Biscuitz13

ElPerroLoco, I went back to a previous version of Windows and it fixed it. The malware is no longer on my PC and my scans came up clean. I'm not sure how long you have had your issue (mine was within the last 48 hours) but maybe that will work for you also! Let me know your outcome!

ElPerroLoco, yeah I'm trying to get help and also help myself with the forums. I don't know what to do at this point.

FRST ADDITION LOG Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-07-2019 01 Ran by Harlot (19-07-2019 01:34:09) Running from C:\Users\Harlot\Downloads Windows 10 Home Version 1903 18362.239 (X64) (2019-07-11 14:48:53) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1775122951-2766310106-2385829361-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-1775122951-2766310106-2385829361-503 - Limited - Disabled) Guest (S-1-5-21-1775122951-2766310106-2385829361-501 - Limited - Disabled) Harlot (S-1-5-21-1775122951-2766310106-2385829361-1001 - Administrator - Enabled) => C:\Users\Harlot WDAGUtilityAccount (S-1-5-21-1775122951-2766310106-2385829361-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Apex Legends (HKLM-x32\...\{D7FBF176-382D-484E-863A-DFD1124A2A1C}) (Version: 1.0.1.5 - Electronic Arts, Inc.) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Discord (HKU\S-1-5-21-1775122951-2766310106-2385829361-1001\...\Discord) (Version: 0.0.305 - Discord Inc.) DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 419.67 - NVIDIA Corporation) Hidden Epic Games Launcher (HKLM-x32\...\{A398FCC0-8E8B-409E-90E9-ACF4671633F2}) (Version: 1.1.183.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.142 - Google LLC) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Logitech Camera Settings (HKLM-x32\...\LogiUCDPP) (Version: 2.3.117.0 - Logitech Europe S.A.) Malwarebytes version 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes) Microsoft OneDrive (HKU\S-1-5-21-1775122951-2766310106-2385829361-1001\...\OneDriveSetup.exe) (Version: 19.103.0527.0003 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation) NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.15 - NVIDIA Corporation) Hidden NVIDIA GeForce Experience 3.19.0.107 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.19.0.107 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.38.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.16 - NVIDIA Corporation) NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation) Origin (HKLM-x32\...\Origin) (Version: 10.5.41.27263 - Electronic Arts, Inc.) Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment) Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.4.0401.032710 - Razer Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7885 - Realtek Semiconductor Corp.) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Streamlabs OBS 0.15.1 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.15.1 - General Workings, Inc.) The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.52.100.1020 - Electronic Arts Inc.) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation) Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22807 - Microsoft Corporation) Packages: ========= Cartoons Unlimited Pro -> C:\Program Files\WindowsApps\OblivionLLC.CartoonsUnlimitedPro_1.2.33.0_x64__eea9nffhdnsmy [2019-07-12] (Oblivion, LLC) [MS Ad] Free Movies 2019 -> C:\Program Files\WindowsApps\45801Lewiscapaldi.FreeMovies2019_12.1.1.0_x64__9zejcqtqk58f0 [2019-07-15] (Lewis capaldi) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-15] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-15] (Microsoft Corporation) [MS Ad] Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.31.11723.0_x64__8wekyb3d8bbwe [2019-06-27] (Microsoft Corporation) [MS Ad] MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.28.10351.0_x64__8wekyb3d8bbwe [2019-02-15] (Microsoft Corporation) [MS Ad] Photos Add-on -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2019-07-02] (Microsoft Corporation) Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_2.2.9.0_x64__nfy108tqq3p12 [2019-02-15] (Thumbmunkeys Ltd) [MS Ad] ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-05-22] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes) ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2017-02-07 23:16 - 2017-02-07 23:16 - 006060704 _____ () [File not signed] C:\WINDOWS\SYSTEM32\mfc140u.dll 2019-07-02 18:02 - 2019-06-11 08:21 - 001277440 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll 2019-07-02 18:03 - 2019-06-11 08:22 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll 2019-07-02 18:02 - 2019-06-03 20:29 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll 2019-07-02 18:02 - 2019-06-03 20:29 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll 2019-07-02 18:02 - 2019-06-03 20:29 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll 2019-07-02 18:02 - 2019-06-03 20:29 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll 2019-07-02 18:02 - 2019-06-03 20:29 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll 2019-07-02 18:02 - 2019-06-03 20:29 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [462] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2019-02-15 18:47 - 2019-02-15 18:45 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Program Files (x86)\Razer\ChromaBroadcast\bin;C:\Program Files\Razer\ChromaBroadcast\bin;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\WindowsApps;C:\Users\Harlot\AppData\Local\Microsoft\WindowsApps;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\ HKU\S-1-5-21-1775122951-2766310106-2385829361-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Harlot\Pictures\Graphite-1920x1080.png DNS Servers: 75.75.75.75 - 75.75.76.76 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == If an entry is included in the fixlist, it will be removed. HKU\S-1-5-21-1775122951-2766310106-2385829361-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-1775122951-2766310106-2385829361-1001\...\StartupApproved\Run: => "Battle.net" HKU\S-1-5-21-1775122951-2766310106-2385829361-1001\...\StartupApproved\Run: => "Discord" HKU\S-1-5-21-1775122951-2766310106-2385829361-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-1775122951-2766310106-2385829361-1001\...\StartupApproved\Run: => "Synapse3" HKU\S-1-5-21-1775122951-2766310106-2385829361-1001\...\StartupApproved\Run: => "EpicGamesLauncher" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{688A04D7-38C0-4EBC-805E-4E5B292BD654}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{7FF34D61-4374-4FFC-BB82-7B7B80C11286}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{9549AA41-5A53-4D9F-B259-8F9C72009E71}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{5DFE9130-5BC7-4456-94DE-8FF9745FFD26}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{7B9AD83A-D0D0-4EE7-9448-50306E3292D8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bioshock\Builds\Release\Bioshock.exe () [File not signed] FirewallRules: [{2AAA8AA9-87DE-426F-8849-06BF26F45939}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bioshock\Builds\Release\Bioshock.exe () [File not signed] FirewallRules: [{ACA1F83F-F56F-45CC-BCE8-DEF2B78DD9AC}] => (Allow) C:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) FirewallRules: [{6EC06246-7B33-415D-B0D6-E3CE7794A703}] => (Allow) C:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) FirewallRules: [{2A137690-3A53-4753-A61E-7A13C791EC89}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mortal Kombat 11\Binaries\Retail\MK11.exe (WB Games, Inc.) [File not signed] FirewallRules: [{0CD50A8B-E32D-4036-8D10-31E5988E2D55}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mortal Kombat 11\Binaries\Retail\MK11.exe (WB Games, Inc.) [File not signed] FirewallRules: [UDP Query User{0F558FA4-1FC5-43AF-8DBF-F254E70A5B91}C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe (Epic Games, Inc.) [File not signed] FirewallRules: [TCP Query User{B2D4336D-A322-4100-8D87-B07E9725696B}C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dead by daylight\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe (Epic Games, Inc.) [File not signed] FirewallRules: [{407BABC4-49E9-4654-BBD5-4C7B28FFC7B0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dead by Daylight\DeadByDaylight.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) FirewallRules: [{B26BF2D2-51BE-425F-99BD-480495499817}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dead by Daylight\DeadByDaylight.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) FirewallRules: [{5AD84FFD-0C3A-4C25-B7E6-E52091DFDF72}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts, Inc. -> Electronic Arts Inc.) FirewallRules: [{83A3FED4-7C0D-4E56-AA0A-4DC2EB154A8B}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts, Inc. -> Electronic Arts Inc.) FirewallRules: [{40776325-9394-461F-BFA1-8D1AEFACE58E}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe (Electronic Arts, Inc. -> Electronic Arts Inc.) FirewallRules: [{F9932412-D630-4B72-A5E7-99FE7FCBE4BF}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe (Electronic Arts, Inc. -> Electronic Arts Inc.) FirewallRules: [{8D04ADE7-51D5-4980-AA05-94DBD9431468}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe (Facepunch Studios Ltd -> EasyAntiCheat Ltd) FirewallRules: [{8DF1686B-D5EF-4767-9DBE-DF5B1311F7A9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe (Facepunch Studios Ltd -> EasyAntiCheat Ltd) FirewallRules: [UDP Query User{3E8BD2C2-2C0B-4CAA-852E-EB8016D747E7}C:\program files (x86)\steam\steamapps\common\ark\shootergame\binaries\win64\shootergameserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\ark\shootergame\binaries\win64\shootergameserver.exe (Wildcard Properties LLC -> Epic Games, Inc.) FirewallRules: [TCP Query User{61D12AE9-087D-4692-8791-BD5215752643}C:\program files (x86)\steam\steamapps\common\ark\shootergame\binaries\win64\shootergameserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\ark\shootergame\binaries\win64\shootergameserver.exe (Wildcard Properties LLC -> Epic Games, Inc.) FirewallRules: [{861AC72D-6468-4EBA-B650-F88105869923}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe (Wildcard Properties LLC -> Epic Games, Inc.) FirewallRules: [{3D771E32-921F-4306-B67D-7982139ADEAE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe (Wildcard Properties LLC -> Epic Games, Inc.) FirewallRules: [{4CA95617-4E76-4E23-AB09-CB18E5B443D2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations) FirewallRules: [{71A084DC-6878-4048-A1DB-9CF55B9AAB72}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations) FirewallRules: [{3E36B487-3B92-4E30-B44A-A164DFE80D54}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe (Gearbox Software LLC -> Take-Two