1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Solved Spam? + System detected an overrun of a stack...

Discussion in 'Virus & Other Malware Removal' started by stef1808, Nov 18, 2019.

Advertisement
  1. stef1808

    stef1808 Thread Starter

    Joined:
    Aug 1, 2015
    Messages:
    51
    stack-based buffer in this application. This overrun could potentially allow a malicious user to gain control of this application.

    Hi, I was getting this error when my PC was under load (playing games etc)

    So I decided to use windows reset using "remove everything" on the drive that windows was installed.

    Fresh from the reformat I'm now getting this (twice so far) popup/redirect when using Chrome

    https://www.viberr-update.site/viber1gr/index.html?uclick=171m1z#

    No google results and im scared its malware already?


    Tech Support Guy System Info Utility version 1.0.0.4
    OS Version: Microsoft Windows 10 Home, 64 bit
    Processor: Intel(R) Core(TM) i7-7700 CPU @ 3.60GHz, Intel64 Family 6 Model 158 Stepping 9
    Processor Count: 8
    RAM: 32727 Mb
    Graphics Card: NVIDIA GeForce GTX 1070, -1 Mb
    Hard Drives: C: 222 GB (129 GB Free); D: 222 GB (24 GB Free); E: 465 GB (257 GB Free);
    Motherboard: MSI, Z270I GAMING PRO CARBON AC (MS-7A66)
    Antivirus: Avast Antivirus, Enabled and Updated
     
  2. iMacg3

    iMacg3 Malware Specialist

    Joined:
    Nov 3, 2018
    Messages:
    645
    Hi stef1808, welcome to the Tech Support Guy malware removal forum.

    I am iMacg3 and will be helping you with your computer problems.

    Please keep the following information in mind before we begin:
    • Back up any important data before we continue.
      • Back up any important data on your computer to external media. I will not knowingly suggest any steps that will damage your computer; however, malware infections are often unpredictable and it may be necessary to reformat and reinstall your operating system depending on the infection.
    • Do not install any new software or run any fixes/tools on your system unless I request that you do so.
      • Running additional tools on your system can interfere with the clean-up process, or cause issues such as false positives.
    • Please read all instructions carefully, and complete them in the order listed.
      • Items that are especially important will be highlighted in bold or red.
    • If your computer seems to start working normally, please don't abandon the topic.
      • Even if your system is behaving normally, there may still be some malware remnants left over. Additionally, malware can re-infect the computer if some remnants are left. Therefore, please complete all requested steps to make sure any malware is successfully eradicated from your PC.
    • If you have pirated or illegal software on your computer, uninstall it now before proceeding.
      • Using pirated/cracked software is an easy way to infect your computer - almost as easy as intentionally downloading malware. Therefore, please remove any, if present, before we begin the clean-up.
    • If you have questions at any time during the cleanup, feel free to ask.
    ---------------------------------------------------
    Farbar Recovery Scan Tool (FRST)

    Download Farbar Recovery Scan Tool - 64 bit and save it to your desktop.
    • Right-click FRST64.exe then click "Run as administrator"
    • When the tool opens, click Yes to the disclaimer.
    • Press the Scan button.
    • When finished, it will produce logs called FRST.txt and Addition.txt in the same directory the tool was run from.
    • Please copy and paste the logs in your next reply.
    ---------------------------------------------------

    In your next reply, please include:
    • FRST.txt
    • Addition.txt
     
  3. stef1808

    stef1808 Thread Starter

    Joined:
    Aug 1, 2015
    Messages:
    51
    Hi iMacg3, thanks for taking this on.

    Further more I tried shutting down earlier and it wouldn't saying:
    (Close app blue screen)
    VirtualBox Interfance
    Has active connections.

    Another question, a while ago Razer Synapse software was discouraged because it logs keystrokes. I now use Synapse 2.0 - I cant find anything related to this on google - do you know if its still the case or is it safe now?

    Cheers
     
  4. stef1808

    stef1808 Thread Starter

    Joined:
    Aug 1, 2015
    Messages:
    51
    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19-11-2019
    Ran by SK (administrator) on DESKTOP-DFV1PM5 (MSI MS-7A66) (20-11-2019 18:28:31)
    Running from C:\Users\SK\Desktop
    Loaded Profiles: SK (Available Profiles: SK)
    Platform: Windows 10 Home Version 1809 17763.864 (X64) Language: English (United Kingdom)
    Default browser: Chrome
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
    (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
    (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvLaunch.exe
    (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
    (Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.exe
    (Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.exe
    (Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.exe
    (Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.exe
    (Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.6899\Agent.exe
    (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
    (F.lux Software LLC -> f.lux Software LLC) C:\Users\SK\AppData\Local\FluxSoftware\Flux\flux.exe
    (ICEpower a/s -> ICEpower) C:\Windows\System32\ICEsoundService64.exe
    (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
    (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
    (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
    (Microsoft Corporation -> Microsoft Corporation) C:\Users\SK\AppData\Local\Microsoft\OneDrive\OneDrive.exe
    (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowsstore_11911.1001.9.0_x64__8wekyb3d8bbwe\WinStore.App.exe
    (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.zunevideo_10.19101.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
    (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
    (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
    (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
    (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
    (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
    (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
    (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
    (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
    (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
    (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
    (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
    (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
    (Spotify AB) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe
    (Spotify AB) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe
    (Spotify AB) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe
    (Spotify AB) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe
    (Spotify AB) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe
    (Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    (Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
    (Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
    (Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
    (Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
    (Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
    (Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
    (Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
    (Valve -> Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe

    ==================== Registry (Whitelisted) ===================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [SynTPEnh] => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
    HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9269328 2018-11-28] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
    HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [268680 2019-11-17] (AVAST Software s.r.o. -> AVAST Software)
    HKLM-x32\...\Run: [] => [X]
    HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [601784 2019-11-01] (Razer USA Ltd. -> Razer Inc.)
    HKU\S-1-5-21-3886166584-1874284344-1482024915-1001\...\Run: [Battle.net] => C:\Program Files (x86)\Battle.net\Battle.net.exe [1109152 2019-11-17] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
    HKU\S-1-5-21-3886166584-1874284344-1482024915-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3284944 2019-11-14] (Valve -> Valve Corporation)
    HKU\S-1-5-21-3886166584-1874284344-1482024915-1001\...\Run: [f.lux] => C:\Users\SK\AppData\Local\FluxSoftware\Flux\flux.exe [1385480 2019-08-30] (F.lux Software LLC -> f.lux Software LLC)
    HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\78.0.3904.97\Installer\chrmstp.exe [2019-11-17] (Google LLC -> Google LLC)
    FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

    ==================== Scheduled Tasks (Whitelisted) ============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {147F8180-EBB5-4ED7-A316-F00EDED7C1E0} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913720 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
    Task: {5A7317C9-95C5-47E6-8619-55B9451B291F} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
    Task: {5F2BB5A8-2DA7-473E-A839-F520263F5350} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3933576 2019-11-17] (AVAST Software s.r.o. -> AVAST Software)
    Task: {5FF8AA2A-2931-461F-8D1D-157BE83ACB33} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1873288 2019-11-17] (AVAST Software s.r.o. -> AVAST Software)
    Task: {6824AFDD-452C-4BD2-90DD-861CB1D95D6A} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [862 2019-04-30] () [File not signed]
    Task: {77043DE9-34DD-4DC6-98B5-C12A7652F726} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913720 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
    Task: {78A5FBE3-9FBF-41FC-9D4F-084D1B21A79D} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-28] (NVIDIA Corporation -> NVIDIA Corporation)
    Task: {7B70F6B3-FD24-4B73-8974-5EE41F560213} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
    Task: {8282A626-5E9D-4145-B473-5546124885C8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-11-17] (Google Inc -> Google LLC)
    Task: {8C1E9F6E-740B-4F30-9A6D-5A38AC025AC2} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
    Task: {8DA8D62A-128C-48C3-AC24-4304FB32AE4C} - System32\Tasks\Microsoft\Windows\RetailDemo\CleanupOfflineContent => {61f77d5e-afe9-400b-a5e6-e9e80fc8e601} C:\Windows\System32\RDXTaskFactory.dll [411136 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
    Task: {900C7BDF-ECE8-4389-8A92-E3CA1404C7E5} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [745480 2019-04-16] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
    Task: {91503845-3978-4921-91B8-5015D1B31596} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
    Task: {A3D85B13-C9E0-4867-93B8-51538A69200A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-11-17] (Google Inc -> Google LLC)
    Task: {A82DC1B1-BA33-4817-8BC0-04C82BAE1018} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-28] (NVIDIA Corporation -> NVIDIA Corporation)
    Task: {BB9C009A-B626-4929-A3DC-9C81128D4AC9} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301928 2019-10-25] (NVIDIA Corporation -> NVIDIA Corporation)
    Task: {E2703BDB-996E-4F48-96AD-077441E6AC7C} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [654456 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
    Tcpip\..\Interfaces\{966fe902-40cf-4869-ad6e-3c23e7d2a102}: [DhcpNameServer] 192.168.1.1

    Internet Explorer:
    ==================

    FireFox:
    ========
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-17] (Google Inc -> Google LLC)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-17] (Google Inc -> Google LLC)

    Chrome:
    =======
    CHR DefaultProfile: Default
    CHR Profile: C:\Users\SK\AppData\Local\Google\Chrome\User Data\Default [2019-11-20]
    CHR Extension: (Slides) - C:\Users\SK\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-11-17]
    CHR Extension: (Docs) - C:\Users\SK\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-11-17]
    CHR Extension: (Google Drive) - C:\Users\SK\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-11-17]
    CHR Extension: (YouTube) - C:\Users\SK\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-11-17]
    CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\SK\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-11-18]
    CHR Extension: (Sheets) - C:\Users\SK\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-11-17]
    CHR Extension: (Google Docs Offline) - C:\Users\SK\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-11-17]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\SK\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-11-17]
    CHR Extension: (Gmail) - C:\Users\SK\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-11-17]
    CHR Extension: (Chrome Media Router) - C:\Users\SK\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-11-17]
    CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]

    ==================== Services (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6085360 2019-11-17] (AVAST Software s.r.o. -> AVAST Software)
    R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [996880 2019-11-17] (AVAST Software s.r.o. -> AVAST Software)
    R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-11-17] (AVAST Software s.r.o. -> AVAST Software)
    R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [529232 2018-12-07] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
    R2 ICEsoundService; C:\WINDOWS\system32\ICEsoundService64.exe [806360 2018-11-28] (ICEpower a/s -> ICEpower)
    R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6960640 2019-11-18] (Malwarebytes Inc -> Malwarebytes)
    R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-28] (NVIDIA Corporation -> NVIDIA Corporation)
    S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-28] (NVIDIA Corporation -> NVIDIA Corporation)
    S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2425136 2019-11-18] (Electronic Arts, Inc. -> Electronic Arts)
    R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3303736 2019-11-18] (Electronic Arts, Inc. -> Electronic Arts)
    S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3831576 2019-06-11] (Microsoft Corporation -> Microsoft Corporation)
    S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [110944 2018-09-15] (Microsoft Corporation -> Microsoft Corporation)
    R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

    ===================== Drivers (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
    S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
    R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37616 2019-11-17] (AVAST Software s.r.o. -> AVAST Software)
    R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [204824 2019-11-17] (AVAST Software s.r.o. -> AVAST Software)
    R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [274456 2019-11-17] (AVAST Software s.r.o. -> AVAST Software)
    R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [209552 2019-11-17] (AVAST Software s.r.o. -> AVAST Software)
    R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [65120 2019-11-17] (AVAST Software s.r.o. -> AVAST Software)
    R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16304 2019-11-17] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
    R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [276952 2019-11-17] (AVAST Software s.r.o. -> AVAST Software)
    R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42736 2019-11-17] (AVAST Software s.r.o. -> AVAST Software)
    R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [161544 2019-11-17] (AVAST Software s.r.o. -> AVAST Software)
    R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110320 2019-11-17] (AVAST Software s.r.o. -> AVAST Software)
    R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83792 2019-11-17] (AVAST Software s.r.o. -> AVAST Software)
    R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [848432 2019-11-17] (AVAST Software s.r.o. -> AVAST Software)
    R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [460448 2019-11-17] (AVAST Software s.r.o. -> AVAST Software)
    R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [236024 2019-11-17] (AVAST Software s.r.o. -> AVAST Software)
    R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [316528 2019-11-17] (AVAST Software s.r.o. -> AVAST Software)
    R2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv.sys [313112 2019-10-21] (Bluestack Systems, Inc. -> Bluestack System Inc. )
    R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [147104 2018-12-07] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
    R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [248480 2019-11-20] (Malwarebytes Inc -> Malwarebytes)
    S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-11-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
    R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [278344 2019-11-20] (Malwarebytes Inc -> Malwarebytes)
    R3 Netwtw06; C:\WINDOWS\System32\drivers\Netwtw06.sys [8723968 2018-09-15] (Microsoft Windows -> Intel Corporation)
    R1 npcap; C:\WINDOWS\system32\DRIVERS\npcap.sys [78648 2019-08-30] (Insecure.Com LLC -> Insecure.Com LLC.)
    R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1ffb45b74346b667\nvlddmkm.sys [22749640 2019-11-08] (NVIDIA Corporation -> NVIDIA Corporation)
    S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-07-23] (NVIDIA Corporation -> NVIDIA Corporation)
    S3 NVSWCFilter; C:\WINDOWS\System32\drivers\nvswcfilter.sys [53752 2019-06-27] (NVIDIA Corporation -> NVIDIA Corporation)
    R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
    R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [75600 2019-08-23] (NVIDIA Corporation -> NVIDIA Corporation)
    S3 rzbtendpt; C:\WINDOWS\System32\drivers\rzbtendpt.sys [51912 2015-08-13] (Razer Inc. -> Razer Inc)
    S3 rzdaendpt; C:\WINDOWS\System32\drivers\rzdaendpt.sys [43720 2015-08-13] (Razer Inc. -> Razer Inc)
    S3 rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [50392 2015-08-13] (Razer Inc. -> Razer Inc)
    S3 rzhnet; C:\WINDOWS\System32\Drivers\rzhnet.sys [29912 2015-08-13] (Razer Inc. -> Razer Inc)
    S3 rzjstk; C:\WINDOWS\System32\drivers\rzjstk.sys [36568 2015-08-13] (Razer Inc. -> Razer Inc)
    S3 rzkeypadendpt; C:\WINDOWS\System32\drivers\rzkeypadendpt.sys [46280 2015-08-13] (Razer Inc. -> Razer Inc)
    S3 rzmpos; C:\WINDOWS\System32\drivers\rzmpos.sys [48840 2015-08-13] (Razer Inc. -> Razer Inc)
    S3 rzp1endpt; C:\WINDOWS\System32\drivers\rzp1endpt.sys [52424 2015-08-13] (Razer Inc. -> Razer Inc)
    S3 rzvkeyboard; C:\WINDOWS\System32\drivers\rzvkeyboard.sys [44232 2015-08-13] (Razer Inc. -> Razer Inc)
    S3 rzvmouse; C:\WINDOWS\System32\drivers\rzvmouse.sys [42712 2015-08-13] (Razer Inc. -> Razer Inc)
    S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46584 2018-09-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
    S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [340008 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
    S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [61992 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
    U4 npcap_wifi; no ImagePath

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One month (created) ===================

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2019-11-20 18:28 - 2019-11-20 18:28 - 000021713 _____ C:\Users\SK\Desktop\FRST.txt
    2019-11-20 18:27 - 2019-11-20 18:27 - 000278344 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
    2019-11-20 18:27 - 2019-11-20 18:27 - 000248480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
    2019-11-20 18:22 - 2019-11-20 18:28 - 000000000 ____D C:\FRST
    2019-11-20 18:20 - 2019-11-20 18:20 - 026356160 _____ C:\Users\SK\Downloads\WebDownload_Razer_Synapse_Installer_v2.21.24.10.exe
    2019-11-20 18:17 - 2019-11-20 18:24 - 000002966 _____ C:\WINDOWS\system32\Tasks\BlueStacksHelper
    2019-11-20 18:14 - 2019-11-20 18:18 - 002260480 _____ (Farbar) C:\Users\SK\Desktop\FRST64.exe
    2019-11-20 18:14 - 2019-11-20 18:14 - 000002077 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks Multi-Instance Manager.lnk
    2019-11-20 18:14 - 2019-11-20 18:14 - 000002065 _____ C:\Users\Public\Desktop\BlueStacks Multi-Instance Manager.lnk
    2019-11-20 18:14 - 2019-11-20 18:14 - 000002065 _____ C:\ProgramData\Desktop\BlueStacks Multi-Instance Manager.lnk
    2019-11-20 18:14 - 2019-11-20 18:14 - 000001782 _____ C:\Users\Public\Desktop\BlueStacks.lnk
    2019-11-20 18:14 - 2019-11-20 18:14 - 000001782 _____ C:\ProgramData\Desktop\BlueStacks.lnk
    2019-11-20 18:14 - 2019-11-20 18:14 - 000001764 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks.lnk
    2019-11-20 18:13 - 2019-11-20 18:14 - 000000000 ____D C:\ProgramData\BlueStacks
    2019-11-20 18:13 - 2019-11-20 18:13 - 000000000 ____D C:\Program Files\BlueStacks
    2019-11-20 18:11 - 2019-11-20 18:13 - 000000000 ____D C:\Users\SK\AppData\Local\BlueStacks
    2019-11-20 18:11 - 2019-11-20 18:13 - 000000000 ____D C:\Users\Public\BlueStacks
    2019-11-20 18:11 - 2019-11-20 18:12 - 000000000 ____D C:\Users\SK\AppData\Local\BlueStacksSetup
    2019-11-20 18:10 - 2019-11-20 18:10 - 000938720 _____ (BlueStack Systems Inc.) C:\Users\SK\Downloads\BlueStacksInstaller_4.140.12.1002_native_87e9c4eeb14a57000eb75f849606dc17_Q2xhc2ggUm95YWxl.exe
    2019-11-20 18:08 - 2019-11-20 18:08 - 000075920 _____ (Daring Development Inc.) C:\Users\SK\Downloads\STAR WARS Jedi Fallen Order Trainer (2).exe
    2019-11-19 20:59 - 2019-11-19 20:59 - 000000000 ____D C:\Users\SK\AppData\Local\UnrealEngine
    2019-11-19 20:59 - 2019-11-19 20:59 - 000000000 ____D C:\Users\SK\AppData\Local\SwGame
    2019-11-19 20:58 - 2019-11-19 20:58 - 000075920 _____ (Daring Development Inc.) C:\Users\SK\Downloads\STAR WARS Jedi Fallen Order Trainer (1).exe
    2019-11-19 20:58 - 2019-11-19 20:58 - 000000000 ____D C:\Users\SK\AppData\Local\WeMod
    2019-11-19 20:52 - 2019-11-19 21:14 - 000000000 ____D C:\Users\SK\AppData\Roaming\WeMod
    2019-11-19 20:52 - 2019-11-19 20:58 - 000002142 _____ C:\Users\SK\Desktop\WeMod.lnk
    2019-11-19 20:52 - 2019-11-19 20:58 - 000000000 ____D C:\Users\SK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WeMod
    2019-11-19 20:52 - 2019-11-19 20:58 - 000000000 ____D C:\Users\SK\AppData\Local\SquirrelTemp
    2019-11-19 20:50 - 2019-11-19 20:50 - 000075920 _____ (Daring Development Inc.) C:\Users\SK\Downloads\STAR WARS Jedi Fallen Order Trainer.exe
    2019-11-18 22:31 - 2019-11-18 22:31 - 000000000 ___HD C:\Program Files\Common Files\EAInstaller
    2019-11-18 22:31 - 2019-11-18 22:31 - 000000000 ____D C:\ProgramData\Electronic Arts
    2019-11-18 22:29 - 2019-11-18 22:29 - 000001221 _____ C:\Users\SK\Desktop\WorldOfWarships - Shortcut.lnk
    2019-11-18 22:26 - 2019-11-19 20:58 - 000000000 ____D C:\Users\SK\AppData\Local\CrashDumps
    2019-11-18 22:26 - 2019-11-18 22:26 - 000000000 ____D C:\Users\SK\AppData\Local\DBG
    2019-11-18 22:26 - 2010-06-02 04:55 - 000527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
    2019-11-18 22:26 - 2010-06-02 04:55 - 000518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
    2019-11-18 22:26 - 2010-06-02 04:55 - 000239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
    2019-11-18 22:26 - 2010-06-02 04:55 - 000176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
    2019-11-18 22:26 - 2010-06-02 04:55 - 000077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
    2019-11-18 22:26 - 2010-06-02 04:55 - 000074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
    2019-11-18 22:26 - 2010-05-26 11:41 - 002526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
    2019-11-18 22:26 - 2010-05-26 11:41 - 002401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
    2019-11-18 22:26 - 2010-05-26 11:41 - 002106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
    2019-11-18 22:26 - 2010-05-26 11:41 - 001998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
    2019-11-18 22:26 - 2010-05-26 11:41 - 001907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
    2019-11-18 22:26 - 2010-05-26 11:41 - 001868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
    2019-11-18 22:26 - 2010-02-04 10:01 - 000530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll
    2019-11-18 22:26 - 2010-02-04 10:01 - 000528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll
    2019-11-18 22:26 - 2010-02-04 10:01 - 000238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll
    2019-11-18 22:26 - 2010-02-04 10:01 - 000176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll
    2019-11-18 22:26 - 2010-02-04 10:01 - 000078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll
    2019-11-18 22:26 - 2010-02-04 10:01 - 000074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll
    2019-11-18 22:26 - 2010-02-04 10:01 - 000024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
    2019-11-18 22:26 - 2010-02-04 10:01 - 000022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
    2019-11-18 22:26 - 2009-09-04 17:44 - 000517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll
    2019-11-18 22:26 - 2009-09-04 17:44 - 000515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll
    2019-11-18 22:26 - 2009-09-04 17:44 - 000238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll
    2019-11-18 22:26 - 2009-09-04 17:44 - 000176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll
    2019-11-18 22:26 - 2009-09-04 17:44 - 000073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll
    2019-11-18 22:26 - 2009-09-04 17:44 - 000069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll
    2019-11-18 22:26 - 2009-09-04 17:29 - 005554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll
    2019-11-18 22:26 - 2009-09-04 17:29 - 005501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll
    2019-11-18 22:26 - 2009-09-04 17:29 - 002582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll
    2019-11-18 22:26 - 2009-09-04 17:29 - 002475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll
    2019-11-18 22:26 - 2009-09-04 17:29 - 001974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll
    2019-11-18 22:26 - 2009-09-04 17:29 - 001892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll
    2019-11-18 22:26 - 2009-09-04 17:29 - 000523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
    2019-11-18 22:26 - 2009-09-04 17:29 - 000453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
    2019-11-18 22:26 - 2009-09-04 17:29 - 000285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll
    2019-11-18 22:26 - 2009-09-04 17:29 - 000235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll
    2019-11-18 22:26 - 2009-03-16 14:18 - 000521560 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll
    2019-11-18 22:26 - 2009-03-16 14:18 - 000517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll
    2019-11-18 22:26 - 2009-03-16 14:18 - 000235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll
    2019-11-18 22:26 - 2009-03-16 14:18 - 000174936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll
    2019-11-18 22:26 - 2009-03-16 14:18 - 000024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll
    2019-11-18 22:26 - 2009-03-16 14:18 - 000022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll
    2019-11-18 22:26 - 2009-03-09 15:27 - 005425496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll
    2019-11-18 22:26 - 2009-03-09 15:27 - 004178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll
    2019-11-18 22:26 - 2009-03-09 15:27 - 002430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll
    2019-11-18 22:26 - 2009-03-09 15:27 - 001846632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_41.dll
    2019-11-18 22:26 - 2009-03-09 15:27 - 000520544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll
    2019-11-18 22:26 - 2009-03-09 15:27 - 000453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_41.dll
    2019-11-18 22:26 - 2008-10-27 10:04 - 000518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll
    2019-11-18 22:26 - 2008-10-27 10:04 - 000514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll
    2019-11-18 22:26 - 2008-10-27 10:04 - 000235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll
    2019-11-18 22:26 - 2008-10-27 10:04 - 000175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll
    2019-11-18 22:26 - 2008-10-27 10:04 - 000074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll
    2019-11-18 22:26 - 2008-10-27 10:04 - 000070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll
    2019-11-18 22:26 - 2008-10-27 10:04 - 000025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll
    2019-11-18 22:26 - 2008-10-27 10:04 - 000023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll
    2019-11-18 22:26 - 2008-10-15 06:22 - 005631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
    2019-11-18 22:26 - 2008-10-15 06:22 - 004379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
    2019-11-18 22:26 - 2008-10-15 06:22 - 002605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
    2019-11-18 22:26 - 2008-10-15 06:22 - 002036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
    2019-11-18 22:26 - 2008-10-15 06:22 - 000519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
    2019-11-18 22:26 - 2008-10-15 06:22 - 000452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
    2019-11-18 22:26 - 2008-07-31 10:41 - 000238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll
    2019-11-18 22:26 - 2008-07-31 10:41 - 000177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll
    2019-11-18 22:26 - 2008-07-31 10:41 - 000072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll
    2019-11-18 22:26 - 2008-07-31 10:41 - 000068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll
    2019-11-18 22:26 - 2008-07-31 10:40 - 000513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll
    2019-11-18 22:26 - 2008-07-31 10:40 - 000509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll
    2019-11-18 22:26 - 2008-07-10 11:01 - 000467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
    2019-11-18 22:26 - 2008-07-10 11:00 - 004992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll
    2019-11-18 22:26 - 2008-07-10 11:00 - 003851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
    2019-11-18 22:26 - 2008-07-10 11:00 - 001942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll
    2019-11-18 22:26 - 2008-07-10 11:00 - 001493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
    2019-11-18 22:26 - 2008-07-10 11:00 - 000540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll
    2019-11-18 22:26 - 2008-05-30 14:19 - 000511496 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_1.dll
    2019-11-18 22:26 - 2008-05-30 14:19 - 000507400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_1.dll
    2019-11-18 22:26 - 2008-05-30 14:18 - 000238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_1.dll
    2019-11-18 22:26 - 2008-05-30 14:18 - 000177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll
    2019-11-18 22:26 - 2008-05-30 14:17 - 000068104 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_0.dll
    2019-11-18 22:26 - 2008-05-30 14:17 - 000065032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_0.dll
    2019-11-18 22:26 - 2008-05-30 14:17 - 000025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_4.dll
    2019-11-18 22:26 - 2008-05-30 14:16 - 000028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_4.dll
    2019-11-18 22:26 - 2008-05-30 14:11 - 004991496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll
    2019-11-18 22:26 - 2008-05-30 14:11 - 003850760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_38.dll
    2019-11-18 22:26 - 2008-05-30 14:11 - 001941528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll
    2019-11-18 22:26 - 2008-05-30 14:11 - 001491992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_38.dll
    2019-11-18 22:26 - 2008-05-30 14:11 - 000540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll
    2019-11-18 22:26 - 2008-05-30 14:11 - 000467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_38.dll
    2019-11-18 22:26 - 2008-03-05 16:04 - 000489480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_0.dll
    2019-11-18 22:26 - 2008-03-05 16:03 - 000479752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_0.dll
    2019-11-18 22:26 - 2008-03-05 16:03 - 000238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_0.dll
    2019-11-18 22:26 - 2008-03-05 16:03 - 000177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_0.dll
    2019-11-18 22:26 - 2008-03-05 16:00 - 000028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_3.dll
    2019-11-18 22:26 - 2008-03-05 16:00 - 000025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_3.dll
    2019-11-18 22:26 - 2008-03-05 15:56 - 004910088 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_37.dll
    2019-11-18 22:26 - 2008-03-05 15:56 - 003786760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_37.dll
    2019-11-18 22:26 - 2008-03-05 15:56 - 001860120 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_37.dll
    2019-11-18 22:26 - 2008-03-05 15:56 - 001420824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_37.dll
    2019-11-18 22:26 - 2008-02-05 23:07 - 000529424 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_37.dll
    2019-11-18 22:26 - 2008-02-05 23:07 - 000462864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_37.dll
    2019-11-18 22:26 - 2007-10-22 03:40 - 000411656 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_10.dll
    2019-11-18 22:26 - 2007-10-22 03:39 - 000267272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_10.dll
    2019-11-18 22:26 - 2007-10-22 03:37 - 000021000 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_2.dll
    2019-11-18 22:26 - 2007-10-22 03:37 - 000017928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_2.dll
    2019-11-18 22:26 - 2007-10-12 15:14 - 005081608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_36.dll
    2019-11-18 22:26 - 2007-10-12 15:14 - 003734536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_36.dll
    2019-11-18 22:26 - 2007-10-12 15:14 - 002006552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_36.dll
    2019-11-18 22:26 - 2007-10-12 15:14 - 001374232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_36.dll
    2019-11-18 22:26 - 2007-10-02 09:56 - 000508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_36.dll
    2019-11-18 22:26 - 2007-10-02 09:56 - 000444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_36.dll
    2019-11-18 22:26 - 2007-07-20 00:57 - 000411496 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_9.dll
    2019-11-18 22:26 - 2007-07-20 00:57 - 000267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_9.dll
    2019-11-18 22:26 - 2007-07-19 18:14 - 005073256 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll
    2019-11-18 22:26 - 2007-07-19 18:14 - 003727720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_35.dll
    2019-11-18 22:26 - 2007-07-19 18:14 - 001985904 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll
    2019-11-18 22:26 - 2007-07-19 18:14 - 001358192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_35.dll
    2019-11-18 22:26 - 2007-07-19 18:14 - 000508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll
    2019-11-18 22:26 - 2007-07-19 18:14 - 000444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_35.dll
    2019-11-18 22:26 - 2007-06-20 20:49 - 000409960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_8.dll
    2019-11-18 22:26 - 2007-06-20 20:46 - 000266088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_8.dll
    2019-11-18 22:26 - 2007-05-16 16:45 - 004496232 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_34.dll
    2019-11-18 22:26 - 2007-05-16 16:45 - 003497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll
    2019-11-18 22:26 - 2007-05-16 16:45 - 001401200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_34.dll
    2019-11-18 22:26 - 2007-05-16 16:45 - 001124720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_34.dll
    2019-11-18 22:26 - 2007-05-16 16:45 - 000506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_34.dll
    2019-11-18 22:26 - 2007-05-16 16:45 - 000443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_34.dll
    2019-11-18 22:26 - 2007-04-04 18:55 - 000403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll
    2019-11-18 22:26 - 2007-04-04 18:55 - 000261480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_7.dll
    2019-11-18 22:26 - 2007-04-04 18:54 - 000107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
    2019-11-18 22:26 - 2007-04-04 18:53 - 000081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
    2019-11-18 22:26 - 2007-03-15 16:57 - 000506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll
    2019-11-18 22:26 - 2007-03-15 16:57 - 000443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_33.dll
    2019-11-18 22:26 - 2007-03-12 16:42 - 004494184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll
    2019-11-18 22:26 - 2007-03-12 16:42 - 003495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll
    2019-11-18 22:26 - 2007-03-12 16:42 - 001400176 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll
    2019-11-18 22:26 - 2007-03-12 16:42 - 001123696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_33.dll
    2019-11-18 22:26 - 2007-03-05 12:42 - 000017688 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll
    2019-11-18 22:26 - 2007-03-05 12:42 - 000015128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_1.dll
    2019-11-18 22:26 - 2007-01-24 15:27 - 000393576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll
    2019-11-18 22:26 - 2007-01-24 15:27 - 000255848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_6.dll
    2019-11-18 22:26 - 2006-12-08 12:02 - 000251672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_5.dll
    2019-11-18 22:26 - 2006-12-08 12:00 - 000390424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_5.dll
    2019-11-18 22:26 - 2006-11-29 13:06 - 004398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
    2019-11-18 22:26 - 2006-11-29 13:06 - 003426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
    2019-11-18 22:26 - 2006-11-29 13:06 - 000469264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10.dll
    2019-11-18 22:26 - 2006-11-29 13:06 - 000440080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10.dll
    2019-11-18 22:26 - 2006-09-28 16:05 - 003977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll
    2019-11-18 22:26 - 2006-09-28 16:05 - 002414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll
    2019-11-18 22:26 - 2006-09-28 16:05 - 000237848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_4.dll
    2019-11-18 22:26 - 2006-09-28 16:04 - 000364824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll
    2019-11-18 22:26 - 2006-07-28 09:31 - 000083736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll
    2019-11-18 22:26 - 2006-07-28 09:30 - 000363288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll
    2019-11-18 22:26 - 2006-07-28 09:30 - 000236824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_3.dll
    2019-11-18 22:26 - 2006-07-28 09:30 - 000062744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_2.dll
    2019-11-18 22:26 - 2006-05-31 07:24 - 000230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll
    2019-11-18 22:26 - 2006-05-31 07:22 - 000354072 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll
    2019-11-18 22:26 - 2006-03-31 12:41 - 003927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll
    2019-11-18 22:26 - 2006-03-31 12:40 - 002388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll
    2019-11-18 22:26 - 2006-03-31 12:40 - 000352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll
    2019-11-18 22:26 - 2006-03-31 12:39 - 000229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll
    2019-11-18 22:26 - 2006-03-31 12:39 - 000083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll
    2019-11-18 22:26 - 2006-03-31 12:39 - 000062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll
    2019-11-18 22:26 - 2006-02-03 08:43 - 003830992 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll
    2019-11-18 22:26 - 2006-02-03 08:43 - 002332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll
    2019-11-18 22:26 - 2006-02-03 08:42 - 000355536 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll
    2019-11-18 22:26 - 2006-02-03 08:42 - 000230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll
    2019-11-18 22:26 - 2006-02-03 08:41 - 000016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll
    2019-11-18 22:26 - 2006-02-03 08:41 - 000014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll
    2019-11-18 22:26 - 2005-12-05 18:09 - 003815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll
    2019-11-18 22:26 - 2005-12-05 18:09 - 002323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll
    2019-11-18 22:26 - 2005-07-22 19:59 - 003807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll
    2019-11-18 22:26 - 2005-07-22 19:59 - 002319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll
    2019-11-18 22:26 - 2005-05-26 15:34 - 003767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
    2019-11-18 22:26 - 2005-05-26 15:34 - 002297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll
    2019-11-18 22:26 - 2005-03-18 17:19 - 003823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll
    2019-11-18 22:26 - 2005-03-18 17:19 - 002337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
    2019-11-18 22:26 - 2005-02-05 19:45 - 003544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll
    2019-11-18 22:26 - 2005-02-05 19:45 - 002222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll
    2019-11-18 22:25 - 2019-11-18 22:25 - 000001066 _____ C:\Users\Public\Desktop\Origin.lnk
    2019-11-18 22:25 - 2019-11-18 22:25 - 000001066 _____ C:\ProgramData\Desktop\Origin.lnk
    2019-11-18 22:25 - 2019-11-18 22:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
    2019-11-18 22:25 - 2019-11-18 22:25 - 000000000 ____D C:\Program Files (x86)\Origin
    2019-11-18 22:20 - 2019-11-19 21:14 - 000000000 ____D C:\Users\SK\AppData\Roaming\Origin
    2019-11-18 22:20 - 2019-11-19 21:14 - 000000000 ____D C:\ProgramData\Origin
    2019-11-18 22:20 - 2019-11-18 22:26 - 000000000 ____D C:\Users\SK\AppData\Local\Origin
    2019-11-18 22:20 - 2019-11-18 22:20 - 000000000 ____D C:\Users\SK\.QtWebEngineProcess
    2019-11-18 22:20 - 2019-11-18 22:20 - 000000000 ____D C:\Users\SK\.Origin
    2019-11-18 20:58 - 2019-11-18 20:58 - 000001128 _____ C:\Users\Public\Desktop\OpenOffice 4.1.7.lnk
    2019-11-18 20:58 - 2019-11-18 20:58 - 000001128 _____ C:\ProgramData\Desktop\OpenOffice 4.1.7.lnk
    2019-11-18 20:58 - 2019-11-18 20:58 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.7
    2019-11-18 20:58 - 2019-11-18 20:58 - 000000000 ____D C:\Users\SK\AppData\Roaming\OpenOffice
    2019-11-18 20:58 - 2019-11-18 20:58 - 000000000 ____D C:\Program Files (x86)\OpenOffice 4
    2019-11-18 20:57 - 2019-11-18 20:57 - 000000000 ____D C:\Users\SK\Desktop\OpenOffice 4.1.7 (en-GB) Installation Files
    2019-11-18 20:53 - 2019-11-18 20:54 - 134069066 _____ C:\Users\SK\Downloads\Apache_OpenOffice_4.1.7_Win_x86_install_en-GB.exe
    2019-11-18 19:36 - 2019-11-18 19:36 - 000000247 _____ C:\Users\SK\Desktop\rl.txt
    2019-11-18 19:33 - 2019-11-18 22:26 - 000000000 ____D C:\Users\SK\AppData\Local\D3DSCache
    2019-11-18 19:13 - 2019-11-20 18:22 - 000000000 ____D C:\Users\SK\AppData\Local\Razer
    2019-11-18 19:13 - 2019-11-20 18:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
    2019-11-18 19:13 - 2019-11-18 19:13 - 000000000 ____D C:\Users\SK\AppData\Roaming\Synapse3
    2019-11-18 19:13 - 2019-11-18 19:13 - 000000000 ____D C:\temp
    2019-11-18 19:12 - 2019-11-20 18:27 - 000000000 ____D C:\Program Files (x86)\Razer
    2019-11-18 19:10 - 2019-11-18 19:10 - 000001086 _____ C:\Users\Public\Desktop\World of Warcraft Classic.lnk
    2019-11-18 19:10 - 2019-11-18 19:10 - 000001086 _____ C:\ProgramData\Desktop\World of Warcraft Classic.lnk
    2019-11-18 19:10 - 2019-11-18 19:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft Classic
    2019-11-18 19:04 - 2019-11-20 18:23 - 000000000 ____D C:\ProgramData\Razer
    2019-11-18 19:03 - 2019-11-18 19:04 - 004777808 _____ (Razer Inc.) C:\Users\SK\Downloads\RazerSynapseInstaller_V1.0.114.147.exe
    2019-11-18 17:33 - 2019-11-18 17:33 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
    2019-11-18 17:33 - 2019-11-18 17:33 - 000002021 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
    2019-11-18 17:33 - 2019-11-18 17:33 - 000000000 ____D C:\Users\SK\AppData\Local\mbamtray
    2019-11-18 17:33 - 2019-11-18 17:33 - 000000000 ____D C:\Users\SK\AppData\Local\mbam
    2019-11-18 17:33 - 2019-11-18 17:33 - 000000000 ____D C:\Users\SK\AppData\Local\cache
    2019-11-18 17:33 - 2019-11-18 17:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
    2019-11-18 17:33 - 2019-11-18 17:32 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
    2019-11-18 17:33 - 2019-11-18 17:32 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
    2019-11-18 17:32 - 2019-11-18 17:32 - 000000000 ____D C:\ProgramData\Malwarebytes
    2019-11-18 17:29 - 2019-11-18 17:29 - 000000000 ____D C:\Program Files\Malwarebytes
    2019-11-18 17:22 - 2019-11-18 17:22 - 001883976 _____ (Malwarebytes) C:\Users\SK\Downloads\MBSetup.exe
    2019-11-18 17:22 - 2019-11-18 17:22 - 000002145 _____ C:\Users\SK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\f.lux.lnk
    2019-11-18 17:22 - 2019-11-18 17:22 - 000000000 ____D C:\Users\SK\AppData\Local\FluxSoftware
    2019-11-18 17:20 - 2019-11-18 17:21 - 000654152 _____ C:\Users\SK\Downloads\flux-setup.exe
    2019-11-18 17:00 - 2019-11-18 17:00 - 000000000 ___HD C:\$SysReset
    2019-11-18 16:58 - 2019-11-18 16:59 - 000748192 _____ (TechGuy, Inc.) C:\Users\SK\Downloads\SysInfo.exe
    2019-11-18 13:54 - 2019-11-18 13:54 - 000000000 ____D C:\Users\SK\AppData\LocalLow\Deep Water Studio
    2019-11-18 13:53 - 2019-11-18 13:53 - 000000000 ____D C:\Users\SK\Documents\Project CARS 2
    2019-11-18 13:53 - 2019-11-18 13:53 - 000000000 ____D C:\Users\SK\AppData\LocalLow\DeadToast Entertainment
    2019-11-18 13:52 - 2019-11-18 13:52 - 000000000 ____D C:\Program Files\UNP
    2019-11-18 13:48 - 2019-11-18 13:48 - 000000000 ____D C:\Users\SK\ansel
    2019-11-18 00:18 - 2019-11-18 00:19 - 000000000 ____D C:\WINDOWS\system32\MRT
    2019-11-18 00:18 - 2019-11-18 00:18 - 128443096 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
    2019-11-18 00:03 - 2019-11-18 00:03 - 000000000 _SHDL C:\Users\Default User
    2019-11-18 00:03 - 2019-11-18 00:03 - 000000000 _SHDL C:\Users\All Users
    2019-11-18 00:03 - 2019-11-18 00:03 - 000000000 _SHDL C:\Documents and Settings
    2019-11-18 00:02 - 2019-11-20 18:27 - 000000000 ____D C:\ProgramData\NVIDIA
    2019-11-18 00:02 - 2019-11-18 01:07 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
    2019-11-18 00:02 - 2019-11-18 00:02 - 000000000 ____H C:\ProgramData\DP45977C.lfl
    2019-11-18 00:02 - 2019-11-18 00:02 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
    2019-11-18 00:02 - 2019-11-18 00:02 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
    2019-11-18 00:02 - 2019-11-18 00:02 - 000000000 ____D C:\WINDOWS\system32\DAX3
    2019-11-18 00:02 - 2019-11-18 00:02 - 000000000 ____D C:\WINDOWS\system32\DAX2
    2019-11-18 00:02 - 2019-11-18 00:02 - 000000000 ____D C:\Program Files\Realtek
    2019-11-18 00:02 - 2019-11-17 23:07 - 000000000 ____D C:\Program Files\NVIDIA Corporation
    2019-11-18 00:02 - 2019-11-17 23:07 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
    2019-11-18 00:02 - 2019-11-07 02:35 - 005549688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
    2019-11-18 00:02 - 2019-11-07 02:35 - 002650992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
    2019-11-18 00:02 - 2019-11-07 02:35 - 001767264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
    2019-11-18 00:02 - 2019-11-07 02:35 - 000668016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
    2019-11-18 00:02 - 2019-11-07 02:35 - 000454680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
    2019-11-18 00:02 - 2019-11-07 02:35 - 000129576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
    2019-11-18 00:02 - 2019-11-07 02:35 - 000083576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
    2019-11-18 00:02 - 2019-11-06 15:19 - 008782162 _____ C:\WINDOWS\system32\nvcoproc.bin
    2019-11-18 00:02 - 2019-10-09 14:19 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
    2019-11-18 00:01 - 2019-11-20 18:27 - 000291872 _____ C:\WINDOWS\system32\FNTCACHE.DAT
    2019-11-18 00:01 - 2019-11-20 18:27 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
    2019-11-18 00:01 - 2019-11-19 20:40 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
    2019-11-18 00:01 - 2019-11-18 00:01 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
    2019-11-18 00:01 - 2019-11-18 00:01 - 000000000 ____D C:\WINDOWS\ServiceProfiles
    2019-11-17 23:57 - 2019-11-17 22:04 - 000000000 ____D C:\Windows.old
    2019-11-17 23:55 - 2019-11-17 23:55 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
    2019-11-17 23:55 - 2019-11-17 23:55 - 000000000 ____D C:\WINDOWS\Setup
    2019-11-17 23:55 - 2019-11-17 23:55 - 000000000 ____D C:\ProgramData\USOShared
    2019-11-17 23:53 - 2019-11-17 23:53 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
    2019-11-17 23:53 - 2019-11-17 23:53 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
    2019-11-17 23:53 - 2019-11-17 23:53 - 000000000 ____D C:\WINDOWS\SysWOW64\sysprep
    2019-11-17 23:53 - 2019-11-17 23:53 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
    2019-11-17 23:53 - 2019-11-17 23:53 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
    2019-11-17 23:53 - 2019-11-17 23:53 - 000000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync
    2019-11-17 23:53 - 2019-11-17 23:53 - 000000000 ____D C:\WINDOWS\SysWOW64\0409
    2019-11-17 23:53 - 2019-11-17 23:53 - 000000000 ____D C:\WINDOWS\system32\winrm
    2019-11-17 23:53 - 2019-11-17 23:53 - 000000000 ____D C:\WINDOWS\system32\WCN
    2019-11-17 23:53 - 2019-11-17 23:53 - 000000000 ____D C:\WINDOWS\system32\slmgr
    2019-11-17 23:53 - 2019-11-17 23:53 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
    2019-11-17 23:53 - 2019-11-17 23:53 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
    2019-11-17 23:53 - 2019-11-17 23:53 - 000000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync
    2019-11-17 23:53 - 2019-11-17 23:53 - 000000000 ____D C:\WINDOWS\system32\0409
    2019-11-17 23:53 - 2019-11-17 23:53 - 000000000 ____D C:\WINDOWS\OCR
    2019-11-17 23:53 - 2019-11-17 23:53 - 000000000 ____D C:\WINDOWS\DigitalLocker
    2019-11-17 23:53 - 2019-11-17 23:53 - 000000000 ____D C:\Program Files\Reference Assemblies
    2019-11-17 23:53 - 2019-11-17 23:53 - 000000000 ____D C:\Program Files\MSBuild
    2019-11-17 23:53 - 2019-11-17 23:53 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
    2019-11-17 23:53 - 2019-11-17 23:53 - 000000000 ____D C:\Program Files (x86)\MSBuild
    2019-11-17 23:52 - 2019-09-04 21:44 - 000835480 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
    2019-11-17 23:52 - 2019-09-04 21:44 - 000179816 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
    2019-11-17 23:51 - 2019-11-17 23:57 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
    2019-11-17 23:51 - 2019-11-17 23:55 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
    2019-11-17 23:51 - 2019-11-17 23:55 - 000018002 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
    2019-11-17 23:51 - 2019-11-17 23:50 - 000215943 _____ C:\WINDOWS\SysWOW64\dssec.dat
    2019-11-17 23:51 - 2019-11-17 23:50 - 000207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
    2019-11-17 23:51 - 2019-11-17 23:50 - 000017635 _____ C:\WINDOWS\system32\Drivers\etc\services
    2019-11-17 23:51 - 2019-11-17 23:50 - 000003683 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts.sam
    2019-11-17 23:51 - 2019-11-17 23:50 - 000003103 _____ C:\WINDOWS\SysWOW64\mmc.exe.config
    2019-11-17 23:51 - 2019-11-17 23:50 - 000001358 _____ C:\WINDOWS\system32\Drivers\etc\protocol
    2019-11-17 23:51 - 2019-11-17 23:50 - 000000741 _____ C:\WINDOWS\SysWOW64\NOISE.DAT
    2019-11-17 23:51 - 2019-11-17 23:50 - 000000407 _____ C:\WINDOWS\system32\Drivers\etc\networks
    2019-11-17 23:51 - 2019-11-17 23:49 - 000231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
    2019-11-17 23:51 - 2019-11-17 23:49 - 000215943 _____ C:\WINDOWS\system32\dssec.dat
    2019-11-17 23:51 - 2019-11-17 23:49 - 000003103 _____ C:\WINDOWS\system32\mmc.exe.config
    2019-11-17 23:51 - 2019-11-17 23:49 - 000000858 _____ C:\WINDOWS\system32\DefaultQuestions.json
    2019-11-17 23:51 - 2019-11-17 23:49 - 000000741 _____ C:\WINDOWS\system32\NOISE.DAT
    2019-11-17 23:51 - 2019-11-17 23:49 - 000000219 _____ C:\WINDOWS\system.ini
    2019-11-17 23:51 - 2019-11-17 23:49 - 000000092 _____ C:\WINDOWS\win.ini
    2019-11-17 23:50 - 2019-11-20 18:28 - 000000000 ____D C:\WINDOWS\INF
    2019-11-17 23:50 - 2019-11-20 18:08 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
    2019-11-17 23:50 - 2019-11-19 20:02 - 000000000 ___HD C:\Program Files\WindowsApps
    2019-11-17 23:50 - 2019-11-19 20:02 - 000000000 ____D C:\WINDOWS\AppReadiness
    2019-11-17 23:50 - 2019-11-18 22:25 - 000000000 ___RD C:\Program Files (x86)
    2019-11-17 23:50 - 2019-11-18 20:57 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
    2019-11-17 23:50 - 2019-11-18 17:33 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
    2019-11-17 23:50 - 2019-11-18 13:51 - 000000000 ____D C:\WINDOWS\appcompat
    2019-11-17 23:50 - 2019-11-18 00:02 - 000000000 ___RD C:\WINDOWS\PrintDialog
    2019-11-17 23:50 - 2019-11-18 00:02 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
    2019-11-17 23:50 - 2019-11-18 00:02 - 000000000 ____D C:\WINDOWS\Help
    2019-11-17 23:50 - 2019-11-17 23:55 - 000000000 ___SD C:\WINDOWS\system32\UNP
    2019-11-17 23:50 - 2019-11-17 23:55 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
    2019-11-17 23:50 - 2019-11-17 23:55 - 000000000 ___RD C:\Program Files\Windows Defender
    2019-11-17 23:50 - 2019-11-17 23:55 - 000000000 ____D C:\WINDOWS\TextInput
    2019-11-17 23:50 - 2019-11-17 23:55 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
    2019-11-17 23:50 - 2019-11-17 23:55 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
    2019-11-17 23:50 - 2019-11-17 23:55 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
    2019-11-17 23:50 - 2019-11-17 23:55 - 000000000 ____D C:\WINDOWS\system32\oobe
    2019-11-17 23:50 - 2019-11-17 23:55 - 000000000 ____D C:\WINDOWS\system32\migwiz
    2019-11-17 23:50 - 2019-11-17 23:55 - 000000000 ____D C:\WINDOWS\system32\Dism
    2019-11-17 23:50 - 2019-11-17 23:55 - 000000000 ____D C:\WINDOWS\system32\appraiser
    2019-11-17 23:50 - 2019-11-17 23:55 - 000000000 ____D C:\WINDOWS\ShellExperiences
    2019-11-17 23:50 - 2019-11-17 23:55 - 000000000 ____D C:\WINDOWS\ShellComponents
    2019-11-17 23:50 - 2019-11-17 23:55 - 000000000 ____D C:\WINDOWS\Provisioning
    2019-11-17 23:50 - 2019-11-17 23:55 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
    2019-11-17 23:50 - 2019-11-17 23:55 - 000000000 ____D C:\WINDOWS\bcastdvr
    2019-11-17 23:50 - 2019-11-17 23:55 - 000000000 ____D C:\Program Files\Windows Photo Viewer
    2019-11-17 23:50 - 2019-11-17 23:55 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
    2019-11-17 23:50 - 2019-11-17 23:53 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
    2019-11-17 23:50 - 2019-11-17 23:53 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
    2019-11-17 23:50 - 2019-11-17 23:53 - 000000000 ___SD C:\WINDOWS\system32\F12
     
  5. stef1808

    stef1808 Thread Starter

    Joined:
    Aug 1, 2015
    Messages:
    51
    2019-11-17 23:50 - 2019-11-17 23:53 - 000000000 ___SD C:\WINDOWS\system32\dsc
    2019-11-17 23:50 - 2019-11-17 23:53 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
    2019-11-17 23:50 - 2019-11-17 23:53 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
    2019-11-17 23:50 - 2019-11-17 23:53 - 000000000 ____D C:\WINDOWS\SysWOW64\com
    2019-11-17 23:50 - 2019-11-17 23:53 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
    2019-11-17 23:50 - 2019-11-17 23:53 - 000000000 ____D C:\WINDOWS\system32\Sysprep
    2019-11-17 23:50 - 2019-11-17 23:53 - 000000000 ____D C:\WINDOWS\system32\setup
    2019-11-17 23:50 - 2019-11-17 23:53 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
    2019-11-17 23:50 - 2019-11-17 23:53 - 000000000 ____D C:\WINDOWS\system32\MUI
    2019-11-17 23:50 - 2019-11-17 23:53 - 000000000 ____D C:\WINDOWS\system32\com
    2019-11-17 23:50 - 2019-11-17 23:53 - 000000000 ____D C:\WINDOWS\IME
    2019-11-17 23:50 - 2019-11-17 23:53 - 000000000 ____D C:\Program Files\Common Files\system
    2019-11-17 23:50 - 2019-11-17 23:53 - 000000000 ____D C:\Program Files (x86)\Windows Defender
    2019-11-17 23:50 - 2019-11-17 23:51 - 000000000 __RSD C:\WINDOWS\media
    2019-11-17 23:50 - 2019-11-17 23:51 - 000000000 __RHD C:\Users\Public\Libraries
    2019-11-17 23:50 - 2019-11-17 23:51 - 000000000 ___SD C:\WINDOWS\SysWOW64\Nui
    2019-11-17 23:50 - 2019-11-17 23:51 - 000000000 ___SD C:\WINDOWS\system32\Nui
    2019-11-17 23:50 - 2019-11-17 23:51 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
    2019-11-17 23:50 - 2019-11-17 23:51 - 000000000 ___RD C:\WINDOWS\Offline Web Pages
    2019-11-17 23:50 - 2019-11-17 23:51 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
    2019-11-17 23:50 - 2019-11-17 23:51 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
    2019-11-17 23:50 - 2019-11-17 23:51 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
    2019-11-17 23:50 - 2019-11-17 23:51 - 000000000 ____D C:\WINDOWS\SysWOW64\icsxml
    2019-11-17 23:50 - 2019-11-17 23:51 - 000000000 ____D C:\WINDOWS\SysWOW64\downlevel
    2019-11-17 23:50 - 2019-11-17 23:51 - 000000000 ____D C:\WINDOWS\SysWOW64\Bthprops
    2019-11-17 23:50 - 2019-11-17 23:51 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
    2019-11-17 23:50 - 2019-11-17 23:51 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
    2019-11-17 23:50 - 2019-11-17 23:51 - 000000000 ____D C:\WINDOWS\system32\ti-et
    2019-11-17 23:50 - 2019-11-17 23:51 - 000000000 ____D C:\WINDOWS\system32\ta-lk
    2019-11-17 23:50 - 2019-11-17 23:51 - 000000000 ____D C:\WINDOWS\system32\ta-in
    2019-11-17 23:50 - 2019-11-17 23:51 - 000000000 ____D C:\WINDOWS\system32\si-lk
    2019-11-17 23:50 - 2019-11-17 23:51 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
    2019-11-17 23:50 - 2019-11-17 23:51 - 000000000 ____D C:\WINDOWS\system32\Sgrm
    2019-11-17 23:50 - 2019-11-17 23:51 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
    2019-11-17 23:50 - 2019-11-17 23:51 - 000000000 ____D C:\WINDOWS\system32\my-mm
    2019-11-17 23:50 - 2019-11-17 23:51 - 000000000 ____D C:\WINDOWS\system32\MsDtc
    2019-11-17 23:50 - 2019-11-17 23:51 - 000000000 ____D C:\WINDOWS\system32\icsxml
    2019-11-17 23:50 - 2019-11-17 23:51 - 000000000 ____D C:\WINDOWS\system32\ias
    2019-11-17 23:50 - 2019-11-17 23:51 - 000000000 ____D C:\WINDOWS\system32\downlevel
    2019-11-17 23:50 - 2019-11-17 23:51 - 000000000 ____D C:\WINDOWS\system32\DDFs
    2019-11-17 23:50 - 2019-11-17 23:51 - 000000000 ____D C:\WINDOWS\system32\Bthprops
    2019-11-17 23:50 - 2019-11-17 23:51 - 000000000 ____D C:\WINDOWS\system32\am-et
    2019-11-17 23:50 - 2019-11-17 23:51 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
    2019-11-17 23:50 - 2019-11-17 23:51 - 000000000 ____D C:\WINDOWS\Registration
    2019-11-17 23:50 - 2019-11-17 23:51 - 000000000 ____D C:\WINDOWS\L2Schemas
    2019-11-17 23:50 - 2019-11-17 23:51 - 000000000 ____D C:\WINDOWS\IdentityCRL
    2019-11-17 23:50 - 2019-11-17 23:51 - 000000000 ____D C:\WINDOWS\Cursors
    2019-11-17 23:50 - 2019-11-17 23:51 - 000000000 ____D C:\WINDOWS\addins
    2019-11-17 23:50 - 2019-11-17 23:51 - 000000000 ____D C:\Program Files\Windows Portable Devices
    2019-11-17 23:50 - 2019-11-17 23:51 - 000000000 ____D C:\Program Files\Windows Multimedia Platform
    2019-11-17 23:50 - 2019-11-17 23:51 - 000000000 ____D C:\Program Files\Common Files\Services
    2019-11-17 23:50 - 2019-11-17 23:51 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices
    2019-11-17 23:50 - 2019-11-17 23:51 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
    2019-11-17 23:50 - 2019-11-17 23:50 - 000000000 __SHD C:\Program Files\Windows Sidebar
    2019-11-17 23:50 - 2019-11-17 23:50 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar
    2019-11-17 23:50 - 2019-11-17 23:50 - 000000000 ___SD C:\WINDOWS\SysWOW64\Configuration
    2019-11-17 23:50 - 2019-11-17 23:50 - 000000000 ___SD C:\WINDOWS\system32\Configuration
    2019-11-17 23:50 - 2019-11-17 23:50 - 000000000 ___HD C:\WINDOWS\LanguageOverlayCache
    2019-11-17 23:50 - 2019-11-17 23:50 - 000000000 ____D C:\WINDOWS\Web
    2019-11-17 23:50 - 2019-11-17 23:50 - 000000000 ____D C:\WINDOWS\WaaS
    2019-11-17 23:50 - 2019-11-17 23:50 - 000000000 ____D C:\WINDOWS\Vss
    2019-11-17 23:50 - 2019-11-17 23:50 - 000000000 ____D C:\WINDOWS\tracing
    2019-11-17 23:50 - 2019-11-17 23:50 - 000000000 ____D C:\WINDOWS\TAPI
    2019-11-17 23:50 - 2019-11-17 23:50 - 000000000 ____D C:\WINDOWS\SysWOW64\SMI
    2019-11-17 23:50 - 2019-11-17 23:50 - 000000000 ____D C:\WINDOWS\SysWOW64\ras
    2019-11-17 23:50 - 2019-11-17 23:50 - 000000000 ____D C:\WINDOWS\SysWOW64\NDF
    2019-11-17 23:50 - 2019-11-17 23:50 - 000000000 ____D C:\WINDOWS\SysWOW64\Msdtc
    2019-11-17 23:50 - 2019-11-17 23:50 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
    2019-11-17 23:50 - 2019-11-17 23:50 - 000000000 ____D C:\WINDOWS\SysWOW64\Ipmi
    2019-11-17 23:50 - 2019-11-17 23:50 - 000000000 ____D C:\WINDOWS\SysWOW64\InputMethod
    2019-11-17 23:50 - 2019-11-17 23:50 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
    2019-11-17 23:50 - 2019-11-17 23:50 - 000000000 ____D C:\WINDOWS\SysWOW64\IME
    2019-11-17 23:50 - 2019-11-17 23:50 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicyUsers
    2019-11-17 23:50 - 2019-11-17 23:50 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
    2019-11-17 23:50 - 2019-11-17 23:50 - 000000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
    2019-11-17 23:50 - 2019-11-17 23:50 - 000000000 ____D C:\WINDOWS\SysWOW64\AppLocker
    2019-11-17 23:50 - 2019-11-17 23:50 - 000000000 ____D C:\WINDOWS\SystemResources
    2019-11-17 23:50 - 2019-11-17 23:50 - 000000000 ____D C:\WINDOWS\SystemApps
    2019-11-17 23:50 - 2019-11-17 23:50 - 000000000 ____D C:\WINDOWS\system32\winevt
    2019-11-17 23:50 - 2019-11-17 23:50 - 000000000 ____D C:\WINDOWS\system32\ras
    2019-11-17 23:50 - 2019-11-17 23:50 - 000000000 ____D C:\WINDOWS\system32\ProximityToast
    2019-11-17 23:50 - 2019-11-17 23:50 - 000000000 ____D C:\WINDOWS\system32\PointOfService
    2019-11-17 23:50 - 2019-11-17 23:50 - 000000000 ____D C:\WINDOWS\system32\NDF
    2019-11-17 23:50 - 2019-11-17 23:50 - 000000000 ____D C:\WINDOWS\system32\Macromed
    2019-11-17 23:50 - 2019-11-17 23:50 - 000000000 ____D C:\WINDOWS\system32\Ipmi
    2019-11-17 23:50 - 2019-11-17 23:50 - 000000000 ____D C:\WINDOWS\system32\InputMethod
    2019-11-17 23:50 - 2019-11-17 23:50 - 000000000 ____D C:\WINDOWS\system32\inetsrv
    2019-11-17 23:50 - 2019-11-17 23:50 - 000000000 ____D C:\WINDOWS\system32\IME
    2019-11-17 23:50 - 2019-11-17 23:50 - 000000000 ____D C:\WINDOWS\system32\hydrogen
    2019-11-17 23:50 - 2019-11-17 23:50 - 000000000 ____D C:\WINDOWS\system32\GroupPolicyUsers
    2019-11-17 23:50 - 2019-11-17 23:50 - 000000000 ____D C:\WINDOWS\system32\GroupPolicy
    2019-11-17 23:50 - 2019-11-17 23:50 - 000000000 ____D C:\WINDOWS\system32\DriverState
    2019-11-17 23:50 - 2019-11-17 23:50 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData
    2019-11-17 23:50 - 2019-11-17 23:50 - 000000000 ____D C:\WINDOWS\system32\config\TxR
    2019-11-17 23:50 - 2019-11-17 23:50 - 000000000 ____D C:\WINDOWS\system32\config\systemprofile
    2019-11-17 23:50 - 2019-11-17 23:50 - 000000000 ____D C:\WINDOWS\system32\config\RegBack
    2019-11-17 23:50 - 2019-11-17 23:50 - 000000000 ____D C:\WINDOWS\system32\config\Journal
    2019-11-17 23:50 - 2019-11-17 23:50 - 000000000 ____D C:\WINDOWS\system32\AppLocker
    2019-11-17 23:50 - 2019-11-17 23:50 - 000000000 ____D C:\WINDOWS\System
    2019-11-17 23:50 - 2019-11-17 23:50 - 000000000 ____D C:\WINDOWS\SKB
    2019-11-17 23:50 - 2019-11-17 23:50 - 000000000 ____D C:\WINDOWS\ServiceState
    2019-11-17 23:50 - 2019-11-17 23:50 - 000000000 ____D C:\WINDOWS\security
    2019-11-17 23:50 - 2019-11-17 23:50 - 000000000 ____D C:\WINDOWS\schemas
    2019-11-17 23:50 - 2019-11-17 23:50 - 000000000 ____D C:\WINDOWS\SchCache
    2019-11-17 23:50 - 2019-11-17 23:50 - 000000000 ____D C:\WINDOWS\Resources
    2019-11-17 23:50 - 2019-11-17 23:50 - 000000000 ____D C:\WINDOWS\rescache
    2019-11-17 23:50 - 2019-11-17 23:50 - 000000000 ____D C:\WINDOWS\PLA
    2019-11-17 23:50 - 2019-11-17 23:50 - 000000000 ____D C:\WINDOWS\Performance
    2019-11-17 23:50 - 2019-11-17 23:50 - 000000000 ____D C:\WINDOWS\ModemLogs
    2019-11-17 23:50 - 2019-11-17 23:50 - 000000000 ____D C:\WINDOWS\LiveKernelReports
    2019-11-17 23:50 - 2019-11-17 23:50 - 000000000 ____D C:\WINDOWS\InputMethod
    2019-11-17 23:50 - 2019-11-17 23:50 - 000000000 ____D C:\WINDOWS\Globalization
    2019-11-17 23:50 - 2019-11-17 23:50 - 000000000 ____D C:\WINDOWS\GameBarPresenceWriter
    2019-11-17 23:50 - 2019-11-17 23:50 - 000000000 ____D C:\WINDOWS\Containers
    2019-11-17 23:50 - 2019-11-17 23:50 - 000000000 ____D C:\WINDOWS\Branding
    2019-11-17 23:50 - 2019-11-17 23:50 - 000000000 ____D C:\ProgramData\WindowsHolographicDevices
    2019-11-17 23:50 - 2019-11-17 23:50 - 000000000 ____D C:\Program Files\Windows Security
    2019-11-17 23:50 - 2019-11-17 23:50 - 000000000 ____D C:\Program Files\windows nt
    2019-11-17 23:50 - 2019-11-17 23:50 - 000000000 ____D C:\Program Files (x86)\windows nt
    2019-11-17 23:50 - 2019-11-17 22:05 - 000000000 ____D C:\WINDOWS\system32\spool
    2019-11-17 23:50 - 2019-11-17 22:05 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
    2019-11-17 23:50 - 2019-11-17 22:05 - 000000000 ____D C:\ProgramData\USOPrivate
    2019-11-17 23:50 - 2019-11-17 22:04 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
    2019-11-17 23:46 - 2019-11-20 18:27 - 076283904 _____ C:\WINDOWS\system32\config\SOFTWARE
    2019-11-17 23:46 - 2019-11-20 18:27 - 015466496 _____ C:\WINDOWS\system32\config\SYSTEM
    2019-11-17 23:46 - 2019-11-20 18:27 - 000524288 _____ C:\WINDOWS\system32\config\DEFAULT
    2019-11-17 23:46 - 2019-11-20 18:27 - 000524288 _____ C:\WINDOWS\system32\config\BBI
    2019-11-17 23:46 - 2019-11-20 18:27 - 000065536 _____ C:\WINDOWS\system32\config\SAM
    2019-11-17 23:46 - 2019-11-20 18:27 - 000032768 _____ C:\WINDOWS\system32\config\SECURITY
    2019-11-17 23:46 - 2019-11-18 00:01 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
    2019-11-17 23:46 - 2019-11-17 23:50 - 000000000 ____D C:\WINDOWS\system32\SMI
    2019-11-17 23:46 - 2019-11-17 22:27 - 000000000 ____D C:\WINDOWS\servicing
    2019-11-17 23:46 - 2019-11-17 22:27 - 000000000 ____D C:\WINDOWS\CbsTemp
    2019-11-17 23:46 - 2019-11-17 22:04 - 000000000 ____D C:\WINDOWS\Panther
    2019-11-17 23:07 - 2019-11-17 23:07 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
    2019-11-17 23:06 - 2019-11-20 18:24 - 000002170 _____ C:\WINDOWS\system32\Tasks\npcapwatchdog
    2019-11-17 23:06 - 2019-11-17 23:13 - 000000000 ____D C:\Users\SK\AppData\Roaming\Wireshark
    2019-11-17 23:06 - 2019-11-17 23:06 - 000001827 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark.lnk
    2019-11-17 23:05 - 2019-11-17 23:06 - 000000000 ____D C:\Program Files\Wireshark
    2019-11-17 23:05 - 2019-11-17 23:06 - 000000000 ____D C:\Program Files\Npcap
    2019-11-17 23:05 - 2019-11-17 23:05 - 000000000 ____D C:\WINDOWS\SysWOW64\Npcap
    2019-11-17 23:05 - 2019-11-17 23:05 - 000000000 ____D C:\WINDOWS\system32\Npcap
    2019-11-17 23:05 - 2019-11-08 12:08 - 001073872 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
    2019-11-17 23:05 - 2019-11-08 12:08 - 001073872 _____ C:\WINDOWS\system32\vulkan-1.dll
    2019-11-17 23:05 - 2019-11-08 12:08 - 000931536 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
    2019-11-17 23:05 - 2019-11-08 12:08 - 000931536 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
    2019-11-17 23:05 - 2019-11-08 12:08 - 000848592 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
    2019-11-17 23:05 - 2019-11-08 12:08 - 000848592 _____ C:\WINDOWS\system32\vulkaninfo.exe
    2019-11-17 23:05 - 2019-11-08 12:08 - 000706256 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
    2019-11-17 23:05 - 2019-11-08 12:08 - 000706256 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
    2019-11-17 23:05 - 2019-11-08 12:08 - 000449792 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
    2019-11-17 23:05 - 2019-11-08 12:08 - 000352704 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
    2019-11-17 23:05 - 2019-11-08 12:07 - 011841968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
    2019-11-17 23:05 - 2019-11-08 12:07 - 010167216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
    2019-11-17 23:05 - 2019-11-08 12:06 - 017458432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
    2019-11-17 23:05 - 2019-11-08 12:06 - 005381552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
    2019-11-17 23:05 - 2019-11-08 12:06 - 004717568 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
    2019-11-17 23:05 - 2019-11-08 12:06 - 002074240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
    2019-11-17 23:05 - 2019-11-08 12:06 - 001734256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6444120.dll
    2019-11-17 23:05 - 2019-11-08 12:06 - 001568880 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
    2019-11-17 23:05 - 2019-11-08 12:06 - 001492696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6444120.dll
    2019-11-17 23:05 - 2019-11-08 12:06 - 001482184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
    2019-11-17 23:05 - 2019-11-08 12:06 - 001370088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
    2019-11-17 23:05 - 2019-11-08 12:06 - 001145056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
    2019-11-17 23:05 - 2019-11-08 12:06 - 001066056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
    2019-11-17 23:05 - 2019-11-08 12:06 - 000824920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
    2019-11-17 23:05 - 2019-11-08 12:06 - 000813000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
    2019-11-17 23:05 - 2019-11-08 12:06 - 000685792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
    2019-11-17 23:05 - 2019-11-08 12:06 - 000677280 _____ C:\WINDOWS\system32\nvofapi64.dll
    2019-11-17 23:05 - 2019-11-08 12:06 - 000659544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
    2019-11-17 23:05 - 2019-11-08 12:06 - 000556672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
    2019-11-17 23:05 - 2019-11-08 12:06 - 000544728 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
    2019-11-17 23:05 - 2019-11-08 12:05 - 040510200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
    2019-11-17 23:05 - 2019-11-08 12:05 - 035379672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
    2019-11-17 23:05 - 2019-11-08 12:05 - 015026944 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
    2019-11-17 23:05 - 2019-11-08 12:02 - 004219656 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
    2019-11-17 23:04 - 2019-11-17 23:05 - 059276232 _____ (Wireshark development team) C:\Users\SK\Downloads\Wireshark-win64-3.0.6.exe
    2019-11-17 22:57 - 2019-11-17 22:57 - 000000992 _____ C:\Users\Public\Desktop\IPVanish.lnk
    2019-11-17 22:57 - 2019-11-17 22:57 - 000000992 _____ C:\ProgramData\Desktop\IPVanish.lnk
    2019-11-17 22:57 - 2019-11-17 22:57 - 000000000 ____D C:\Users\SK\AppData\Local\Mudhook_Marketing,_Inc
    2019-11-17 22:57 - 2019-11-17 22:57 - 000000000 ____D C:\Users\SK\AppData\Local\IsolatedStorage
    2019-11-17 22:57 - 2019-11-17 22:57 - 000000000 ____D C:\Users\SK\AppData\Local\IPVanish
    2019-11-17 22:57 - 2019-11-17 22:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IPVanish
    2019-11-17 22:57 - 2019-11-17 22:57 - 000000000 ____D C:\Program Files\IPVanish VPN
    2019-11-17 22:56 - 2019-11-17 22:56 - 015798320 _____ () C:\Users\SK\Downloads\ipvanish-setup.exe
    2019-11-17 22:34 - 2019-11-17 22:34 - 000002164 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
    2019-11-17 22:34 - 2019-11-17 22:34 - 000002152 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
    2019-11-17 22:34 - 2019-11-17 22:34 - 000002152 _____ C:\ProgramData\Desktop\Avast Free Antivirus.lnk
    2019-11-17 22:34 - 2019-11-17 22:34 - 000000000 ____D C:\Users\SK\AppData\Roaming\AVAST Software
    2019-11-17 22:33 - 2019-11-20 18:23 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
    2019-11-17 22:33 - 2019-11-17 22:33 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
    2019-11-17 22:33 - 2019-11-17 22:33 - 000000000 ____D C:\Users\SK\AppData\Local\Steam
    2019-11-17 22:33 - 2019-11-17 22:32 - 000355720 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
    2019-11-17 22:32 - 2019-11-17 22:33 - 000848432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
    2019-11-17 22:32 - 2019-11-17 22:33 - 000460448 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
    2019-11-17 22:32 - 2019-11-17 22:33 - 000161544 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
    2019-11-17 22:32 - 2019-11-17 22:32 - 000316528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
    2019-11-17 22:32 - 2019-11-17 22:32 - 000276952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
    2019-11-17 22:32 - 2019-11-17 22:32 - 000274456 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
    2019-11-17 22:32 - 2019-11-17 22:32 - 000236024 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
    2019-11-17 22:32 - 2019-11-17 22:32 - 000209552 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
    2019-11-17 22:32 - 2019-11-17 22:32 - 000204824 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
    2019-11-17 22:32 - 2019-11-17 22:32 - 000110320 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
    2019-11-17 22:32 - 2019-11-17 22:32 - 000083792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
    2019-11-17 22:32 - 2019-11-17 22:32 - 000065120 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
    2019-11-17 22:32 - 2019-11-17 22:32 - 000042736 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
    2019-11-17 22:32 - 2019-11-17 22:32 - 000037616 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
    2019-11-17 22:32 - 2019-11-17 22:32 - 000016304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
    2019-11-17 22:32 - 2019-11-17 22:32 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
    2019-11-17 22:31 - 2019-11-17 22:31 - 000000000 ____D C:\Program Files\AVAST Software
    2019-11-17 22:30 - 2019-11-17 22:32 - 000000000 ____D C:\ProgramData\AVAST Software
    2019-11-17 22:29 - 2019-11-17 22:29 - 000230080 _____ (AVAST Software) C:\Users\SK\Downloads\avast_free_antivirus_setup_online.exe
    2019-11-17 22:28 - 2019-11-20 18:27 - 000000000 ____D C:\Program Files (x86)\Steam
    2019-11-17 22:28 - 2019-11-17 22:28 - 000001036 _____ C:\Users\Public\Desktop\Steam.lnk
    2019-11-17 22:28 - 2019-11-17 22:28 - 000001036 _____ C:\ProgramData\Desktop\Steam.lnk
    2019-11-17 22:28 - 2019-11-17 22:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
    2019-11-17 22:27 - 2019-11-17 22:27 - 001573568 _____ C:\Users\SK\Downloads\SteamSetup.exe
    2019-11-17 22:25 - 2019-11-17 22:25 - 000001070 _____ C:\Users\Public\Desktop\World of Warcraft.lnk
    2019-11-17 22:25 - 2019-11-17 22:25 - 000001070 _____ C:\ProgramData\Desktop\World of Warcraft.lnk
    2019-11-17 22:25 - 2019-11-17 22:25 - 000000000 ____D C:\Users\SK\AppData\Local\Comms
    2019-11-17 22:25 - 2019-11-17 22:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
    2019-11-17 22:22 - 2019-11-20 18:09 - 000000000 ____D C:\Program Files (x86)\World of Warcraft
    2019-11-17 22:22 - 2019-11-17 22:22 - 000000000 ____D C:\ProgramData\Blizzard Entertainment
    2019-11-17 22:21 - 2019-11-20 18:27 - 000000000 ____D C:\Users\SK\AppData\Local\Battle.net
    2019-11-17 22:21 - 2019-11-17 22:22 - 000000000 ____D C:\Users\SK\AppData\Roaming\Battle.net
    2019-11-17 22:20 - 2019-11-17 22:20 - 000000940 _____ C:\Users\Public\Desktop\Battle.net.lnk
    2019-11-17 22:20 - 2019-11-17 22:20 - 000000940 _____ C:\ProgramData\Desktop\Battle.net.lnk
    2019-11-17 22:20 - 2019-11-17 22:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
    2019-11-17 22:19 - 2019-11-17 22:22 - 000000000 ____D C:\Program Files (x86)\Battle.net
    2019-11-17 22:19 - 2019-11-17 22:21 - 000000000 ____D C:\Users\SK\AppData\Local\Blizzard Entertainment
    2019-11-17 22:18 - 2019-11-17 22:18 - 000000000 ____D C:\ProgramData\Battle.net
    2019-11-17 22:17 - 2019-11-20 18:24 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
    2019-11-17 22:17 - 2019-11-20 18:24 - 000003124 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
    2019-11-17 22:17 - 2019-11-17 22:35 - 000000000 ____D C:\Users\SK\AppData\Local\Google
    2019-11-17 22:17 - 2019-11-17 22:17 - 000002377 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2019-11-17 22:17 - 2019-11-17 22:17 - 000002336 _____ C:\Users\Public\Desktop\Google Chrome.lnk
    2019-11-17 22:17 - 2019-11-17 22:17 - 000002336 _____ C:\ProgramData\Desktop\Google Chrome.lnk
    2019-11-17 22:17 - 2019-11-17 22:17 - 000000000 ____D C:\Program Files (x86)\Google
    2019-11-17 22:15 - 2019-11-20 18:24 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2019-11-17 22:15 - 2019-11-20 18:24 - 000003196 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2019-11-17 22:15 - 2019-11-20 18:24 - 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2019-11-17 22:15 - 2019-11-20 18:24 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2019-11-17 22:15 - 2019-11-20 18:24 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2019-11-17 22:15 - 2019-11-20 18:24 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2019-11-17 22:15 - 2019-11-20 18:24 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2019-11-17 22:15 - 2019-11-20 18:24 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2019-11-17 22:15 - 2019-11-20 18:24 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2019-11-17 22:15 - 2019-11-20 18:24 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2019-11-17 22:15 - 2019-11-20 18:13 - 000000000 ____D C:\Users\SK\AppData\Local\NVIDIA
    2019-11-17 22:15 - 2019-11-18 22:25 - 000000000 ____D C:\ProgramData\Package Cache
    2019-11-17 22:15 - 2019-11-18 14:25 - 000000000 ____D C:\Users\SK\AppData\Local\NVIDIA Corporation
    2019-11-17 22:15 - 2019-11-17 22:15 - 000001447 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
    2019-11-17 22:15 - 2019-11-17 22:15 - 000001447 _____ C:\ProgramData\Desktop\GeForce Experience.lnk
    2019-11-17 22:15 - 2019-11-17 22:15 - 000000000 ____D C:\Users\SK\AppData\Local\CEF
    2019-11-17 22:15 - 2019-11-17 22:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
    2019-11-17 22:15 - 2019-10-24 16:01 - 002845208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
    2019-11-17 22:15 - 2019-10-24 16:01 - 002209136 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
    2019-11-17 22:15 - 2019-10-24 16:01 - 001323112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
    2019-11-17 22:15 - 2019-07-22 20:36 - 000179000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
    2019-11-17 22:15 - 2019-07-22 20:36 - 000154424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
    2019-11-17 22:15 - 2010-05-26 13:41 - 000511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll
    2019-11-17 22:15 - 2010-05-26 13:41 - 000470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
    2019-11-17 22:15 - 2010-05-26 13:41 - 000276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
    2019-11-17 22:15 - 2010-05-26 13:41 - 000248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
    2019-11-17 22:13 - 2019-11-20 18:24 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3886166584-1874284344-1482024915-1001
    2019-11-17 22:13 - 2019-11-19 19:56 - 000000000 ____D C:\Users\SK\AppData\Local\PlaceholderTileLogoFolder
    2019-11-17 22:13 - 2019-11-18 22:14 - 000000000 ___RD C:\Users\SK\OneDrive
    2019-11-17 22:13 - 2019-11-17 22:13 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
    2019-11-17 22:12 - 2019-11-19 20:00 - 000000000 ____D C:\Users\SK\AppData\Local\Packages
    2019-11-17 22:12 - 2019-11-17 22:32 - 000000000 ____D C:\Users\SK\AppData\Local\Publishers
    2019-11-17 22:12 - 2019-11-17 22:31 - 000000000 ____D C:\ProgramData\Packages
    2019-11-17 22:12 - 2019-11-17 22:12 - 000000000 __RHD C:\Users\Public\AccountPictures
    2019-11-17 22:12 - 2019-11-17 22:12 - 000000000 ___RD C:\Users\SK\3D Objects
    2019-11-17 22:12 - 2019-11-17 22:12 - 000000000 ___HD C:\Users\SK\MicrosoftEdgeBackups
    2019-11-17 22:12 - 2019-11-17 22:12 - 000000000 ____D C:\Users\SK\AppData\Roaming\Adobe
    2019-11-17 22:12 - 2019-11-17 22:12 - 000000000 ____D C:\Users\SK\AppData\Local\VirtualStore
    2019-11-17 22:12 - 2019-11-17 22:12 - 000000000 ____D C:\Users\SK\AppData\Local\MicrosoftEdge
    2019-11-17 22:12 - 2019-11-17 22:12 - 000000000 ____D C:\Users\SK\AppData\Local\ConnectedDevicesPlatform
    2019-11-17 22:10 - 2019-11-18 22:20 - 000000000 ____D C:\Users\SK
    2019-11-17 22:10 - 2019-11-18 22:14 - 000002358 _____ C:\Users\SK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
    2019-11-17 22:10 - 2019-11-17 22:10 - 000000020 ___SH C:\Users\SK\ntuser.ini
    2019-11-17 22:08 - 2019-11-18 19:42 - 000840852 _____ C:\WINDOWS\system32\PerfStringBackup.INI
    2019-11-17 22:05 - 2019-03-13 18:15 - 002865152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
    2019-11-15 20:48 - 2019-08-23 05:08 - 000075600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
    2019-11-15 20:48 - 2019-06-27 05:58 - 000053752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvswcfilter.sys
    2019-11-15 20:48 - 2019-04-17 09:42 - 000069840 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
    2019-11-12 20:33 - 2019-11-12 20:33 - 023455232 ____N (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 022137120 ____N (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 019014144 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 012960256 ____N (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 012258816 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 011724288 ____N (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 009941504 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 009667896 ____N (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
    2019-11-12 20:33 - 2019-11-12 20:33 - 007872000 ____N (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 007700696 ____N (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 007656072 ____N (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 007645392 ____N (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 006934016 ____N (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 006547896 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 006318328 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 006065152 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 005770240 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 005608336 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 005575168 ____N (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 005573232 ____N (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 005436696 ____N (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 004873216 ____N (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 004866560 ____N (Microsoft Corporation) C:\WINDOWS\system32\Windows.AI.MachineLearning.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 004661760 ____N (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 004413936 ____N (Microsoft Corporation) C:\WINDOWS\explorer.exe
    2019-11-12 20:33 - 2019-11-12 20:33 - 004303872 ____N (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 004049920 ____N (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 003906560 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 003872336 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
    2019-11-12 20:33 - 2019-11-12 20:33 - 003703296 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 003656792 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 003637760 ____N (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
    2019-11-12 20:33 - 2019-11-12 20:33 - 003576832 ____N (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 003550384 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 003496448 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AI.MachineLearning.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 003387392 ____N (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 003363640 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
    2019-11-12 20:33 - 2019-11-12 20:33 - 003333632 ____N (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 003082752 ____N (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 002918200 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
    2019-11-12 20:33 - 2019-11-12 20:33 - 002871824 ____N (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
    2019-11-12 20:33 - 2019-11-12 20:33 - 002848768 ____N (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 002765312 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 002707968 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
    2019-11-12 20:33 - 2019-11-12 20:33 - 002699976 ____N (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 002698752 ____N (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 002645504 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 002628112 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
    2019-11-12 20:33 - 2019-11-12 20:33 - 002421248 ____N (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
    2019-11-12 20:33 - 2019-11-12 20:33 - 002393600 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 002348544 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 002192384 ____N (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 002109960 ____N (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 002072176 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 002050560 ____N (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 001994976 ____N (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 001966096 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
    2019-11-12 20:33 - 2019-11-12 20:33 - 001933408 ____N (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 001929728 ____N (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 001918792 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 001904128 ____N (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 001751432 ____N (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 001729024 ____N (Microsoft Corporation) C:\WINDOWS\system32\CoreShell.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 001726480 ____N (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 001708544 ____N (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 001702600 ____N (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
    2019-11-12 20:33 - 2019-11-12 20:33 - 001677808 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 001674480 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 001668784 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 001668752 ____N (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 001666440 ____N (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 001644544 ____N (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 001608192 ____N (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 001538560 ____N (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
    2019-11-12 20:33 - 2019-11-12 20:33 - 001486472 ____N (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 001473296 ____N (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
    2019-11-12 20:33 - 2019-11-12 20:33 - 001465472 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 001388032 ____N (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 001388032 ____N (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 001346216 ____N (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
    2019-11-12 20:33 - 2019-11-12 20:33 - 001331536 ____N (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 001319936 ____N (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 001312256 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 001294792 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 001291264 ____N (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 001267240 ____N (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
    2019-11-12 20:33 - 2019-11-12 20:33 - 001262592 ____N (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 001258512 ____N (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
    2019-11-12 20:33 - 2019-11-12 20:33 - 001200920 ____N (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 001183504 ____N (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
    2019-11-12 20:33 - 2019-11-12 20:33 - 001180248 ____N (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 001098136 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 001054712 ____N (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
    2019-11-12 20:33 - 2019-11-12 20:33 - 001054224 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
    2019-11-12 20:33 - 2019-11-12 20:33 - 001050112 ____N (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
    2019-11-12 20:33 - 2019-11-12 20:33 - 001049608 ____N (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
    2019-11-12 20:33 - 2019-11-12 20:33 - 001024712 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 001022464 ____N (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000981504 ____N (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000948224 ____N (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000927232 ____N (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000888560 ____N (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000877568 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
    2019-11-12 20:33 - 2019-11-12 20:33 - 000872448 ____N (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000869888 ____N (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000862008 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
    2019-11-12 20:33 - 2019-11-12 20:33 - 000856424 ____N (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000842752 ____N (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000834048 ____N (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000811536 ____N (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000808272 ____N (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
    2019-11-12 20:33 - 2019-11-12 20:33 - 000807424 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
    2019-11-12 20:33 - 2019-11-12 20:33 - 000801792 ____N (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000782968 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000775768 ____N (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000774144 ____N (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
    2019-11-12 20:33 - 2019-11-12 20:33 - 000773208 ____N (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000764928 ____N (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000750592 ____N (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000747536 ____N (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000741688 ____N (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000729088 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000703488 ____N (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000690688 ____N (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000687104 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000680184 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000676352 ____N (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000667664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
    2019-11-12 20:33 - 2019-11-12 20:33 - 000664576 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000661264 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
    2019-11-12 20:33 - 2019-11-12 20:33 - 000652088 ____N (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
    2019-11-12 20:33 - 2019-11-12 20:33 - 000642560 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000638480 ____N (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000613376 ____N (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000604344 ____N (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
    2019-11-12 20:33 - 2019-11-12 20:33 - 000596992 ____N (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000595968 ____N (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000591160 ____N (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000590336 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000588816 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
    2019-11-12 20:33 - 2019-11-12 20:33 - 000575488 ____N (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
    2019-11-12 20:33 - 2019-11-12 20:33 - 000574464 ____N (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000553784 ____N (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000553472 ____N (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000551936 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
    2019-11-12 20:33 - 2019-11-12 20:33 - 000548864 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000547328 ____N (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000542320 ____N (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000536320 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000535080 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
    2019-11-12 20:33 - 2019-11-12 20:33 - 000533504 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000520704 ____N (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000520208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Vid.sys
    2019-11-12 20:33 - 2019-11-12 20:33 - 000514600 ____N (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000513544 ____N (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000509968 ____N (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
    2019-11-12 20:33 - 2019-11-12 20:33 - 000505640 ____N (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000495616 ____N (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000481280 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000474936 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
    2019-11-12 20:33 - 2019-11-12 20:33 - 000473832 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000465416 ____N (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000462352 ____N (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000462336 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000455168 ____N (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000450632 ____N (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000445752 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
    2019-11-12 20:33 - 2019-11-12 20:33 - 000435512 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
    2019-11-12 20:33 - 2019-11-12 20:33 - 000430592 ____N (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
    2019-11-12 20:33 - 2019-11-12 20:33 - 000428032 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000427832 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
    2019-11-12 20:33 - 2019-11-12 20:33 - 000420864 ____N (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000415760 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000415744 ____N (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
    2019-11-12 20:33 - 2019-11-12 20:33 - 000408064 ____N (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000394240 ____N (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000389408 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000385848 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000383288 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
    2019-11-12 20:33 - 2019-11-12 20:33 - 000367104 ____N (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000360960 ____N (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
    2019-11-12 20:33 - 2019-11-12 20:33 - 000350208 ____N (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000349184 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
    2019-11-12 20:33 - 2019-11-12 20:33 - 000331264 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000324624 ____N (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000321024 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000315904 ____N (Microsoft Corporation) C:\WINDOWS\system32\ComposableShellProxyStub.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000303104 ____N (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000292352 ____N (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000284672 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000281088 ____N (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000273408 ____N (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000263360 ____N (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000262152 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
    2019-11-12 20:33 - 2019-11-12 20:33 - 000256000 ____N (Microsoft Corporation) C:\WINDOWS\system32\wpnservice.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000249856 ____N (Gracenote, Inc.) C:\WINDOWS\SysWOW64\gnsdk_fp.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000240640 ____N (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
    2019-11-12 20:33 - 2019-11-12 20:33 - 000226816 ____N (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000217088 ____N (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
    2019-11-12 20:33 - 2019-11-12 20:33 - 000214528 ____N (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000213304 ____N (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
    2019-11-12 20:33 - 2019-11-12 20:33 - 000201528 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
    2019-11-12 20:33 - 2019-11-12 20:33 - 000198968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
    2019-11-12 20:33 - 2019-11-12 20:33 - 000198144 ____N (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000193336 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
    2019-11-12 20:33 - 2019-11-12 20:33 - 000182784 ____N (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000180736 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
    2019-11-12 20:33 - 2019-11-12 20:33 - 000178176 ____N (Microsoft Corporation) C:\WINDOWS\system32\prntvpt.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000177664 ____N (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000166400 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000164368 ____N (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
    2019-11-12 20:33 - 2019-11-12 20:33 - 000161792 ____N (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000160272 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pacer.sys
    2019-11-12 20:33 - 2019-11-12 20:33 - 000154624 ____N (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_AppExecutionAlias.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000152896 ____N (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000151552 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\ComposableShellProxyStub.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000151552 ____N (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_BackgroundApps.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000146432 ____N (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000144384 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000141736 ____N (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000139776 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\prntvpt.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000138112 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000132608 ____N (Microsoft Corporation) C:\WINDOWS\splwow64.exe
    2019-11-12 20:33 - 2019-11-12 20:33 - 000124416 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tunnel.sys
    2019-11-12 20:33 - 2019-11-12 20:33 - 000122368 ____N (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000120352 ____N (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
    2019-11-12 20:33 - 2019-11-12 20:33 - 000118480 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000112168 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
    2019-11-12 20:33 - 2019-11-12 20:33 - 000111104 ____N (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000110080 ____N (Microsoft Corporation) C:\WINDOWS\system32\WinHvPlatform.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000109568 ____N (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000105832 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
    2019-11-12 20:33 - 2019-11-12 20:33 - 000101888 ____N (Microsoft Corporation) C:\WINDOWS\system32\CoreShellExtFramework.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000092160 ____N (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
    2019-11-12 20:33 - 2019-11-12 20:33 - 000090632 ____N (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000087080 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhvr.sys
    2019-11-12 20:33 - 2019-11-12 20:33 - 000087040 ____N (Microsoft Corporation) C:\WINDOWS\system32\ApiSetHost.AppExecutionAlias.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000086840 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\npfs.sys
    2019-11-12 20:33 - 2019-11-12 20:33 - 000086744 ____N (Microsoft Corporation) C:\WINDOWS\system32\taskhostw.exe
    2019-11-12 20:33 - 2019-11-12 20:33 - 000080896 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
    2019-11-12 20:33 - 2019-11-12 20:33 - 000080400 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
    2019-11-12 20:33 - 2019-11-12 20:33 - 000079360 ____N (Microsoft Corporation) C:\WINDOWS\system32\usp10.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000077824 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\usp10.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000071696 ____N (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000071680 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\CapabilityAccessManagerClient.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000068096 ____N (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000064512 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\ApiSetHost.AppExecutionAlias.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000061480 ____N (Microsoft Corporation) C:\WINDOWS\system32\hvhostsvc.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000060416 ____N (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000060416 ____N (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessRuntime.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000058368 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\udhisapi.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000056320 ____N (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000050176 ____N (Microsoft Corporation) C:\WINDOWS\system32\dwm.exe
    2019-11-12 20:33 - 2019-11-12 20:33 - 000047616 ____N (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000047104 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\AssignedAccessRuntime.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000046080 ____N (Microsoft Corporation) C:\WINDOWS\system32\compact.exe
    2019-11-12 20:33 - 2019-11-12 20:33 - 000043008 ____N (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000041472 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\compact.exe
    2019-11-12 20:33 - 2019-11-12 20:33 - 000038912 ____N (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000036368 ____N (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
    2019-11-12 20:33 - 2019-11-12 20:33 - 000023768 ____N (Microsoft Corporation) C:\WINDOWS\system32\nsi.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000020144 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\nsi.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000002560 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000002560 ____N (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
    2019-11-12 20:33 - 2019-11-12 20:33 - 000000315 ____N C:\WINDOWS\system32\DrtmAuth8.bin
    2019-11-12 20:33 - 2019-11-12 20:33 - 000000315 ____N C:\WINDOWS\system32\DrtmAuth7.bin
    2019-11-12 20:33 - 2019-11-12 20:33 - 000000315 ____N C:\WINDOWS\system32\DrtmAuth6.bin
    2019-11-12 20:33 - 2019-11-12 20:33 - 000000315 ____N C:\WINDOWS\system32\DrtmAuth5.bin
    2019-11-12 20:33 - 2019-11-12 20:33 - 000000315 ____N C:\WINDOWS\system32\DrtmAuth4.bin
    2019-11-12 20:33 - 2019-11-12 20:33 - 000000315 ____N C:\WINDOWS\system32\DrtmAuth3.bin
    2019-11-12 20:33 - 2019-11-12 20:33 - 000000315 ____N C:\WINDOWS\system32\DrtmAuth2.bin
    2019-11-12 20:33 - 2019-11-12 20:33 - 000000315 ____N C:\WINDOWS\system32\DrtmAuth1.bin
    2019-10-29 20:46 - 2019-11-08 12:02 - 004952320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
    2019-10-29 20:46 - 2019-11-07 04:29 - 000056238 _____ C:\WINDOWS\system32\nvinfo.pb
    2019-10-29 20:46 - 2019-10-23 16:09 - 001733504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6444108.dll
    2019-10-29 20:46 - 2019-10-23 16:09 - 001490864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6444108.dll
    2019-10-29 20:46 - 2019-10-22 21:56 - 001683032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
    2019-10-29 20:46 - 2019-10-22 21:56 - 000228792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
    2019-10-29 20:46 - 2019-10-22 21:56 - 000047272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll

    ==================== One month (modified) ==================

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2019-11-17 23:55 - 2019-03-13 18:16 - 000302592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
    2019-11-17 23:49 - 2018-09-15 09:37 - 000134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll

    ==================== SigCheck ============================

    (There is no automatic fix for files that do not pass verification.)

    ==================== End of FRST.txt ========================
     
  6. stef1808

    stef1808 Thread Starter

    Joined:
    Aug 1, 2015
    Messages:
    51
    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-11-2019
    Ran by SK (20-11-2019 18:29:14)
    Running from C:\Users\SK\Desktop
    Windows 10 Home Version 1809 17763.864 (X64) (2019-11-17 20:04:01)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-3886166584-1874284344-1482024915-500 - Administrator - Disabled)
    DefaultAccount (S-1-5-21-3886166584-1874284344-1482024915-503 - Limited - Disabled)
    Guest (S-1-5-21-3886166584-1874284344-1482024915-501 - Limited - Disabled)
    SK (S-1-5-21-3886166584-1874284344-1482024915-1001 - Administrator - Enabled) => C:\Users\SK
    WDAGUtilityAccount (S-1-5-21-3886166584-1874284344-1482024915-504 - Limited - Disabled)

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
    AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.8.2393 - AVAST Software)
    Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
    BlueStacks App Player (HKLM\...\BlueStacks) (Version: 4.140.12.1002 - BlueStack Systems, Inc.)
    f.lux (HKU\S-1-5-21-3886166584-1874284344-1482024915-1001\...\Flux) (Version: - f.lux Software LLC)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 78.0.3904.97 - Google LLC)
    Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.341 - Google LLC) Hidden
    IPVanish (HKLM\...\{23AC5A9C-F6D0-4458-8593-94BD6A0C55E2}) (Version: 3.4.4.4 - Mudhook Marketing, Inc) Hidden
    IPVanish (HKLM-x32\...\{7e72bd81-8d45-4e2f-abdf-7faba4db186c}) (Version: 3.4.4.4 - )
    Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes)
    Microsoft OneDrive (HKU\S-1-5-21-3886166584-1874284344-1482024915-1001\...\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27033 (HKLM-x32\...\{cc3a7c63-31fb-4129-9024-63ebefd86a95}) (Version: 14.16.27033.0 - Microsoft Corporation)
    Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
    Npcap 0.9983 (HKLM-x32\...\NpcapInst) (Version: 0.9983 - Nmap Project)
    NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
    NVIDIA GeForce Experience 3.20.1.57 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.1.57 - NVIDIA Corporation)
    NVIDIA Graphics Driver 441.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 441.20 - NVIDIA Corporation)
    NVIDIA HD Audio Driver 1.3.38.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.21 - NVIDIA Corporation)
    NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
    OpenOffice 4.1.7 (HKLM-x32\...\{B72360E4-C272-4A85-84AC-22E8C603095C}) (Version: 4.17.9800 - Apache Software Foundation)
    Origin (HKLM-x32\...\Origin) (Version: 10.5.55.33574 - Electronic Arts, Inc.)
    Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.21.24.10 - Razer Inc.)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8581 - Realtek Semiconductor Corp.)
    STAR WARS Jedi - Fallen Orderâ„¢ (HKLM-x32\...\{D00A89F1-2D8C-4589-B1D1-73A6544E3B1F}) (Version: 1.0.2.0 - Electronic Arts, Inc.)
    Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
    Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.14.1 - Synaptics Incorporated)
    WeMod (HKU\S-1-5-21-3886166584-1874284344-1482024915-1001\...\WeMod) (Version: 6.2.7 - WeMod)
    Wireshark 3.0.6 64-bit (HKLM-x32\...\Wireshark) (Version: 3.0.6 - The Wireshark developer community, hxxps://www.wireshark.org)
    World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
    World of Warcraft Classic (HKLM-x32\...\World of Warcraft Classic) (Version: - Blizzard Entertainment)

    Packages:
    =========
    Best of Bing 2018 Exclusive -> C:\Program Files\WindowsApps\Microsoft.BestofBing2018Exclusive_1.0.0.0_neutral__8wekyb3d8bbwe [2019-11-18] (Microsoft Corporation)
    Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.25.7.0_x86__kgqvnymyfvs32 [2019-11-19] (king.com)
    Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1640.3.0_x86__kgqvnymyfvs32 [2019-11-17] (king.com)
    Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20368.0_x64__8wekyb3d8bbwe [2019-11-17] (Microsoft Corporation) [MS Ad]
    Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\microsoft.advertising.xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-11-17] (Microsoft Corporation) [MS Ad]
    Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\microsoft.advertising.xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-11-17] (Microsoft Corporation) [MS Ad]
    Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.33.13094.0_x64__8wekyb3d8bbwe [2019-11-17] (Microsoft Corporation) [MS Ad]
    Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.11052.0_x64__8wekyb3d8bbwe [2019-11-17] (Microsoft Studios) [MS Ad]
    MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.33.13094.0_x64__8wekyb3d8bbwe [2019-11-19] (Microsoft Corporation) [MS Ad]
    Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0 [2019-11-17] (Spotify AB) [Startup Task]

    ==================== Custom CLSID (Whitelisted): ==============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-11-17] (AVAST Software s.r.o. -> AVAST Software)
    ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-11-17] (AVAST Software s.r.o. -> AVAST Software)
    ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-11-17] (AVAST Software s.r.o. -> AVAST Software)
    ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-11-18] (Malwarebytes Corporation -> Malwarebytes)
    ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-11-07] (NVIDIA Corporation -> NVIDIA Corporation)
    ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-11-17] (AVAST Software s.r.o. -> AVAST Software)
    ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-11-18] (Malwarebytes Corporation -> Malwarebytes)

    ==================== Codecs (Whitelisted) ====================

    ==================== Shortcuts & WMI ========================

    (The entries could be listed to be restored or removed.)

    ShortcutWithArgument: C:\Users\SK\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default

    ==================== Loaded Modules (Whitelisted) =============

    2019-11-17 22:20 - 2019-11-17 22:20 - 096131072 _____ () [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11668\libcef.dll
    2019-11-17 22:20 - 2019-11-17 22:20 - 000117760 _____ () [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11668\libEGL.dll
    2019-11-17 22:20 - 2019-11-17 22:20 - 004342784 _____ () [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11668\libGLESv2.dll
    2019-11-17 22:20 - 2019-11-17 22:20 - 001463808 _____ (Firelight Technologies) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11668\fmod.dll
    2019-11-17 22:20 - 2019-11-17 22:20 - 000762368 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11668\chrome_elf.dll
    2019-11-18 22:25 - 2019-11-18 22:25 - 001277440 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
    2019-11-18 22:25 - 2019-11-18 22:25 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
    2019-11-18 22:25 - 2019-11-18 22:25 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
    2019-11-18 22:25 - 2019-11-18 22:25 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
    2019-11-18 22:25 - 2019-11-18 22:25 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
    2019-11-18 22:25 - 2019-11-18 22:25 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
    2019-11-18 22:25 - 2019-11-18 22:25 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
    2019-11-18 22:25 - 2019-11-18 22:25 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
    2019-11-17 22:20 - 2019-11-17 22:20 - 000047104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11668\audio\qtaudio_windows.dll
    2019-11-17 22:20 - 2019-11-17 22:20 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11668\imageformats\qgif.dll
    2019-11-17 22:20 - 2019-11-17 22:20 - 000027136 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11668\imageformats\qico.dll
    2019-11-17 22:20 - 2019-11-17 22:20 - 000243712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11668\imageformats\qjpeg.dll
    2019-11-17 22:20 - 2019-11-17 22:20 - 000223744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11668\imageformats\qmng.dll
    2019-11-17 22:20 - 2019-11-17 22:20 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11668\imageformats\qsvg.dll
    2019-11-17 22:20 - 2019-11-17 22:20 - 000332288 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11668\imageformats\qtiff.dll
    2019-11-17 22:20 - 2019-11-17 22:20 - 001140224 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11668\platforms\qwindows.dll
    2019-11-17 22:20 - 2019-11-17 22:20 - 000041984 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11668\qml\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
    2019-11-17 22:20 - 2019-11-17 22:20 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11668\qml\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
    2019-11-17 22:20 - 2019-11-17 22:20 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11668\qml\QtQml\Models.2\modelsplugin.dll
    2019-11-17 22:20 - 2019-11-17 22:20 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11668\qml\QtQuick.2\qtquick2plugin.dll
    2019-11-17 22:20 - 2019-11-17 22:20 - 000084480 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11668\qml\QtQuick\Controls.2\qtquickcontrols2plugin.dll
    2019-11-17 22:20 - 2019-11-17 22:20 - 000267776 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11668\qml\QtQuick\Controls\qtquickcontrolsplugin.dll
    2019-11-17 22:20 - 2019-11-17 22:20 - 000071680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11668\qml\QtQuick\Layouts\qquicklayoutsplugin.dll
    2019-11-17 22:20 - 2019-11-17 22:20 - 000211456 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11668\qml\QtQuick\Templates.2\qtquicktemplates2plugin.dll
    2019-11-17 22:20 - 2019-11-17 22:20 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11668\qml\QtQuick\Window.2\windowplugin.dll
    2019-11-17 22:20 - 2019-11-17 22:20 - 004943360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11668\Qt5Core.dll
    2019-11-17 22:20 - 2019-11-17 22:20 - 005022208 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11668\Qt5Gui.dll
    2019-11-17 22:20 - 2019-11-17 22:20 - 000626176 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11668\Qt5Multimedia.dll
    2019-11-17 22:20 - 2019-11-17 22:20 - 000877056 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11668\Qt5Network.dll
    2019-11-17 22:20 - 2019-11-17 22:20 - 002908672 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11668\Qt5Qml.dll
    2019-11-17 22:20 - 2019-11-17 22:20 - 003078656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11668\Qt5Quick.dll
    2019-11-17 22:20 - 2019-11-17 22:20 - 000096256 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11668\Qt5QuickControls2.dll
    2019-11-17 22:20 - 2019-11-17 22:20 - 000681472 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11668\Qt5QuickTemplates2.dll
    2019-11-17 22:20 - 2019-11-17 22:20 - 000259072 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11668\Qt5Svg.dll
    2019-11-17 22:20 - 2019-11-17 22:20 - 004718080 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11668\Qt5Widgets.dll
    2019-11-17 22:20 - 2019-11-17 22:20 - 000439296 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11668\Qt5WinExtras.dll
    2019-11-17 22:20 - 2019-11-17 22:20 - 000159232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.11668\Qt5Xml.dll

    ==================== Alternate Data Streams (Whitelisted) ========

    ==================== Safe Mode (Whitelisted) ==================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

    ==================== Association (Whitelisted) =================

    ==================== Internet Explorer trusted/restricted ==========

    ==================== Hosts content: =========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2019-11-17 23:51 - 2019-11-17 23:50 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

    ==================== Other Areas ===========================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-3886166584-1874284344-1482024915-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\SK\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
    DNS Servers: 192.168.1.1
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
    Windows Firewall is enabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    ==================== FirewallRules (Whitelisted) ================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [{8CF8372D-675D-4546-8EED-4E7C0875953C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
    FirewallRules: [{0306695C-D28D-4882-B377-CA6957957B5A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
    FirewallRules: [{017B9797-DB67-4D95-B67C-C9E7CAC24BD2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
    FirewallRules: [{D7F630F6-AAC6-40A8-81FF-30173D6BD9DA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
    FirewallRules: [{CD7041BE-542C-474D-8232-F704C07B4CED}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
    FirewallRules: [{9CC79CA3-51A7-4C66-A8D6-6B694B8DCDE6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
    FirewallRules: [{8F8E417B-DB23-4165-AAB4-318C140234B9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
    FirewallRules: [{27B41F86-3D3F-47E7-9E72-4F179EFF4ACB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
    FirewallRules: [{765BC77C-940A-4E20-9D98-BF63FB8413D1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
    FirewallRules: [{E44BFF5A-1EF2-4E62-A9E2-2FCAC977108A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
    FirewallRules: [{0B546C57-B7FD-45AD-A3D4-AD1AEB08EBA0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
    FirewallRules: [{DDCA20FA-606C-4E11-9D08-F8BD92D33AEE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
    FirewallRules: [{4B410B46-DFA5-423E-ACB7-261D57E71E29}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
    FirewallRules: [{04FE5C93-32EB-4D5A-A163-1993488C0D21}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
    FirewallRules: [{E1BDAEF0-F81C-4B95-85A1-E5982785BD64}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
    FirewallRules: [{B0FA174B-C3A8-4156-A595-6CA6C59A6C81}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
    FirewallRules: [{D0EDB596-E211-47A9-B216-0593D0125660}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
    FirewallRules: [{83E70F7F-9CB6-4E90-B8E5-E1621BF62CB9}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
    FirewallRules: [{4B30911E-3B77-48A0-80DE-6BB04FBF13A6}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
    FirewallRules: [{4AA49FD6-2C59-48BC-9CE5-20D78CB1D7C5}] => (Allow) E:\SteamLibrary\steamapps\common\Jedi Fallen Order\SwGame\Binaries\Win64\starwarsjedifallenorder.exe (Electronic Arts, Inc. -> Respawn Entertainment)
    FirewallRules: [{F3C3EB40-6C14-4798-93FE-CEDBF903DFFE}] => (Allow) E:\SteamLibrary\steamapps\common\Jedi Fallen Order\SwGame\Binaries\Win64\starwarsjedifallenorder.exe (Electronic Arts, Inc. -> Respawn Entertainment)
    FirewallRules: [{59E341DD-1F43-4A3B-84BA-3F8125D52B35}] => (Allow) D:\Games\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
    FirewallRules: [{0223439C-A98E-4CC6-BD12-07C9E3708A26}] => (Allow) D:\Games\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
    FirewallRules: [{D2F97A8B-71D6-4233-9A03-1FAD36AE0DB7}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe (BlueStack Systems, Inc.) [File not signed]

    ==================== Restore Points =========================

    17-11-2019 22:14:58 Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020
    18-11-2019 22:25:42 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
    20-11-2019 18:21:21 Installed Razer Synapse.

    ==================== Faulty Device Manager Devices ============

    Name: CA DFU
    Description: CA DFU
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

    Name: Standard PS/2 Keyboard
    Description: Standard PS/2 Keyboard
    Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard keyboards)
    Service: i8042prt
    Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
    Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
    Devices stay in this state if they have been prepared for removal.
    After you remove the device, this error disappears.Remove the device, and this error should be resolved.

    Name: Microsoft PS/2 Mouse
    Description: Microsoft PS/2 Mouse
    Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: i8042prt
    Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
    Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
    Devices stay in this state if they have been prepared for removal.
    After you remove the device, this error disappears.Remove the device, and this error should be resolved.

    Name: H80i v2
    Description: H80i v2
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


    ==================== Event log errors: ========================

    Application errors:
    ==================
    Error: (11/19/2019 08:58:42 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: EALink.exe, version: 10.5.55.33574, time stamp: 0x5dcb1fdf
    Faulting module name: Qt5Widgets.dll, version: 5.8.0.0, time stamp: 0x5cfe7ea1
    Exception code: 0xc0000005
    Fault offset: 0x0003fe98
    Faulting process ID: 0x2f4
    Faulting application start time: 0x01d59f0b575e6c6c
    Faulting application path: C:\Program Files (x86)\Origin\EALink.exe
    Faulting module path: C:\Program Files (x86)\Origin\Qt5Widgets.dll
    Report ID: 23573f0d-108d-482d-8883-010971d8e4d9
    Faulting package full name:
    Faulting package-relative application ID:

    Error: (11/18/2019 10:26:30 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: EALink.exe, version: 10.5.55.33574, time stamp: 0x5dcb1fdf
    Faulting module name: Qt5Widgets.dll, version: 5.8.0.0, time stamp: 0x5cfe7ea1
    Exception code: 0xc0000005
    Fault offset: 0x0003fe98
    Faulting process ID: 0x3980
    Faulting application start time: 0x01d59e4e6f255dfc
    Faulting application path: C:\Program Files (x86)\Origin\EALink.exe
    Faulting module path: C:\Program Files (x86)\Origin\Qt5Widgets.dll
    Report ID: 47d7e617-9b24-4199-bb06-1a77962e010b
    Faulting package full name:
    Faulting package-relative application ID:

    Error: (11/17/2019 10:28:39 PM) (Source: Steam Client Service) (EventID: 1) (User: )
    Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe

    Error: (11/17/2019 10:05:56 PM) (Source: SecurityCenter) (EventID: 16) (User: )
    Description: Error while updating Windows Defender status to SECURITY_PRODUCT_STATE_ON.

    Error: (11/17/2019 10:05:56 PM) (Source: SecurityCenter) (EventID: 16) (User: )
    Description: Error while updating Windows Defender status to SECURITY_PRODUCT_STATE_ON.


    System errors:
    =============
    Error: (11/20/2019 06:28:38 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-DFV1PM5)
    Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
    {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
    and APPID
    {15C20B67-12E7-4BB6-92BB-7AFF07997402}
    to the user DESKTOP-DFV1PM5\SK SID (S-1-5-21-3886166584-1874284344-1482024915-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

    Error: (11/20/2019 06:27:58 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-DFV1PM5)
    Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
    {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
    and APPID
    {15C20B67-12E7-4BB6-92BB-7AFF07997402}
    to the user DESKTOP-DFV1PM5\SK SID (S-1-5-21-3886166584-1874284344-1482024915-1001) from address LocalHost (Using LRPC) running in the application container SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0 SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

    Error: (11/20/2019 06:27:54 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-DFV1PM5)
    Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
    {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
    and APPID
    {15C20B67-12E7-4BB6-92BB-7AFF07997402}
    to the user DESKTOP-DFV1PM5\SK SID (S-1-5-21-3886166584-1874284344-1482024915-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

    Error: (11/20/2019 06:27:42 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
    {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
    and APPID
    {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
    to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

    Error: (11/20/2019 06:27:42 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
    {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
    and APPID
    {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
    to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

    Error: (11/20/2019 06:27:16 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
    Description: DCOM got error "1115" attempting to start the service SecurityHealthService with arguments "Unavailable" in order to run the server:
    {2D15188C-D298-4E10-83B2-64666CCBEBBD}

    Error: (11/20/2019 06:27:15 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-DFV1PM5)
    Description: The server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} did not register with DCOM within the required timeout.

    Error: (11/20/2019 06:26:33 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-DFV1PM5)
    Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
    {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
    and APPID
    {15C20B67-12E7-4BB6-92BB-7AFF07997402}
    to the user DESKTOP-DFV1PM5\SK SID (S-1-5-21-3886166584-1874284344-1482024915-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.


    CodeIntegrity:
    ===================================

    Date: 2019-11-18 00:03:21.599
    Description:
    Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume10\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe because the set of per-page image hashes could not be found on the system.

    Date: 2019-11-18 00:03:21.596
    Description:
    Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume10\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe because the set of per-page image hashes could not be found on the system.

    ==================== Memory info ===========================

    BIOS: American Megatrends Inc. 1.60 06/28/2017
    Motherboard: MSI Z270I GAMING PRO CARBON AC (MS-7A66)
    Processor: Intel(R) Core(TM) i7-7700 CPU @ 3.60GHz
    Percentage of memory in use: 14%
    Total physical RAM: 32727.25 MB
    Available physical RAM: 28001.02 MB
    Total Virtual: 37847.25 MB
    Available Virtual: 31139.16 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:222.97 GB) (Free:107.22 GB) NTFS
    Drive d: () (Fixed) (Total:222.97 GB) (Free:22.46 GB) NTFS
    Drive e: (New Volume) (Fixed) (Total:465.75 GB) (Free:257.97 GB) NTFS

    \\?\Volume{79d3c606-3c9d-46dc-868c-8a9808a1ff5e}\ (Recovery) (Fixed) (Total:0.49 GB) (Free:0.12 GB) NTFS
    \\?\Volume{cc348161-ba2d-4592-8b86-71b222a49e86}\ (Recovery) (Fixed) (Total:0.49 GB) (Free:0.09 GB) NTFS
    \\?\Volume{4a459f15-2c08-4f8f-9b3b-b6c5cdbbabc8}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
    \\?\Volume{c4768f04-f608-45fb-b9ff-e5d2694857ed}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

    ==================== MBR & Partition Table ====================

    ==========================================================
    Disk: 0 (Size: 223.6 GB) (Disk ID: CAF37824)

    Partition: GPT.

    ==========================================================
    Disk: 1 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)

    Partition: GPT.

    ==========================================================
    Disk: 2 (Size: 223.6 GB) (Disk ID: DFC4467F)

    Partition: GPT.

    ==================== End of Addition.txt =======================
     
  7. iMacg3

    iMacg3 Malware Specialist

    Joined:
    Nov 3, 2018
    Messages:
    645
    Hi stef1808,

    The Razer Synapse software appears to be legitimate.

    ---------------------------------------------------
    Farbar Recovery Scan Tool - Fix

    • Highlight the contents of the below code box and press Ctrl + C on your keyboard:
      Code:
      Start::
      CreateRestorePoint:
      CloseProcesses:
      HKLM-x32\...\Run: [] => [X]
      FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
      ExportKey: HKLM\SYSTEM\CurrentControlSet\Services\npcap_wifi
      Emptytemp:
      End::
    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
    • Double-click FRST.exe/FRST64.exe to run it.
    • Press the Fix button just once and wait.
      Note: No need to paste the script into FRST.
    • Restart the computer if prompted.
    • When the fix is complete FRST will generate a log in the same location it was run from (Fixlog.txt)
    • Please copy and paste its contents into your reply.

    ---------------------------------------------------

    If the redirect persists, reset Chrome:

    ---------------------------------------------------
    Reset Google Chrome

    Note: this step will remove installed Chrome extensions. If you wish to keep your currently installed Chrome extensions, please note them down so they can be reinstalled later.
    For a complete list of what is removed during a Chrome reset, see here for more information.
    • Open Google Chrome.
    • Click the Menu icon in the upper right corner of the Chrome window (three dots) and select Settings.
    • Under Reset and Cleanup, select Reset Settings.
    • Select Reset Settings to confirm the reset.

    ---------------------------------------------------

    In your next reply, please include:
    • Fixlog.txt
    • Let me know if the issue with Chrome persists.
     
  8. stef1808

    stef1808 Thread Starter

    Joined:
    Aug 1, 2015
    Messages:
    51
    Chrome seems to be stable so far

    Fix result of Farbar Recovery Scan Tool (x64) Version: 21-11-2019
    Ran by SK (22-11-2019 16:06:03) Run:1
    Running from C:\Users\SK\Desktop
    Loaded Profiles: SK (Available Profiles: SK)
    Boot Mode: Normal
    ==============================================

    fixlist content:
    *****************
    CreateRestorePoint:
    CloseProcesses:
    HKLM-x32\...\Run: [] => [X]
    FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
    ExportKey: HKLM\SYSTEM\CurrentControlSet\Services\npcap_wifi
    Emptytemp:

    *****************

    Restore point was successfully created.
    Processes closed successfully.
    "HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
    HKLM\SOFTWARE\Policies\Mozilla => removed successfully
    ================== ExportKey: ===================

    [HKLM\SYSTEM\CurrentControlSet\Services\npcap_wifi]
    "Start"="4"

    === End of ExportKey ===

    =========== EmptyTemp: ==========

    BITS transfer queue => 7888896 B
    DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 29562499 B
    Java, Flash, Steam htmlcache => 289861157 B
    Windows/system/drivers => 3633896 B
    Edge => 1335693 B
    Chrome => 480122697 B
    Firefox => 0 B
    Opera => 0 B

    Temp, IE cache, history, cookies, recent:
    Default => 0 B
    Users => 0 B
    ProgramData => 0 B
    Public => 0 B
    systemprofile => 0 B
    systemprofile32 => 0 B
    LocalService => 2696 B
    NetworkService => 4916 B
    SK => 20246680 B

    RecycleBin => 155726282 B
    EmptyTemp: => 942.6 MB temporary data Removed.

    ================================


    The system needed a reboot.

    ==== End of Fixlog 16:06:18 ====
     
  9. iMacg3

    iMacg3 Malware Specialist

    Joined:
    Nov 3, 2018
    Messages:
    645
    Hi stef1808,


    ---------------------------------------------------
    ESET Online Scanner

    Download ESET Online Scanner and save it to your desktop.
    • Right-click on esetonlinescanner_enu.exe and select Run as Administrator.
    • When the tool opens, click Get Started.
    • Read and accept the license agreement.
    • At the Welcome to ESET Online Scanner window, click Get Started.
    • Select whether you would like to send anonymous data to ESET.
    • Note: if you see the "Welcome Back to ESET Online Scanner" screen, click Computer Scan > Full Scan.
    • Click on the Full Scan option.
    • Select Enable ESET to detect and remove potentially unwanted applications, then click Start scan.
    • ESET will now begin scanning your computer. This may take some time.
    • When the scan is finished and if threats have been detected, select Save scan log. Save it to your desktop as eset.txt. Click on Continue.
    • ESET Online Scanner may ask if you'd like to turn on the Periodic Scan feature. Click on Continue.
    • On the next screen, you can leave feedback about the program if you wish. Check the box for Delete application data on closing. If you left feedback, click Submit and continue. If not, Close without feedback.
    • Open the scan log on your desktop (eset.txt) and copy and paste its contents into your next reply.
    ---------------------------------------------------

    In your next reply, please include:
    • eset.txt
    • Let me know of any remaining issues with this computer.
     
  10. stef1808

    stef1808 Thread Starter

    Joined:
    Aug 1, 2015
    Messages:
    51
    Good morning

    23/11/2019 11:43:30
    Files scanned: 296255
    Infected files: 2
    Cleaned threats: 0
    Total scan time 00:24:19
    Scan status: Finished
    C:\Program Files\AVAST Software\Avast\setup\aswOfferTool.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application error while deleting (Access denied)

    C:\Program Files\AVAST Software\Avast\setup\offertool_x64_ais-959.vpx Win32/Bundled.Toolbar.Google.D potentially unsafe application error while deleting (Access denied)
     
  11. iMacg3

    iMacg3 Malware Specialist

    Joined:
    Nov 3, 2018
    Messages:
    645
    Hi stef1808,

    How is the computer doing?
     
  12. stef1808

    stef1808 Thread Starter

    Joined:
    Aug 1, 2015
    Messages:
    51
    All looking good :)
     
  13. iMacg3

    iMacg3 Malware Specialist

    Joined:
    Nov 3, 2018
    Messages:
    645
    If all is well:

    The following will remove the tools we used as well as reset system restore points:

    ---------------------------------------------------
    KpRm

    Download KpRm by kernel-panik and save it to your desktop.
    • Right-click kprm_(version).exe and select Run as Administrator.
    • When the tool opens, ensure all boxes are checked, and select Run.
    • Once complete, click OK.
    • A log will open in Notepad titled kprm-(date).txt.
    • Please copy and paste its contents in your next reply.
    ----------------------------------------------------
    Some tips to keep your computer safe on the Internet

    Make sure to use strong passwords. There are password managers (for example, Bitwarden) that can help you use secure passwords, and keep track of them.

    How to create a strong password
    ----------------------------------------------------
    Keeping software up-to-date is important as well. Programs such as UCheck, Heimdal Free, or PatchMyPC can help keep software on your computer up-to-date.

    To keep your operating system up-to-date, make sure that Windows Update is enabled on your computer.
    ----------------------------------------------------
    I recommend backing up your PC regularly. There are several ways to back up your computer, such as using a cloud-based service online, external hard drive, or CD/DVD.

    The following articles have more information about methods to back up your computer:

    What's the Best Way to Back Up My Computer?

    5 Ways to Back up Your Data
    ----------------------------------------------------
    Here are some articles about how to keep your computer safe on the Internet -

    Simple and easy ways to keep your computer safe and secure on the Internet - by Lawrence Abrams

    Answers to common security questions - Best Practices - by quietman7

    COMPUTER SECURITY - a short guide to staying safer online - Malware Removal

    PC Safety and Security - What Do I Need? - Tech Support Forum
    ----------------------------------------------------

    Safe surfing :)
     
    stef1808 likes this.
  14. stef1808

    stef1808 Thread Starter

    Joined:
    Aug 1, 2015
    Messages:
    51
    Thank you for your help
     
  15. iMacg3

    iMacg3 Malware Specialist

    Joined:
    Nov 3, 2018
    Messages:
    645
    Glad we could help.
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...

Short URL to this thread: https://techguy.org/1235843

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice