUpdateTaskMachineDaily
2019-06-19 14:08 - 2019-05-21 09:45 - 000003372 _____ C:\WINDOWS\System32\Tasks\GyazoUpdateTaskMachine
2019-06-19 14:08 - 2019-04-05 00:53 - 000000000 ____D C:\Program Files (x86)\Gyazo
2019-06-19 14:08 - 2017-12-28 09:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gyazo
2019-06-19 02:43 - 2019-03-24 20:44 - 000000000 ____D C:\Program Files\TeamSpeak 3 Client
2019-06-17 19:37 - 2019-02-10 16:24 - 000000222 _____ C:\Users\Home\Desktop\Arma 3.url
2019-06-17 03:05 - 2018-04-09 03:48 - 057678705 _____ C:\Users\Home\Documents\Untitled.mp4
2019-06-17 03:03 - 2019-05-30 13:56 - 000017328 _____ C:\Users\Home\Documents\Untitled.veg
2019-06-17 03:02 - 2019-05-30 13:56 - 000017328 _____ C:\Users\Home\Documents\Untitled.veg.bak
2019-06-14 15:34 - 2019-06-03 23:08 - 000000000 ____D C:\Program Files (x86)\A3Launcher
2019-06-13 19:06 - 2019-05-29 15:33 - 000000000 ____D C:\Program Files (x86)\ArmA3Sync
2019-06-13 19:06 - 2018-02-13 19:45 - 000000000 ____D C:\Users\Home\.junique
2019-06-13 19:00 - 2018-05-13 15:53 - 000000000 ____D C:\Users\Home\Documents\mods
2019-06-13 16:58 - 2017-10-22 09:14 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-06-13 16:58 - 2017-10-22 09:14 - 000000000 ___RD C:\Users\Home\3D Objects
2019-06-13 16:57 - 2018-09-15 08:33 - 000000000 ___RD C:\Program Files\Windows Defender
2019-06-13 16:57 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\migwiz
2019-06-13 16:57 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-06-12 17:49 - 2019-03-25 16:16 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-06-12 17:48 - 2019-03-25 16:16 - 135349160 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-06-10 15:22 - 2017-12-24 19:20 - 000000000 ____D C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2019-06-08 15:14 - 2019-01-03 03:59 - 000000306 _____ C:\Users\Home\Desktop\ban evading account.txt
==================== Files in the root of some directories ================
2019-07-08 01:20 - 2019-07-08 01:20 - 000000017 _____ () C:\Users\Home\AppData\Local\resmon.resmoncfg
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ============================
addition
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 3-07-2019
Ran by Home (08-07-2019 01:30:19)
Running from C:\Users\Home\Desktop
Windows 10 Pro Version 1809 17763.557 (X64) (2019-05-21 08:45:44)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2596707385-3445154772-733900174-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2596707385-3445154772-733900174-503 - Limited - Disabled)
Guest (S-1-5-21-2596707385-3445154772-733900174-501 - Limited - Disabled)
Home (S-1-5-21-2596707385-3445154772-733900174-1001 - Administrator - Enabled) => C:\Users\Home
WDAGUtilityAccount (S-1-5-21-2596707385-3445154772-733900174-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
A3Launcher version 0.1.6.1 (HKLM-x32\...\{1E29A86E-9AE2-4CD8-74C8-6B170ED3C4D2}_is1) (Version: 0.1.6.1 - Maca134)
ArmA3Sync 1.6.97 (HKLM-x32\...\{F097E7D7-D093-4394-9EED-43AFCCD12B7A}_is1) (Version: 1.6.97 - The [S.o.E] team)
AutoHotkey 1.1.30.03 (HKLM\...\AutoHotkey) (Version: 1.1.30.03 - Lexikos)
Call of Duty Black Ops 4 (HKLM-x32\...\Call of Duty Black Ops 4) (Version: - Blizzard Entertainment)
Discord (HKU\S-1-5-21-2596707385-3445154772-733900174-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
Game Summary (HKU\S-1-5-21-2596707385-3445154772-733900174-1001\...\Overwolf_nafihghfcpikebhfhdhljejkcifgbdahdhngepfb) (Version: 203.6.1 - Overwolf app)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.100 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Gyazo 3.6.2.0 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc.)