Interactive Software, Inc.) FirewallRules: [{FBDD4E12-25D9-41AE-B38D-175980CBBDE0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe (Gearbox Software LLC -> Take-Two Interactive Software, Inc.) FirewallRules: [{75C9E207-4F45-46AE-AA24-803973CE4231}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe (Gearbox Software) [File not signed] FirewallRules: [{12DFC552-C79E-4741-98B3-7D6693BB0AA5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe (Gearbox Software) [File not signed] FirewallRules: [{E3D659E2-7D9C-4D56-99C4-AA1C35FD3D29}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe (Gearbox Software LLC -> Gearbox Software) FirewallRules: [{83C10AC9-DAB1-4C7C-89C1-A548A0823BBB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe (Gearbox Software LLC -> Gearbox Software) FirewallRules: [UDP Query User{2CACF5FE-BD29-4F29-9E46-A9C4158448D7}C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe No File FirewallRules: [TCP Query User{3F9E249E-07EA-491F-B7C3-079890089226}C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe No File FirewallRules: [{2F0DE17F-1226-4544-84BF-70712F59867C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVRPerformanceTest\bin\win64\vr.exe () [File not signed] FirewallRules: [{94CC4D5F-9F04-494E-AEC9-F697E780773D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVRPerformanceTest\bin\win64\vr.exe () [File not signed] FirewallRules: [UDP Query User{0F65F3F4-4582-449F-B6A2-28C7DD6B3E3C}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [TCP Query User{4071848C-29B2-49D2-9924-BF04673331E2}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [UDP Query User{CE615498-8008-4A2F-A1A0-4D74C19DAE02}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [TCP Query User{8D5B1288-B6D6-4FE3-9B57-8558D358FB9C}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [UDP Query User{D50468A3-F287-4037-B014-5DB21952D38F}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [TCP Query User{08EF936D-B48E-4373-8017-84E51828C65D}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [UDP Query User{A63C8346-48E2-4C9A-A8BA-CB336B15A32E}C:\program files (x86)\steam\steamapps\common\astroneer\astro\binaries\win64\astro-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\astroneer\astro\binaries\win64\astro-win64-shipping.exe No File FirewallRules: [TCP Query User{CED6C1C9-1E2F-46AE-887E-31E079736821}C:\program files (x86)\steam\steamapps\common\astroneer\astro\binaries\win64\astro-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\astroneer\astro\binaries\win64\astro-win64-shipping.exe No File FirewallRules: [{C8BDBA34-A13A-4D16-8EAA-018FC66DF7DD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{1D6038D3-7C01-4112-8341-D027F34187F3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{F0C27A02-E625-4F2D-B148-2B22A28650E1}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{09046431-72A4-4F2B-96B5-BEB517D07B68}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{2EC683A3-904C-4372-9A50-CCF84E062A2F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cuisine Royale\win32\enlisted.exe No File FirewallRules: [{7A3B27A8-93DF-45CA-A9CA-8DDE7C74D621}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cuisine Royale\win32\enlisted.exe No File FirewallRules: [{7575F1C8-7829-4F92-9435-15E369FACE2E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cuisine Royale\win64\enlisted.exe No File FirewallRules: [{F41573F3-0D14-4439-ACDB-C16781C04564}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cuisine Royale\win64\enlisted.exe No File FirewallRules: [{CB85CBBC-FEF9-41D6-A657-677B91DDD7E9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cuisine Royale\gaijin_downloader.exe No File FirewallRules: [{4B6F2D85-6117-4EEE-AD32-8C40432F36B7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cuisine Royale\gaijin_downloader.exe No File FirewallRules: [{9957ADF8-D771-4524-8951-19BAED5996A8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cuisine Royale\win32\bpreport.exe No File FirewallRules: [{D67E10EB-FE2C-484A-965F-5B95301AA244}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cuisine Royale\win32\bpreport.exe No File FirewallRules: [{134681DB-5BB8-477B-BBDA-FB9951AED931}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cuisine Royale\bpreport.exe No File FirewallRules: [{6560EDF0-03AF-48DE-9026-A4BD43E6B8C1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cuisine Royale\bpreport.exe No File FirewallRules: [{9E716119-762D-476C-9760-CCC839352D11}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cuisine Royale\launcher.exe No File FirewallRules: [{A9E2BF86-AE2D-4B9F-B7FE-0A88D1B19DDC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cuisine Royale\launcher.exe No File FirewallRules: [UDP Query User{96A5A7B0-85B3-41DC-BBC2-6299CADF89A4}C:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) C:\program files (x86)\origin games\apex\r5apex.exe (Electronic Arts, Inc. -> Respawn Entertainment) FirewallRules: [TCP Query User{30393D73-81FE-4EA7-B39E-FA41A346FA8B}C:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) C:\program files (x86)\origin games\apex\r5apex.exe (Electronic Arts, Inc. -> Respawn Entertainment) FirewallRules: [UDP Query User{F3AC6B55-2FA8-46AD-8A50-54B3F93DA972}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe No File FirewallRules: [TCP Query User{63903280-6179-498C-AD9D-FE868BBE9224}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe No File FirewallRules: [{C1E5C53A-8C0D-40C8-AF59-DCE63E7F1932}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> ) FirewallRules: [{608E345F-6F7D-4729-871B-0403262DE43D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> ) FirewallRules: [{B9080C44-4E9E-4DC0-A83D-38215D3BFCEC}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File FirewallRules: [{64237625-31BD-49F0-BC89-DF4382AF6721}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File FirewallRules: [{75E48902-B443-43BF-9ACE-E27CED39D284}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{A388D9F6-C660-481A-B656-204BEC35AEFD}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{E394AF48-FDFC-407B-91A8-87324A7DB9B7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [TCP Query User{4EE0C2EA-82E4-420E-9003-CC2FD7FD65EB}C:\program files (x86)\overwatch\_retail_\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment) FirewallRules: [UDP Query User{6EB9FF97-0F99-405C-BBB9-62E076BC8A31}C:\program files (x86)\overwatch\_retail_\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment) ==================== Restore Points ========================= 12-07-2019 00:06:17 Windows Update 18-07-2019 09:49:04 Removed WinZip 23.0. ==================== Faulty Device Manager Devices ============= Name: Standard PS/2 Keyboard Description: Standard PS/2 Keyboard Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318} Manufacturer: (Standard keyboards) Service: i8042prt Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: Microsoft PS/2 Mouse Description: Microsoft PS/2 Mouse Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: i8042prt Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Event log errors: ========================= Application errors: ================== Error: (07/19/2019 01:25:58 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "C:\Users\Harlot\AppData\Local\chromium\Application\chrome.exe". Dependent Assembly 63.0.3235.0,language="*",type="win32",version="63.0.3235.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (07/19/2019 01:17:45 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "C:\Users\Harlot\AppData\Local\chromium\Application\chrome.exe". Dependent Assembly 63.0.3235.0,language="*",type="win32",version="63.0.3235.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (07/19/2019 12:36:43 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "C:\Users\Harlot\AppData\Local\chromium\Application\chrome.exe". Dependent Assembly 63.0.3235.0,language="*",type="win32",version="63.0.3235.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (07/19/2019 12:19:01 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "C:\Users\Harlot\AppData\Local\chromium\Application\chrome.exe". Dependent Assembly 63.0.3235.0,language="*",type="win32",version="63.0.3235.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (07/18/2019 11:59:25 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "C:\Users\Harlot\AppData\Local\chromium\Application\chrome.exe". Dependent Assembly 63.0.3235.0,language="*",type="win32",version="63.0.3235.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (07/18/2019 11:42:34 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "C:\Users\Harlot\AppData\Local\chromium\Application\chrome.exe". Dependent Assembly 63.0.3235.0,language="*",type="win32",version="63.0.3235.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (07/18/2019 08:50:15 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "C:\Users\Harlot\AppData\Local\chromium\Application\chrome.exe". Dependent Assembly 63.0.3235.0,language="*",type="win32",version="63.0.3235.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (07/18/2019 12:18:49 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: mbamtray.exe, version: 3.1.0.1838, time stamp: 0x5d13b12f Faulting module name: Qt5Core.dll, version: 5.11.1.0, time stamp: 0x5cba0161 Exception code: 0xc0000005 Fault offset: 0x0018dc19 Faulting process id: 0x8ac Faulting application start time: 0x01d53d721c59945e Faulting application path: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe Faulting module path: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll Report Id: fcbf9dd6-ecec-49d3-b4ea-3e5b34dee978 Faulting package full name: Faulting package-relative application ID: System errors: ============= Error: (07/19/2019 01:22:58 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Origin Web Helper Service service terminated unexpectedly. It has done this 1 time(s). Error: (07/19/2019 01:22:58 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Razer Synapse Service service terminated unexpectedly. It has done this 1 time(s). Error: (07/19/2019 01:22:58 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Razer Central Service service terminated unexpectedly. It has done this 1 time(s). Error: (07/19/2019 01:22:58 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Razer Game Manager service terminated unexpectedly. It has done this 1 time(s). Error: (07/19/2019 01:22:58 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The NVIDIA LocalSystem Container service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 6000 milliseconds: Restart the service. Error: (07/19/2019 01:22:58 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Logitech Video Camera Service service terminated unexpectedly. It has done this 1 time(s). Error: (07/19/2019 01:22:58 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Razer Chroma SDK Service service terminated unexpectedly. It has done this 1 time(s). Error: (07/19/2019 01:22:58 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The NVIDIA Telemetry Container service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service. Windows Defender: =================================== Date: 2019-07-16 20:38:07.744 Description: Windows Defender Antivirus scan has been stopped before completion. Scan ID: {86CE9FA1-39BA-4534-8AAC-7F204A6F533E} Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2019-07-16 20:35:51.346 Description: Windows Defender Antivirus scan has been stopped before completion. Scan ID: {C224E3FE-7DDA-486C-90D8-F47321A94CAC} Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2019-07-16 20:33:12.061 Description: Windows Defender Antivirus scan has been stopped before completion. Scan ID: {0075F509-0C0B-4D40-9A07-B4EDE728D20E} Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2019-07-16 20:29:42.644 Description: Windows Defender Antivirus scan has been stopped before completion. Scan ID: {AD1C53B8-2513-41F6-9C9D-8CC0545DA566} Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2019-07-15 00:30:45.552 Description: Windows Defender Antivirus scan has been stopped before completion. Scan ID: {351D477B-96D9-4E64-8E2F-4F0EB6F67434} Scan Type: Antimalware Scan Parameters: Quick Scan CodeIntegrity: =================================== Date: 2019-07-18 09:58:51.863 Description: Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes. Date: 2019-07-18 09:58:51.858 Description: Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes. Date: 2019-07-18 09:58:51.831 Description: Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes. Date: 2019-07-18 09:58:51.427 Description: Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes. Date: 2019-07-18 09:58:51.423 Description: Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes. Date: 2019-07-18 09:58:51.393 Description: Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes. Date: 2019-07-18 09:43:33.520 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Segurazo\SegGuard64.dll that did not meet the Microsoft signing level requirements. ==================== Memory info =========================== BIOS: American Megatrends Inc. 1.80 07/20/2017 Motherboard: MSI H110M PRO-VD PLUS (MS-7A15) Processor: Intel(R) Core(TM) i5-6500 CPU @ 3.20GHz Percentage of memory in use: 48% Total physical RAM: 8156.17 MB Available physical RAM: 4237.38 MB Total Virtual: 10012.17 MB Available Virtual: 4982.5 MB ==================== Drives ================================ Drive 😄 (Windows) (Fixed) (Total:930.3 GB) (Free:352.08 GB) NTFS \\?\Volume{e603e0a5-1a11-4d9d-a821-7a97f17ceb75}\ () (Fixed) (Total:0.83 GB) (Free:0.4 GB) NTFS \\?\Volume{96cc131a-1194-41f6-8fd0-c91194fefd1b}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.18 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000) Partition: GPT. ==================== End of Addition.txt ============================

FRST LOG Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-07-2019 01 Ran by Harlot (administrator) on DESKTOP-Q018KLJ (MSI MS-7A15) (19-07-2019 01:30:54) Running from C:\Users\Harlot\Downloads Loaded Profiles: Harlot (Available Profiles: Harlot) Platform: Windows 10 Home Version 1903 18362.239 (X64) Language: English (United States) Default browser: Chrome Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) () [File not signed] C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19062.451.0_x64__8wekyb3d8bbwe\YourPhone.exe (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe (Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe (Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Logitech Inc -> Logitech) C:\Program Files\Logitech\Collaboration\Services\Video\ServiceLayer.exe (Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Malwarebytes Corporation -> Malwarebytes) C:\Users\Harlot\Downloads\adwcleaner_7.3 (1).exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1906.3-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1906.3-0\NisSrv.exe (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe (Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe (Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe (Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8843784 2016-09-02] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKU\S-1-5-21-1775122951-2766310106-2385829361-1001\...\Run: [Discord] => C:\Users\Harlot\AppData\Local\Discord\app-0.0.305\Discord.exe [81780056 2019-03-07] (Discord Inc. -> Discord Inc.) HKU\S-1-5-21-1775122951-2766310106-2385829361-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3210016 2019-07-17] (Valve -> Valve Corporation) HKU\S-1-5-21-1775122951-2766310106-2385829361-1001\...\Run: [Battle.net] => C:\Program Files (x86)\Battle.net\Battle.net.exe [1098728 2019-07-05] (Blizzard Entertainment, Inc. -> Blizzard Entertainment) HKU\S-1-5-21-1775122951-2766310106-2385829361-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3482864 2019-03-26] (Razer USA Ltd. -> ) HKU\S-1-5-21-1775122951-2766310106-2385829361-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [35786128 2019-07-18] (Epic Games Inc. -> Epic Games, Inc.) HKU\S-1-5-21-1775122951-2766310106-2385829361-1001\...\Run: [Chromium] => c:\users\harlot\appdata\local\chromium\application\chrome.exe [4195328 2017-10-06] (The Chromium Authors) [File not signed] HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com) HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.142\Installer\chrmstp.exe [2019-07-16] (Google LLC -> Google LLC) Startup: C:\Users\Harlot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Free Audio Editor 2019 Update.lnk [2019-07-18] ShortcutTarget: Free Audio Editor 2019 Update.lnk -> C:\Program Files (x86)\Free Audio Editor 2019\Free Audio Editor 2019 Update.exe () [File not signed] ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0C5CA7C3-C7FC-46A3-9E4B-CE8B9A213E99} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-03-06] (NVIDIA Corporation -> NVIDIA Corporation) Task: {2A43C5B0-772A-4301-B4DF-E9463DEE394D} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130480 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation) Task: {352A6DA0-8C88-4E7B-8A2A-C7B08354274B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\MpCmdRun.exe [470176 2019-07-08] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {5F1107DC-9132-41B0-A595-BC657C01F46C} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130480 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation) Task: {616D915D-C0B9-4CDA-8E12-3007E9C4F82E} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-03-06] (NVIDIA Corporation -> NVIDIA Corporation) Task: {8B49D2E1-5777-4014-8718-22227020CF38} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3788144 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation) Task: {A0EFEDFA-72A7-409B-8E7F-EB65BD41B654} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130480 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation) Task: {AFB89C1E-D4FB-44B2-96FC-38812B0076FD} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [897008 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation) Task: {B996E9F2-E4F8-456F-A5F1-D463F35B626A} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [648504 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation) Task: {C1157EE4-C077-4168-94EC-64DB6F07A84A} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130480 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation) Task: {C1D58EA8-9006-4783-9AA4-E989DF6D70DD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\MpCmdRun.exe [470176 2019-07-08] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {C5B1722C-5E2A-4879-807D-34AA72568BCA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-15] (Google Inc -> Google Inc.) Task: {C6F9F6CB-4DAA-4855-B5E1-45FBA4804307} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [897008 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation) Task: {D823CFD4-CF77-43A6-8148-D16B6A226CA6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-15] (Google Inc -> Google Inc.) Task: {F2D92BD2-7998-4100-A02D-546BD71807FE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\MpCmdRun.exe [470176 2019-07-08] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {F54E6A55-2F14-43D1-879B-A9FE01A5F2EA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\MpCmdRun.exe [470176 2019-07-08] (Microsoft Windows Publisher -> Microsoft Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76 Tcpip\..\Interfaces\{b17b4dd9-aac9-4755-b4eb-a5c27cbff504}: [DhcpNameServer] 75.75.75.75 75.75.76.76 Internet Explorer: ================== HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1775122951-2766310106-2385829361-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = FireFox: ======== FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-14] (Google Inc -> Google LLC) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-14] (Google Inc -> Google LLC) Chrome: ======= CHR Profile: C:\Users\Harlot\AppData\Local\Google\Chrome\User Data\Default [2019-07-19] CHR Extension: (Slides) - C:\Users\Harlot\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-02-15] CHR Extension: (BetterTTV) - C:\Users\Harlot\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2019-03-28] CHR Extension: (Docs) - C:\Users\Harlot\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-02-15] CHR Extension: (Google Drive) - C:\Users\Harlot\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-02-15] CHR Extension: (YouTube) - C:\Users\Harlot\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-02-15] CHR Extension: (FrankerFaceZ) - C:\Users\Harlot\AppData\Local\Google\Chrome\User Data\Default\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb [2019-03-28] CHR Extension: (Sheets) - C:\Users\Harlot\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-02-15] CHR Extension: (Google Docs Offline) - C:\Users\Harlot\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-02-15] CHR Extension: (ClassLink OneClick Extension) - C:\Users\Harlot\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgfbgkjjlonelmpenhpfeeljjlcgnkpe [2019-06-28] CHR Extension: (Chrome Web Store Payments) - C:\Users\Harlot\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-02-15] CHR Extension: (Gmail) - C:\Users\Harlot\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-15] CHR Extension: (Chrome Media Router) - C:\Users\Harlot\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-06] ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8473200 2019-04-03] (BattlEye Innovations e.K. -> ) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [784512 2019-06-24] (EasyAntiCheat Oy -> EasyAntiCheat Ltd) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes) R2 nebula; C:\Program Files\Logitech\Collaboration\Services\Video\ServiceLayer.exe [4413064 2018-03-30] (Logitech Inc -> Logitech) R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-03-06] (NVIDIA Corporation -> NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-03-06] (NVIDIA Corporation -> NVIDIA Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2329392 2019-06-11] (Electronic Arts, Inc. -> Electronic Arts) R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3203888 2019-06-11] (Electronic Arts, Inc. -> Electronic Arts) R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [449632 2019-01-29] (Razer USA Ltd. -> Razer Inc.) R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [943184 2019-02-25] (Razer USA Ltd. -> Razer Inc.) R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [253776 2019-02-21] (Razer USA Ltd. -> Razer Inc) R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [287472 2019-03-26] (Razer USA Ltd. -> ) R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [532864 2019-04-01] (Razer USA Ltd. -> Razer Inc.) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\NisSrv.exe [2455544 2019-07-08] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\MsMpEng.exe [110104 2019-07-08] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 dg_ssudbus; C:\WINDOWS\System32\drivers\ssudbus.sys [131712 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [275232 2019-07-19] (Malwarebytes Corporation -> Malwarebytes) R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvpcdi.inf_amd64_5184c6af52782c3a\nvlddmkm.sys [21836032 2019-05-23] (NVIDIA Corporation -> NVIDIA Corporation) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-06-13] (NVIDIA Corporation -> NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-03-19] (NVIDIA Corporation -> NVIDIA Corporation) R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [75600 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [662528 2019-03-19] (Microsoft Windows -> Realtek ) R3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [49032 2019-01-16] (Razer USA Ltd. -> Razer Inc) R3 RzDev_0064; C:\WINDOWS\System32\drivers\RzDev_0064.sys [51696 2018-04-22] (Razer USA Ltd. -> Razer Inc) S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64640 2016-09-05] (Samsung Electronics CO., LTD. -> QUALCOMM Incorporated) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [47704 2019-07-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [367032 2019-07-08] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54200 2019-07-08] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-07-19 01:30 - 2019-07-19 01:32 - 000021411 _____ C:\Users\Harlot\Downloads\FRST.txt 2019-07-19 01:30 - 2019-07-19 01:30 - 000000000 ____D C:\FRST 2019-07-19 01:29 - 2019-07-19 01:29 - 002095104 _____ (Farbar) C:\Users\Harlot\Downloads\FRST64.exe 2019-07-19 01:24 - 2019-07-19 01:24 - 000275232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2019-07-19 01:20 - 2019-07-19 01:20 - 007025360 _____ (Malwarebytes) C:\Users\Harlot\Downloads\adwcleaner_7.3 (1).exe 2019-07-19 01:14 - 2019-07-19 01:22 - 000000000 ____D C:\AdwCleaner 2019-07-19 01:13 - 2019-07-19 01:13 - 064649064 _____ (Malwarebytes ) C:\Users\Harlot\Downloads\mb3-setup-consumer-3.8.3.2965-1.0.613-1.0.11612.exe 2019-07-19 01:13 - 2019-07-19 01:13 - 007025360 _____ (Malwarebytes) C:\Users\Harlot\Downloads\adwcleaner_7.3.exe 2019-07-19 00:36 - 2019-07-19 01:19 - 000000000 ____D C:\Users\Harlot\AppData\Roaming\Free Audio Editor New Version Available 2019-07-18 10:28 - 2019-07-18 10:28 - 000001946 _____ C:\Users\Harlot\Desktop\Video Editor.lnk 2019-07-18 10:24 - 2019-07-18 10:27 - 000000000 ____D C:\Users\Harlot\Documents\Sound recordings 2019-07-18 09:52 - 2019-07-18 20:52 - 000004170 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{7709591B-47F3-4F30-905A-9CB78C766961} 2019-07-18 09:42 - 2019-07-18 09:42 - 000000000 ____D C:\ProgramData\UniqueId 2019-07-18 09:41 - 2019-07-18 09:46 - 000000000 ____D C:\Users\Harlot\AppData\Local\chromium 2019-07-18 09:40 - 2019-07-18 09:46 - 000000000 ____D C:\Program Files (x86)\Chromium 2019-07-18 09:40 - 2019-07-18 09:40 - 000000000 ____D C:\ProgramData\{F138CD04-D910-B57C-8148-9D5469A0458C} 2019-07-18 09:40 - 2002-01-05 16:37 - 000344064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr70.dll 2019-07-18 09:39 - 2019-07-18 10:11 - 000000000 ____D C:\Program Files (x86)\Free Audio Editor 2019 2019-07-18 09:39 - 2019-07-18 09:43 - 000000000 ____D C:\ProgramData\jccca 2019-07-18 09:39 - 2019-07-18 09:39 - 000000000 ____D C:\Users\Harlot\Downloads\qkou.CIS 2019-07-18 09:39 - 2019-07-18 09:39 - 000000000 ____D C:\ProgramData\McAfee 2019-07-18 09:30 - 2019-07-18 09:30 - 000000000 ____D C:\ProgramData\AVS4YOU 2019-07-18 09:29 - 2010-05-11 13:17 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3a.dll 2019-07-18 09:28 - 2019-07-18 09:37 - 000000000 ____D C:\Program Files (x86)\AVS4YOU 2019-07-15 06:23 - 2019-07-15 06:23 - 005829844 _____ (UserBenchmark.com) C:\Users\Harlot\Downloads\UserBenchMark.exe 2019-07-14 19:41 - 2019-07-14 19:41 - 000007606 _____ C:\Users\Harlot\AppData\Local\Resmon.ResmonCfg 2019-07-11 20:06 - 2019-07-11 20:06 - 000000000 ____D C:\Users\Harlot\AppData\Roaming\NVIDIA 2019-07-11 20:04 - 2019-07-18 23:31 - 000000000 ____D C:\Users\Harlot\AppData\Roaming\slobs-client 2019-07-11 20:04 - 2019-07-11 21:08 - 000000000 ____D C:\Users\Harlot\AppData\Roaming\obs-studio-node-server 2019-07-11 20:04 - 2019-07-11 20:04 - 000001983 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Streamlabs OBS.lnk 2019-07-11 20:04 - 2019-07-11 20:04 - 000001971 _____ C:\Users\Public\Desktop\Streamlabs OBS.lnk 2019-07-11 20:04 - 2019-07-11 20:04 - 000000000 ____D C:\Users\Harlot\AppData\Roaming\Streamlabs OBS 2019-07-11 20:04 - 2019-07-11 20:04 - 000000000 ____D C:\Users\Harlot\AppData\Roaming\slobs-plugins 2019-07-11 20:04 - 2019-07-11 20:04 - 000000000 ____D C:\Users\Harlot\AppData\Local\slobs-client-updater 2019-07-11 20:03 - 2019-07-11 20:04 - 000000000 ____D C:\Program Files\Streamlabs OBS 2019-07-11 20:03 - 2019-07-11 20:03 - 216259056 _____ (General Workings, Inc.) C:\Users\Harlot\Downloads\Streamlabs+OBS+Setup+0.15.1-0c6rQi18rTw4Aax.exe 2019-07-11 14:21 - 2019-07-11 10:48 - 000000000 ____D C:\Windows.old 2019-07-11 14:15 - 2019-07-11 14:21 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate 2019-07-11 14:14 - 2019-07-11 14:15 - 000000000 ____D C:\WINDOWS\ServiceProfiles 2019-07-11 14:14 - 2019-07-11 14:14 - 000008192 _____ C:\WINDOWS\system32\config\userdiff 2019-07-11 14:10 - 2019-07-11 14:10 - 000700928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll 2019-07-11 14:10 - 2019-07-11 14:10 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 025902080 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 025444864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 022625280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 019811328 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 018017792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 014816256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 009917752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2019-07-11 14:09 - 2019-07-11 14:09 - 008011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 007758336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 007636616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 007242312 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 007175168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 007008768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 006534712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 006218752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 006068840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 005919744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 005745504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 005500416 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 004863488 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 004578816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 004562920 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe 2019-07-11 14:09 - 2019-07-11 14:09 - 004481536 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 004348408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 004306432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 003914480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2019-07-11 14:09 - 2019-07-11 14:09 - 003837440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 003748864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 003654656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 003550720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 003525592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 003487232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 003372952 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 003243080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 002990608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2019-07-11 14:09 - 2019-07-11 14:09 - 002956984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 002876416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 002871824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe 2019-07-11 14:09 - 2019-07-11 14:09 - 002798592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2019-07-11 14:09 - 2019-07-11 14:09 - 002771008 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 002763552 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2019-07-11 14:09 - 2019-07-11 14:09 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2019-07-11 14:09 - 2019-07-11 14:09 - 002697728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 002587328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 002576384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 002494232 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 002490712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 002398208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 002306048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 002258336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 002235936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 002216448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 002081976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 002072152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 001999440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 001954960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 001866064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 001815040 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 001754232 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2019-07-11 14:09 - 2019-07-11 14:09 - 001721344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 001721144 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 001690624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 001651848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 001647280 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 001633648 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 001608192 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 001555688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 001539584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 001535288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 001509936 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2019-07-11 14:09 - 2019-07-11 14:09 - 001458176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 001413632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 001393960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 001391416 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2019-07-11 14:09 - 2019-07-11 14:09 - 001375232 _____ (Microsoft Corporation) C:\WINDOWS\system32\APMon.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 001366528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 001366128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2019-07-11 14:09 - 2019-07-11 14:09 - 001345024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 001321472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 001304888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 001273344 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 001273176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 001262864 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 001261568 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 001260032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpsharercom.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 001214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 001192096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe 2019-07-11 14:09 - 2019-07-11 14:09 - 001182232 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2019-07-11 14:09 - 2019-07-11 14:09 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 001124864 _____ (Microsoft Corporation) C:\WINDOWS\system32\CBDHSvc.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 001101312 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 001080832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 001071928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2019-07-11 14:09 - 2019-07-11 14:09 - 001067008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 001063944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 001012792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 001007104 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 001006592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 001000960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe 2019-07-11 14:09 - 2019-07-11 14:09 - 000984376 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe 2019-07-11 14:09 - 2019-07-11 14:09 - 000947200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000928776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe 2019-07-11 14:09 - 2019-07-11 14:09 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000919040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000912896 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000892696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000889656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000879792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000875008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000833536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000830976 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000829544 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioIso.exe 2019-07-11 14:09 - 2019-07-11 14:09 - 000821696 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2019-07-11 14:09 - 2019-07-11 14:09 - 000818656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000813568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000810512 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000801592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys 2019-07-11 14:09 - 2019-07-11 14:09 - 000782120 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe 2019-07-11 14:09 - 2019-07-11 14:09 - 000774152 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe 2019-07-11 14:09 - 2019-07-11 14:09 - 000772656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000771584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys 2019-07-11 14:09 - 2019-07-11 14:09 - 000769336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe 2019-07-11 14:09 - 2019-07-11 14:09 - 000751256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2019-07-11 14:09 - 2019-07-11 14:09 - 000743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000740664 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000739328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe 2019-07-11 14:09 - 2019-07-11 14:09 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000680760 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000679368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000674816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe 2019-07-11 14:09 - 2019-07-11 14:09 - 000674072 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe 2019-07-11 14:09 - 2019-07-11 14:09 - 000673152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2019-07-11 14:09 - 2019-07-11 14:09 - 000673080 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000667272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000645632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000637968 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000602432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscms.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000588464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000586552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys 2019-07-11 14:09 - 2019-07-11 14:09 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe 2019-07-11 14:09 - 2019-07-11 14:09 - 000568336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000531464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000523912 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000516752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000513336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000511288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000510768 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe 2019-07-11 14:09 - 2019-07-11 14:09 - 000509440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2019-07-11 14:09 - 2019-07-11 14:09 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS 2019-07-11 14:09 - 2019-07-11 14:09 - 000472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000464696 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000460288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000455680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys 2019-07-11 14:09 - 2019-07-11 14:09 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe 2019-07-11 14:09 - 2019-07-11 14:09 - 000443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2019-07-11 14:09 - 2019-07-11 14:09 - 000415544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\DispBroker.Desktop.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000390456 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\provplatformdesktop.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000386016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000382976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000366184 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000363008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000357376 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000353960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000350208 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000344064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000336928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe 2019-07-11 14:09 - 2019-07-11 14:09 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000324624 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys 2019-07-11 14:09 - 2019-07-11 14:09 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000317952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000316216 _____ (Microsoft Corporation) C:\WINDOWS\system32\computestorage.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys 2019-07-11 14:09 - 2019-07-11 14:09 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000307200 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000300184 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_AnalogShell.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000278528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000268216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000267528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000257536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\provplatformdesktop.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000248088 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000233984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000220680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe 2019-07-11 14:09 - 2019-07-11 14:09 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe 2019-07-11 14:09 - 2019-07-11 14:09 - 000210440 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000202040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys 2019-07-11 14:09 - 2019-07-11 14:09 - 000199176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe 2019-07-11 14:09 - 2019-07-11 14:09 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000193800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000187920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ifsutil.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000164152 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2019-07-11 14:09 - 2019-07-11 14:09 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000159232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BitLockerCsp.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000149512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ulib.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000142544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingUI.exe 2019-07-11 14:09 - 2019-07-11 14:09 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000129848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mup.sys 2019-07-11 14:09 - 2019-07-11 14:09 - 000129088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000123912 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000120352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleprn.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000115120 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe 2019-07-11 14:09 - 2019-07-11 14:09 - 000114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys 2019-07-11 14:09 - 2019-07-11 14:09 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000102216 _____ (Microsoft Corporation) C:\WINDOWS\system32\changepk.exe 2019-07-11 14:09 - 2019-07-11 14:09 - 000099712 _____ (Microsoft Corporation) C:\WINDOWS\system32\FsIso.exe 2019-07-11 14:09 - 2019-07-11 14:09 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000093496 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000093312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys 2019-07-11 14:09 - 2019-07-11 14:09 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000089544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3api.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3msm.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000084280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys 2019-07-11 14:09 - 2019-07-11 14:09 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\efsext.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000071720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000058825 _____ C:\WINDOWS\system32\srms.dat 2019-07-11 14:09 - 2019-07-11 14:09 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efsext.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeUISrv.exe 2019-07-11 14:09 - 2019-07-11 14:09 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe 2019-07-11 14:09 - 2019-07-11 14:09 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpgradeResultsUI.exe 2019-07-11 14:09 - 2019-07-11 14:09 - 000042296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe 2019-07-11 14:09 - 2019-07-11 14:09 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000036152 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe 2019-07-11 14:09 - 2019-07-11 14:09 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys 2019-07-11 14:09 - 2019-07-11 14:09 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000021304 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\pacjsworker.exe 2019-07-11 14:09 - 2019-07-11 14:09 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe 2019-07-11 14:09 - 2019-07-11 14:09 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCertResources.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6r.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3r.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll 2019-07-11 14:09 - 2019-07-11 14:09 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3r.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 017786368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 007887440 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 006224296 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 004552336 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2019-07-11 14:08 - 2019-07-11 14:08 - 004470784 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 004012032 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 004008960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 003725312 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2019-07-11 14:08 - 2019-07-11 14:08 - 003698176 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 003590968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2019-07-11 14:08 - 2019-07-11 14:08 - 003365376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe 2019-07-11 14:08 - 2019-07-11 14:08 - 003327256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 003261440 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 003106304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 003084800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 002870784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 002725376 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2019-07-11 14:08 - 2019-07-11 14:08 - 002656768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 002550584 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 002449456 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 002443264 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 002281984 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 002232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 002117160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 001979392 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 001945600 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 001918976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 001884672 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConstraintIndex.Search.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 001841152 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 001781248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 001761792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 001745920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 001743672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 001717560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 001687552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 001635328 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 001608704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 001480704 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpsharercom.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 001437184 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe 2019-07-11 14:08 - 2019-07-11 14:08 - 001413704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 001362432 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 001337656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 001250432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe 2019-07-11 14:08 - 2019-07-11 14:08 - 001149928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe 2019-07-11 14:08 - 2019-07-11 14:08 - 001146880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 001092096 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 001062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 001062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 001042944 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL 2019-07-11 14:08 - 2019-07-11 14:08 - 001040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 000910272 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 000878080 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL 2019-07-11 14:08 - 2019-07-11 14:08 - 000876856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2019-07-11 14:08 - 2019-07-11 14:08 - 000862720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 000858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe 2019-07-11 14:08 - 2019-07-11 14:08 - 000817152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys 2019-07-11 14:08 - 2019-07-11 14:08 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe 2019-07-11 14:08 - 2019-07-11 14:08 - 000735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 000706544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscms.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 000702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntime.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 000701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys 2019-07-11 14:08 - 2019-07-11 14:08 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntimewindows.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 000668160 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 000644096 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 000642008 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2019-07-11 14:08 - 2019-07-11 14:08 - 000589592 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe 2019-07-11 14:08 - 2019-07-11 14:08 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2019-07-11 14:08 - 2019-07-11 14:08 - 000531976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS 2019-07-11 14:08 - 2019-07-11 14:08 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 000481592 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe 2019-07-11 14:08 - 2019-07-11 14:08 - 000474112 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 000472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 000467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL 2019-07-11 14:08 - 2019-07-11 14:08 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.ConversationalAgent.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2019-07-11 14:08 - 2019-07-11 14:08 - 000435000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys 2019-07-11 14:08 - 2019-07-11 14:08 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 000425264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 000415800 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe 2019-07-11 14:08 - 2019-07-11 14:08 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 000388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.BlueLightReduction.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 000339520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 000337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 000336752 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 000301568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 000296976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys 2019-07-11 14:08 - 2019-07-11 14:08 - 000296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 000280576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe 2019-07-11 14:08 - 2019-07-11 14:08 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 000257536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbaudio2.sys 2019-07-11 14:08 - 2019-07-11 14:08 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 000250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys 2019-07-11 14:08 - 2019-07-11 14:08 - 000242688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe 2019-07-11 14:08 - 2019-07-11 14:08 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 000214032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ifsutil.