Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. 
Join 
This topic is locked
Hello,
I believe I have a deep rooted infection on my system. I ran several maleware and virus scans such as Emisoft, malewarebytes, hitman pro, as well as used some clean-up browser utilities like CC cleaner, adwcleaner, JRT and super antispyware. I also used Rkill to kill malicious processes. How ever I can't seem to eradicate this infection. My Emisoft was able to identity a few files deeply rooted into my system that other AV software was not able to locate. It gave me the option to clean but in doing so, i risk corrupting my operating system because of the malicious files being deeply rooted.
Symptoms include anything from delay in keystrokes of my keyboard and mouse speed fluctuation or even stuttering to unresponsive applications, browser links not being relocating to the correct URL's, System crashes, and even DNS errors.
I am going to start by uploading a few Logs so you can take a look at everything, i will also upload my emisoft log since its the only software that was able to detect something outside of just cookies.
Additionally I do want to advise that I have some important stuff on my browsers so please let me know if any of your software removes extensions or add-ons as well as history so I can back it up before proceeding to clean my browsers.
Farbar Recovery Log:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-06-2020
Ran by Jeff (administrator) on DESKTOP-28LTCFK (MSI MS-7917) (03-07-2020 15:32:41)
Running from C:\Users\Jeff\Documents
Loaded Profiles: Jeff
Platform: Windows 10 Pro Version 1909 18363.900 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files\Serviio\bin\ServiioService.exe <2>
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(Crystal Rich Ltd -> Crystal Rich Ltd) C:\Program Files (x86)\USB Safely Remove\USBSafelyRemove.exe
(Crystal Rich Ltd -> Crystal Rich Ltd) C:\Program Files (x86)\USB Safely Remove\USBSRService.exe
(Discord Inc. -> Discord Inc.) C:\Users\Jeff\AppData\Local\Discord\app-0.0.306\Discord.exe <6>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <39>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12006.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <12>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a3efb8aa9e9e249a\Display.NvContainer\NVDisplay.Container.exe <2>
(Plex, Inc. -> ) C:\Program Files (x86)\Plex\Plex Media Server\Plex Tuner Service.exe
(Plex, Inc. -> Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
(Plex, Inc. -> Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe
(Plex, Inc. -> Python Software Foundation) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(TEFINCOM S.A. -> ) C:\Program Files (x86)\NordVPN\nordvpn-service.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(WOLF OF WEBSTREET (OPC) PRIVATE LIMITED -> Copyright 2017.) C:\Program Files (x86)\MalwareFox AntiMalware\ZAM.exe <2>
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9181696 2016-12-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Eraser] => C:\Program Files\Eraser\Eraser.exe [1068560 2019-08-18] (Heidi Computers Ltd -> The Eraser Project)
HKLM\...\Run: [ZAM] => C:\Program Files (x86)\MalwareFox AntiMalware\ZAM.exe [15767792 2020-07-02] (WOLF OF WEBSTREET (OPC) PRIVATE LIMITED -> Copyright 2017.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX2] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe [279240 2016-12-09] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (Canon Inc. -> CANON INC.)
HKU\S-1-5-21-2173443285-4263232512-4239572146-1001\...\Run: [Discord] => C:\Users\Jeff\AppData\Local\Discord\app-0.0.306\Discord.exe [90950968 2020-02-24] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-2173443285-4263232512-4239572146-1001\...\Run: [USB Safely Remove] => C:\Program Files (x86)\USB Safely Remove\USBSafelyRemove.exe [6544992 2018-09-08] (Crystal Rich Ltd -> Crystal Rich Ltd)
HKU\S-1-5-21-2173443285-4263232512-4239572146-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3375904 2020-06-04] (Valve -> Valve Corporation)
HKU\S-1-5-21-2173443285-4263232512-4239572146-1001\...\Run: [NordVPN] => C:\Program Files (x86)\NordVPN\NordVPN.exe [1825744 2020-04-29] (TEFINCOM S.A. -> NordVPN)
HKU\S-1-5-21-2173443285-4263232512-4239572146-1001\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [20086776 2020-05-25] (Plex, Inc. -> Plex, Inc.)