Java 8 Update 211 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180211F0}) (Version: 8.0.2110.12 - Oracle Corporation)
Malwarebytes version 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{2D1ED4EA-B59D-4665-ACB3-9325872A300D}) (Version: 1.0.4.0 - Mojang)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.15 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.19.0.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.19.0.94 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 23.1.0 - OBS Project)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.131.0.15 - Overwolf Ltd.)
Popcorn-Time (HKU\S-1-5-21-2596707385-3445154772-733900174-1001\...\Popcorn-Time) (Version: 0.3.10 - Popcorn Time)
Razer Chroma SDK Core Components (HKLM-x32\...\Razer Chroma SDK) (Version: 2.10.0 - Razer Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.21.23.1 - Razer Inc.)
Sennheiser Audio (HKLM\...\Sennheiser Game Dongle) (Version: 1.31.35.10 - Sennheiser)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Streamlabs OBS 0.14.0 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.14.0 - General Workings, Inc.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.14.1 - Synaptics Incorporated)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.3.0 - TeamSpeak Systems GmbH)
TeamSpeak Overlay (HKU\S-1-5-21-2596707385-3445154772-733900174-1001\...\Overwolf_jnabojaampcpfclojlbildognlnebnhfhibiielh) (Version: 1.0.0.2 - Overwolf app)
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.3.4730 - TeamViewer)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C3ACFCEA-240F-4DCC-A0C3-DD55FEE6C3C2}) (Version: 2.58.0.0 - Microsoft Corporation)
VEGAS Pro 14.0 (64-bit) (HKLM\...\{4C79D80F-79F9-11E6-8402-BB95F5A309BD}) (Version: 14.0.161 - VEGAS)
Windscribe (HKLM-x32\...\{fa690e90-ddb0-4f0c-b3f1-136c084e5fc7}_is1) (Version: 1.80 Build 33 - Windscribe Limited)
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
Packages:
=========
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_2.4.521.0_x64__rz1tebttyb220 [2019-05-21] (Dolby Laboratories)
Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20174.0_x64__8wekyb3d8bbwe [2019-05-30] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-03-24] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-03-24] (Microsoft Corporation) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.28.10351.0_x64__8wekyb3d8bbwe [2019-03-24] (Microsoft Corporation) [MS Ad]
Photos Add-on -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2019-05-17] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2596707385-3445154772-733900174-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Home\AppData\Local\Microsoft\OneDrive\19.062.0331.0006\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-2596707385-3445154772-733900174-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Home\AppData\Local\Microsoft\OneDrive\19.062.0331.0006\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-2596707385-3445154772-733900174-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Home\AppData\Local\Microsoft\OneDrive\19.062.0331.0006\amd64\FileSyncShell64.dll => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Home\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\76f9e4d33b60b312\Popcorn-Time.lnk -> C:\Users\Home\AppData\Local\Popcorn-Time\Popcorn-Time.exe (The NWJS Community) -> --user-data-dir="C:\Users\Home\AppData\Local\Popcorn-Time\User Data" --profile-directory=Default --app-id=hecfofbbdfadifpemejbbdcjmfmboohj
==================== Loaded Modules (Whitelisted) ==============
2019-04-09 09:21 - 2019-04-09 09:21 - 000018432 _____ () [File not signed] C:\Program Files\TeamSpeak 3 Client\libEGL.DLL
2019-04-09 09:21 - 2019-04-09 09:21 - 003572224 _____ () [File not signed] C:\Program Files\TeamSpeak 3 Client\libGLESv2.dll
2019-03-24 20:44 - 2019-06-19 02:44 - 000157696 _____ () [File not signed] C:\Users\Home\AppData\Roaming\TS3Client\plugins\gamepad_joystick_win64.dll
2019-04-06 23:18 - 2019-04-06 23:18 - 000050176 _____ () [File not signed] C:\Users\Home\AppData\Roaming\TS3Client\plugins\Pokebotx64.dll