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 000193848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys 2019-07-11 14:08 - 2019-07-11 14:08 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AarSvc.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 000182072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys 2019-07-11 14:08 - 2019-07-11 14:08 - 000180536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys 2019-07-11 14:08 - 2019-07-11 14:08 - 000180024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ulib.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe 2019-07-11 14:08 - 2019-07-11 14:08 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 000146920 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleprn.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 000142136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys 2019-07-11 14:08 - 2019-07-11 14:08 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe 2019-07-11 14:08 - 2019-07-11 14:08 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 000127296 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinAUG.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 000117048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys 2019-07-11 14:08 - 2019-07-11 14:08 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3msm.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3api.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 000088560 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe 2019-07-11 14:08 - 2019-07-11 14:08 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 000069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\monitor.sys 2019-07-11 14:08 - 2019-07-11 14:08 - 000065064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 000047000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2019-07-11 14:08 - 2019-07-11 14:08 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys 2019-07-11 14:08 - 2019-07-11 14:08 - 000028936 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmbuspipe.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilotdiag.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\bindflt.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCertResources.dll 2019-07-11 14:08 - 2019-07-11 14:08 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll 2019-07-11 14:03 - 2019-07-11 14:03 - 004470272 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe 2019-07-11 14:03 - 2019-07-11 14:03 - 000903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsFilt.dll 2019-07-11 14:03 - 2019-07-11 14:03 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsFilt.dll 2019-07-11 14:03 - 2019-07-11 14:03 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\XPSSHHDR.dll 2019-07-11 14:03 - 2019-07-11 14:03 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XPSSHHDR.dll 2019-07-11 14:03 - 2019-07-11 14:03 - 000076060 _____ C:\WINDOWS\SysWOW64\xpsrchvw.xml 2019-07-11 14:03 - 2019-07-11 14:03 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml 2019-07-11 14:02 - 2019-07-11 14:02 - 001166488 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll 2019-07-11 14:02 - 2019-07-11 14:02 - 000778912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll 2019-07-11 14:02 - 2019-07-11 14:02 - 000124568 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll 2019-07-11 14:02 - 2019-07-11 14:02 - 000103072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2019-07-11 14:02 - 2019-07-11 14:02 - 000035592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe 2019-07-11 14:02 - 2019-07-11 14:02 - 000035592 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe 2019-07-11 14:02 - 2019-07-11 14:02 - 000000000 ____D C:\Program Files\Reference Assemblies 2019-07-11 14:02 - 2019-07-11 14:02 - 000000000 ____D C:\Program Files\MSBuild 2019-07-11 14:02 - 2019-07-11 14:02 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies 2019-07-11 14:02 - 2019-07-11 14:02 - 000000000 ____D C:\Program Files (x86)\MSBuild 2019-07-11 10:53 - 2019-07-11 10:53 - 000000000 ____D C:\ProgramData\Microsoft OneDrive 2019-07-11 10:51 - 2019-07-11 10:51 - 000000000 ____D C:\Users\Harlot\AppData\Local\PackageStaging 2019-07-11 10:49 - 2019-07-11 10:49 - 000000020 ___SH C:\Users\Harlot\ntuser.ini 2019-07-11 10:47 - 2019-07-19 01:23 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2019-07-11 10:47 - 2019-07-11 10:48 - 000003398 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-07-11 10:47 - 2019-07-11 10:48 - 000003346 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2019-07-11 10:47 - 2019-07-11 10:48 - 000003152 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-07-11 10:47 - 2019-07-11 10:48 - 000002984 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-07-11 10:47 - 2019-07-11 10:48 - 000002948 _____ C:\WINDOWS\System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-07-11 10:47 - 2019-07-11 10:48 - 000002948 _____ C:\WINDOWS\System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-07-11 10:47 - 2019-07-11 10:48 - 000002948 _____ C:\WINDOWS\System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-07-11 10:47 - 2019-07-11 10:48 - 000002862 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1775122951-2766310106-2385829361-1001 2019-07-11 10:47 - 2019-07-11 10:47 - 000003196 _____ C:\WINDOWS\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-07-11 10:47 - 2019-07-11 10:47 - 000003122 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2019-07-11 10:47 - 2019-07-11 10:47 - 000002948 _____ C:\WINDOWS\System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-07-11 10:47 - 2019-07-11 10:47 - 000002914 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-07-11 10:47 - 2019-07-11 10:47 - 000002744 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-07-11 10:47 - 2019-07-11 10:47 - 000000000 ____D C:\WINDOWS\System32\Tasks\S-1-5-21-1775122951-2766310106-2385829361-1001 2019-07-11 10:46 - 2019-07-11 10:47 - 000007623 _____ C:\WINDOWS\diagwrn.xml 2019-07-11 10:46 - 2019-07-11 10:47 - 000007623 _____ C:\WINDOWS\diagerr.xml 2019-07-11 10:39 - 2019-07-12 00:37 - 000840848 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2019-07-11 10:28 - 2019-07-13 16:31 - 000000000 ____D C:\Users\Harlot 2019-07-11 10:28 - 2019-03-19 00:46 - 000001105 _____ C:\Users\Harlot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2019-07-11 10:26 - 2019-07-11 10:26 - 000000000 ____D C:\ProgramData\USOShared 2019-07-11 10:26 - 2019-06-11 21:29 - 002874368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2019-07-11 10:22 - 2019-07-19 01:15 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2019-07-11 10:22 - 2019-07-18 10:06 - 000266896 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2019-07-11 08:49 - 2019-07-03 12:20 - 001682368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll 2019-07-11 08:49 - 2019-07-03 12:20 - 000228608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys 2019-07-11 08:49 - 2019-07-03 12:20 - 000046848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll 2019-07-11 08:49 - 2019-04-17 00:44 - 000075600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys 2019-07-11 08:07 - 2019-07-11 10:49 - 000000000 ___DC C:\WINDOWS\Panther 2019-07-11 08:07 - 2019-07-11 08:07 - 008658304 _____ () C:\Users\Harlot\Downloads\XboxInstaller (1).exe 2019-07-11 08:03 - 2019-07-11 08:06 - 000000036 _____ C:\WINDOWS\progress.ini 2019-07-11 08:00 - 2019-07-11 08:03 - 000000000 ___HD C:\$GetCurrent 2019-07-11 08:00 - 2019-07-11 08:03 - 000000000 ____D C:\Windows10Upgrade 2019-07-11 08:00 - 2019-07-11 08:00 - 000000738 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10 Update Assistant.lnk 2019-07-11 08:00 - 2019-07-11 08:00 - 000000726 _____ C:\Users\Harlot\Desktop\Windows 10 Update Assistant.lnk 2019-07-11 07:59 - 2019-07-11 07:59 - 008658304 _____ () C:\Users\Harlot\Downloads\XboxInstaller.exe 2019-07-09 07:57 - 2019-07-09 07:57 - 000131858 _____ C:\Users\Harlot\Downloads\Gremlins Gizmo and Stripe by TheConMijpg 2019-07-09 07:11 - 2019-07-09 07:11 - 000018342 _____ C:\Users\Harlot\Downloads\482779_1.webp 2019-07-07 17:20 - 2019-07-07 17:20 - 000000000 ____D C:\Users\Harlot\AppData\Roaming\EasyAntiCheat 2019-07-06 01:54 - 2019-07-06 01:58 - 000000000 ____D C:\Users\Harlot\AppData\Roaming\Bioshock 2019-07-06 01:54 - 2019-07-06 01:54 - 000000000 ____D C:\Users\Harlot\Documents\Bioshock 2019-07-06 01:14 - 2019-07-06 01:14 - 000000220 _____ C:\Users\Harlot\Desktop\BioShock.url 2019-07-02 17:47 - 2019-07-11 14:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech Camera Settings 2019-07-02 17:47 - 2019-07-02 17:47 - 000001422 _____ C:\Users\Public\Desktop\Logitech Camera Settings.lnk 2019-07-02 17:47 - 2019-07-02 17:47 - 000000000 ____D C:\Program Files\Logitech 2019-07-02 17:45 - 2019-07-02 17:45 - 079800376 _____ (Logitech Europe S.A.) C:\Users\Harlot\Downloads\LogiCameraSettings_2.3.117.exe 2019-07-01 16:05 - 2019-07-11 14:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2019-07-01 16:05 - 2019-07-01 16:05 - 000001919 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2019-07-01 16:05 - 2019-06-26 13:00 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys 2019-07-01 16:05 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2019-06-27 18:35 - 2019-07-12 22:01 - 000000000 ____D C:\Users\Harlot\AppData\Local\MK11 2019-06-27 13:26 - 2019-06-27 13:26 - 000000222 _____ C:\Users\Harlot\Desktop\Mortal Kombat 11.url 2019-06-25 22:27 - 2019-06-25 22:27 - 000000000 ____D C:\Users\Harlot\AppData\Local\DeadByDaylight 2019-06-24 04:55 - 2019-06-24 04:55 - 000000222 _____ C:\Users\Harlot\Desktop\Dead by Daylight.url 2019-06-22 19:43 - 2019-06-22 19:43 - 000000285 _____ C:\Users\Harlot\Desktop\Far Cry Primal.url 2019-06-22 19:23 - 2019-06-22 19:23 - 000000290 _____ C:\Users\Harlot\Desktop\Trover Saves the Universe.url 2019-06-19 12:00 - 2019-07-11 14:21 - 000000000 ____D C:\Program Files\UNP ==================== One month (modified) ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-07-19 01:26 - 2019-02-15 19:12 - 000000000 ____D C:\ProgramData\NVIDIA 2019-07-19 01:25 - 2019-03-19 00:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2019-07-19 01:23 - 2019-03-19 00:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2019-07-18 23:55 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\AppReadiness 2019-07-18 23:34 - 2019-02-15 16:38 - 000000000 ____D C:\Program Files (x86)\Steam 2019-07-18 23:31 - 2019-02-15 16:49 - 000000000 ____D C:\Users\Harlot\AppData\Local\Battle.net 2019-07-18 21:10 - 2019-02-15 16:56 - 000000000 ____D C:\Program Files (x86)\Overwatch 2019-07-18 20:50 - 2019-02-15 16:36 - 000000000 ____D C:\Users\Harlot\AppData\Roaming\Discord 2019-07-18 09:30 - 2019-02-15 16:29 - 000000000 ____D C:\Users\Harlot\AppData\Local\VirtualStore 2019-07-18 02:08 - 2019-02-15 16:44 - 000000000 ____D C:\Users\Harlot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2019-07-17 23:40 - 2019-03-19 00:52 - 000000000 ___HD C:\Program Files\WindowsApps 2019-07-16 16:41 - 2019-02-15 16:33 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2019-07-16 16:41 - 2019-02-15 16:33 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2019-07-16 00:39 - 2019-02-15 16:51 - 000000000 ____D C:\ProgramData\Origin 2019-07-15 23:47 - 2019-02-15 17:01 - 000000000 ____D C:\Program Files (x86)\Origin Games 2019-07-15 23:47 - 2019-02-15 16:52 - 000000000 ____D C:\Users\Harlot\AppData\Roaming\Origin 2019-07-15 05:50 - 2019-03-19 00:50 - 000000000 ____D C:\WINDOWS\INF 2019-07-12 06:13 - 2019-03-08 01:53 - 000000000 ____D C:\ProgramData\Packages 2019-07-12 04:30 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\appcompat 2019-07-12 00:34 - 2019-02-16 05:57 - 000000000 ____D C:\Program Files\rempl 2019-07-12 00:08 - 2019-03-19 00:37 - 000000000 ____D C:\WINDOWS\CbsTemp 2019-07-11 19:44 - 2019-02-15 16:29 - 000000000 ____D C:\Users\Harlot\AppData\Local\Packages 2019-07-11 14:21 - 2019-05-28 09:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 4 2019-07-11 14:21 - 2019-03-21 19:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer 2019-07-11 14:21 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase 2019-07-11 14:21 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\system32\spool 2019-07-11 14:21 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\system32\oobe 2019-07-11 14:21 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\system32\NDF 2019-07-11 14:21 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2019-07-11 14:21 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\Help 2019-07-11 14:21 - 2019-03-19 00:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2019-07-11 14:21 - 2019-03-19 00:49 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template 2019-07-11 14:21 - 2019-03-05 00:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2019-07-11 14:21 - 2019-02-15 19:12 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2019-07-11 14:21 - 2019-02-15 18:55 - 000000000 ____D C:\WINDOWS\InfusedApps 2019-07-11 14:21 - 2019-02-15 18:47 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated 2019-07-11 14:21 - 2019-02-15 18:47 - 000000000 ____D C:\WINDOWS\system32\MsDtc 2019-07-11 14:21 - 2019-02-15 17:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apex Legends 2019-07-11 14:21 - 2019-02-15 17:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Overwatch 2019-07-11 14:21 - 2019-02-15 16:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin 2019-07-11 14:21 - 2019-02-15 16:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net 2019-07-11 14:21 - 2019-02-15 16:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2019-07-11 14:16 - 2019-02-15 19:12 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation 2019-07-11 14:15 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\Resources 2019-07-11 14:15 - 2019-02-15 19:12 - 000000000 ____D C:\Program Files\Realtek 2019-07-11 14:12 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\SystemResources 2019-07-11 14:12 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\system32\migwiz 2019-07-11 14:12 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\system32\appraiser 2019-07-11 14:12 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\ShellExperiences 2019-07-11 14:12 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\bcastdvr 2019-07-11 14:03 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV 2019-07-11 14:03 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT 2019-07-11 14:03 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE 2019-07-11 14:03 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX 2019-07-11 14:03 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\system32\lv-LV 2019-07-11 14:03 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\system32\lt-LT 2019-07-11 14:03 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\system32\et-EE 2019-07-11 14:03 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\system32\es-MX 2019-07-11 14:01 - 2019-03-19 00:56 - 000000000 ____D C:\WINDOWS\Setup 2019-07-11 10:50 - 2019-03-19 00:52 - 000000000 ____D C:\ProgramData\USOPrivate 2019-07-11 10:50 - 2019-02-15 16:29 - 000000000 __RHD C:\Users\Public\AccountPictures 2019-07-11 10:50 - 2019-02-15 16:29 - 000000000 ___RD C:\Users\Harlot\3D Objects 2019-07-11 10:49 - 2019-02-15 16:29 - 000000000 ____D C:\Users\Harlot\AppData\Local\ConnectedDevicesPlatform 2019-07-11 10:47 - 2019-03-19 00:52 - 000000000 ____D C:\Program Files\Windows Defender 2019-07-11 10:47 - 2019-03-19 00:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2019-07-11 10:40 - 2019-03-19 00:52 - 000000000 ___RD C:\WINDOWS\PrintDialog 2019-07-11 10:39 - 2019-03-19 00:52 - 000000000 __RHD C:\Users\Public\Libraries 2019-07-11 10:30 - 2019-02-15 16:36 - 000000000 ____D C:\Users\Harlot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc 2019-07-11 10:27 - 2019-03-21 19:42 - 000000000 ____D C:\temp 2019-07-11 10:27 - 2019-02-15 19:12 - 000000000 ____D C:\Program Files\NVIDIA Corporation 2019-07-11 10:27 - 2019-02-15 18:54 - 000000000 ____D C:\Program Files (x86)\Razer 2019-07-11 10:26 - 2019-02-15 19:13 - 000000000 ____D C:\WINDOWS\system32\DAX2 2019-07-11 10:26 - 2019-02-15 19:12 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM 2019-07-11 10:23 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\ServiceState 2019-07-11 09:03 - 2019-02-15 16:32 - 000000000 ___RD C:\Users\Harlot\OneDrive 2019-07-09 20:34 - 2019-02-16 06:06 - 000000000 ____D C:\WINDOWS\system32\MRT 2019-07-09 20:33 - 2019-02-16 06:06 - 136618864 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2019-07-09 20:22 - 2019-02-15 16:34 - 000741432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2019-07-09 06:33 - 2019-02-15 16:31 - 000000000 ____D C:\Users\Harlot\AppData\Local\PlaceholderTileLogoFolder 2019-07-08 21:01 - 2019-02-15 19:09 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2019-07-07 17:28 - 2019-03-05 17:16 - 000000000 ____D C:\Users\Harlot\AppData\Local\CrashDumps 2019-07-06 01:59 - 2019-02-15 16:47 - 000000000 ____D C:\Program Files (x86)\Battle.net 2019-07-06 01:24 - 2019-03-05 00:17 - 000001454 _____ C:\Users\Public\Desktop\GeForce Experience.lnk 2019-07-06 01:24 - 2019-02-15 19:12 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2019-07-04 03:11 - 2019-02-15 17:24 - 000001206 _____ C:\Users\Public\Desktop\Apex Legends.lnk 2019-07-03 00:22 - 2019-02-15 16:59 - 000000000 ____D C:\Users\Harlot\AppData\Local\D3DSCache 2019-07-02 18:03 - 2019-02-15 16:54 - 000000000 ____D C:\Program Files (x86)\Origin 2019-06-27 17:20 - 2019-02-15 16:47 - 000000000 ____D C:\Users\Harlot\AppData\Local\Comms 2019-06-23 07:41 - 2019-05-28 09:18 - 000001430 _____ C:\Users\Public\Desktop\The Sims 4.lnk 2019-06-22 18:50 - 2019-04-03 11:27 - 000000000 ____D C:\Program Files\Epic Games ==================== Files in the root of some directories ================ 2019-07-14 19:41 - 2019-07-14 19:41 - 000007606 _____ () C:\Users\Harlot\AppData\Local\Resmon.ResmonCfg ==================== SigCheck =============================== (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ============================

Clean with AdwCleaner # ------------------------------- # Malwarebytes AdwCleaner 7.3.0.0 # ------------------------------- # Build: 04-04-2019 # Database: 2019-07-15.1 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 07-19-2019 # Duration: 00:00:02 # OS: Windows 10 Home # Cleaned: 1 # Failed: 0 ***** [ Services ] ***** No malicious services cleaned. ***** [ Folders ] ***** No malicious folders cleaned. ***** [ Files ] ***** No malicious files cleaned. ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks cleaned. ***** [ Registry ] ***** Deleted HKCU\Software\csastats ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries cleaned. ***** [ Chromium URLs ] ***** No malicious Chromium URLs cleaned. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries cleaned. ***** [ Firefox URLs ] ***** No malicious Firefox URLs cleaned. ************************* [+] Delete Tracing Keys [+] Reset Winsock ************************* AdwCleaner[S00].txt - [1268 octets] - [19/07/2019 01:21:47] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Scan with AdwCleaner # ------------------------------- # Malwarebytes AdwCleaner 7.3.0.0 # ------------------------------- # Build: 04-04-2019 # Database: 2019-07-15.1 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Scan # ------------------------------- # Start: 07-19-2019 # Duration: 00:00:10 # OS: Windows 10 Home # Scanned: 27411 # Detected: 1 ***** [ Services ] ***** No malicious services found. ***** [ Folders ] ***** No malicious folders found. ***** [ Files ] ***** No malicious files found. ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious WMI found. ***** [ Shortcuts ] ***** No malicious shortcuts found. ***** [ Tasks ] ***** No malicious tasks found. ***** [ Registry ] ***** PUP.Optional.InstallCore HKCU\Software\csastats ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries found. ***** [ Chromium URLs ] ***** No malicious Chromium URLs found. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries found. ***** [ Firefox URLs ] ***** No malicious Firefox URLs found. ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

First scan with malwarebites -Log Details- Scan Date: 7/19/19 Scan Time: 12:50 AM Log File: c86f01ec-a9e0-11e9-a41e-4ccc6a4e41b1.json -Software Information- Version: 3.8.3.2965 Components Version: 1.0.613 Update Package Version: 1.0.11624 License: Expired -System Information- OS: Windows 10 (Build 18362.239) CPU: x64 File System: NTFS User: DESKTOP-Q018KLJ\Harlot -Scan Summary- Scan Type: Threat Scan Scan Initiated By: Manual Result: Completed Objects Scanned: 283758 Threats Detected: 1 Threats Quarantined: 1 Time Elapsed: 16 min, 15 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 0 (No malicious items detected) Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 1 Adware.FusionCore, C:\USERS\HARLOT\APPDATA\ROAMING\FREE AUDIO EDITOR NEW VERSION AVAILABLE\FREEAUDIOEDITOR.EXE, Quarantined, [7654], [676121],1.0.11624 Physical Sector: 0 (No malicious items detected) WMI: 0 (No malicious items detected) (end)

I have scanned my computer several times to get this Free Audio Editor malware off my computer. Malwarebites detects the threat, quarantines it and I delete it, but it keeps coming back after reset of the computer. How do I get this off of my computer? I'm not tech savvy so I'm unsure of what to do.