HKU\S-1-5-21-2173443285-4263232512-4239572146-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [8887216 2018-03-22] (Support.com, Inc. -> SUPERAntiSpyware)
HKU\S-1-5-21-2173443285-4263232512-4239572146-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [23153344 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2173443285-4263232512-4239572146-1001\...\RunOnce: [Application Restart #4] => C:\Program Files (x86)\Microsoft Visual Studio\2017\Enterprise\Common7\IDE\devenv.exe [727608 2020-01-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2173443285-4263232512-4239572146-1001\...\MountPoints2: {9586f46a-25d9-11ea-9c47-4ccc6a67517a} - "R:\WD SmartWare.exe" autoplay=true
HKLM\...\Windows x64\Print Processors\Canon TR8500 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDDL.DLL [482816 2019-01-10] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ FAX Language Monitor TR8500 series: C:\WINDOWS\system32\CNCALDL.DLL [254464 2019-01-28] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor TR8500 series: C:\WINDOWS\system32\CNMLMDL.DLL [1302016 2019-01-10] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.116\Installer\chrmstp.exe [2020-07-02] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {068C6996-5CB8-413C-BAB1-82EA31973111} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_387_Plugin.exe [1459256 2020-06-25] (Adobe Inc. -> Adobe)
Task: {195AA098-D68B-4966-84EC-25F6913E3B9E} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [171368 2020-06-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {2AC519C9-286E-4B1D-81AA-8765F67391D2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {4D8F1E9D-D34D-4738-A3A0-E59017F7C7AD} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-25] (Adobe Inc. -> Adobe)
Task: {5E5B6949-4FDC-4E43-9D38-96BBA90F22B6} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23756168 2020-06-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {7735C6DB-4C54-48FC-B7C2-ADB196B0AFFC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-02] (Google LLC -> Google LLC)
Task: {7974C317-3446-40BD-9632-1ACB3800E0C5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-02] (Google LLC -> Google LLC)
Task: {8E6C6556-1817-4387-BC78-02F59D34227D} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [171368 2020-06-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {A2EC3278-C7D0-43B7-BED8-68C9E145D0FA} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1861528 2020-06-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {D9F2203A-B32E-4821-BF4D-6C8016B9AFED} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16835256 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {F160E677-94BA-4E39-9197-CFA08B4C26D6} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23756168 2020-06-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {F5750E51-3625-415B-8DAF-50C84E922399} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [124112 2020-07-01] (Mozilla Corporation -> Mozilla Foundation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CCleaner Update.job => C:\Program Files\CCleaner\CCUpdate.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\..\Interfaces\{c6b50efc-6210-473e-b22e-c6b4c3800167}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-01-10] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-06-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-06-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-06-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-06-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-06-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-06-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-06-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-06-06] (Microsoft Corporation -> Microsoft Corporation)
Edge:
======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Jeff\AppData\Local\Microsoft\Edge\User Data\Default [2020-07-02]
FireFox:
========
FF DefaultProfile: zyy8cm08.default
FF ProfilePath: C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\zyy8cm08.default [2019-12-28]
FF ProfilePath: C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\iwvw2oej.default-release-1585113236716 [2020-07-03]
FF DownloadDir: I:\X Movies\B Archive Films 1986 - 1989
FF Session Restore: Mozilla\Firefox\Profiles\iwvw2oej.default-release-1585113236716 -> is enabled.
FF Extension: (Simple mass downloader) - C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\iwvw2oej.default-release-1585113236716\Extensions\gelprec.smd@gmail.com.xpi [2020-03-24]
FF Extension: (Video DownloadHelper) - C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\iwvw2oej.default-release-1585113236716\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2020-04-22]
FF Extension: (Adblock Plus - free ad blocker) - C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\iwvw2oej.default-release-1585113236716\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-06-30]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_387.dll [2020-06-25] (Adobe Inc. -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_387.dll [2020-06-25] (Adobe Inc. -> )
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2016-04-14] (CANON INC.) [File not signed]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-01-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-03] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default [2020-07-03]
CHR DownloadDir: C:\Users\Jeff\Documents
CHR Notifications: Default -> hxxps://www.cio.com; hxxps://www.facebook.com; hxxps://www.reddit.com; hxxps://www.youtube.com
CHR DefaultSearchURL: Default -> hxxps://s.yimg.com/cv/apiv2/09062018/manifest/yahoo_install_48.png
CHR Extension: (WOT Web of Trust, Website Reputation Ratings) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2020-07-02]
CHR Extension: (Yahoo) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnpnjbjealcpabcenanokcflffolchnm [2020-02-18]
CHR Extension: (uBlock Origin) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2020-06-18]
CHR Extension: (Video DownloadHelper) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2020-04-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-12-28]
CHR Extension: (Chrome Media Router) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-06-18]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-30] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-25] (Adobe Inc. -> Adobe)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [10634632 2020-06-05] (Microsoft Corporation -> Microsoft Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [399296 2019-11-28] (Canon Inc. -> )
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-06-25] (Malwarebytes Inc -> Malwarebytes)
R2 nordvpn-service; C:\Program Files (x86)\NordVPN\nordvpn-service.exe [237520 2020-04-29] (TEFINCOM S.A. -> )
R2 PlexUpdateService; C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe [1508336 2020-05-25] (Plex, Inc. -> Plex, Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5930136 2020-04-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 Serviio; C:\Program Files\Serviio\bin\ServiioService.exe [413696 2020-05-03] () [File not signed]
R2 USBSafelyRemoveService; C:\Program Files (x86)\USB Safely Remove\USBSRService.exe [1736800 2018-09-08] (Crystal Rich Ltd -> Crystal Rich Ltd)
S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [157480 2018-08-02] (Microsoft Corporation -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\NisSrv.exe [2484256 2020-06-04] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\MsMpEng.exe [103168 2020-06-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ZAMSvc; C:\Program Files (x86)\MalwareFox AntiMalware\ZAM.exe [15767792 2020-07-02] (WOLF OF WEBSTREET (OPC) PRIVATE LIMITED -> Copyright 2017.)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a3efb8aa9e9e249a\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a3efb8aa9e9e249a\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 amsdk; C:\WINDOWS\system32\drivers\amsdk.sys [232792 2020-07-02] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
R3 ElgatoGC658Y; C:\WINDOWS\System32\Drivers\ElgatoGC658.sys [52848 2016-08-03] (Elgato Systems LLC -> UB658)
R1 epp; C:\EEK\bin64\epp.sys [155112 2020-07-02] (Microsoft Windows Hardware Compatibility Publisher -> Emsisoft Ltd)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2020-06-25] (Malwarebytes Corporation -> Malwarebytes)
S3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [57728 2020-07-02] (SurfRight B.V. -> )
R3 KillerEth; C:\WINDOWS\System32\drivers\e2xw10x64.sys [145920 2019-03-18] (Microsoft Windows -> Qualcomm Atheros, Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [214496 2020-07-02] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-06-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [196456 2020-07-03] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73368 2020-07-03] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-07-02] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [131728 2020-06-30] (Malwarebytes Inc -> Malwarebytes)
R3 nlwt; C:\WINDOWS\system32\DRIVERS\nlwt.sys [39360 2020-04-20] (TEFINCOM S.A. -> WireGuard LLC)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a3efb8aa9e9e249a\nvlddmkm.sys [23231744 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NVSWCFilter; C:\WINDOWS\System32\drivers\nvswcfilter.sys [53752 2019-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
S3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [75600 2019-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project)
R3 USB28xxBGA; C:\WINDOWS\System32\drivers\emBDA64.sys [981432 2018-11-25] (Microsoft Windows Hardware Compatibility Publisher -> eMPIA Technology Corp.)
R3 USB28xxOEM; C:\WINDOWS\System32\drivers\emOEM64.sys [1556920 2018-11-25] (Microsoft Windows Hardware Compatibility Publisher -> eMPIA Technology Corp.)
S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [174008 2019-01-28] (Oracle Corporation -> Oracle Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45960 2020-06-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [401120 2020-06-04] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [64224 2020-06-04] (Microsoft Windows -> Microsoft Corporation)
R3 XtuAcpiDriver; C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys [63840 2015-07-10] (Intel® Software -> Intel Corporation)
R1 ZAM; C:\WINDOWS\System32\drivers\zam64.sys [203680 2020-07-02] (Zemana Ltd. -> Zemana Ltd.)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2020-07-02] (Zemana Ltd. -> Zemana Ltd.)
S3 CrucialSMBusScan; \??\C:\Users\Jeff\AppData\Local\Temp\CrucialSMBusScan_V64.sys [X] <==== ATTENTION
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-07-03 15:32 - 2020-07-03 15:33 - 000024210 _____ C:\Users\Jeff\Documents\FRST.txt
2020-07-03 15:32 - 2020-07-03 15:33 - 000000000 ____D C:\FRST
2020-07-03 15:25 - 2020-07-03 15:25 - 005198336 _____ (AVAST Software) C:\Users\Jeff\Documents\aswMBR.exe
2020-07-03 15:23 - 2020-07-03 15:23 - 002291712 _____ (Farbar) C:\Users\Jeff\Documents\FRST64.exe
2020-07-03 15:11 - 2020-07-03 15:11 - 000196456 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2020-07-03 15:11 - 2020-07-03 15:11 - 000073368 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2020-07-03 14:26 - 2020-07-03 14:26 - 000177078 _____ C:\Users\Jeff\Documents\d286e821-96ca-4bb4-9906-b8eea3aa3e6c.tmp
2020-07-02 18:49 - 2020-07-02 18:49 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-07-02 14:54 - 2020-07-03 15:33 - 000066205 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2020-07-02 14:54 - 2020-07-02 14:54 - 000203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zamguard64.sys
2020-07-02 14:54 - 2020-07-02 14:54 - 000203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zam64.sys
2020-07-02 14:54 - 2020-07-02 14:54 - 000001259 _____ C:\Users\Public\Desktop\MalwareFox AntiMalware.lnk
2020-07-02 14:54 - 2020-07-02 14:54 - 000001259 _____ C:\ProgramData\Desktop\MalwareFox AntiMalware.lnk
2020-07-02 14:54 - 2020-07-02 14:54 - 000000000 ____D C:\Users\Jeff\AppData\Local\Wolf of Webstreet OPC Private Limited
2020-07-02 14:54 - 2020-07-02 14:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MalwareFox AntiMalware
2020-07-02 14:54 - 2020-07-02 14:54 - 000000000 ____D C:\Program Files (x86)\MalwareFox AntiMalware
2020-07-02 14:52 - 2020-07-02 14:52 - 000002377 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-07-02 14:52 - 2020-07-02 14:52 - 000002336 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-07-02 14:52 - 2020-07-02 14:52 - 000002336 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-07-02 14:51 - 2020-07-02 14:51 - 001295576 _____ (Google LLC) C:\Users\Jeff\Downloads\ChromeSetup.exe
2020-07-02 14:51 - 2020-07-02 14:51 - 000003420 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-07-02 14:51 - 2020-07-02 14:51 - 000003296 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-07-02 14:42 - 2020-07-02 14:42 - 000002886 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2020-07-02 14:40 - 2020-07-03 15:33 - 000481337 _____ C:\WINDOWS\ZAM.krnl.trace
2020-07-02 14:37 - 2020-07-02 14:37 - 001965536 _____ (Malwarebytes) C:\Users\Jeff\Documents\MBSetup-80562.80562-consumer.exe
2020-07-02 14:34 - 2020-07-02 14:34 - 000000000 ____D C:\Users\Jeff\AppData\Local\Zemana
2020-07-02 14:33 - 2020-07-02 14:33 - 006617512 _____ (Zemana Ltd. ) C:\Users\Jeff\Documents\MalwareFox.exe
2020-07-02 14:27 - 2020-07-02 14:27 - 012741568 _____ (Zemana Ltd. ) C:\Users\Jeff\Documents\AntiMalware_Setup.exe
2020-07-02 14:27 - 2020-07-02 14:27 - 000232792 _____ (Copyright 2018.) C:\WINDOWS\system32\Drivers\amsdk.sys
2020-07-02 14:27 - 2020-07-02 14:27 - 000000000 ____D C:\Users\Jeff\AppData\Local\AMSDK
2020-07-02 14:22 - 2020-07-02 14:22 - 000448512 _____ (OldTimer Tools) C:\Users\Jeff\Documents\TFC.exe
2020-07-02 14:16 - 2020-07-02 14:16 - 000057728 _____ C:\WINDOWS\system32\Drivers\hitmanpro37.sys
2020-07-02 14:15 - 2020-07-02 14:16 - 000002438 _____ C:\Users\Jeff\Desktop\Rkill.txt
2020-07-02 14:11 - 2020-07-02 14:11 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-07-02 14:11 - 2020-07-02 14:11 - 000000863 _____ C:\ProgramData\Desktop\CCleaner.lnk
2020-07-02 14:11 - 2020-07-02 14:11 - 000000300 ____H C:\WINDOWS\Tasks\CCleaner Update.job
2020-07-02 14:11 - 2020-07-02 14:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2020-07-02 14:11 - 2020-07-02 14:11 - 000000000 ____D C:\Program Files\CCleaner
2020-07-02 14:05 - 2020-07-02 14:05 - 000001428 _____ C:\Users\Jeff\Desktop\Msoft.txt
2020-07-02 14:05 - 2020-07-02 14:05 - 000000000 ____D C:\Users\Jeff\AppData\Local\ESET
2020-07-02 14:01 - 2020-07-02 14:05 - 000000000 ____D C:\EEK
2020-07-02 14:01 - 2020-07-02 14:01 - 000000000 ____D C:\ProgramData\Emsisoft
2020-07-02 13:57 - 2020-07-02 13:57 - 000001122 _____ C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2020-07-02 13:57 - 2020-07-02 13:57 - 000001122 _____ C:\ProgramData\Desktop\Revo Uninstaller Pro.lnk
2020-07-02 13:57 - 2020-07-02 13:57 - 000000000 ____D C:\Users\Jeff\AppData\Local\VS Revo Group
2020-07-02 13:57 - 2020-07-02 13:57 - 000000000 ____D C:\ProgramData\VS Revo Group
2020-07-02 13:57 - 2020-07-02 13:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2020-07-02 13:57 - 2020-07-02 13:57 - 000000000 ____D C:\Program Files\VS Revo Group
2020-07-02 13:57 - 2016-12-21 14:52 - 000040240 _____ (VS Revo Group) C:\WINDOWS\system32\Drivers\revoflt.sys
2020-07-02 13:50 - 2020-07-02 13:52 - 000166974 _____ C:\TDSSKiller.3.1.0.28_02.07.2020_13.50.51_log.txt
2020-07-02 13:50 - 2020-07-02 13:50 - 004962800 _____ C:\Users\Jeff\Documents\tdsskiller.zip
2020-07-02 13:50 - 2020-07-02 13:50 - 000000436 _____ C:\TDSSKiller.3.1.0.16_02.07.2020_13.50.25_log.txt
2020-07-02 13:50 - 2020-07-02 13:50 - 000000000 ____D C:\Users\Jeff\Documents\tdsskiller
2020-07-02 13:41 - 2020-07-02 13:50 - 000000000 ____D C:\Users\Jeff\Desktop\mbar
2020-07-02 13:41 - 2020-07-02 13:50 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2020-07-02 13:28 - 2020-07-02 13:28 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2020-07-02 13:06 - 2020-07-02 14:38 - 000000000 ____D C:\WINDOWS\pss
2020-07-01 16:27 - 2020-07-03 15:10 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-06-30 18:51 - 2020-07-02 14:41 - 000214496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-06-30 18:51 - 2020-06-30 18:51 - 000131728 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2020-06-26 21:11 - 2020-06-26 21:11 - 000463097 _____ C:\Users\Jeff\Documents\SoraVoice_20191210.7z
2020-06-26 21:11 - 2020-06-26 21:11 - 000000000 ____D C:\Users\Jeff\Documents\SoraVoice_20191210
2020-06-26 21:11 - 2020-06-26 21:11 - 000000000 ____D C:\Users\Jeff\Documents\dsound_dll_20190716
2020-06-26 21:10 - 2020-06-26 21:10 - 000033996 _____ C:\Users\Jeff\Documents\dsound_dll_20190716.7z
2020-06-25 21:09 - 2020-07-01 19:57 - 000000000 ____D C:\Users\Jeff\Desktop\Preschool Grad Pictures
2020-06-25 14:54 - 2020-07-02 13:55 - 000000554 _____ C:\Users\Jeff\Desktop\JRT.txt
2020-06-25 14:46 - 2020-06-25 14:47 - 000169492 _____ C:\TDSSKiller.3.1.0.28_25.06.2020_14.46.43_log.txt
2020-06-25 14:45 - 2020-06-25 14:45 - 000001849 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2020-06-25 14:45 - 2020-06-25 14:45 - 000001849 _____ C:\ProgramData\Desktop\SUPERAntiSpyware Free Edition.lnk
2020-06-25 14:45 - 2020-06-25 14:45 - 000000000 ____D C:\Users\Jeff\AppData\Roaming\SUPERAntiSpyware.com
2020-06-25 14:45 - 2020-06-25 14:45 - 000000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2020-06-25 14:45 - 2020-06-25 14:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2020-06-25 14:45 - 2020-06-25 14:45 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
2020-06-25 14:44 - 2020-06-25 14:51 - 000000000 ____D C:\ProgramData\HitmanPro
2020-06-25 14:42 - 2020-06-25 14:42 - 000000000 ____D C:\Users\Jeff\AppData\Local\mbam
2020-06-25 14:41 - 2020-07-02 14:41 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-06-25 14:41 - 2020-07-02 13:41 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-06-25 14:41 - 2020-06-25 14:41 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-06-25 14:41 - 2020-06-25 14:41 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-06-25 14:41 - 2020-06-25 14:41 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-06-25 14:41 - 2020-06-25 14:41 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-06-25 14:41 - 2020-06-25 14:41 - 000002021 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-06-25 14:40 - 2020-06-25 14:40 - 001928352 _____ (Malwarebytes) C:\Users\Jeff\Documents\MBSetup-076981.076981-Consumer.exe
2020-06-25 14:40 - 2020-06-25 14:40 - 000000000 ____D C:\Program Files\Malwarebytes
2020-06-22 17:42 - 2020-06-22 17:42 - 000087247 _____ C:\Users\Jeff\Documents\June 08, 2020.pdf
2020-06-22 17:42 - 2020-06-22 17:42 - 000059722 _____ C:\Users\Jeff\Documents\January 08, 2020.pdf
2020-06-22 17:38 - 2020-06-22 17:38 - 000066627 _____ C:\Users\Jeff\Documents\June 05, 2020.pdf
2020-06-20 00:57 - 2020-03-11 06:05 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthA2dp.sys
2020-06-19 18:24 - 2020-06-19 18:24 - 000212141 _____ C:\Users\Jeff\Documents\IMG_20200619_0002.pdf
2020-06-19 18:24 - 2020-06-19 18:24 - 000206082 _____ C:\Users\Jeff\Desktop\SNAP Benifits - Front.pdf
2020-06-19 18:23 - 2020-06-19 18:23 - 000168389 _____ C:\Users\Jeff\Desktop\SNAP Benifits - Back.pdf
2020-06-19 18:22 - 2020-06-19 18:22 - 000177653 _____ C:\Users\Jeff\Documents\IMG_20200619_0001.pdf
2020-06-18 01:11 - 2020-06-18 01:11 - 002510856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2020-06-18 01:08 - 2020-06-05 14:03 - 000835480 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-06-18 01:08 - 2020-06-05 14:03 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2020-06-17 14:43 - 2020-06-17 14:43 - 000063146 _____ C:\Users\Jeff\Documents\Invoice 12-13468.pdf
2020-06-17 14:42 - 2020-06-17 14:42 - 000068876 _____ C:\Users\Jeff\Documents\Invoice 12-12298.pdf
2020-06-17 14:42 - 2020-06-17 14:42 - 000063828 _____ C:\Users\Jeff\Documents\Invoice 12-13655.pdf
2020-06-17 14:41 - 2020-06-17 15:02 - 000000000 ____D C:\Users\Jeff\Desktop\Dick Websters Invoices
2020-06-17 14:41 - 2020-06-17 14:41 - 000066515 _____ C:\Users\Jeff\Documents\Invoice 12-13938.pdf
2020-06-10 00:39 - 2020-06-10 00:39 - 025902080 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 019851776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 019812864 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 018029056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 011608064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 009931576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 009712640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 008015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 007911176 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 007760384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 007604592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 007268864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 007266080 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 007012864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 006526448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 006435840 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 006292480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 006091048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 006066808 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 005909504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 005765144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 005283264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 005195432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 005111808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 005004344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 004858880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 004610560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 004565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 004470272 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 004012032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 003822592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 003726848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-06-10 00:39 - 2020-06-10 00:39 - 003712000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 003581240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-06-10 00:39 - 2020-06-10 00:39 - 003525608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 003515392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 003398656 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 003368104 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 003365376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 003187200 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 002831872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 002798592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-06-10 00:39 - 2020-06-10 00:39 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-06-10 00:39 - 2020-06-10 00:39 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-06-10 00:39 - 2020-06-10 00:39 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-06-10 00:39 - 2020-06-10 00:39 - 002656256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 002583496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 002494744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 002289664 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 002281472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcndmgr.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 002235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 002230240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 002204160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 002190648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 002184504 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001942528 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001919488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001803776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmc.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001743680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001704448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmcndmgr.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001683968 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001654960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001649152 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001583104 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001539072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 001497400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001486336 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 001467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001466368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpsharercom.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001447424 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 001416224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001410048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmc.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 001397560 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 001393952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001348096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001344512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMNetMgr.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001316352 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmclient.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001314304 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagperf.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001284608 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001283072 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001274128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001272160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001261568 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001260744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001250816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpsharercom.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001215488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 001193984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001158144 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001155944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 001153024 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowsperformancerecordercontrol.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001151824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001138688 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMNetMgr.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001100288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001099608 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001077048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 001073664 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001066496 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdosys.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001055184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001007104 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001003832 _____ (Microsoft Corporation) C:\WINDOWS\system32\DismApi.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000994304 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000992256 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2fs.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapi3.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregcmd.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000940544 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srmclient.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000932256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000931840 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkObjCore.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000929280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000897536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000894024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000892416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000892048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-06-10 00:39 - 2020-06-10 00:39 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowsperformancerecordercontrol.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000868352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2fs.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000850944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapi3.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000832512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdosys.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000826368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000797464 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000783496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000782336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000777216 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000760296 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000747832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000740664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DismApi.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000740352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000739840 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscsvc.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000727040 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntime.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000722072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000716320 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntimewindows.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BTAGService.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000696832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000694784 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpprefcl.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000692224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000690176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkObjCore.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000686080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000684856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000674304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000651776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMEX.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000640000 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmscan.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000632320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000628408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000619008 _____ (Microsoft Corporation) C:\WINDOWS\system32\azroles.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000614400 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\psisdecd.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000593424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msra.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000575488 _____ (Microsoft® Windows® Operating System) C:\WINDOWS\system32\wvc.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msTextPrediction.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000572200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000571904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2020-06-10 00:39 - 2020-06-10 00:39 - 000564736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpprefcl.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000564496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000561464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2020-06-10 00:39 - 2020-06-10 00:39 - 000557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000555520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000553984 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-06-10 00:39 - 2020-06-10 00:39 - 000549376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000548984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000531768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2020-06-10 00:39 - 2020-06-10 00:39 - 000529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000522240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000518456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000508720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000508216 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizeng.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSCOMEX.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2020-06-10 00:39 - 2020-06-10 00:39 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\azroles.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000498176 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000490496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000484864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\psisdecd.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000478208 _____ (Microsoft® Windows® Operating System) C:\WINDOWS\SysWOW64\wvc.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000467952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000466944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srmscan.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassdo.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000461112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.ConversationalAgent.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000453944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000451864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-06-10 00:39 - 2020-06-10 00:39 - 000440832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprt.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\WalletService.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\termmgr.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000425056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000423424 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswmdm.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000420352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000407864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwizeng.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000405936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000398336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMM.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000398336 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000384512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000384000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000380728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000361472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\termmgr.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassdo.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000357176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswmdm.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpr.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Feedback.Analog.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000338944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpviewerax.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-06-10 00:39 - 2020-06-10 00:39 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000309248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2020-06-10 00:39 - 2020-06-10 00:39 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\RASMM.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WlanMM.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\CXHProvisioningServer.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000287232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Preview.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000280376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Dism.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000271360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpviewerax.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkEd.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000267776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000264192 _____ (Microsoft Corporation) C:\WINDOWS\system32\netman.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000260096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wavemsp.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000259776 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoncli.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpg2splt.ax
2020-06-10 00:39 - 2020-06-10 00:39 - 000249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\FileHistory.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000248320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000247856 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000242688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkEd.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\psr.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wavemsp.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000223544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Dism.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000221496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpdxm.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdigest.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000211256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000209216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSM.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\cic.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg2splt.ax
2020-06-10 00:39 - 2020-06-10 00:39 - 000204008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityCenterBroker.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000201528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SIUF.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000199992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmidx.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000196096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\psr.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000193592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AarSvc.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000190048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logoncli.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdigest.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasrecst.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netprofm.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3mm.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000179512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2020-06-10 00:39 - 2020-06-10 00:39 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpdxm.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaatext.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000165832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000165296 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000165192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cic.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSM.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000150328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdrsvc.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasnap.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000146944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmidx.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleprn.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000133120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasrecst.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000132424 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000130112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000129600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkStatus.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000128312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkspbrokerAx.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMM.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaatext.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleprn.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000108856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasnap.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000104248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000099712 _____ (Microsoft Corporation) C:\WINDOWS\system32\FsIso.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkspbrokerAx.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\atl.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000093448 _____ (Microsoft Corporation) C:\WINDOWS\system32\devenum.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000090952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000089344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwanRadioManager.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2020-06-10 00:39 - 2020-06-10 00:39 - 000083600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devenum.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atl.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\RpcEpMap.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasads.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2020-06-10 00:39 - 2020-06-10 00:39 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanRadioManager.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxGipRadioManager.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtutils.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnrollCtrl.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000063288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasads.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtutils.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\NfcRadioMedia.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeUISrv.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnosticsTool.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnrollCtrl.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000041864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityCenterBrokerPS.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\atlthunk.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atlthunk.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryCore.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000028368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SecurityCenterBrokerPS.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-06-10 00:39 - 2020-06-10 00:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-06-10 00:39 - 2020-06-10 00:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-06-10 00:39 - 2020-06-10 00:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-06-10 00:39 - 2020-06-10 00:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-06-10 00:39 - 2020-06-10 00:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-06-10 00:39 - 2020-06-10 00:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-06-10 00:39 - 2020-06-10 00:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-06-10 00:39 - 2020-06-10 00:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-06-10 00:39 - 2020-06-10 00:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-06-10 00:39 - 2020-06-10 00:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-06-10 00:39 - 2020-06-10 00:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-06-10 00:33 - 2020-06-10 00:33 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-06-10 00:33 - 2020-06-10 00:33 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-06-08 18:14 - 2020-06-08 18:14 - 000162481 _____ C:\Users\Jeff\Documents\[BakaBT.163546v0] Bakemonogatari_[ANE] (1).torrent
2020-06-03 18:30 - 2020-06-03 18:30 - 000593004 _____ C:\Users\Jeff\Documents\IMG_20200603_0001.pdf
2020-06-03 18:30 - 2020-06-03 18:30 - 000579934 _____ C:\Users\Jeff\Desktop\Grad_invitation.pdf
2020-06-03 01:32 - 2020-06-03 01:33 - 000000000 ____D C:\Users\Jeff\Documents\Trails in the Sky FC
2020-06-03 01:27 - 2020-06-03 01:28 - 1056337844 _____ C:\Users\Jeff\Documents\Trails in the Sky FC.rar
2020-06-03 00:30 - 2020-06-03 12:45 - 000000000 ____D C:\Users\Jeff\AppData\Local\Canon Easy-PhotoPrint EX
2020-06-03 00:30 - 2020-06-03 00:30 - 000001931 _____ C:\Users\Public\Desktop\Canon Easy-PhotoPrint EX.lnk
2020-06-03 00:30 - 2020-06-03 00:30 - 000001931 _____ C:\ProgramData\Desktop\Canon Easy-PhotoPrint EX.lnk
2020-06-03 00:30 - 2020-06-03 00:30 - 000000000 ___HD C:\ProgramData\CanonIJEPPEX2
2020-06-03 00:30 - 2020-06-03 00:30 - 000000000 ___HD C:\ProgramData\CanonIJEPPEX
2020-06-03 00:30 - 2020-06-03 00:30 - 000000000 ___HD C:\ProgramData\CanonEPP
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-07-03 15:30 - 2019-12-28 23:17 - 000000000 ____D C:\Users\Jeff\AppData\Roaming\Discord
2020-07-03 15:16 - 2019-12-28 16:53 - 000840852 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-07-03 15:16 - 2019-12-28 16:36 - 000000000 ____D C:\WINDOWS\INF
2020-07-03 15:12 - 2020-05-12 23:20 - 000000000 ____D C:\Program Files (x86)\Steam
2020-07-03 15:12 - 2019-12-20 00:03 - 000000000 ____D C:\Users\Jeff\AppData\LocalLow\Mozilla
2020-07-03 15:11 - 2020-05-27 03:36 - 000000000 ____D C:\Users\Jeff\AppData\Local\Plex Media Server
2020-07-03 15:11 - 2019-12-28 23:20 - 000000000 ____D C:\Users\Jeff\AppData\Roaming\USBSafelyRemove
2020-07-03 15:11 - 2019-12-28 16:47 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-07-03 15:11 - 2019-12-28 16:37 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-07-03 15:10 - 2019-12-28 20:22 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-07-03 15:07 - 2019-12-28 23:18 - 000000000 ____D C:\Users\Jeff\AppData\Roaming\Azureus
2020-07-03 15:07 - 2019-12-28 16:50 - 000012260 _____ C:\ProgramData\DisplaySessionContainer1.log_backup1
2020-07-03 15:07 - 2019-12-28 16:44 - 000027752 _____ C:\ProgramData\NVDisplayContainerWatchdog.log_backup1
2020-07-03 15:07 - 2019-12-28 16:44 - 000017618 _____ C:\ProgramData\NVDisplay.ContainerLocalSystem.log_backup1
2020-07-03 15:07 - 2019-12-28 16:32 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-07-03 14:06 - 2019-12-28 16:43 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-07-03 10:33 - 2020-01-02 04:13 - 000004166 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{2C57048F-A772-4420-AF5E-5105F8F52AD7}
2020-07-03 05:28 - 2019-12-29 17:13 - 000000000 ____D C:\Users\Jeff\AppData\Local\CrashDumps
2020-07-03 01:37 - 2019-12-28 16:37 - 000000000 ___HD C:\Program Files\WindowsApps
2020-07-03 01:37 - 2019-12-28 16:37 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-07-02 19:25 - 2020-05-28 03:07 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-07-02 19:25 - 2020-05-28 03:07 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-07-02 19:25 - 2020-05-28 03:07 - 000002276 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2020-07-02 18:49 - 2020-03-24 22:13 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-07-02 14:51 - 2019-12-28 20:21 - 000000000 ____D C:\Program Files (x86)\Google
2020-07-02 14:50 - 2020-01-07 15:03 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-07-02 14:50 - 2020-01-07 15:03 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-07-02 14:50 - 2020-01-07 15:03 - 000002124 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2020-07-02 14:50 - 2020-01-07 15:03 - 000002124 _____ C:\ProgramData\Desktop\Acrobat Reader DC.lnk
2020-07-02 14:41 - 2019-12-28 16:44 - 000001209 _____ C:\ProgramData\NvcDispCorePlugin.log_backup1
2020-07-02 14:32 - 2020-01-07 11:57 - 000001359 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio Installer.lnk
2020-07-02 14:32 - 2020-01-07 11:57 - 000000000 ____D C:\Users\Jeff\AppData\Roaming\Visual Studio Setup
2020-07-02 14:32 - 2020-01-07 11:57 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
2020-07-02 14:14 - 2020-03-15 17:44 - 000000000 ____D C:\Users\Jeff\AppData\Roaming\MPC-HC
2020-07-02 14:14 - 2019-12-28 16:32 - 000000000 ____D C:\WINDOWS\Panther
2020-07-02 13:53 - 2019-12-20 02:27 - 000000000 ____D C:\AdwCleaner
2020-07-02 13:06 - 2019-12-28 21:26 - 000000000 ____D C:\ProgramData\CanonIJPLM
2020-07-02 00:51 - 2019-12-28 18:35 - 000000000 ____D C:\Users\Jeff\AppData\Local\Packages
2020-06-25 15:35 - 2019-12-29 01:06 - 000000000 ____D C:\Users\Jeff\AppData\Local\Adobe
2020-06-25 15:35 - 2019-12-28 16:37 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-06-25 15:35 - 2019-12-28 16:37 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-06-25 14:41 - 2019-12-28 16:37 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-06-22 19:14 - 2019-12-28 18:38 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2173443285-4263232512-4239572146-1001
2020-06-22 19:14 - 2019-12-28 16:45 - 000002364 _____ C:\Users\Jeff\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-06-22 19:14 - 2019-12-19 23:24 - 000000000 ___RD C:\Users\Jeff\OneDrive
2020-06-18 01:57 - 2019-12-28 23:25 - 000000000 ____D C:\Program Files\Microsoft Office
2020-06-18 01:55 - 2020-01-05 03:16 - 000000000 ____D C:\Users\Jeff\AppData\Local\ElevatedDiagnostics
2020-06-18 01:11 - 2019-12-28 16:33 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-06-18 01:09 - 2019-12-28 16:37 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-06-18 01:09 - 2019-12-19 23:22 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-06-18 01:09 - 2019-12-19 23:22 - 000000000 ___RD C:\Users\Jeff\3D Objects
2020-06-18 01:08 - 2019-12-28 16:45 - 000000000 ____D C:\Users\Jeff
2020-06-18 01:08 - 2019-12-28 16:43 - 000439016 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-06-18 01:06 - 2019-12-28 16:37 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2020-06-18 01:06 - 2019-12-28 16:37 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-06-18 01:06 - 2019-12-28 16:37 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2020-06-18 01:06 - 2019-12-28 16:37 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2020-06-18 01:05 - 2019-12-28 16:37 - 000000000 ___SD C:\WINDOWS\system32\F12
2020-06-18 01:05 - 2019-12-28 16:37 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2020-06-18 01:05 - 2019-12-28 16:37 - 000000000 ____D C:\WINDOWS\SystemResources
2020-06-18 01:05 - 2019-12-28 16:37 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-06-18 01:05 - 2019-12-28 16:37 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-06-18 01:05 - 2019-12-28 16:37 - 000000000 ____D C:\WINDOWS\system32\Com
2020-06-18 01:05 - 2019-12-28 16:37 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2020-06-18 01:05 - 2019-12-28 16:37 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-06-18 01:05 - 2019-12-28 16:37 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-06-18 01:05 - 2019-12-28 16:37 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2020-06-18 01:05 - 2019-12-28 16:37 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2020-06-10 00:39 - 2019-12-28 16:48 - 002876416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2020-06-10 00:19 - 2019-12-29 01:06 - 000004544 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-06-04 03:17 - 2019-12-28 16:47 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-06-03 12:33 - 2019-12-28 16:37 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2020-06-03 00:30 - 2020-04-21 13:36 - 000000000 ____D C:\Program Files\Canon
2020-06-03 00:30 - 2019-12-20 14:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2020-06-03 00:17 - 2020-04-25 17:30 - 000000000 ___HD C:\ProgramData\CanonIJMIG
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
EMISOFT Log:
Emsisoft Emergency Kit - Version 2017.12
Last update: 7/2/2020 2:01:44 PM
User account: DESKTOP-28LTCFK\Jeff
Computer name: DESKTOP-28LTCFK
OS version: Windows 10x64
Scan settings:
Scan type: Malware Scan
Objects: Rootkits, Memory, Traces, Files
Detect PUPs: On
Scan archives: Off
Scan mail archives: Off
ADS Scan: On
File extension filter: Off
Direct disk access: Off
Scan start: 7/2/2020 2:01:48 PM
C:\Program Files (x86)\Windows Media Player\wmpshare.exe detected: Gen:Trojan.Heur2.FU.gy0@a4Hg6nci ( 
[krnl.xmd]
[krnl.xmd]C:\WINDOWS\SysWOW64\odbcad32.exe detected: Gen:Trojan.Heur.FU.eu0@aSYD0dli ( [krnl.xmd]
[krnl.xmd]Scanned 80345
Found 2
Scan end: 7/2/2020 2:02:23 PM
Scan time: 0:00:35
Tried to run ASMBR with and without rootkit detection and it caused a BSOD crashes so I won't be able to post a log for that. I may try it in safe mode but I will wait for further instruction at this point.
Attached Files
-
Addition.txt 43.89KB
215 downloads
Edited by jeff matthews, 03 July 2020 - 08:58 PM.