2019-04-05 19:16 - 2019-07-06 03:17 - 006737920 _____ () [File not signed] C:\Users\Home\AppData\Roaming\TS3Client\plugins\rp_soundboard_win64.dll
2019-05-26 18:25 - 2019-06-26 22:58 - 000109568 _____ () [File not signed] C:\Users\Home\AppData\Roaming\TS3Client\plugins\TS3MassMover_win64.dll
2019-04-10 17:30 - 2019-04-10 17:30 - 000035328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\TeamSpeak 3 Client\iconengines\qsvgicon.dll
2019-04-09 09:28 - 2019-04-09 09:28 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\TeamSpeak 3 Client\imageformats\qgif.dll
2019-04-09 09:29 - 2019-04-09 09:29 - 000397312 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\TeamSpeak 3 Client\imageformats\qjpeg.dll
2019-04-10 17:29 - 2019-04-10 17:29 - 000025600 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\TeamSpeak 3 Client\imageformats\qsvg.dll
2019-04-09 09:30 - 2019-04-09 09:30 - 001453568 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\TeamSpeak 3 Client\platforms\qwindows.dll
2019-05-31 12:05 - 2019-05-31 12:05 - 006130176 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\TeamSpeak 3 Client\Qt5Core.dll
2019-04-09 09:25 - 2019-04-09 09:25 - 006470656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\TeamSpeak 3 Client\Qt5Gui.dll
2019-04-09 09:24 - 2019-04-09 09:24 - 001314816 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\TeamSpeak 3 Client\Qt5Network.dll
2019-04-10 18:31 - 2019-04-10 18:31 - 000317440 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\TeamSpeak 3 Client\Qt5Positioning.dll
2019-04-09 09:28 - 2019-04-09 09:28 - 000318464 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\TeamSpeak 3 Client\Qt5PrintSupport.dll
2019-04-10 17:55 - 2019-04-10 17:55 - 004001792 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\TeamSpeak 3 Client\Qt5Qml.dll
2019-04-10 17:48 - 2019-04-10 17:48 - 003776000 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\TeamSpeak 3 Client\Qt5Quick.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000072704 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\TeamSpeak 3 Client\Qt5QuickWidgets.dll
2019-04-09 09:23 - 2019-04-09 09:23 - 000205312 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\TeamSpeak 3 Client\Qt5Sql.dll
2019-04-10 17:29 - 2019-04-10 17:29 - 000332288 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\TeamSpeak 3 Client\Qt5Svg.dll
2019-04-10 18:40 - 2019-04-10 18:40 - 000113664 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\TeamSpeak 3 Client\Qt5WebChannel.dll
2019-04-11 02:37 - 2019-04-11 02:37 - 079989760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\TeamSpeak 3 Client\Qt5WebEngineCore.dll
2019-04-11 02:54 - 2019-04-11 02:54 - 000228864 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\TeamSpeak 3 Client\Qt5WebEngineWidgets.dll
2019-04-09 09:27 - 2019-04-09 09:27 - 005580800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\TeamSpeak 3 Client\Qt5Widgets.dll
2019-04-09 09:28 - 2019-04-09 09:28 - 001151488 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\TeamSpeak 3 Client\sqldrivers\qsqlite.dll
2019-04-09 09:29 - 2019-04-09 09:29 - 000137216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\TeamSpeak 3 Client\styles\qwindowsvistastyle.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Home\Application Data:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\Home\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-03-24 20:31 - 2019-03-24 20:31 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Users\Home\AppData\Local\Microsoft\WindowsApps;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2596707385-3445154772-733900174-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{54853C37-DFF9-4CA9-9F9B-17371AB13B92}F:\pubg\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) F:\pubg\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (Bluehole, Inc. -> Bluehole GinnoGames, Inc.)
FirewallRules: [TCP Query User{D31E1579-0465-49BE-B7E1-90C000223BB0}F:\pubg\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) F:\pubg\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (Bluehole, Inc. -> Bluehole GinnoGames, Inc.)
FirewallRules: [{893CFD8A-1706-4E85-8C10-CA95B246C3E0}] => (Allow) F:\Pubg\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (Bluehole, Inc. -> PUBG Corporation )
FirewallRules: [{BFED96D0-D311-4035-A84D-06C84B561C3B}] => (Allow) F:\Pubg\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (Bluehole, Inc. -> PUBG Corporation )
FirewallRules: [UDP Query User{2AB5B92C-827A-4B88-8884-C366831130C3}C:\program files (x86)\call of duty black ops 4\blackops4.exe] => (Allow) C:\program files (x86)\call of duty black ops 4\blackops4.exe No File
FirewallRules: [TCP Query User{62C1F8A7-FF7C-444B-8076-8994BB964A68}C:\program files (x86)\call of duty black ops 4\blackops4.exe] => (Allow) C:\program files (x86)\call of duty black ops 4\blackops4.exe No File
FirewallRules: [UDP Query User{5F75C66E-BDF8-41A7-AD3A-EDE4432C4104}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe No File
FirewallRules: [TCP Query User{177452DE-F2C3-4F81-8BB9-BAC18DE4581F}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe No File
FirewallRules: [{D6595B5E-95BE-4885-808E-705E18DDAF51}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{7FD055A3-7701-451C-885B-65EBAC3D0971}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{4F0CD82A-C5D0-4979-A770-945035BC0C0E}C:\program files (x86)\windscribe\wsappcontrol.exe] => (Allow) C:\program files (x86)\windscribe\wsappcontrol.exe (Windscribe Limited -> Windscribe Limited)
FirewallRules: [TCP Query User{0302D984-768A-4DDF-AF7E-C637EEACE4BC}C:\program files (x86)\windscribe\wsappcontrol.exe] => (Allow) C:\program files (x86)\windscribe\wsappcontrol.exe (Windscribe Limited -> Windscribe Limited)
FirewallRules: [{A3CB6366-21C6-40A8-ACB3-69C293567405}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{70C96FFA-DD4F-49C9-999F-ACAF905060E9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{7EE14E62-8D8C-422D-A34C-52D9DE5A2A5E}C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe (Bohemia Interactive a.s. -> Bohemia Interactive)
FirewallRules: [TCP Query User{E86C11DF-D03D-4256-B29F-DDAD61B5F984}C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe (Bohemia Interactive a.s. -> Bohemia Interactive)
FirewallRules: [{FF49BACB-1151-4C63-B696-A5A0232A7307}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe (Bohemia Interactive a.s. -> Bohemia Interactive)
FirewallRules: [{0D41621A-4095-4C95-A050-387C70035B91}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe (Bohemia Interactive a.s. -> Bohemia Interactive)
FirewallRules: [UDP Query User{C5A2F1A2-4AD7-4B42-A4B1-9B8D283B6365}C:\users\home\appdata\local\popcorn-time\popcorn-time.exe] => (Allow) C:\users\home\appdata\local\popcorn-time\popcorn-time.exe (The NWJS Community) [File not signed]
FirewallRules: [TCP Query User{564E9024-120A-441A-8C2E-F96C775CB5A2}C:\users\home\appdata\local\popcorn-time\popcorn-time.exe] => (Allow) C:\users\home\appdata\local\popcorn-time\popcorn-time.exe (The NWJS Community) [File not signed]
FirewallRules: [{06CE7F0D-CC31-4C99-A15D-72206767D4AC}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{84449E05-551C-4BD3-B1C4-029422BA46F3}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{C9EE3FED-5EED-401E-AD84-B8A63B19E511}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{5EF5972B-4E8D-4931-863C-75943E58EC6A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{16FF65BB-A7BD-4E4E-B6E7-A544D4F862FB}C:\program files (x86)\minecraft\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\bin\javaw.exe
FirewallRules: [UDP Query User{2A1FF98B-864F-42D0-97A5-9D7DDDB75200}C:\program files (x86)\minecraft\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\bin\javaw.exe
FirewallRules: [{225CAE97-AE8D-43D5-8249-3D82C83D1746}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E408CC42-EA5F-4FCC-B744-8ABDBEBA239C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4020C4C3-34C6-44D1-A70B-9631645F65F2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{937C3817-9E67-4C7C-B523-04A10A4EF08B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8B647E83-FE8E-454E-823D-113CF27F272E}] => (Allow) F:\Pubg\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe (Gearbox Software LLC -> Gearbox Software)
FirewallRules: [{66E08155-8287-4746-9495-04AD6D49BFA9}] => (Allow) F:\Pubg\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe (Gearbox Software LLC -> Gearbox Software)
FirewallRules: [{83756775-6BB9-4FB3-A7E5-04EB5730A1C7}] => (Allow) F:\Pubg\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe (Gearbox Software LLC -> Take-Two Interactive Software, Inc.)
