Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Possible Malware? pc slow [Solved]


  • This topic is locked This topic is locked

#16
DR M

DR M

    GeekU Senior

  • GeekU Senior
  • 2,120 posts
Hi.

1. Enable Windows Security Service
  • Go to the Search area, type Services and press Enter.
  • From the Services list find Windows Security Service.
  • Right click and check if there is an option you can choose to enable it and make it run again (Start, Restart, Resume, Refresh).
  • Please report back what happened.
 
In case you don't see the Windows Security Service in the list, start in Safe Mode as you did before (step 1), restore the missing service and restart:
  • Download Windows_Security_Service and save it on your Desktop.
  • Double-click on the file, allow the information to be merged (Yes) and restart the computer.
 
2. Check services with FSS
  • Run the FSS tool, with all the options checked, as you did before, and post the result.
 
3. Check Windows Defender
  • Go to Settings (Windows icon on the keyboard + i)
  • Select Privacy & Security
  • From the left pane, Windows Security
  • Open Windows Security
  • Please take a screenshot of what you see at the Security at a glance screen (Microsoft's instructions of how to take screenshots using snipping tool are here)
 
In your next reply please post:
1. What happened after you checked the Windows Security Service
2. The FSS log
3. The screenshot with Windows Defender status
 
  • 0

Advertisements


#17
cmdiwnl

cmdiwnl

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts

Had to download the .reg in safe and then it started with no issues

 

https://gyazo.com/9d...e93da6c2c216ca6

 

Farbar Service Scanner Version: 14-12-2019
Ran by ciara (administrator) on 23-08-2020 at 09:11:13
Running from "D:\Downloads"
Microsoft Windows 10 Pro  (X64)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
 
 
System Restore:
============
 
System Restore Policy: 
========================
 
 
Security Center:
============
 
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc: "%SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted -p".
The ServiceDll of wscsvc service is OK.
 
 
Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv: "%systemroot%\system32\svchost.exe -k netsvcs -p".
The ServiceDll of wuauserv service is OK.
 
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Windows Defender:
==============
 
Other Services:
==============
 
 
File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
 
 
**** End of log ****

  • 0

#18
cmdiwnl

cmdiwnl

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts

however, the security registry seems to be on manual currently so it has to be started each restart and I don't think I can make it auto https://gyazo.com/9b...6eb1f1c77cf7e79


  • 0

#19
DR M

DR M

    GeekU Senior

  • GeekU Senior
  • 2,120 posts

The service seems that is running and the Windows Defender screenshot also shows no issues. The start-up type doesn't need to be Automatic.

 

Did you run the FSS before or after checking the Windows Security Service?

 

Can you check again Windows Security Service, as well as Windows Update Service, as you did before? Both need to be running.

 

Then run the FSS again and post the result.


  • 0

#20
cmdiwnl

cmdiwnl

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts

Both are enabled, and I was confused at the FSS result aswell since I had restarted my pc but this is the changed result now 

 

Farbar Service Scanner Version: 14-12-2019
Ran by ciara (administrator) on 23-08-2020 at 20:41:08
Running from "D:\Downloads"
Microsoft Windows 10 Pro  (X64)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
 
 
System Restore:
============
 
System Restore Policy: 
========================
 
 
Security Center:
============
 
 
Windows Update:
============
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend: ""C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.4-0\MsMpEng.exe"".
 
 
Windows Defender Disabled Policy: 
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1
 
 
Other Services:
==============
 
 
File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
 
 
**** End of log ****

  • 0

#21
cmdiwnl

cmdiwnl

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts

Turned off malwarebytes and this is the result now 

Farbar Service Scanner Version: 14-12-2019
Ran by ciara (administrator) on 23-08-2020 at 20:42:56
Running from "D:\Downloads"
Microsoft Windows 10 Pro  (X64)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
 
 
System Restore:
============
 
System Restore Policy: 
========================
 
 
Security Center:
============
 
 
Windows Update:
============
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Windows Defender:
==============
 
Other Services:
==============
 
 
File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
 
 
**** End of log ****

  • 0

#22
DR M

DR M

    GeekU Senior

  • GeekU Senior
  • 2,120 posts

Thanks.

 

I will be back to you as soon as I can. :)


  • 0

#23
DR M

DR M

    GeekU Senior

  • GeekU Senior
  • 2,120 posts
Hi, cmdiwnl.
 
1. Change Malwarebytes Settings

You hadn't Malwarebytes installed when we started the procedure here. It is important you follow the instructions, without downloading or installing anything, unless you are instructed to do so.
 
You probably installed the trial Premium version of Malwarebytes. No need to disable it.
 
Enable it again and make the following changes in Settings:
  • Open Malwarebytes.
  • Press the little gear at the top right.
  • Choose the Security tab.
  • Enable the three options under the title Scan options.
  • Disable the option under the title Widows Security Center.
 
2. Check Services
 
Run FSS again and post the result.
 
 
3. Provide fresh FRST logs
 
Lastly, please run FRST (you have it in the Downloads folder) and post the content of the two logs, FRST and Addition.
  • 0

#24
cmdiwnl

cmdiwnl

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
Farbar Service Scanner Version: 14-12-2019
Ran by ciara (administrator) on 25-08-2020 at 00:27:06
Running from "D:\Downloads"
Microsoft Windows 10 Pro  (X64)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
 
 
System Restore:
============
 
System Restore Policy: 
========================
 
 
Security Center:
============
 
 
Windows Update:
============
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Windows Defender:
==============
 
Other Services:
==============
 
 
File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
 
 
**** End of log ****
 
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-08-2020
Ran by ciara (administrator) on DESKTOP-KT5JT22 (MSI MS-7977) (25-08-2020 00:27:44)
Running from D:\Downloads
Loaded Profiles: ciara
Platform: Windows 10 Pro Version 2004 19041.329 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Amagicom AB -> Mullvad VPN AB) C:\Program Files\Mullvad VPN\resources\mullvad-daemon.exe
(Discord Inc. -> Discord Inc.) C:\Users\ciara\AppData\Local\Discord\app-0.0.307\Discord.exe <6>
(Electronic Arts, Inc. -> ) C:\Program Files (x86)\Origin\QtWebEngineProcess.exe <2>
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(FACE IT LIMITED -> FACEIT Ltd.) C:\Users\ciara\AppData\Local\FACEITApp\app-1.24.1\FACEIT.exe <2>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <14>
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.441_none_e753a4f1261e4901\TiWorker.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2008.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2008.4-0\NisSrv.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_ba8c9c14f3d320cb\Display.NvContainer\NVDisplay.Container.exe <2>
(Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe
(Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
(Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe <2>
(Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\CefSharp.BrowserSubprocess.exe <2>
(Red Giant   LLC -> Red Giant LLC) C:\Program Files\Red Giant\Services\Red Giant Service.exe
(Riot Games, Inc. -> Riot Games, Inc.) C:\Program Files\Riot Vanguard\vgtray.exe
(ShareX Team) [File not signed] C:\Program Files\ShareX\ShareX.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(SteelSeries ApS -> ) C:\ProgramData\SteelSeries\SteelSeries Engine 3\engineApps\system-stats\runStatsElevated.exe
(SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
(SteelSeries ApS -> SteelSeries) C:\ProgramData\SteelSeries\SteelSeries Engine 3\engineApps\system-stats\SystemStatsOHM.exe
(Swift Media Entertainment, Inc. -> Blitz, Inc.) C:\Users\ciara\AppData\Local\Programs\Blitz\Blitz.exe <10>
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TEFINCOM S.A. -> TEFINCOM S.A.) C:\Program Files\NordVPN\nordvpn-service.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [353776 2020-07-30] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [193024 2020-07-06] (Microsoft Corporation) [File not signed]
HKLM-x32\...\Run: [Discord] => C:\ProgramData\SquirrelMachineInstalls\Discord.exe [61370712 2020-06-10] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\Run: [Battle.net] => C:\Program Files (x86)\Battle.net\Battle.net.exe [1136104 2020-08-02] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\Run: [Discord] => C:\Users\ciara\AppData\Local\Discord\app-0.0.307\Discord.exe [91023672 2020-08-04] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3377440 2020-07-31] (Valve -> Valve Corporation)
HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [597640 2020-02-07] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32406416 2020-08-12] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [915848 2020-03-30] (Nota Inc. -> Nota Inc.)
HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\Run: [WallpaperEngine] => D:\SteamLibrary\steamapps\common\wallpaper_engine\wallpaper32.exe [2887160 2020-07-12] (Kristjan Skutta -> )
HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\Run: [com.blitz.app] => C:\Users\ciara\AppData\Local\Programs\Blitz\Blitz.exe [108260048 2020-08-22] (Swift Media Entertainment, Inc. -> Blitz, Inc.)
HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3513072 2020-07-23] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\Run: [FACEIT] => C:\Users\ciara\AppData\Local\FACEITApp\update.exe [2204608 2020-07-30] (FACE IT LIMITED -> )
HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\Run: [NordVPN] => C:\Program Files\NordVPN\NordVPN.exe [269584 2020-07-10] (TEFINCOM S.A. -> TEFINCOM S.A.)
HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3143456 2020-08-18] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3513072 2020-07-23] (Razer USA Ltd. -> Razer Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.116\Installer\chrmstp.exe [2020-06-24] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2020-08-08]
ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS -> SteelSeries ApS)
Startup: C:\Users\ciara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mailspring.lnk [2020-06-29]
ShortcutTarget: Mailspring.lnk -> C:\Users\ciara\AppData\Local\Mailspring\Update.exe (Foundry 376, LLC -> )
Startup: C:\Users\ciara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ShareX.lnk [2020-08-01]
ShortcutTarget: ShareX.lnk -> C:\Program Files\ShareX\ShareX.exe (ShareX Team) [File not signed]
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {27DC39CE-0E05-4A55-967A-C9EF414C806A} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [124624 2020-06-03] (Mozilla Corporation -> Mozilla Foundation)
Task: {38A147DD-FE1F-4BE8-A6DE-E6547124069F} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3EC1AB5D-F7C4-407B-9796-8F8EDA876EDA} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [6785448 2020-03-30] (Nota Inc. -> Nota Inc.)
Task: {44B1AED4-818F-4D93-9501-47FA09A24E66} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {81A195CE-B004-4FEF-BCE7-116E5C75D059} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {84D4B109-5623-4273-BE11-148E211BB412} - System32\Tasks\Agent Activation Runtime\S-1-5-21-3266006208-3946979777-4142415845-1001 => C:\WINDOWS\System32\AgentActivationRuntimeStarter.exe [13312 2020-06-10] (Microsoft Windows -> )
Task: {86932916-3A91-4682-BA1A-19B4BDA5D826} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {8CC4F12C-7D02-43E3-AE3B-AA1EC127821F} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-05-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {98A080E1-E215-4127-9F93-112F96D0F0B6} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [6785448 2020-03-30] (Nota Inc. -> Nota Inc.)
Task: {A211F0FD-1D80-48BA-B092-544A21D91C27} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [647656 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AFBC50BE-737A-4D77-A9A3-9201299ADF25} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-05-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C84EB787-39E3-4460-AF89-227A37A9FF43} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {C855E9E2-B5FD-4F92-93A8-84379F3B7E05} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3292984 2020-06-25] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DBDDB15D-19DF-4E6B-86FE-402131640ECB} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E073334B-C1DA-42DF-879D-BF50A324C28B} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F7332E30-9A5B-4493-9C76-63B46D063A71} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Winsock: Catalog5 01 C:\WINDOWS\SysWOW64\PrxerNsp.dll [87024 2018-08-15] (Initeks, OOO -> )
Winsock: Catalog9 01 C:\WINDOWS\SysWOW64\PrxerDrv.dll [98800 2018-08-15] (Initeks, OOO -> Initex)
Winsock: Catalog9 02 C:\WINDOWS\SysWOW64\PrxerDrv.dll [98800 2018-08-15] (Initeks, OOO -> Initex)
Winsock: Catalog9 03 C:\WINDOWS\SysWOW64\PrxerDrv.dll [98800 2018-08-15] (Initeks, OOO -> Initex)
Winsock: Catalog9 04 C:\WINDOWS\SysWOW64\PrxerDrv.dll [98800 2018-08-15] (Initeks, OOO -> Initex)
Winsock: Catalog9 19 C:\WINDOWS\SysWOW64\PrxerDrv.dll [98800 2018-08-15] (Initeks, OOO -> Initex)
Winsock: Catalog5-x64 01 C:\Windows\system32\PrxerNsp.dll [101872 2018-08-15] (Initeks, OOO -> )
Winsock: Catalog9-x64 01 C:\Windows\system32\PrxerDrv.dll [119792 2018-08-15] (Initeks, OOO -> Initex)
Winsock: Catalog9-x64 02 C:\Windows\system32\PrxerDrv.dll [119792 2018-08-15] (Initeks, OOO -> Initex)
Winsock: Catalog9-x64 03 C:\Windows\system32\PrxerDrv.dll [119792 2018-08-15] (Initeks, OOO -> Initex)
Winsock: Catalog9-x64 04 C:\Windows\system32\PrxerDrv.dll [119792 2018-08-15] (Initeks, OOO -> Initex)
Winsock: Catalog9-x64 19 C:\Windows\system32\PrxerDrv.dll [119792 2018-08-15] (Initeks, OOO -> Initex)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{439b2978-f3be-4db9-ac38-1b49c02bef79}: [DhcpNameServer] 10.9.0.1
Tcpip\..\Interfaces\{81ded0a7-f6d0-40a3-bde5-27f6a0b700a6}: [DhcpNameServer] 103.86.96.100 103.86.99.100
Tcpip\..\Interfaces\{c4ccf9f0-a6c4-4007-b748-732581af7498}: [DhcpNameServer] 192.168.1.254
 
Internet Explorer:
==================
 
FireFox:
========
FF DefaultProfile: dme0aon1.default
FF ProfilePath: C:\Users\ciara\AppData\Roaming\Mozilla\Firefox\Profiles\dme0aon1.default [2020-08-21]
FF ProfilePath: C:\Users\ciara\AppData\Roaming\Mozilla\Firefox\Profiles\tidurm40.default-release [2020-08-21]
FF user.js: detected! => C:\Users\ciara\AppData\Roaming\Mozilla\Firefox\Profiles\tidurm40.default-release\user.js [2020-08-14]
FF NewTab: Mozilla\Firefox\Profiles\tidurm40.default-release -> about:blank
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
 
