Featured Post

Best places to buy Kaspersky Anti-Virus in 2020 - Android Central

Image
Best places to buy Kaspersky Anti-Virus in 2020 - Android CentralBest places to buy Kaspersky Anti-Virus in 2020 - Android CentralAntivirus Software Market Pin-Point Analyses of Industry Competition Dynamics to Offer You a Competitive Edge - 3rd Watch NewsAntivirus Software Market Research with Covid-19 after Effects - Apsters NewsAntivirus Software Market Scope by Trends, Opportunities to Expand Significantly by 2026 - Jewish Life NewsBest places to buy Kaspersky Anti-Virus in 2020 - Android CentralPosted: 28 Apr 2020 12:00 AM PDTKaspersky Anti-Virus is one of the best computer protection programs around, and has been thoroughly tested by several third-party labs and in our own in-house tests, too. The best place to purchase a copy of Kaspersky Anti-Virus is from Kaspersky itself. However, you can often find deals through other vendors. The trick is finding a trustworthy one, so you don't accidentally purchase and download malware instead of a legitimate copy of Kaspersky. Here a…

Possible malware on computer - Virus, Trojan, Spyware, and Malware Removal Help - BleepingComputer

I clicked on some shady links by accident and I'm concerned my computer may have a virus.
 
I have attached the results of my FRST scan.
 
Thank you!

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 31-05-2020 01
Ran by donalda (administrator) on DESKTOP-OTCKE35 (EVOO Products EG-LP5) (02-06-2020 12:02:49)
Running from C:\Users\donalda\Desktop\FRST
Loaded Profiles: donalda
Platform: Windows 10 Home Version 1903 18362.836 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Discord Inc. -> Discord Inc.) C:\Users\donalda\AppData\Local\Discord\app-0.0.306\Discord.exe <6>
(Electronic Arts, Inc. -> ) C:\Program Files (x86)\Origin\QtWebEngineProcess.exe <2>
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <41>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Windows\SysWOW64\XtuService.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_ba5b1813656e5c27\igfxCUIService.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_ba5b1813656e5c27\igfxEM.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_c8b28fbed38d85d1\IntelCpHDCPSvc.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_c8b28fbed38d85d1\IntelCpHeciSvc.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel® Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\donalda\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12005.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxApp_48.65.22001.0_x64__8wekyb3d8bbwe\XboxApp.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd) C:\Windows\SysWOW64\Creative.UWPRPCService.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2004.6-0\MsMpEng.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvtfi.inf_amd64_3d2639743193941d\Display.NvContainer\NVDisplay.Container.exe <2>
(Oracle Corporation -> Oracle Corporation) C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe
(Oracle Corporation -> Oracle Corporation) C:\Program Files\Oracle\VirtualBox\VBoxSVC.exe
(Oracle Corporation -> Oracle Corporation) C:\Program Files\Oracle\VirtualBox\VirtualBox.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe <2>
(THX Ltd -> VisiSonics) C:\Windows\System32\VSHelper.exe
(THX Ltd -> VisiSonics) C:\Windows\System32\VSSrv.exe
(Uniwill Technology Inc. -> ) C:\Program Files\OEM\EVOO Control Center\UniwillService\GCUBridge.exe
(Uniwill Technology Inc. -> ) C:\Program Files\OEM\EVOO Control Center\UniwillService\MyControlCenter\GCUService.exe
(Uniwill Technology Inc. -> ) C:\Program Files\OEM\EVOO Control Center\UniwillService\MyControlCenter\OSDTpDetect.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <4>
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\RtkAudUService64.exe [878584 2019-05-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [318920 2019-05-30] (Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [185648 2020-04-02] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [SoftEther VPN Client UI Helper] => C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [5886264 2020-05-13] (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)
HKU\S-1-5-21-2453741342-3935889263-1304218048-1004\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3140368 2020-05-21] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-2453741342-3935889263-1304218048-1004\...\Run: [cdloader] => C:\Users\donalda\AppData\Roaming\mjusbsp\cdloader2.exe [58816 2019-09-19] (magicJack, L.P. -> magicJack L.P.)
HKU\S-1-5-21-2453741342-3935889263-1304218048-1004\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3372832 2020-05-15] (Valve -> Valve Corporation)
HKU\S-1-5-21-2453741342-3935889263-1304218048-1004\...\Run: [f.lux] => C:\Users\donalda\AppData\Local\FluxSoftware\Flux\flux.exe [1385480 2019-08-30] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-2453741342-3935889263-1304218048-1004\...\Run: [Discord] => C:\Users\donalda\AppData\Local\Discord\app-0.0.306\Discord.exe [90950968 2020-02-24] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-2453741342-3935889263-1304218048-1004\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [31867792 2020-05-19] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-2453741342-3935889263-1304218048-1004\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox --restore-last-session --flag-switches-begin --flag-switches-end - (the data entry has 102 more characters).
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.61\Installer\chrmstp.exe [2020-05-28] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SoftEther VPN Client Manager Startup.lnk [2020-05-13]
ShortcutTarget: SoftEther VPN Client Manager Startup.lnk -> C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0D33857E-B85E-4345-AEA9-5D18FFDC67DD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\MpCmdRun.exe [485944 2020-05-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {27BC69FA-BBE5-4B83-8CE5-BBE270A1154C} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [1652536 2018-11-05] (Intel® Software -> Intel Corporation)
Task: {2C880BE1-57DF-4CD7-842A-ED1804D2555A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\MpCmdRun.exe [485944 2020-05-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3575CEA2-4113-469B-B297-A02A54FA54B5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\MpCmdRun.exe [485944 2020-05-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4E3D0650-F1C4-45C4-A39F-D5DFA415C98A} - System32\Tasks\THX Ltd\THX Update Service\Event-Triggered-Restart => C:\Windows\system32\shutdown.exe [26624 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
Task: {86B7D8BD-3EA9-4C95-9B20-88D43D5849EA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-11] (Google LLC -> Google LLC)
Task: {940FAF29-3B40-4F7D-8244-0F485EF04AFA} - System32\Tasks\THX Ltd\THX Update Service\THX-Update-Service-With-Syslog => C:\Program Files\THX\thx-update-svc.exe [11759104 2020-03-03] (THX Ltd) [File not signed]
Task: {DA49E3B1-1826-4E3F-9C5B-E661EC626AB7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\MpCmdRun.exe [485944 2020-05-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E1EF3839-ECC8-42E6-ACB1-9029FFF88374} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-11] (Google LLC -> Google LLC)
Task: {F2288A0B-659A-4062-9FAF-15B631FDF4CF} - System32\Tasks\THX Ltd\THX Update Service\THX-Upgrade-Install-At-Logon => powershell.exe -ExecutionPolicy Bypass -File "%PROGRAMFILES%\thx\THX-Upgrade-Install.ps1"

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 72.44.127.5 72.44.127.4 216.234.97.3 8.8.8.8
Tcpip\..\Interfaces\{adce0d5b-731b-4461-b534-06fc6fabb886}: [DhcpNameServer] 72.44.127.5 72.44.127.4 216.234.97.3 8.8.8.8
Tcpip\..\Interfaces\{c4ef1cd9-b1b3-446f-9ea4-6154c76aa9a4}: [DhcpNameServer] 72.44.127.5 72.44.127.4 216.234.97.3 8.8.8.8

Internet Explorer:
==================
HKU\S-1-5-21-2453741342-3935889263-1304218048-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://OEM17win10.msn.com/?pc=NMTE
HKU\S-1-5-21-2453741342-3935889263-1304218048-1004\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://OEM17win10.msn.com/?pc=NMTE
SearchScopes: HKLM -> DefaultScope {D4806136-A225-428E-A5FE-CABFE706D2E5} URL = hxxp://https://ift.tt/3eKHiay
SearchScopes: HKLM -> {D4806136-A225-428E-A5FE-CABFE706D2E5} URL = hxxp://https://ift.tt/3eKHiay
SearchScopes: HKLM-x32 -> DefaultScope {D4806136-A225-428E-A5FE-CABFE706D2E5} URL = hxxp://https://ift.tt/3eKHiay
SearchScopes: HKLM-x32 -> {D4806136-A225-428E-A5FE-CABFE706D2E5} URL = hxxp://https://ift.tt/3eKHiay

FireFox:
========
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB) [File not signed]

Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\donalda\AppData\Local\Google\Chrome\User Data\Default [2020-05-11]
CHR Extension: (Slides) - C:\Users\donalda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-05-11]
CHR Extension: (Docs) - C:\Users\donalda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-05-11]
CHR Extension: (Google Drive) - C:\Users\donalda\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-05-11]
CHR Extension: (YouTube) - C:\Users\donalda\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-05-11]
CHR Extension: (uBlock Origin) - C:\Users\donalda\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2020-05-11]
CHR Extension: (Sheets) - C:\Users\donalda\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-05-11]
CHR Extension: (Google Docs Offline) - C:\Users\donalda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-05-11]
CHR Extension: (Chrome Web Store Payments) - C:\Users\donalda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-05-11]
CHR Extension: (Gmail) - C:\Users\donalda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-05-11]
CHR Extension: (Chrome Media Router) - C:\Users\donalda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-05-11]
CHR Profile: C:\Users\donalda\AppData\Local\Google\Chrome\User Data\Profile 1 [2020-06-02]
CHR Extension: (Slides) - C:\Users\donalda\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-05-11]
CHR Extension: (Docs) - C:\Users\donalda\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2020-05-11]
CHR Extension: (Google Drive) - C:\Users\donalda\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-05-11]
CHR Extension: (YouTube) - C:\Users\donalda\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-05-11]
CHR Extension: (uBlock Origin) - C:\Users\donalda\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2020-05-31]
CHR Extension: (Sheets) - C:\Users\donalda\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-05-11]
CHR Extension: (Google Docs Offline) - C:\Users\donalda\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-05-21]
CHR Extension: (Chrome Web Store Payments) - C:\Users\donalda\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-05-11]
CHR Extension: (Gmail) - C:\Users\donalda\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-05-11]
CHR Extension: (Chrome Media Router) - C:\Users\donalda\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-05-28]
CHR Profile: C:\Users\donalda\AppData\Local\Google\Chrome\User Data\System Profile [2020-05-11]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2358784 2020-04-02] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2358784 2020-04-02] (ESET, spol. s r.o. -> ESET)
R2 GCUBridge; C:\Program Files\OEM\EVOO Control Center\UniwillService\GCUBridge.exe [54336 2019-09-27] (Uniwill Technology Inc. -> )
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [290280 2019-06-02] (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2496816 2020-05-21] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3449656 2020-05-21] (Electronic Arts, Inc. -> Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2020-05-12] (Even Balance, Inc. -> )
S2 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [13059640 2020-05-27] (Adlice -> )
R2 SEVPNCLIENT; C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [5886264 2020-05-13] (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)
R2 UWPService; C:\Windows\SysWOW64\Creative.UWPRPCService.exe [363968 2019-05-06] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd)
R3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [694016 2020-05-14] (Oracle Corporation -> Oracle Corporation)
R2 VSSrv; C:\Windows\system32\VSSrv.exe [219352 2020-03-27] (THX Ltd -> VisiSonics)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\NisSrv.exe [3304992 2020-05-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\MsMpEng.exe [103376 2020-05-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 XTU3SERVICE; C:\Windows\SysWOW64\XtuService.exe [82200 2019-09-25] (Intel Corporation -> Intel® Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [4110624 2019-05-14] (Intel Corporation -> Intel® Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvtfi.inf_amd64_3d2639743193941d\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvtfi.inf_amd64_3d2639743193941d\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [154336 2020-04-02] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [15800 2020-04-01] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [188872 2020-04-02] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [115960 2020-04-02] (ESET, spol. s r.o. -> ESET)
R2 inpoutx64; C:\Windows\System32\Drivers\inpoutx64.sys [15008 2019-10-26] (Red Fox UK Limited -> Highresolution Enterprises [www.highrez.co.uk])
S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [140672 2016-03-10] (Malwarebytes Corporation -> Malwarebytes)
R3 MBfilt; C:\Windows\system32\drivers\MBfilt64.sys [43456 2019-05-06] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd.)
R3 Neo_VPN; C:\Windows\System32\drivers\Neo6_x64_VPN.sys [37824 2020-05-13] (SoftEther Corporation -> SoftEther Corporation)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvtfi.inf_amd64_3d2639743193941d\nvlddmkm.sys [23454440 2020-05-18] (NVIDIA Corporation -> NVIDIA Corporation)
R1 SeLow; C:\Windows\system32\DRIVERS\SeLow_x64.sys [50624 2020-05-13] (SoftEther Corporation -> SoftEther Corporation)
R3 SparkIO; C:\Windows\system32\SparkIO.sys [22128 2019-03-21] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 THXVAD; C:\Windows\System32\drivers\THXVAD.sys [99552 2020-03-27] (THX Ltd -> Windows ® Win 7 DDK provider)
R3 UcmCxUcsiNvppc; C:\Windows\System32\drivers\UcmCxUcsiNvppc.sys [715680 2020-04-11] (NVIDIA Corporation -> NVIDIA Corporation)
R3 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [237392 2020-05-14] (Oracle Corporation -> Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [248248 2020-05-14] (Oracle Corporation -> Oracle Corporation)
R3 vhidmini; C:\Windows\System32\drivers\vhidmini.sys [22944 2019-02-18] (Microsoft Windows Hardware Compatibility Publisher -> Windows ® Win 7 DDK provider)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [45960 2020-05-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [394680 2020-05-11] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [64944 2020-05-11] (Microsoft Windows -> Microsoft Corporation)
S3 WinRing0_1_2_0; C:\Users\donalda\Desktop\ThrottleStop\WinRing0x64.sys [14544 2020-05-11] (Noriyuki MIYAZAKI -> OpenLibSys.org)
R3 XtuAcpiDriver; C:\Windows\System32\drivers\XtuAcpiDriver.sys [55472 2019-09-25] (Intel Corporation -> Intel Corporation)
R3 XTUComponent; C:\Windows\System32\drivers\iocbios2.sys [48632 2019-09-25] (Intel Corporation -> Intel Corporation)
S3 cpuz149; \??\C:\Windows\temp\cpuz149\cpuz149_x64.sys [X]
S4 nvvhci; \SystemRoot\System32\drivers\nvvhci.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-06-02 11:42 - 2020-06-02 12:02 - 3615192016 _____ C:\Users\donalda\Downloads\Unconfirmed 822850.crdownload
2020-06-02 11:40 - 2020-06-02 11:41 - 000000000 ____D C:\Users\donalda\.VirtualBox
2020-06-02 11:40 - 2020-06-02 11:40 - 000000000 ____D C:\Users\donalda\VirtualBox VMs
2020-06-02 11:40 - 2020-06-02 11:40 - 000000000 ____D C:\ProgramData\VirtualBox
2020-06-02 11:39 - 2020-06-02 11:39 - 000001149 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2020-06-02 11:39 - 2020-06-02 11:39 - 000001149 _____ C:\ProgramData\Desktop\Oracle VM VirtualBox.lnk
2020-06-02 11:39 - 2020-06-02 11:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2020-06-02 11:39 - 2020-06-02 11:39 - 000000000 ____D C:\Program Files\Oracle
2020-06-02 11:39 - 2020-05-14 13:57 - 000188080 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2020-06-02 11:39 - 2020-05-14 13:56 - 001024864 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2020-06-02 11:36 - 2020-06-02 11:37 - 170617352 _____ (Oracle Corporation) C:\Users\donalda\Downloads\VirtualBox-6.0.22-137980-Win.exe
2020-05-31 05:14 - 2020-05-31 05:20 - 000192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2020-05-31 05:14 - 2020-05-31 05:14 - 000001175 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2020-05-31 05:14 - 2020-05-31 05:14 - 000001175 _____ C:\ProgramData\Desktop\Malwarebytes Anti-Malware.lnk
2020-05-31 05:14 - 2020-05-31 05:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2020-05-31 05:14 - 2020-05-31 05:14 - 000000000 ____D C:\ProgramData\MB2Migration
2020-05-31 05:14 - 2020-05-31 05:14 - 000000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2020-05-31 05:14 - 2016-03-10 14:09 - 000065408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2020-05-31 05:14 - 2016-03-10 14:08 - 000140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2020-05-31 05:14 - 2016-03-10 14:08 - 000027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2020-05-31 05:13 - 2020-05-31 05:13 - 006705178 _____ C:\Users\donalda\Downloads\mbam-chameleon-3.1.33.0.zip
2020-05-31 05:13 - 2020-05-31 05:13 - 000000000 ____D C:\Users\donalda\Desktop\Chameleon
2020-05-31 04:56 - 2020-05-31 04:56 - 000000000 ____D C:\KVRT_Data
2020-05-31 04:54 - 2020-05-31 04:55 - 175983032 _____ (AO Kaspersky Lab) C:\Users\donalda\Downloads\KVRT.exe
2020-05-31 04:41 - 2020-05-31 04:41 - 000000000 ____D C:\Users\donalda\Doctor Web
2020-05-31 04:41 - 2020-05-31 04:41 - 000000000 ____D C:\ProgramData\Doctor Web
2020-05-31 04:40 - 2020-05-31 04:40 - 220198552 _____ C:\Users\donalda\Downloads\7w0cj1kl.exe
2020-05-31 04:29 - 2020-05-31 04:29 - 000744808 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2020-05-29 16:26 - 2020-05-29 16:26 - 000000000 ____D C:\Program Files\UNP
2020-05-29 00:41 - 2020-05-29 00:46 - 000000000 ____D C:\ProgramData\RogueKiller
2020-05-29 00:41 - 2020-05-29 00:41 - 000000899 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2020-05-29 00:41 - 2020-05-29 00:41 - 000000899 _____ C:\ProgramData\Desktop\RogueKiller.lnk
2020-05-29 00:41 - 2020-05-29 00:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2020-05-29 00:41 - 2020-05-29 00:41 - 000000000 ____D C:\Program Files\RogueKiller
2020-05-29 00:40 - 2020-05-29 00:40 - 039917608 _____ (Adlice Software ) C:\Users\donalda\Downloads\RogueKiller_setup_ref3.exe
2020-05-29 00:15 - 2020-05-29 00:15 - 000042236 _____ C:\Users\donalda\Downloads\Shortcut.txt
2020-05-28 18:40 - 2020-05-28 18:40 - 000000000 ____D C:\Windows\LastGood.Tmp
2020-05-28 18:37 - 2020-05-18 16:44 - 001729232 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2020-05-28 18:37 - 2020-05-18 16:44 - 001729232 _____ C:\Windows\system32\vulkaninfo.exe
2020-05-28 18:37 - 2020-05-18 16:44 - 001329360 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-05-28 18:37 - 2020-05-18 16:44 - 001329360 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2020-05-28 18:37 - 2020-05-18 16:44 - 001079000 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2020-05-28 18:37 - 2020-05-18 16:44 - 001079000 _____ C:\Windows\system32\vulkan-1.dll
2020-05-28 18:37 - 2020-05-18 16:44 - 000937680 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2020-05-28 18:37 - 2020-05-18 16:44 - 000937680 _____ C:\Windows\SysWOW64\vulkan-1.dll
2020-05-28 18:37 - 2020-05-18 16:44 - 000451480 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2020-05-28 18:37 - 2020-05-18 16:44 - 000348048 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2020-05-28 18:37 - 2020-05-18 16:41 - 011944864 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2020-05-28 18:37 - 2020-05-18 16:41 - 010286480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2020-05-28 18:37 - 2020-05-18 16:40 - 001005968 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll
2020-05-28 18:37 - 2020-05-18 16:40 - 000816872 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcumd.dll
2020-05-28 18:37 - 2020-05-18 16:40 - 000676240 _____ C:\Windows\system32\nvofapi64.dll
2020-05-28 18:37 - 2020-05-18 16:40 - 000543136 _____ C:\Windows\SysWOW64\nvofapi.dll
2020-05-28 18:37 - 2020-05-18 16:39 - 002073008 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2020-05-28 18:37 - 2020-05-18 16:39 - 001566104 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2020-05-28 18:37 - 2020-05-18 16:39 - 001482144 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2020-05-28 18:37 - 2020-05-18 16:39 - 001350576 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2020-05-28 18:37 - 2020-05-18 16:39 - 001142008 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2020-05-28 18:37 - 2020-05-18 16:39 - 001048488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2020-05-28 18:37 - 2020-05-18 16:39 - 000680864 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2020-05-28 18:37 - 2020-05-18 16:39 - 000561400 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe
2020-05-28 18:37 - 2020-05-18 16:39 - 000546728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2020-05-28 18:37 - 2020-05-18 16:38 - 005856664 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2020-05-28 18:37 - 2020-05-18 16:38 - 000811256 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2020-05-28 18:37 - 2020-05-18 16:38 - 000444816 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe
2020-05-28 18:37 - 2020-05-18 16:37 - 017600240 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2020-05-28 18:37 - 2020-05-18 16:37 - 015157992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2020-05-28 18:37 - 2020-05-18 16:37 - 005159312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2020-05-28 18:37 - 2020-05-18 16:37 - 000849824 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe
2020-05-28 18:37 - 2020-05-18 16:36 - 004195672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2020-05-28 18:37 - 2020-05-16 03:07 - 000077294 _____ C:\Windows\system32\nvinfo.pb
2020-05-28 18:36 - 2020-05-28 18:37 - 560938496 _____ (NVIDIA Corporation) C:\Users\donalda\Downloads\446.14-desktop-win10-64bit-international-dch-whql.exe
2020-05-28 17:30 - 2020-05-28 17:30 - 001295576 _____ (Google LLC) C:\Users\donalda\Downloads\ChromeSetup.exe
2020-05-28 17:12 - 2020-06-02 12:02 - 000000000 ____D C:\Users\donalda\Desktop\FRST
2020-05-28 14:43 - 2020-05-28 14:44 - 000312572 _____ C:\TDSSKiller.3.1.0.28_28.05.2020_14.43.15_log.txt
2020-05-28 14:15 - 2020-05-31 05:14 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-05-28 14:13 - 2020-05-28 17:23 - 000000000 ____D C:\Users\donalda\Desktop\mbar
2020-05-28 14:13 - 2020-05-28 14:21 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2020-05-28 13:53 - 2020-05-28 13:53 - 000000000 ____D C:\Users\donalda\AppData\Roaming\Avast Software
2020-05-28 13:50 - 2020-05-28 17:13 - 000000000 ____D C:\ProgramData\Avast Software
2020-05-28 13:50 - 2020-05-28 13:50 - 000000000 ____D C:\Program Files\Avast Software
2020-05-28 13:48 - 2020-05-29 00:15 - 000049339 _____ C:\Users\donalda\Downloads\Addition.txt
2020-05-28 13:47 - 2020-06-02 12:03 - 000000000 ____D C:\FRST
2020-05-28 13:47 - 2020-05-29 00:15 - 000267327 _____ C:\Users\donalda\Downloads\FRST.txt
2020-05-28 12:38 - 2020-05-28 17:23 - 000000000 ___HD C:\$SysReset
2020-05-28 12:35 - 2020-05-28 12:38 - 000000000 ____D C:\ProgramData\HitmanPro
2020-05-28 12:26 - 2020-05-28 12:26 - 000000000 ____D C:\Users\donalda\AppData\Local\ESET
2020-05-27 15:18 - 2020-05-27 15:18 - 002234941 _____ C:\Users\donalda\Downloads\sevis-images.zip
2020-05-27 15:15 - 2020-05-27 15:19 - 000000000 ____D C:\Users\donalda\Desktop\Immigration
2020-05-27 15:00 - 2020-05-27 15:00 - 000199050 _____ C:\Users\donalda\Downloads\donald aaron Intern Offer Letter 03_18_2020-signed.pdf
2020-05-27 00:10 - 2020-05-27 00:10 - 000097055 _____ C:\Users\donalda\Downloads\donald_aaron_Intern_Offer_Letter_03_18_2020.pdf
2020-05-27 00:06 - 2020-05-27 00:06 - 000105756 _____ C:\Users\donalda\Downloads\donald aaron Intern Offer Letter 03_18_2020.pdf
2020-05-22 17:55 - 2020-05-26 21:05 - 000000000 ____D C:\Users\donalda\Desktop\images
2020-05-21 03:07 - 2020-05-21 03:07 - 001674989 _____ C:\Users\donalda\Downloads\Jump Start Invite.pdf
2020-05-21 03:07 - 2020-05-21 03:07 - 001346001 _____ C:\Users\donalda\Downloads\REMOTE_jumpstart_invite_7.23.17.pdf
2020-05-20 22:04 - 2020-05-20 22:04 - 000000438 _____ C:\Users\donalda\Downloads\Flag_of_Yugoslavia_(1946-1992).svg
2020-05-20 17:06 - 2020-05-20 17:06 - 000021652 _____ C:\Users\donalda\Downloads\4DWPG_0520143350785.pdf
2020-05-19 13:52 - 2020-05-19 13:52 - 137578759 _____ C:\Users\donalda\Downloads\com-24834.mp4
2020-05-17 17:00 - 2020-05-17 17:00 - 000001062 _____ C:\Users\Public\Desktop\Crysis 3.lnk
2020-05-17 17:00 - 2020-05-17 17:00 - 000001062 _____ C:\ProgramData\Desktop\Crysis 3.lnk
2020-05-17 17:00 - 2020-05-17 17:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crysis 3
2020-05-16 17:30 - 2020-05-16 17:30 - 000554202 _____ C:\Users\donalda\Downloads\cru-1.4.2.zip
2020-05-16 17:30 - 2020-05-16 17:30 - 000000000 ____D C:\Users\donalda\Desktop\CRU
2020-05-14 21:07 - 2020-05-14 21:07 - 000000000 ____D C:\Program Files\Epic Games
2020-05-14 20:15 - 2020-05-14 20:15 - 000000000 ____D C:\Program Files\Reference Assemblies
2020-05-14 20:15 - 2020-05-14 20:15 - 000000000 ____D C:\Program Files\MSBuild
2020-05-14 20:15 - 2020-05-14 20:15 - 000000000 ____D C:\Program Files (x86)\MSBuild
2020-05-14 20:15 - 2019-02-05 18:41 - 000778912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationNative_v0300.dll
2020-05-14 20:15 - 2019-02-05 18:41 - 000103072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2020-05-14 20:15 - 2019-02-05 18:41 - 000035592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2020-05-14 20:14 - 2019-03-01 17:31 - 001166488 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll
2020-05-14 20:14 - 2019-03-01 17:31 - 000124568 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2020-05-14 20:14 - 2019-03-01 17:31 - 000035592 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2020-05-14 20:13 - 2020-05-14 20:13 - 000001270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2020-05-14 20:13 - 2020-05-14 20:13 - 000001258 _____ C:\Users\Public\Desktop\Epic Games Launcher.lnk
2020-05-14 20:13 - 2020-05-14 20:13 - 000001258 _____ C:\ProgramData\Desktop\Epic Games Launcher.lnk
2020-05-14 20:13 - 2020-05-14 20:13 - 000000000 ____D C:\Users\donalda\AppData\Local\UnrealEngineLauncher
2020-05-14 20:13 - 2020-05-14 20:13 - 000000000 ____D C:\Users\donalda\AppData\Local\UnrealEngine
2020-05-14 20:13 - 2020-05-14 20:13 - 000000000 ____D C:\Users\donalda\AppData\Local\EpicGamesLauncher
2020-05-14 20:12 - 2020-05-14 20:14 - 000000000 ____D C:\ProgramData\Epic
2020-05-14 20:12 - 2020-05-14 20:12 - 000000000 ____D C:\Program Files (x86)\Epic Games
2020-05-14 20:11 - 2020-05-14 20:11 - 044081152 _____ C:\Users\donalda\Downloads\EpicInstaller-10.15.2-unrealtournament.msi
2020-05-14 13:56 - 2020-05-14 13:56 - 000248248 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetLwf.sys
2020-05-14 13:56 - 2020-05-14 13:56 - 000237392 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetAdp6.sys
2020-05-13 11:15 - 2020-06-01 15:10 - 000000000 ____D C:\Program Files\SoftEther VPN Client
2020-05-13 11:15 - 2020-05-13 11:15 - 000143672 _____ (SoftEther VPN Project at University of Tsukuba, Japan.) C:\Windows\system32\vpncmd.exe
2020-05-13 11:15 - 2020-05-13 11:15 - 000050624 _____ (SoftEther Corporation) C:\Windows\system32\Drivers\SeLow_x64.sys
2020-05-13 11:15 - 2020-05-13 11:15 - 000037824 _____ (SoftEther Corporation) C:\Windows\system32\Drivers\Neo6_x64_VPN.sys
2020-05-13 11:15 - 2020-05-13 11:15 - 000001980 _____ C:\ProgramData\Microsoft\Windows\Start Menu\SoftEther VPN Client Manager.lnk
2020-05-13 11:15 - 2020-05-13 11:15 - 000001974 _____ C:\Users\Public\Desktop\SoftEther VPN Client Manager.lnk
2020-05-13 11:15 - 2020-05-13 11:15 - 000001974 _____ C:\ProgramData\Desktop\SoftEther VPN Client Manager.lnk
2020-05-13 11:15 - 2020-05-13 11:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoftEther VPN Client
2020-05-13 11:14 - 2020-05-13 11:14 - 000000000 ____D C:\Users\donalda\Desktop\VPM
2020-05-13 11:13 - 2020-05-13 11:14 - 061907424 _____ C:\Users\donalda\Downloads\vpngate-client-2020.05.14-build-9745.147165.zip
2020-05-13 10:43 - 2020-05-13 10:43 - 000001128 _____ C:\Users\donalda\Desktop\Twitch Studio.lnk
2020-05-13 10:43 - 2020-05-13 10:43 - 000001114 _____ C:\Users\donalda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Twitch Studio.lnk
2020-05-13 10:42 - 2020-05-13 10:43 - 000000000 ____D C:\Users\donalda\AppData\Roaming\Twitch Studio
2020-05-13 10:42 - 2020-05-13 10:42 - 001235664 _____ (Twitch Interactive, Inc.) C:\Users\donalda\Downloads\TwitchStudioSetup-network_[usher-530078622][referrer-dashboard_home].exe
2020-05-13 10:10 - 2020-05-31 15:53 - 000001206 _____ C:\ProgramData\NvcDispCorePlugin.log_backup1
2020-05-13 10:07 - 2020-04-11 11:40 - 000715680 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\UcmCxUcsiNvppc.sys
2020-05-13 10:07 - 2020-04-11 11:40 - 000039824 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhdap64.dll
2020-05-13 10:05 - 2020-04-03 21:49 - 000106838 _____ C:\Windows\system32\nvidia-smi.1.pdf
2020-05-13 10:04 - 2020-05-13 10:05 - 561724768 _____ (NVIDIA Corporation) C:\Users\donalda\Downloads\445.87-desktop-win10-64bit-international-dch-whql.exe
2020-05-13 09:22 - 2020-05-13 09:23 - 000000000 ____D C:\1eb3e28434d95d498741ad58942633
2020-05-13 09:22 - 2020-05-13 09:22 - 001260536 _____ (Microsoft Corporation) C:\Users\donalda\Downloads\NetFxRepairTool.exe
2020-05-13 09:22 - 2020-05-13 09:22 - 000347608 _____ C:\Users\donalda\Desktop\FixDotNet20200513132257600.cab
2020-05-13 04:10 - 2020-06-02 12:02 - 000000000 ____D C:\Users\donalda\AppData\Roaming\discord
2020-05-13 04:10 - 2020-05-13 04:10 - 000002237 _____ C:\Users\donalda\Desktop\Discord.lnk
2020-05-13 04:10 - 2020-05-13 04:10 - 000000000 ____D C:\Users\donalda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2020-05-13 04:10 - 2020-05-13 04:10 - 000000000 ____D C:\Users\donalda\AppData\Local\SquirrelTemp
2020-05-13 04:10 - 2020-05-13 04:10 - 000000000 ____D C:\Users\donalda\AppData\Local\Discord
2020-05-13 04:09 - 2020-05-13 04:09 - 062620472 _____ (Discord Inc.) C:\Users\donalda\Downloads\DiscordSetup.exe
2020-05-13 04:01 - 2020-05-13 04:01 - 000000000 ____D C:\ProgramData\ssh
2020-05-12 21:10 - 2020-05-12 21:10 - 000162013 _____ C:\Users\donalda\Downloads\donald aaron Updated CPT Letter.pdf
2020-05-12 20:59 - 2020-05-12 20:59 - 000076152 _____ C:\Windows\system32\PnkBstrA.exe
2020-05-12 20:48 - 2020-05-12 20:50 - 000000000 ____D C:\Users\donalda\Documents\Battlefield 4
2020-05-12 20:22 - 2020-05-12 20:22 - 000001308 _____ C:\Users\Public\Desktop\Battlefield 4.lnk
2020-05-12 20:22 - 2020-05-12 20:22 - 000001308 _____ C:\ProgramData\Desktop\Battlefield 4.lnk
2020-05-12 20:22 - 2020-05-12 20:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 4
2020-05-12 20:22 - 2020-05-12 20:22 - 000000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2020-05-12 19:35 - 2020-05-12 19:35 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2020-05-12 04:44 - 2020-05-12 04:44 - 000000000 ____D C:\Users\donalda\AppData\Local\OneDrive
2020-05-12 04:37 - 2020-05-13 01:46 - 000000000 ____D C:\Windows\system32\MRT
2020-05-12 04:37 - 2020-05-13 01:32 - 120636720 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2020-05-12 04:36 - 2020-03-16 23:57 - 000390656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2020-05-12 04:36 - 2020-03-16 23:56 - 000492544 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2020-05-12 04:32 - 2020-05-12 04:32 - 001912432 _____ (CPUID, Inc. ) C:\Users\donalda\Downloads\cpu-z_1.92-en.exe
2020-05-12 04:32 - 2020-05-12 04:32 - 000000914 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2020-05-12 04:32 - 2020-05-12 04:32 - 000000914 _____ C:\ProgramData\Desktop\CPUID CPU-Z.lnk
2020-05-12 04:32 - 2020-05-12 04:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2020-05-12 04:32 - 2020-05-12 04:32 - 000000000 ____D C:\Program Files\CPUID
2020-05-12 03:43 - 2020-05-12 03:43 - 000654152 _____ C:\Users\donalda\Downloads\flux-setup.exe
2020-05-12 03:43 - 2020-05-12 03:43 - 000002160 _____ C:\Users\donalda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\f.lux.lnk
2020-05-12 03:43 - 2020-05-12 03:43 - 000000000 ____D C:\Users\donalda\AppData\Local\FluxSoftware
2020-05-12 02:51 - 2020-05-12 02:51 - 000000000 ____D C:\Users\donalda\AppData\Local\tjnet
2020-05-12 02:46 - 2020-05-12 04:09 - 1094913739 _____ C:\Windows\MEMORY.DMP
2020-05-12 02:46 - 2020-05-12 02:46 - 000606404 _____ C:\Windows\Minidump\051120-19875-01.dmp
2020-05-12 02:42 - 2020-06-02 09:52 - 000007636 _____ C:\Users\donalda\AppData\Local\Resmon.ResmonCfg
2020-05-11 23:34 - 2020-05-11 23:34 - 000000219 _____ C:\Users\donalda\Desktop\Counter-Strike Global Offensive.url
2020-05-11 23:34 - 2020-05-11 23:34 - 000000000 ____D C:\Users\donalda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2020-05-11 23:33 - 2020-05-11 23:33 - 000000000 ____D C:\Users\donalda\AppData\Local\Steam
2020-05-11 23:32 - 2020-06-01 15:10 - 000000000 ____D C:\Program Files (x86)\Steam
2020-05-11 23:32 - 2020-05-11 23:32 - 001573568 _____ C:\Users\donalda\Downloads\SteamSetup.exe
2020-05-11 23:32 - 2020-05-11 23:32 - 000001036 _____ C:\Users\Public\Desktop\Steam.lnk
2020-05-11 23:32 - 2020-05-11 23:32 - 000001036 _____ C:\ProgramData\Desktop\Steam.lnk
2020-05-11 23:32 - 2020-05-11 23:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2020-05-11 22:32 - 2020-05-30 16:55 - 000000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2020-05-11 22:32 - 2020-05-11 22:32 - 000000000 ___HD C:\Windows\msdownld.tmp
2020-05-11 22:32 - 2020-05-11 22:32 - 000000000 ____D C:\Windows\SysWOW64\directx
2020-05-11 22:32 - 2020-05-11 22:32 - 000000000 ____D C:\Users\donalda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server
2020-05-11 22:31 - 2020-05-13 20:29 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2020-05-11 22:31 - 2020-05-11 22:31 - 000001159 _____ C:\Users\donalda\Desktop\MSI Afterburner.lnk
2020-05-11 22:31 - 2020-05-11 22:31 - 000000000 ____D C:\Users\donalda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2020-05-11 22:30 - 2020-05-11 22:30 - 050449037 _____ C:\Users\donalda\Downloads\MSIAfterburnerSetup.zip
2020-05-11 22:09 - 2020-05-11 22:39 - 000000000 ____D C:\Users\donalda\Documents\Call of Duty Modern Warfare
2020-05-11 22:09 - 2020-05-11 22:09 - 000000000 ____D C:\Users\donalda\AppData\Roaming\NVIDIA
2020-05-11 22:09 - 2020-05-11 22:09 - 000000000 ____D C:\Users\donalda\ansel
2020-05-11 22:03 - 2020-05-11 22:03 - 000001078 _____ C:\Users\Public\Desktop\Call of Duty Modern Warfare.lnk
2020-05-11 22:03 - 2020-05-11 22:03 - 000001078 _____ C:\ProgramData\Desktop\Call of Duty Modern Warfare.lnk
2020-05-11 22:03 - 2020-05-11 22:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Call of Duty Modern Warfare
2020-05-11 20:11 - 2020-05-11 23:36 - 000001036 _____ C:\Users\donalda\Desktop\magicJack.lnk
2020-05-11 20:11 - 2020-05-11 23:36 - 000001022 _____ C:\Users\donalda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\magicJack.lnk
2020-05-11 20:11 - 2020-05-11 23:36 - 000000000 ____D C:\Users\donalda\AppData\Roaming\mjusbsp
2020-05-11 20:11 - 2020-05-11 20:47 - 000000000 ____D C:\Users\donalda\AppData\Local\magicJack
2020-05-11 20:11 - 2020-05-11 20:11 - 000000000 ____D C:\ProgramData\magicJack
2020-05-11 19:04 - 2020-05-11 19:04 - 000002685 _____ C:\Users\Public\Desktop\Intel® Extreme Tuning Utility.lnk
2020-05-11 19:04 - 2020-05-11 19:04 - 000002685 _____ C:\ProgramData\Desktop\Intel® Extreme Tuning Utility.lnk
2020-05-11 19:04 - 2020-05-11 19:04 - 000000000 ____D C:\Windows\system32\Tasks\Intel
2020-05-11 19:03 - 2020-05-11 19:03 - 029385288 _____ (Intel Corporation) C:\Users\donalda\Downloads\XTUSetup.exe
2020-05-11 19:00 - 2020-05-11 19:00 - 007200744 _____ (Microsoft Corporation) C:\Users\donalda\Downloads\vcredist_x64 (1).exe
2020-05-11 19:00 - 2020-05-11 19:00 - 007194312 _____ (Microsoft Corporation) C:\Users\donalda\Downloads\vcredist_x64.exe
2020-05-11 19:00 - 2020-05-11 19:00 - 006510136 _____ (Microsoft Corporation) C:\Users\donalda\Downloads\vcredist_x86 (1).exe
2020-05-11 19:00 - 2020-05-11 19:00 - 006503984 _____ (Microsoft Corporation) C:\Users\donalda\Downloads\vcredist_x86.exe
2020-05-11 18:58 - 2020-05-12 02:53 - 000000000 ____D C:\Users\donalda\Desktop\ThrottleStop
2020-05-11 18:58 - 2020-05-11 18:58 - 000231391 _____ C:\Users\donalda\Downloads\ThrottleStop_8.70.6.zip
2020-05-11 18:51 - 2020-06-02 09:24 - 000348360 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2020-05-11 18:51 - 2020-05-13 10:59 - 000000000 ____D C:\ProgramData\EA Logs
2020-05-11 18:51 - 2020-05-12 20:50 - 000000000 ____D C:\Users\donalda\AppData\Local\PunkBuster
2020-05-11 18:51 - 2020-05-11 18:51 - 000000000 ____D C:\Users\donalda\Documents\Battlefield 3
2020-05-11 18:51 - 2020-05-11 18:51 - 000000000 ____D C:\ProgramData\EA Core
2020-05-11 18:46 - 2020-06-02 09:24 - 000348360 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2020-05-11 18:46 - 2020-06-02 09:24 - 000280904 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2020-05-11 18:46 - 2020-05-13 11:21 - 000076152 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2020-05-11 18:46 - 2020-05-13 11:21 - 000001247 _____ C:\Users\Public\Desktop\Battlefield 3.lnk
2020-05-11 18:46 - 2020-05-13 11:21 - 000001247 _____ C:\ProgramData\Desktop\Battlefield 3.lnk
2020-05-11 18:46 - 2020-05-11 18:46 - 000000000 ____D C:\Users\donalda\AppData\Local\Electronic Arts
2020-05-11 18:46 - 2020-05-11 18:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3
2020-05-11 18:46 - 2010-06-02 07:55 - 000527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2020-05-11 18:46 - 2010-06-02 07:55 - 000518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2020-05-11 18:46 - 2010-06-02 07:55 - 000239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2020-05-11 18:46 - 2010-06-02 07:55 - 000176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2020-05-11 18:46 - 2010-06-02 07:55 - 000077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2020-05-11 18:46 - 2010-06-02 07:55 - 000074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2020-05-11 18:46 - 2010-05-26 14:41 - 002526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2020-05-11 18:46 - 2010-05-26 14:41 - 002106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2020-05-11 18:46 - 2010-05-26 14:41 - 001907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2020-05-11 18:46 - 2010-05-26 14:41 - 001868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2020-05-11 18:46 - 2010-02-04 13:01 - 000530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2020-05-11 18:46 - 2010-02-04 13:01 - 000528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2020-05-11 18:46 - 2010-02-04 13:01 - 000238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2020-05-11 18:46 - 2010-02-04 13:01 - 000176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2020-05-11 18:46 - 2010-02-04 13:01 - 000078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2020-05-11 18:46 - 2010-02-04 13:01 - 000074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2020-05-11 18:46 - 2010-02-04 13:01 - 000024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2020-05-11 18:46 - 2010-02-04 13:01 - 000022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2020-05-11 18:46 - 2009-09-04 20:44 - 000517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2020-05-11 18:46 - 2009-09-04 20:44 - 000515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2020-05-11 18:46 - 2009-09-04 20:44 - 000238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2020-05-11 18:46 - 2009-09-04 20:44 - 000176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2020-05-11 18:46 - 2009-09-04 20:44 - 000073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2020-05-11 18:46 - 2009-09-04 20:44 - 000069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2020-05-11 18:46 - 2009-09-04 20:29 - 005554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2020-05-11 18:46 - 2009-09-04 20:29 - 005501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2020-05-11 18:46 - 2009-09-04 20:29 - 002582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2020-05-11 18:46 - 2009-09-04 20:29 - 002475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2020-05-11 18:46 - 2009-09-04 20:29 - 001974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2020-05-11 18:46 - 2009-09-04 20:29 - 001892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2020-05-11 18:46 - 2009-09-04 20:29 - 000523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2020-05-11 18:46 - 2009-09-04 20:29 - 000453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2020-05-11 18:46 - 2009-09-04 20:29 - 000285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2020-05-11 18:46 - 2009-09-04 20:29 - 000235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2020-05-11 18:46 - 2009-03-16 17:18 - 000521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2020-05-11 18:46 - 2009-03-16 17:18 - 000517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2020-05-11 18:46 - 2009-03-16 17:18 - 000235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2020-05-11 18:46 - 2009-03-16 17:18 - 000174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2020-05-11 18:46 - 2009-03-16 17:18 - 000024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2020-05-11 18:46 - 2009-03-16 17:18 - 000022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2020-05-11 18:46 - 2009-03-09 18:27 - 005425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2020-05-11 18:46 - 2009-03-09 18:27 - 004178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2020-05-11 18:46 - 2009-03-09 18:27 - 002430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2020-05-11 18:46 - 2009-03-09 18:27 - 001846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2020-05-11 18:46 - 2009-03-09 18:27 - 000520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2020-05-11 18:46 - 2009-03-09 18:27 - 000453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2020-05-11 18:46 - 2008-10-27 13:04 - 000518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2020-05-11 18:46 - 2008-10-27 13:04 - 000514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2020-05-11 18:46 - 2008-10-27 13:04 - 000235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2020-05-11 18:46 - 2008-10-27 13:04 - 000175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2020-05-11 18:46 - 2008-10-27 13:04 - 000074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2020-05-11 18:46 - 2008-10-27 13:04 - 000070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2020-05-11 18:46 - 2008-10-27 13:04 - 000025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2020-05-11 18:46 - 2008-10-27 13:04 - 000023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2020-05-11 18:46 - 2008-10-15 09:22 - 005631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2020-05-11 18:46 - 2008-10-15 09:22 - 004379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2020-05-11 18:46 - 2008-10-15 09:22 - 002605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2020-05-11 18:46 - 2008-10-15 09:22 - 002036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2020-05-11 18:46 - 2008-10-15 09:22 - 000519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2020-05-11 18:46 - 2008-10-15 09:22 - 000452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2020-05-11 18:46 - 2008-07-31 13:41 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2020-05-11 18:46 - 2008-07-31 13:41 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2020-05-11 18:46 - 2008-07-31 13:41 - 000072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2020-05-11 18:46 - 2008-07-31 13:41 - 000068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2020-05-11 18:46 - 2008-07-31 13:40 - 000513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2020-05-11 18:46 - 2008-07-31 13:40 - 000509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2020-05-11 18:46 - 2008-07-10 14:01 - 000467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2020-05-11 18:46 - 2008-07-10 14:00 - 004992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2020-05-11 18:46 - 2008-07-10 14:00 - 003851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2020-05-11 18:46 - 2008-07-10 14:00 - 001942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2020-05-11 18:46 - 2008-07-10 14:00 - 001493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2020-05-11 18:46 - 2008-07-10 14:00 - 000540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2020-05-11 18:46 - 2008-05-30 17:19 - 000511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2020-05-11 18:46 - 2008-05-30 17:19 - 000507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2020-05-11 18:46 - 2008-05-30 17:18 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2020-05-11 18:46 - 2008-05-30 17:18 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2020-05-11 18:46 - 2008-05-30 17:17 - 000068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2020-05-11 18:46 - 2008-05-30 17:17 - 000065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2020-05-11 18:46 - 2008-05-30 17:17 - 000025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2020-05-11 18:46 - 2008-05-30 17:16 - 000028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2020-05-11 18:46 - 2008-05-30 17:11 - 004991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2020-05-11 18:46 - 2008-05-30 17:11 - 003850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2020-05-11 18:46 - 2008-05-30 17:11 - 001941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2020-05-11 18:46 - 2008-05-30 17:11 - 001491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2020-05-11 18:46 - 2008-05-30 17:11 - 000540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2020-05-11 18:46 - 2008-05-30 17:11 - 000467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2020-05-11 18:46 - 2008-03-05 19:04 - 000489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2020-05-11 18:46 - 2008-03-05 19:03 - 000479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2020-05-11 18:46 - 2008-03-05 19:03 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2020-05-11 18:46 - 2008-03-05 19:03 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2020-05-11 18:46 - 2008-03-05 19:00 - 000028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2020-05-11 18:46 - 2008-03-05 19:00 - 000025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2020-05-11 18:46 - 2008-03-05 18:56 - 004910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2020-05-11 18:46 - 2008-03-05 18:56 - 003786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2020-05-11 18:46 - 2008-03-05 18:56 - 001860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2020-05-11 18:46 - 2008-03-05 18:56 - 001420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2020-05-11 18:46 - 2008-02-06 02:07 - 000529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2020-05-11 18:46 - 2008-02-06 02:07 - 000462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2020-05-11 18:46 - 2007-10-22 06:40 - 000411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2020-05-11 18:46 - 2007-10-22 06:39 - 000267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2020-05-11 18:46 - 2007-10-22 06:37 - 000021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2020-05-11 18:46 - 2007-10-22 06:37 - 000017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2020-05-11 18:46 - 2007-10-12 18:14 - 005081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2020-05-11 18:46 - 2007-10-12 18:14 - 003734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2020-05-11 18:46 - 2007-10-12 18:14 - 002006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2020-05-11 18:46 - 2007-10-12 18:14 - 001374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2020-05-11 18:46 - 2007-10-02 12:56 - 000508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2020-05-11 18:46 - 2007-10-02 12:56 - 000444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2020-05-11 18:46 - 2007-07-20 03:57 - 000411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2020-05-11 18:46 - 2007-07-20 03:57 - 000267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2020-05-11 18:46 - 2007-07-19 21:14 - 005073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2020-05-11 18:46 - 2007-07-19 21:14 - 003727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2020-05-11 18:46 - 2007-07-19 21:14 - 001985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2020-05-11 18:46 - 2007-07-19 21:14 - 001358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2020-05-11 18:46 - 2007-07-19 21:14 - 000508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2020-05-11 18:46 - 2007-07-19 21:14 - 000444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2020-05-11 18:46 - 2007-06-20 23:49 - 000409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2020-05-11 18:46 - 2007-06-20 23:46 - 000266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2020-05-11 18:46 - 2007-05-16 19:45 - 004496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2020-05-11 18:46 - 2007-05-16 19:45 - 003497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2020-05-11 18:46 - 2007-05-16 19:45 - 001401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2020-05-11 18:46 - 2007-05-16 19:45 - 001124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2020-05-11 18:46 - 2007-05-16 19:45 - 000506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2020-05-11 18:46 - 2007-05-16 19:45 - 000443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2020-05-11 18:46 - 2007-04-04 21:55 - 000403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2020-05-11 18:46 - 2007-04-04 21:55 - 000261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2020-05-11 18:46 - 2007-04-04 21:54 - 000107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2020-05-11 18:46 - 2007-04-04 21:53 - 000081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2020-05-11 18:46 - 2007-03-15 19:57 - 000506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2020-05-11 18:46 - 2007-03-15 19:57 - 000443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2020-05-11 18:46 - 2007-03-12 19:42 - 004494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2020-05-11 18:46 - 2007-03-12 19:42 - 003495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2020-05-11 18:46 - 2007-03-12 19:42 - 001400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2020-05-11 18:46 - 2007-03-12 19:42 - 001123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2020-05-11 18:46 - 2007-03-05 15:42 - 000017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2020-05-11 18:46 - 2007-03-05 15:42 - 000015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2020-05-11 18:46 - 2007-01-24 18:27 - 000393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2020-05-11 18:46 - 2007-01-24 18:27 - 000255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2020-05-11 18:46 - 2006-12-08 15:02 - 000251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2020-05-11 18:46 - 2006-12-08 15:00 - 000390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2020-05-11 18:46 - 2006-11-29 16:06 - 004398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2020-05-11 18:46 - 2006-11-29 16:06 - 003426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2020-05-11 18:46 - 2006-11-29 16:06 - 000469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2020-05-11 18:46 - 2006-11-29 16:06 - 000440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2020-05-11 18:46 - 2006-09-28 19:05 - 003977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2020-05-11 18:46 - 2006-09-28 19:05 - 002414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2020-05-11 18:46 - 2006-09-28 19:05 - 000237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2020-05-11 18:46 - 2006-09-28 19:04 - 000364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2020-05-11 18:46 - 2006-07-28 12:31 - 000083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2020-05-11 18:46 - 2006-07-28 12:30 - 000363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2020-05-11 18:46 - 2006-07-28 12:30 - 000236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2020-05-11 18:46 - 2006-07-28 12:30 - 000062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2020-05-11 18:46 - 2006-05-31 10:24 - 000230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2020-05-11 18:46 - 2006-05-31 10:22 - 000354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2020-05-11 18:46 - 2006-03-31 15:41 - 003927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2020-05-11 18:46 - 2006-03-31 15:40 - 002388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2020-05-11 18:46 - 2006-03-31 15:40 - 000352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2020-05-11 18:46 - 2006-03-31 15:39 - 000229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2020-05-11 18:46 - 2006-03-31 15:39 - 000083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2020-05-11 18:46 - 2006-03-31 15:39 - 000062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2020-05-11 18:46 - 2006-02-03 11:43 - 003830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2020-05-11 18:46 - 2006-02-03 11:43 - 002332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2020-05-11 18:46 - 2006-02-03 11:42 - 000355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2020-05-11 18:46 - 2006-02-03 11:42 - 000230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2020-05-11 18:46 - 2006-02-03 11:41 - 000016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2020-05-11 18:46 - 2006-02-03 11:41 - 000014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2020-05-11 18:46 - 2005-12-05 21:09 - 003815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2020-05-11 18:46 - 2005-12-05 21:09 - 002323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2020-05-11 18:46 - 2005-07-22 22:59 - 003807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2020-05-11 18:46 - 2005-07-22 22:59 - 002319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2020-05-11 18:46 - 2005-05-26 18:34 - 003767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2020-05-11 18:46 - 2005-05-26 18:34 - 002297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2020-05-11 18:46 - 2005-03-18 20:19 - 003823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2020-05-11 18:46 - 2005-03-18 20:19 - 002337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2020-05-11 18:46 - 2005-02-05 22:45 - 003544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2020-05-11 18:46 - 2005-02-05 22:45 - 002222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2020-05-11 18:10 - 2020-06-01 16:55 - 000000000 ____D C:\Program Files (x86)\Origin Games
2020-05-11 18:06 - 2020-05-28 17:14 - 000000000 ____D C:\ProgramData\Electronic Arts
2020-05-11 18:04 - 2020-05-21 10:56 - 000000000 ____D C:\Program Files (x86)\Origin
2020-05-11 18:04 - 2020-05-11 18:04 - 000001066 _____ C:\Users\Public\Desktop\Origin.lnk
2020-05-11 18:04 - 2020-05-11 18:04 - 000001066 _____ C:\ProgramData\Desktop\Origin.lnk
2020-05-11 18:04 - 2020-05-11 18:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2020-05-11 18:03 - 2020-06-02 12:04 - 000000000 ____D C:\Users\donalda\AppData\Roaming\Origin
2020-05-11 18:03 - 2020-06-01 16:55 - 000000000 ____D C:\ProgramData\Origin
2020-05-11 18:03 - 2020-06-01 15:10 - 000000000 ____D C:\Users\donalda\AppData\Local\Origin
2020-05-11 18:03 - 2020-05-11 18:03 - 063648216 _____ (Electronic Arts) C:\Users\donalda\Downloads\OriginThinSetup.exe
2020-05-11 18:03 - 2020-05-11 18:03 - 000000000 ____D C:\Users\donalda\.QtWebEngineProcess
2020-05-11 18:03 - 2020-05-11 18:03 - 000000000 ____D C:\Users\donalda\.Origin
2020-05-11 15:44 - 2020-05-11 15:44 - 000002480 _____ C:\Users\donalda\Desktop\Secondary Profile - Chrome.lnk
2020-05-11 15:44 - 2020-05-11 15:44 - 000002436 _____ C:\Users\donalda\Desktop\Person 1 - Chrome.lnk
2020-05-11 13:57 - 2020-06-02 09:18 - 000000000 ____D C:\Program Files (x86)\Call of Duty Modern Warfare
2020-05-11 13:57 - 2020-05-11 13:57 - 000000000 ____D C:\ProgramData\Blizzard Entertainment
2020-05-11 13:54 - 2020-06-02 09:52 - 000000000 ____D C:\Users\donalda\AppData\Local\Battle.net
2020-05-11 13:54 - 2020-05-28 17:23 - 000000000 ____D C:\Users\donalda\AppData\Roaming\Battle.net
2020-05-11 13:54 - 2020-05-11 13:54 - 000000000 ____D C:\Users\donalda\AppData\Local\CEF
2020-05-11 13:53 - 2020-05-11 13:53 - 000000940 _____ C:\Users\Public\Desktop\Battle.net.lnk
2020-05-11 13:53 - 2020-05-11 13:53 - 000000940 _____ C:\ProgramData\Desktop\Battle.net.lnk
2020-05-11 13:53 - 2020-05-11 13:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2020-05-11 13:51 - 2020-05-28 18:41 - 000000000 ____D C:\Program Files (x86)\Battle.net
2020-05-11 13:50 - 2020-05-11 13:54 - 000000000 ____D C:\Users\donalda\AppData\Local\Blizzard Entertainment
2020-05-11 13:50 - 2020-05-11 13:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2020-05-11 13:50 - 2020-05-11 13:50 - 000000000 ____D C:\ProgramData\ESET
2020-05-11 13:50 - 2020-05-11 13:50 - 000000000 ____D C:\Program Files\ESET
2020-05-11 13:49 - 2020-05-11 13:50 - 000000000 ____D C:\ProgramData\Battle.net
2020-05-11 13:49 - 2020-05-11 13:49 - 004902896 _____ (Blizzard Entertainment) C:\Users\donalda\Downloads\Battle.net-Setup.exe
2020-05-11 13:48 - 2020-05-31 04:18 - 000000000 ____D C:\Users\donalda\AppData\Local\CrashDumps
2020-05-11 13:48 - 2020-05-11 13:48 - 005504960 _____ (ESET) C:\Users\donalda\Downloads\eset_nod32_antivirus_live_installer.exe
2020-05-11 13:46 - 2020-05-28 17:30 - 000002377 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-05-11 13:46 - 2020-05-28 17:30 - 000002336 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-05-11 13:46 - 2020-05-28 17:30 - 000002336 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-05-11 13:45 - 2020-05-14 20:14 - 000000000 ____D C:\Users\donalda\AppData\Local\D3DSCache
2020-05-11 13:45 - 2020-05-11 13:46 - 000000000 ____D C:\Program Files (x86)\Google
2020-05-11 13:45 - 2020-05-11 13:45 - 000003420 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-05-11 13:45 - 2020-05-11 13:45 - 000003296 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-05-11 13:43 - 2020-05-11 14:51 - 000000000 ____D C:\Users\donalda\AppData\Local\Google
2020-05-11 13:42 - 2020-06-01 23:01 - 000000000 ___RD C:\Users\donalda\OneDrive
2020-05-11 13:42 - 2020-05-11 14:37 - 000000000 ____D C:\Users\donalda\AppData\Local\PlaceholderTileLogoFolder
2020-05-11 13:42 - 2020-05-11 13:42 - 000003380 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2453741342-3935889263-1304218048-1004
2020-05-11 13:42 - 2020-05-11 13:42 - 000000000 ___HD C:\OneDriveTemp
2020-05-11 13:42 - 2020-05-11 13:42 - 000000000 ____D C:\Users\donalda\AppData\Roaming\Intel Corporation
2020-05-11 13:42 - 2020-05-11 13:42 - 000000000 ____D C:\Users\donalda\AppData\Local\Comms
2020-05-11 13:41 - 2020-05-12 15:56 - 000000000 ____D C:\Users\donalda\AppData\Local\NVIDIA Corporation
2020-05-11 13:41 - 2020-05-11 13:41 - 000001450 _____ C:\Users\donalda\Desktop\Microsoft Edge.lnk
2020-05-11 13:41 - 2020-05-11 13:41 - 000000000 ____D C:\Users\donalda\Settings
2020-05-11 13:40 - 2020-06-01 15:10 - 000000000 __SHD C:\Users\donalda\IntelGraphicsProfiles
2020-05-11 13:40 - 2020-05-28 18:40 - 000022127 _____ C:\ProgramData\DisplaySessionContainer2.log_backup1
2020-05-11 13:40 - 2020-05-13 04:03 - 000000000 ___RD C:\Users\donalda\3D Objects
2020-05-11 13:40 - 2020-05-12 16:42 - 000000000 ____D C:\Users\donalda\AppData\Local\Packages
2020-05-11 13:40 - 2020-05-11 18:05 - 000000000 ____D C:\Users\donalda\AppData\Local\ConnectedDevicesPlatform
2020-05-11 13:40 - 2020-05-11 14:36 - 000000000 ____D C:\Users\donalda\AppData\Local\Publishers
2020-05-11 13:40 - 2020-05-11 13:41 - 000000000 ____D C:\Users\donalda\AppData\Local\Intel
2020-05-11 13:40 - 2020-05-11 13:40 - 000000000 ___HD C:\Users\donalda\MicrosoftEdgeBackups
2020-05-11 13:40 - 2020-05-11 13:40 - 000000000 ____D C:\Users\donalda\AppData\Roaming\Intel
2020-05-11 13:40 - 2020-05-11 13:40 - 000000000 ____D C:\Users\donalda\AppData\Roaming\Adobe
2020-05-11 13:40 - 2020-05-11 13:40 - 000000000 ____D C:\Users\donalda\AppData\LocalLow\Intel
2020-05-11 13:40 - 2020-05-11 13:40 - 000000000 ____D C:\Users\donalda\AppData\Local\VirtualStore
2020-05-11 13:40 - 2020-05-11 13:40 - 000000000 ____D C:\Users\donalda\AppData\Local\MicrosoftEdge
2020-05-11 13:37 - 2020-06-02 11:40 - 000000000 ____D C:\Users\donalda
2020-05-11 13:37 - 2020-05-11 13:42 - 000002367 _____ C:\Users\donalda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-05-11 13:37 - 2020-05-11 13:37 - 000000020 ___SH C:\Users\donalda\ntuser.ini
2020-05-11 13:33 - 2020-04-14 06:42 - 003218256 _____ (Intel Corporation) C:\Windows\system32\mfx_mft_h265ve_64.dll
2020-05-11 13:33 - 2020-04-14 06:42 - 003212448 _____ (Intel Corporation) C:\Windows\system32\mfx_mft_vp9ve_64.dll
2020-05-11 13:33 - 2020-04-14 06:42 - 003198832 _____ (Intel Corporation) C:\Windows\system32\mfx_mft_h264ve_64.dll
2020-05-11 13:33 - 2020-04-14 06:42 - 002606120 _____ (Intel Corporation) C:\Windows\SysWOW64\mfx_mft_h265ve_32.dll
2020-05-11 13:33 - 2020-04-14 06:42 - 002601000 _____ (Intel Corporation) C:\Windows\SysWOW64\mfx_mft_vp9ve_32.dll
2020-05-11 13:33 - 2020-04-14 06:41 - 021448792 _____ (Intel Corporation) C:\Windows\system32\libmfxhw64.dll
2020-05-11 13:33 - 2020-04-14 06:41 - 020346728 _____ (Intel Corporation) C:\Windows\SysWOW64\libmfxhw32.dll
2020-05-11 13:33 - 2020-04-14 06:41 - 002996096 _____ (Intel Corporation) C:\Windows\system32\mfx_mft_encrypt_64.dll
2020-05-11 13:33 - 2020-04-14 06:41 - 002591928 _____ (Intel Corporation) C:\Windows\SysWOW64\mfx_mft_h264ve_32.dll
2020-05-11 13:33 - 2020-04-14 06:41 - 002435384 _____ (Intel Corporation) C:\Windows\SysWOW64\mfx_mft_encrypt_32.dll
2020-05-11 13:33 - 2020-04-14 06:41 - 000212488 _____ (Intel Corporation) C:\Windows\system32\intel_gfx_api-x64.dll
2020-05-11 13:33 - 2020-04-14 06:41 - 000184184 _____ (Intel Corporation) C:\Windows\SysWOW64\intel_gfx_api-x86.dll
2020-05-11 13:33 - 2020-04-14 06:40 - 025076248 _____ (Intel Corporation) C:\Windows\system32\mfxplugin64_hw.dll
2020-05-11 13:33 - 2020-04-14 06:40 - 011919384 _____ (Intel Corporation) C:\Windows\SysWOW64\mfxplugin32_hw.dll
2020-05-11 13:33 - 2020-04-14 06:40 - 003013648 _____ (Intel Corporation) C:\Windows\system32\mfx_mft_mjpgvd_64.dll
2020-05-11 13:33 - 2020-04-14 06:40 - 002439192 _____ (Intel Corporation) C:\Windows\SysWOW64\mfx_mft_mjpgvd_32.dll
2020-05-11 13:33 - 2020-04-14 06:40 - 000146976 _____ C:\Windows\SysWOW64\libGLESv2.dll
2020-05-11 13:33 - 2020-04-14 06:40 - 000137760 _____ C:\Windows\SysWOW64\libEGL.dll
2020-05-11 13:33 - 2020-04-14 06:40 - 000120864 _____ C:\Windows\SysWOW64\libGLESv1_CM.dll
2020-05-11 13:33 - 2020-04-14 06:15 - 000072329 _____ C:\Windows\SysWOW64\h265e_32.vp
2020-05-11 13:33 - 2020-04-14 06:15 - 000071888 _____ C:\Windows\SysWOW64\vp9e_32.vp
2020-05-11 13:33 - 2020-04-14 06:15 - 000070661 _____ C:\Windows\SysWOW64\he_32.vp
2020-05-11 13:33 - 2020-04-14 06:15 - 000066157 _____ C:\Windows\SysWOW64\mj_32.vp
2020-05-11 13:33 - 2020-04-14 06:15 - 000057143 _____ C:\Windows\SysWOW64\dev_32.vp
2020-05-11 13:33 - 2020-04-14 06:15 - 000056359 _____ C:\Windows\system32\dev_64.vp
2020-05-11 13:33 - 2020-04-14 06:15 - 000014145 _____ C:\Windows\system32\h265e_64.vp
2020-05-11 13:33 - 2020-04-14 06:15 - 000013996 _____ C:\Windows\system32\vp9e_64.vp
2020-05-11 13:33 - 2020-04-14 06:15 - 000013581 _____ C:\Windows\system32\he_64.vp
2020-05-11 13:33 - 2020-04-14 06:15 - 000013309 _____ C:\Windows\system32\mj_64.vp
2020-05-11 13:33 - 2020-04-14 06:15 - 000001125 _____ C:\Windows\SysWOW64\cpa_32.vp
2020-05-11 13:33 - 2020-04-14 06:15 - 000001125 _____ C:\Windows\system32\cpa_64.vp
2020-05-11 13:33 - 2019-05-06 05:03 - 000043456 _____ (Creative Technology Ltd.) C:\Windows\system32\Drivers\MBfilt64.sys
2020-05-05 10:09 - 2020-05-11 13:28 - 000001705 _____ C:\Users\Public\Desktop\THX Spatial Audio.lnk
2020-05-05 10:09 - 2020-05-11 13:28 - 000001705 _____ C:\ProgramData\Desktop\THX Spatial Audio.lnk

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-06-02 11:50 - 2019-03-19 00:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-06-02 11:40 - 2019-03-19 00:50 - 000000000 ____D C:\Windows\INF
2020-06-02 06:31 - 2019-10-26 16:42 - 000000000 ____D C:\Windows\system32\SleepStudy
2020-06-02 00:11 - 2019-03-19 00:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-06-02 00:11 - 2019-03-19 00:52 - 000000000 ____D C:\Windows\AppReadiness
2020-06-01 15:15 - 2019-10-26 16:49 - 000843192 _____ C:\Windows\system32\PerfStringBackup.INI
2020-06-01 15:10 - 2019-10-26 16:47 - 000000000 ____D C:\Intel
2020-06-01 15:10 - 2019-10-26 16:42 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-06-01 08:37 - 2019-10-26 16:54 - 000032001 _____ C:\ProgramData\DisplaySessionContainer1.log_backup1
2020-06-01 08:37 - 2019-10-26 16:54 - 000029989 _____ C:\ProgramData\NVDisplay.ContainerLocalSystem.log_backup1
2020-05-31 15:53 - 2019-10-26 16:54 - 000016047 _____ C:\ProgramData\NVDisplayContainerWatchdog.log_backup1
2020-05-28 18:41 - 2019-10-26 16:52 - 000000000 ____D C:\NVIDIA
2020-05-28 17:23 - 2019-10-26 16:50 - 000000000 ___HD C:\Windows\system32\WLANProfiles
2020-05-28 17:23 - 2019-03-19 00:52 - 000000000 ____D C:\Windows\system32\Sysprep
2020-05-28 17:23 - 2019-03-19 00:37 - 000786432 _____ C:\Windows\system32\config\BBI
2020-05-28 17:14 - 2019-03-19 00:52 - 000000000 ____D C:\Windows\registration
2020-05-28 13:17 - 2019-03-19 00:37 - 000032768 _____ C:\Windows\system32\config\ELAM
2020-05-18 16:38 - 2019-10-26 16:53 - 000655080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2020-05-18 16:36 - 2019-10-26 16:53 - 004928256 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2020-05-16 18:34 - 2019-03-19 00:37 - 000786432 _____ C:\Windows\system32\config\BBI(25)
2020-05-14 20:16 - 2019-03-19 00:37 - 000000000 ____D C:\Windows\CbsTemp
2020-05-14 20:14 - 2019-10-26 16:45 - 000000000 ____D C:\ProgramData\Package Cache
2020-05-14 18:37 - 2019-03-19 00:52 - 000000000 ____D C:\Windows\system32\NDF
2020-05-14 08:16 - 2019-10-07 21:34 - 000000000 ____D C:\Windows\Panther
2020-05-13 10:10 - 2019-10-26 16:54 - 000000000 ____D C:\Windows\system32\Drivers\NVIDIA Corporation
2020-05-13 10:10 - 2019-10-26 16:54 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2020-05-13 10:08 - 2019-10-26 16:54 - 000000000 ____D C:\ProgramData\NVIDIA
2020-05-13 10:08 - 2019-10-26 16:54 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2020-05-13 10:08 - 2019-10-26 16:53 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2020-05-13 04:04 - 2019-10-26 16:44 - 000000000 ____D C:\ProgramData\Packages
2020-05-13 04:03 - 2019-10-26 16:44 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-05-13 04:02 - 2019-10-26 16:42 - 000257904 _____ C:\Windows\system32\FNTCACHE.DAT
2020-05-13 04:01 - 2019-03-19 00:52 - 000000000 ___SD C:\Windows\system32\UNP
2020-05-13 04:01 - 2019-03-19 00:52 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2020-05-13 04:01 - 2019-03-19 00:52 - 000000000 ___RD C:\Windows\PrintDialog
2020-05-13 04:01 - 2019-03-19 00:52 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2020-05-13 04:01 - 2019-03-19 00:52 - 000000000 ____D C:\Windows\TextInput
2020-05-13 04:01 - 2019-03-19 00:52 - 000000000 ____D C:\Windows\SysWOW64\setup
2020-05-13 04:01 - 2019-03-19 00:52 - 000000000 ____D C:\Windows\SysWOW64\oobe
2020-05-13 04:01 - 2019-03-19 00:52 - 000000000 ____D C:\Windows\SysWOW64\Dism
2020-05-13 04:01 - 2019-03-19 00:52 - 000000000 ____D C:\Windows\SystemResources
2020-05-13 04:01 - 2019-03-19 00:52 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2020-05-13 04:01 - 2019-03-19 00:52 - 000000000 ____D C:\Windows\system32\SystemResetPlatform
2020-05-13 04:01 - 2019-03-19 00:52 - 000000000 ____D C:\Windows\system32\setup
2020-05-13 04:01 - 2019-03-19 00:52 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2020-05-13 04:01 - 2019-03-19 00:52 - 000000000 ____D C:\Windows\system32\oobe
2020-05-13 04:01 - 2019-03-19 00:52 - 000000000 ____D C:\Windows\system32\migwiz
2020-05-13 04:01 - 2019-03-19 00:52 - 000000000 ____D C:\Windows\system32\Dism
2020-05-13 04:01 - 2019-03-19 00:52 - 000000000 ____D C:\Windows\system32\appraiser
2020-05-13 04:01 - 2019-03-19 00:52 - 000000000 ____D C:\Windows\ShellExperiences
2020-05-13 04:01 - 2019-03-19 00:52 - 000000000 ____D C:\Windows\ShellComponents
2020-05-13 04:01 - 2019-03-19 00:52 - 000000000 ____D C:\Windows\Provisioning
2020-05-13 04:01 - 2019-03-19 00:52 - 000000000 ____D C:\Windows\PolicyDefinitions
2020-05-13 04:01 - 2019-03-19 00:52 - 000000000 ____D C:\Windows\DiagTrack
2020-05-13 04:01 - 2019-03-19 00:52 - 000000000 ____D C:\Windows\bcastdvr
2020-05-13 04:01 - 2019-03-19 00:52 - 000000000 ____D C:\Program Files\Windows Defender
2020-05-13 04:01 - 2019-03-19 00:52 - 000000000 ____D C:\PerfLogs
2020-05-13 04:01 - 2019-03-19 00:37 - 000000000 ____D C:\Windows\servicing
2020-05-13 01:15 - 2019-10-26 16:46 - 002874880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2020-05-12 21:23 - 2019-03-19 00:52 - 000000000 ____D C:\Windows\LiveKernelReports
2020-05-12 15:53 - 2019-10-26 16:49 - 000000000 ____D C:\ProgramData\Intel
2020-05-12 04:09 - 2019-10-26 17:08 - 000000000 ____D C:\Windows\minidump
2020-05-11 22:32 - 2019-03-19 00:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-05-11 19:04 - 2019-10-26 16:57 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2020-05-11 19:04 - 2019-10-26 16:47 - 000000000 ____D C:\Program Files (x86)\Intel
2020-05-11 13:50 - 2019-03-19 00:52 - 000000000 ___HD C:\Windows\ELAMBKUP
2020-05-11 13:48 - 2019-10-26 16:42 - 000000000 ____D C:\Windows\system32\Drivers\wd
2020-05-11 13:37 - 2019-03-19 00:52 - 000000000 ____D C:\Windows\appcompat
2020-05-11 13:28 - 2019-10-26 16:48 - 000000000 ____D C:\Program Files\THX
2020-05-05 10:09 - 2019-10-26 16:48 - 000000000 ____D C:\Windows\system32\Tasks\THX Ltd
2020-05-04 12:05 - 2019-03-19 00:52 - 000000000 ____D C:\ProgramData\USOPrivate
2020-05-04 12:04 - 2019-03-19 00:52 - 000000000 ____D C:\Windows\system32\spool
2020-05-04 12:04 - 2019-03-19 00:52 - 000000000 ____D C:\Windows\system32\FxsTmp

==================== Files in the root of some directories ========

2020-05-12 02:42 - 2020-06-02 09:52 - 000007636 _____ () C:\Users\donalda\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-05-2020 0
Ran by donalda (02-06-2020 12:04:34)
Running from C:\Users\donalda\Desktop\FRST
Windows 10 Home Version 1903 18362.836 (X64) (2020-05-11 17:27:19)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-2453741342-3935889263-1304218048-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2453741342-3935889263-1304218048-503 - Limited - Disabled)
Guest (S-1-5-21-2453741342-3935889263-1304218048-501 - Limited - Disabled)
donalda (S-1-5-21-2453741342-3935889263-1304218048-1004 - Administrator - Enabled) => C:\Users\donalda
WDAGUtilityAccount (S-1-5-21-2453741342-3935889263-1304218048-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.8.2.48475 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version: - Blizzard Entertainment)
CPUID CPU-Z 1.92 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.92 - CPUID, Inc.)
Crysis®3 (HKLM-x32\...\{4198AE83-A3C6-4C41-85C8-EC63E990696E}) (Version: 1.0.0.0 - Electronic Arts)
Crysis®3 Digital Deluxe Edition Content (HKLM-x32\...\{2A8C5AE3-2772-4EB1-8206-D5E53D111A61}) (Version: 1.0.0.0 - Electronic Arts)
Discord (HKU\S-1-5-21-2453741342-3935889263-1304218048-1004\...\Discord) (Version: 0.0.306 - Discord Inc.)
Epic Games Launcher (HKLM-x32\...\{1D4EB18B-0FEE-444E-B4D1-6F2CFBC363E6}) (Version: 1.1.267.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
ESET Security (HKLM\...\{0C3F76CB-98AA-49B1-9B72-CD040E3E17E8}) (Version: 13.1.21.0 - ESET, spol. s r.o.)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
EVOO Control Center (HKLM\...\{6ea3ce12-b991-4b65-9f8d-b148eaaecd87}_is1) (Version: 1.0.0.46 - OEM)
f.lux (HKU\S-1-5-21-2453741342-3935889263-1304218048-1004\...\Flux) (Version: - f.lux Software LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 83.0.4103.61 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{4551f75f-3c54-4f09-8221-8c8a061bad00}) (Version: 10.1.18019.8144 - Intel® Corporation)
Intel® Extreme Tuning Utility (HKLM-x32\...\{6FB77AA0-DC58-44C6-A0DD-2FC5272EA531}) (Version: 6.5.1.360 - Intel Corporation) Hidden
Intel® Extreme Tuning Utility (HKLM-x32\...\{b5dc28d7-72cb-4bb1-a9a7-3ae096f0980f}) (Version: 6.5.1.360 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1923.12.0.1278 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 26.20.100.6911 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 17.5.0.1017 - Intel Corporation)
Intel® Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.55.66.0 - Intel Corporation) Hidden
Intel® Trusted Connect Services Client (HKLM-x32\...\{1fec26b5-eeec-4604-877a-44f1843ae9d4}) (Version: 1.55.66.0 - Intel Corporation) Hidden
Intel® Wireless Bluetooth® (HKLM-x32\...\{00000020-0210-1033-84C8-B8D95FA3C8C3}) (Version: 21.20.0.4 - Intel Corporation)
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{7D4998B3-AC68-4815-AC47-5A1969D91E30}) (Version: 17.5.0.1017 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{7999800f-411b-4d04-aadd-32b576d84592}) (Version: 21.20.1 - Intel Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
magicJack (HKU\S-1-5-21-2453741342-3935889263-1304218048-1004\...\magicJack) (Version: 4.18.10293.7200 - magicJack L.P.)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft OneDrive (HKU\S-1-5-21-2453741342-3935889263-1304218048-1004\...\OneDriveSetup.exe) (Version: 20.052.0311.0011 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.11.25325 (HKLM-x32\...\{6c6356fe-cbfa-4944-9bed-a9e99f45cb7a}) (Version: 14.11.25325.0 - Microsoft Corporation)
MSI Afterburner 4.6.2 (HKLM-x32\...\Afterburner) (Version: 4.6.2 - MSI Co., LTD)
NVIDIA Graphics Driver 446.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 446.14 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.26 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NVIDIA USBC Driver 1.38.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.38.831.832 - NVIDIA Corporation)
Oracle VM VirtualBox 6.0.22 (HKLM\...\{65682D40-CC5A-4122-BCC0-5C682D0EE284}) (Version: 6.0.22 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.70.40362 - Electronic Arts, Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.18362.31248 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.35.510.2019 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8710.1 - Realtek Semiconductor Corp.)
RivaTuner Statistics Server 7.2.3 (HKLM-x32\...\RTSS) (Version: 7.2.3 - Unwinder)
RogueKiller version 14.5.0.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 14.5.0.0 - Adlice Software)
SoftEther VPN Client (HKLM\...\softether_sevpnclient) (Version: 4.34.9745 - SoftEther VPN Project)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
THX Spatial Audio Driver (HKLM\...\THXSpatialAudio) (Version: 1.2.331-28 - THX Ltd.)
Twitch Studio (HKU\S-1-5-21-2453741342-3935889263-1304218048-1004\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF372B0}) (Version: 8.0.0 - Twitch Interactive, Inc.)

Packages:
=========
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.37.4.0_x86__kgqvnymyfvs32 [2020-05-28] (king.com)
Farm Heroes Saga -> C:\Program Files\WindowsApps\king.com.FarmHeroesSaga_5.38.3.0_x86__kgqvnymyfvs32 [2020-05-29] (king.com)
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2020-05-28] (INTEL CORP)
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2020-05-28] (LinkedIn)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-05-28] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-05-28] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.5012.0_x64__8wekyb3d8bbwe [2020-05-28] (Microsoft Studios) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-05-28] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.956.0_x64__56jybvy8sckqj [2020-05-28] (NVIDIA Corp.)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0 [2020-06-02] (Spotify AB) [Startup Task]
Tuned by THX - LP5 -> C:\Program Files\WindowsApps\THXLtd.TunedbyTHX-LP5_2019.10.10.0_x64__zgheytcpjsgqw [2020-05-28] (THX Ltd.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-05-09] (Intel® Rapid Storage Technology -> )
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-04-02] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-04-02] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-05-09] (Intel® Rapid Storage Technology -> )
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvtfi.inf_amd64_3d2639743193941d\nvshext.dll [2020-05-18] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-04-02] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes Corporation -> Malwarebytes)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\donalda\Desktop\Person 1 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\donalda\Desktop\Secondary Profile - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"

==================== Loaded Modules (Whitelisted) =============

2020-05-11 18:04 - 2020-05-21 10:56 - 000015360 _____ () [File not signed] C:\Program Files (x86)\Origin\libEGL.DLL
2020-05-11 18:04 - 2020-05-21 10:56 - 003090944 _____ () [File not signed] C:\Program Files (x86)\Origin\libGLESv2.dll
2020-05-21 10:56 - 2020-05-21 10:56 - 000002560 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Origin\icudt58.dll
2020-05-21 10:56 - 2020-05-21 10:56 - 001252864 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Origin\icuuc58.dll
2020-05-11 18:04 - 2020-05-21 10:56 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2020-05-11 18:04 - 2020-05-21 10:56 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2020-05-21 10:56 - 2020-05-21 10:56 - 000030208 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qgif.dll
2020-05-21 10:56 - 2020-05-21 10:56 - 000032768 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qico.dll
2020-05-21 10:56 - 2020-05-21 10:56 - 000256512 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
2020-05-21 10:56 - 2020-05-21 10:56 - 000026112 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qtga.dll
2020-05-21 10:56 - 2020-05-21 10:56 - 000305152 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qtiff.dll
2020-05-21 10:56 - 2020-05-21 10:56 - 000025600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
2020-05-11 18:04 - 2020-05-21 10:56 - 000278016 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\mediaservice\dsengine.dll
2020-05-11 18:04 - 2020-05-21 10:56 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2020-05-21 10:56 - 2020-05-21 10:56 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2020-05-21 10:56 - 2020-05-21 10:56 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2020-05-21 10:56 - 2020-05-21 10:56 - 000709120 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Multimedia.dll
2020-05-21 10:56 - 2020-05-21 10:56 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2020-05-21 10:56 - 2020-05-21 10:56 - 000207360 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Positioning.dll
2020-05-21 10:56 - 2020-05-21 10:56 - 000310272 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5PrintSupport.dll
2020-05-21 10:56 - 2020-05-21 10:56 - 003513344 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Qml.dll
2020-05-21 10:56 - 2020-05-21 10:56 - 003390976 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Quick.dll
2020-05-21 10:56 - 2020-05-21 10:56 - 000068096 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5QuickWidgets.dll
2020-05-21 10:56 - 2020-05-21 10:56 - 000045568 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5TextToSpeech.dll
2020-05-21 10:56 - 2020-05-21 10:56 - 000116224 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebChannel.dll
2020-05-21 10:56 - 2020-05-21 10:56 - 054071296 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebEngineCore.dll
2020-05-21 10:56 - 2020-05-21 10:56 - 000211456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebEngineWidgets.dll
2020-05-21 10:56 - 2020-05-21 10:56 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2020-05-21 10:56 - 2020-05-21 10:56 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2020-05-21 10:56 - 2020-05-21 10:56 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
2020-05-13 11:15 - 2020-05-13 11:15 - 005833216 _____ (University of Tsukuba) [File not signed] C:\Program Files\SoftEther VPN Client\VpnGatePlugin_x64.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 00:49 - 2019-03-19 00:49 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2453741342-3935889263-1304218048-1004\Control Panel\Desktop\\Wallpaper -> C:\Windows\system32\OEM\Wallpaper.jpg
DNS Servers: 72.44.127.5 - 72.44.127.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

Network Binding:
=============
VPN - VPN Client: SoftEther Lightweight Network Protocol -> SeLow (enabled)
VPN - VPN Client: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
Ethernet: SoftEther Lightweight Network Protocol -> SeLow (enabled)
Ethernet: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
Bluetooth Network Connection: SoftEther Lightweight Network Protocol -> SeLow (enabled)
Wi-Fi: SoftEther Lightweight Network Protocol -> SeLow (enabled)
Wi-Fi: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
VirtualBox Host-Only Network: SoftEther Lightweight Network Protocol -> SeLow (enabled)
VirtualBox Host-Only Network: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{5064897F-5F95-4C4B-BCC9-64733884A3BA}] => (Allow) C:\Program Files\OEM\EVOO Control Center\UniwillService\GCUBridge.exe (Uniwill Technology Inc. -> )
FirewallRules: [{39540635-B797-4CD2-A940-2CAFDF486EC8}] => (Allow) C:\Program Files\OEM\EVOO Control Center\UniwillService\GCUBridge.exe (Uniwill Technology Inc. -> )
FirewallRules: [TCP Query User{B9ECBCA7-2F99-4F68-98D3-7CFD77F47C23}C:\users\donalda\appdata\roaming\mjusbsp\magicjack.exe] => (Allow) C:\users\donalda\appdata\roaming\mjusbsp\magicjack.exe (magicJack, L.P. -> magicJack L.P.)
FirewallRules: [UDP Query User{4690F3C3-8A13-435F-93BA-1F99BFD914EA}C:\users\donalda\appdata\roaming\mjusbsp\magicjack.exe] => (Allow) C:\users\donalda\appdata\roaming\mjusbsp\magicjack.exe (magicJack, L.P. -> magicJack L.P.)
FirewallRules: [TCP Query User{B54DE227-69E1-40E6-9EB3-6B9429F4A79E}C:\program files (x86)\call of duty modern warfare\modernwarfare.exe] => (Allow) C:\program files (x86)\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [UDP Query User{D732FE0E-6924-4F88-A21A-FA0E85A558A1}C:\program files (x86)\call of duty modern warfare\modernwarfare.exe] => (Allow) C:\program files (x86)\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [{8DB3CED8-07F0-4D82-AED2-8F45C1C9B250}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{17C8CBE0-4BB4-45AC-97F6-7D023D142CD4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{74856AE5-206E-4F80-840B-C302B9D3B2CD}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{12827066-438F-4585-8BA7-4EA12DCE94C9}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{95BFCE9B-C272-4D84-8214-EC575E57B188}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{51DDF585-E7F0-4B2C-AA69-7F8DECA3284E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{8A5689AA-1AFB-498C-9C03-291B26D71A18}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FirewallRules: [{9D5294C8-067B-4A90-A21C-EB308B9D74E4}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FirewallRules: [{DDB052C7-ACBC-4CD5-AFF6-203565832FC9}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{C9E88100-9C58-45FE-B4A4-8E62565207B4}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{8F71ECFF-D86C-4083-A6D8-0CB98334346F}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher_x86.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{9FBFC5FF-3D60-4582-A5C6-4D92DF2C3A46}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher_x86.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [TCP Query User{F5DADC78-32C3-4AF8-8058-D552EF26B921}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [UDP Query User{B8EB2F13-4087-4711-9D15-A65D9E20A1C4}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{9C41B69C-6D29-4BD4-97EF-628A000D0A1A}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd.exe (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)
FirewallRules: [{E3BE0E63-910C-40A7-98B7-9C6320CC7CFA}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr.exe (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)
FirewallRules: [{03729457-381F-40EB-9E5E-E53C9E0E137B}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)
FirewallRules: [{A79FDDDD-805C-4BEC-B3B6-5671898C6251}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient.exe (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)
FirewallRules: [{7429C9A2-CECB-4DB6-8F91-399D207279AE}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd_x64.exe (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)
FirewallRules: [{8DA232B1-ADDE-4F28-8F74-2E36DDB67507}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)
FirewallRules: [{CDD87949-0FE8-4DAB-8154-E2E01C8B6043}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{644CF268-6546-4E26-81A3-33E7EA35E8E4}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{5B6521A4-F63F-40AB-AA9F-2638BFD077A0}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{06959B62-10DE-47C5-8D91-1F03356B027F}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{5E9968B3-DB8B-48F3-8FF4-E214B07DF552}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{CF0F7F7E-074A-442C-B555-FB70DD1920D5}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{DBDAFA48-B828-4FE0-8BE0-80FA34ABA664}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{DB8FED73-9341-4F2B-99A6-5F26E1029828}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{514B3E4F-9F76-49E6-A79C-6F7EA26F25D2}] => (Allow) C:\Program Files (x86)\Origin Games\Crysis 3\Bin32\Crysis3.exe (Electronic Arts -> Crytek GmbH)
FirewallRules: [{35C6A3ED-757D-4A17-9B27-03249C7DC06D}] => (Allow) C:\Program Files (x86)\Origin Games\Crysis 3\Bin32\Crysis3.exe (Electronic Arts -> Crytek GmbH)
FirewallRules: [{F7029D2D-063B-4585-8753-91D2D4FFB386}] => (Allow) C:\Program Files (x86)\Origin Games\Crysis 3\Crysis 3 - Digital Deluxe Edition Content\Launcher.exe (Crytek GmbH) [File not signed]
FirewallRules: [{4D8ACDB0-D412-4275-831D-4140E476DD04}] => (Allow) C:\Program Files (x86)\Origin Games\Crysis 3\Crysis 3 - Digital Deluxe Edition Content\Launcher.exe (Crytek GmbH) [File not signed]
FirewallRules: [{3365D158-5C30-4FD9-8F0A-4E1992A0AAA0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{A8461E47-AB01-401C-BECB-91788E8CCD0C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{46204DF1-C417-4A34-B70F-D867C8BE562D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{563AA8A4-BCAD-42D6-8962-1BBAA2F902E0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{EA8099BA-773D-4328-BD85-78CA21F7ECCF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6CAEA21E-0186-40BC-966A-20E353768F48}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{15F329D3-9937-4DDA-920E-DC509AA162B3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5966D5F4-E149-4E4A-B813-04E9254FA34A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{599D6227-4CE7-4CA8-9BEF-DF1B33BE0311}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)

==================== Restore Points =========================

14-05-2020 20:13:05 Installed DirectX
17-05-2020 17:00:03 Installed DirectX
27-05-2020 20:38:56 Scheduled Checkpoint
28-05-2020 17:12:57 Restore Operation
02-06-2020 11:38:54 Installed Oracle VM VirtualBox 6.0.22

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (06/02/2020 11:38:57 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary RkFlt.

System Error:
The system cannot find the file specified.
.

Error: (05/31/2020 04:18:34 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SecHealthUI.exe, version: 10.0.18362.752, time stamp: 0x5e70487e
Faulting module name: ntdll.dll, version: 10.0.18362.815, time stamp: 0xb29ecf52
Exception code: 0xc0000409
Fault offset: 0x000000000008c45f
Faulting process id: 0xab7c
Faulting application start time: 0x01d63724120b7e78
Faulting application path: C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report Id: d8aab68d-f03f-49b0-90ae-1143e66ed43a
Faulting package full name: Microsoft.Windows.SecHealthUI_10.0.18362.449_neutral__cw5n1h2txyewy
Faulting package-relative application ID: SecHealthUI

Error: (05/30/2020 07:50:40 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Crysis3.exe version 1.3.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 8a14

Start Time: 01d636d6993e8424

Termination Time: 4294967295

Application Path: C:\Program Files (x86)\Origin Games\Crysis 3\Bin32\Crysis3.exe

Report Id: d3bf3611-8b38-4fbe-8496-7d63a7ed634d

Faulting package full name:

Faulting package-relative application ID:

Hang type: Cross-thread

Error: (05/29/2020 12:17:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: HxTsr.exe, version: 16.0.12624.20368, time stamp: 0x5e80606c
Faulting module name: hxcomm.dll, version: 16.0.12624.20368, time stamp: 0x5e805a40
Exception code: 0x02799383
Fault offset: 0x00000000002162e8
Faulting process id: 0x11f4
Faulting application start time: 0x01d6357012c2392d
Faulting application path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12624.20368.0_x64__8wekyb3d8bbwe\HxTsr.exe
Faulting module path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12624.20368.0_x64__8wekyb3d8bbwe\hxcomm.dll
Report Id: 2327b5e8-f0c4-4fc2-bccd-196de8beb0b6
Faulting package full name: microsoft.windowscommunicationsapps_16005.12624.20368.0_x64__8wekyb3d8bbwe
Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

Error: (05/28/2020 11:48:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: HxTsr.exe, version: 16.0.12624.20368, time stamp: 0x5e80606c
Faulting module name: hxcomm.dll, version: 16.0.12624.20368, time stamp: 0x5e805a40
Exception code: 0x02799383
Fault offset: 0x00000000002162e8
Faulting process id: 0x15b4
Faulting application start time: 0x01d6356c06bb6165
Faulting application path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12624.20368.0_x64__8wekyb3d8bbwe\HxTsr.exe
Faulting module path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12624.20368.0_x64__8wekyb3d8bbwe\hxcomm.dll
Report Id: 35673790-6c0a-4fd0-bdd6-8bcc3e52bb03
Faulting package full name: microsoft.windowscommunicationsapps_16005.12624.20368.0_x64__8wekyb3d8bbwe
Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

Error: (05/28/2020 10:47:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: HxTsr.exe, version: 16.0.12624.20368, time stamp: 0x5e80606c
Faulting module name: hxcomm.dll, version: 16.0.12624.20368, time stamp: 0x5e805a40
Exception code: 0x02799383
Fault offset: 0x00000000002162e8
Faulting process id: 0xce8
Faulting application start time: 0x01d6356380178b37
Faulting application path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12624.20368.0_x64__8wekyb3d8bbwe\HxTsr.exe
Faulting module path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12624.20368.0_x64__8wekyb3d8bbwe\hxcomm.dll
Report Id: fda9ad83-029b-4604-ae78-b1f960adb999
Faulting package full name: microsoft.windowscommunicationsapps_16005.12624.20368.0_x64__8wekyb3d8bbwe
Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

Error: (05/28/2020 10:17:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: HxTsr.exe, version: 16.0.12624.20368, time stamp: 0x5e80606c
Faulting module name: hxcomm.dll, version: 16.0.12624.20368, time stamp: 0x5e805a40
Exception code: 0x02799383
Fault offset: 0x00000000002162e8
Faulting process id: 0x40cc
Faulting application start time: 0x01d6355f52c3667b
Faulting application path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12624.20368.0_x64__8wekyb3d8bbwe\HxTsr.exe
Faulting module path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12624.20368.0_x64__8wekyb3d8bbwe\hxcomm.dll
Report Id: 98af5ea1-6c23-48c1-9e93-3ae87c7f620c
Faulting package full name: microsoft.windowscommunicationsapps_16005.12624.20368.0_x64__8wekyb3d8bbwe
Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

Error: (05/28/2020 09:47:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: HxTsr.exe, version: 16.0.12624.20368, time stamp: 0x5e80606c
Faulting module name: hxcomm.dll, version: 16.0.12624.20368, time stamp: 0x5e805a40
Exception code: 0x02799383
Fault offset: 0x00000000002162e8
Faulting process id: 0x398c
Faulting application start time: 0x01d6355b1e503098
Faulting application path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12624.20368.0_x64__8wekyb3d8bbwe\HxTsr.exe
Faulting module path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12624.20368.0_x64__8wekyb3d8bbwe\hxcomm.dll
Report Id: 1ddb314b-fbf0-48f9-a47e-a728c152ae0b
Faulting package full name: microsoft.windowscommunicationsapps_16005.12624.20368.0_x64__8wekyb3d8bbwe
Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

System errors:
=============
Error: (06/02/2020 11:40:18 AM) (Source: VBoxNetLwf) (EventID: 12) (User: )
Description: The driver detected an internal driver error on \Device\VBoxNetLwf.

Error: (06/01/2020 03:10:19 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 4:27:46 AM on ‎6/‎1/‎2020 was unexpected.

Error: (05/31/2020 03:53:34 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 12:34:13 PM on ‎5/‎31/‎2020 was unexpected.

Error: (05/28/2020 02:06:37 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: The computer has rebooted from a bugcheck. The bugcheck was: 0x000000d1 (0xfffff806579fb010, 0x00000000000000ff, 0x0000000000000000, 0xfffff80669a795ae). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 495f2ed5-55fa-4bf7-b540-8f382af44f12.

Error: (05/28/2020 02:06:25 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 2:03:22 PM on ‎5/‎28/‎2020 was unexpected.

Error: (05/28/2020 02:03:11 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: The computer has rebooted from a bugcheck. The bugcheck was: 0x000000d1 (0xffffb8005ba8c010, 0x00000000000000ff, 0x0000000000000000, 0xfffff80679d295ae). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 00000000-0000-0000-0000-000000000000.

Error: (05/28/2020 02:03:11 PM) (Source: BugCheck) (EventID: 1005) (User: )
Description: Unable to produce a minidump file from the full dump file.

Error: (05/28/2020 02:02:49 PM) (Source: volmgr) (EventID: 161) (User: )
Description: Dump file creation failed due to error during dump creation.

Windows Defender:
===================================
Date: 2020-06-01 23:28:41.997
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {4AD100C7-97D6-4388-860D-7445D2697880}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-05-31 04:18:59.631
Description:
Windows Defender Antivirus has encountered an error trying to load security intelligence and will attempt reverting back to a known-good version.
Security intelligence Attempted: Current
Error Code: 0x80070003
Error description: The system cannot find the path specified.
Security intelligence version: 0.0.0.0;0.0.0.0
Engine version: 0.0.0.0

Date: 2020-05-28 14:17:17.269
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.317.136.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17100.2
Error code: 0x80240438
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

Date: 2020-05-11 13:44:40.151
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 0.0.0.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 0.0.0.0
Error code: 0x80240022
Error description: The program can't check for definition updates.

Date: 2020-05-11 13:44:40.150
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 0.0.0.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 0.0.0.0
Error code: 0x80240022
Error description: The program can't check for definition updates.

Date: 2020-05-06 07:50:58.860
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 0.0.0.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 0.0.0.0
Error code: 0x80072f8f
Error description: A security error occurred

CodeIntegrity:
===================================

Date: 2020-06-02 09:10:49.953
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-06-02 09:10:49.948
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-06-02 09:10:49.936
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-06-02 09:10:49.928
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-06-02 09:10:49.882
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-06-01 15:12:33.183
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-06-01 15:12:29.476
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-06-01 15:12:29.471
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: American Megatrends Inc. N.1.05 10/10/2019
Motherboard: EVOO Products GK5CP6X
Processor: Intel® Core™ i7-9750H CPU @ 2.60GHz
Percentage of memory in use: 50%
Total physical RAM: 16239.95 MB
Available physical RAM: 7972.19 MB
Total Virtual: 28015.95 MB
Available Virtual: 15278.86 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:475.95 GB) (Free:50.7 GB) NTFS

\\?\Volume{a52f13a1-2f5a-49c9-a3ee-5cb72afa1125}\ () (Fixed) (Total:0.88 GB) (Free:0.47 GB) NTFS
\\?\Volume{5f36e8de-0b14-49fa-a728-88f93bb61ff3}\ () (Fixed) (Total:0.09 GB) (Free:0.05 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: D736B104)

Partition: GPT.

==================== End of Addition.txt =======================

Attached Files

Edited by Oh My!, Today, 04:38 PM.
Posted truncated logs



https://ift.tt/2U4KRAg

Comments

Popular Posts

System detected an overrun of a stack-based buffer in this application [FIX] - Windows Report

Valorant anti-cheat lead answers many questions on Reddit - Millenium US