FirewallRules: [{F21E7126-3693-48B4-BD1C-D74997907D6A}] => (Allow) F:\Pubg\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe (Gearbox Software LLC -> Take-Two Interactive Software, Inc.)
FirewallRules: [{15328490-F24D-4D2A-8E7E-E3F3F57F5EFB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{9E3D9ED8-DE27-4C8D-87C1-413EC38E6C7F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{37C4C942-4E0F-464F-9F4D-169D276DE51B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{C8DD83E6-8A19-46E4-A167-AA67D62A66A8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{8423624B-30A9-4885-9C6D-39CBDF701E56}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
==================== Restore Points =========================
13-06-2019 17:58:08 Windows Update
20-06-2019 17:59:01 Windows Update
24-06-2019 22:22:22 Removed Razer Synapse.
04-07-2019 00:15:31 Scheduled Checkpoint
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/08/2019 01:24:10 AM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.
Error: (07/08/2019 01:09:00 AM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.
Error: (07/06/2019 12:14:57 AM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.
Error: (07/05/2019 02:20:20 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.
Error: (07/05/2019 01:43:47 AM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.
Error: (07/04/2019 05:31:47 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.
Error: (07/04/2019 03:56:34 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.
Error: (07/03/2019 05:56:05 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.
System errors:
=============
Error: (07/08/2019 01:25:27 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
Windows.SecurityCenter.WscBrokerManager
and APPID
Unavailable
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (07/08/2019 01:25:27 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
Windows.SecurityCenter.WscDataProtection
and APPID
Unavailable
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (07/08/2019 01:25:27 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
Windows.SecurityCenter.SecurityAppBroker
and APPID
Unavailable
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (07/08/2019 01:24:55 AM) (Source: DCOM) (EventID: 10016) (User: CALLUMS)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user CALLUMS\Home SID (S-1-5-21-2596707385-3445154772-733900174-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (07/08/2019 01:23:53 AM) (Source: DCOM) (EventID: 10016) (User: CALLUMS)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user CALLUMS\Home SID (S-1-5-21-2596707385-3445154772-733900174-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (07/08/2019 01:23:27 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (07/08/2019 01:23:27 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (07/08/2019 01:23:22 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 01:06:58 on 08/07/2019 was unexpected.
Windows Defender:
===================================
Date: 2019-07-05 23:11:51.142
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {D98623DF-B55A-4E70-A196-CB367981E808}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-06-30 23:57:30.036
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {5025FD75-5E53-46A9-B051-56A8F90437E3}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-06-29 23:29:15.249
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {DC031970-A9FE-4EC7-9F59-D94A0A430E67}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-06-29 19:16:48.657
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {25881DAD-828D-4006-B483-AC2FD0A89DB2}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-06-26 18:51:28.991
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {D59452B9-C5C3-4705-9AB8-32710D516B90}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-06-23 17:23:41.006
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.295.1254.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16000.6
Error code: 0x8024402c
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
Date: 2019-06-20 01:43:40.525
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.295.1046.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16000.6
Error code: 0x80240438
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
==================== Memory info ===========================
BIOS: American Megatrends Inc. V1.8 08/14/2015
Motherboard: MSI Z97I GAMING AC (MS-7920)
Processor: Intel® Core i7-4790K CPU @ 4.00GHz
Percentage of memory in use: 28%
Total physical RAM: 16332.62 MB
Available physical RAM: 11672.7 MB
Total Virtual: 22988.62 MB
Available Virtual: 15680.97 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:232.35 GB) (Free:101.8 GB) NTFS
Drive e: (TOSHIBA EXT) (Fixed) (Total:931.51 GB) (Free:218.01 GB) NTFS
Drive f: (Maxtor) (Fixed) (Total:1863.01 GB) (Free:1088.78 GB) NTFS
\\?\Volume{b03bc37b-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.54 GB) (Free:0.1 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: B03BC37B)
Partition 1: (Active) - (Size=549 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.3 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 11831C23)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 1863 GB) (Disk ID: 55FC53AE)
Partition 1: (Active) - (Size=1863 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================