Chrome: 
=======
CHR Profile: C:\Users\ciara\AppData\Local\Google\Chrome\User Data\Default [2020-08-25]
CHR Extension: (Slides) - C:\Users\ciara\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-06-15]
CHR Extension: (Docs) - C:\Users\ciara\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-06-15]
CHR Extension: (Google Drive) - C:\Users\ciara\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-06-15]
CHR Extension: (YouTube) - C:\Users\ciara\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-06-15]
CHR Extension: (uBlock Origin) - C:\Users\ciara\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2020-08-21]
CHR Extension: (Sheets) - C:\Users\ciara\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-06-15]
CHR Extension: (Google Docs Offline) - C:\Users\ciara\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-08-12]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\ciara\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2020-08-12]
CHR Extension: (Chrome Remote Desktop) - C:\Users\ciara\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2020-06-15]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\ciara\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2020-08-19]
CHR Extension: (Chrome Web Store Payments) - C:\Users\ciara\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-06-15]
CHR Extension: (Gmail) - C:\Users\ciara\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-06-15]
CHR Extension: (Chrome Media Router) - C:\Users\ciara\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-06-15]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8646752 2020-08-10] (BattlEye Innovations e.K. -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803440 2020-02-28] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 EQU8_13; C:\ProgramData\EQU8\Diabotical\bin\anticheat.x64.equ8.exe [6107840 2020-08-03] (Int3 Software AB -> Int3 Software AB)
S3 FACEITService; C:\Program Files\FACEIT AC\faceitservice.exe [18888544 2020-07-27] (FACE IT LIMITED -> )
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6970968 2020-08-14] (Malwarebytes Inc -> Malwarebytes)
R2 MullvadVPN; C:\Program Files\Mullvad VPN\resources\mullvad-daemon.exe [8993064 2020-06-25] (Amagicom AB -> Mullvad VPN AB)
R2 nordvpn-service; C:\Program Files\NordVPN\nordvpn-service.exe [269584 2020-07-10] (TEFINCOM S.A. -> TEFINCOM S.A.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2510648 2020-08-18] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3464000 2020-08-18] (Electronic Arts, Inc. -> Electronic Arts)
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [981592 2020-07-23] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [284760 2020-07-23] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [253776 2020-06-24] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [294128 2020-07-23] (Razer USA Ltd. -> Razer Inc.)
R2 Red Giant Service; C:\Program Files\Red Giant\Services\Red Giant Service.exe [6008904 2020-07-01] (Red Giant   LLC -> Red Giant LLC)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [532864 2020-06-06] (Razer USA Ltd. -> Razer Inc.)
S3 SteelSeriesUpdateService; C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesUpdateService.exe [32648 2020-08-06] (SteelSeries ApS -> )
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13109264 2020-06-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [746504 2020-07-10] (Oracle Corporation -> Oracle Corporation)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [9754048 2020-07-30] (Riot Games, Inc. -> Riot Games, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.4-0\NisSrv.exe [2343128 2020-08-23] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.4-0\MsMpEng.exe [128376 2020-08-23] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_ba8c9c14f3d320cb\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_ba8c9c14f3d320cb\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 e2xw10x64; C:\WINDOWS\System32\drivers\e2xw10x64.sys [164840 2019-05-10] (Rivet Networks LLC -> Qualcomm Atheros, Inc.)
S3 EQU8_HELPER_13; C:\WINDOWS\system32\DRIVERS\EQU8_HELPER_13.sys [38080 2020-08-03] (Int3 Software AB -> )
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2020-08-14] (Malwarebytes Corporation -> Malwarebytes)
R0 FACEIT; C:\WINDOWS\System32\Drivers\FACEIT.sys [10184056 2020-07-28] (FACE IT LIMITED -> )
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [216056 2020-08-25] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-08-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [197264 2020-08-25] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73368 2020-08-25] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-08-23] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [131232 2020-08-25] (Malwarebytes Inc -> Malwarebytes)
R1 MpKslDrv; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A8DF0553-5232-4E89-AB46-2D2933DC6CD0}\MpKslDrv.sys [78056 2020-08-24] (Microsoft Windows -> Microsoft Corporation)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2017-09-07] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 nlwt; C:\WINDOWS\System32\drivers\nlwt.sys [39360 2020-04-20] (TEFINCOM S.A. -> WireGuard LLC)
R1 nordlwf; C:\WINDOWS\system32\DRIVERS\nordlwf.sys [38608 2020-07-10] (TEFINCOM S.A. -> TEFINCOM S.A.)
R3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [51776 2020-02-17] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_007a; C:\WINDOWS\System32\drivers\RzDev_007a.sys [52496 2020-02-17] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_007e; C:\WINDOWS\System32\drivers\RzDev_007e.sys [52288 2020-02-17] (Razer USA Ltd. -> Razer Inc)
R3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [46776 2019-12-23] (SteelSeries ApS -> )
R3 sshid; C:\WINDOWS\System32\drivers\sshid.sys [48936 2020-07-29] (SteelSeries ApS -> SteelSeries ApS)
R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2017-07-28] (Valve Corp. -> )
R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2017-07-21] (Valve Corp. -> )
R3 tapmullvad0901; C:\WINDOWS\System32\drivers\tapmullvad0901.sys [39616 2020-02-04] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project)
S3 VBAudioVMAUXVAIOMME; C:\WINDOWS\System32\drivers\vbaudio_vmauxvaio64_win10.sys [71920 2020-08-21] (Vincent Burel -> Windows ® Win 7 DDK provider)
R3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [237840 2020-07-11] (Oracle Corporation -> Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [247232 2020-07-11] (Oracle Corporation -> Oracle Corporation)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [5395880 2020-07-30] (Riot Games, Inc. -> Riot Games, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2020-08-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [428272 2020-08-23] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [69872 2020-08-23] (Microsoft Windows -> Microsoft Corporation)
S3 VBAudioVMVAIOMME; \SystemRoot\System32\drivers\vbaudio_vmvaio64_win10.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ===================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-08-25 00:23 - 2020-08-25 00:24 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-08-25 00:23 - 2020-08-25 00:23 - 120636720 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-08-25 00:17 - 2020-07-18 03:22 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-08-25 00:17 - 2020-07-18 03:01 - 000495616 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-08-25 00:16 - 2020-08-25 00:16 - 000216056 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-08-25 00:16 - 2020-08-25 00:16 - 000197264 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2020-08-25 00:16 - 2020-08-25 00:16 - 000131232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2020-08-25 00:16 - 2020-08-25 00:16 - 000073368 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2020-08-24 00:23 - 2020-08-24 00:23 - 000000000 ____D C:\Users\ciara\AppData\Local\GameAnalytics
2020-08-24 00:18 - 2020-08-24 00:18 - 000000220 _____ C:\Users\ciara\Desktop\Garry's Mod.url
2020-08-22 22:35 - 2020-08-22 22:35 - 000000000 ___HD C:\$WinREAgent
2020-08-22 05:43 - 2020-08-23 09:09 - 000466094 _____ C:\WINDOWS\ntbtlog.txt
2020-08-22 05:43 - 2020-08-23 09:09 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2020-08-22 03:52 - 2020-08-22 03:55 - 000000000 ____D C:\Users\ciara\AppData\Roaming\SCP Secret Laboratory
2020-08-22 03:51 - 2020-08-22 03:51 - 000000000 ____D C:\Users\ciara\AppData\LocalLow\Northwood
2020-08-21 22:48 - 2020-08-21 22:48 - 000004625 _____ C:\Users\ciara\AppData\Roaming\VoiceMeeterDefault.xml
2020-08-21 22:43 - 2020-08-21 22:53 - 000000000 ____D C:\Users\ciara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VB Audio
2020-08-21 22:43 - 2020-08-21 22:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VB Audio
2020-08-21 22:42 - 2020-08-21 22:53 - 000000000 ____D C:\Program Files\VB
2020-08-21 22:42 - 2020-08-21 22:42 - 000071920 _____ (Windows ® Win 7 DDK provider) C:\WINDOWS\system32\Drivers\vbaudio_vmauxvaio64_win10.sys
2020-08-21 22:42 - 2020-08-21 22:42 - 000000000 ____D C:\Program Files (x86)\VB
2020-08-21 22:24 - 2020-08-21 22:24 - 000000000 ____D C:\Users\ciara\AppData\Roaming\CrystalIdea Software
2020-08-20 22:19 - 2020-08-20 22:19 - 000000222 _____ C:\Users\ciara\Desktop\SCP Secret Laboratory.url
2020-08-20 20:17 - 2020-08-20 20:17 - 000000731 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10 Update Assistant.lnk
2020-08-20 20:17 - 2020-08-20 20:17 - 000000719 _____ C:\Users\ciara\Desktop\Windows 10 Update Assistant.lnk
2020-08-20 20:17 - 2020-08-20 20:17 - 000000000 ____D C:\Windows10Upgrade
2020-08-19 21:24 - 2020-08-19 21:24 - 000000000 ____D C:\Users\ciara\Desktop\GodMode.{ED7BA470-8E54-465E-825C-99712043E01C}
2020-08-17 21:55 - 2020-08-14 00:04 - 001780960 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2020-08-17 21:55 - 2020-08-14 00:04 - 001780960 _____ C:\WINDOWS\system32\vulkaninfo.exe
2020-08-17 21:55 - 2020-08-14 00:04 - 001371360 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-08-17 21:55 - 2020-08-14 00:04 - 001371360 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2020-08-17 21:55 - 2020-08-14 00:04 - 001086688 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2020-08-17 21:55 - 2020-08-14 00:04 - 001086688 _____ C:\WINDOWS\system32\vulkan-1.dll
2020-08-17 21:55 - 2020-08-14 00:04 - 000946400 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2020-08-17 21:55 - 2020-08-14 00:04 - 000946400 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2020-08-17 21:55 - 2020-08-14 00:04 - 000455408 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2020-08-17 21:55 - 2020-08-14 00:04 - 000349928 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2020-08-17 21:55 - 2020-08-14 00:01 - 001485544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2020-08-17 21:55 - 2020-08-14 00:01 - 001146256 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2020-08-17 21:55 - 2020-08-14 00:01 - 000816360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2020-08-17 21:55 - 2020-08-14 00:01 - 000675224 _____ C:\WINDOWS\system32\nvofapi64.dll
2020-08-17 21:55 - 2020-08-14 00:01 - 000669416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2020-08-17 21:55 - 2020-08-14 00:01 - 000582904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2020-08-17 21:55 - 2020-08-14 00:01 - 000555920 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2020-08-17 21:55 - 2020-08-14 00:01 - 000541928 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2020-08-17 21:55 - 2020-08-14 00:00 - 006653328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2020-08-17 21:55 - 2020-08-14 00:00 - 005882600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2020-08-17 21:55 - 2020-08-14 00:00 - 002376080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2020-08-17 21:55 - 2020-08-14 00:00 - 001570704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2020-08-17 21:55 - 2020-08-14 00:00 - 000443624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2020-08-17 21:55 - 2020-08-13 23:59 - 003916688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2020-08-17 21:55 - 2020-08-13 23:59 - 000849640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2020-08-17 21:55 - 2020-08-13 23:58 - 004707696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2020-08-17 21:55 - 2020-08-13 02:47 - 000077891 _____ C:\WINDOWS\system32\nvinfo.pb
2020-08-17 04:27 - 2020-08-17 04:27 - 000000000 ____D C:\Users\ciara\AppData\LocalLow\Innersloth
2020-08-17 04:26 - 2020-08-17 04:26 - 000000222 _____ C:\Users\ciara\Desktop\Among Us.url
2020-08-17 03:11 - 2020-08-17 03:11 - 000000000 ____D C:\Users\ciara\AppData\Local\install
2020-08-17 02:58 - 2020-08-17 02:58 - 000000000 ____D C:\Users\ciara\AppData\LocalLow\VRChat
2020-08-17 02:54 - 2020-08-17 02:54 - 000000222 _____ C:\Users\ciara\Desktop\VRChat.url
2020-08-14 21:52 - 2020-08-14 21:52 - 000000000 ____D C:\Users\ciara\AppData\Local\mbam
2020-08-14 21:51 - 2020-08-23 09:10 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-08-14 21:51 - 2020-08-14 21:51 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-08-14 21:51 - 2020-08-14 21:51 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-08-14 21:51 - 2020-08-14 21:51 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-08-14 21:51 - 2020-08-14 21:51 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-08-14 21:51 - 2020-08-14 21:51 - 000002021 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-08-14 21:51 - 2020-08-14 21:51 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-08-14 21:51 - 2020-08-14 21:51 - 000000000 ____D C:\Program Files\Malwarebytes
2020-08-14 19:14 - 2020-08-25 00:28 - 000000000 ____D C:\FRST
2020-08-11 03:34 - 2020-08-11 03:34 - 000001199 _____ C:\Users\Public\Desktop\Apex Legends.lnk
2020-08-11 03:34 - 2020-08-11 03:34 - 000001199 _____ C:\ProgramData\Desktop\Apex Legends.lnk
2020-08-11 03:34 - 2020-08-11 03:34 - 000000000 ___HD C:\Program Files\Common Files\EAInstaller
2020-08-11 03:34 - 2020-08-11 03:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apex Legends
2020-08-11 03:17 - 2020-08-18 19:46 - 000000000 ____D C:\Program Files (x86)\Origin Games
2020-08-11 03:13 - 2020-08-25 00:26 - 000000000 ____D C:\Users\ciara\AppData\Local\Origin
2020-08-11 03:13 - 2020-08-25 00:26 - 000000000 ____D C:\ProgramData\Origin
2020-08-11 03:13 - 2020-08-18 20:59 - 000000000 ____D C:\Users\ciara\AppData\Roaming\Origin
2020-08-11 03:13 - 2020-08-18 19:46 - 000000000 ____D C:\Program Files (x86)\Origin
2020-08-11 03:13 - 2020-08-11 03:35 - 000000000 ____D C:\ProgramData\Electronic Arts
2020-08-11 03:13 - 2020-08-11 03:13 - 000001066 _____ C:\Users\Public\Desktop\Origin.lnk
2020-08-11 03:13 - 2020-08-11 03:13 - 000001066 _____ C:\ProgramData\Desktop\Origin.lnk
2020-08-11 03:13 - 2020-08-11 03:13 - 000000000 ____D C:\Users\ciara\.QtWebEngineProcess
2020-08-11 03:13 - 2020-08-11 03:13 - 000000000 ____D C:\Users\ciara\.Origin
2020-08-11 03:13 - 2020-08-11 03:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2020-08-11 02:42 - 2020-08-11 02:32 - 753234116 _____ C:\Users\ciara\Desktop\Render.mp4
2020-08-07 21:07 - 2020-08-07 21:07 - 000001810 _____ C:\Users\ciara\Desktop\NordVPN.lnk
2020-08-07 21:07 - 2020-08-07 21:07 - 000000000 ____D C:\ProgramData\NordVPN
2020-08-07 21:07 - 2020-08-07 21:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\NordSec
2020-08-07 21:07 - 2020-08-07 21:07 - 000000000 ____D C:\Program Files\NordVPN
2020-08-07 21:07 - 2020-07-10 15:32 - 000038608 _____ (TEFINCOM S.A.) C:\WINDOWS\system32\Drivers\nordlwf.sys
2020-08-05 00:13 - 2020-08-05 00:13 - 000000000 ____D C:\Users\ciara\VirtualBox VMs
2020-08-04 22:51 - 2020-08-07 17:08 - 000000000 ____D C:\Users\ciara\.VirtualBox
2020-08-04 22:51 - 2020-08-07 16:40 - 000000000 ____D C:\ProgramData\VirtualBox
2020-08-04 22:50 - 2020-08-04 22:50 - 000001149 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2020-08-04 22:50 - 2020-08-04 22:50 - 000001149 _____ C:\ProgramData\Desktop\Oracle VM VirtualBox.lnk
2020-08-04 22:50 - 2020-08-04 22:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2020-08-04 22:50 - 2020-08-04 22:50 - 000000000 ____D C:\Program Files\Oracle
2020-08-04 22:50 - 2020-07-11 11:47 - 001030096 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxDrv.sys
2020-08-04 22:50 - 2020-07-11 11:47 - 000187456 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxUSBMon.sys
2020-08-03 22:23 - 2020-08-03 22:27 - 000038080 _____ C:\WINDOWS\system32\Drivers\EQU8_HELPER_13.sys
2020-08-03 22:23 - 2020-08-03 22:24 - 000000000 ____D C:\Users\ciara\AppData\Roaming\Diabotical
2020-08-03 22:23 - 2020-08-03 22:23 - 000000000 ____D C:\ProgramData\EQU8
2020-08-03 20:43 - 2020-08-03 20:43 - 000000295 _____ C:\Users\ciara\Desktop\Diabotical.url
2020-08-02 17:11 - 2020-08-02 17:11 - 000000910 _____ C:\Users\ciara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2020-08-02 17:11 - 2020-08-02 17:11 - 000000862 _____ C:\Users\ciara\Desktop\Start Tor Browser.lnk
2020-08-02 17:04 - 2020-08-02 17:04 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime
2020-08-02 16:56 - 2020-08-02 16:56 - 000000000 ____D C:\Users\ciara\Desktop\Tor Browser
2020-08-01 22:25 - 2020-08-01 22:25 - 000000825 _____ C:\Users\ciara\Desktop\ShareX.lnk
2020-08-01 22:25 - 2020-08-01 22:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShareX
2020-08-01 22:25 - 2020-08-01 22:25 - 000000000 ____D C:\Program Files\ShareX
2020-07-28 21:10 - 2020-07-28 21:10 - 010184056 _____ C:\WINDOWS\system32\Drivers\FACEIT.sys
2020-07-28 21:10 - 2020-07-28 21:10 - 000000000 ____D C:\Users\ciara\AppData\Local\FACEIT
2020-07-28 21:09 - 2020-07-30 22:22 - 000000000 ____D C:\Users\ciara\AppData\Local\FACEITApp
2020-07-28 21:09 - 2020-07-28 21:12 - 000000000 ____D C:\Program Files\FACEIT AC
2020-07-28 21:09 - 2020-07-28 21:09 - 000000892 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FACEIT AC.lnk
2020-07-28 21:09 - 2020-07-28 21:09 - 000000880 _____ C:\Users\Public\Desktop\FACEIT AC.lnk
2020-07-28 21:09 - 2020-07-28 21:09 - 000000880 _____ C:\ProgramData\Desktop\FACEIT AC.lnk
2020-07-28 01:22 - 2020-07-28 01:22 - 000000222 _____ C:\Users\ciara\Desktop\Grand Theft Auto V.url
2020-07-26 02:35 - 2020-07-26 02:35 - 000000000 ____D C:\Users\ciara\AppData\LocalLow\Statespace
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-08-25 00:27 - 2020-06-27 20:20 - 000000000 ____D C:\Users\ciara\AppData\Roaming\Blitz
2020-08-25 00:27 - 2020-06-10 15:44 - 000000000 ____D C:\ProgramData\NVIDIA
2020-08-25 00:26 - 2020-07-21 13:45 - 000000000 ____D C:\Users\ciara\AppData\Roaming\FACEIT
2020-08-25 00:26 - 2020-06-10 16:09 - 000000000 ____D C:\Users\ciara\AppData\Roaming\Discord
2020-08-25 00:25 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2020-08-25 00:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-08-25 00:23 - 2020-06-10 15:40 - 000840598 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-08-25 00:23 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2020-08-25 00:23 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2020-08-25 00:23 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-08-25 00:19 - 2020-06-10 16:32 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2020-08-25 00:17 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-08-25 00:16 - 2020-07-10 11:55 - 000000000 ____D C:\ProgramData\Mullvad VPN
2020-08-25 00:16 - 2020-06-29 17:26 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-08-25 00:16 - 2020-06-10 23:31 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-08-25 00:16 - 2020-06-10 23:30 - 000008192 ___SH C:\DumpStack.log.tmp
2020-08-25 00:16 - 2020-06-10 23:30 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-08-25 00:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2020-08-24 12:22 - 2020-06-10 16:11 - 000000000 ____D C:\Program Files (x86)\Steam
2020-08-24 08:16 - 2020-06-28 22:20 - 000000000 ____D C:\Users\ciara\AppData\Local\CrashDumps
2020-08-23 09:26 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-08-23 09:15 - 2020-06-19 21:37 - 000000000 ____D C:\Users\ciara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FTBApp
2020-08-23 09:15 - 2020-06-19 21:37 - 000000000 ____D C:\Users\ciara\AppData\Roaming\ftb-app
2020-08-23 09:15 - 2020-06-19 21:37 - 000000000 ____D C:\Users\ciara\AppData\Roaming\FTBA
2020-08-23 06:08 - 2020-06-15 15:14 - 000000000 ____D C:\Users\ciara\AppData\Roaming\vlc
2020-08-23 01:44 - 2020-06-10 23:31 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-08-22 22:35 - 2020-06-27 20:20 - 000002239 _____ C:\Users\ciara\Desktop\Blitz.lnk
2020-08-22 06:01 - 2019-12-07 10:52 - 000000000 ____D C:\WINDOWS\OCR
2020-08-22 05:38 - 2020-06-10 16:00 - 000000000 ____D C:\Users\ciara\AppData\Local\Battle.net
2020-08-22 01:41 - 2020-07-01 22:50 - 000000000 ____D C:\Users\ciara\AppData\Roaming\slobs-client
2020-08-21 22:51 - 2020-06-10 16:00 - 000000000 ____D C:\Program Files (x86)\Battle.net
2020-08-21 22:44 - 2020-07-20 18:57 - 000000000 ____D C:\WINDOWS\Minidump
2020-08-21 22:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-08-21 22:28 - 2020-07-01 22:48 - 000000000 ____D C:\Program Files\Streamlabs OBS
2020-08-20 04:36 - 2020-06-10 15:39 - 000000000 ____D C:\Users\ciara
2020-08-19 21:46 - 2020-06-10 15:42 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3266006208-3946979777-4142415845-1001
2020-08-19 21:46 - 2020-06-10 15:42 - 000000000 ___RD C:\Users\ciara\OneDrive
2020-08-19 21:46 - 2020-06-10 15:39 - 000002367 _____ C:\Users\ciara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-08-18 06:39 - 2020-06-10 16:52 - 000000000 ____D C:\Users\ciara\AppData\Local\NVIDIA
2020-08-17 02:58 - 2020-06-10 15:57 - 000000000 ____D C:\ProgramData\Package Cache
2020-08-15 07:06 - 2020-06-17 19:00 - 000000000 ____D C:\Users\ciara\AppData\Local\Arma 3 Launcher
2020-08-15 06:41 - 2020-06-17 19:01 - 000000000 ____D C:\Users\ciara\AppData\Local\Arma 3
2020-08-14 21:51 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-08-14 16:18 - 2020-07-12 21:36 - 000000048 _____ C:\WINDOWS\system32\perfdish001.dat
2020-08-14 00:01 - 2020-06-10 17:47 - 001018768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2020-08-14 00:00 - 2020-06-10 17:47 - 002078096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2020-08-14 00:00 - 2020-06-10 17:47 - 000811240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2020-08-14 00:00 - 2020-06-10 15:40 - 000656784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2020-08-13 23:58 - 2020-06-10 15:40 - 005395088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2020-08-11 03:35 - 2020-06-11 22:29 - 000000000 ____D C:\Users\ciara\AppData\Roaming\EasyAntiCheat
2020-08-11 03:20 - 2020-06-11 16:40 - 000000000 ____D C:\Users\ciara\AppData\Roaming\TS3Client
2020-08-11 03:13 - 2020-06-10 15:46 - 000000000 ____D C:\Users\ciara\AppData\Local\D3DSCache
2020-08-08 08:28 - 2020-07-06 16:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2020-08-08 08:28 - 2020-07-06 16:42 - 000000000 ____D C:\Program Files (x86)\Razer Chroma SDK
2020-08-07 21:07 - 2020-06-15 20:56 - 000000000 ____D C:\Users\ciara\AppData\Local\NordVPN
2020-08-06 18:21 - 2020-06-10 16:09 - 000000000 ____D C:\Users\ciara\AppData\Local\Discord
2020-08-06 18:20 - 2020-06-10 16:09 - 000000000 ____D C:\Users\ciara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2020-08-04 18:55 - 2020-06-25 15:28 - 000000000 ____D C:\Users\ciara\AppData\LocalLow\Mozilla
2020-08-04 12:40 - 2020-06-10 15:57 - 000000000 ____D C:\Program Files\Riot Vanguard
2020-08-03 19:10 - 2020-06-11 00:41 - 000000000 ____D C:\Program Files\Epic Games
2020-08-02 12:48 - 2020-07-16 17:59 - 000000000 ____D C:\Users\ciara\AppData\Roaming\steelseries-engine-3-client
2020-08-02 12:42 - 2020-07-16 17:58 - 000000000 ____D C:\ProgramData\SteelSeries
2020-08-02 12:42 - 2020-06-10 18:03 - 000000000 ____D C:\Users\ciara\AppData\Local\cache
2020-07-29 20:08 - 2020-07-22 22:52 - 000305376 _____ (SteelSeries) C:\WINDOWS\system32\engineco.dll
2020-07-29 20:08 - 2019-12-23 17:53 - 000048936 _____ (SteelSeries ApS) C:\WINDOWS\system32\Drivers\sshid.sys
2020-07-28 21:14 - 2020-07-22 06:22 - 000000000 ____D C:\Users\ciara\AppData\Local\log
2020-07-28 21:09 - 2020-07-21 13:45 - 000002190 _____ C:\Users\ciara\Desktop\FACEIT.lnk
2020-07-28 21:09 - 2020-07-21 13:45 - 000000000 ____D C:\Users\ciara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FACEIT Ltd
2020-07-28 21:09 - 2020-06-10 16:09 - 000000000 ____D C:\Users\ciara\AppData\Local\SquirrelTemp
2020-07-27 02:30 - 2020-07-10 11:55 - 000000000 ____D C:\Users\ciara\AppData\Local\Mullvad VPN
 
==================== Files in the root of some directories ========
 
2020-08-21 22:48 - 2020-08-21 22:48 - 000004625 _____ () C:\Users\ciara\AppData\Roaming\VoiceMeeterDefault.xml
2020-07-03 07:56 - 2020-07-03 07:56 - 000007604 _____ () C:\Users\ciara\AppData\Local\Resmon.ResmonCfg
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ========================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-08-2020
Ran by ciara (25-08-2020 00:28:44)
Running from D:\Downloads
Windows 10 Pro Version 2004 19041.329 (X64) (2020-06-10 14:38:10)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3266006208-3946979777-4142415845-500 - Administrator - Disabled)
ciara (S-1-5-21-3266006208-3946979777-4142415845-1001 - Administrator - Enabled) => C:\Users\ciara
DefaultAccount (S-1-5-21-3266006208-3946979777-4142415845-503 - Limited - Disabled)
Guest (S-1-5-21-3266006208-3946979777-4142415845-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3266006208-3946979777-4142415845-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Adobe After Effects 2020 (HKLM-x32\...\AEFT_17_0_4) (Version: 17.0.4 - Adobe Systems Incorporated)
Adobe Lightroom Classic (HKLM-x32\...\LTRM_9_2_1) (Version: 9.2.1 - Adobe Inc.)
Adobe Media Encoder 2020 (HKLM-x32\...\AME_14_0_1) (Version: 14.0.1 - Adobe Inc.)
Adobe Photoshop 2020 (HKLM-x32\...\PHSP_21_0_2) (Version: 21.0.2 - Adobe Systems Incorporated)
Adobe Premiere Pro 2020 (HKLM-x32\...\PPRO_14_0_1) (Version: 14.0.1 - Adobe Systems Incorporated)
Apex Legends (HKLM-x32\...\{D7FBF176-382D-484E-863A-DFD1124A2A1C}) (Version: 1.0.4.1 - Electronic Arts, Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BleachBit 4.0.0.1628 (HKLM-x32\...\BleachBit) (Version: 4.0.0.1628 - BleachBit)
Blender (HKLM\...\{0294B421-9B23-49AE-917C-B62EF6D42E8B}) (Version: 2.83.1 - Blender Foundation)
Blitz 1.11.14 (HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\153f8ce0-b97a-575b-ba12-4ff8b1481894) (Version: 1.11.14 - Blitz, Inc.)
BorisFX Sapphire OFX (HKLM\...\GenArts Sapphire OFX_is1) (Version: 11.0 - Team V.R)
Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version:  - Blizzard Entertainment)
CPUID CPU-Z MSI 1.92 (HKLM\...\CPUID CPU-Z MSI_is1) (Version: 1.92 - CPUID, Inc.)
CPUID HWMonitor 1.41 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.41 - CPUID, Inc.)
Discord (HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\Discord) (Version: 0.0.307 - Discord Inc.)
Epic Games Launcher (HKLM-x32\...\{1D4EB18B-0FEE-444E-B4D1-6F2CFBC363E6}) (Version: 1.1.267.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FACEIT (HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\FACEITApp) (Version: 1.24.1 - FACEIT Ltd.)
FACEIT Anti-Cheat (HKLM\...\{1419E44C-0EF4-4822-9194-9F1A4D43973D}_is1) (Version: 2.0 - FACEIT LTD)
FileZilla Client 3.48.1 (HKLM-x32\...\FileZilla Client) (Version: 3.48.1 - Tim Kosse)
FTBApp 202007161516-479dedc615-release (HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\1726-2696-9539-5278) (Version: 202007161516-479dedc615-release - CreeperHost LTD)
GenArts Sapphire Plug-ins 6.13 for After Effects and Compatible (HKLM\...\GenArts Sapphire AE_is1) (Version:  - )
Glorious Model O Software (HKLM-x32\...\{0969D386-B5B4-41BD-98E3-4A1A7D32CB97}_is1) (Version: 1.0.9 - Glorious PC Gaming Race LLC.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 83.0.4103.116 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Gyazo 4.1.2.0 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  - Nota Inc.)
Intel® C++ Redistributables on Intel® 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\Riot Game league_of_legends.live) (Version:  - Riot Games, Inc)
Magic Bullet Suite (HKLM\...\Magic Bullet Suite v13.0.17) (Version:  - Red Giant LLC)
Mailspring (HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\Mailspring) (Version: 1.7.8 - Foundry 376, LLC)
Malwarebytes version 4.1.2.73 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.2.73 - Malwarebytes)
Maxon Cinema 4D R21 (HKLM\...\Maxon Cinema 4D R21) (Version: R21 - Maxon)
Microsoft OneDrive (HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\OneDriveSetup.exe) (Version: 20.134.0705.0008 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual Studio Code (HKLM\...\{EA457B21-F73E-494C-ACAB-524FDE069978}_is1) (Version: 1.45.1 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32\...\{F6678473-0198-46D0-A88F-2A247E6FA03C}) (Version: 1.0.0.0 - Mojang)
Mozilla Firefox 77.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 77.0.1 (x64 en-US)) (Version: 77.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 77.0.1 - Mozilla)
Mullvad VPN 2020.5.0 (HKLM\...\{2A356FD4-03B7-4F45-99B4-737BE580DC82}) (Version: 2020.5.0 - Mullvad VPN)
Mullvad-Wintun (HKLM\...\{3F8BDD2B-DF33-4D58-9963-6236A41BE905}) (Version: 1.0 - Amagicom AB) Hidden
NordVPN (HKLM\...\{19465C24-3D5D-4327-B99F-3CC0A1D38151}_is1) (Version: 6.31.5.0 - TEFINCOM S.A.)
NordVPN network TAP (HKLM-x32\...\{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 - NordVPN)
NordVPN network TUN (HKLM\...\{77DA107A-7AE4-497D-A84A-B143C3A21676}) (Version: 1.0.0 - NordVPN)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.4.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.4.14 - NVIDIA Corporation)
NVIDIA Graphics Driver 452.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 452.06 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.34 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden
Oracle VM VirtualBox 6.1.12 (HKLM\...\{BD4C2875-9059-4C94-A7B5-493A538AC180}) (Version: 6.1.12 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.81.43142 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
Proxifier version 3.42 (HKLM-x32\...\Proxifier_is1) (Version: 3.42 - Initex)
Python 3.8.3 (32-bit) (HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\{6f6f2a2d-6475-4359-bc65-b2cf464bd085}) (Version: 3.8.3150.0 - Python Software Foundation)
Python 3.8.3 Core Interpreter (32-bit) (HKLM-x32\...\{D3A7FDC5-BA4E-44FC-8822-800226B81C71}) (Version: 3.8.3150.0 - Python Software Foundation) Hidden
Python 3.8.3 Development Libraries (32-bit) (HKLM-x32\...\{EA35D9DB-86A9-4705-9D15-7FE33E261450}) (Version: 3.8.3150.0 - Python Software Foundation) Hidden
Python 3.8.3 Documentation (32-bit) (HKLM-x32\...\{BAF129CE-5C13-4383-9807-A44055644E08}) (Version: 3.8.3150.0 - Python Software Foundation) Hidden
Python 3.8.3 Executables (32-bit) (HKLM-x32\...\{D1EFF389-2F77-4A46-8AFD-4F37BC6F1F99}) (Version: 3.8.3150.0 - Python Software Foundation) Hidden
Python 3.8.3 pip Bootstrap (32-bit) (HKLM-x32\...\{4ADFAA3D-1670-4161-A64A-83535B6D78C6}) (Version: 3.8.3150.0 - Python Software Foundation) Hidden
Python 3.8.3 Standard Library (32-bit) (HKLM-x32\...\{26B2CC8C-1492-437D-B27A-655AFB3647DE}) (Version: 3.8.3150.0 - Python Software Foundation) Hidden
Python 3.8.3 Tcl/Tk Support (32-bit) (HKLM-x32\...\{56AC5D63-87FC-4BA0-B4F2-6013D58F3302}) (Version: 3.8.3150.0 - Python Software Foundation) Hidden
Python 3.8.3 Test Suite (32-bit) (HKLM-x32\...\{0F5C1C82-9A7A-4FB4-8681-D4E7E9BBFD9C}) (Version: 3.8.3150.0 - Python Software Foundation) Hidden
Python 3.8.3 Utility Scripts (32-bit) (HKLM-x32\...\{14A8B424-0141-4E46-A1E2-548DF8349BB7}) (Version: 3.8.3150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{406A47EE-C4AE-4944-BADE-1B543A443873}) (Version: 3.8.7072.0 - Python Software Foundation)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.5.0730.072314 - Razer Inc.)
ReelSmart Motion Blur v5 for After Effects and Premiere Pro (HKLM\...\ReelSmart Motion Blur v5 for After Effects and Premiere Pro 5.1.8) (Version: 5.1.8 - RE:Vision Effects)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version:  - Riot Games, Inc.)
ShareX (HKLM\...\82E6AC09-0FEF-4390-AD9F-0DD3F5561EFC_is1) (Version: 13.1.0 - ShareX Team)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteelSeries Engine 3.18.3 (HKLM\...\SteelSeries Engine 3) (Version: 3.18.3 - SteelSeries ApS)
Streamlabs OBS (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.22.3 - General Workings, Inc.)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.5.3 - TeamSpeak Systems GmbH)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.7.6 - TeamViewer)
Uplay (HKLM-x32\...\Uplay) (Version: 73.0 - Ubisoft)
VALORANT (HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\Riot Game valorant.live) (Version:  - Riot Games, Inc)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.10 - VideoLAN)
WinDirStat 1.1.2 (HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\WinDirStat) (Version:  - )
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.23072 - Microsoft Corporation)
WinRAR 5.90 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.90.0 - win.rar GmbH)
 
Packages:
=========
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.39.4.0_x86__kgqvnymyfvs32 [2020-06-25] (king.com)
Farm Heroes Saga -> C:\Program Files\WindowsApps\king.com.FarmHeroesSaga_5.40.3.0_x86__kgqvnymyfvs32 [2020-06-25] (king.com)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-06-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-06-11] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.5012.0_x64__8wekyb3d8bbwe [2020-06-15] (Microsoft Studios) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-06-12] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.958.0_x64__56jybvy8sckqj [2020-06-25] (NVIDIA Corp.)
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c [2020-06-15] (Skype)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.136.734.0_x86__zpdnekdrzrea0 [2020-07-05] (Spotify AB) [Startup Task]
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-08-14] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_ba8c9c14f3d320cb\nvshext.dll [2020-08-14] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-08-14] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
 
==================== Codecs (Whitelisted) ====================
 
==================== Shortcuts & WMI ========================
 
==================== Loaded Modules (Whitelisted) =============
 
2020-08-22 22:35 - 2020-08-22 07:16 - 000034816 _____ () [File not signed] \\?\C:\Users\ciara\AppData\Local\Programs\Blitz\resources\app.asar.unpacked\build\Release\blitz_core.node
2020-08-22 22:35 - 2020-08-22 07:16 - 001294336 _____ () [File not signed] \\?\C:\Users\ciara\AppData\Local\Programs\Blitz\resources\app.asar.unpacked\lib\blitz-init\native\index.node
2020-06-27 20:20 - 2020-08-22 07:16 - 000119296 _____ () [File not signed] \\?\C:\Users\ciara\AppData\Local\Programs\Blitz\resources\app.asar.unpacked\node_modules\blitz-injector\build\Release\injector.node
2020-06-27 20:20 - 2020-08-22 07:16 - 000174080 _____ () [File not signed] \\?\C:\Users\ciara\AppData\Local\Programs\Blitz\resources\app.asar.unpacked\node_modules\ffi-napi\build\Release\ffi_bindings.node
2020-06-27 20:20 - 2020-08-22 07:16 - 001111040 _____ () [File not signed] \\?\C:\Users\ciara\AppData\Local\Programs\Blitz\resources\app.asar.unpacked\node_modules\iconv\build\Release\iconv.node
2020-06-27 20:20 - 2020-08-22 07:16 - 000415232 _____ () [File not signed] \\?\C:\Users\ciara\AppData\Local\Programs\Blitz\resources\app.asar.unpacked\node_modules\leveldown\prebuilds\win32-ia32\node.napi.node
2020-08-22 22:35 - 2020-08-22 07:16 - 000140288 _____ () [File not signed] \\?\C:\Users\ciara\AppData\Local\Programs\Blitz\resources\app.asar.unpacked\node_modules\ref-napi\build\Release\binding.node
2020-08-11 03:13 - 2020-08-18 19:46 - 000015360 _____ () [File not signed] C:\Program Files (x86)\Origin\libEGL.DLL
2020-08-11 03:13 - 2020-08-18 19:46 - 003090944 _____ () [File not signed] C:\Program Files (x86)\Origin\libGLESv2.dll
2020-06-27 20:20 - 2020-08-22 07:16 - 002567680 _____ () [File not signed] C:\Users\ciara\AppData\Local\Programs\Blitz\ffmpeg.dll
2020-06-27 20:20 - 2020-08-22 07:16 - 000384512 _____ () [File not signed] C:\Users\ciara\AppData\Local\Programs\Blitz\swiftshader\libegl.dll
2020-06-27 20:20 - 2020-08-22 07:16 - 002839552 _____ () [File not signed] C:\Users\ciara\AppData\Local\Programs\Blitz\swiftshader\libglesv2.dll
2020-06-10 21:44 - 2020-06-10 21:44 - 002146304 _____ (Holtek Semiconductor Inc.) [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine 3\HIDDLL.dll
2020-06-10 21:44 - 2020-06-10 21:44 - 002284032 _____ (Holtek) [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine 3\ISPDLL.dll
2020-08-18 19:46 - 2020-08-18 19:46 - 000002560 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Origin\icudt58.dll
2020-08-18 19:46 - 2020-08-18 19:46 - 001252864 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Origin\icuuc58.dll
2020-08-11 03:13 - 2020-08-18 19:46 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2020-08-11 03:13 - 2020-08-18 19:46 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2020-07-01 18:13 - 2020-07-01 18:13 - 002080256 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Red Giant\Services\LIBEAY32.dll
2020-08-18 19:46 - 2020-08-18 19:46 - 000030208 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qgif.dll
2020-08-18 19:46 - 2020-08-18 19:46 - 000032768 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qico.dll
2020-08-18 19:46 - 2020-08-18 19:46 - 000256512 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
2020-08-18 19:46 - 2020-08-18 19:46 - 000026112 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qtga.dll
2020-08-18 19:46 - 2020-08-18 19:46 - 000305152 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qtiff.dll
2020-08-18 19:46 - 2020-08-18 19:46 - 000025600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
2020-08-11 03:13 - 2020-08-18 19:46 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2020-08-18 19:46 - 2020-08-18 19:46 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2020-08-18 19:46 - 2020-08-18 19:46 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2020-08-18 19:46 - 2020-08-18 19:46 - 000709120 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Multimedia.dll
2020-08-18 19:46 - 2020-08-18 19:46 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2020-08-18 19:46 - 2020-08-18 19:46 - 000207360 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Positioning.dll
2020-08-18 19:46 - 2020-08-18 19:46 - 000310272 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5PrintSupport.dll
2020-08-18 19:46 - 2020-08-18 19:46 - 003513344 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Qml.dll
2020-08-18 19:46 - 2020-08-18 19:46 - 003390976 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Quick.dll
2020-08-18 19:46 - 2020-08-18 19:46 - 000068096 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5QuickWidgets.dll
2020-08-18 19:46 - 2020-08-18 19:46 - 000045568 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5TextToSpeech.dll
2020-08-18 19:46 - 2020-08-18 19:46 - 000116224 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebChannel.dll
2020-08-18 19:46 - 2020-08-18 19:46 - 054071296 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebEngineCore.dll
2020-08-18 19:46 - 2020-08-18 19:46 - 000211456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebEngineWidgets.dll
2020-08-18 19:46 - 2020-08-18 19:46 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2020-08-18 19:46 - 2020-08-18 19:46 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2020-08-18 19:46 - 2020-08-18 19:46 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [490]
 
==================== Safe Mode (Whitelisted) ==================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer trusted/restricted ==========
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2019-12-07 10:14 - 2020-07-24 21:17 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Program Files (x86)\Razer\ChromaBroadcast\bin;C:\Program Files\Razer\ChromaBroadcast\bin;C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\intel64\compiler;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\Microsoft VS Code\bin;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\WindowsApps;;C:\Program Files\Mullvad VPN\resources;
HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\Control Panel\Desktop\\Wallpaper -> D:\Downloads\ddvv6rp-082eda72-41c9-489c-9545-aa18121b8def.png
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
 
Network Binding:
=============
VirtualBox Host-Only Network: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) 
VirtualBox Host-Only Network: NordVPN LightWeight Firewall -> NordLwf (enabled) 
Ethernet: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) 
Ethernet: NordVPN LightWeight Firewall -> NordLwf (enabled) 
Ethernet 2: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) 
Ethernet 2: NordVPN LightWeight Firewall -> NordLwf (enabled) 
Mullvad: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) 
Mullvad: NordVPN LightWeight Firewall -> NordLwf (enabled) 
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
HKLM\...\StartupApproved\Run32: => "Discord"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\StartupApproved\StartupFolder: => "Mailspring.lnk"
HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\StartupApproved\Run: => "Battle.net"
HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\StartupApproved\Run: => "CCXProcess"
HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\StartupApproved\Run: => "Gyazo"
HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\StartupApproved\Run: => "NordVPN"
HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\StartupApproved\Run: => "WallpaperEngine"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [TCP Query User{89CDB862-56E6-4081-8963-EB9756EDCEA2}C:\users\ciara\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\ciara\appdata\roaming\spotify\spotify.exe => No File
FirewallRules: [UDP Query User{8C46E5DB-22E3-4F9E-BA97-0968EDDDD874}C:\users\ciara\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\ciara\appdata\roaming\spotify\spotify.exe => No File
FirewallRules: [{F7D40FA6-EF18-4688-862A-5C5E95A3BADD}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{1CB03558-1C17-4BF1-A1F3-E89E3E57870E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{AF15FEBD-CE73-48D0-A39B-C28032C65C48}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{6E405BC8-3D89-4B75-9954-CE63FE539AFE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{D2813E4B-8B24-4399-BE6D-29551E206D87}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F3D5A8AE-CDA2-4A1B-8169-285C542A6F38}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{169A236E-905E-4F2B-A40F-328737459CF3}] => (Allow) D:\SteamLibrary\steamapps\common\FPSAimTrainer\FPSAimTrainer.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{611C74AC-F549-4E62-9AE5-65AF50AF67B5}] => (Allow) D:\SteamLibrary\steamapps\common\FPSAimTrainer\FPSAimTrainer.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{D1AF23FB-76EC-4C45-A3AC-BB7CCF135614}D:\steamlibrary\steamapps\common\fpsaimtrainer\fpsaimtrainer\binaries\win64\fpsaimtrainer-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\fpsaimtrainer\fpsaimtrainer\binaries\win64\fpsaimtrainer-win64-shipping.exe () [File not signed]
FirewallRules: [UDP Query User{A6722C37-7908-4677-95AB-375B092C9DC8}D:\steamlibrary\steamapps\common\fpsaimtrainer\fpsaimtrainer\binaries\win64\fpsaimtrainer-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\fpsaimtrainer\fpsaimtrainer\binaries\win64\fpsaimtrainer-win64-shipping.exe () [File not signed]
FirewallRules: [TCP Query User{7F802E8D-8000-4391-888C-1933CCB90F4A}C:\program files (x86)\call of duty modern warfare\modernwarfare.exe] => (Allow) C:\program files (x86)\call of duty modern warfare\modernwarfare.exe => No File
FirewallRules: [UDP Query User{AE07A41D-4A2A-4315-9EC6-A062CE76C87A}C:\program files (x86)\call of duty modern warfare\modernwarfare.exe] => (Allow) C:\program files (x86)\call of duty modern warfare\modernwarfare.exe => No File
FirewallRules: [TCP Query User{3E7BDC12-66BD-4527-AA02-E8EF3DAB3420}D:\games\call of duty modern warfare\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\games\call of duty modern warfare\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [UDP Query User{B8C7B440-AB31-4E53-AD2C-2B1BFFFF2C4B}D:\games\call of duty modern warfare\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\games\call of duty modern warfare\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [{623410C7-2BBC-401B-AAD5-F10A07209DE7}] => (Allow) D:\SteamLibrary\steamapps\common\wallpaper_engine\launcher.exe (Kristjan Skutta -> )
FirewallRules: [{2E797113-5775-4838-B654-7910CAD13736}] => (Allow) D:\SteamLibrary\steamapps\common\wallpaper_engine\launcher.exe (Kristjan Skutta -> )
FirewallRules: [{317BE8F6-E978-4943-9D47-3A51DA5943B4}] => (Allow) C:\Users\ciara\Desktop\New folder\Client.exe (International Media Ltd -> International Media Ltd)
FirewallRules: [{19A71299-11D0-4780-AA6D-02EF643FE574}] => (Allow) C:\Users\ciara\Desktop\New folder\forward.exe (International Media Ltd ->  International Media Ltd)
FirewallRules: [{9E412DAA-46F6-47BE-975B-130BAB2470A5}] => (Allow) C:\Users\ciara\Desktop\New folder\Lineupd.exe (International Media Ltd -> International Media Ltd)
FirewallRules: [{23D9B8E0-6BF7-4E9B-B8E7-187623D9A40F}] => (Allow) C:\Users\ciara\Desktop\New folder\newforward.exe (International Media Ltd -> International Media Ltd)
FirewallRules: [{C765881B-0A24-4E78-A705-441FFAA9CC38}] => (Allow) C:\Users\ciara\Desktop\New folder\newsocket.exe (International Media Ltd -> International Media Ltd)
FirewallRules: [{48B621F8-9019-4DA2-A36A-8863AFBB4907}] => (Allow) C:\Users\ciara\Desktop\New folder\socket.exe (International Media Ltd -> International Media Ltd)
FirewallRules: [{CF107EF8-73CF-486E-B444-5720CA7015BA}] => (Allow) C:\Users\ciara\Desktop\New folder\ProxyTool\ProxyAPI.exe (International Media Ltd -> International Media Ltd)
FirewallRules: [{BDAAD038-1B63-4F78-B450-EF4DB1D66B7F}] => (Allow) C:\Users\ciara\Desktop\New folder\ProxyTool\Monitor.exe (International Media Ltd -> International Media Ltd)
FirewallRules: [{7F982A48-4EDD-4493-8CE8-5DAE14FE215C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{248A39A7-3A0D-4203-A9D7-CC5D5112BB8F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [TCP Query User{7B891A83-091A-4D4E-9FFB-721AE0DA1F71}C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [UDP Query User{48F6A267-A603-41BE-8997-9619869888B7}C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{684FE636-18BA-4AC0-AB56-35BC8A1DD0C8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{869B63CD-6674-471C-A3B7-F75B8D516F5B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B0593319-76BF-4A76-A594-AA554BC41FFE}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{1EE6ABBF-A767-4CD6-9CD0-FA524DBCF387}C:\users\ciara\appdata\local\programs\blitz\blitz.exe] => (Allow) C:\users\ciara\appdata\local\programs\blitz\blitz.exe (Swift Media Entertainment, Inc. -> Blitz, Inc.)
FirewallRules: [UDP Query User{F5D1BDF7-30F9-4BDC-AC63-0C280D8E2ACE}C:\users\ciara\appdata\local\programs\blitz\blitz.exe] => (Allow) C:\users\ciara\appdata\local\programs\blitz\blitz.exe (Swift Media Entertainment, Inc. -> Blitz, Inc.)
FirewallRules: [{6F68B01B-8939-4EFE-8A97-FCA2328F5F35}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{B719BE31-320A-4812-9603-B63E639C85C1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{7AE48087-028B-4FFF-A58B-10D4FC542E36}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{2F29FBBA-53D7-41D5-84EA-2C95DFB51B2E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [TCP Query User{89331BFC-8864-48BF-ADEC-5E5AFF48BCC9}C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [UDP Query User{543D5A27-6E49-4CAC-B1CC-BD1A15F5577C}C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{6BE7EE71-7DCF-4647-A0FF-1A3A5DD301DF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.136.734.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FB01C202-E803-4E36-98A9-E70ADEAC47D0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.136.734.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E9C7D277-C3BB-4218-A11B-2035F0FB0115}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.136.734.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2AA45EA5-FD03-4388-92FA-312FCED0B686}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.136.734.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{157CAB00-E870-49C9-8878-3C74328AF763}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.136.734.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{73858C5F-C49C-4117-AC67-A678450AFF8C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.136.734.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{051D58A5-64E8-4B63-B53D-11CA2AF67B72}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.136.734.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D82ABFEA-4D2D-424C-A97A-A149359FF9C7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.136.734.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C6FAD4CE-20B5-447E-9257-D9C58D190DDA}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{62C123C0-696B-4245-BFBF-6A3D5416385F}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{AAE4DD9A-6561-4DB4-A41F-8045CB8A3C93}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_Vulkan.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{5482F7F6-EFE6-4451-8C64-0605F9CDBE45}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_Vulkan.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{AE202ACE-38E9-40AC-9CD5-18C84554DEEE}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{2C59E271-0ECC-4360-BEB6-376316F338B3}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{A269CDF7-CD14-44CF-A297-B26D15956F85}] => (Allow) D:\SteamLibrary\steamapps\common\Slapshot\slapshot.exe (The NWJS Community) [File not signed]
FirewallRules: [{3A3FDCE3-DF1D-45F9-9CCD-4498A8633B54}] => (Allow) D:\SteamLibrary\steamapps\common\Slapshot\slapshot.exe (The NWJS Community) [File not signed]
FirewallRules: [TCP Query User{941ECEEC-1743-4335-90E6-979920D1147E}D:\games\call of duty modern warfare\overwatch\_retail_\overwatch.exe] => (Allow) D:\games\call of duty modern warfare\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{0E180A44-6E58-4837-98E2-12BDB6236FCB}D:\games\call of duty modern warfare\overwatch\_retail_\overwatch.exe] => (Allow) D:\games\call of duty modern warfare\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{6DF95C9B-8C00-461D-97EC-1F55ACDC08A6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{646E92F4-0927-4BDD-962A-5369C736221E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1D7FA545-68DB-4F27-B65F-49709D78AAAB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1DCD6689-D37A-4AD1-9E13-155FDE7BD25E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{127362C5-AF5B-4C11-9942-9599370EC359}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{0DD80E6A-4175-4A12-8DE9-363DBAD7AAEA}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{37FCB7FF-C4B7-4F95-A532-A58AF1F6072D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{8F6460FB-1D24-401B-859F-0F763AEEB529}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{5860DC40-67CE-4A6A-957B-72F8C7452AC9}] => (Allow) D:\SteamLibrary\steamapps\common\Halo The Master Chief Collection\mcclauncher.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{B0C60894-27E6-4503-A1E1-345848499370}] => (Allow) D:\SteamLibrary\steamapps\common\Halo The Master Chief Collection\mcclauncher.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{174DD1C4-B525-4FF3-BBE5-D060EC47FBA9}] => (Allow) D:\SteamLibrary\steamapps\common\Halo The Master Chief Collection\MCC\Binaries\Win64\MCC-Win64-Shipping.exe (343 Industries (Microsoft Corporation) -> Microsoft Corporation)
FirewallRules: [{CC4D1732-9001-41CF-9ACE-77700CD24466}] => (Allow) D:\SteamLibrary\steamapps\common\Halo The Master Chief Collection\MCC\Binaries\Win64\MCC-Win64-Shipping.exe (343 Industries (Microsoft Corporation) -> Microsoft Corporation)
FirewallRules: [TCP Query User{6274AA14-B90E-4748-BBA7-7A2484AC18AC}C:\program files\epic games\roguecompany\roguecompany\binaries\win64\roguecompany.exe] => (Allow) C:\program files\epic games\roguecompany\roguecompany\binaries\win64\roguecompany.exe (Hi-Rez Studios, Inc.) [File not signed]
FirewallRules: [UDP Query User{E48465AA-4C70-4780-8384-27A915DCDBF7}C:\program files\epic games\roguecompany\roguecompany\binaries\win64\roguecompany.exe] => (Allow) C:\program files\epic games\roguecompany\roguecompany\binaries\win64\roguecompany.exe (Hi-Rez Studios, Inc.) [File not signed]
FirewallRules: [{2F987F1E-79A6-4EE1-9456-A727E8C8BF0A}] => (Allow) D:\SteamLibrary\steamapps\common\Deceit\bin\win_x64\Deceit.exe (Crytek GmbH) [File not signed]
FirewallRules: [{DB0CAC54-4D47-4D83-BA0B-E2B2B91BC4F0}] => (Allow) D:\SteamLibrary\steamapps\common\Deceit\bin\win_x64\Deceit.exe (Crytek GmbH) [File not signed]
FirewallRules: [{FFB3AD7E-1C94-40B6-A61A-AFA522024C0F}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{410F46B3-C2AD-4E7D-967F-072CB3297546}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{04DE6697-CC2C-4B50-9886-7011F0174526}] => (Allow) C:\Program Files\Epic Games\Diabotical\diabotical.exe () [File not signed]
FirewallRules: [{9BB32F98-664E-446A-A465-77591034CAA2}] => (Allow) C:\Program Files\Epic Games\Diabotical\diabotical.exe () [File not signed]
FirewallRules: [{E9209C0A-FC96-4FF2-9066-6B3668797048}] => (Allow) C:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{8C0AA6EA-2023-47F6-918A-32743026D697}] => (Allow) C:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{E58D832D-3D60-4708-98B7-E56FD1D5DA24}] => (Allow) D:\SteamLibrary\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Kristjan Skutta -> )
FirewallRules: [{5248A18B-C468-417A-8E75-A0293ACE7993}] => (Allow) D:\SteamLibrary\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Kristjan Skutta -> )
FirewallRules: [{CD5DB6CD-0E61-49B7-A73B-8A37A30177CB}] => (Allow) D:\SteamLibrary\steamapps\common\VRChat\VRChat.exe () [File not signed]
FirewallRules: [{611E2819-C1E3-44B2-84D8-4320AF2D8F4D}] => (Allow) D:\SteamLibrary\steamapps\common\VRChat\VRChat.exe () [File not signed]
FirewallRules: [{95548FAC-153F-43D8-B01B-D6F266969A0D}] => (Allow) D:\SteamLibrary\steamapps\common\Among Us\Among Us.exe () [File not signed]
FirewallRules: [{E26E1C76-EF1A-4635-9FA9-58E2635B094A}] => (Allow) D:\SteamLibrary\steamapps\common\Among Us\Among Us.exe () [File not signed]
FirewallRules: [{EB7C0A04-3AF6-4BCF-B21F-1A3B0D57A3B0}] => (Allow) D:\SteamLibrary\steamapps\common\SCP Secret Laboratory\SCPSL.exe (Hubert Moszka Northwood -> Northwood Studios)
FirewallRules: [{B9A9A7A9-B47B-447C-8074-5A6662E64030}] => (Allow) D:\SteamLibrary\steamapps\common\SCP Secret Laboratory\SCPSL.exe (Hubert Moszka Northwood -> Northwood Studios)
FirewallRules: [{3149F1ED-24B1-4D5F-AA2C-4C4B2EC7EF6E}] => (Allow) D:\SteamLibrary\steamapps\common\GarrysMod\hl2.exe () [File not signed]
FirewallRules: [{3CB1E54D-825E-48CC-A937-8B0E0F4AEEEE}] => (Allow) D:\SteamLibrary\steamapps\common\GarrysMod\hl2.exe () [File not signed]
FirewallRules: [{4B13D97E-6B8C-4B00-8D77-1AB839F70532}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F246D906-1189-46A6-8F62-F1D8828B6C8E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{74E601EC-957F-4F5E-9C85-EC8FC9C60BDC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AC9B0552-FD9F-41AA-A96D-C9E24554E1EF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{50116A37-EAC6-4E4E-82EF-3EF0B1A948C2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.140.508.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{04B7D707-E1FB-4A0B-8945-6185E51890D5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.140.508.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D0ED8A91-D163-42E6-A676-A370AC39D6F1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.140.508.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6C30AC54-97F8-4623-8542-9E1BFC47B44E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.140.508.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0A871C00-D21A-4CCA-8BA4-2BF4CE253214}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.140.508.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{79F9B24C-4977-4D57-ABDC-19BED6A1F104}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.140.508.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{34E3C0BA-2BD8-4C8E-9534-E21B2D965855}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.140.508.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FBE49886-03AF-4BDE-A625-C3DF615CF9E0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.140.508.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
 
==================== Restore Points =========================
 
04-08-2020 22:50:35 Installed Oracle VM VirtualBox 6.1.12
11-08-2020 03:34:23 Installed DirectX
17-08-2020 02:58:26 Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127
20-08-2020 04:32:25 Removed Java 8 Update 251
21-08-2020 21:11:31 Restore Point Created by FRST
25-08-2020 00:17:06 Windows Modules Installer
25-08-2020 00:17:29 Windows Modules Installer
25-08-2020 00:17:51 Windows Modules Installer
 
==================== Faulty Device Manager Devices ============
 
Name: Standard PS/2 Keyboard
Description: Standard PS/2 Keyboard
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: Microsoft PS/2 Mouse
Description: Microsoft PS/2 Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (08/24/2020 08:16:44 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Blitz.exe, version: 1.11.14.0, time stamp: 0x5f2828cc
Faulting module name: CoreMessaging.dll, version: 10.0.19041.264, time stamp: 0x1ad1cfae
Exception code: 0xc0000602
Fault offset: 0x0000f662
Faulting process id: 0x3304
Faulting application start time: 0x01d6798243afc34b
Faulting application path: C:\Users\ciara\AppData\Local\Programs\Blitz\Blitz.exe
Faulting module path: C:\WINDOWS\SYSTEM32\CoreMessaging.dll
Report Id: d0c92463-df2a-473e-a441-cde0e277100e
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (08/23/2020 09:22:35 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RzSDKService.exe, version: 2.8.3.55, time stamp: 0x5f191b5d
Faulting module name: ucrtbase.dll, version: 10.0.19041.1, time stamp: 0x587bd36d
Exception code: 0xc0000409
Fault offset: 0x0009d132
Faulting process id: 0x119c
Faulting application start time: 0x01d679268dfbb5e5
Faulting application path: C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
Faulting module path: C:\WINDOWS\System32\ucrtbase.dll
Report Id: ede1bf5a-9328-4a4c-93d1-d305b71ada3b
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (08/23/2020 09:16:51 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
 
Error: (08/23/2020 09:13:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SecHealthUI.exe, version: 10.0.19041.329, time stamp: 0xd8645085
Faulting module name: KERNELBASE.dll, version: 10.0.19041.292, time stamp: 0x84cd251b
Exception code: 0xc000027b
Fault offset: 0x000000000010b37c
Faulting process id: 0x262c
Faulting application start time: 0x01d679253b953952
Faulting application path: C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: 6849ace9-d463-4c21-a9c9-3e67ae0f96ad
Faulting package full name: Microsoft.Windows.SecHealthUI_10.0.19041.1_neutral__cw5n1h2txyewy
Faulting package-relative application ID: SecHealthUI
 
Error: (08/23/2020 09:08:25 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress.
.
 
Error: (08/23/2020 09:08:25 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
 
Error: (08/22/2020 05:40:35 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
 
Error: (08/21/2020 09:11:30 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
 
 
Operation:
   Gathering Writer Data
 
Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {3182c1c3-6ea9-40f9-981d-382ebed8f8fe}
 
 
System errors:
=============
Error: (08/25/2020 12:25:40 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9WZDNCRFJ364-MICROSOFT.SKYPEAPP.
 
Error: (08/25/2020 12:23:12 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80240017: Security Intelligence Update for Microsoft Defender Antivirus - KB2267602 (Version 1.321.2115.0).
 
Error: (08/25/2020 12:16:50 AM) (Source: VBoxNetLwf) (EventID: 12) (User: )
Description: The driver detected an internal driver error on \Device\VBoxNetLwf.
 
Error: (08/25/2020 12:16:49 AM) (Source: VBoxNetLwf) (EventID: 12) (User: )
Description: The driver detected an internal driver error on \Device\VBoxNetLwf.
 
Error: (08/23/2020 08:18:38 PM) (Source: VBoxNetLwf) (EventID: 12) (User: )
Description: The driver detected an internal driver error on \Device\VBoxNetLwf.
 
Error: (08/23/2020 08:18:38 PM) (Source: VBoxNetLwf) (EventID: 12) (User: )
Description: The driver detected an internal driver error on \Device\VBoxNetLwf.
 
Error: (08/23/2020 09:26:37 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The nordvpn-service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (08/23/2020 09:22:40 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Razer Chroma SDK Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
 
 
Windows Defender:
===================================
Date: 2020-06-18 16:05:24.2970000Z
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan ID: {F91B9DDC-992F-494C-B810-80FF3E9CBF6C}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2020-08-23 09:09:09.6270000Z
Description: 
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode 
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
 
Date: 2020-07-06 16:45:34.3780000Z
Description: 
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode 
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
 
CodeIntegrity:
===================================
 
Date: 2020-08-25 00:28:02.0610000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\PrxerNsp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2020-08-25 00:28:02.0600000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\PrxerNsp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2020-08-25 00:28:01.5630000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\PrxerNsp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2020-08-25 00:28:01.5620000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\PrxerNsp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2020-08-25 00:26:30.2450000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\PrxerNsp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2020-08-25 00:26:30.2440000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\PrxerNsp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2020-08-25 00:26:29.7250000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\PrxerNsp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2020-08-25 00:26:29.7250000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\PrxerNsp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
==================== Memory info =========================== 
 
BIOS: American Megatrends Inc. 1.A0 07/22/2016
Motherboard: MSI Z170A GAMING M5 (MS-7977)
Processor: Intel® Core™ i7-6700K CPU @ 4.00GHz
Percentage of memory in use: 45%
Total physical RAM: 16343.59 MB
Available physical RAM: 8859.04 MB
Total Virtual: 21975.59 MB
Available Virtual: 11816.84 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:464.44 GB) (Free:10.23 GB) NTFS
Drive d: (Storage homie) (Fixed) (Total:1863.01 GB) (Free:672.68 GB) NTFS
 
\\?\Volume{07edae41-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS
\\?\Volume{07edae41-0000-0000-0000-903b74000000}\ () (Fixed) (Total:0.83 GB) (Free:0.39 GB) NTFS
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: D34B90AC)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
 
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 07EDAE41)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=464.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=849 MB) - (Type=27)
 
==================== End of Addition.txt =======================

  • 0

#25
DR M

DR M

    GeekU Senior

  • GeekU Senior
  • 2,120 posts

Hi. :)

 

Services are running fine now.

 

I will be back with a new set of instructions.


  • 1

Advertisements


#26
DR M

DR M

    GeekU Senior

  • GeekU Senior
  • 2,120 posts
Hi, cmdiwnl.
 
We are moving on.
 
1. Eset online scan
 
The services are now running fine and the FRST logs look clean. No malware in them. Just to make sure everything is OK, please do another scan with Eset online scanner.

Download ESET Online Scanner and save it to your desktop.
  • Right-click on esetonlinescanner_enu.exe and select Run as Administrator.
  • When the tool opens, click Get Started.
  • Read and accept the license agreement.
  • At the Welcome to ESET Online Scanner window, click Get Started.
  • Select whether you would like to send anonymous data to ESET.
  • Note: if you see the "Welcome Back to ESET Online Scanner" screen, click Computer Scan > Full Scan.
  • Click on the Full Scan option.
  • Select Enable ESET to detect and remove potentially unwanted applications, then click Start scan.
  • ESET will now begin scanning your computer. This may take a few hours (usually 2-3).
  • When the scan is finished and if threats have been detected, select Save scan log. Save it to your desktop as eset.txt. Click on Continue.
  • ESET Online Scanner may ask if you'd like to turn on the Periodic Scan feature. Click on Continue.
  • On the next screen, you can leave feedback about the program if you wish. Check the box for Delete application data on closing. If you left feedback, click Submit and continue. If not, Close without feedback.
  • Open the scan log on your desktop (eset.txt) and copy and paste its contents into your next reply.
 
2. Free some disk space
 
I noticed that your hard disk space is around 10 GB. This could be a problem, not only because your computer will not function properly, but also because you will not be able to update its operating system. So, let's do some things that may help you free some space.
 
2. 1. Uninstall any unnecessary programs / Remove files you don't use
 
Well, I said "let's do some things" but it seems that the first step is yours. :)
 
Check if you have any programs you don't use and uninstall them. Also, if it's possible, save any files/documents you don't need on the computer in to an external hard disk and delete them from the computer. This will give you some extra space.
 
2.2. Disk Cleanup
 
This utility will help you free space without deleting useful files.
  • Press the Windows icon on your keyboard, together with the letter R.
  • Type in the blank area cleanmgr and then press OK.
  • Select Drive C and press OK.
  • Select everything you don't need in the list that will appear. Actually, you can select everything there, but be careful if you need some files in the Downloads folder.
  • Press the button Clean up system files and wait a bit.
  • Again, select everything you don't need, including old Windows installations, if any.
  • Select the tab More options.
  • Under the title System Restore and Shadow Copies, press Clean up.
  • Press Delete and OK if you are asked to.
  • Wait some time (depending of the items that are deleted).
  • Make a restart when the process is finished.

2.3. Empty temp files


Please do the following to run a FRST fix.

NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system
  • Please select the entire contents of the code box below, from the "Start::" line to "End::", including both lines. Right-click and select "Copy ". No need to paste anything to anywhere.
Start::
CreateRestorePoint:
CloseProcesses:mHKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
EmptyTemp:
End::
  • Please right-click on FRST64 on your Desktop, to run it as administrator. When the tool opens, click "yes" to the disclaimer.
  • Press the Fix button once and wait.
  • FRST will process fixlist.txt
  • When finished, it will produce a log fixlog.txt on your Desktop.
  • Please post the log in your next reply.
 
How is the computer running now? Please report any issues you are dealing with.
 
 
In your next reply please post:
 
1. The Eset report
2. The fixlist.txt
3. Your comments about the computer now

Edited by DR M, 25 August 2020 - 08:07 PM.

  • 0

#27
cmdiwnl

cmdiwnl

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
27/08/2020 06:44:42
Files scanned: 678265
Detected files: 1
Cleaned files: 1
Total scan time 01:16:42
Scan status: Finished
 
 
C:\Windows.old\Users\ciara\OneDrive\Desktop\New folder (2)\New folder (11)\New folder (2)\login.exe a variant of Win64/Packed.VMProtect.KL trojan cleaned by deleting
 
 
Fix result of Farbar Recovery Scan Tool (x64) Version: 26-08-2020
Ran by ciara (27-08-2020 07:17:53) Run:4
Running from D:\Downloads
Loaded Profiles: ciara
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
CreateRestorePoint:
CloseProcesses:mHKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
EmptyTemp:
 
*****************
 
Restore point was successfully created.
Processes closed successfully.
 
=========== EmptyTemp: ==========
 
BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 31603989 B
Java, Flash, Steam htmlcache => 124625847 B
Windows/system/drivers => 1024942 B
Edge => 98740 B
Chrome => 536388688 B
Firefox => 0 B
Opera => 0 B
 
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 89618 B
NetworkService => 114256 B
ciara => 106985204 B
 
RecycleBin => 0 B
EmptyTemp: => 773.9 MB temporary data Removed.
 
================================
 
 
The system needed a reboot.
 
==== End of Fixlog 07:18:32 ====
 
 

Yea the computer is a bit faster now I believe and also the security settings seem to working fine now as well


  • 0

#28
DR M

DR M

    GeekU Senior

  • GeekU Senior
  • 2,120 posts

Can I have fresh FRST logs please? FRST.txt and Addition.txt.


  • 0

#29
cmdiwnl

cmdiwnl

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-08-2020

Ran by ciara (administrator) on DESKTOP-KT5JT22 (MSI MS-7977) (27-08-2020 23:59:37)

Running from D:\Downloads

Loaded Profiles: ciara

Platform: Windows 10 Pro Version 2004 19041.450 (X64) Language: English (United States)

Default browser: Chrome

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

(Amagicom AB -> Mullvad VPN AB) C:\Program Files\Mullvad VPN\resources\mullvad-daemon.exe

(Discord Inc. -> Discord Inc.) C:\Users\ciara\AppData\Local\Discord\app-0.0.307\Discord.exe <6>

(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe

(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\UnrealCEFSubProcess.exe

(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe

(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <21>

(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <3>

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe

(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2008.8-0\MsMpEng.exe

(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2008.8-0\NisSrv.exe

(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe

(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>

(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>

(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe

(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_ba8c9c14f3d320cb\Display.NvContainer\NVDisplay.Container.exe <2>

(Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe

(Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe

(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe

(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe

(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe

(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe

(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe

(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe

(Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe <2>

(Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\CefSharp.BrowserSubprocess.exe <2>

(Red Giant   LLC -> Red Giant LLC) C:\Program Files\Red Giant\Services\Red Giant Service.exe

(Riot Games, Inc. -> Riot Games, Inc.) C:\Program Files\Riot Vanguard\vgtray.exe

(Spotify AB) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.140.508.0_x86__zpdnekdrzrea0\Spotify.exe <5>

(SteelSeries ApS -> ) C:\ProgramData\SteelSeries\SteelSeries Engine 3\engineApps\system-stats\runStatsElevated.exe

(SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe

(SteelSeries ApS -> SteelSeries) C:\ProgramData\SteelSeries\SteelSeries Engine 3\engineApps\system-stats\SystemStatsOHM.exe

(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

(TEFINCOM S.A. -> TEFINCOM S.A.) C:\Program Files\NordVPN\NordVPN.exe

(TEFINCOM S.A. -> TEFINCOM S.A.) C:\Program Files\NordVPN\nordvpn-service.exe

(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe

(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>

(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe

 

==================== Registry (Whitelisted) ===================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [353776 2020-07-30] (Riot Games, Inc. -> Riot Games, Inc.)

HKLM-x32\...\Run: [Discord] => C:\ProgramData\SquirrelMachineInstalls\Discord.exe [61370712 2020-06-10] (Discord Inc. -> Discord Inc.)

HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\Run: [Battle.net] => C:\Program Files (x86)\Battle.net\Battle.net.exe [1136104 2020-08-02] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)

HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\Run: [Discord] => C:\Users\ciara\AppData\Local\Discord\app-0.0.307\Discord.exe [91023672 2020-08-04] (Discord Inc. -> Discord Inc.)

HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3377440 2020-07-31] (Valve -> Valve Corporation)

HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [597640 2020-02-07] (Adobe Inc. -> Adobe Systems Incorporated)

HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32407952 2020-08-26] (Epic Games Inc. -> Epic Games, Inc.)

HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [915848 2020-03-30] (Nota Inc. -> Nota Inc.)

HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\Run: [WallpaperEngine] => D:\SteamLibrary\steamapps\common\wallpaper_engine\wallpaper32.exe [2887160 2020-07-12] (Kristjan Skutta -> )

HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\Run: [com.blitz.app] => C:\Users\ciara\AppData\Local\Programs\Blitz\Blitz.exe [108260048 2020-08-26] (Swift Media Entertainment, Inc. -> Blitz, Inc.)

HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3513072 2020-07-23] (Razer USA Ltd. -> Razer Inc.)

HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\Run: [FACEIT] => C:\Users\ciara\AppData\Local\FACEITApp\update.exe [2204608 2020-07-30] (FACE IT LIMITED -> )

HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\Run: [NordVPN] => C:\Program Files\NordVPN\NordVPN.exe [269584 2020-07-10] (TEFINCOM S.A. -> TEFINCOM S.A.)

HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3143456 2020-08-18] (Electronic Arts, Inc. -> Electronic Arts)

HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3513072 2020-07-23] (Razer USA Ltd. -> Razer Inc.)

HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.116\Installer\chrmstp.exe [2020-06-24] (Google LLC -> Google LLC)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2020-08-08]

ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS -> SteelSeries ApS)

Startup: C:\Users\ciara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mailspring.lnk [2020-06-29]

ShortcutTarget: Mailspring.lnk -> C:\Users\ciara\AppData\Local\Mailspring\Update.exe (Foundry 376, LLC -> )

Startup: C:\Users\ciara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ShareX.lnk [2020-08-01]

ShortcutTarget: ShareX.lnk -> C:\Program Files\ShareX\ShareX.exe (ShareX Team) [File not signed]

 

==================== Scheduled Tasks (Whitelisted) ============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

Task: {27DC39CE-0E05-4A55-967A-C9EF414C806A} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [124624 2020-06-03] (Mozilla Corporation -> Mozilla Foundation)

Task: {38A147DD-FE1F-4BE8-A6DE-E6547124069F} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {3EC1AB5D-F7C4-407B-9796-8F8EDA876EDA} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [6785448 2020-03-30] (Nota Inc. -> Nota Inc.)

Task: {3F7A0076-A7F2-4790-A0BB-26AE4A501F0F} - System32\Tasks\EOSv3 Scheduler onLogOn => D:\Downloads\esetonlinescanner.exe [14860896 2020-08-26] (ESET, spol. s r.o. -> ESET spol. s r.o.)

Task: {44B1AED4-818F-4D93-9501-47FA09A24E66} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {470AA631-2987-42BF-85E5-8650E96898AD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.8-0\MpCmdRun.exe [525048 2020-08-27] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: {5D0E1981-9932-43EF-9E7D-A6A2D8189493} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.8-0\MpCmdRun.exe [525048 2020-08-27] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: {81A195CE-B004-4FEF-BCE7-116E5C75D059} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {84D4B109-5623-4273-BE11-148E211BB412} - System32\Tasks\Agent Activation Runtime\S-1-5-21-3266006208-3946979777-4142415845-1001 => C:\WINDOWS\System32\AgentActivationRuntimeStarter.exe [13312 2020-06-10] (Microsoft Windows -> )

Task: {86932916-3A91-4682-BA1A-19B4BDA5D826} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: {8CC4F12C-7D02-43E3-AE3B-AA1EC127821F} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-05-07] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {98A080E1-E215-4127-9F93-112F96D0F0B6} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [6785448 2020-03-30] (Nota Inc. -> Nota Inc.)

Task: {A211F0FD-1D80-48BA-B092-544A21D91C27} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [647656 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {AFBC50BE-737A-4D77-A9A3-9201299ADF25} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-05-07] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {BD69CB5C-CBFD-4D4F-ABB9-42FFA5032141} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.8-0\MpCmdRun.exe [525048 2020-08-27] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: {C84EB787-39E3-4460-AF89-227A37A9FF43} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: {C855E9E2-B5FD-4F92-93A8-84379F3B7E05} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3292984 2020-06-25] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {DBDDB15D-19DF-4E6B-86FE-402131640ECB} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {E073334B-C1DA-42DF-879D-BF50A324C28B} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {E6207465-8358-4120-A246-524F65BAD99B} - System32\Tasks\EOSv3 Scheduler onTime => D:\Downloads\esetonlinescanner.exe [14860896 2020-08-26] (ESET, spol. s r.o. -> ESET spol. s r.o.)

Task: {E82CE924-A73F-4539-8EC5-8D07FC4FBCC1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.8-0\MpCmdRun.exe [525048 2020-08-27] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: {F7332E30-9A5B-4493-9C76-63B46D063A71} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)

 

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

 

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

Tcpip\..\Interfaces\{439b2978-f3be-4db9-ac38-1b49c02bef79}: [DhcpNameServer] 10.9.0.1

Tcpip\..\Interfaces\{c4ccf9f0-a6c4-4007-b748-732581af7498}: [DhcpNameServer] 192.168.1.254

 

Internet Explorer:

==================

 

FireFox:

========

FF DefaultProfile: dme0aon1.default

FF ProfilePath: C:\Users\ciara\AppData\Roaming\Mozilla\Firefox\Profiles\dme0aon1.default [2020-08-21]

FF ProfilePath: C:\Users\ciara\AppData\Roaming\Mozilla\Firefox\Profiles\tidurm40.default-release [2020-08-27]

FF user.js: detected! => C:\Users\ciara\AppData\Roaming\Mozilla\Firefox\Profiles\tidurm40.default-release\user.js [2020-08-14]

FF NewTab: Mozilla\Firefox\Profiles\tidurm40.default-release -> about:blank

FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)

 

Chrome: 

=======

CHR Profile: C:\Users\ciara\AppData\Local\Google\Chrome\User Data\Default [2020-08-27]

CHR Extension: (Slides) - C:\Users\ciara\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-06-15]

CHR Extension: (Docs) - C:\Users\ciara\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-06-15]

CHR Extension: (Google Drive) - C:\Users\ciara\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-06-15]

CHR Extension: (YouTube) - C:\Users\ciara\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-06-15]

CHR Extension: (uBlock Origin) - C:\Users\ciara\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2020-08-21]

CHR Extension: (Sheets) - C:\Users\ciara\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-06-15]

CHR Extension: (Google Docs Offline) - C:\Users\ciara\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-08-12]

CHR Extension: (LastPass: Free Password Manager) - C:\Users\ciara\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2020-08-27]

CHR Extension: (Chrome Remote Desktop) - C:\Users\ciara\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2020-06-15]

CHR Extension: (Reddit Enhancement Suite) - C:\Users\ciara\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2020-08-19]

CHR Extension: (Chrome Web Store Payments) - C:\Users\ciara\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-06-15]

CHR Extension: (Gmail) - C:\Users\ciara\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-06-15]

CHR Extension: (Chrome Media Router) - C:\Users\ciara\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-06-15]

 

==================== Services (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8646752 2020-08-10] (BattlEye Innovations e.K. -> )

S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803440 2020-02-28] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)

S3 EQU8_13; C:\ProgramData\EQU8\Diabotical\bin\anticheat.x64.equ8.exe [6107840 2020-08-03] (Int3 Software AB -> Int3 Software AB)

S3 FACEITService; C:\Program Files\FACEIT AC\faceitservice.exe [18888544 2020-07-27] (FACE IT LIMITED -> )

R2 MullvadVPN; C:\Program Files\Mullvad VPN\resources\mullvad-daemon.exe [8993064 2020-06-25] (Amagicom AB -> Mullvad VPN AB)

R2 nordvpn-service; C:\Program Files\NordVPN\nordvpn-service.exe [269584 2020-07-10] (TEFINCOM S.A. -> TEFINCOM S.A.)

S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2510648 2020-08-18] (Electronic Arts, Inc. -> Electronic Arts)

R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3464000 2020-08-18] (Electronic Arts, Inc. -> Electronic Arts)

R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [981592 2020-07-23] (Razer USA Ltd. -> Razer Inc.)

R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [284760 2020-07-23] (Razer USA Ltd. -> Razer Inc.)

R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [253776 2020-06-24] (Razer USA Ltd. -> Razer Inc)

R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [294128 2020-07-23] (Razer USA Ltd. -> Razer Inc.)

R2 Red Giant Service; C:\Program Files\Red Giant\Services\Red Giant Service.exe [6008904 2020-07-01] (Red Giant   LLC -> Red Giant LLC)

R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [532864 2020-06-06] (Razer USA Ltd. -> Razer Inc.)

S3 SteelSeriesUpdateService; C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesUpdateService.exe [32648 2020-08-06] (SteelSeries ApS -> )

R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13109264 2020-06-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [9754048 2020-07-30] (Riot Games, Inc. -> Riot Games, Inc.)

R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.8-0\NisSrv.exe [2343128 2020-08-27] (Microsoft Windows Publisher -> Microsoft Corporation)

R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.8-0\MsMpEng.exe [128376 2020-08-27] (Microsoft Windows Publisher -> Microsoft Corporation)

R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_ba8c9c14f3d320cb\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_ba8c9c14f3d320cb\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

 

===================== Drivers (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

R3 e2xw10x64; C:\WINDOWS\System32\drivers\e2xw10x64.sys [164840 2019-05-10] (Rivet Networks LLC -> Qualcomm Atheros, Inc.)

S3 EQU8_HELPER_13; C:\WINDOWS\system32\DRIVERS\EQU8_HELPER_13.sys [38080 2020-08-03] (Int3 Software AB -> )

R0 FACEIT; C:\WINDOWS\System32\Drivers\FACEIT.sys [10184056 2020-07-28] (FACE IT LIMITED -> )

R1 MpKslDrv; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{83B1010C-47EB-4D44-BCF9-953BFE70156B}\MpKslDrv.sys [78056 2020-08-27] (Microsoft Windows -> Microsoft Corporation)

S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2017-09-07] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)

R3 nlwt; C:\WINDOWS\System32\drivers\nlwt.sys [39360 2020-04-20] (TEFINCOM S.A. -> WireGuard LLC)

R1 nordlwf; C:\WINDOWS\system32\DRIVERS\nordlwf.sys [38608 2020-07-10] (TEFINCOM S.A. -> TEFINCOM S.A.)

R3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [51776 2020-02-17] (Razer USA Ltd. -> Razer Inc)

R3 RzDev_007a; C:\WINDOWS\System32\drivers\RzDev_007a.sys [52496 2020-02-17] (Razer USA Ltd. -> Razer Inc)

R3 RzDev_007e; C:\WINDOWS\System32\drivers\RzDev_007e.sys [52288 2020-02-17] (Razer USA Ltd. -> Razer Inc)

R3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [46776 2019-12-23] (SteelSeries ApS -> )

R3 sshid; C:\WINDOWS\System32\drivers\sshid.sys [48936 2020-07-29] (SteelSeries ApS -> SteelSeries ApS)

R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2017-07-28] (Valve Corp. -> )

R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2017-07-21] (Valve Corp. -> )

R3 tapmullvad0901; C:\WINDOWS\System32\drivers\tapmullvad0901.sys [39616 2020-02-04] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)

R3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project)

S3 VBAudioVMAUXVAIOMME; C:\WINDOWS\System32\drivers\vbaudio_vmauxvaio64_win10.sys [71920 2020-08-21] (Vincent Burel -> Windows ® Win 7 DDK provider)

R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [5395880 2020-07-30] (Riot Games, Inc. -> Riot Games, Inc.)

S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2020-08-27] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)

R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [428264 2020-08-27] (Microsoft Windows -> Microsoft Corporation)

R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [69864 2020-08-27] (Microsoft Windows -> Microsoft Corporation)

S3 VBAudioVMVAIOMME; \SystemRoot\System32\drivers\vbaudio_vmvaio64_win10.sys [X]

 

==================== NetSvcs (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

 

==================== One month (created) ===================

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2020-08-27 07:16 - 2020-08-27 07:16 - 000003780 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn

2020-08-27 07:16 - 2020-08-27 07:16 - 000003338 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime

2020-08-26 04:51 - 2020-08-26 23:30 - 000000687 _____ C:\Users\ciara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk

2020-08-26 04:51 - 2020-08-26 23:30 - 000000589 _____ C:\Users\ciara\Desktop\ESET Online Scanner.lnk

2020-08-26 04:51 - 2020-08-26 04:51 - 000000000 ____D C:\Users\ciara\AppData\Local\ESET

2020-08-25 00:23 - 2020-08-25 00:24 - 000000000 ____D C:\WINDOWS\system32\MRT

2020-08-25 00:23 - 2020-08-25 00:23 - 120636720 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 026271744 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 024264704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 023434752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 019868160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 018766848 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 018071040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 014754816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 010925880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 010336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 008894656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 008229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 007754752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 007628208 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 007596032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 007534160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 007104000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 006920192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 006406144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 006362176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 006188544 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 006029312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 005990344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 005820416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 005420648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 005337504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 005056000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 004880896 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 004819968 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 004783328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 004746752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 004629312 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 004523520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 004465664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 004362832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 004307456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 004273664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 004003384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 003999744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 003913216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 003867136 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 003859968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 003843584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 003818472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 003806720 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 003661312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 003588096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 003547280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 003380224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 003364864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 003333632 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 002994504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys

2020-08-25 00:21 - 2020-08-25 00:21 - 002918728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 002842112 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 002806160 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb

2020-08-25 00:21 - 2020-08-25 00:21 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb

2020-08-25 00:21 - 2020-08-25 00:21 - 002744832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys

2020-08-25 00:21 - 2020-08-25 00:21 - 002686464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 002587464 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 002568192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 002541056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 002523616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL

2020-08-25 00:21 - 2020-08-25 00:21 - 002520056 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 002450944 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 002433024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 002422072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 002265336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 002254544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL

2020-08-25 00:21 - 2020-08-25 00:21 - 002202112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 002178040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 002113032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 002104320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 002026496 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 002023688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 002018632 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 001980744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 001978656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 001956016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 001952392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 001879488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 001868152 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 001858560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 001819648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 001818568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 001805744 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi

2020-08-25 00:21 - 2020-08-25 00:21 - 001777152 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 001765376 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 001751432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 001719096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 001717760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 001710080 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 001707008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 001695216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 001668904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 001659904 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 001654824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 001641472 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 001640888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 001616576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 001606656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 001596464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 001588224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 001557832 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 001550336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 001543168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 001538664 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 001509736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 001506616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 001504768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MoUsoCoreWorker.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 001501000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 001477632 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 001474048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 001472824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys

2020-08-25 00:21 - 2020-08-25 00:21 - 001449280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 001448960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 001430528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 001423360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 001414144 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 001394552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi

2020-08-25 00:21 - 2020-08-25 00:21 - 001375232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdprt.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 001370112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 001352248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 001337856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 001333248 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 001332224 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmclient.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 001328936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 001315328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 001314616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 001314616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 001309512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi

2020-08-25 00:21 - 2020-08-25 00:21 - 001301592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 001286560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 001264128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 001257472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 001255736 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 001255424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 001252864 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 001247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 001246720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 001239552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 001233408 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 001230848 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 001225640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 001221632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 001209624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 001207296 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 001197752 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 001181200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 001158656 _____ C:\WINDOWS\system32\MBR2GPT.EXE

2020-08-25 00:21 - 2020-08-25 00:21 - 001126472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 001125376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 001117328 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 001101312 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagCpl.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 001090560 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 001087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloSI.PCShell.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 001071224 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 001044880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 001041920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 001029632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 001022976 _____ (Microsoft Corporation) C:\WINDOWS\system32\CBDHSvc.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 001014888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 001009664 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 001008184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 001001472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000994616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Facilitator.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000991744 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000986976 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000986624 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000976680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 000971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000969728 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000966872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputHost.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000957952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000947200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000945152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srmclient.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000943416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000930304 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 000920904 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 000913120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000912896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000912744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000910336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontext.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000908288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000904192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000892928 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000889384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000887296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000885760 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000881624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000877056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000876544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000867328 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000866816 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000856328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000837120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000831016 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000827704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys

2020-08-25 00:21 - 2020-08-25 00:21 - 000825864 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 000823280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000814592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000813568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000804352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000801544 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 000798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdcpl.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000779360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000775768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000774456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Services.TargetedContent.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000772608 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000765408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFx02000.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000760120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000759784 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL

2020-08-25 00:21 - 2020-08-25 00:21 - 000759296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000756224 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscsvc.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000755664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000749960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FlightSettings.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000748360 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000747864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000743320 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioIso.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 000722432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000721024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000711680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000711680 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000707584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000706032 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000704000 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpprefcl.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000702464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000696760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000687616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000687616 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockController.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000685568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000681472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000675640 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000675024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000665600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000665256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL

2020-08-25 00:21 - 2020-08-25 00:21 - 000660584 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxs.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000649728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000647992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys

2020-08-25 00:21 - 2020-08-25 00:21 - 000645120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\agentactivationruntimewindows.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000639920 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000639488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000638976 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmscan.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000634680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000634240 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000630272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\agentactivationruntime.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000630088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000623960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000623392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000619520 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000617472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000614912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.ConversationalAgent.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000612352 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000608256 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000607744 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000606880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000602184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000600376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl

2020-08-25 00:21 - 2020-08-25 00:21 - 000595512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.applicationmodel.datatransfer.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000590848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000589824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000583608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000582656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000581576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000572928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe

2020-08-25 00:21 - 2020-08-25 00:21 - 000568632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000565760 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000563200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpprefcl.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000560400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000555744 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_PCDisplay.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000552960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000551424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000548544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxs.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000546816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000546456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMPushRouterCore.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000543744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\IESettingSync.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 000538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000538440 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000535552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000534016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Activities.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Narrator.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 000531456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000530440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000528360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000526848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000524088 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000523720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000520704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000520192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprdim.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000520192 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000517976 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 000517432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXP.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UiaManager.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000512512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000509248 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 000508720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000508416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000502600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS

2020-08-25 00:21 - 2020-08-25 00:21 - 000501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000500952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000495840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp_win.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000495616 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuietHours.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000494592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys

2020-08-25 00:21 - 2020-08-25 00:21 - 000487936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000487552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000482616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 000480768 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000478208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000475704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000471600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcIso.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 000470528 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl

2020-08-25 00:21 - 2020-08-25 00:21 - 000468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregcmd.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 000466928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000465408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srmscan.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000461824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 000457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000455680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000455168 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000453952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAudDecMFT.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000453632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000445440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000442680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000441856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WalletService.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000440120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboutSettingsHandlers.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000429056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000424448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000424448 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000423224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServerClient.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000420936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MixedReality.Broker.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000419840 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000419840 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000418816 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000417376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000413208 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000412672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.Phone.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000409552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Payments.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000407504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000405304 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000403456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprdim.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000402944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000396288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncCenter.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000395600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000388096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000387072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShellCommonCommonProxyStub.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000385024 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallControlPanel.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcpl.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000379392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000378880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountWAMExtension.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000377856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.FileExplorer.Common.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000373760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreShellAPI.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000373560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000371712 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000368640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuickActionsDataModel.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskcomp.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000367416 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Vault.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000362064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP4SDECD.DLL

2020-08-25 00:21 - 2020-08-25 00:21 - 000360960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000360024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000353256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000351232 _____ (Microsoft Corporation) C:\WINDOWS\system32\APHostService.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000348672 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000345600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000344064 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000343992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\HrtfApo.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000343408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP4SDECD.DLL

2020-08-25 00:21 - 2020-08-25 00:21 - 000343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FrameServerClient.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000338944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000335360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AarSvc.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\DxpTaskSync.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys

2020-08-25 00:21 - 2020-08-25 00:21 - 000328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000328704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Cortana.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000324424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000321024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000319808 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000318464 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000317952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapisrv.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RADCUI.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000313152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SystemSettings.DataModel.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000311920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000309248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallControlPanel.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnclient.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\syncutil.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000303288 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000300032 _____ (Microsoft Corporation) C:\WINDOWS\system32\CXHProvisioningServer.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000296448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Diagnostics.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000295936 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000292664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Preview.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000289792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BioCredProv.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConsoleLogon.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000288152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowslivelogin.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000281600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000281088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.FileExplorer.Common.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000281088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000281088 _____ (Microsoft Corporation) C:\WINDOWS\system32\accessibilitycpl.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000280064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.NetworkOperators.ESim.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000276992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Lights.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000276480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PickerPlatform.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovs.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000271360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Vault.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl

2020-08-25 00:21 - 2020-08-25 00:21 - 000265728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DxpTaskSync.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\PasswordEnrollmentManager.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000264704 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000264192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000260288 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoncli.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000260096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000256512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngctasks.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000254464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000253016 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapisrv.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000248320 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Gpu.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000248320 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcenter.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapi32.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000245248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl

2020-08-25 00:21 - 2020-08-25 00:21 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloShellRuntime.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasplap.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE

2020-08-25 00:21 - 2020-08-25 00:21 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.CapturePicker.Desktop.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000227640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 000226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcredprov.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeopleBand.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdigest.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\accessibilitycpl.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl

2020-08-25 00:21 - 2020-08-25 00:21 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MtcModel.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000217912 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000216064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000215040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Devices.Sensors.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000215040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000213352 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000212480 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercpl.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoplay.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagSvc.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000202568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000201216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowslivelogin.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000201016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 000199168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasplap.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000195248 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000195128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapi32.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000191488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000190048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logoncli.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE

2020-08-25 00:21 - 2020-08-25 00:21 - 000188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000187904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcenter.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdigest.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtm.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000183296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Graphics.Display.DisplayColorManagement.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000183296 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintWorkflowService.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000180736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Dsui.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\HoloShellRuntime.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000180040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys

2020-08-25 00:21 - 2020-08-25 00:21 - 000179000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Management.Workplace.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl

2020-08-25 00:21 - 2020-08-25 00:21 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoplay.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000176440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatializerApo.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.CapturePicker.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000172496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dialclient.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000171024 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Clipboard.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000167896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenterCPL.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000166288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\omadmapi.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CapabilityAccessManagerClient.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000164152 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvsievaluator.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 000163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintWSDAHost.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\edpcsp.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000163208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\coreglobconfig.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000162616 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvsigpext.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtm.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powercpl.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWSD.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdrsvc.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000152576 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000151864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 000151864 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupcl.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\useractivitybroker.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Dsui.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\control.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 000146944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvsetup.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000142008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000139952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Graphics.Display.DisplayEnhancementManagement.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000138928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintWorkflowService.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemcpl.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 000137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000137016 _____ C:\WINDOWS\system32\HvsiManagementApi.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredDialogBroker.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mskeyprotcli.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppExtension.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000134984 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Energy.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000131896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupcl.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\recovery.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\CaptureService.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserAccountControlSettings.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mapistub.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mapi32.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWSD.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenterCPL.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\EaseOfAccessDialog.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000123968 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintWSDAHost.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000121344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcmapi.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000118072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MaintenanceUI.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000117048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvsetup.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 000114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdSSDP.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcfgutils.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000111616 _____ C:\WINDOWS\system32\RDVGHelper.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\systemcpl.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000107368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\sethc.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairingExperienceMEM.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Authentication.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidfdp.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000101704 _____ C:\WINDOWS\SysWOW64\HvsiManagementApi.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000099640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserAccountControlSettings.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcfgutils.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\compstui.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EaseOfAccessDialog.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000095032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys

2020-08-25 00:21 - 2020-08-25 00:21 - 000094496 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CameraCaptureUI.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\keyiso.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000092960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdSSDP.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiarpc.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000086784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Credentials.UI.CredentialPicker.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000085504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardDlg.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Print.Workflow.Source.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000083768 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowsdefenderapplicationguardcsp.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sethc.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcSpecfc.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\unenrollhook.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintBrmUi.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 000074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DiagnosticInvoker.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiverExt.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcacli.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ndadmin.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\findnetprinters.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.internal.shellcommon.AccountsControlExperience.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidnsp.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\keyiso.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SystemUWPLauncher.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ndadmin.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidfdp.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000064824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Print.Workflow.Source.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmlocalmanagement.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 000061752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GameInput.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unenrollhook.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstUI.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 000059192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdfLdr.sys

2020-08-25 00:21 - 2020-08-25 00:21 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\udhisapi.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiverExt.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000054784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000054784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcacli.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagnosticdataquery.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmpostprocessevaluator.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\findnetprinters.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCShellCommonProxyStub.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000052664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ResourcePolicyClient.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardBi.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmlocalmanagement.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDriverRetrievalClient.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scfilter.sys

2020-08-25 00:21 - 2020-08-25 00:21 - 000042808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnpcont.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 000042312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryCore.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidnsp.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpkinstall.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000040248 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkPS.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000039736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys

2020-08-25 00:21 - 2020-08-25 00:21 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIMgrBroker.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\acwow64.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxstrace.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnpcont.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 000034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000033096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hwpolicy.sys

2020-08-25 00:21 - 2020-08-25 00:21 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxstrace.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 000028160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCShellCommonProxyStub.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintWorkflowProxy.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000024288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerEnc.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msauserext.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000021304 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000020632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerEnc.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000020280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msauserext.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiatrace.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000017224 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintWorkflowProxy.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.Native.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fixmapi.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDJPN.DLL

2020-08-25 00:21 - 2020-08-25 00:21 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msidcrl40.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d8thk.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDJPN.DLL

2020-08-25 00:21 - 2020-08-25 00:21 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIManagerBrokerps.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msidcrl40.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.Native.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteFXvGPUDisablement.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 000012088 _____ (Microsoft Corporation) C:\WINDOWS\system32\6bea57fb-8dfb-4177-9ae8-42e8b3529933_RuntimeDeviceInstall.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtprio.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000009281 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim

2020-08-25 00:21 - 2020-08-25 00:21 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtprio.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\instnm.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbd106n.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbd106.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbd101.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbd106n.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbd106.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbd101.DLL

2020-08-25 00:21 - 2020-08-25 00:21 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000006144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe

2020-08-25 00:21 - 2020-08-25 00:21 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6r.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll

2020-08-25 00:21 - 2020-08-25 00:21 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tier2punctuations.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 017540608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 009034752 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 008004728 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 007972696 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 006709248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 006192640 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 005858136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 005771904 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 004726784 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 004582288 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe

2020-08-25 00:20 - 2020-08-25 00:20 - 004227116 _____ C:\WINDOWS\system32\DefaultHrtfs.bin

2020-08-25 00:20 - 2020-08-25 00:20 - 003846144 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 003810816 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys

2020-08-25 00:20 - 2020-08-25 00:20 - 003779400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys

2020-08-25 00:20 - 2020-08-25 00:20 - 003752448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 003750400 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 003181056 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 003062784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 002947584 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys

2020-08-25 00:20 - 2020-08-25 00:20 - 002631168 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 002566144 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 002466864 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 002403328 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 002338304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 002311680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 002305024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 002286128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 002259968 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 002245632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 002242048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 002131024 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 002103712 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 002101248 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowsudk.shellcommon.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 002077696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 002040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShell.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 001930200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 001922048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 001903104 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 001876480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 001784488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 001766912 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdprt.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 001763640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 001712128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 001702400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 001701368 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 001643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 001548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys

2020-08-25 00:20 - 2020-08-25 00:20 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 001530880 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 001514496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 001496576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 001491968 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 001422336 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 001403904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 001378568 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputHost.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 001359872 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsf3gip.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 001337168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 001323520 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 001305600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 001277440 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 001257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 001253376 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpasvc.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 001222656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrSvc.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 001197568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 001184360 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe

2020-08-25 00:20 - 2020-08-25 00:20 - 001182008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Services.TargetedContent.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 001145344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 001132544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 001114112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 001095168 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 001093432 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 001089336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys

2020-08-25 00:20 - 2020-08-25 00:20 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 001062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Signals.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 001059328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 001048480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Perception.Stub.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 001047040 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 001046528 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 001043456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 001030656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 001030656 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskbarcpl.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 001024744 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 001019008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000994304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000994248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000989184 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontext.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000938416 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000937464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000914200 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000900936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys

2020-08-25 00:20 - 2020-08-25 00:20 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000882176 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntimewindows.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000881152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000851968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntime.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000843416 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000833024 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.Schema.Shell.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000824832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000808248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys

2020-08-25 00:20 - 2020-08-25 00:20 - 000804864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000802816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000799552 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.applicationmodel.datatransfer.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000799232 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe

2020-08-25 00:20 - 2020-08-25 00:20 - 000791552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000781312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.ConversationalAgent.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000777728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000777728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShellCommonCommonProxyStub.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000768512 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000753152 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000752128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000744960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000725608 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000707024 _____ C:\WINDOWS\system32\TextShaping.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000704496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000678200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys

2020-08-25 00:20 - 2020-08-25 00:20 - 000676088 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000664064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000644096 _____ C:\WINDOWS\system32\WindowManagementAPI.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000639288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Vid.sys

2020-08-25 00:20 - 2020-08-25 00:20 - 000637440 _____ (Microsoft Corporation) C:\WINDOWS\system32\UiaManager.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000609792 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000602424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS

2020-08-25 00:20 - 2020-08-25 00:20 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys

2020-08-25 00:20 - 2020-08-25 00:20 - 000596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Payments.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe

2020-08-25 00:20 - 2020-08-25 00:20 - 000565760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountWAMExtension.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000539256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000508416 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000506672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000504832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000488448 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000481792 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShellAPI.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000473088 _____ (Microsoft Corporation) C:\WINDOWS\system32\HrtfApo.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000472888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys

2020-08-25 00:20 - 2020-08-25 00:20 - 000467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000454984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys

2020-08-25 00:20 - 2020-08-25 00:20 - 000448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AarSvc.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000437760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountExtension.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000423424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000423224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DataModel.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000420464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000418800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys

2020-08-25 00:20 - 2020-08-25 00:20 - 000401720 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000398848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.NetworkOperators.ESim.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000395264 _____ (Microsoft Corporation) C:\WINDOWS\system32\licensingdiag.exe

2020-08-25 00:20 - 2020-08-25 00:20 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000389952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\RADCUI.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000386048 _____ (Microsoft Corporation) C:\WINDOWS\system32\PickerPlatform.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000386048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\MbbCx.sys

2020-08-25 00:20 - 2020-08-25 00:20 - 000384000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SpeechPrivacy.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000381704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000380632 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialEnrollmentManager.exe

2020-08-25 00:20 - 2020-08-25 00:20 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000367104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnclient.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioCredProv.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000362496 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcApi.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000359936 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000357376 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000355328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Diagnostics.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000319488 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.internal.shellcommon.shareexperience.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Devices.Sensors.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000293176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mssecflt.sys

2020-08-25 00:20 - 2020-08-25 00:20 - 000288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\netman.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe

2020-08-25 00:20 - 2020-08-25 00:20 - 000281088 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000280576 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountCloudAP.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000269624 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Graphics.Display.DisplayColorManagement.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApproveChildRequest.exe

2020-08-25 00:20 - 2020-08-25 00:20 - 000249672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000249656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Workplace.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000242688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\XamlTileRender.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatializerApo.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000215896 _____ (Microsoft Corporation) C:\WINDOWS\system32\coreglobconfig.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000215880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys

2020-08-25 00:20 - 2020-08-25 00:20 - 000214840 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SIUF.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.HostName.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppExtension.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBAUDIO.sys

2020-08-25 00:20 - 2020-08-25 00:20 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\useractivitybroker.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Internal.Input.ExpressiveInput.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mskeyprotcli.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000186464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Clipc.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Energy.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Graphics.Display.DisplayEnhancementManagement.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapistub.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapi32.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\control.exe

2020-08-25 00:20 - 2020-08-25 00:20 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmapi.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000153600 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe

2020-08-25 00:20 - 2020-08-25 00:20 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe

2020-08-25 00:20 - 2020-08-25 00:20 - 000148280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResourcePolicyServer.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000142336 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Storage.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe

2020-08-25 00:20 - 2020-08-25 00:20 - 000132744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000131896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe

2020-08-25 00:20 - 2020-08-25 00:20 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\CameraCaptureUI.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\oemlicense.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys

2020-08-25 00:20 - 2020-08-25 00:20 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe

2020-08-25 00:20 - 2020-08-25 00:20 - 000116040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys

2020-08-25 00:20 - 2020-08-25 00:20 - 000113112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Credentials.UI.CredentialPicker.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS

2020-08-25 00:20 - 2020-08-25 00:20 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssecuser.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticInvoker.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe

2020-08-25 00:20 - 2020-08-25 00:20 - 000090416 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.internal.shellcommon.AccountsControlExperience.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemUWPLauncher.exe

2020-08-25 00:20 - 2020-08-25 00:20 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\GPCSEWrapperCsp.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000076992 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialEnrollmentManagerForUser.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\keepaliveprovider.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000071792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResourcePolicyClient.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000070968 _____ (Microsoft Corporation) C:\WINDOWS\system32\GameInput.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAProfileNotificationHandler.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifidatacapabilityhandler.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthMini.SYS

2020-08-25 00:20 - 2020-08-25 00:20 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\cellulardatacapabilityhandler.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe

2020-08-25 00:20 - 2020-08-25 00:20 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.Common.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcProxyStubs.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys

2020-08-25 00:20 - 2020-08-25 00:20 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicPS.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000026600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IntelTA.sys

2020-08-25 00:20 - 2020-08-25 00:20 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbservicetrigger.dll

2020-08-25 00:20 - 2020-08-25 00:20 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\fixmapi.exe

2020-08-25 00:20 - 2020-08-25 00:20 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll

2020-08-25 00:17 - 2020-07-18 03:22 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe

2020-08-25 00:17 - 2020-07-18 03:01 - 000495616 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe

2020-08-24 00:23 - 2020-08-24 00:23 - 000000000 ____D C:\Users\ciara\AppData\Local\GameAnalytics

2020-08-24 00:18 - 2020-08-24 00:18 - 000000220 _____ C:\Users\ciara\Desktop\Garry's Mod.url

2020-08-22 22:35 - 2020-08-22 22:35 - 000000000 ___HD C:\$WinREAgent

2020-08-22 05:43 - 2020-08-23 09:09 - 000466094 _____ C:\WINDOWS\ntbtlog.txt

2020-08-22 05:43 - 2020-08-23 09:09 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job

2020-08-22 03:52 - 2020-08-22 03:55 - 000000000 ____D C:\Users\ciara\AppData\Roaming\SCP Secret Laboratory

2020-08-22 03:51 - 2020-08-22 03:51 - 000000000 ____D C:\Users\ciara\AppData\LocalLow\Northwood

2020-08-21 22:48 - 2020-08-21 22:48 - 000004625 _____ C:\Users\ciara\AppData\Roaming\VoiceMeeterDefault.xml

2020-08-21 22:43 - 2020-08-21 22:53 - 000000000 ____D C:\Users\ciara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VB Audio

2020-08-21 22:43 - 2020-08-21 22:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VB Audio

2020-08-21 22:42 - 2020-08-21 22:53 - 000000000 ____D C:\Program Files\VB

2020-08-21 22:42 - 2020-08-21 22:42 - 000071920 _____ (Windows ® Win 7 DDK provider) C:\WINDOWS\system32\Drivers\vbaudio_vmauxvaio64_win10.sys

2020-08-21 22:42 - 2020-08-21 22:42 - 000000000 ____D C:\Program Files (x86)\VB

2020-08-21 22:24 - 2020-08-21 22:24 - 000000000 ____D C:\Users\ciara\AppData\Roaming\CrystalIdea Software

2020-08-20 22:19 - 2020-08-20 22:19 - 000000222 _____ C:\Users\ciara\Desktop\SCP Secret Laboratory.url

2020-08-20 20:17 - 2020-08-20 20:17 - 000000731 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10 Update Assistant.lnk

2020-08-20 20:17 - 2020-08-20 20:17 - 000000719 _____ C:\Users\ciara\Desktop\Windows 10 Update Assistant.lnk

2020-08-20 20:17 - 2020-08-20 20:17 - 000000000 ____D C:\Windows10Upgrade

2020-08-19 21:24 - 2020-08-19 21:24 - 000000000 ____D C:\Users\ciara\Desktop\GodMode.{ED7BA470-8E54-465E-825C-99712043E01C}

2020-08-17 21:55 - 2020-08-14 00:04 - 001780960 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe

2020-08-17 21:55 - 2020-08-14 00:04 - 001780960 _____ C:\WINDOWS\system32\vulkaninfo.exe

2020-08-17 21:55 - 2020-08-14 00:04 - 001371360 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe

2020-08-17 21:55 - 2020-08-14 00:04 - 001371360 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe

2020-08-17 21:55 - 2020-08-14 00:04 - 001086688 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll

2020-08-17 21:55 - 2020-08-14 00:04 - 001086688 _____ C:\WINDOWS\system32\vulkan-1.dll

2020-08-17 21:55 - 2020-08-14 00:04 - 000946400 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll

2020-08-17 21:55 - 2020-08-14 00:04 - 000946400 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll

2020-08-17 21:55 - 2020-08-14 00:04 - 000455408 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll

2020-08-17 21:55 - 2020-08-14 00:04 - 000349928 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll

2020-08-17 21:55 - 2020-08-14 00:01 - 001485544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll

2020-08-17 21:55 - 2020-08-14 00:01 - 001146256 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll

2020-08-17 21:55 - 2020-08-14 00:01 - 000816360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll

2020-08-17 21:55 - 2020-08-14 00:01 - 000675224 _____ C:\WINDOWS\system32\nvofapi64.dll

2020-08-17 21:55 - 2020-08-14 00:01 - 000669416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll

2020-08-17 21:55 - 2020-08-14 00:01 - 000582904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe

2020-08-17 21:55 - 2020-08-14 00:01 - 000555920 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll

2020-08-17 21:55 - 2020-08-14 00:01 - 000541928 _____ C:\WINDOWS\SysWOW64\nvofapi.dll

2020-08-17 21:55 - 2020-08-14 00:00 - 006653328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll

2020-08-17 21:55 - 2020-08-14 00:00 - 005882600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll

2020-08-17 21:55 - 2020-08-14 00:00 - 002376080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll

2020-08-17 21:55 - 2020-08-14 00:00 - 001570704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll

2020-08-17 21:55 - 2020-08-14 00:00 - 000443624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe

2020-08-17 21:55 - 2020-08-13 23:59 - 003916688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll

2020-08-17 21:55 - 2020-08-13 23:59 - 000849640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe

2020-08-17 21:55 - 2020-08-13 23:58 - 004707696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll

2020-08-17 21:55 - 2020-08-13 02:47 - 000077891 _____ C:\WINDOWS\system32\nvinfo.pb

2020-08-17 04:27 - 2020-08-17 04:27 - 000000000 ____D C:\Users\ciara\AppData\LocalLow\Innersloth

2020-08-17 04:26 - 2020-08-17 04:26 - 000000222 _____ C:\Users\ciara\Desktop\Among Us.url

2020-08-17 03:11 - 2020-08-17 03:11 - 000000000 ____D C:\Users\ciara\AppData\Local\install

2020-08-17 02:58 - 2020-08-17 02:58 - 000000000 ____D C:\Users\ciara\AppData\LocalLow\VRChat

2020-08-17 02:54 - 2020-08-17 02:54 - 000000222 _____ C:\Users\ciara\Desktop\VRChat.url

2020-08-14 21:52 - 2020-08-14 21:52 - 000000000 ____D C:\Users\ciara\AppData\Local\mbam

2020-08-14 19:14 - 2020-08-27 23:59 - 000000000 ____D C:\FRST

2020-08-11 03:13 - 2020-08-25 00:42 - 000000000 ____D C:\ProgramData\Origin

2020-08-11 03:13 - 2020-08-25 00:40 - 000000000 ____D C:\Users\ciara\AppData\Local\Origin

2020-08-11 03:13 - 2020-08-18 20:59 - 000000000 ____D C:\Users\ciara\AppData\Roaming\Origin

2020-08-11 03:13 - 2020-08-18 19:46 - 000000000 ____D C:\Program Files (x86)\Origin

2020-08-11 03:13 - 2020-08-11 03:35 - 000000000 ____D C:\ProgramData\Electronic Arts

2020-08-11 03:13 - 2020-08-11 03:13 - 000001066 _____ C:\Users\Public\Desktop\Origin.lnk

2020-08-11 03:13 - 2020-08-11 03:13 - 000001066 _____ C:\ProgramData\Desktop\Origin.lnk

2020-08-11 03:13 - 2020-08-11 03:13 - 000000000 ____D C:\Users\ciara\.QtWebEngineProcess

2020-08-11 03:13 - 2020-08-11 03:13 - 000000000 ____D C:\Users\ciara\.Origin

2020-08-11 03:13 - 2020-08-11 03:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin

2020-08-11 02:42 - 2020-08-11 02:32 - 753234116 _____ C:\Users\ciara\Desktop\Render.mp4

2020-08-07 21:07 - 2020-08-07 21:07 - 000001810 _____ C:\Users\ciara\Desktop\NordVPN.lnk

2020-08-07 21:07 - 2020-08-07 21:07 - 000000000 ____D C:\ProgramData\NordVPN

2020-08-07 21:07 - 2020-08-07 21:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\NordSec

2020-08-07 21:07 - 2020-08-07 21:07 - 000000000 ____D C:\Program Files\NordVPN

2020-08-07 21:07 - 2020-07-10 15:32 - 000038608 _____ (TEFINCOM S.A.) C:\WINDOWS\system32\Drivers\nordlwf.sys

2020-08-05 00:13 - 2020-08-05 00:13 - 000000000 ____D C:\Users\ciara\VirtualBox VMs

2020-08-04 22:51 - 2020-08-07 17:08 - 000000000 ____D C:\Users\ciara\.VirtualBox

2020-08-04 22:51 - 2020-08-07 16:40 - 000000000 ____D C:\ProgramData\VirtualBox

2020-08-04 22:50 - 2020-08-04 22:50 - 000000000 ____D C:\Program Files\Oracle

2020-08-03 22:23 - 2020-08-03 22:27 - 000038080 _____ C:\WINDOWS\system32\Drivers\EQU8_HELPER_13.sys

2020-08-03 22:23 - 2020-08-03 22:24 - 000000000 ____D C:\Users\ciara\AppData\Roaming\Diabotical

2020-08-03 22:23 - 2020-08-03 22:23 - 000000000 ____D C:\ProgramData\EQU8

2020-08-03 20:43 - 2020-08-03 20:43 - 000000295 _____ C:\Users\ciara\Desktop\Diabotical.url

2020-08-02 17:11 - 2020-08-02 17:11 - 000000910 _____ C:\Users\ciara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk

2020-08-02 17:11 - 2020-08-02 17:11 - 000000862 _____ C:\Users\ciara\Desktop\Start Tor Browser.lnk

2020-08-02 17:04 - 2020-08-02 17:04 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime

2020-08-02 16:56 - 2020-08-02 16:56 - 000000000 ____D C:\Users\ciara\Desktop\Tor Browser

2020-08-01 22:25 - 2020-08-01 22:25 - 000000825 _____ C:\Users\ciara\Desktop\ShareX.lnk

2020-08-01 22:25 - 2020-08-01 22:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShareX

2020-08-01 22:25 - 2020-08-01 22:25 - 000000000 ____D C:\Program Files\ShareX

 

==================== One month (modified) ==================

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2020-08-27 23:57 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft

2020-08-27 23:56 - 2020-06-10 16:09 - 000000000 ____D C:\Users\ciara\AppData\Roaming\Discord

2020-08-27 23:38 - 2020-06-10 23:30 - 000000000 ____D C:\WINDOWS\system32\SleepStudy

2020-08-27 23:08 - 2020-06-10 15:44 - 000000000 ____D C:\ProgramData\NVIDIA

2020-08-27 17:44 - 2020-06-10 16:32 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat

2020-08-27 16:50 - 2020-06-10 15:46 - 000000000 ____D C:\Users\ciara\AppData\Local\D3DSCache

2020-08-27 07:37 - 2020-06-10 23:31 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd

2020-08-27 07:33 - 2020-06-10 16:11 - 000000000 ____D C:\Program Files (x86)\Steam

2020-08-27 07:33 - 2020-06-10 15:40 - 000840598 _____ C:\WINDOWS\system32\PerfStringBackup.INI

2020-08-27 07:33 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF

2020-08-27 07:27 - 2020-07-10 11:55 - 000000000 ____D C:\ProgramData\Mullvad VPN

2020-08-27 07:27 - 2020-06-29 17:26 - 000000000 ____D C:\Program Files (x86)\TeamViewer

2020-08-27 07:27 - 2020-06-10 23:31 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT

2020-08-27 07:27 - 2020-06-10 23:30 - 000008192 ___SH C:\DumpStack.log.tmp

2020-08-27 07:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState

2020-08-27 07:26 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI

2020-08-27 07:25 - 2020-06-27 20:20 - 000000000 ____D C:\Users\ciara\AppData\Roaming\Blitz

2020-08-27 07:23 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP

2020-08-27 07:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness

2020-08-27 06:45 - 2020-06-10 16:54 - 000000000 ____D C:\Users\ciara\.dbus-keyrings

2020-08-27 01:00 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps

2020-08-26 18:10 - 2020-06-10 16:00 - 000000000 ____D C:\Users\ciara\AppData\Local\Battle.net

2020-08-26 18:10 - 2020-06-10 16:00 - 000000000 ____D C:\Program Files (x86)\Battle.net

2020-08-26 16:27 - 2020-06-28 22:20 - 000000000 ____D C:\Users\ciara\AppData\Local\CrashDumps

2020-08-26 16:27 - 2020-06-27 20:20 - 000002239 _____ C:\Users\ciara\Desktop\Blitz.lnk

2020-08-26 04:53 - 2020-06-10 15:41 - 000000000 ____D C:\Users\ciara\AppData\Local\VirtualStore

2020-08-25 08:41 - 2020-06-15 15:14 - 000000000 ____D C:\Users\ciara\AppData\Roaming\vlc

2020-08-25 01:02 - 2020-07-21 13:45 - 000000000 ____D C:\Users\ciara\AppData\Roaming\FACEIT

2020-08-25 00:38 - 2020-06-10 23:30 - 000257904 _____ C:\WINDOWS\system32\FNTCACHE.DAT

2020-08-25 00:37 - 2019-12-07 10:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection

2020-08-25 00:37 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs

2020-08-25 00:37 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog

2020-08-25 00:37 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel

2020-08-25 00:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata

2020-08-25 00:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup

2020-08-25 00:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz

2020-08-25 00:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism

2020-08-25 00:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources

2020-08-25 00:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata

2020-08-25 00:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns

2020-08-25 00:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep

2020-08-25 00:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup

2020-08-25 00:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation

2020-08-25 00:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe

2020-08-25 00:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz

2020-08-25 00:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism

2020-08-25 00:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser

2020-08-25 00:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences

2020-08-25 00:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents

2020-08-25 00:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning

2020-08-25 00:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions

2020-08-25 00:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr

2020-08-25 00:37 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System

2020-08-25 00:23 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing

2020-08-25 00:23 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp

2020-08-23 09:15 - 2020-06-19 21:37 - 000000000 ____D C:\Users\ciara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FTBApp

2020-08-23 09:15 - 2020-06-19 21:37 - 000000000 ____D C:\Users\ciara\AppData\Roaming\ftb-app

2020-08-23 09:15 - 2020-06-19 21:37 - 000000000 ____D C:\Users\ciara\AppData\Roaming\FTBA

2020-08-22 06:01 - 2019-12-07 10:52 - 000000000 ____D C:\WINDOWS\OCR

2020-08-22 01:41 - 2020-07-01 22:50 - 000000000 ____D C:\Users\ciara\AppData\Roaming\slobs-client

2020-08-21 22:44 - 2020-07-20 18:57 - 000000000 ____D C:\WINDOWS\Minidump

2020-08-21 22:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports

2020-08-21 22:28 - 2020-07-01 22:48 - 000000000 ____D C:\Program Files\Streamlabs OBS

2020-08-20 04:36 - 2020-06-10 15:39 - 000000000 ____D C:\Users\ciara

2020-08-19 21:46 - 2020-06-10 15:42 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3266006208-3946979777-4142415845-1001

2020-08-19 21:46 - 2020-06-10 15:42 - 000000000 ___RD C:\Users\ciara\OneDrive

2020-08-19 21:46 - 2020-06-10 15:39 - 000002367 _____ C:\Users\ciara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

2020-08-18 06:39 - 2020-06-10 16:52 - 000000000 ____D C:\Users\ciara\AppData\Local\NVIDIA

2020-08-17 02:58 - 2020-06-10 15:57 - 000000000 ____D C:\ProgramData\Package Cache

2020-08-15 07:06 - 2020-06-17 19:00 - 000000000 ____D C:\Users\ciara\AppData\Local\Arma 3 Launcher

2020-08-15 06:41 - 2020-06-17 19:01 - 000000000 ____D C:\Users\ciara\AppData\Local\Arma 3

2020-08-14 16:18 - 2020-07-12 21:36 - 000000048 _____ C:\WINDOWS\system32\perfdish001.dat

2020-08-14 00:01 - 2020-06-10 17:47 - 001018768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll

2020-08-14 00:00 - 2020-06-10 17:47 - 002078096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll

2020-08-14 00:00 - 2020-06-10 17:47 - 000811240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll

2020-08-14 00:00 - 2020-06-10 15:40 - 000656784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll

2020-08-13 23:58 - 2020-06-10 15:40 - 005395088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll

2020-08-11 03:35 - 2020-06-11 22:29 - 000000000 ____D C:\Users\ciara\AppData\Roaming\EasyAntiCheat

2020-08-11 03:20 - 2020-06-11 16:40 - 000000000 ____D C:\Users\ciara\AppData\Roaming\TS3Client

2020-08-08 08:28 - 2020-07-06 16:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer

2020-08-08 08:28 - 2020-07-06 16:42 - 000000000 ____D C:\Program Files (x86)\Razer Chroma SDK

2020-08-07 21:07 - 2020-06-15 20:56 - 000000000 ____D C:\Users\ciara\AppData\Local\NordVPN

2020-08-06 18:21 - 2020-06-10 16:09 - 000000000 ____D C:\Users\ciara\AppData\Local\Discord

2020-08-06 18:20 - 2020-06-10 16:09 - 000000000 ____D C:\Users\ciara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc

2020-08-04 18:55 - 2020-06-25 15:28 - 000000000 ____D C:\Users\ciara\AppData\LocalLow\Mozilla

2020-08-04 12:40 - 2020-06-10 15:57 - 000000000 ____D C:\Program Files\Riot Vanguard

2020-08-03 19:10 - 2020-06-11 00:41 - 000000000 ____D C:\Program Files\Epic Games

2020-08-02 12:48 - 2020-07-16 17:59 - 000000000 ____D C:\Users\ciara\AppData\Roaming\steelseries-engine-3-client

2020-08-02 12:42 - 2020-07-16 17:58 - 000000000 ____D C:\ProgramData\SteelSeries

2020-08-02 12:42 - 2020-06-10 18:03 - 000000000 ____D C:\Users\ciara\AppData\Local\cache

2020-07-30 22:22 - 2020-07-28 21:09 - 000000000 ____D C:\Users\ciara\AppData\Local\FACEITApp

2020-07-29 20:08 - 2020-07-22 22:52 - 000305376 _____ (SteelSeries) C:\WINDOWS\system32\engineco.dll

2020-07-29 20:08 - 2019-12-23 17:53 - 000048936 _____ (SteelSeries ApS) C:\WINDOWS\system32\Drivers\sshid.sys

 

==================== Files in the root of some directories ========

 

2020-08-21 22:48 - 2020-08-21 22:48 - 000004625 _____ () C:\Users\ciara\AppData\Roaming\VoiceMeeterDefault.xml

2020-07-03 07:56 - 2020-07-03 07:56 - 000007604 _____ () C:\Users\ciara\AppData\Local\Resmon.ResmonCfg

 

==================== SigCheck ============================

 

(There is no automatic fix for files that do not pass verification.)

 

 

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-08-2020
Ran by ciara (28-08-2020 00:00:26)
Running from D:\Downloads
Windows 10 Pro Version 2004 19041.450 (X64) (2020-06-10 14:38:10)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3266006208-3946979777-4142415845-500 - Administrator - Disabled)
ciara (S-1-5-21-3266006208-3946979777-4142415845-1001 - Administrator - Enabled) => C:\Users\ciara
DefaultAccount (S-1-5-21-3266006208-3946979777-4142415845-503 - Limited - Disabled)
Guest (S-1-5-21-3266006208-3946979777-4142415845-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3266006208-3946979777-4142415845-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Adobe After Effects 2020 (HKLM-x32\...\AEFT_17_0_4) (Version: 17.0.4 - Adobe Systems Incorporated)
Adobe Lightroom Classic (HKLM-x32\...\LTRM_9_2_1) (Version: 9.2.1 - Adobe Inc.)
Adobe Media Encoder 2020 (HKLM-x32\...\AME_14_0_1) (Version: 14.0.1 - Adobe Inc.)
Adobe Photoshop 2020 (HKLM-x32\...\PHSP_21_0_2) (Version: 21.0.2 - Adobe Systems Incorporated)
Adobe Premiere Pro 2020 (HKLM-x32\...\PPRO_14_0_1) (Version: 14.0.1 - Adobe Systems Incorporated)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BleachBit 4.0.0.1628 (HKLM-x32\...\BleachBit) (Version: 4.0.0.1628 - BleachBit)
Blender (HKLM\...\{0294B421-9B23-49AE-917C-B62EF6D42E8B}) (Version: 2.83.1 - Blender Foundation)
Blitz 1.11.21 (HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\153f8ce0-b97a-575b-ba12-4ff8b1481894) (Version: 1.11.21 - Blitz, Inc.)
BorisFX Sapphire OFX (HKLM\...\GenArts Sapphire OFX_is1) (Version: 11.0 - Team V.R)
Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version:  - Blizzard Entertainment)
CPUID CPU-Z MSI 1.92 (HKLM\...\CPUID CPU-Z MSI_is1) (Version: 1.92 - CPUID, Inc.)
CPUID HWMonitor 1.41 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.41 - CPUID, Inc.)
Discord (HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\Discord) (Version: 0.0.307 - Discord Inc.)
Epic Games Launcher (HKLM-x32\...\{1D4EB18B-0FEE-444E-B4D1-6F2CFBC363E6}) (Version: 1.1.267.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FACEIT (HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\FACEITApp) (Version: 1.24.1 - FACEIT Ltd.)
FACEIT Anti-Cheat (HKLM\...\{1419E44C-0EF4-4822-9194-9F1A4D43973D}_is1) (Version: 2.0 - FACEIT LTD)
FileZilla Client 3.48.1 (HKLM-x32\...\FileZilla Client) (Version: 3.48.1 - Tim Kosse)
FTBApp 202007161516-479dedc615-release (HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\1726-2696-9539-5278) (Version: 202007161516-479dedc615-release - CreeperHost LTD)
GenArts Sapphire Plug-ins 6.13 for After Effects and Compatible (HKLM\...\GenArts Sapphire AE_is1) (Version:  - )
Glorious Model O Software (HKLM-x32\...\{0969D386-B5B4-41BD-98E3-4A1A7D32CB97}_is1) (Version: 1.0.9 - Glorious PC Gaming Race LLC.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 83.0.4103.116 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Gyazo 4.1.2.0 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  - Nota Inc.)
Intel® C++ Redistributables on Intel® 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\Riot Game league_of_legends.live) (Version:  - Riot Games, Inc)
Magic Bullet Suite (HKLM\...\Magic Bullet Suite v13.0.17) (Version:  - Red Giant LLC)
Mailspring (HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\Mailspring) (Version: 1.7.8 - Foundry 376, LLC)
Maxon Cinema 4D R21 (HKLM\...\Maxon Cinema 4D R21) (Version: R21 - Maxon)
Microsoft OneDrive (HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\OneDriveSetup.exe) (Version: 20.134.0705.0008 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual Studio Code (HKLM\...\{EA457B21-F73E-494C-ACAB-524FDE069978}_is1) (Version: 1.45.1 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32\...\{F6678473-0198-46D0-A88F-2A247E6FA03C}) (Version: 1.0.0.0 - Mojang)
Mozilla Firefox 77.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 77.0.1 (x64 en-US)) (Version: 77.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 77.0.1 - Mozilla)
Mullvad VPN 2020.5.0 (HKLM\...\{2A356FD4-03B7-4F45-99B4-737BE580DC82}) (Version: 2020.5.0 - Mullvad VPN)
Mullvad-Wintun (HKLM\...\{3F8BDD2B-DF33-4D58-9963-6236A41BE905}) (Version: 1.0 - Amagicom AB) Hidden
NordVPN (HKLM\...\{19465C24-3D5D-4327-B99F-3CC0A1D38151}_is1) (Version: 6.31.5.0 - TEFINCOM S.A.)
NordVPN network TAP (HKLM-x32\...\{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 - NordVPN)
NordVPN network TUN (HKLM\...\{77DA107A-7AE4-497D-A84A-B143C3A21676}) (Version: 1.0.0 - NordVPN)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.4.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.4.14 - NVIDIA Corporation)
NVIDIA Graphics Driver 452.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 452.06 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.34 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.81.43142 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
Python 3.8.3 (32-bit) (HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\{6f6f2a2d-6475-4359-bc65-b2cf464bd085}) (Version: 3.8.3150.0 - Python Software Foundation)
Python 3.8.3 Core Interpreter (32-bit) (HKLM-x32\...\{D3A7FDC5-BA4E-44FC-8822-800226B81C71}) (Version: 3.8.3150.0 - Python Software Foundation) Hidden
Python 3.8.3 Development Libraries (32-bit) (HKLM-x32\...\{EA35D9DB-86A9-4705-9D15-7FE33E261450}) (Version: 3.8.3150.0 - Python Software Foundation) Hidden
Python 3.8.3 Documentation (32-bit) (HKLM-x32\...\{BAF129CE-5C13-4383-9807-A44055644E08}) (Version: 3.8.3150.0 - Python Software Foundation) Hidden
Python 3.8.3 Executables (32-bit) (HKLM-x32\...\{D1EFF389-2F77-4A46-8AFD-4F37BC6F1F99}) (Version: 3.8.3150.0 - Python Software Foundation) Hidden
Python 3.8.3 pip Bootstrap (32-bit) (HKLM-x32\...\{4ADFAA3D-1670-4161-A64A-83535B6D78C6}) (Version: 3.8.3150.0 - Python Software Foundation) Hidden
Python 3.8.3 Standard Library (32-bit) (HKLM-x32\...\{26B2CC8C-1492-437D-B27A-655AFB3647DE}) (Version: 3.8.3150.0 - Python Software Foundation) Hidden
Python 3.8.3 Tcl/Tk Support (32-bit) (HKLM-x32\...\{56AC5D63-87FC-4BA0-B4F2-6013D58F3302}) (Version: 3.8.3150.0 - Python Software Foundation) Hidden
Python 3.8.3 Test Suite (32-bit) (HKLM-x32\...\{0F5C1C82-9A7A-4FB4-8681-D4E7E9BBFD9C}) (Version: 3.8.3150.0 - Python Software Foundation) Hidden
Python 3.8.3 Utility Scripts (32-bit) (HKLM-x32\...\{14A8B424-0141-4E46-A1E2-548DF8349BB7}) (Version: 3.8.3150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{406A47EE-C4AE-4944-BADE-1B543A443873}) (Version: 3.8.7072.0 - Python Software Foundation)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.5.0730.072314 - Razer Inc.)
ReelSmart Motion Blur v5 for After Effects and Premiere Pro (HKLM\...\ReelSmart Motion Blur v5 for After Effects and Premiere Pro 5.1.8) (Version: 5.1.8 - RE:Vision Effects)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version:  - Riot Games, Inc.)
ShareX (HKLM\...\82E6AC09-0FEF-4390-AD9F-0DD3F5561EFC_is1) (Version: 13.1.0 - ShareX Team)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteelSeries Engine 3.18.3 (HKLM\...\SteelSeries Engine 3) (Version: 3.18.3 - SteelSeries ApS)
Streamlabs OBS (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.22.3 - General Workings, Inc.)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.5.3 - TeamSpeak Systems GmbH)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.7.6 - TeamViewer)
Uplay (HKLM-x32\...\Uplay) (Version: 73.0 - Ubisoft)
VALORANT (HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\Riot Game valorant.live) (Version:  - Riot Games, Inc)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.10 - VideoLAN)
WinDirStat 1.1.2 (HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\WinDirStat) (Version:  - )
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.23072 - Microsoft Corporation)
WinRAR 5.90 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.90.0 - win.rar GmbH)
 
Packages:
=========
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.41.5.0_x86__kgqvnymyfvs32 [2020-08-27] (king.com)
Farm Heroes Saga -> C:\Program Files\WindowsApps\king.com.FarmHeroesSaga_5.42.4.0_x86__kgqvnymyfvs32 [2020-08-25] (king.com)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-06-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-06-11] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.8101.0_x64__8wekyb3d8bbwe [2020-08-25] (Microsoft Studios) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-06-12] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.958.0_x64__56jybvy8sckqj [2020-06-25] (NVIDIA Corp.)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.140.508.0_x86__zpdnekdrzrea0 [2020-08-25] (Spotify AB) [Startup Task]
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_ba8c9c14f3d320cb\nvshext.dll [2020-08-14] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
 
==================== Codecs (Whitelisted) ====================
 
==================== Shortcuts & WMI ========================
 
==================== Loaded Modules (Whitelisted) =============
 
2020-06-11 00:38 - 2020-06-11 00:38 - 098275328 _____ () [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libcef.dll
2020-06-11 00:38 - 2020-06-11 00:38 - 000092672 _____ () [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libEGL.dll
2020-06-11 00:38 - 2020-06-11 00:38 - 003922432 _____ () [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libGLESv2.dll
2020-06-10 21:44 - 2020-06-10 21:44 - 002146304 _____ (Holtek Semiconductor Inc.) [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine 3\HIDDLL.dll
2020-06-10 21:44 - 2020-06-10 21:44 - 002284032 _____ (Holtek) [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine 3\ISPDLL.dll
2020-06-10 16:05 - 2019-02-21 17:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2020-06-11 00:38 - 2020-06-11 00:38 - 000547840 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\chrome_elf.dll
2020-08-11 03:13 - 2020-08-18 19:46 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2020-08-11 03:13 - 2020-08-18 19:46 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2020-07-01 18:13 - 2020-07-01 18:13 - 002080256 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Red Giant\Services\LIBEAY32.dll
2020-08-11 03:13 - 2020-08-18 19:46 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2020-08-18 19:46 - 2020-08-18 19:46 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2020-08-18 19:46 - 2020-08-18 19:46 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2020-08-18 19:46 - 2020-08-18 19:46 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2020-08-18 19:46 - 2020-08-18 19:46 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2020-08-18 19:46 - 2020-08-18 19:46 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2020-08-18 19:46 - 2020-08-18 19:46 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [490]
 
==================== Safe Mode (Whitelisted) ==================
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer trusted/restricted ==========
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2019-12-07 10:14 - 2020-07-24 21:17 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Program Files (x86)\Razer\ChromaBroadcast\bin;C:\Program Files\Razer\ChromaBroadcast\bin;C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\intel64\compiler;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\Microsoft VS Code\bin;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\WindowsApps;;C:\Program Files\Mullvad VPN\resources;
HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\Control Panel\Desktop\\Wallpaper -> D:\Downloads\ddvv6rp-082eda72-41c9-489c-9545-aa18121b8def.png
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
 
Network Binding:
=============
Ethernet: NordVPN LightWeight Firewall -> NordLwf (enabled) 
Ethernet 2: NordVPN LightWeight Firewall -> NordLwf (enabled) 
Mullvad: NordVPN LightWeight Firewall -> NordLwf (enabled) 
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
HKLM\...\StartupApproved\Run32: => "Discord"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\StartupApproved\StartupFolder: => "Mailspring.lnk"
HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\StartupApproved\StartupFolder: => "ShareX.lnk"
HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\StartupApproved\Run: => "Battle.net"
HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\StartupApproved\Run: => "CCXProcess"
HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\StartupApproved\Run: => "Gyazo"
HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\StartupApproved\Run: => "NordVPN"
HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\StartupApproved\Run: => "WallpaperEngine"
HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\StartupApproved\Run: => "FACEIT"
HKU\S-1-5-21-3266006208-3946979777-4142415845-1001\...\StartupApproved\Run: => "com.blitz.app"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [TCP Query User{89CDB862-56E6-4081-8963-EB9756EDCEA2}C:\users\ciara\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\ciara\appdata\roaming\spotify\spotify.exe => No File
FirewallRules: [UDP Query User{8C46E5DB-22E3-4F9E-BA97-0968EDDDD874}C:\users\ciara\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\ciara\appdata\roaming\spotify\spotify.exe => No File
FirewallRules: [{F7D40FA6-EF18-4688-862A-5C5E95A3BADD}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{1CB03558-1C17-4BF1-A1F3-E89E3E57870E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{AF15FEBD-CE73-48D0-A39B-C28032C65C48}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{6E405BC8-3D89-4B75-9954-CE63FE539AFE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{D2813E4B-8B24-4399-BE6D-29551E206D87}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F3D5A8AE-CDA2-4A1B-8169-285C542A6F38}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{169A236E-905E-4F2B-A40F-328737459CF3}] => (Allow) D:\SteamLibrary\steamapps\common\FPSAimTrainer\FPSAimTrainer.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{611C74AC-F549-4E62-9AE5-65AF50AF67B5}] => (Allow) D:\SteamLibrary\steamapps\common\FPSAimTrainer\FPSAimTrainer.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{D1AF23FB-76EC-4C45-A3AC-BB7CCF135614}D:\steamlibrary\steamapps\common\fpsaimtrainer\fpsaimtrainer\binaries\win64\fpsaimtrainer-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\fpsaimtrainer\fpsaimtrainer\binaries\win64\fpsaimtrainer-win64-shipping.exe () [File not signed]
FirewallRules: [UDP Query User{A6722C37-7908-4677-95AB-375B092C9DC8}D:\steamlibrary\steamapps\common\fpsaimtrainer\fpsaimtrainer\binaries\win64\fpsaimtrainer-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\fpsaimtrainer\fpsaimtrainer\binaries\win64\fpsaimtrainer-win64-shipping.exe () [File not signed]
FirewallRules: [TCP Query User{7F802E8D-8000-4391-888C-1933CCB90F4A}C:\program files (x86)\call of duty modern warfare\modernwarfare.exe] => (Allow) C:\program files (x86)\call of duty modern warfare\modernwarfare.exe => No File
FirewallRules: [UDP Query User{AE07A41D-4A2A-4315-9EC6-A062CE76C87A}C:\program files (x86)\call of duty modern warfare\modernwarfare.exe] => (Allow) C:\program files (x86)\call of duty modern warfare\modernwarfare.exe => No File
FirewallRules: [TCP Query User{3E7BDC12-66BD-4527-AA02-E8EF3DAB3420}D:\games\call of duty modern warfare\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\games\call of duty modern warfare\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [UDP Query User{B8C7B440-AB31-4E53-AD2C-2B1BFFFF2C4B}D:\games\call of duty modern warfare\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\games\call of duty modern warfare\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [{623410C7-2BBC-401B-AAD5-F10A07209DE7}] => (Allow) D:\SteamLibrary\steamapps\common\wallpaper_engine\launcher.exe (Kristjan Skutta -> )
FirewallRules: [{2E797113-5775-4838-B654-7910CAD13736}] => (Allow) D:\SteamLibrary\steamapps\common\wallpaper_engine\launcher.exe (Kristjan Skutta -> )
FirewallRules: [{317BE8F6-E978-4943-9D47-3A51DA5943B4}] => (Allow) C:\Users\ciara\Desktop\New folder\Client.exe => No File
FirewallRules: [{19A71299-11D0-4780-AA6D-02EF643FE574}] => (Allow) C:\Users\ciara\Desktop\New folder\forward.exe => No File
FirewallRules: [{9E412DAA-46F6-47BE-975B-130BAB2470A5}] => (Allow) C:\Users\ciara\Desktop\New folder\Lineupd.exe => No File
FirewallRules: [{23D9B8E0-6BF7-4E9B-B8E7-187623D9A40F}] => (Allow) C:\Users\ciara\Desktop\New folder\newforward.exe => No File
FirewallRules: [{C765881B-0A24-4E78-A705-441FFAA9CC38}] => (Allow) C:\Users\ciara\Desktop\New folder\newsocket.exe => No File
FirewallRules: [{48B621F8-9019-4DA2-A36A-8863AFBB4907}] => (Allow) C:\Users\ciara\Desktop\New folder\socket.exe => No File
FirewallRules: [{CF107EF8-73CF-486E-B444-5720CA7015BA}] => (Allow) C:\Users\ciara\Desktop\New folder\ProxyTool\ProxyAPI.exe => No File
FirewallRules: [{BDAAD038-1B63-4F78-B450-EF4DB1D66B7F}] => (Allow) C:\Users\ciara\Desktop\New folder\ProxyTool\Monitor.exe => No File
FirewallRules: [{7F982A48-4EDD-4493-8CE8-5DAE14FE215C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe => No File
FirewallRules: [{248A39A7-3A0D-4203-A9D7-CC5D5112BB8F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe => No File
FirewallRules: [TCP Query User{7B891A83-091A-4D4E-9FFB-721AE0DA1F71}C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe => No File
FirewallRules: [UDP Query User{48F6A267-A603-41BE-8997-9619869888B7}C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe => No File
FirewallRules: [{684FE636-18BA-4AC0-AB56-35BC8A1DD0C8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{869B63CD-6674-471C-A3B7-F75B8D516F5B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B0593319-76BF-4A76-A594-AA554BC41FFE}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{1EE6ABBF-A767-4CD6-9CD0-FA524DBCF387}C:\users\ciara\appdata\local\programs\blitz\blitz.exe] => (Allow) C:\users\ciara\appdata\local\programs\blitz\blitz.exe (Swift Media Entertainment, Inc. -> Blitz, Inc.)
FirewallRules: [UDP Query User{F5D1BDF7-30F9-4BDC-AC63-0C280D8E2ACE}C:\users\ciara\appdata\local\programs\blitz\blitz.exe] => (Allow) C:\users\ciara\appdata\local\programs\blitz\blitz.exe (Swift Media Entertainment, Inc. -> Blitz, Inc.)
FirewallRules: [{6F68B01B-8939-4EFE-8A97-FCA2328F5F35}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{B719BE31-320A-4812-9603-B63E639C85C1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{7AE48087-028B-4FFF-A58B-10D4FC542E36}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{2F29FBBA-53D7-41D5-84EA-2C95DFB51B2E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [TCP Query User{89331BFC-8864-48BF-ADEC-5E5AFF48BCC9}C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe => No File
FirewallRules: [UDP Query User{543D5A27-6E49-4CAC-B1CC-BD1A15F5577C}C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe => No File
FirewallRules: [{C6FAD4CE-20B5-447E-9257-D9C58D190DDA}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{62C123C0-696B-4245-BFBF-6A3D5416385F}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{AAE4DD9A-6561-4DB4-A41F-8045CB8A3C93}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_Vulkan.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{5482F7F6-EFE6-4451-8C64-0605F9CDBE45}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_Vulkan.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{AE202ACE-38E9-40AC-9CD5-18C84554DEEE}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{2C59E271-0ECC-4360-BEB6-376316F338B3}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{A269CDF7-CD14-44CF-A297-B26D15956F85}] => (Allow) D:\SteamLibrary\steamapps\common\Slapshot\slapshot.exe (The NWJS Community) [File not signed]
FirewallRules: [{3A3FDCE3-DF1D-45F9-9CCD-4498A8633B54}] => (Allow) D:\SteamLibrary\steamapps\common\Slapshot\slapshot.exe (The NWJS Community) [File not signed]
FirewallRules: [TCP Query User{941ECEEC-1743-4335-90E6-979920D1147E}D:\games\call of duty modern warfare\overwatch\_retail_\overwatch.exe] => (Allow) D:\games\call of duty modern warfare\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{0E180A44-6E58-4837-98E2-12BDB6236FCB}D:\games\call of duty modern warfare\overwatch\_retail_\overwatch.exe] => (Allow) D:\games\call of duty modern warfare\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{6DF95C9B-8C00-461D-97EC-1F55ACDC08A6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{646E92F4-0927-4BDD-962A-5369C736221E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1D7FA545-68DB-4F27-B65F-49709D78AAAB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1DCD6689-D37A-4AD1-9E13-155FDE7BD25E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{127362C5-AF5B-4C11-9942-9599370EC359}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{0DD80E6A-4175-4A12-8DE9-363DBAD7AAEA}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{37FCB7FF-C4B7-4F95-A532-A58AF1F6072D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{8F6460FB-1D24-401B-859F-0F763AEEB529}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{5860DC40-67CE-4A6A-957B-72F8C7452AC9}] => (Allow) D:\SteamLibrary\steamapps\common\Halo The Master Chief Collection\mcclauncher.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{B0C60894-27E6-4503-A1E1-345848499370}] => (Allow) D:\SteamLibrary\steamapps\common\Halo The Master Chief Collection\mcclauncher.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{174DD1C4-B525-4FF3-BBE5-D060EC47FBA9}] => (Allow) D:\SteamLibrary\steamapps\common\Halo The Master Chief Collection\MCC\Binaries\Win64\MCC-Win64-Shipping.exe (343 Industries (Microsoft Corporation) -> Microsoft Corporation)
FirewallRules: [{CC4D1732-9001-41CF-9ACE-77700CD24466}] => (Allow) D:\SteamLibrary\steamapps\common\Halo The Master Chief Collection\MCC\Binaries\Win64\MCC-Win64-Shipping.exe (343 Industries (Microsoft Corporation) -> Microsoft Corporation)
FirewallRules: [TCP Query User{6274AA14-B90E-4748-BBA7-7A2484AC18AC}C:\program files\epic games\roguecompany\roguecompany\binaries\win64\roguecompany.exe] => (Allow) C:\program files\epic games\roguecompany\roguecompany\binaries\win64\roguecompany.exe (Hi-Rez Studios, Inc.) [File not signed]
FirewallRules: [UDP Query User{E48465AA-4C70-4780-8384-27A915DCDBF7}C:\program files\epic games\roguecompany\roguecompany\binaries\win64\roguecompany.exe] => (Allow) C:\program files\epic games\roguecompany\roguecompany\binaries\win64\roguecompany.exe (Hi-Rez Studios, Inc.) [File not signed]
FirewallRules: [{2F987F1E-79A6-4EE1-9456-A727E8C8BF0A}] => (Allow) D:\SteamLibrary\steamapps\common\Deceit\bin\win_x64\Deceit.exe (Crytek GmbH) [File not signed]
FirewallRules: [{DB0CAC54-4D47-4D83-BA0B-E2B2B91BC4F0}] => (Allow) D:\SteamLibrary\steamapps\common\Deceit\bin\win_x64\Deceit.exe (Crytek GmbH) [File not signed]
FirewallRules: [{FFB3AD7E-1C94-40B6-A61A-AFA522024C0F}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{410F46B3-C2AD-4E7D-967F-072CB3297546}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{04DE6697-CC2C-4B50-9886-7011F0174526}] => (Allow) C:\Program Files\Epic Games\Diabotical\diabotical.exe () [File not signed]
FirewallRules: [{9BB32F98-664E-446A-A465-77591034CAA2}] => (Allow) C:\Program Files\Epic Games\Diabotical\diabotical.exe () [File not signed]
FirewallRules: [{E9209C0A-FC96-4FF2-9066-6B3668797048}] => (Allow) C:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe => No File
FirewallRules: [{8C0AA6EA-2023-47F6-918A-32743026D697}] => (Allow) C:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe => No File
FirewallRules: [{E58D832D-3D60-4708-98B7-E56FD1D5DA24}] => (Allow) D:\SteamLibrary\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Kristjan Skutta -> )
FirewallRules: [{5248A18B-C468-417A-8E75-A0293ACE7993}] => (Allow) D:\SteamLibrary\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Kristjan Skutta -> )
FirewallRules: [{CD5DB6CD-0E61-49B7-A73B-8A37A30177CB}] => (Allow) D:\SteamLibrary\steamapps\common\VRChat\VRChat.exe () [File not signed]
FirewallRules: [{611E2819-C1E3-44B2-84D8-4320AF2D8F4D}] => (Allow) D:\SteamLibrary\steamapps\common\VRChat\VRChat.exe () [File not signed]
FirewallRules: [{95548FAC-153F-43D8-B01B-D6F266969A0D}] => (Allow) D:\SteamLibrary\steamapps\common\Among Us\Among Us.exe () [File not signed]
FirewallRules: [{E26E1C76-EF1A-4635-9FA9-58E2635B094A}] => (Allow) D:\SteamLibrary\steamapps\common\Among Us\Among Us.exe () [File not signed]
FirewallRules: [{EB7C0A04-3AF6-4BCF-B21F-1A3B0D57A3B0}] => (Allow) D:\SteamLibrary\steamapps\common\SCP Secret Laboratory\SCPSL.exe (Hubert Moszka Northwood -> Northwood Studios)
FirewallRules: [{B9A9A7A9-B47B-447C-8074-5A6662E64030}] => (Allow) D:\SteamLibrary\steamapps\common\SCP Secret Laboratory\SCPSL.exe (Hubert Moszka Northwood -> Northwood Studios)
FirewallRules: [{3149F1ED-24B1-4D5F-AA2C-4C4B2EC7EF6E}] => (Allow) D:\SteamLibrary\steamapps\common\GarrysMod\hl2.exe () [File not signed]
FirewallRules: [{3CB1E54D-825E-48CC-A937-8B0E0F4AEEEE}] => (Allow) D:\SteamLibrary\steamapps\common\GarrysMod\hl2.exe () [File not signed]
FirewallRules: [{4B13D97E-6B8C-4B00-8D77-1AB839F70532}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F246D906-1189-46A6-8F62-F1D8828B6C8E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{74E601EC-957F-4F5E-9C85-EC8FC9C60BDC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AC9B0552-FD9F-41AA-A96D-C9E24554E1EF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{50116A37-EAC6-4E4E-82EF-3EF0B1A948C2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.140.508.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{04B7D707-E1FB-4A0B-8945-6185E51890D5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.140.508.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D0ED8A91-D163-42E6-A676-A370AC39D6F1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.140.508.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6C30AC54-97F8-4623-8542-9E1BFC47B44E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.140.508.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0A871C00-D21A-4CCA-8BA4-2BF4CE253214}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.140.508.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{79F9B24C-4977-4D57-ABDC-19BED6A1F104}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.140.508.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{34E3C0BA-2BD8-4C8E-9534-E21B2D965855}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.140.508.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FBE49886-03AF-4BDE-A625-C3DF615CF9E0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.140.508.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
 
==================== Restore Points =========================
 
 
==================== Faulty Device Manager Devices ============
 
Name: Standard PS/2 Keyboard
Description: Standard PS/2 Keyboard
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: Microsoft PS/2 Mouse
Description: Microsoft PS/2 Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (08/27/2020 07:27:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RzSDKService.exe, version: 2.8.3.55, time stamp: 0x5f191b5d
Faulting module name: ucrtbase.dll, version: 10.0.19041.423, time stamp: 0xaba7b35d
Exception code: 0xc0000409
Fault offset: 0x0009d132
Faulting process id: 0x10b8
Faulting application start time: 0x01d67c3b13d95082
Faulting application path: C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
Faulting module path: C:\WINDOWS\System32\ucrtbase.dll
Report Id: 21efbb86-89de-4520-95bd-08e35198bccb
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (08/27/2020 07:26:27 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
 
Error: (08/27/2020 07:18:16 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW.  hr = 0x8007001f, A device attached to the system is not functioning.
.
 
 
Operation:
   Executing Asynchronous Operation
 
Context:
   Current State: DoSnapshotSet
 
Error: (08/27/2020 07:17:54 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
 
 
Operation:
   Gathering Writer Data
 
Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {9041e8f6-736a-4a00-91e4-4cb9414480c8}
 
Error: (08/26/2020 04:27:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Blitz.exe, version: 1.11.14.0, time stamp: 0x5f2828cc
Faulting module name: CoreMessaging.dll, version: 10.0.19041.423, time stamp: 0xbca69586
Exception code: 0xc0000602
Fault offset: 0x0000f662
Faulting process id: 0x4604
Faulting application start time: 0x01d67bbd698f5fe7
Faulting application path: C:\Users\ciara\AppData\Local\Programs\Blitz\Blitz.exe
Faulting module path: C:\WINDOWS\SYSTEM32\CoreMessaging.dll
Report Id: aa7488bd-eb1e-49f1-9e18-7f53108a35f5
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (08/25/2020 11:41:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Blitz.exe, version: 1.11.14.0, time stamp: 0x5f2828cc
Faulting module name: CoreMessaging.dll, version: 10.0.19041.423, time stamp: 0xbca69586
Exception code: 0xc0000602
Fault offset: 0x0000f662
Faulting process id: 0x2d60
Faulting application start time: 0x01d67a6fe9cceeda
Faulting application path: C:\Users\ciara\AppData\Local\Programs\Blitz\Blitz.exe
Faulting module path: C:\WINDOWS\SYSTEM32\CoreMessaging.dll
Report Id: 905b08fc-7ce4-4d68-924a-2be788b69b1c
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (08/25/2020 01:02:36 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program FACEIT.exe version 1.24.1.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: 30c8
 
Start Time: 01d67a6ff0c2e30d
 
Termination Time: 4294967295
 
Application Path: C:\Users\ciara\AppData\Local\FACEITApp\app-1.24.1\FACEIT.exe
 
Report Id: 914a8930-c3cc-41fd-9e46-e6e0bddd94e5
 
Faulting package full name: 
 
Faulting package-relative application ID: 
 
Hang type: Top level window is idle
 
Error: (08/25/2020 12:38:29 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: The Cryptographic Services service failed to initialize the Catalog Database. The ESENT error was: -1409.
 
 
System errors:
=============
Error: (08/27/2020 11:13:07 AM) (Source: volsnap) (EventID: 25) (User: )
Description: The shadow copies of volume C: were deleted because the shadow copy storage could not grow in time.  Consider reducing the IO load on the system or choose a shadow copy storage volume that is not being shadow copied.
 
Error: (08/27/2020 07:27:08 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Razer Chroma SDK Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
 
Error: (08/27/2020 07:26:27 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The nordvpn-service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (08/27/2020 07:25:47 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Mullvad VPN Service service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
 
Error: (08/27/2020 07:24:22 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Mullvad VPN Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 3000 milliseconds: Restart the service.
 
Error: (08/27/2020 07:19:16 AM) (Source: VBoxNetLwf) (EventID: 12) (User: )
Description: The driver detected an internal driver error on \Device\VBoxNetLwf.
 
Error: (08/27/2020 07:19:15 AM) (Source: VBoxNetLwf) (EventID: 12) (User: )
Description: The driver detected an internal driver error on \Device\VBoxNetLwf.
 
Error: (08/27/2020 07:18:42 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Search service failed to start due to the following error: 
The service did not start due to a logon failure.
 
 
Windows Defender:
===================================
Date: 2020-08-27 12:05:58.1710000Z
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan ID: {D5FB933B-96E3-4379-8BB1-5B97BB7D5E40}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2020-08-27 00:58:56.0040000Z
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan ID: {0FFF0FB6-36F2-4B4D-A701-C61201698615}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2020-08-27 00:38:51.8480000Z
Description: 
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Trojan:Win32/Ymacco.AADD
ID: 2147756245
Severity: Severe
Category: Trojan
Path: file:_D:\Downloads\FRST-OlderVersion\FRST.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: D:\Downloads\esetonlinescanner.exe
Security intelligence Version: AV: 1.321.2244.0, AS: 1.321.2244.0, NIS: 1.321.2244.0
Engine Version: AM: 1.1.17400.5, NIS: 1.1.17400.5
 
Date: 2020-08-27 00:37:59.6490000Z
Description: 
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Trojan:Win32/Wacatac.D7!ml
ID: 2147757786
Severity: Severe
Category: Trojan
Path: file:_C:\Windows.old\Users\ciara\OneDrive\Desktop\New folder (2)\ujktmavlqbegoh.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: D:\Downloads\esetonlinescanner.exe
Security intelligence Version: AV: 1.321.2244.0, AS: 1.321.2244.0, NIS: 1.321.2244.0
Engine Version: AM: 1.1.17400.5, NIS: 1.1.17400.5
 
Date: 2020-08-27 00:37:48.3040000Z
Description: 
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Program:Win32/Vigram.A
ID: 232718
Severity: Low
Category: Potentially Unwanted Software
Path: file:_C:\Windows.old\Users\ciara\OneDrive\Desktop\New folder (2)\New folder (11)\New folder (2)\login.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: D:\Downloads\esetonlinescanner.exe
Security intelligence Version: AV: 1.321.2244.0, AS: 1.321.2244.0, NIS: 1.321.2244.0
Engine Version: AM: 1.1.17400.5, NIS: 1.1.17400.5
 
Date: 2020-08-23 09:09:09.6270000Z
Description: 
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode 
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
 
Date: 2020-07-06 16:45:34.3780000Z
Description: 
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode 
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
 
CodeIntegrity:
===================================
 
Date: 2020-08-27 07:22:34.1600000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\PrxerNsp.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-08-27 07:22:34.1590000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\PrxerNsp.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-08-27 07:22:29.8060000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\PrxerNsp.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-08-27 07:22:29.8040000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\PrxerNsp.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-08-27 07:22:23.2990000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\PrxerNsp.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-08-27 07:22:23.2980000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\PrxerNsp.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-08-27 07:21:27.0840000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\PrxerNsp.dll that did not meet the Windows signing level requirements.
 
Date: 2020-08-27 07:21:27.0830000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\PrxerNsp.dll that did not meet the Windows signing level requirements.
 
==================== Memory info =========================== 
 
BIOS: American Megatrends Inc. 1.A0 07/22/2016
Motherboard: MSI Z170A GAMING M5 (MS-7977)
Processor: Intel® Core™ i7-6700K CPU @ 4.00GHz
Percentage of memory in use: 44%
Total physical RAM: 16343.59 MB
Available physical RAM: 9008.98 MB
Total Virtual: 21207.59 MB
Available Virtual: 9174.9 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:464.44 GB) (Free:150.21 GB) NTFS
Drive d: (Storage homie) (Fixed) (Total:1863.01 GB) (Free:633.4 GB) NTFS
 
\\?\Volume{07edae41-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS
\\?\Volume{07edae41-0000-0000-0000-903b74000000}\ () (Fixed) (Total:0.83 GB) (Free:0.39 GB) NTFS
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: D34B90AC)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
 
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 07EDAE41)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=464.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=849 MB) - (Type=27)
 
==================== End of Addition.txt =======================

  • 0

#30
DR M

DR M

    GeekU Senior

  • GeekU Senior
  • 2,120 posts

Hi, cmd.

You have made a great cleaning there! :)

1. Are these programs working properly?

There are signs in the logs showing some issues. Please check, and, if needed, uninstall and reinstall them.

Razer Chroma SDK
Blitz


2. Please do the following to run a FRST fix.

NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system

  • Please select the entire contents of the code box below, from the "Start::" line to "End::", including both lines. Right-click and select "Copy ". No need to paste anything to anywhere.
Start::
CreateRestorePoint:
CloseProcesses:
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
FirewallRules: [{317BE8F6-E978-4943-9D47-3A51DA5943B4}] => (Allow) C:\Users\ciara\Desktop\New folder\Client.exe => No File
FirewallRules: [{19A71299-11D0-4780-AA6D-02EF643FE574}] => (Allow) C:\Users\ciara\Desktop\New folder\forward.exe => No File
FirewallRules: [{9E412DAA-46F6-47BE-975B-130BAB2470A5}] => (Allow) C:\Users\ciara\Desktop\New folder\Lineupd.exe => No File
FirewallRules: [{23D9B8E0-6BF7-4E9B-B8E7-187623D9A40F}] => (Allow) C:\Users\ciara\Desktop\New folder\newforward.exe => No File
FirewallRules: [{C765881B-0A24-4E78-A705-441FFAA9CC38}] => (Allow) C:\Users\ciara\Desktop\New folder\newsocket.exe => No File
FirewallRules: [{48B621F8-9019-4DA2-A36A-8863AFBB4907}] => (Allow) C:\Users\ciara\Desktop\New folder\socket.exe => No File
FirewallRules: [{CF107EF8-73CF-486E-B444-5720CA7015BA}] => (Allow) C:\Users\ciara\Desktop\New folder\ProxyTool\ProxyAPI.exe => No File
FirewallRules: [{BDAAD038-1B63-4F78-B450-EF4DB1D66B7F}] => (Allow) C:\Users\ciara\Desktop\New folder\ProxyTool\Monitor.exe => No File
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
EmptyTemp:
End::
  • Please right-click on FRST64 on your Desktop, to run it as administrator. When the tool opens, click "yes" to the disclaimer.
  • Press the Fix button once and wait.
  • FRST will process fixlist.txt
  • When finished, it will produce a log fixlog.txt on your Desktop.
  • Please post the log in your next reply.

 

3. How is the computer doing now? Please report any remaining issues.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP