Jump to content

Build Theme!
  •  
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 92792 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

Deep Rooted Infection - Gen:Trojan.Heur.FU.eu0@aSYD0dli [Solved]


  • This topic is locked This topic is locked
30 replies to this topic

#1 jeff matthews

jeff matthews

    Advanced Member

  • Authentic Member
  • PipPipPipPip
  • 768 posts

Posted 03 July 2020 - 04:20 PM

Hello,

 

I believe I have a deep rooted infection on my system. I ran several maleware and virus scans such as Emisoft, malewarebytes, hitman pro,  as well as used some clean-up browser utilities like CC cleaner, adwcleaner, JRT and super antispyware. I also used Rkill to kill malicious processes. How ever I can't seem to eradicate this infection. My Emisoft was able to identity a few files deeply rooted into my system that other AV software was not able to locate. It gave me the option to clean but in doing so, i risk corrupting my operating system because of the malicious files being deeply rooted.

 

Symptoms include anything from delay in keystrokes of my keyboard and mouse speed fluctuation or even stuttering to unresponsive applications, browser links not being relocating to the correct URL's, System crashes, and even DNS errors.

 

I am going to start by uploading a few Logs so you can take a look at everything, i will also upload my emisoft log since its the only software that was able to detect something outside of just cookies.

 

Additionally I do want to advise that I have some important stuff on my browsers so please let me know if any of your software removes extensions or add-ons as well as history so I can back it up before proceeding to clean my browsers.

 

 

Farbar Recovery Log:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-06-2020

Ran by Jeff (administrator) on DESKTOP-28LTCFK (MSI MS-7917) (03-07-2020 15:32:41)
Running from C:\Users\Jeff\Documents
Loaded Profiles: Jeff
Platform: Windows 10 Pro Version 1909 18363.900 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
() [File not signed] C:\Program Files\Serviio\bin\ServiioService.exe <2>
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(Crystal Rich Ltd -> Crystal Rich Ltd) C:\Program Files (x86)\USB Safely Remove\USBSafelyRemove.exe
(Crystal Rich Ltd -> Crystal Rich Ltd) C:\Program Files (x86)\USB Safely Remove\USBSRService.exe
(Discord Inc. -> Discord Inc.) C:\Users\Jeff\AppData\Local\Discord\app-0.0.306\Discord.exe <6>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <39>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12006.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <12>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a3efb8aa9e9e249a\Display.NvContainer\NVDisplay.Container.exe <2>
(Plex, Inc. -> ) C:\Program Files (x86)\Plex\Plex Media Server\Plex Tuner Service.exe
(Plex, Inc. -> Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
(Plex, Inc. -> Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe
(Plex, Inc. -> Python Software Foundation) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(TEFINCOM S.A. -> ) C:\Program Files (x86)\NordVPN\nordvpn-service.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(WOLF OF WEBSTREET (OPC) PRIVATE LIMITED -> Copyright 2017.) C:\Program Files (x86)\MalwareFox AntiMalware\ZAM.exe <2>
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9181696 2016-12-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Eraser] => C:\Program Files\Eraser\Eraser.exe [1068560 2019-08-18] (Heidi Computers Ltd -> The Eraser Project)
HKLM\...\Run: [ZAM] => C:\Program Files (x86)\MalwareFox AntiMalware\ZAM.exe [15767792 2020-07-02] (WOLF OF WEBSTREET (OPC) PRIVATE LIMITED -> Copyright 2017.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX2] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe [279240 2016-12-09] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (Canon Inc. -> CANON INC.)
HKU\S-1-5-21-2173443285-4263232512-4239572146-1001\...\Run: [Discord] => C:\Users\Jeff\AppData\Local\Discord\app-0.0.306\Discord.exe [90950968 2020-02-24] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-2173443285-4263232512-4239572146-1001\...\Run: [USB Safely Remove] => C:\Program Files (x86)\USB Safely Remove\USBSafelyRemove.exe [6544992 2018-09-08] (Crystal Rich Ltd -> Crystal Rich Ltd)
HKU\S-1-5-21-2173443285-4263232512-4239572146-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3375904 2020-06-04] (Valve -> Valve Corporation)
HKU\S-1-5-21-2173443285-4263232512-4239572146-1001\...\Run: [NordVPN] => C:\Program Files (x86)\NordVPN\NordVPN.exe [1825744 2020-04-29] (TEFINCOM S.A. -> NordVPN)
HKU\S-1-5-21-2173443285-4263232512-4239572146-1001\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [20086776 2020-05-25] (Plex, Inc. -> Plex, Inc.)
HKU\S-1-5-21-2173443285-4263232512-4239572146-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [8887216 2018-03-22] (Support.com, Inc. -> SUPERAntiSpyware)
HKU\S-1-5-21-2173443285-4263232512-4239572146-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [23153344 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2173443285-4263232512-4239572146-1001\...\RunOnce: [Application Restart #4] => C:\Program Files (x86)\Microsoft Visual Studio\2017\Enterprise\Common7\IDE\devenv.exe [727608 2020-01-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2173443285-4263232512-4239572146-1001\...\MountPoints2: {9586f46a-25d9-11ea-9c47-4ccc6a67517a} - "R:\WD SmartWare.exe" autoplay=true
HKLM\...\Windows x64\Print Processors\Canon TR8500 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDDL.DLL [482816 2019-01-10] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ FAX Language Monitor TR8500 series: C:\WINDOWS\system32\CNCALDL.DLL [254464 2019-01-28] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor TR8500 series: C:\WINDOWS\system32\CNMLMDL.DLL [1302016 2019-01-10] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.116\Installer\chrmstp.exe [2020-07-02] (Google LLC -> Google LLC)
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {068C6996-5CB8-413C-BAB1-82EA31973111} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_387_Plugin.exe [1459256 2020-06-25] (Adobe Inc. -> Adobe)
Task: {195AA098-D68B-4966-84EC-25F6913E3B9E} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [171368 2020-06-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {2AC519C9-286E-4B1D-81AA-8765F67391D2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {4D8F1E9D-D34D-4738-A3A0-E59017F7C7AD} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-25] (Adobe Inc. -> Adobe)
Task: {5E5B6949-4FDC-4E43-9D38-96BBA90F22B6} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23756168 2020-06-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {7735C6DB-4C54-48FC-B7C2-ADB196B0AFFC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-02] (Google LLC -> Google LLC)
Task: {7974C317-3446-40BD-9632-1ACB3800E0C5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-02] (Google LLC -> Google LLC)
Task: {8E6C6556-1817-4387-BC78-02F59D34227D} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [171368 2020-06-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {A2EC3278-C7D0-43B7-BED8-68C9E145D0FA} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1861528 2020-06-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {D9F2203A-B32E-4821-BF4D-6C8016B9AFED} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16835256 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {F160E677-94BA-4E39-9197-CFA08B4C26D6} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23756168 2020-06-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {F5750E51-3625-415B-8DAF-50C84E922399} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [124112 2020-07-01] (Mozilla Corporation -> Mozilla Foundation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\CCleaner Update.job => C:\Program Files\CCleaner\CCUpdate.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\..\Interfaces\{c6b50efc-6210-473e-b22e-c6b4c3800167}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-01-10] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-06-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-06-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-06-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-06-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-06-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-06-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-06-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-06-06] (Microsoft Corporation -> Microsoft Corporation)
 
Edge: 
======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Jeff\AppData\Local\Microsoft\Edge\User Data\Default [2020-07-02]
 
FireFox:
========
FF DefaultProfile: zyy8cm08.default
FF ProfilePath: C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\zyy8cm08.default [2019-12-28]
FF ProfilePath: C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\iwvw2oej.default-release-1585113236716 [2020-07-03]
FF DownloadDir: I:\X Movies\B Archive Films 1986 - 1989
FF Session Restore: Mozilla\Firefox\Profiles\iwvw2oej.default-release-1585113236716 -> is enabled.
FF Extension: (Simple mass downloader) - C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\iwvw2oej.default-release-1585113236716\Extensions\gelprec.smd@gmail.com.xpi [2020-03-24]
FF Extension: (Video DownloadHelper) - C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\iwvw2oej.default-release-1585113236716\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2020-04-22]
FF Extension: (Adblock Plus - free ad blocker) - C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\iwvw2oej.default-release-1585113236716\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-06-30]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_387.dll [2020-06-25] (Adobe Inc. -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_387.dll [2020-06-25] (Adobe Inc. -> )
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2016-04-14] (CANON INC.) [File not signed]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-01-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-03] (Adobe Inc. -> Adobe Systems Inc.)
 
Chrome: 
=======
CHR Profile: C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default [2020-07-03]
CHR DownloadDir: C:\Users\Jeff\Documents
CHR Notifications: Default -> hxxps://www.cio.com; hxxps://www.facebook.com; hxxps://www.reddit.com; hxxps://www.youtube.com
CHR DefaultSearchURL: Default -> hxxps://s.yimg.com/cv/apiv2/09062018/manifest/yahoo_install_48.png
CHR Extension: (WOT Web of Trust, Website Reputation Ratings) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2020-07-02]
CHR Extension: (Yahoo) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnpnjbjealcpabcenanokcflffolchnm [2020-02-18]
CHR Extension: (uBlock Origin) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2020-06-18]
CHR Extension: (Video DownloadHelper) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2020-04-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-12-28]
CHR Extension: (Chrome Media Router) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-06-18]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-30] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-25] (Adobe Inc. -> Adobe)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [10634632 2020-06-05] (Microsoft Corporation -> Microsoft Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [399296 2019-11-28] (Canon Inc. -> )
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-06-25] (Malwarebytes Inc -> Malwarebytes)
R2 nordvpn-service; C:\Program Files (x86)\NordVPN\nordvpn-service.exe [237520 2020-04-29] (TEFINCOM S.A. -> )
R2 PlexUpdateService; C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe [1508336 2020-05-25] (Plex, Inc. -> Plex, Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5930136 2020-04-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 Serviio; C:\Program Files\Serviio\bin\ServiioService.exe [413696 2020-05-03] () [File not signed]
R2 USBSafelyRemoveService; C:\Program Files (x86)\USB Safely Remove\USBSRService.exe [1736800 2018-09-08] (Crystal Rich Ltd -> Crystal Rich Ltd)
S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [157480 2018-08-02] (Microsoft Corporation -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\NisSrv.exe [2484256 2020-06-04] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\MsMpEng.exe [103168 2020-06-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ZAMSvc; C:\Program Files (x86)\MalwareFox AntiMalware\ZAM.exe [15767792 2020-07-02] (WOLF OF WEBSTREET (OPC) PRIVATE LIMITED -> Copyright 2017.)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a3efb8aa9e9e249a\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a3efb8aa9e9e249a\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 amsdk; C:\WINDOWS\system32\drivers\amsdk.sys [232792 2020-07-02] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
R3 ElgatoGC658Y; C:\WINDOWS\System32\Drivers\ElgatoGC658.sys [52848 2016-08-03] (Elgato Systems LLC -> UB658)
R1 epp; C:\EEK\bin64\epp.sys [155112 2020-07-02] (Microsoft Windows Hardware Compatibility Publisher -> Emsisoft Ltd)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2020-06-25] (Malwarebytes Corporation -> Malwarebytes)
S3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [57728 2020-07-02] (SurfRight B.V. -> )
R3 KillerEth; C:\WINDOWS\System32\drivers\e2xw10x64.sys [145920 2019-03-18] (Microsoft Windows -> Qualcomm Atheros, Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [214496 2020-07-02] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-06-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [196456 2020-07-03] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73368 2020-07-03] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-07-02] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [131728 2020-06-30] (Malwarebytes Inc -> Malwarebytes)
R3 nlwt; C:\WINDOWS\system32\DRIVERS\nlwt.sys [39360 2020-04-20] (TEFINCOM S.A. -> WireGuard LLC)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a3efb8aa9e9e249a\nvlddmkm.sys [23231744 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NVSWCFilter; C:\WINDOWS\System32\drivers\nvswcfilter.sys [53752 2019-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
S3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [75600 2019-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project)
R3 USB28xxBGA; C:\WINDOWS\System32\drivers\emBDA64.sys [981432 2018-11-25] (Microsoft Windows Hardware Compatibility Publisher -> eMPIA Technology Corp.)
R3 USB28xxOEM; C:\WINDOWS\System32\drivers\emOEM64.sys [1556920 2018-11-25] (Microsoft Windows Hardware Compatibility Publisher -> eMPIA Technology Corp.)
S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [174008 2019-01-28] (Oracle Corporation -> Oracle Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45960 2020-06-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [401120 2020-06-04] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [64224 2020-06-04] (Microsoft Windows -> Microsoft Corporation)
R3 XtuAcpiDriver; C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys [63840 2015-07-10] (Intel® Software -> Intel Corporation)
R1 ZAM; C:\WINDOWS\System32\drivers\zam64.sys [203680 2020-07-02] (Zemana Ltd. -> Zemana Ltd.)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2020-07-02] (Zemana Ltd. -> Zemana Ltd.)
S3 CrucialSMBusScan; \??\C:\Users\Jeff\AppData\Local\Temp\CrucialSMBusScan_V64.sys [X] <==== ATTENTION
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ===================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-07-03 15:32 - 2020-07-03 15:33 - 000024210 _____ C:\Users\Jeff\Documents\FRST.txt
2020-07-03 15:32 - 2020-07-03 15:33 - 000000000 ____D C:\FRST
2020-07-03 15:25 - 2020-07-03 15:25 - 005198336 _____ (AVAST Software) C:\Users\Jeff\Documents\aswMBR.exe
2020-07-03 15:23 - 2020-07-03 15:23 - 002291712 _____ (Farbar) C:\Users\Jeff\Documents\FRST64.exe
2020-07-03 15:11 - 2020-07-03 15:11 - 000196456 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2020-07-03 15:11 - 2020-07-03 15:11 - 000073368 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2020-07-03 14:26 - 2020-07-03 14:26 - 000177078 _____ C:\Users\Jeff\Documents\d286e821-96ca-4bb4-9906-b8eea3aa3e6c.tmp
2020-07-02 18:49 - 2020-07-02 18:49 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-07-02 14:54 - 2020-07-03 15:33 - 000066205 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2020-07-02 14:54 - 2020-07-02 14:54 - 000203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zamguard64.sys
2020-07-02 14:54 - 2020-07-02 14:54 - 000203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zam64.sys
2020-07-02 14:54 - 2020-07-02 14:54 - 000001259 _____ C:\Users\Public\Desktop\MalwareFox AntiMalware.lnk
2020-07-02 14:54 - 2020-07-02 14:54 - 000001259 _____ C:\ProgramData\Desktop\MalwareFox AntiMalware.lnk
2020-07-02 14:54 - 2020-07-02 14:54 - 000000000 ____D C:\Users\Jeff\AppData\Local\Wolf of Webstreet OPC Private Limited
2020-07-02 14:54 - 2020-07-02 14:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MalwareFox AntiMalware
2020-07-02 14:54 - 2020-07-02 14:54 - 000000000 ____D C:\Program Files (x86)\MalwareFox AntiMalware
2020-07-02 14:52 - 2020-07-02 14:52 - 000002377 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-07-02 14:52 - 2020-07-02 14:52 - 000002336 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-07-02 14:52 - 2020-07-02 14:52 - 000002336 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-07-02 14:51 - 2020-07-02 14:51 - 001295576 _____ (Google LLC) C:\Users\Jeff\Downloads\ChromeSetup.exe
2020-07-02 14:51 - 2020-07-02 14:51 - 000003420 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-07-02 14:51 - 2020-07-02 14:51 - 000003296 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-07-02 14:42 - 2020-07-02 14:42 - 000002886 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2020-07-02 14:40 - 2020-07-03 15:33 - 000481337 _____ C:\WINDOWS\ZAM.krnl.trace
2020-07-02 14:37 - 2020-07-02 14:37 - 001965536 _____ (Malwarebytes) C:\Users\Jeff\Documents\MBSetup-80562.80562-consumer.exe
2020-07-02 14:34 - 2020-07-02 14:34 - 000000000 ____D C:\Users\Jeff\AppData\Local\Zemana
2020-07-02 14:33 - 2020-07-02 14:33 - 006617512 _____ (Zemana Ltd. ) C:\Users\Jeff\Documents\MalwareFox.exe
2020-07-02 14:27 - 2020-07-02 14:27 - 012741568 _____ (Zemana Ltd. ) C:\Users\Jeff\Documents\AntiMalware_Setup.exe
2020-07-02 14:27 - 2020-07-02 14:27 - 000232792 _____ (Copyright 2018.) C:\WINDOWS\system32\Drivers\amsdk.sys
2020-07-02 14:27 - 2020-07-02 14:27 - 000000000 ____D C:\Users\Jeff\AppData\Local\AMSDK
2020-07-02 14:22 - 2020-07-02 14:22 - 000448512 _____ (OldTimer Tools) C:\Users\Jeff\Documents\TFC.exe
2020-07-02 14:16 - 2020-07-02 14:16 - 000057728 _____ C:\WINDOWS\system32\Drivers\hitmanpro37.sys
2020-07-02 14:15 - 2020-07-02 14:16 - 000002438 _____ C:\Users\Jeff\Desktop\Rkill.txt
2020-07-02 14:11 - 2020-07-02 14:11 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-07-02 14:11 - 2020-07-02 14:11 - 000000863 _____ C:\ProgramData\Desktop\CCleaner.lnk
2020-07-02 14:11 - 2020-07-02 14:11 - 000000300 ____H C:\WINDOWS\Tasks\CCleaner Update.job
2020-07-02 14:11 - 2020-07-02 14:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2020-07-02 14:11 - 2020-07-02 14:11 - 000000000 ____D C:\Program Files\CCleaner
2020-07-02 14:05 - 2020-07-02 14:05 - 000001428 _____ C:\Users\Jeff\Desktop\Msoft.txt
2020-07-02 14:05 - 2020-07-02 14:05 - 000000000 ____D C:\Users\Jeff\AppData\Local\ESET
2020-07-02 14:01 - 2020-07-02 14:05 - 000000000 ____D C:\EEK
2020-07-02 14:01 - 2020-07-02 14:01 - 000000000 ____D C:\ProgramData\Emsisoft
2020-07-02 13:57 - 2020-07-02 13:57 - 000001122 _____ C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2020-07-02 13:57 - 2020-07-02 13:57 - 000001122 _____ C:\ProgramData\Desktop\Revo Uninstaller Pro.lnk
2020-07-02 13:57 - 2020-07-02 13:57 - 000000000 ____D C:\Users\Jeff\AppData\Local\VS Revo Group
2020-07-02 13:57 - 2020-07-02 13:57 - 000000000 ____D C:\ProgramData\VS Revo Group
2020-07-02 13:57 - 2020-07-02 13:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2020-07-02 13:57 - 2020-07-02 13:57 - 000000000 ____D C:\Program Files\VS Revo Group
2020-07-02 13:57 - 2016-12-21 14:52 - 000040240 _____ (VS Revo Group) C:\WINDOWS\system32\Drivers\revoflt.sys
2020-07-02 13:50 - 2020-07-02 13:52 - 000166974 _____ C:\TDSSKiller.3.1.0.28_02.07.2020_13.50.51_log.txt
2020-07-02 13:50 - 2020-07-02 13:50 - 004962800 _____ C:\Users\Jeff\Documents\tdsskiller.zip
2020-07-02 13:50 - 2020-07-02 13:50 - 000000436 _____ C:\TDSSKiller.3.1.0.16_02.07.2020_13.50.25_log.txt
2020-07-02 13:50 - 2020-07-02 13:50 - 000000000 ____D C:\Users\Jeff\Documents\tdsskiller
2020-07-02 13:41 - 2020-07-02 13:50 - 000000000 ____D C:\Users\Jeff\Desktop\mbar
2020-07-02 13:41 - 2020-07-02 13:50 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2020-07-02 13:28 - 2020-07-02 13:28 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2020-07-02 13:06 - 2020-07-02 14:38 - 000000000 ____D C:\WINDOWS\pss
2020-07-01 16:27 - 2020-07-03 15:10 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-06-30 18:51 - 2020-07-02 14:41 - 000214496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-06-30 18:51 - 2020-06-30 18:51 - 000131728 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2020-06-26 21:11 - 2020-06-26 21:11 - 000463097 _____ C:\Users\Jeff\Documents\SoraVoice_20191210.7z
2020-06-26 21:11 - 2020-06-26 21:11 - 000000000 ____D C:\Users\Jeff\Documents\SoraVoice_20191210
2020-06-26 21:11 - 2020-06-26 21:11 - 000000000 ____D C:\Users\Jeff\Documents\dsound_dll_20190716
2020-06-26 21:10 - 2020-06-26 21:10 - 000033996 _____ C:\Users\Jeff\Documents\dsound_dll_20190716.7z
2020-06-25 21:09 - 2020-07-01 19:57 - 000000000 ____D C:\Users\Jeff\Desktop\Preschool Grad Pictures
2020-06-25 14:54 - 2020-07-02 13:55 - 000000554 _____ C:\Users\Jeff\Desktop\JRT.txt
2020-06-25 14:46 - 2020-06-25 14:47 - 000169492 _____ C:\TDSSKiller.3.1.0.28_25.06.2020_14.46.43_log.txt
2020-06-25 14:45 - 2020-06-25 14:45 - 000001849 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2020-06-25 14:45 - 2020-06-25 14:45 - 000001849 _____ C:\ProgramData\Desktop\SUPERAntiSpyware Free Edition.lnk
2020-06-25 14:45 - 2020-06-25 14:45 - 000000000 ____D C:\Users\Jeff\AppData\Roaming\SUPERAntiSpyware.com
2020-06-25 14:45 - 2020-06-25 14:45 - 000000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2020-06-25 14:45 - 2020-06-25 14:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2020-06-25 14:45 - 2020-06-25 14:45 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
2020-06-25 14:44 - 2020-06-25 14:51 - 000000000 ____D C:\ProgramData\HitmanPro
2020-06-25 14:42 - 2020-06-25 14:42 - 000000000 ____D C:\Users\Jeff\AppData\Local\mbam
2020-06-25 14:41 - 2020-07-02 14:41 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-06-25 14:41 - 2020-07-02 13:41 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-06-25 14:41 - 2020-06-25 14:41 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-06-25 14:41 - 2020-06-25 14:41 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-06-25 14:41 - 2020-06-25 14:41 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-06-25 14:41 - 2020-06-25 14:41 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-06-25 14:41 - 2020-06-25 14:41 - 000002021 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-06-25 14:40 - 2020-06-25 14:40 - 001928352 _____ (Malwarebytes) C:\Users\Jeff\Documents\MBSetup-076981.076981-Consumer.exe
2020-06-25 14:40 - 2020-06-25 14:40 - 000000000 ____D C:\Program Files\Malwarebytes
2020-06-22 17:42 - 2020-06-22 17:42 - 000087247 _____ C:\Users\Jeff\Documents\June 08, 2020.pdf
2020-06-22 17:42 - 2020-06-22 17:42 - 000059722 _____ C:\Users\Jeff\Documents\January 08, 2020.pdf
2020-06-22 17:38 - 2020-06-22 17:38 - 000066627 _____ C:\Users\Jeff\Documents\June 05, 2020.pdf
2020-06-20 00:57 - 2020-03-11 06:05 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthA2dp.sys
2020-06-19 18:24 - 2020-06-19 18:24 - 000212141 _____ C:\Users\Jeff\Documents\IMG_20200619_0002.pdf
2020-06-19 18:24 - 2020-06-19 18:24 - 000206082 _____ C:\Users\Jeff\Desktop\SNAP Benifits - Front.pdf
2020-06-19 18:23 - 2020-06-19 18:23 - 000168389 _____ C:\Users\Jeff\Desktop\SNAP Benifits - Back.pdf
2020-06-19 18:22 - 2020-06-19 18:22 - 000177653 _____ C:\Users\Jeff\Documents\IMG_20200619_0001.pdf
2020-06-18 01:11 - 2020-06-18 01:11 - 002510856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2020-06-18 01:08 - 2020-06-05 14:03 - 000835480 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-06-18 01:08 - 2020-06-05 14:03 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2020-06-17 14:43 - 2020-06-17 14:43 - 000063146 _____ C:\Users\Jeff\Documents\Invoice 12-13468.pdf
2020-06-17 14:42 - 2020-06-17 14:42 - 000068876 _____ C:\Users\Jeff\Documents\Invoice 12-12298.pdf
2020-06-17 14:42 - 2020-06-17 14:42 - 000063828 _____ C:\Users\Jeff\Documents\Invoice 12-13655.pdf
2020-06-17 14:41 - 2020-06-17 15:02 - 000000000 ____D C:\Users\Jeff\Desktop\Dick Websters Invoices
2020-06-17 14:41 - 2020-06-17 14:41 - 000066515 _____ C:\Users\Jeff\Documents\Invoice 12-13938.pdf
2020-06-10 00:39 - 2020-06-10 00:39 - 025902080 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 019851776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 019812864 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 018029056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 011608064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 009931576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 009712640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 008015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 007911176 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 007760384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 007604592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 007268864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 007266080 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 007012864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 006526448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 006435840 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 006292480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 006091048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 006066808 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 005909504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 005765144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 005283264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 005195432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 005111808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 005004344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 004858880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 004610560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 004565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 004470272 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 004012032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 003822592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 003726848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-06-10 00:39 - 2020-06-10 00:39 - 003712000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 003581240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-06-10 00:39 - 2020-06-10 00:39 - 003525608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 003515392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 003398656 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 003368104 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 003365376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 003187200 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 002831872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 002798592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-06-10 00:39 - 2020-06-10 00:39 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-06-10 00:39 - 2020-06-10 00:39 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-06-10 00:39 - 2020-06-10 00:39 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-06-10 00:39 - 2020-06-10 00:39 - 002656256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 002583496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 002494744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 002289664 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 002281472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcndmgr.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 002235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 002230240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 002204160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 002190648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 002184504 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001942528 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001919488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001803776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmc.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001743680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001704448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmcndmgr.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001683968 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001654960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001649152 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001583104 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001539072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 001497400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001486336 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 001467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001466368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpsharercom.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001447424 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 001416224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001410048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmc.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 001397560 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 001393952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001348096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001344512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMNetMgr.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001316352 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmclient.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001314304 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagperf.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001284608 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001283072 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001274128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001272160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001261568 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001260744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001250816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpsharercom.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001215488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 001193984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001158144 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001155944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 001153024 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowsperformancerecordercontrol.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001151824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001138688 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMNetMgr.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001100288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001099608 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001077048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 001073664 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001066496 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdosys.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001055184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001007104 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001003832 _____ (Microsoft Corporation) C:\WINDOWS\system32\DismApi.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000994304 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000992256 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2fs.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapi3.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregcmd.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000940544 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srmclient.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000932256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000931840 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkObjCore.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000929280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000897536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000894024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000892416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000892048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-06-10 00:39 - 2020-06-10 00:39 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowsperformancerecordercontrol.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000868352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2fs.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000850944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapi3.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000832512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdosys.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000826368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000797464 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000783496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000782336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000777216 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000760296 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000747832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000740664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DismApi.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000740352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000739840 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscsvc.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000727040 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntime.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000722072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000716320 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntimewindows.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BTAGService.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000696832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000694784 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpprefcl.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000692224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000690176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkObjCore.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000686080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000684856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000674304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000651776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMEX.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000640000 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmscan.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000632320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000628408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000619008 _____ (Microsoft Corporation) C:\WINDOWS\system32\azroles.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000614400 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\psisdecd.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000593424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msra.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000575488 _____ (Microsoft® Windows® Operating System) C:\WINDOWS\system32\wvc.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msTextPrediction.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000572200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000571904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2020-06-10 00:39 - 2020-06-10 00:39 - 000564736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpprefcl.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000564496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000561464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2020-06-10 00:39 - 2020-06-10 00:39 - 000557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000555520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000553984 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-06-10 00:39 - 2020-06-10 00:39 - 000549376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000548984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000531768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2020-06-10 00:39 - 2020-06-10 00:39 - 000529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000522240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000518456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000508720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000508216 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizeng.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSCOMEX.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2020-06-10 00:39 - 2020-06-10 00:39 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\azroles.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000498176 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000490496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000484864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\psisdecd.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000478208 _____ (Microsoft® Windows® Operating System) C:\WINDOWS\SysWOW64\wvc.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000467952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000466944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srmscan.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassdo.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000461112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.ConversationalAgent.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000453944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000451864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-06-10 00:39 - 2020-06-10 00:39 - 000440832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprt.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\WalletService.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\termmgr.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000425056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000423424 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswmdm.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000420352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000407864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwizeng.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000405936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000398336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMM.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000398336 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000384512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000384000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000380728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000361472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\termmgr.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassdo.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000357176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswmdm.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpr.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Feedback.Analog.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000338944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpviewerax.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-06-10 00:39 - 2020-06-10 00:39 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000309248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2020-06-10 00:39 - 2020-06-10 00:39 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\RASMM.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WlanMM.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\CXHProvisioningServer.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000287232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Preview.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000280376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Dism.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000271360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpviewerax.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkEd.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000267776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000264192 _____ (Microsoft Corporation) C:\WINDOWS\system32\netman.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000260096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wavemsp.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000259776 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoncli.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpg2splt.ax
2020-06-10 00:39 - 2020-06-10 00:39 - 000249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\FileHistory.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000248320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000247856 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000242688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkEd.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\psr.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wavemsp.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000223544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Dism.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000221496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpdxm.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdigest.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000211256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000209216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSM.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\cic.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg2splt.ax
2020-06-10 00:39 - 2020-06-10 00:39 - 000204008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityCenterBroker.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000201528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SIUF.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000199992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmidx.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000196096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\psr.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000193592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AarSvc.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000190048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logoncli.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdigest.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasrecst.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netprofm.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3mm.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000179512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2020-06-10 00:39 - 2020-06-10 00:39 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpdxm.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaatext.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000165832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000165296 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000165192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cic.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSM.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000150328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdrsvc.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasnap.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000146944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmidx.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleprn.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000133120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasrecst.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000132424 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000130112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000129600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkStatus.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000128312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkspbrokerAx.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMM.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaatext.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleprn.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000108856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasnap.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000104248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000099712 _____ (Microsoft Corporation) C:\WINDOWS\system32\FsIso.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkspbrokerAx.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\atl.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000093448 _____ (Microsoft Corporation) C:\WINDOWS\system32\devenum.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000090952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000089344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwanRadioManager.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2020-06-10 00:39 - 2020-06-10 00:39 - 000083600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devenum.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atl.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\RpcEpMap.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasads.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2020-06-10 00:39 - 2020-06-10 00:39 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanRadioManager.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxGipRadioManager.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtutils.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnrollCtrl.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000063288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasads.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtutils.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\NfcRadioMedia.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeUISrv.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnosticsTool.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnrollCtrl.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000041864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityCenterBrokerPS.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\atlthunk.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atlthunk.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryCore.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000028368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SecurityCenterBrokerPS.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-06-10 00:39 - 2020-06-10 00:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-06-10 00:39 - 2020-06-10 00:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-06-10 00:39 - 2020-06-10 00:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-06-10 00:39 - 2020-06-10 00:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-06-10 00:39 - 2020-06-10 00:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-06-10 00:39 - 2020-06-10 00:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-06-10 00:39 - 2020-06-10 00:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-06-10 00:39 - 2020-06-10 00:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-06-10 00:39 - 2020-06-10 00:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-06-10 00:39 - 2020-06-10 00:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-06-10 00:39 - 2020-06-10 00:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-06-10 00:33 - 2020-06-10 00:33 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-06-10 00:33 - 2020-06-10 00:33 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-06-08 18:14 - 2020-06-08 18:14 - 000162481 _____ C:\Users\Jeff\Documents\[BakaBT.163546v0] Bakemonogatari_[ANE] (1).torrent
2020-06-03 18:30 - 2020-06-03 18:30 - 000593004 _____ C:\Users\Jeff\Documents\IMG_20200603_0001.pdf
2020-06-03 18:30 - 2020-06-03 18:30 - 000579934 _____ C:\Users\Jeff\Desktop\Grad_invitation.pdf
2020-06-03 01:32 - 2020-06-03 01:33 - 000000000 ____D C:\Users\Jeff\Documents\Trails in the Sky FC
2020-06-03 01:27 - 2020-06-03 01:28 - 1056337844 _____ C:\Users\Jeff\Documents\Trails in the Sky FC.rar
2020-06-03 00:30 - 2020-06-03 12:45 - 000000000 ____D C:\Users\Jeff\AppData\Local\Canon Easy-PhotoPrint EX
2020-06-03 00:30 - 2020-06-03 00:30 - 000001931 _____ C:\Users\Public\Desktop\Canon Easy-PhotoPrint EX.lnk
2020-06-03 00:30 - 2020-06-03 00:30 - 000001931 _____ C:\ProgramData\Desktop\Canon Easy-PhotoPrint EX.lnk
2020-06-03 00:30 - 2020-06-03 00:30 - 000000000 ___HD C:\ProgramData\CanonIJEPPEX2
2020-06-03 00:30 - 2020-06-03 00:30 - 000000000 ___HD C:\ProgramData\CanonIJEPPEX
2020-06-03 00:30 - 2020-06-03 00:30 - 000000000 ___HD C:\ProgramData\CanonEPP
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-07-03 15:30 - 2019-12-28 23:17 - 000000000 ____D C:\Users\Jeff\AppData\Roaming\Discord
2020-07-03 15:16 - 2019-12-28 16:53 - 000840852 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-07-03 15:16 - 2019-12-28 16:36 - 000000000 ____D C:\WINDOWS\INF
2020-07-03 15:12 - 2020-05-12 23:20 - 000000000 ____D C:\Program Files (x86)\Steam
2020-07-03 15:12 - 2019-12-20 00:03 - 000000000 ____D C:\Users\Jeff\AppData\LocalLow\Mozilla
2020-07-03 15:11 - 2020-05-27 03:36 - 000000000 ____D C:\Users\Jeff\AppData\Local\Plex Media Server
2020-07-03 15:11 - 2019-12-28 23:20 - 000000000 ____D C:\Users\Jeff\AppData\Roaming\USBSafelyRemove
2020-07-03 15:11 - 2019-12-28 16:47 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-07-03 15:11 - 2019-12-28 16:37 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-07-03 15:10 - 2019-12-28 20:22 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-07-03 15:07 - 2019-12-28 23:18 - 000000000 ____D C:\Users\Jeff\AppData\Roaming\Azureus
2020-07-03 15:07 - 2019-12-28 16:50 - 000012260 _____ C:\ProgramData\DisplaySessionContainer1.log_backup1
2020-07-03 15:07 - 2019-12-28 16:44 - 000027752 _____ C:\ProgramData\NVDisplayContainerWatchdog.log_backup1
2020-07-03 15:07 - 2019-12-28 16:44 - 000017618 _____ C:\ProgramData\NVDisplay.ContainerLocalSystem.log_backup1
2020-07-03 15:07 - 2019-12-28 16:32 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-07-03 14:06 - 2019-12-28 16:43 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-07-03 10:33 - 2020-01-02 04:13 - 000004166 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{2C57048F-A772-4420-AF5E-5105F8F52AD7}
2020-07-03 05:28 - 2019-12-29 17:13 - 000000000 ____D C:\Users\Jeff\AppData\Local\CrashDumps
2020-07-03 01:37 - 2019-12-28 16:37 - 000000000 ___HD C:\Program Files\WindowsApps
2020-07-03 01:37 - 2019-12-28 16:37 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-07-02 19:25 - 2020-05-28 03:07 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-07-02 19:25 - 2020-05-28 03:07 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-07-02 19:25 - 2020-05-28 03:07 - 000002276 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2020-07-02 18:49 - 2020-03-24 22:13 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-07-02 14:51 - 2019-12-28 20:21 - 000000000 ____D C:\Program Files (x86)\Google
2020-07-02 14:50 - 2020-01-07 15:03 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-07-02 14:50 - 2020-01-07 15:03 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-07-02 14:50 - 2020-01-07 15:03 - 000002124 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2020-07-02 14:50 - 2020-01-07 15:03 - 000002124 _____ C:\ProgramData\Desktop\Acrobat Reader DC.lnk
2020-07-02 14:41 - 2019-12-28 16:44 - 000001209 _____ C:\ProgramData\NvcDispCorePlugin.log_backup1
2020-07-02 14:32 - 2020-01-07 11:57 - 000001359 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio Installer.lnk
2020-07-02 14:32 - 2020-01-07 11:57 - 000000000 ____D C:\Users\Jeff\AppData\Roaming\Visual Studio Setup
2020-07-02 14:32 - 2020-01-07 11:57 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
2020-07-02 14:14 - 2020-03-15 17:44 - 000000000 ____D C:\Users\Jeff\AppData\Roaming\MPC-HC
2020-07-02 14:14 - 2019-12-28 16:32 - 000000000 ____D C:\WINDOWS\Panther
2020-07-02 13:53 - 2019-12-20 02:27 - 000000000 ____D C:\AdwCleaner
2020-07-02 13:06 - 2019-12-28 21:26 - 000000000 ____D C:\ProgramData\CanonIJPLM
2020-07-02 00:51 - 2019-12-28 18:35 - 000000000 ____D C:\Users\Jeff\AppData\Local\Packages
2020-06-25 15:35 - 2019-12-29 01:06 - 000000000 ____D C:\Users\Jeff\AppData\Local\Adobe
2020-06-25 15:35 - 2019-12-28 16:37 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-06-25 15:35 - 2019-12-28 16:37 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-06-25 14:41 - 2019-12-28 16:37 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-06-22 19:14 - 2019-12-28 18:38 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2173443285-4263232512-4239572146-1001
2020-06-22 19:14 - 2019-12-28 16:45 - 000002364 _____ C:\Users\Jeff\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-06-22 19:14 - 2019-12-19 23:24 - 000000000 ___RD C:\Users\Jeff\OneDrive
2020-06-18 01:57 - 2019-12-28 23:25 - 000000000 ____D C:\Program Files\Microsoft Office
2020-06-18 01:55 - 2020-01-05 03:16 - 000000000 ____D C:\Users\Jeff\AppData\Local\ElevatedDiagnostics
2020-06-18 01:11 - 2019-12-28 16:33 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-06-18 01:09 - 2019-12-28 16:37 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-06-18 01:09 - 2019-12-19 23:22 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-06-18 01:09 - 2019-12-19 23:22 - 000000000 ___RD C:\Users\Jeff\3D Objects
2020-06-18 01:08 - 2019-12-28 16:45 - 000000000 ____D C:\Users\Jeff
2020-06-18 01:08 - 2019-12-28 16:43 - 000439016 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-06-18 01:06 - 2019-12-28 16:37 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2020-06-18 01:06 - 2019-12-28 16:37 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-06-18 01:06 - 2019-12-28 16:37 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2020-06-18 01:06 - 2019-12-28 16:37 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2020-06-18 01:05 - 2019-12-28 16:37 - 000000000 ___SD C:\WINDOWS\system32\F12
2020-06-18 01:05 - 2019-12-28 16:37 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2020-06-18 01:05 - 2019-12-28 16:37 - 000000000 ____D C:\WINDOWS\SystemResources
2020-06-18 01:05 - 2019-12-28 16:37 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-06-18 01:05 - 2019-12-28 16:37 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-06-18 01:05 - 2019-12-28 16:37 - 000000000 ____D C:\WINDOWS\system32\Com
2020-06-18 01:05 - 2019-12-28 16:37 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2020-06-18 01:05 - 2019-12-28 16:37 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-06-18 01:05 - 2019-12-28 16:37 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-06-18 01:05 - 2019-12-28 16:37 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2020-06-18 01:05 - 2019-12-28 16:37 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2020-06-10 00:39 - 2019-12-28 16:48 - 002876416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2020-06-10 00:19 - 2019-12-29 01:06 - 000004544 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-06-04 03:17 - 2019-12-28 16:47 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-06-03 12:33 - 2019-12-28 16:37 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2020-06-03 00:30 - 2020-04-21 13:36 - 000000000 ____D C:\Program Files\Canon
2020-06-03 00:30 - 2019-12-20 14:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2020-06-03 00:17 - 2020-04-25 17:30 - 000000000 ___HD C:\ProgramData\CanonIJMIG
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ========================
 
 
EMISOFT Log:
 
Emsisoft Emergency Kit - Version 2017.12
Last update: 7/2/2020 2:01:44 PM
User account: DESKTOP-28LTCFK\Jeff
Computer name: DESKTOP-28LTCFK
OS version: Windows 10x64 
 
Scan settings:
 
Scan type: Malware Scan
Objects: Rootkits, Memory, Traces, Files
 
Detect PUPs: On
Scan archives: Off
Scan mail archives: Off
ADS Scan: On
File extension filter: Off
Direct disk access: Off
 
Scan start: 7/2/2020 2:01:48 PM
C:\Program Files (x86)\Windows Media Player\wmpshare.exe detected: Gen:Trojan.Heur2.FU.gy0@a4Hg6nci ( B) [krnl.xmd]
C:\WINDOWS\SysWOW64\odbcad32.exe detected: Gen:Trojan.Heur.FU.eu0@aSYD0dli ( B) [krnl.xmd]
 
Scanned 80345
Found 2
 
Scan end: 7/2/2020 2:02:23 PM
Scan time: 0:00:35
 
 
Tried to run ASMBR with and without rootkit detection and it caused a BSOD crashes so I won't be able to post a log for that. I may try it in safe mode but I will wait for further instruction at this point. 
 

 

Attached Files


Edited by jeff matthews, 03 July 2020 - 08:58 PM.

    Advertisements

Register to Remove


#2 Satchfan

Satchfan

    SuperHelper

  • Malware Team
  • 6,753 posts
  • Interests:LFC, music, more LFC, more music

Posted 03 July 2020 - 04:32 PM

Hello jeff matthews

I seed no logs but I’d like you to run a diagnostic scan.

IMPORTANT:

Please DO NOT install/uninstall any programs unless asked to.
Please DO NOT run any scans other than those requested

===================================================

Run Farbar Recovery Scan Tool

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • press Scan button
  • it will produce a log called Frst.txt in the same directory the tool is run from
  • please copy and paste log back here.
  • the first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the Frst.txt into your reply.

Logs to include with next post:

Frst.txt
Addition.txt


Thanks

Satchfan

 


NINA - Proud graduate of the WTT Classroom

Member of UNITE

The help you receive here is free but if you feel I have helped, you may consider making a Donation.

#3 jeff matthews

jeff matthews

    Advanced Member

  • Authentic Member
  • PipPipPipPip
  • 768 posts

Posted 03 July 2020 - 05:08 PM

Sorry, im working on it. My computer is a bit unstable so i don't want to run the risk of a BSOD crash deleting my post here so I am updating the post as i run the scans and post the logs. Ill have it finished in a few min.



#4 jeff matthews

jeff matthews

    Advanced Member

  • Authentic Member
  • PipPipPipPip
  • 768 posts

Posted 03 July 2020 - 05:24 PM

Alright all finished, you have the green light to go ahead and work on it. I posted everything I can. 



#5 Satchfan

Satchfan

    SuperHelper

  • Malware Team
  • 6,753 posts
  • Interests:LFC, music, more LFC, more music

Posted 03 July 2020 - 05:47 PM

Still no logs Jeff.


NINA - Proud graduate of the WTT Classroom

Member of UNITE

The help you receive here is free but if you feel I have helped, you may consider making a Donation.

#6 Satchfan

Satchfan

    SuperHelper

  • Malware Team
  • 6,753 posts
  • Interests:LFC, music, more LFC, more music

Posted 03 July 2020 - 05:51 PM

Forget the other logs, just post the two I asked for.

 

Please do not attempt to delete posts and don't edit them for anything except typos or such: just use 'reply to this topic'.


NINA - Proud graduate of the WTT Classroom

Member of UNITE

The help you receive here is free but if you feel I have helped, you may consider making a Donation.

#7 jeff matthews

jeff matthews

    Advanced Member

  • Authentic Member
  • PipPipPipPip
  • 768 posts

Posted 03 July 2020 - 06:52 PM

I am not understanding. I posted the Farbar Recovery Log in the first post on this discussion thread with the "addition.txt" attachment. Do you not see it? I also posted the Emisoft Log identifying the two trojan variants that were found on my system. 

 

I also didn't delete any posts. Its the original post i had with the logs, how ever I posted each log separately as I was scanning my system and then saved the results, then posted another log thus updating the current post. I didn't want to loose any information I had in my previous post due to an unpredictable events happening on my system so I updated it. The post only consists of 2 logs, the FRST log and my Emisoft Log i scanned yesterday.


Edited by jeff matthews, 03 July 2020 - 07:37 PM.


#8 Satchfan

Satchfan

    SuperHelper

  • Malware Team
  • 6,753 posts
  • Interests:LFC, music, more LFC, more music

Posted 03 July 2020 - 08:22 PM

I posted the Farbar Recovery Log in the first post on this discussion thread with the "addition.txt" attachment. Do you not see it?

No because you did not post them and edited your post to include them.

 

I'll repeat this again: DO NOT alter any posts to include something that was not previously there. If you continue to do so, I'll discontinue answering and close the topic as it's impossible to deal with a situation as confusing as that..

 

It is 3:15am here in the UK so I'll check your logs as soon as I can and reply tomorrow.

 

Satchfan


NINA - Proud graduate of the WTT Classroom

Member of UNITE

The help you receive here is free but if you feel I have helped, you may consider making a Donation.

#9 jeff matthews

jeff matthews

    Advanced Member

  • Authentic Member
  • PipPipPipPip
  • 768 posts

Posted 03 July 2020 - 08:56 PM

Satchfan I apologize if this is causing to much difficulty and making things frustrating. That was not my intent at all. From now on I will post everything on a Word Document, that way i can post everything at once with out updating the thread, especially if my system causes undesirable conflicts where I don't want to loose information. In the past I had a laptop. I would generally use my laptop for the discussion posts and then proceed to work on my infected machine separately but I only have this system as of now.

 

In any case Sorry for the confusion and hopefully we can resolve the problems with my computer and thank you for taking the time to fix my machine.

 

I will repost the log here:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-06-2020
Ran by Jeff (administrator) on DESKTOP-28LTCFK (MSI MS-7917) (03-07-2020 19:44:06)
Running from C:\Users\Jeff\Desktop
Loaded Profiles: Jeff
Platform: Windows 10 Pro Version 1909 18363.900 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
() [File not signed] C:\Program Files\Serviio\bin\ServiioService.exe <2>
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(Crystal Rich Ltd -> Crystal Rich Ltd) C:\Program Files (x86)\USB Safely Remove\USBSafelyRemove.exe
(Crystal Rich Ltd -> Crystal Rich Ltd) C:\Program Files (x86)\USB Safely Remove\USBSRService.exe
(Discord Inc. -> Discord Inc.) C:\Users\Jeff\AppData\Local\Discord\app-0.0.306\Discord.exe <6>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <37>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12006.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2006.10-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2006.10-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <12>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a3efb8aa9e9e249a\Display.NvContainer\NVDisplay.Container.exe <2>
(Plex, Inc. -> ) C:\Program Files (x86)\Plex\Plex Media Server\Plex Tuner Service.exe
(Plex, Inc. -> Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
(Plex, Inc. -> Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe
(Plex, Inc. -> Python Software Foundation) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(TEFINCOM S.A. -> ) C:\Program Files (x86)\NordVPN\nordvpn-service.exe
(TEFINCOM S.A. -> NordVPN) C:\Program Files (x86)\NordVPN\NordVPN.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(WOLF OF WEBSTREET (OPC) PRIVATE LIMITED -> Copyright 2017.) C:\Program Files (x86)\MalwareFox AntiMalware\ZAM.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9181696 2016-12-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Eraser] => C:\Program Files\Eraser\Eraser.exe [1068560 2019-08-18] (Heidi Computers Ltd -> The Eraser Project)
HKLM\...\Run: [ZAM] => C:\Program Files (x86)\MalwareFox AntiMalware\ZAM.exe [15767792 2020-07-02] (WOLF OF WEBSTREET (OPC) PRIVATE LIMITED -> Copyright 2017.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX2] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe [279240 2016-12-09] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (Canon Inc. -> CANON INC.)
HKU\S-1-5-21-2173443285-4263232512-4239572146-1001\...\Run: [Discord] => C:\Users\Jeff\AppData\Local\Discord\app-0.0.306\Discord.exe [90950968 2020-02-24] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-2173443285-4263232512-4239572146-1001\...\Run: [USB Safely Remove] => C:\Program Files (x86)\USB Safely Remove\USBSafelyRemove.exe [6544992 2018-09-08] (Crystal Rich Ltd -> Crystal Rich Ltd)
HKU\S-1-5-21-2173443285-4263232512-4239572146-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3375904 2020-06-04] (Valve -> Valve Corporation)
HKU\S-1-5-21-2173443285-4263232512-4239572146-1001\...\Run: [NordVPN] => C:\Program Files (x86)\NordVPN\NordVPN.exe [1825744 2020-04-29] (TEFINCOM S.A. -> NordVPN)
HKU\S-1-5-21-2173443285-4263232512-4239572146-1001\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [20086776 2020-05-25] (Plex, Inc. -> Plex, Inc.)
HKU\S-1-5-21-2173443285-4263232512-4239572146-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [8887216 2018-03-22] (Support.com, Inc. -> SUPERAntiSpyware)
HKU\S-1-5-21-2173443285-4263232512-4239572146-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [23153344 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2173443285-4263232512-4239572146-1001\...\RunOnce: [Application Restart #4] => C:\Program Files (x86)\Microsoft Visual Studio\2017\Enterprise\Common7\IDE\devenv.exe [727608 2020-01-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2173443285-4263232512-4239572146-1001\...\MountPoints2: {9586f46a-25d9-11ea-9c47-4ccc6a67517a} - "R:\WD SmartWare.exe" autoplay=true
HKLM\...\Windows x64\Print Processors\Canon TR8500 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDDL.DLL [482816 2019-01-10] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ FAX Language Monitor TR8500 series: C:\WINDOWS\system32\CNCALDL.DLL [254464 2019-01-28] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor TR8500 series: C:\WINDOWS\system32\CNMLMDL.DLL [1302016 2019-01-10] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.116\Installer\chrmstp.exe [2020-07-02] (Google LLC -> Google LLC)
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {068C6996-5CB8-413C-BAB1-82EA31973111} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_387_Plugin.exe [1459256 2020-06-25] (Adobe Inc. -> Adobe)
Task: {195AA098-D68B-4966-84EC-25F6913E3B9E} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [171368 2020-06-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {199F7A80-4E6E-4BF8-8C2A-4328C08AA2A9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\MpCmdRun.exe [512272 2020-07-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2AC519C9-286E-4B1D-81AA-8765F67391D2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {3AF21044-B208-4A13-BCDB-CC9FE1E3520E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\MpCmdRun.exe [512272 2020-07-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4D8F1E9D-D34D-4738-A3A0-E59017F7C7AD} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-25] (Adobe Inc. -> Adobe)
Task: {5E5B6949-4FDC-4E43-9D38-96BBA90F22B6} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23756168 2020-06-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {7735C6DB-4C54-48FC-B7C2-ADB196B0AFFC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-02] (Google LLC -> Google LLC)
Task: {7974C317-3446-40BD-9632-1ACB3800E0C5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-02] (Google LLC -> Google LLC)
Task: {8E6C6556-1817-4387-BC78-02F59D34227D} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [171368 2020-06-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {A0F40A3D-5439-471E-B167-80BF3F9C28D4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\MpCmdRun.exe [512272 2020-07-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A2EC3278-C7D0-43B7-BED8-68C9E145D0FA} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1861528 2020-06-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {D9F2203A-B32E-4821-BF4D-6C8016B9AFED} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16835256 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {F160E677-94BA-4E39-9197-CFA08B4C26D6} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23756168 2020-06-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {F5750E51-3625-415B-8DAF-50C84E922399} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [124112 2020-07-01] (Mozilla Corporation -> Mozilla Foundation)
Task: {FF904D7D-F398-4138-B0D5-8166688F0A05} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\MpCmdRun.exe [512272 2020-07-03] (Microsoft Windows Publisher -> Microsoft Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\CCleaner Update.job => C:\Program Files\CCleaner\CCUpdate.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{c6b50efc-6210-473e-b22e-c6b4c3800167}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-01-10] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-06-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-06-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-06-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-06-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-06-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-06-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-06-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-06-06] (Microsoft Corporation -> Microsoft Corporation)
 
Edge: 
======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Jeff\AppData\Local\Microsoft\Edge\User Data\Default [2020-07-02]
 
FireFox:
========
FF DefaultProfile: zyy8cm08.default
FF ProfilePath: C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\zyy8cm08.default [2019-12-28]
FF ProfilePath: C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\iwvw2oej.default-release-1585113236716 [2020-07-03]
FF DownloadDir: I:\X Movies\B Archive Films 1986 - 1989
FF Session Restore: Mozilla\Firefox\Profiles\iwvw2oej.default-release-1585113236716 -> is enabled.
FF Extension: (Simple mass downloader) - C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\iwvw2oej.default-release-1585113236716\Extensions\gelprec.smd@gmail.com.xpi [2020-03-24]
FF Extension: (Video DownloadHelper) - C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\iwvw2oej.default-release-1585113236716\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2020-04-22]
FF Extension: (Adblock Plus - free ad blocker) - C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\iwvw2oej.default-release-1585113236716\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-06-30]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_387.dll [2020-06-25] (Adobe Inc. -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_387.dll [2020-06-25] (Adobe Inc. -> )
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2016-04-14] (CANON INC.) [File not signed]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-01-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-03] (Adobe Inc. -> Adobe Systems Inc.)
 
Chrome: 
=======
CHR Profile: C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default [2020-07-03]
CHR DownloadDir: C:\Users\Jeff\Documents
CHR Notifications: Default -> hxxps://www.cio.com; hxxps://www.facebook.com; hxxps://www.reddit.com; hxxps://www.youtube.com
CHR DefaultSearchURL: Default -> hxxps://s.yimg.com/cv/apiv2/09062018/manifest/yahoo_install_48.png
CHR Extension: (WOT Web of Trust, Website Reputation Ratings) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2020-07-02]
CHR Extension: (Yahoo) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnpnjbjealcpabcenanokcflffolchnm [2020-02-18]
CHR Extension: (uBlock Origin) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2020-06-18]
CHR Extension: (Video DownloadHelper) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2020-04-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-12-28]
CHR Extension: (Chrome Media Router) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-06-18]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-30] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-25] (Adobe Inc. -> Adobe)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [10634632 2020-06-05] (Microsoft Corporation -> Microsoft Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [399296 2019-11-28] (Canon Inc. -> )
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-06-25] (Malwarebytes Inc -> Malwarebytes)
R2 nordvpn-service; C:\Program Files (x86)\NordVPN\nordvpn-service.exe [237520 2020-04-29] (TEFINCOM S.A. -> )
R2 PlexUpdateService; C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe [1508336 2020-05-25] (Plex, Inc. -> Plex, Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5930136 2020-04-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 Serviio; C:\Program Files\Serviio\bin\ServiioService.exe [413696 2020-05-03] () [File not signed]
R2 USBSafelyRemoveService; C:\Program Files (x86)\USB Safely Remove\USBSRService.exe [1736800 2018-09-08] (Crystal Rich Ltd -> Crystal Rich Ltd)
S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [157480 2018-08-02] (Microsoft Corporation -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\NisSrv.exe [2496144 2020-07-03] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\MsMpEng.exe [104192 2020-07-03] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ZAMSvc; C:\Program Files (x86)\MalwareFox AntiMalware\ZAM.exe [15767792 2020-07-02] (WOLF OF WEBSTREET (OPC) PRIVATE LIMITED -> Copyright 2017.)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a3efb8aa9e9e249a\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a3efb8aa9e9e249a\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 amsdk; C:\WINDOWS\system32\drivers\amsdk.sys [232792 2020-07-02] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
R3 ElgatoGC658Y; C:\WINDOWS\System32\Drivers\ElgatoGC658.sys [52848 2016-08-03] (Elgato Systems LLC -> UB658)
R1 epp; C:\EEK\bin64\epp.sys [155112 2020-07-02] (Microsoft Windows Hardware Compatibility Publisher -> Emsisoft Ltd)
S3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [57728 2020-07-02] (SurfRight B.V. -> )
R3 KillerEth; C:\WINDOWS\System32\drivers\e2xw10x64.sys [145920 2019-03-18] (Microsoft Windows -> Qualcomm Atheros, Inc.)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-06-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-07-02] (Malwarebytes Inc -> Malwarebytes)
R3 nlwt; C:\WINDOWS\system32\DRIVERS\nlwt.sys [39360 2020-04-20] (TEFINCOM S.A. -> WireGuard LLC)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a3efb8aa9e9e249a\nvlddmkm.sys [23231744 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NVSWCFilter; C:\WINDOWS\System32\drivers\nvswcfilter.sys [53752 2019-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
S3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [75600 2019-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project)
R3 USB28xxBGA; C:\WINDOWS\System32\drivers\emBDA64.sys [981432 2018-11-25] (Microsoft Windows Hardware Compatibility Publisher -> eMPIA Technology Corp.)
R3 USB28xxOEM; C:\WINDOWS\System32\drivers\emOEM64.sys [1556920 2018-11-25] (Microsoft Windows Hardware Compatibility Publisher -> eMPIA Technology Corp.)
S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [174008 2019-01-28] (Oracle Corporation -> Oracle Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45976 2020-07-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [408816 2020-07-03] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [64224 2020-07-03] (Microsoft Windows -> Microsoft Corporation)
R3 XtuAcpiDriver; C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys [63840 2015-07-10] (Intel® Software -> Intel Corporation)
R1 ZAM; C:\WINDOWS\System32\drivers\zam64.sys [203680 2020-07-02] (Zemana Ltd. -> Zemana Ltd.)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2020-07-02] (Zemana Ltd. -> Zemana Ltd.)
S3 CrucialSMBusScan; \??\C:\Users\Jeff\AppData\Local\Temp\CrucialSMBusScan_V64.sys [X] <==== ATTENTION
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ===================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-07-03 19:44 - 2020-07-03 19:44 - 000024971 _____ C:\Users\Jeff\Desktop\FRST.txt
2020-07-03 19:43 - 2020-07-03 15:23 - 002291712 _____ (Farbar) C:\Users\Jeff\Desktop\FRST64.exe
2020-07-03 16:11 - 2020-07-03 15:25 - 005198336 _____ (AVAST Software) C:\Users\Jeff\Desktop\aswMBR.exe
2020-07-03 16:07 - 2020-07-03 16:07 - 005198336 _____ (AVAST Software) C:\Users\Jeff\Documents\aswMBR (1).exe
2020-07-03 16:05 - 2020-07-03 16:19 - 000000000 ____D C:\WINDOWS\Minidump
2020-07-03 15:33 - 2020-07-03 15:42 - 000045428 _____ C:\Users\Jeff\Documents\Addition.txt
2020-07-03 15:32 - 2020-07-03 19:44 - 000000000 ____D C:\FRST
2020-07-03 15:32 - 2020-07-03 15:42 - 000092787 _____ C:\Users\Jeff\Documents\FRST.txt
2020-07-03 15:25 - 2020-07-03 15:25 - 005198336 _____ (AVAST Software) C:\Users\Jeff\Documents\aswMBR.exe
2020-07-03 15:23 - 2020-07-03 15:23 - 002291712 _____ (Farbar) C:\Users\Jeff\Documents\FRST64.exe
2020-07-03 14:26 - 2020-07-03 14:26 - 000177078 _____ C:\Users\Jeff\Documents\d286e821-96ca-4bb4-9906-b8eea3aa3e6c.tmp
2020-07-02 18:49 - 2020-07-02 18:49 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-07-02 14:54 - 2020-07-03 19:44 - 000176908 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2020-07-02 14:54 - 2020-07-02 14:54 - 000203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zamguard64.sys
2020-07-02 14:54 - 2020-07-02 14:54 - 000203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zam64.sys
2020-07-02 14:54 - 2020-07-02 14:54 - 000001259 _____ C:\Users\Public\Desktop\MalwareFox AntiMalware.lnk
2020-07-02 14:54 - 2020-07-02 14:54 - 000001259 _____ C:\ProgramData\Desktop\MalwareFox AntiMalware.lnk
2020-07-02 14:54 - 2020-07-02 14:54 - 000000000 ____D C:\Users\Jeff\AppData\Local\Wolf of Webstreet OPC Private Limited
2020-07-02 14:54 - 2020-07-02 14:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MalwareFox AntiMalware
2020-07-02 14:54 - 2020-07-02 14:54 - 000000000 ____D C:\Program Files (x86)\MalwareFox AntiMalware
2020-07-02 14:52 - 2020-07-02 14:52 - 000002377 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-07-02 14:52 - 2020-07-02 14:52 - 000002336 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-07-02 14:52 - 2020-07-02 14:52 - 000002336 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-07-02 14:51 - 2020-07-02 14:51 - 001295576 _____ (Google LLC) C:\Users\Jeff\Downloads\ChromeSetup.exe
2020-07-02 14:51 - 2020-07-02 14:51 - 000003420 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-07-02 14:51 - 2020-07-02 14:51 - 000003296 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-07-02 14:42 - 2020-07-02 14:42 - 000002886 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2020-07-02 14:40 - 2020-07-03 19:44 - 001789868 _____ C:\WINDOWS\ZAM.krnl.trace
2020-07-02 14:37 - 2020-07-02 14:37 - 001965536 _____ (Malwarebytes) C:\Users\Jeff\Documents\MBSetup-80562.80562-consumer.exe
2020-07-02 14:34 - 2020-07-02 14:34 - 000000000 ____D C:\Users\Jeff\AppData\Local\Zemana
2020-07-02 14:33 - 2020-07-02 14:33 - 006617512 _____ (Zemana Ltd. ) C:\Users\Jeff\Documents\MalwareFox.exe
2020-07-02 14:27 - 2020-07-02 14:27 - 012741568 _____ (Zemana Ltd. ) C:\Users\Jeff\Documents\AntiMalware_Setup.exe
2020-07-02 14:27 - 2020-07-02 14:27 - 000232792 _____ (Copyright 2018.) C:\WINDOWS\system32\Drivers\amsdk.sys
2020-07-02 14:27 - 2020-07-02 14:27 - 000000000 ____D C:\Users\Jeff\AppData\Local\AMSDK
2020-07-02 14:22 - 2020-07-02 14:22 - 000448512 _____ (OldTimer Tools) C:\Users\Jeff\Documents\TFC.exe
2020-07-02 14:16 - 2020-07-02 14:16 - 000057728 _____ C:\WINDOWS\system32\Drivers\hitmanpro37.sys
2020-07-02 14:15 - 2020-07-02 14:16 - 000002438 _____ C:\Users\Jeff\Desktop\Rkill.txt
2020-07-02 14:11 - 2020-07-02 14:11 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-07-02 14:11 - 2020-07-02 14:11 - 000000863 _____ C:\ProgramData\Desktop\CCleaner.lnk
2020-07-02 14:11 - 2020-07-02 14:11 - 000000300 ____H C:\WINDOWS\Tasks\CCleaner Update.job
2020-07-02 14:11 - 2020-07-02 14:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2020-07-02 14:11 - 2020-07-02 14:11 - 000000000 ____D C:\Program Files\CCleaner
2020-07-02 14:05 - 2020-07-02 14:05 - 000001428 _____ C:\Users\Jeff\Desktop\Msoft.txt
2020-07-02 14:05 - 2020-07-02 14:05 - 000000000 ____D C:\Users\Jeff\AppData\Local\ESET
2020-07-02 14:01 - 2020-07-02 14:05 - 000000000 ____D C:\EEK
2020-07-02 14:01 - 2020-07-02 14:01 - 000000000 ____D C:\ProgramData\Emsisoft
2020-07-02 13:57 - 2020-07-02 13:57 - 000001122 _____ C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2020-07-02 13:57 - 2020-07-02 13:57 - 000001122 _____ C:\ProgramData\Desktop\Revo Uninstaller Pro.lnk
2020-07-02 13:57 - 2020-07-02 13:57 - 000000000 ____D C:\Users\Jeff\AppData\Local\VS Revo Group
2020-07-02 13:57 - 2020-07-02 13:57 - 000000000 ____D C:\ProgramData\VS Revo Group
2020-07-02 13:57 - 2020-07-02 13:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2020-07-02 13:57 - 2020-07-02 13:57 - 000000000 ____D C:\Program Files\VS Revo Group
2020-07-02 13:57 - 2016-12-21 14:52 - 000040240 _____ (VS Revo Group) C:\WINDOWS\system32\Drivers\revoflt.sys
2020-07-02 13:50 - 2020-07-02 13:52 - 000166974 _____ C:\TDSSKiller.3.1.0.28_02.07.2020_13.50.51_log.txt
2020-07-02 13:50 - 2020-07-02 13:50 - 004962800 _____ C:\Users\Jeff\Documents\tdsskiller.zip
2020-07-02 13:50 - 2020-07-02 13:50 - 000000436 _____ C:\TDSSKiller.3.1.0.16_02.07.2020_13.50.25_log.txt
2020-07-02 13:50 - 2020-07-02 13:50 - 000000000 ____D C:\Users\Jeff\Documents\tdsskiller
2020-07-02 13:41 - 2020-07-02 13:50 - 000000000 ____D C:\Users\Jeff\Desktop\mbar
2020-07-02 13:41 - 2020-07-02 13:50 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2020-07-02 13:28 - 2020-07-02 13:28 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2020-07-02 13:06 - 2020-07-02 14:38 - 000000000 ____D C:\WINDOWS\pss
2020-07-01 16:27 - 2020-07-03 15:10 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-06-26 21:11 - 2020-06-26 21:11 - 000463097 _____ C:\Users\Jeff\Documents\SoraVoice_20191210.7z
2020-06-26 21:11 - 2020-06-26 21:11 - 000000000 ____D C:\Users\Jeff\Documents\SoraVoice_20191210
2020-06-26 21:11 - 2020-06-26 21:11 - 000000000 ____D C:\Users\Jeff\Documents\dsound_dll_20190716
2020-06-26 21:10 - 2020-06-26 21:10 - 000033996 _____ C:\Users\Jeff\Documents\dsound_dll_20190716.7z
2020-06-25 21:09 - 2020-07-01 19:57 - 000000000 ____D C:\Users\Jeff\Desktop\Preschool Grad Pictures
2020-06-25 14:54 - 2020-07-02 13:55 - 000000554 _____ C:\Users\Jeff\Desktop\JRT.txt
2020-06-25 14:46 - 2020-06-25 14:47 - 000169492 _____ C:\TDSSKiller.3.1.0.28_25.06.2020_14.46.43_log.txt
2020-06-25 14:45 - 2020-06-25 14:45 - 000001849 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2020-06-25 14:45 - 2020-06-25 14:45 - 000001849 _____ C:\ProgramData\Desktop\SUPERAntiSpyware Free Edition.lnk
2020-06-25 14:45 - 2020-06-25 14:45 - 000000000 ____D C:\Users\Jeff\AppData\Roaming\SUPERAntiSpyware.com
2020-06-25 14:45 - 2020-06-25 14:45 - 000000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2020-06-25 14:45 - 2020-06-25 14:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2020-06-25 14:45 - 2020-06-25 14:45 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
2020-06-25 14:44 - 2020-06-25 14:51 - 000000000 ____D C:\ProgramData\HitmanPro
2020-06-25 14:42 - 2020-06-25 14:42 - 000000000 ____D C:\Users\Jeff\AppData\Local\mbam
2020-06-25 14:41 - 2020-07-02 14:41 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-06-25 14:41 - 2020-07-02 13:41 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-06-25 14:41 - 2020-06-25 14:41 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-06-25 14:41 - 2020-06-25 14:41 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-06-25 14:41 - 2020-06-25 14:41 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-06-25 14:41 - 2020-06-25 14:41 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-06-25 14:41 - 2020-06-25 14:41 - 000002021 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-06-25 14:40 - 2020-06-25 14:40 - 001928352 _____ (Malwarebytes) C:\Users\Jeff\Documents\MBSetup-076981.076981-Consumer.exe
2020-06-25 14:40 - 2020-06-25 14:40 - 000000000 ____D C:\Program Files\Malwarebytes
2020-06-22 17:42 - 2020-06-22 17:42 - 000087247 _____ C:\Users\Jeff\Documents\June 08, 2020.pdf
2020-06-22 17:42 - 2020-06-22 17:42 - 000059722 _____ C:\Users\Jeff\Documents\January 08, 2020.pdf
2020-06-22 17:38 - 2020-06-22 17:38 - 000066627 _____ C:\Users\Jeff\Documents\June 05, 2020.pdf
2020-06-20 00:57 - 2020-03-11 06:05 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthA2dp.sys
2020-06-19 18:24 - 2020-06-19 18:24 - 000212141 _____ C:\Users\Jeff\Documents\IMG_20200619_0002.pdf
2020-06-19 18:24 - 2020-06-19 18:24 - 000206082 _____ C:\Users\Jeff\Desktop\SNAP Benifits - Front.pdf
2020-06-19 18:23 - 2020-06-19 18:23 - 000168389 _____ C:\Users\Jeff\Desktop\SNAP Benifits - Back.pdf
2020-06-19 18:22 - 2020-06-19 18:22 - 000177653 _____ C:\Users\Jeff\Documents\IMG_20200619_0001.pdf
2020-06-18 01:11 - 2020-06-18 01:11 - 002510856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2020-06-18 01:08 - 2020-06-05 14:03 - 000835480 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-06-18 01:08 - 2020-06-05 14:03 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2020-06-17 14:43 - 2020-06-17 14:43 - 000063146 _____ C:\Users\Jeff\Documents\Invoice 12-13468.pdf
2020-06-17 14:42 - 2020-06-17 14:42 - 000068876 _____ C:\Users\Jeff\Documents\Invoice 12-12298.pdf
2020-06-17 14:42 - 2020-06-17 14:42 - 000063828 _____ C:\Users\Jeff\Documents\Invoice 12-13655.pdf
2020-06-17 14:41 - 2020-06-17 15:02 - 000000000 ____D C:\Users\Jeff\Desktop\Dick Websters Invoices
2020-06-17 14:41 - 2020-06-17 14:41 - 000066515 _____ C:\Users\Jeff\Documents\Invoice 12-13938.pdf
2020-06-10 00:39 - 2020-06-10 00:39 - 025902080 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 019851776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 019812864 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 018029056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 011608064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 009931576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 009712640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 008015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 007911176 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 007760384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 007604592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 007268864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 007266080 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 007012864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 006526448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 006435840 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 006292480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 006091048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 006066808 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 005909504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 005765144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 005283264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 005195432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 005111808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 005004344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 004858880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 004610560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 004565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 004470272 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 004012032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 003822592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 003726848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-06-10 00:39 - 2020-06-10 00:39 - 003712000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 003581240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-06-10 00:39 - 2020-06-10 00:39 - 003525608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 003515392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 003398656 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 003368104 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 003365376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 003187200 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 002831872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 002798592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-06-10 00:39 - 2020-06-10 00:39 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-06-10 00:39 - 2020-06-10 00:39 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-06-10 00:39 - 2020-06-10 00:39 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-06-10 00:39 - 2020-06-10 00:39 - 002656256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 002583496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 002494744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 002289664 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 002281472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcndmgr.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 002235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 002230240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 002204160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 002190648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 002184504 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001942528 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001919488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001803776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmc.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001743680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001704448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmcndmgr.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001683968 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001654960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001649152 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001583104 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001539072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 001497400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001486336 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 001467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001466368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpsharercom.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001447424 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 001416224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001410048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmc.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 001397560 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 001393952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001348096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001344512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMNetMgr.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001316352 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmclient.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001314304 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagperf.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001284608 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001283072 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001274128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001272160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001261568 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001260744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001250816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpsharercom.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001215488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 001193984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001158144 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001155944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 001153024 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowsperformancerecordercontrol.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001151824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001138688 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMNetMgr.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001100288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001099608 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001077048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 001073664 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001066496 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdosys.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001055184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001007104 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001003832 _____ (Microsoft Corporation) C:\WINDOWS\system32\DismApi.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000994304 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000992256 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2fs.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapi3.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregcmd.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000940544 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srmclient.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000932256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000931840 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkObjCore.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000929280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000897536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000894024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000892416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000892048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-06-10 00:39 - 2020-06-10 00:39 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowsperformancerecordercontrol.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000868352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2fs.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000850944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapi3.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000832512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdosys.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000826368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000797464 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000783496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000782336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000777216 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000760296 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000747832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000740664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DismApi.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000740352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000739840 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscsvc.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000727040 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntime.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000722072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000716320 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntimewindows.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BTAGService.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000696832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000694784 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpprefcl.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000692224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000690176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkObjCore.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000686080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000684856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000674304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000651776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMEX.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000640000 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmscan.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000632320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000628408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000619008 _____ (Microsoft Corporation) C:\WINDOWS\system32\azroles.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000614400 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\psisdecd.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000593424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msra.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000575488 _____ (Microsoft® Windows® Operating System) C:\WINDOWS\system32\wvc.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msTextPrediction.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000572200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000571904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2020-06-10 00:39 - 2020-06-10 00:39 - 000564736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpprefcl.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000564496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000561464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2020-06-10 00:39 - 2020-06-10 00:39 - 000557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000555520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000553984 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-06-10 00:39 - 2020-06-10 00:39 - 000549376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000548984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000531768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2020-06-10 00:39 - 2020-06-10 00:39 - 000529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000522240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000518456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000508720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000508216 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizeng.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSCOMEX.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2020-06-10 00:39 - 2020-06-10 00:39 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\azroles.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000498176 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000490496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000484864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\psisdecd.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000478208 _____ (Microsoft® Windows® Operating System) C:\WINDOWS\SysWOW64\wvc.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000467952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000466944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srmscan.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassdo.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000461112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.ConversationalAgent.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000453944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000451864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-06-10 00:39 - 2020-06-10 00:39 - 000440832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprt.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\WalletService.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\termmgr.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000425056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000423424 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswmdm.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000420352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000407864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwizeng.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000405936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000398336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMM.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000398336 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000384512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000384000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000380728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000361472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\termmgr.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassdo.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000357176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswmdm.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpr.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Feedback.Analog.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000338944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpviewerax.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-06-10 00:39 - 2020-06-10 00:39 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000309248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2020-06-10 00:39 - 2020-06-10 00:39 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\RASMM.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WlanMM.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\CXHProvisioningServer.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000287232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Preview.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000280376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Dism.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000271360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpviewerax.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkEd.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000267776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000264192 _____ (Microsoft Corporation) C:\WINDOWS\system32\netman.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000260096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wavemsp.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000259776 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoncli.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpg2splt.ax
2020-06-10 00:39 - 2020-06-10 00:39 - 000249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\FileHistory.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000248320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000247856 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000242688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkEd.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\psr.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wavemsp.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000223544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Dism.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000221496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpdxm.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdigest.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000211256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000209216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSM.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\cic.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg2splt.ax
2020-06-10 00:39 - 2020-06-10 00:39 - 000204008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityCenterBroker.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000201528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SIUF.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000199992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmidx.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000196096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\psr.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000193592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AarSvc.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000190048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logoncli.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdigest.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasrecst.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netprofm.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3mm.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000179512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2020-06-10 00:39 - 2020-06-10 00:39 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpdxm.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaatext.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000165832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000165296 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000165192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cic.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSM.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000150328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdrsvc.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasnap.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000146944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmidx.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleprn.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000133120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasrecst.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000132424 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000130112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000129600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkStatus.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000128312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkspbrokerAx.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMM.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaatext.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleprn.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000108856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasnap.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000104248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000099712 _____ (Microsoft Corporation) C:\WINDOWS\system32\FsIso.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkspbrokerAx.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\atl.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000093448 _____ (Microsoft Corporation) C:\WINDOWS\system32\devenum.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000090952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000089344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwanRadioManager.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2020-06-10 00:39 - 2020-06-10 00:39 - 000083600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devenum.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atl.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\RpcEpMap.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasads.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2020-06-10 00:39 - 2020-06-10 00:39 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanRadioManager.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxGipRadioManager.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtutils.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnrollCtrl.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000063288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasads.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtutils.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\NfcRadioMedia.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeUISrv.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnosticsTool.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnrollCtrl.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000041864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityCenterBrokerPS.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\atlthunk.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atlthunk.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryCore.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000028368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SecurityCenterBrokerPS.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-06-10 00:39 - 2020-06-10 00:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-06-10 00:39 - 2020-06-10 00:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-06-10 00:39 - 2020-06-10 00:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-06-10 00:39 - 2020-06-10 00:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-06-10 00:39 - 2020-06-10 00:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-06-10 00:39 - 2020-06-10 00:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-06-10 00:39 - 2020-06-10 00:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-06-10 00:39 - 2020-06-10 00:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-06-10 00:39 - 2020-06-10 00:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-06-10 00:39 - 2020-06-10 00:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-06-10 00:39 - 2020-06-10 00:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-06-10 00:33 - 2020-06-10 00:33 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-06-10 00:33 - 2020-06-10 00:33 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-06-08 18:14 - 2020-06-08 18:14 - 000162481 _____ C:\Users\Jeff\Documents\[BakaBT.163546v0] Bakemonogatari_[ANE] (1).torrent
2020-06-03 18:30 - 2020-06-03 18:30 - 000593004 _____ C:\Users\Jeff\Documents\IMG_20200603_0001.pdf
2020-06-03 18:30 - 2020-06-03 18:30 - 000579934 _____ C:\Users\Jeff\Desktop\Grad_invitation.pdf
2020-06-03 01:32 - 2020-06-03 01:33 - 000000000 ____D C:\Users\Jeff\Documents\Trails in the Sky FC
2020-06-03 01:27 - 2020-06-03 01:28 - 1056337844 _____ C:\Users\Jeff\Documents\Trails in the Sky FC.rar
2020-06-03 00:30 - 2020-06-03 12:45 - 000000000 ____D C:\Users\Jeff\AppData\Local\Canon Easy-PhotoPrint EX
2020-06-03 00:30 - 2020-06-03 00:30 - 000001931 _____ C:\Users\Public\Desktop\Canon Easy-PhotoPrint EX.lnk
2020-06-03 00:30 - 2020-06-03 00:30 - 000001931 _____ C:\ProgramData\Desktop\Canon Easy-PhotoPrint EX.lnk
2020-06-03 00:30 - 2020-06-03 00:30 - 000000000 ___HD C:\ProgramData\CanonIJEPPEX2
2020-06-03 00:30 - 2020-06-03 00:30 - 000000000 ___HD C:\ProgramData\CanonIJEPPEX
2020-06-03 00:30 - 2020-06-03 00:30 - 000000000 ___HD C:\ProgramData\CanonEPP
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-07-03 19:21 - 2019-12-28 23:17 - 000000000 ____D C:\Users\Jeff\AppData\Roaming\Discord
2020-07-03 19:05 - 2019-12-28 16:43 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-07-03 19:05 - 2019-12-28 16:37 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-07-03 18:41 - 2019-12-28 16:47 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-07-03 18:31 - 2019-12-28 23:18 - 000000000 ____D C:\Users\Jeff\AppData\Roaming\Azureus
2020-07-03 17:29 - 2020-01-02 04:13 - 000004166 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{2C57048F-A772-4420-AF5E-5105F8F52AD7}
2020-07-03 16:50 - 2019-12-20 00:03 - 000000000 ____D C:\Users\Jeff\AppData\LocalLow\Mozilla
2020-07-03 16:25 - 2019-12-28 16:53 - 000840852 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-07-03 16:25 - 2019-12-28 16:36 - 000000000 ____D C:\WINDOWS\INF
2020-07-03 16:21 - 2020-05-27 03:36 - 000000000 ____D C:\Users\Jeff\AppData\Local\Plex Media Server
2020-07-03 16:21 - 2020-05-12 23:20 - 000000000 ____D C:\Program Files (x86)\Steam
2020-07-03 16:21 - 2019-12-28 23:20 - 000000000 ____D C:\Users\Jeff\AppData\Roaming\USBSafelyRemove
2020-07-03 16:19 - 2019-12-28 16:47 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-07-03 16:19 - 2017-09-03 09:34 - 000366713 ____N C:\WINDOWS\Minidump\070320-40312-01.dmp
2020-07-03 16:14 - 2019-12-28 16:50 - 000011074 _____ C:\ProgramData\DisplaySessionContainer1.log_backup1
2020-07-03 16:14 - 2019-12-28 16:44 - 000013983 _____ C:\ProgramData\NVDisplayContainerWatchdog.log_backup1
2020-07-03 16:14 - 2019-12-28 16:44 - 000012472 _____ C:\ProgramData\NVDisplay.ContainerLocalSystem.log_backup1
2020-07-03 16:14 - 2019-12-28 16:44 - 000001209 _____ C:\ProgramData\NvcDispCorePlugin.log_backup1
2020-07-03 16:14 - 2017-09-03 09:34 - 000353977 ____N C:\WINDOWS\Minidump\070320-37921-01.dmp
2020-07-03 16:06 - 2019-12-28 16:45 - 000000000 ____D C:\Users\Jeff
2020-07-03 16:05 - 2017-09-03 09:34 - 000369761 ____N C:\WINDOWS\Minidump\070320-38578-01.dmp
2020-07-03 15:10 - 2019-12-28 20:22 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-07-03 15:07 - 2019-12-28 16:32 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-07-03 05:28 - 2019-12-29 17:13 - 000000000 ____D C:\Users\Jeff\AppData\Local\CrashDumps
2020-07-03 01:37 - 2019-12-28 16:37 - 000000000 ___HD C:\Program Files\WindowsApps
2020-07-03 01:37 - 2019-12-28 16:37 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-07-02 19:25 - 2020-05-28 03:07 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-07-02 19:25 - 2020-05-28 03:07 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-07-02 19:25 - 2020-05-28 03:07 - 000002276 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2020-07-02 18:49 - 2020-03-24 22:13 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-07-02 14:51 - 2019-12-28 20:21 - 000000000 ____D C:\Program Files (x86)\Google
2020-07-02 14:50 - 2020-01-07 15:03 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-07-02 14:50 - 2020-01-07 15:03 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-07-02 14:50 - 2020-01-07 15:03 - 000002124 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2020-07-02 14:50 - 2020-01-07 15:03 - 000002124 _____ C:\ProgramData\Desktop\Acrobat Reader DC.lnk
2020-07-02 14:32 - 2020-01-07 11:57 - 000001359 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio Installer.lnk
2020-07-02 14:32 - 2020-01-07 11:57 - 000000000 ____D C:\Users\Jeff\AppData\Roaming\Visual Studio Setup
2020-07-02 14:32 - 2020-01-07 11:57 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
2020-07-02 14:14 - 2020-03-15 17:44 - 000000000 ____D C:\Users\Jeff\AppData\Roaming\MPC-HC
2020-07-02 14:14 - 2019-12-28 16:32 - 000000000 ____D C:\WINDOWS\Panther
2020-07-02 13:53 - 2019-12-20 02:27 - 000000000 ____D C:\AdwCleaner
2020-07-02 13:06 - 2019-12-28 21:26 - 000000000 ____D C:\ProgramData\CanonIJPLM
2020-07-02 00:51 - 2019-12-28 18:35 - 000000000 ____D C:\Users\Jeff\AppData\Local\Packages
2020-06-25 15:35 - 2019-12-29 01:06 - 000000000 ____D C:\Users\Jeff\AppData\Local\Adobe
2020-06-25 15:35 - 2019-12-28 16:37 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-06-25 15:35 - 2019-12-28 16:37 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-06-25 14:41 - 2019-12-28 16:37 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-06-22 19:14 - 2019-12-28 18:38 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2173443285-4263232512-4239572146-1001
2020-06-22 19:14 - 2019-12-28 16:45 - 000002364 _____ C:\Users\Jeff\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-06-22 19:14 - 2019-12-19 23:24 - 000000000 ___RD C:\Users\Jeff\OneDrive
2020-06-18 01:57 - 2019-12-28 23:25 - 000000000 ____D C:\Program Files\Microsoft Office
2020-06-18 01:55 - 2020-01-05 03:16 - 000000000 ____D C:\Users\Jeff\AppData\Local\ElevatedDiagnostics
2020-06-18 01:11 - 2019-12-28 16:33 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-06-18 01:09 - 2019-12-28 16:37 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-06-18 01:09 - 2019-12-19 23:22 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-06-18 01:09 - 2019-12-19 23:22 - 000000000 ___RD C:\Users\Jeff\3D Objects
2020-06-18 01:08 - 2019-12-28 16:43 - 000439016 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-06-18 01:06 - 2019-12-28 16:37 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2020-06-18 01:06 - 2019-12-28 16:37 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-06-18 01:06 - 2019-12-28 16:37 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2020-06-18 01:06 - 2019-12-28 16:37 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2020-06-18 01:05 - 2019-12-28 16:37 - 000000000 ___SD C:\WINDOWS\system32\F12
2020-06-18 01:05 - 2019-12-28 16:37 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2020-06-18 01:05 - 2019-12-28 16:37 - 000000000 ____D C:\WINDOWS\SystemResources
2020-06-18 01:05 - 2019-12-28 16:37 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-06-18 01:05 - 2019-12-28 16:37 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-06-18 01:05 - 2019-12-28 16:37 - 000000000 ____D C:\WINDOWS\system32\Com
2020-06-18 01:05 - 2019-12-28 16:37 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2020-06-18 01:05 - 2019-12-28 16:37 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-06-18 01:05 - 2019-12-28 16:37 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-06-18 01:05 - 2019-12-28 16:37 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2020-06-18 01:05 - 2019-12-28 16:37 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2020-06-10 00:39 - 2019-12-28 16:48 - 002876416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2020-06-10 00:19 - 2019-12-29 01:06 - 000004544 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-06-03 12:33 - 2019-12-28 16:37 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2020-06-03 00:30 - 2020-04-21 13:36 - 000000000 ____D C:\Program Files\Canon
2020-06-03 00:30 - 2019-12-20 14:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2020-06-03 00:17 - 2020-04-25 17:30 - 000000000 ___HD C:\ProgramData\CanonIJMIG
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ========================

Edited by jeff matthews, 04 July 2020 - 01:10 AM.


#10 Satchfan

Satchfan

    SuperHelper

  • Malware Team
  • 6,753 posts
  • Interests:LFC, music, more LFC, more music

Posted 04 July 2020 - 07:21 AM

There is no malware as such but the version of Zemana Antimalware is not the real programme – it is a clone. It doesn’t do any harm as such but it has made subtle changes.

P2P - I see you have P2P software, (Vuze (formerly Azureus)), installed on your machine.

We are not here to pass judgment on file-sharing as a concept but we will warn you that engaging in this activity will always make your computer very susceptible to infection and re-infection.

If your computer is infected, it almost certainly contributed to your current situation.

Please note: Even if you are using a "safe" P2P program, it is only the program that is safe. You will be sharing files from uncertified sources, and these are more often than not, infected. Those who write malware use P2P file-sharing as a major vehicle to spread their wares.

If you still think about using it, please see the link below for information about CryptoLocker Ransomware, a type of Ransomware which can be delivered via P2P file transfers.

CryptoLocker Ransomware.

The newest variation of Ransomware can make it impossible to recover the files that it encrypts. In other words, you will probably lose most, if not all of your files, including pictures. In addition, it has recently been reported that P2P downloads may be tracked, resulting in your IP address being monitored by copyright authorities.

I would strongly recommend that you uninstall it now.

Should you decide to keep it, please don’t use it until we have finished here.

===================================================

The last FRST log that you sent was run from your desktop but the first was in your Documents folder. For the ‘fix’ to work you need to move Farbar Recovery Scan Tool directly to your desktop.

  • go to your Documents folder and locate FRST64
  • right click and select Cut
  • go to an empty spot on your desktop, right click and select Paste

Farbar Recovery Scan Tool should now be on your desktop.

================================================

Note: Please complete these tasks in the order given in the instructions.

================================================

Run Farbar Recovery Scan Tool

Open notepad. Please copy the contents of the code box below and paste it into Notepad.

CloseProcesses:
HKU\S-1-5-21-2173443285-4263232512-4239572146-1001\...\MountPoints2: {9586f46a-25d9-11ea-9c47-4ccc6a67517a} - "R:\WD SmartWare.exe" autoplay=true
Task: C:\WINDOWS\Tasks\CCleaner Update.job => C:\Program Files\CCleaner\CCUpdate.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
S3 CrucialSMBusScan; \??\C:\Users\Jeff\AppData\Local\Temp\CrucialSMBusScan_V64.sys [X] <==== ATTENTION
2020-07-03 15:25 - 2020-07-03 15:25 - 005198336 _____ (AVAST Software) C:\Users\Jeff\Documents\aswMBR.exe
2020-07-03 14:26 - 2020-07-03 14:26 - 000177078 _____ C:\Users\Jeff\Documents\d286e821-96ca-4bb4-9906-b8eea3aa3e6c.tmp
2020-07-02 14:05 - 2020-07-02 14:05 - 000000000 ____D C:\Users\Jeff\AppData\Local\ESET
2020-07-02 14:01 - 2020-07-02 14:05 - 000000000 ____D C:\EEK
2020-07-02 14:01 - 2020-07-02 14:01 - 000000000 ____D C:\ProgramData\Emsisoft
2020-07-02 13:28 - 2020-07-02 13:28 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2020-06-25 14:54 - 2020-07-02 13:55 - 000000554 _____ C:\Users\Jeff\Desktop\JRT.txt
2020-06-25 14:46 - 2020-06-25 14:47 - 000169492 _____ C:\TDSSKiller.3.1.0.28_25.06.2020_14.46.43_log.txt
2020-06-25 14:45 - 2020-06-25 14:45 - 000001849 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2020-06-10 00:39 - 2020-06-10 00:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-06-10 00:39 - 2020-06-10 00:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-06-10 00:39 - 2020-06-10 00:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-06-10 00:39 - 2020-06-10 00:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-06-10 00:39 - 2020-06-10 00:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-06-10 00:39 - 2020-06-10 00:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-06-10 00:39 - 2020-06-10 00:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-06-10 00:39 - 2020-06-10 00:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-06-10 00:39 - 2020-06-10 00:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-06-10 00:39 - 2020-06-10 00:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-06-10 00:39 - 2020-06-10 00:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-06-10 00:39 - 2020-06-10 00:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-06-08 18:14 - 2020-06-08 18:14 - 000162481 _____ C:\Users\Jeff\Documents\[BakaBT.163546v0] Bakemonogatari_[ANE] (1).torrent
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
EmptyTemp:

NOTE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

  • save the files as fixlist.txt in the same folder as FRST – NOTE: It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work
  • run FRST64 then click Fix just once and wait
  • it will create a log on your desktop, (Fixlog.txt); please post it to your reply.

================================================

Uninstall programmes

Press the Windows Key + R at the same time, then type appwiz.cpl then Enter.

Please uninstall the following programmes:


Google Update Helper
MalwareFox AntiMalware

 

You can also uninstall any programmes that you previously used that still remain:

Also, delete all other logs and programmes you’ve used that are on your desktop. Just click on them and press Delete.

================================================

Please run FRST again and make sure there is a checkmark next to ‘Addition.txt’ before you hit Scan.

Logs to include with next post:

Fixlog.txt
New Frst.txt
New Addition.txt


Thanks

Satchfan

 


NINA - Proud graduate of the WTT Classroom

Member of UNITE

The help you receive here is free but if you feel I have helped, you may consider making a Donation.

    Advertisements

Register to Remove


#11 jeff matthews

jeff matthews

    Advanced Member

  • Authentic Member
  • PipPipPipPip
  • 768 posts

Posted 04 July 2020 - 05:14 PM

So you are saying my Computer is clean? There are no virus infections at all? One of the things that I was concerned about was what Emisoft found as 2 specific trojan varients. Do you want me to run a scan of Emisoft again so we can take a look at that? Or are those just false positives? According to the emisoft results they were supposedly deeply imbedded into my machine and quarintening or deleting the files would cause damage to my Operating system. 

 

FIXLOG:

 

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 04-07-2020 01
Ran by Jeff (04-07-2020 15:37:43) Run:1
Running from C:\Users\Jeff\Desktop
Loaded Profiles: Jeff
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
CloseProcesses:
HKU\S-1-5-21-2173443285-4263232512-4239572146-1001\...\MountPoints2: {9586f46a-25d9-11ea-9c47-4ccc6a67517a} - "R:\WD SmartWare.exe" autoplay=true
Task: C:\WINDOWS\Tasks\CCleaner Update.job => C:\Program Files\CCleaner\CCUpdate.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
S3 CrucialSMBusScan; \??\C:\Users\Jeff\AppData\Local\Temp\CrucialSMBusScan_V64.sys [X] <==== ATTENTION
2020-07-03 15:25 - 2020-07-03 15:25 - 005198336 _____ (AVAST Software) C:\Users\Jeff\Documents\aswMBR.exe
2020-07-03 14:26 - 2020-07-03 14:26 - 000177078 _____ C:\Users\Jeff\Documents\d286e821-96ca-4bb4-9906-b8eea3aa3e6c.tmp
2020-07-02 14:05 - 2020-07-02 14:05 - 000000000 ____D C:\Users\Jeff\AppData\Local\ESET
2020-07-02 14:01 - 2020-07-02 14:05 - 000000000 ____D C:\EEK
2020-07-02 14:01 - 2020-07-02 14:01 - 000000000 ____D C:\ProgramData\Emsisoft
2020-07-02 13:28 - 2020-07-02 13:28 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2020-06-25 14:54 - 2020-07-02 13:55 - 000000554 _____ C:\Users\Jeff\Desktop\JRT.txt
2020-06-25 14:46 - 2020-06-25 14:47 - 000169492 _____ C:\TDSSKiller.3.1.0.28_25.06.2020_14.46.43_log.txt
2020-06-25 14:45 - 2020-06-25 14:45 - 000001849 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2020-06-10 00:39 - 2020-06-10 00:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-06-10 00:39 - 2020-06-10 00:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-06-10 00:39 - 2020-06-10 00:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-06-10 00:39 - 2020-06-10 00:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-06-10 00:39 - 2020-06-10 00:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-06-10 00:39 - 2020-06-10 00:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-06-10 00:39 - 2020-06-10 00:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-06-10 00:39 - 2020-06-10 00:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-06-10 00:39 - 2020-06-10 00:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-06-10 00:39 - 2020-06-10 00:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-06-10 00:39 - 2020-06-10 00:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-06-10 00:39 - 2020-06-10 00:39 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-06-08 18:14 - 2020-06-08 18:14 - 000162481 _____ C:\Users\Jeff\Documents\[BakaBT.163546v0] Bakemonogatari_[ANE] (1).torrent
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
EmptyTemp:
*****************
 
Processes closed successfully.
HKU\S-1-5-21-2173443285-4263232512-4239572146-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9586f46a-25d9-11ea-9c47-4ccc6a67517a} => removed successfully
C:\WINDOWS\Tasks\CCleaner Update.job => moved successfully
C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => moved successfully
HKLM\System\CurrentControlSet\Services\CrucialSMBusScan => removed successfully
CrucialSMBusScan => service removed successfully
C:\Users\Jeff\Documents\aswMBR.exe => moved successfully
C:\Users\Jeff\Documents\d286e821-96ca-4bb4-9906-b8eea3aa3e6c.tmp => moved successfully
C:\Users\Jeff\AppData\Local\ESET => moved successfully
C:\EEK => moved successfully
C:\ProgramData\Emsisoft => moved successfully
"C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job" => not found
C:\Users\Jeff\Desktop\JRT.txt => moved successfully
C:\TDSSKiller.3.1.0.28_25.06.2020_14.46.43_log.txt => moved successfully
C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk => moved successfully
C:\WINDOWS\system32\DrtmAuth9.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth8.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth7.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth6.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth5.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth4.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth3.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth2.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth12.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth11.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth10.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth1.bin => moved successfully
C:\Users\Jeff\Documents\[BakaBT.163546v0] Bakemonogatari_[ANE] (1).torrent => moved successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}\\SystemComponent" => removed successfully
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => removed successfully
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => removed successfully
 
=========== EmptyTemp: ==========
 
BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 58021384 B
Java, Flash, Steam htmlcache => 10340107 B
Windows/system/drivers => 3786817 B
Edge => 88602 B
Chrome => 412113293 B
Firefox => 684223184 B
Opera => 0 B
 
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 31070 B
NetworkService => 58860 B
Jeff => 274701031 B
 
RecycleBin => 18141400 B
EmptyTemp: => 1.4 GB temporary data Removed.
 
================================
 
 
The system needed a reboot.
 
==== End of Fixlog 15:38:32 ====

 

 

 

FRST LOG:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 04-07-2020 01
Ran by Jeff (administrator) on DESKTOP-28LTCFK (MSI MS-7917) (04-07-2020 15:59:20)
Running from C:\Users\Jeff\Desktop
Loaded Profiles: Jeff
Platform: Windows 10 Pro Version 1909 18363.900 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
() [File not signed] C:\Program Files\Serviio\bin\ServiioService.exe <2>
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(Crystal Rich Ltd -> Crystal Rich Ltd) C:\Program Files (x86)\USB Safely Remove\USBSafelyRemove.exe
(Crystal Rich Ltd -> Crystal Rich Ltd) C:\Program Files (x86)\USB Safely Remove\USBSRService.exe
(Discord Inc. -> Discord Inc.) C:\Users\Jeff\AppData\Local\Discord\app-0.0.306\Discord.exe <6>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <10>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12006.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a3efb8aa9e9e249a\Display.NvContainer\NVDisplay.Container.exe <2>
(Plex, Inc. -> ) C:\Program Files (x86)\Plex\Plex Media Server\Plex Tuner Service.exe
(Plex, Inc. -> Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
(Plex, Inc. -> Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe
(Plex, Inc. -> Python Software Foundation) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(TEFINCOM S.A. -> ) C:\Program Files (x86)\NordVPN\nordvpn-service.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9181696 2016-12-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Eraser] => C:\Program Files\Eraser\Eraser.exe [1068560 2019-08-18] (Heidi Computers Ltd -> The Eraser Project)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX2] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe [279240 2016-12-09] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (Canon Inc. -> CANON INC.)
HKU\S-1-5-21-2173443285-4263232512-4239572146-1001\...\Run: [Discord] => C:\Users\Jeff\AppData\Local\Discord\app-0.0.306\Discord.exe [90950968 2020-02-24] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-2173443285-4263232512-4239572146-1001\...\Run: [USB Safely Remove] => C:\Program Files (x86)\USB Safely Remove\USBSafelyRemove.exe [6544992 2018-09-08] (Crystal Rich Ltd -> Crystal Rich Ltd)
HKU\S-1-5-21-2173443285-4263232512-4239572146-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3375904 2020-06-04] (Valve -> Valve Corporation)
HKU\S-1-5-21-2173443285-4263232512-4239572146-1001\...\Run: [NordVPN] => C:\Program Files (x86)\NordVPN\NordVPN.exe [1825744 2020-04-29] (TEFINCOM S.A. -> NordVPN)
HKU\S-1-5-21-2173443285-4263232512-4239572146-1001\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [20086776 2020-05-25] (Plex, Inc. -> Plex, Inc.)
HKU\S-1-5-21-2173443285-4263232512-4239572146-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [8887216 2018-03-22] (Support.com, Inc. -> SUPERAntiSpyware)
HKU\S-1-5-21-2173443285-4263232512-4239572146-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [23153344 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2173443285-4263232512-4239572146-1001\...\RunOnce: [Application Restart #4] => C:\Program Files (x86)\Microsoft Visual Studio\2017\Enterprise\Common7\IDE\devenv.exe [727608 2020-01-07] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\Canon TR8500 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDDL.DLL [482816 2019-01-10] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ FAX Language Monitor TR8500 series: C:\WINDOWS\system32\CNCALDL.DLL [254464 2019-01-28] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor TR8500 series: C:\WINDOWS\system32\CNMLMDL.DLL [1302016 2019-01-10] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.116\Installer\chrmstp.exe [2020-07-02] (Google LLC -> Google LLC)
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {068C6996-5CB8-413C-BAB1-82EA31973111} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_387_Plugin.exe [1459256 2020-06-25] (Adobe Inc. -> Adobe)
Task: {195AA098-D68B-4966-84EC-25F6913E3B9E} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [171368 2020-06-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {2AC519C9-286E-4B1D-81AA-8765F67391D2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {4D8F1E9D-D34D-4738-A3A0-E59017F7C7AD} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-25] (Adobe Inc. -> Adobe)
Task: {5E5B6949-4FDC-4E43-9D38-96BBA90F22B6} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23756168 2020-06-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {7735C6DB-4C54-48FC-B7C2-ADB196B0AFFC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-02] (Google LLC -> Google LLC)
Task: {7974C317-3446-40BD-9632-1ACB3800E0C5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-02] (Google LLC -> Google LLC)
Task: {8E6C6556-1817-4387-BC78-02F59D34227D} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [171368 2020-06-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {A2EC3278-C7D0-43B7-BED8-68C9E145D0FA} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1861528 2020-06-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {D9F2203A-B32E-4821-BF4D-6C8016B9AFED} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16835256 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {F160E677-94BA-4E39-9197-CFA08B4C26D6} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23756168 2020-06-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {F5750E51-3625-415B-8DAF-50C84E922399} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [124112 2020-07-01] (Mozilla Corporation -> Mozilla Foundation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\..\Interfaces\{c6b50efc-6210-473e-b22e-c6b4c3800167}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-01-10] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-06-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-06-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-06-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-06-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-06-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-06-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-06-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-06-06] (Microsoft Corporation -> Microsoft Corporation)
 
Edge: 
======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Jeff\AppData\Local\Microsoft\Edge\User Data\Default [2020-07-02]
 
FireFox:
========
FF DefaultProfile: zyy8cm08.default
FF ProfilePath: C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\zyy8cm08.default [2020-07-04]
FF ProfilePath: C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\iwvw2oej.default-release-1585113236716 [2020-07-04]
FF DownloadDir: I:\X Movies\B Archive Films 1986 - 1989
FF Session Restore: Mozilla\Firefox\Profiles\iwvw2oej.default-release-1585113236716 -> is enabled.
FF Extension: (Simple mass downloader) - C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\iwvw2oej.default-release-1585113236716\Extensions\gelprec.smd@gmail.com.xpi [2020-03-24]
FF Extension: (Video DownloadHelper) - C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\iwvw2oej.default-release-1585113236716\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2020-04-22]
FF Extension: (Adblock Plus - free ad blocker) - C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\iwvw2oej.default-release-1585113236716\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-06-30]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_387.dll [2020-06-25] (Adobe Inc. -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_387.dll [2020-06-25] (Adobe Inc. -> )
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2016-04-14] (CANON INC.) [File not signed]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-01-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-03] (Adobe Inc. -> Adobe Systems Inc.)
 
Chrome: 
=======
CHR Profile: C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default [2020-07-04]
CHR DownloadDir: C:\Users\Jeff\Documents
CHR Notifications: Default -> hxxps://www.cio.com; hxxps://www.facebook.com; hxxps://www.reddit.com; hxxps://www.youtube.com
CHR HomePage: Default -> hxxp://www.google.com/ig/redirectdomain?brand=ASUT&bmod=ASUT
CHR DefaultSearchURL: Default -> hxxps://s.yimg.com/cv/apiv2/09062018/manifest/yahoo_install_48.png
CHR Session Restore: Default -> is enabled.
CHR Extension: (WOT Web of Trust, Website Reputation Ratings) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2020-07-02]
CHR Extension: (Yahoo) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnpnjbjealcpabcenanokcflffolchnm [2020-02-18]
CHR Extension: (uBlock Origin) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2020-06-18]
CHR Extension: (Video DownloadHelper) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2020-04-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-12-28]
CHR Extension: (Chrome Media Router) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-06-18]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-30] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-25] (Adobe Inc. -> Adobe)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [10634632 2020-06-05] (Microsoft Corporation -> Microsoft Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [399296 2019-11-28] (Canon Inc. -> )
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-06-25] (Malwarebytes Inc -> Malwarebytes)
R2 nordvpn-service; C:\Program Files (x86)\NordVPN\nordvpn-service.exe [237520 2020-04-29] (TEFINCOM S.A. -> )
R2 PlexUpdateService; C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe [1508336 2020-05-25] (Plex, Inc. -> Plex, Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5930136 2020-04-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 Serviio; C:\Program Files\Serviio\bin\ServiioService.exe [413696 2020-05-03] () [File not signed]
R2 USBSafelyRemoveService; C:\Program Files (x86)\USB Safely Remove\USBSRService.exe [1736800 2018-09-08] (Crystal Rich Ltd -> Crystal Rich Ltd)
S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [157480 2018-08-02] (Microsoft Corporation -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\NisSrv.exe [2496144 2020-07-03] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\MsMpEng.exe [104192 2020-07-03] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a3efb8aa9e9e249a\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a3efb8aa9e9e249a\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 amsdk; C:\WINDOWS\system32\drivers\amsdk.sys [232792 2020-07-02] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
R3 ElgatoGC658Y; C:\WINDOWS\System32\Drivers\ElgatoGC658.sys [52848 2016-08-03] (Elgato Systems LLC -> UB658)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2020-06-25] (Malwarebytes Corporation -> Malwarebytes)
S3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [57728 2020-07-02] (SurfRight B.V. -> )
R3 KillerEth; C:\WINDOWS\System32\drivers\e2xw10x64.sys [145920 2019-03-18] (Microsoft Windows -> Qualcomm Atheros, Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [214496 2020-07-04] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-06-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [196456 2020-07-04] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73368 2020-07-04] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-07-02] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [131728 2020-07-04] (Malwarebytes Inc -> Malwarebytes)
R3 nlwt; C:\WINDOWS\system32\DRIVERS\nlwt.sys [39360 2020-04-20] (TEFINCOM S.A. -> WireGuard LLC)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a3efb8aa9e9e249a\nvlddmkm.sys [23231744 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NVSWCFilter; C:\WINDOWS\System32\drivers\nvswcfilter.sys [53752 2019-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
S3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [75600 2019-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project)
R3 USB28xxBGA; C:\WINDOWS\System32\drivers\emBDA64.sys [981432 2018-11-25] (Microsoft Windows Hardware Compatibility Publisher -> eMPIA Technology Corp.)
R3 USB28xxOEM; C:\WINDOWS\System32\drivers\emOEM64.sys [1556920 2018-11-25] (Microsoft Windows Hardware Compatibility Publisher -> eMPIA Technology Corp.)
S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [174008 2019-01-28] (Oracle Corporation -> Oracle Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45976 2020-07-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [408816 2020-07-03] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [64224 2020-07-03] (Microsoft Windows -> Microsoft Corporation)
R3 XtuAcpiDriver; C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys [63840 2015-07-10] (Intel® Software -> Intel Corporation)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2020-07-02] (Zemana Ltd. -> Zemana Ltd.)
S1 epp; \??\C:\EEK\bin64\epp.sys [X]
S1 ZAM; \??\C:\WINDOWS\System32\drivers\zam64.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ===================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-07-04 15:59 - 2020-07-04 15:59 - 000023480 _____ C:\Users\Jeff\Desktop\FRST.txt
2020-07-04 15:48 - 2020-07-04 15:48 - 000000000 ____D C:\WINDOWS\system32\appmgmt
2020-07-04 15:44 - 2020-07-04 15:48 - 000000000 ____D C:\Users\Jeff\AppData\LocalLow\IGDump
2020-07-04 15:41 - 2020-07-04 15:41 - 000214496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-07-04 15:41 - 2020-07-04 15:41 - 000196456 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2020-07-04 15:41 - 2020-07-04 15:41 - 000131728 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2020-07-04 15:41 - 2020-07-04 15:41 - 000073368 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2020-07-04 15:37 - 2020-07-04 15:38 - 000005980 _____ C:\Users\Jeff\Desktop\Fixlog.txt
2020-07-04 15:37 - 2020-07-04 15:37 - 000000000 ____D C:\Users\Jeff\Desktop\FRST-OlderVersion
2020-07-03 19:43 - 2020-07-04 15:37 - 002292224 _____ (Farbar) C:\Users\Jeff\Desktop\FRST64.exe
2020-07-03 16:11 - 2020-07-03 15:25 - 005198336 _____ (AVAST Software) C:\Users\Jeff\Desktop\aswMBR.exe
2020-07-03 16:07 - 2020-07-03 16:07 - 005198336 _____ (AVAST Software) C:\Users\Jeff\Documents\aswMBR (1).exe
2020-07-03 16:05 - 2020-07-03 16:19 - 000000000 ____D C:\WINDOWS\Minidump
2020-07-03 15:33 - 2020-07-03 15:42 - 000045428 _____ C:\Users\Jeff\Documents\Addition.txt
2020-07-03 15:32 - 2020-07-04 15:59 - 000000000 ____D C:\FRST
2020-07-03 15:32 - 2020-07-03 15:42 - 000092787 _____ C:\Users\Jeff\Documents\FRST.txt
2020-07-03 15:23 - 2020-07-03 15:23 - 002291712 _____ (Farbar) C:\Users\Jeff\Documents\FRST64.exe
2020-07-02 18:49 - 2020-07-02 18:49 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-07-02 14:54 - 2020-07-04 15:59 - 000067787 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2020-07-02 14:54 - 2020-07-04 15:48 - 000000000 ____D C:\Program Files (x86)\MalwareFox AntiMalware
2020-07-02 14:54 - 2020-07-02 14:54 - 000203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zamguard64.sys
2020-07-02 14:54 - 2020-07-02 14:54 - 000000000 ____D C:\Users\Jeff\AppData\Local\Wolf of Webstreet OPC Private Limited
2020-07-02 14:52 - 2020-07-02 14:52 - 000002377 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-07-02 14:52 - 2020-07-02 14:52 - 000002336 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-07-02 14:52 - 2020-07-02 14:52 - 000002336 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-07-02 14:51 - 2020-07-02 14:51 - 001295576 _____ (Google LLC) C:\Users\Jeff\Downloads\ChromeSetup.exe
2020-07-02 14:51 - 2020-07-02 14:51 - 000003420 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-07-02 14:51 - 2020-07-02 14:51 - 000003296 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-07-02 14:42 - 2020-07-02 14:42 - 000002886 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2020-07-02 14:40 - 2020-07-04 15:59 - 000472242 _____ C:\WINDOWS\ZAM.krnl.trace
2020-07-02 14:37 - 2020-07-02 14:37 - 001965536 _____ (Malwarebytes) C:\Users\Jeff\Documents\MBSetup-80562.80562-consumer.exe
2020-07-02 14:34 - 2020-07-02 14:34 - 000000000 ____D C:\Users\Jeff\AppData\Local\Zemana
2020-07-02 14:33 - 2020-07-02 14:33 - 006617512 _____ (Zemana Ltd. ) C:\Users\Jeff\Documents\MalwareFox.exe
2020-07-02 14:27 - 2020-07-02 14:27 - 012741568 _____ (Zemana Ltd. ) C:\Users\Jeff\Documents\AntiMalware_Setup.exe
2020-07-02 14:27 - 2020-07-02 14:27 - 000232792 _____ (Copyright 2018.) C:\WINDOWS\system32\Drivers\amsdk.sys
2020-07-02 14:27 - 2020-07-02 14:27 - 000000000 ____D C:\Users\Jeff\AppData\Local\AMSDK
2020-07-02 14:22 - 2020-07-02 14:22 - 000448512 _____ (OldTimer Tools) C:\Users\Jeff\Documents\TFC.exe
2020-07-02 14:16 - 2020-07-02 14:16 - 000057728 _____ C:\WINDOWS\system32\Drivers\hitmanpro37.sys
2020-07-02 14:15 - 2020-07-02 14:16 - 000002438 _____ C:\Users\Jeff\Desktop\Rkill.txt
2020-07-02 14:11 - 2020-07-02 14:11 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-07-02 14:11 - 2020-07-02 14:11 - 000000863 _____ C:\ProgramData\Desktop\CCleaner.lnk
2020-07-02 14:11 - 2020-07-02 14:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2020-07-02 14:11 - 2020-07-02 14:11 - 000000000 ____D C:\Program Files\CCleaner
2020-07-02 14:05 - 2020-07-02 14:05 - 000001428 _____ C:\Users\Jeff\Desktop\Msoft.txt
2020-07-02 13:57 - 2020-07-02 13:57 - 000001122 _____ C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2020-07-02 13:57 - 2020-07-02 13:57 - 000001122 _____ C:\ProgramData\Desktop\Revo Uninstaller Pro.lnk
2020-07-02 13:57 - 2020-07-02 13:57 - 000000000 ____D C:\Users\Jeff\AppData\Local\VS Revo Group
2020-07-02 13:57 - 2020-07-02 13:57 - 000000000 ____D C:\ProgramData\VS Revo Group
2020-07-02 13:57 - 2020-07-02 13:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2020-07-02 13:57 - 2020-07-02 13:57 - 000000000 ____D C:\Program Files\VS Revo Group
2020-07-02 13:57 - 2016-12-21 14:52 - 000040240 _____ (VS Revo Group) C:\WINDOWS\system32\Drivers\revoflt.sys
2020-07-02 13:50 - 2020-07-02 13:52 - 000166974 _____ C:\TDSSKiller.3.1.0.28_02.07.2020_13.50.51_log.txt
2020-07-02 13:50 - 2020-07-02 13:50 - 004962800 _____ C:\Users\Jeff\Documents\tdsskiller.zip
2020-07-02 13:50 - 2020-07-02 13:50 - 000000436 _____ C:\TDSSKiller.3.1.0.16_02.07.2020_13.50.25_log.txt
2020-07-02 13:50 - 2020-07-02 13:50 - 000000000 ____D C:\Users\Jeff\Documents\tdsskiller
2020-07-02 13:41 - 2020-07-02 13:50 - 000000000 ____D C:\Users\Jeff\Desktop\mbar
2020-07-02 13:41 - 2020-07-02 13:50 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2020-07-02 13:06 - 2020-07-02 14:38 - 000000000 ____D C:\WINDOWS\pss
2020-07-01 16:27 - 2020-07-03 15:10 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-06-26 21:11 - 2020-06-26 21:11 - 000463097 _____ C:\Users\Jeff\Documents\SoraVoice_20191210.7z
2020-06-26 21:11 - 2020-06-26 21:11 - 000000000 ____D C:\Users\Jeff\Documents\SoraVoice_20191210
2020-06-26 21:11 - 2020-06-26 21:11 - 000000000 ____D C:\Users\Jeff\Documents\dsound_dll_20190716
2020-06-26 21:10 - 2020-06-26 21:10 - 000033996 _____ C:\Users\Jeff\Documents\dsound_dll_20190716.7z
2020-06-25 21:09 - 2020-07-01 19:57 - 000000000 ____D C:\Users\Jeff\Desktop\Preschool Grad Pictures
2020-06-25 14:45 - 2020-06-25 14:45 - 000000000 ____D C:\Users\Jeff\AppData\Roaming\SUPERAntiSpyware.com
2020-06-25 14:45 - 2020-06-25 14:45 - 000000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2020-06-25 14:45 - 2020-06-25 14:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2020-06-25 14:45 - 2020-06-25 14:45 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
2020-06-25 14:44 - 2020-06-25 14:51 - 000000000 ____D C:\ProgramData\HitmanPro
2020-06-25 14:42 - 2020-06-25 14:42 - 000000000 ____D C:\Users\Jeff\AppData\Local\mbam
2020-06-25 14:41 - 2020-07-02 14:41 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-06-25 14:41 - 2020-07-02 13:41 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-06-25 14:41 - 2020-06-25 14:41 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-06-25 14:41 - 2020-06-25 14:41 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-06-25 14:41 - 2020-06-25 14:41 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-06-25 14:41 - 2020-06-25 14:41 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-06-25 14:41 - 2020-06-25 14:41 - 000002021 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-06-25 14:40 - 2020-06-25 14:40 - 001928352 _____ (Malwarebytes) C:\Users\Jeff\Documents\MBSetup-076981.076981-Consumer.exe
2020-06-25 14:40 - 2020-06-25 14:40 - 000000000 ____D C:\Program Files\Malwarebytes
2020-06-22 17:42 - 2020-06-22 17:42 - 000087247 _____ C:\Users\Jeff\Documents\June 08, 2020.pdf
2020-06-22 17:42 - 2020-06-22 17:42 - 000059722 _____ C:\Users\Jeff\Documents\January 08, 2020.pdf
2020-06-22 17:38 - 2020-06-22 17:38 - 000066627 _____ C:\Users\Jeff\Documents\June 05, 2020.pdf
2020-06-20 00:57 - 2020-03-11 06:05 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthA2dp.sys
2020-06-19 18:24 - 2020-06-19 18:24 - 000212141 _____ C:\Users\Jeff\Documents\IMG_20200619_0002.pdf
2020-06-19 18:24 - 2020-06-19 18:24 - 000206082 _____ C:\Users\Jeff\Desktop\SNAP Benifits - Front.pdf
2020-06-19 18:23 - 2020-06-19 18:23 - 000168389 _____ C:\Users\Jeff\Desktop\SNAP Benifits - Back.pdf
2020-06-19 18:22 - 2020-06-19 18:22 - 000177653 _____ C:\Users\Jeff\Documents\IMG_20200619_0001.pdf
2020-06-18 01:11 - 2020-06-18 01:11 - 002510856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2020-06-18 01:08 - 2020-06-05 14:03 - 000835480 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-06-18 01:08 - 2020-06-05 14:03 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2020-06-17 14:43 - 2020-06-17 14:43 - 000063146 _____ C:\Users\Jeff\Documents\Invoice 12-13468.pdf
2020-06-17 14:42 - 2020-06-17 14:42 - 000068876 _____ C:\Users\Jeff\Documents\Invoice 12-12298.pdf
2020-06-17 14:42 - 2020-06-17 14:42 - 000063828 _____ C:\Users\Jeff\Documents\Invoice 12-13655.pdf
2020-06-17 14:41 - 2020-06-17 15:02 - 000000000 ____D C:\Users\Jeff\Desktop\Dick Websters Invoices
2020-06-17 14:41 - 2020-06-17 14:41 - 000066515 _____ C:\Users\Jeff\Documents\Invoice 12-13938.pdf
2020-06-10 00:39 - 2020-06-10 00:39 - 025902080 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 019851776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 019812864 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 018029056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 011608064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 009931576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 009712640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 008015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 007911176 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 007760384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 007604592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 007268864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 007266080 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 007012864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 006526448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 006435840 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 006292480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 006091048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 006066808 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 005909504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 005765144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 005283264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 005195432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 005111808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 005004344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 004858880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 004610560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 004565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 004470272 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 004012032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 003822592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 003726848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-06-10 00:39 - 2020-06-10 00:39 - 003712000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 003581240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-06-10 00:39 - 2020-06-10 00:39 - 003525608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 003515392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 003398656 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 003368104 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 003365376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 003187200 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 002831872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 002798592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-06-10 00:39 - 2020-06-10 00:39 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-06-10 00:39 - 2020-06-10 00:39 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-06-10 00:39 - 2020-06-10 00:39 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-06-10 00:39 - 2020-06-10 00:39 - 002656256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 002583496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 002494744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 002289664 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 002281472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcndmgr.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 002235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 002230240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 002204160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 002190648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 002184504 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001942528 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001919488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001803776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmc.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001743680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001704448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmcndmgr.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001683968 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001654960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001649152 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001583104 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001539072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 001497400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001486336 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 001467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001466368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpsharercom.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001447424 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 001416224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001410048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmc.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 001397560 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 001393952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001348096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001344512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMNetMgr.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001316352 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmclient.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001314304 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagperf.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001284608 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001283072 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001274128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001272160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001261568 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001260744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001250816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpsharercom.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001215488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 001193984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001158144 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001155944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 001153024 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowsperformancerecordercontrol.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001151824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001138688 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMNetMgr.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001100288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001099608 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001077048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 001073664 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001066496 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdosys.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001055184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001007104 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 001003832 _____ (Microsoft Corporation) C:\WINDOWS\system32\DismApi.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000994304 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000992256 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2fs.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapi3.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregcmd.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000940544 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srmclient.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000932256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000931840 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkObjCore.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000929280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000897536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000894024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000892416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000892048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-06-10 00:39 - 2020-06-10 00:39 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowsperformancerecordercontrol.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000868352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2fs.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000850944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapi3.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000832512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdosys.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000826368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000797464 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000783496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000782336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000777216 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000760296 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000747832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000740664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DismApi.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000740352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000739840 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscsvc.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000727040 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntime.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000722072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000716320 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntimewindows.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BTAGService.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000696832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000694784 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpprefcl.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000692224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000690176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkObjCore.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000686080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000684856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000674304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000651776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMEX.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000640000 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmscan.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000632320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000628408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000619008 _____ (Microsoft Corporation) C:\WINDOWS\system32\azroles.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000614400 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\psisdecd.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000593424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msra.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000575488 _____ (Microsoft® Windows® Operating System) C:\WINDOWS\system32\wvc.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msTextPrediction.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000572200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000571904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2020-06-10 00:39 - 2020-06-10 00:39 - 000564736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpprefcl.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000564496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000561464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2020-06-10 00:39 - 2020-06-10 00:39 - 000557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000555520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000553984 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-06-10 00:39 - 2020-06-10 00:39 - 000549376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000548984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000531768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2020-06-10 00:39 - 2020-06-10 00:39 - 000529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000522240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000518456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000508720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000508216 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizeng.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSCOMEX.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2020-06-10 00:39 - 2020-06-10 00:39 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\azroles.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000498176 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000490496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000484864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\psisdecd.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000478208 _____ (Microsoft® Windows® Operating System) C:\WINDOWS\SysWOW64\wvc.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000467952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000466944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srmscan.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassdo.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000461112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.ConversationalAgent.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000453944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000451864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-06-10 00:39 - 2020-06-10 00:39 - 000440832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprt.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\WalletService.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\termmgr.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000425056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000423424 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswmdm.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000420352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000407864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwizeng.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000405936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000398336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMM.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000398336 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000384512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000384000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000380728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000361472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\termmgr.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassdo.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000357176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswmdm.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpr.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Feedback.Analog.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000338944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpviewerax.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-06-10 00:39 - 2020-06-10 00:39 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000309248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2020-06-10 00:39 - 2020-06-10 00:39 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\RASMM.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WlanMM.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\CXHProvisioningServer.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000287232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Preview.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000280376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Dism.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000271360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpviewerax.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkEd.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000267776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000264192 _____ (Microsoft Corporation) C:\WINDOWS\system32\netman.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000260096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wavemsp.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000259776 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoncli.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpg2splt.ax
2020-06-10 00:39 - 2020-06-10 00:39 - 000249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\FileHistory.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000248320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000247856 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000242688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkEd.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\psr.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wavemsp.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000223544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Dism.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000221496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpdxm.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdigest.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000211256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000209216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSM.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\cic.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg2splt.ax
2020-06-10 00:39 - 2020-06-10 00:39 - 000204008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityCenterBroker.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000201528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SIUF.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000199992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmidx.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000196096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\psr.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000193592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AarSvc.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000190048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logoncli.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdigest.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasrecst.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netprofm.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3mm.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000179512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2020-06-10 00:39 - 2020-06-10 00:39 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpdxm.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaatext.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000165832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000165296 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000165192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cic.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSM.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000150328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdrsvc.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasnap.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000146944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmidx.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleprn.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000133120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasrecst.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000132424 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000130112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000129600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkStatus.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000128312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkspbrokerAx.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMM.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaatext.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleprn.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000108856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasnap.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000104248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000099712 _____ (Microsoft Corporation) C:\WINDOWS\system32\FsIso.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkspbrokerAx.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\atl.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000093448 _____ (Microsoft Corporation) C:\WINDOWS\system32\devenum.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000090952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000089344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwanRadioManager.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2020-06-10 00:39 - 2020-06-10 00:39 - 000083600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devenum.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atl.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\RpcEpMap.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasads.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2020-06-10 00:39 - 2020-06-10 00:39 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanRadioManager.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxGipRadioManager.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtutils.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnrollCtrl.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000063288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasads.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtutils.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\NfcRadioMedia.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeUISrv.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnosticsTool.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnrollCtrl.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000041864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityCenterBrokerPS.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\atlthunk.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atlthunk.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryCore.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000028368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SecurityCenterBrokerPS.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2020-06-10 00:39 - 2020-06-10 00:39 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-06-10 00:39 - 2020-06-10 00:39 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-06-10 00:33 - 2020-06-10 00:33 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-06-10 00:33 - 2020-06-10 00:33 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-07-04 15:56 - 2019-12-28 16:37 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-07-04 15:47 - 2019-12-28 16:53 - 000840852 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-07-04 15:47 - 2019-12-28 16:36 - 000000000 ____D C:\WINDOWS\INF
2020-07-04 15:42 - 2020-05-12 23:20 - 000000000 ____D C:\Program Files (x86)\Steam
2020-07-04 15:42 - 2019-12-28 23:17 - 000000000 ____D C:\Users\Jeff\AppData\Roaming\Discord
2020-07-04 15:41 - 2020-05-27 03:36 - 000000000 ____D C:\Users\Jeff\AppData\Local\Plex Media Server
2020-07-04 15:41 - 2019-12-28 23:20 - 000000000 ____D C:\Users\Jeff\AppData\Roaming\USBSafelyRemove
2020-07-04 15:41 - 2019-12-28 16:47 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-07-04 15:38 - 2020-01-09 20:48 - 000000000 ____D C:\Users\Jeff\AppData\LocalLow\Temp
2020-07-04 15:38 - 2019-12-28 16:50 - 000011395 _____ C:\ProgramData\DisplaySessionContainer1.log_backup1
2020-07-04 15:38 - 2019-12-28 16:45 - 000000000 ____D C:\Users\Jeff
2020-07-04 15:38 - 2019-12-28 16:44 - 000016822 _____ C:\ProgramData\NVDisplay.ContainerLocalSystem.log_backup1
2020-07-04 15:38 - 2019-12-28 16:44 - 000008675 _____ C:\ProgramData\NVDisplayContainerWatchdog.log_backup1
2020-07-04 15:38 - 2019-12-28 16:32 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-07-04 15:37 - 2019-12-28 23:18 - 000000000 ____D C:\Users\Jeff\AppData\Roaming\Azureus
2020-07-04 15:37 - 2019-12-28 16:44 - 000001209 _____ C:\ProgramData\NvcDispCorePlugin.log_backup1
2020-07-04 15:21 - 2019-12-28 16:43 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-07-04 13:20 - 2020-01-02 04:13 - 000004166 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{2C57048F-A772-4420-AF5E-5105F8F52AD7}
2020-07-03 18:41 - 2019-12-28 16:47 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-07-03 16:50 - 2019-12-20 00:03 - 000000000 ____D C:\Users\Jeff\AppData\LocalLow\Mozilla
2020-07-03 16:19 - 2017-09-03 09:34 - 000366713 ____N C:\WINDOWS\Minidump\070320-40312-01.dmp
2020-07-03 16:14 - 2017-09-03 09:34 - 000353977 ____N C:\WINDOWS\Minidump\070320-37921-01.dmp
2020-07-03 16:05 - 2017-09-03 09:34 - 000369761 ____N C:\WINDOWS\Minidump\070320-38578-01.dmp
2020-07-03 15:10 - 2019-12-28 20:22 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-07-03 05:28 - 2019-12-29 17:13 - 000000000 ____D C:\Users\Jeff\AppData\Local\CrashDumps
2020-07-03 01:37 - 2019-12-28 16:37 - 000000000 ___HD C:\Program Files\WindowsApps
2020-07-03 01:37 - 2019-12-28 16:37 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-07-02 19:25 - 2020-05-28 03:07 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-07-02 19:25 - 2020-05-28 03:07 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-07-02 19:25 - 2020-05-28 03:07 - 000002276 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2020-07-02 18:49 - 2020-03-24 22:13 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-07-02 14:51 - 2019-12-28 20:21 - 000000000 ____D C:\Program Files (x86)\Google
2020-07-02 14:50 - 2020-01-07 15:03 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-07-02 14:50 - 2020-01-07 15:03 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-07-02 14:50 - 2020-01-07 15:03 - 000002124 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2020-07-02 14:50 - 2020-01-07 15:03 - 000002124 _____ C:\ProgramData\Desktop\Acrobat Reader DC.lnk
2020-07-02 14:32 - 2020-01-07 11:57 - 000001359 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio Installer.lnk
2020-07-02 14:32 - 2020-01-07 11:57 - 000000000 ____D C:\Users\Jeff\AppData\Roaming\Visual Studio Setup
2020-07-02 14:32 - 2020-01-07 11:57 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
2020-07-02 14:14 - 2020-03-15 17:44 - 000000000 ____D C:\Users\Jeff\AppData\Roaming\MPC-HC
2020-07-02 14:14 - 2019-12-28 16:32 - 000000000 ____D C:\WINDOWS\Panther
2020-07-02 13:53 - 2019-12-20 02:27 - 000000000 ____D C:\AdwCleaner
2020-07-02 13:06 - 2019-12-28 21:26 - 000000000 ____D C:\ProgramData\CanonIJPLM
2020-07-02 00:51 - 2019-12-28 18:35 - 000000000 ____D C:\Users\Jeff\AppData\Local\Packages
2020-06-25 15:35 - 2019-12-29 01:06 - 000000000 ____D C:\Users\Jeff\AppData\Local\Adobe
2020-06-25 15:35 - 2019-12-28 16:37 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-06-25 15:35 - 2019-12-28 16:37 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-06-25 14:41 - 2019-12-28 16:37 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-06-22 19:14 - 2019-12-28 18:38 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2173443285-4263232512-4239572146-1001
2020-06-22 19:14 - 2019-12-28 16:45 - 000002364 _____ C:\Users\Jeff\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-06-22 19:14 - 2019-12-19 23:24 - 000000000 ___RD C:\Users\Jeff\OneDrive
2020-06-18 01:57 - 2019-12-28 23:25 - 000000000 ____D C:\Program Files\Microsoft Office
2020-06-18 01:55 - 2020-01-05 03:16 - 000000000 ____D C:\Users\Jeff\AppData\Local\ElevatedDiagnostics
2020-06-18 01:11 - 2019-12-28 16:33 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-06-18 01:09 - 2019-12-28 16:37 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-06-18 01:09 - 2019-12-19 23:22 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-06-18 01:09 - 2019-12-19 23:22 - 000000000 ___RD C:\Users\Jeff\3D Objects
2020-06-18 01:08 - 2019-12-28 16:43 - 000439016 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-06-18 01:06 - 2019-12-28 16:37 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2020-06-18 01:06 - 2019-12-28 16:37 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-06-18 01:06 - 2019-12-28 16:37 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2020-06-18 01:06 - 2019-12-28 16:37 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2020-06-18 01:05 - 2019-12-28 16:37 - 000000000 ___SD C:\WINDOWS\system32\F12
2020-06-18 01:05 - 2019-12-28 16:37 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2020-06-18 01:05 - 2019-12-28 16:37 - 000000000 ____D C:\WINDOWS\SystemResources
2020-06-18 01:05 - 2019-12-28 16:37 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-06-18 01:05 - 2019-12-28 16:37 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-06-18 01:05 - 2019-12-28 16:37 - 000000000 ____D C:\WINDOWS\system32\Com
2020-06-18 01:05 - 2019-12-28 16:37 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2020-06-18 01:05 - 2019-12-28 16:37 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-06-18 01:05 - 2019-12-28 16:37 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-06-18 01:05 - 2019-12-28 16:37 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2020-06-18 01:05 - 2019-12-28 16:37 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2020-06-10 00:39 - 2019-12-28 16:48 - 002876416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2020-06-10 00:19 - 2019-12-29 01:06 - 000004544 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ========================
 
 
Addition Log:
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-07-2020 01
Ran by Jeff (04-07-2020 16:00:17)
Running from C:\Users\Jeff\Desktop
Windows 10 Pro Version 1909 18363.900 (X64) (2019-12-28 23:50:36)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2173443285-4263232512-4239572146-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2173443285-4263232512-4239572146-503 - Limited - Disabled)
Guest (S-1-5-21-2173443285-4263232512-4239572146-501 - Limited - Disabled)
Jeff (S-1-5-21-2173443285-4263232512-4239572146-1001 - Administrator - Enabled) => C:\Users\Jeff
WDAGUtilityAccount (S-1-5-21-2173443285-4263232512-4239572146-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 20.009.20067 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.387 - Adobe)
Bandicut (HKLM-x32\...\Bandicut) (Version: 3.5.0.599 - Bandicam.com)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: 4.7.0 - Canon Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX2 (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX2) (Version: 2.0.5.3 - Canon Inc.)
Canon IJ Printer Assistant Tool (HKLM-x32\...\Canon IJ Printer Assistant Tool) (Version: 1.00.1.51 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.4.0.16 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.2.0 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.6.4 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.6.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.8.5 - Canon Inc.)
Canon Speed Dial Utility2 (HKLM-x32\...\Speed Dial Utility2) (Version: 2.1.5 - Canon Inc.)
Canon TR8500 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_TR8500_series) (Version: 1.02 - Canon Inc.)
Canon TR8500 series On-screen Manual (HKLM-x32\...\Canon TR8500 series On-screen Manual) (Version: 1.1.0 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.60 - Piriform)
ClickOnce Bootstrapper Package for Microsoft .NET Framework (HKLM-x32\...\{D256A5B9-68DA-4F6C-A447-A93E5639A46D}) (Version: 4.7.03083 - Microsoft Corporation) Hidden
DiagnosticsHub_CollectionService (HKLM\...\{440C5592-4EA5-4772-B256-969D66068843}) (Version: 15.9.28016 - Microsoft Corporation) Hidden
Discord (HKU\S-1-5-21-2173443285-4263232512-4239572146-1001\...\Discord) (Version: 0.0.306 - Discord Inc.)
DVD Decrypter (Remove Only) (HKLM-x32\...\DVD Decrypter) (Version:  - )
DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version:  - DVD Shrink)
DVDFab 9.1.2.2 (08/01/2014) (HKLM-x32\...\DVDFab 9_is1) (Version:  - Fengtao Software Inc.)
Elgato Game Capture HD (HKLM\...\{A6B8F112-F5DC-425A-8D96-B443F7129C74}) (Version: 3.70.42.3042 - Elgato Systems GmbH)
Entity Framework 6.2.0 Tools  for Visual Studio 2017 (HKLM-x32\...\{B843915F-00A1-44B1-994C-1AE0A6400AE3}) (Version: 6.2.61807.0 - Microsoft Corporation) Hidden
Eraser 6.2.0.2986 (HKLM\...\{5227C9E1-58FC-45DE-880C-0E4C3559837D}) (Version: 6.2.2986 - The Eraser Project)
FormatFactory 2.96 (HKLM-x32\...\FormatFactory) (Version: 2.96 - Free Time)
Free Video Cutter (HKLM-x32\...\{94895EA7-873E-4FCB-9C7B-DD3F7019D618}_is1) (Version:  - FreeVideoCutter.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 83.0.4103.116 - Google LLC)
icecap_collection_neutral (HKLM-x32\...\{A3B4D258-74E1-49D6-9A86-2DFEFEE48DEC}) (Version: 15.8.27906 - Microsoft Corporation) Hidden
icecap_collection_x64 (HKLM\...\{E524832A-C567-499A-8872-0D79596E4DEE}) (Version: 15.8.27906 - Microsoft Corporation) Hidden
icecap_collectionresources (HKLM-x32\...\{469961DF-482F-4213-ACD4-4AFD443F2A88}) (Version: 15.8.27924 - Microsoft Corporation) Hidden
icecap_collectionresourcesx64 (HKLM-x32\...\{12246E9A-D1A6-4D96-8CEA-CCFD064B16E2}) (Version: 15.8.27924 - Microsoft Corporation) Hidden
IntelliTraceProfilerProxy (HKLM-x32\...\{ACBAA378-519A-441D-9349-C0AAD8DEAD04}) (Version: 15.0.17289.01 - Microsoft Corporation) Hidden
LAV Filters 0.74.1 (HKLM-x32\...\lavfilters_is1) (Version: 0.74.1 - Hendrik Leppkes)
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.12827.20336 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 83.0.478.58 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.129.31 - )
Microsoft OneDrive (HKU\S-1-5-21-2173443285-4263232512-4239572146-1001\...\OneDriveSetup.exe) (Version: 20.084.0426.0007 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server vNext CTP1.6 (HKLM\...\{98DD6908-C582-452A-954D-E79E6DF0310A}) (Version: 15.0.600.33 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server vNext CTP1.6 (HKLM-x32\...\{640EECB8-1962-4D23-ACB2-310107EC7ED9}) (Version: 15.0.600.33 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.18.1109.411 - Microsoft Corporation)
Mozilla Firefox 78.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 78.0.1 (x64 en-US)) (Version: 78.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 74.0 - Mozilla)
MPC-HC 1.7.13 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.13 - MPC-HC Team)
NordVPN (HKLM-x32\...\{8807BEDC-84ED-4F57-8FBE-EEAA56E01F3A}) (Version: 6.29.9 - NordVPN) Hidden
NordVPN (HKLM-x32\...\NordVPN 6.29.9) (Version: 6.29.9 - NordVPN)
NordVPN network TAP (HKLM-x32\...\{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 - NordVPN)
NordVPN network TUN (HKLM\...\{77DA107A-7AE4-497D-A84A-B143C3A21676}) (Version: 1.0.0 - NordVPN)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.12827.20160 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.12827.20336 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.12827.20160 - Microsoft Corporation) Hidden
Plex Media Server (HKLM-x32\...\{73cb0dd2-c06d-4dfa-a358-9900c518a302}) (Version: 1.19.3.2852 - Plex, Inc.)
Plex Media Server (HKLM-x32\...\{EEA2CB18-B759-4881-A036-9FF83CABE0CB}) (Version: 1.19.2852 - Plex, Inc.) Hidden
Printer Registration (HKLM-x32\...\Canon EISRegistration) (Version: 1.6.0 - Canon Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8010 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 4.1.5 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.1.5 - VS Revo Group, Ltd.)
Roblox Player for Jeff (HKU\S-1-5-21-2173443285-4263232512-4239572146-1001\...\roblox-player) (Version:  - Roblox Corporation)
Serviio (HKLM\...\Serviio) (Version: 2.1 - Six Lines Ltd)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stopping Plex (HKLM-x32\...\{21A1E39F-DB26-4A7D-806D-8E338CE19BF9}) (Version: 1.19.2852 - Plex, Inc.) Hidden
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1258 - SUPERAntiSpyware.com)
Trails from Zero (HKU\S-1-5-21-2173443285-4263232512-4239572146-1001\...\ED_ZERO) (Version:  - )
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
USB Safely Remove 6.1 (HKLM-x32\...\USB Safely Remove_is1) (Version:  - SafelyRemove.com)
vcpp_crt.redist.clickonce (HKLM-x32\...\{253D6AD3-5786-4B3B-B4E1-E082482A1F26}) (Version: 14.16.27033 - Microsoft Corporation) Hidden
VEGAS Pro 14.0 (64-bit) (HKLM\...\{B926966E-0517-11E7-9D65-C2A106E0D44C}) (Version: 14.0.244 - VEGAS)
Visual Studio Enterprise 2017 (HKLM-x32\...\929fe567) (Version: 15.9.28307.960 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.10 - VideoLAN)
VS Immersive Activate Helper (HKLM-x32\...\{54FBC9A9-CCA1-417E-ACA6-203A32A39F37}) (Version: 16.0.95.0 - Microsoft Corporation) Hidden
VS JIT Debugger (HKLM\...\{4B816AD0-D12B-498A-8148-7CBE3ED328DE}) (Version: 16.0.95.0 - Microsoft Corporation) Hidden
vs_BlendMsi (HKLM-x32\...\{C5D83E0F-12E7-4BA3-98E6-DAE0E73B5BF9}) (Version: 15.0.27205 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsi (HKLM-x32\...\{A68D7884-F036-4A0D-AE1A-410E0311E135}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsires (HKLM-x32\...\{91DDDFB5-1782-48C2-BA2A-8F4D9DE39D27}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
vs_clickoncesigntoolmsi (HKLM-x32\...\{6A1ECF65-2CBF-4B33-9D4A-D1C0A0E5FE45}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
vs_codecoveragemsi (HKLM-x32\...\{B2DB38F7-4225-4EA6-A7B2-F9A0E089DD89}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
vs_communitymsi (HKLM-x32\...\{71797C29-380A-492C-B35A-F5E4A7B57BDC}) (Version: 15.9.28307 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{40040E64-50EB-4FCF-B209-DA0B20821759}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_devenvmsi (HKLM-x32\...\{BFFA2FFB-1095-4ADD-A352-368806D2412B}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_enterprisemsi (HKLM-x32\...\{6E0FB913-0E76-44B5-B0D4-2B71A7984BD2}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{A254DA0E-26A1-43C3-95BE-7A24D5599473}) (Version: 15.9.28302 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{1F42A73E-CF26-4D67-BA79-752CA56B639F}) (Version: 15.9.28302 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{A41E138F-5A3F-443C-B72D-957AB994FB5A}) (Version: 15.9.28128 - Microsoft Corporation) Hidden
vs_minshellinteropmsi (HKLM-x32\...\{3A78DA3D-C8D4-429D-B536-6E59A0088451}) (Version: 15.8.27825 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{68B8AD33-CE97-4C3D-9583-669C39D21BA5}) (Version: 15.9.28302 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{6DFE6F8D-B61D-4348-AB70-4ABF1210DFD5}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_networkemulationmsi_x64 (HKLM-x32\...\{674BB892-7904-4B94-8077-9DA3D2CBFC70}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
vs_professionalmsi (HKLM-x32\...\{C135A30B-7258-4E11-8660-87C5642A4AAE}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_SQLClickOnceBootstrappermsi (HKLM-x32\...\{5779B6DD-604A-41CE-BC3D-9D4BDDA22AD2}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
vs_tipsmsi (HKLM-x32\...\{1AC6CC3D-7724-4D84-9270-798A2191AB1C}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.7.7.0 - Azureus Software, Inc.)
WinRAR 5.80 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.80.0 - win.rar GmbH)
ZeroLauncher (HKU\S-1-5-21-2173443285-4263232512-4239572146-1001\...\54166643f5cdc960) (Version: 1.0.1.0 - HP Inc.)
ZeroLauncher (HKU\S-1-5-21-2173443285-4263232512-4239572146-1001\...\d6b1847d788880db) (Version: 1.0.2.411 - Geofront)
Zipware (HKLM-x32\...\{FFAD48D2-3722-44C2-861C-73DB12482773}) (Version: 1.6.0 - Bazwise)
 
Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\microsoft.advertising.xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-12-28] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\microsoft.advertising.xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-12-28] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.5012.0_x64__8wekyb3d8bbwe [2020-05-02] (Microsoft Studios) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
ContextMenuHandlers1: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2019-08-18] (Heidi Computers Ltd -> The Eraser Project)
ContextMenuHandlers1: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FreeTime\FormatFactory\ShellEx64_101.dll [2012-01-20] (Free Time) [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2019-08-18] (Heidi Computers Ltd -> The Eraser Project)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-06-25] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2019-08-18] (Heidi Computers Ltd -> The Eraser Project)
ContextMenuHandlers4: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FreeTime\FormatFactory\ShellEx64_101.dll [2012-01-20] (Free Time) [File not signed]
ContextMenuHandlers5: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2019-08-18] (Heidi Computers Ltd -> The Eraser Project)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a3efb8aa9e9e249a\nvshext.dll [2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2019-08-18] (Heidi Computers Ltd -> The Eraser Project)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-06-25] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2019-03-29] (VS Revo Group Ltd. -> VS Revo Group)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
 
==================== Codecs (Whitelisted) ====================
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
ShortcutWithArgument: C:\Users\Jeff\Desktop\Yahoo.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=bnpnjbjealcpabcenanokcflffolchnm
ShortcutWithArgument: C:\Users\Jeff\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Yahoo.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=bnpnjbjealcpabcenanokcflffolchnm
ShortcutWithArgument: C:\Users\Jeff\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default
 
==================== Loaded Modules (Whitelisted) =============
 
2020-05-27 16:58 - 2020-05-27 16:58 - 000629760 _____ () [File not signed] \\?\C:\Users\Jeff\AppData\Local\Plex Media Server\Codecs\99c90e0-3095-windows-x86\aac_decoder.dll
2020-05-29 15:43 - 2020-05-29 15:43 - 000336384 _____ () [File not signed] \\?\C:\Users\Jeff\AppData\Local\Plex Media Server\Codecs\99c90e0-3095-windows-x86\ac3_decoder.dll
2020-06-01 07:14 - 2020-06-01 07:14 - 000161280 _____ () [File not signed] \\?\C:\Users\Jeff\AppData\Local\Plex Media Server\Codecs\99c90e0-3095-windows-x86\cinepak_decoder.dll
2020-05-28 06:16 - 2020-05-28 06:16 - 000750080 _____ () [File not signed] \\?\C:\Users\Jeff\AppData\Local\Plex Media Server\Codecs\99c90e0-3095-windows-x86\flv_decoder.dll
2020-05-30 08:23 - 2020-05-30 08:23 - 000748544 _____ () [File not signed] \\?\C:\Users\Jeff\AppData\Local\Plex Media Server\Codecs\99c90e0-3095-windows-x86\h263_decoder.dll
2020-05-27 03:41 - 2020-05-27 03:41 - 001558016 _____ () [File not signed] \\?\C:\Users\Jeff\AppData\Local\Plex Media Server\Codecs\99c90e0-3095-windows-x86\h264_decoder.dll
2020-05-27 03:46 - 2020-05-27 03:46 - 000817152 _____ () [File not signed] \\?\C:\Users\Jeff\AppData\Local\Plex Media Server\Codecs\99c90e0-3095-windows-x86\hevc_decoder.dll
2020-05-27 04:08 - 2020-05-27 04:08 - 001799680 _____ () [File not signed] \\?\C:\Users\Jeff\AppData\Local\Plex Media Server\Codecs\99c90e0-3095-windows-x86\libx264_encoder.dll
2020-05-27 17:02 - 2020-05-27 17:02 - 000578560 _____ () [File not signed] \\?\C:\Users\Jeff\AppData\Local\Plex Media Server\Codecs\99c90e0-3095-windows-x86\mp3_decoder.dll
2020-05-28 06:37 - 2020-05-28 06:37 - 000547840 _____ () [File not signed] \\?\C:\Users\Jeff\AppData\Local\Plex Media Server\Codecs\99c90e0-3095-windows-x86\mpeg1video_decoder.dll
2020-05-27 03:49 - 2020-05-27 03:49 - 000559616 _____ () [File not signed] \\?\C:\Users\Jeff\AppData\Local\Plex Media Server\Codecs\99c90e0-3095-windows-x86\mpeg2video_decoder.dll
2020-05-27 03:41 - 2020-05-27 03:41 - 001267200 _____ () [File not signed] \\?\C:\Users\Jeff\AppData\Local\Plex Media Server\Codecs\99c90e0-3095-windows-x86\mpeg4_decoder.dll
2020-05-30 08:08 - 2020-05-30 08:08 - 001496576 _____ () [File not signed] \\?\C:\Users\Jeff\AppData\Local\Plex Media Server\Codecs\99c90e0-3095-windows-x86\msmpeg4v1_decoder.dll
2020-05-28 08:07 - 2020-05-28 08:07 - 001496576 _____ () [File not signed] \\?\C:\Users\Jeff\AppData\Local\Plex Media Server\Codecs\99c90e0-3095-windows-x86\msmpeg4v2_decoder.dll
2020-05-27 03:49 - 2020-05-27 03:49 - 001496576 _____ () [File not signed] \\?\C:\Users\Jeff\AppData\Local\Plex Media Server\Codecs\99c90e0-3095-windows-x86\msmpeg4v3_decoder.dll
2020-06-04 08:19 - 2020-06-04 08:19 - 001604096 _____ () [File not signed] \\?\C:\Users\Jeff\AppData\Local\Plex Media Server\Codecs\99c90e0-3095-windows-x86\rv30_decoder.dll
2020-05-28 06:17 - 2020-05-28 06:17 - 001793024 _____ () [File not signed] \\?\C:\Users\Jeff\AppData\Local\Plex Media Server\Codecs\99c90e0-3095-windows-x86\rv40_decoder.dll
2020-05-28 06:19 - 2020-05-28 06:19 - 002117120 _____ () [File not signed] \\?\C:\Users\Jeff\AppData\Local\Plex Media Server\Codecs\99c90e0-3095-windows-x86\vc1_decoder.dll
2020-05-28 06:12 - 2020-05-28 06:12 - 000286720 _____ () [File not signed] \\?\C:\Users\Jeff\AppData\Local\Plex Media Server\Codecs\99c90e0-3095-windows-x86\vp6f_decoder.dll
2020-05-28 01:17 - 2020-05-28 01:17 - 000573952 _____ () [File not signed] \\?\C:\Users\Jeff\AppData\Local\Plex Media Server\Codecs\99c90e0-3095-windows-x86\vp8_decoder.dll
2020-05-27 17:29 - 2020-05-27 17:29 - 001717248 _____ () [File not signed] \\?\C:\Users\Jeff\AppData\Local\Plex Media Server\Codecs\99c90e0-3095-windows-x86\vp9_decoder.dll
2020-05-28 08:16 - 2020-05-28 08:16 - 001496576 _____ () [File not signed] \\?\C:\Users\Jeff\AppData\Local\Plex Media Server\Codecs\99c90e0-3095-windows-x86\wmv1_decoder.dll
2020-05-28 07:11 - 2020-05-28 07:11 - 001655296 _____ () [File not signed] \\?\C:\Users\Jeff\AppData\Local\Plex Media Server\Codecs\99c90e0-3095-windows-x86\wmv2_decoder.dll
2020-05-28 06:09 - 2020-05-28 06:09 - 002117120 _____ () [File not signed] \\?\C:\Users\Jeff\AppData\Local\Plex Media Server\Codecs\99c90e0-3095-windows-x86\wmv3_decoder.dll
2019-12-28 21:28 - 2016-10-21 16:06 - 000318976 _____ (CANON INC) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\scchmpm.dll
2020-04-21 13:49 - 2017-07-05 13:49 - 000593920 _____ (CANON INC.) [File not signed] [File is in use] C:\Program Files (x86)\Canon\Quick Menu\CNQMMWRP.dll
2019-12-28 21:28 - 2016-12-01 09:23 - 000219648 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\cnmpu2.dll
2019-12-28 21:28 - 2016-12-09 11:09 - 000008192 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNS2_ENU.DLL
2019-12-28 21:28 - 2016-12-09 11:09 - 000104960 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNS2_IMG.dll
2020-04-21 13:49 - 2017-07-05 13:43 - 000561152 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\Quick Menu\CCL.dll
2012-01-20 04:45 - 2012-01-20 04:45 - 000086016 _____ (Free Time) [File not signed] C:\Program Files (x86)\FreeTime\FormatFactory\ShellEx64_101.dll
2020-04-09 15:13 - 2020-04-09 15:13 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll
2020-04-09 15:13 - 2020-04-09 15:13 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\c2r64.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Users\Jeff\Downloads\ChromeSetup.exe:SmartScreen [7]
 
==================== Safe Mode (Whitelisted) ==================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer trusted/restricted ==========
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2019-12-28 16:37 - 2019-12-28 16:35 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2173443285-4263232512-4239572146-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is disabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
HKLM\...\StartupApproved\Run: => "Eraser"
HKU\S-1-5-21-2173443285-4263232512-4239572146-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2173443285-4263232512-4239572146-1001\...\StartupApproved\Run: => "SUPERAntiSpyware"
HKU\S-1-5-21-2173443285-4263232512-4239572146-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{54E13CD8-3892-4A35-8D3B-52A8042661F5}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{899EB95E-48F9-4A7C-992C-22659E735911}] => (Allow) C:\Program Files\Vuze\Azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [{553543B8-604A-4A8B-93B6-1F77DBC732AE}] => (Allow) C:\Program Files\Vuze\Azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [TCP Query User{5337C202-5287-4E9A-ACEE-B15913202BA7}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{9B152596-0067-4D75-86D1-4B12DE9D4049}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{9E92EAA1-DBB5-4468-9737-4C5A39DCEC56}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{352857E7-7C47-4555-962E-276752D99C88}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{02631DA3-7CCB-487E-A184-596AA137B1D7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{CC9E5712-0778-4A0C-9649-90A432C4F990}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trails in the Sky FC\ed6_win_DX9.exe (Nihon Falcom Corporation) [File not signed]
FirewallRules: [{46BF0624-31C4-4F7B-ADFB-598E06FAD361}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trails in the Sky FC\ed6_win_DX9.exe (Nihon Falcom Corporation) [File not signed]
FirewallRules: [{769FF108-EE91-44F5-8A85-FFC836F6A203}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trails in the Sky FC\Config_DX9.exe (Nihon Falcom Corporation) [File not signed]
FirewallRules: [{5DBE79D1-BF09-415F-B0F1-31ACA9CA3209}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trails in the Sky FC\Config_DX9.exe (Nihon Falcom Corporation) [File not signed]
FirewallRules: [{0CBD9F01-7242-4F72-BB8F-092760BBA72C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trails in the Sky FC\ed6_win.exe (Nihon Falcom Corporation) [File not signed]
FirewallRules: [{8A403B9D-D762-4C1A-A16B-256700C82030}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trails in the Sky FC\ed6_win.exe (Nihon Falcom Corporation) [File not signed]
FirewallRules: [{7CA4E3A8-A0B2-4A0C-AEB3-88E2878ACF1B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trails in the Sky FC\Config.exe (Nihon Falcom Corporation) [File not signed]
FirewallRules: [{96E8631F-6F2E-4BE9-9818-1E1A2DC6DD5C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trails in the Sky FC\Config.exe (Nihon Falcom Corporation) [File not signed]
FirewallRules: [{B2031626-1C04-428D-A73A-792850C3703A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trails in the Sky SC\ed6_win2_DX9.exe (Nihon Falcom Corporation) [File not signed]
FirewallRules: [{B6A10EB2-E758-46B1-B05D-101E9FFC8D5E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trails in the Sky SC\ed6_win2_DX9.exe (Nihon Falcom Corporation) [File not signed]
FirewallRules: [{D1E3DCEA-746D-426C-9497-B6F45A019626}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trails in the Sky SC\Config2_DX9.exe (Nihon Falcom Corporation) [File not signed]
FirewallRules: [{7EAEECAE-5EC5-4416-94D8-16AFE9C01D7D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trails in the Sky SC\Config2_DX9.exe (Nihon Falcom Corporation) [File not signed]
FirewallRules: [{4365F4E0-0B01-4273-AA63-B126829938AF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trails in the Sky SC\ed6_win2.exe (Nihon Falcom Corporation) [File not signed]
FirewallRules: [{AF483319-0A36-48B0-96C2-D8C68CBA192C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trails in the Sky SC\ed6_win2.exe (Nihon Falcom Corporation) [File not signed]
FirewallRules: [{486CDBCF-F7F5-45E8-A897-87671D2333BB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trails in the Sky SC\Config2.exe (Nihon Falcom Corporation) [File not signed]
FirewallRules: [{AB9E2523-C6F3-49E8-A1E2-FDFF7B8CC721}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trails in the Sky SC\Config2.exe (Nihon Falcom Corporation) [File not signed]
FirewallRules: [{31DAC3EB-2627-4963-A749-82DF9B4B71A9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trails in the Sky the 3rd\ed6_win3_DX9.exe (Nihon Falcom Corporation) [File not signed]
FirewallRules: [{D42E312E-12CA-48B2-B8BB-1093386D511E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trails in the Sky the 3rd\ed6_win3_DX9.exe (Nihon Falcom Corporation) [File not signed]
FirewallRules: [{D04B4EB5-7C22-4522-A50B-F80CE72213E1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trails in the Sky the 3rd\Config3_DX9.exe (Nihon Falcom Corporation) [File not signed]
FirewallRules: [{3060E599-446D-4043-829B-E9B1BDCA077C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trails in the Sky the 3rd\Config3_DX9.exe (Nihon Falcom Corporation) [File not signed]
FirewallRules: [{FC3406C1-7582-4B63-9069-BADAF19E6543}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trails in the Sky the 3rd\ed6_win3.exe (Nihon Falcom Corporation) [File not signed]
FirewallRules: [{F39C20E4-D21B-4FA0-B856-7C3EFC90F323}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trails in the Sky the 3rd\ed6_win3.exe (Nihon Falcom Corporation) [File not signed]
FirewallRules: [{371FE411-D186-47C5-87EA-7018DFEB1CF5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trails in the Sky the 3rd\Config3.exe (Nihon Falcom Corporation) [File not signed]
FirewallRules: [{31F0983D-D56F-44DE-861A-2FEDC46F3C7C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trails in the Sky the 3rd\Config3.exe (Nihon Falcom Corporation) [File not signed]
FirewallRules: [{78631280-15B2-4F02-95E1-2B0243285385}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Muv-Luv\muvluv16.exe (IXTL) [File not signed]
FirewallRules: [{18183D78-1B9C-4FB8-B1EF-6252BCDCBF34}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Muv-Luv\muvluv16.exe (IXTL) [File not signed]
FirewallRules: [{8CC38ACC-C901-41FD-9FD7-1080A40E09F2}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{6AB59D1C-4D70-44A6-9A04-B48002E63871}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{536AB6F4-0D6E-4753-9D78-1319B9FFA18D}] => (Allow) C:\Program Files\Serviio\bin\ServiioService.exe () [File not signed]
FirewallRules: [{73BB18B9-A3FF-4A5A-B9A2-DFEFFF687D62}] => (Allow) C:\Program Files\Serviio\bin\ServiioService.exe () [File not signed]
FirewallRules: [{1BF2D6AB-8E4F-4541-91F8-75C4A5799311}] => (Allow) C:\Program Files\Serviio\console\ServiioConsole.exe (Six Lines Ltd) [File not signed]
FirewallRules: [{AFBBD69A-8ED8-4B9B-A447-14A2A37CA5A4}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe (Plex, Inc. -> Plex, Inc.)
FirewallRules: [{6E629058-6E90-4E17-AFF8-3E6F18D3E671}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe (Plex, Inc. -> Python Software Foundation)
FirewallRules: [{9B8C5963-8109-4043-AB0A-07882F08030E}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex DLNA Server.exe (Plex, Inc. -> Plex, Inc.)
FirewallRules: [{30810D0D-EC5A-4F88-9692-BCBCF0DC567B}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Tuner Service.exe (Plex, Inc. -> )
FirewallRules: [{1317BAEB-84A2-4A3E-B3EA-780F5FA25F36}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
 
==================== Restore Points =========================
 
04-07-2020 15:48:00 Removed Google Update Helper
 
==================== Faulty Device Manager Devices ============
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (07/04/2020 04:01:17 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1676,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
 
Error: (07/04/2020 03:53:55 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4304,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
 
Error: (07/04/2020 03:00:10 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (17120,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
 
Error: (07/04/2020 04:54:30 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8804,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
 
Error: (07/04/2020 03:05:14 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (16416,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
 
Error: (07/04/2020 02:25:44 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (16908,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
 
Error: (07/04/2020 01:52:38 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (14652,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
 
Error: (07/04/2020 12:53:31 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5264,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
 
 
System errors:
=============
Error: (07/04/2020 03:48:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The ZAM Controller Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (07/04/2020 03:38:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The nordvpn-service service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
Error: (07/04/2020 03:37:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Modules Installer service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
 
Error: (07/04/2020 03:37:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Steam Client Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (07/04/2020 03:37:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
 
Error: (07/04/2020 03:37:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Serviio service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (07/04/2020 03:37:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The ZAM Controller Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (07/04/2020 03:37:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Adobe Acrobat Update Service service terminated unexpectedly.  It has done this 1 time(s).
 
 
CodeIntegrity:
===================================
 
Date: 2020-07-02 14:52:26.131
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume7\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume7\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-07-02 14:52:13.839
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume7\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume7\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-07-02 14:52:09.677
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume7\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume7\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-07-02 14:51:34.785
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume7\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume7\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-07-02 14:51:25.506
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume7\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume7\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-07-02 14:51:24.926
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume7\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume7\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-07-02 14:51:23.248
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume7\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume7\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-07-02 14:51:22.931
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume7\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume7\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
 
==================== Memory info =========================== 
 
BIOS: American Megatrends Inc. V1.13 02/16/2016
Motherboard: MSI Z97 GAMING 5 (MS-7917)
Processor: Intel® Core™ i5-4430 CPU @ 3.00GHz
Percentage of memory in use: 19%
Total physical RAM: 32716.79 MB
Available physical RAM: 26220.83 MB
Total Virtual: 34764.79 MB
Available Virtual: 28201.47 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:231.5 GB) (Free:111.95 GB) NTFS
Drive d: (Anime Drive 10) (Fixed) (Total:3726.02 GB) (Free:311.62 GB) NTFS
Drive e: (H videos) (Fixed) (Total:3725.9 GB) (Free:291.49 GB) NTFS
Drive f: (Anime Drive 9) (Fixed) (Total:3725.9 GB) (Free:169.53 GB) NTFS
Drive g: () (Fixed) (Total:931.29 GB) (Free:56.45 GB) NTFS
Drive i: (Misc Drive) (Fixed) (Total:5589 GB) (Free:758.83 GB) NTFS
Drive j: (Anime Drive 4) (Fixed) (Total:1863.01 GB) (Free:48.57 GB) NTFS
Drive k: (Anime Drive 3) (Fixed) (Total:1862.98 GB) (Free:137.79 GB) NTFS
Drive l: (Anime Drive 8) (Fixed) (Total:1862.98 GB) (Free:87.97 GB) NTFS
Drive m: (Anime OVA Drive) (Fixed) (Total:1863.01 GB) (Free:184.9 GB) NTFS
Drive n: (Anime Drive 7) (Fixed) (Total:2794.51 GB) (Free:416.62 GB) NTFS
Drive o: (Anime Drive 5) (Fixed) (Total:1863.02 GB) (Free:265.44 GB) NTFS
Drive p: (Anime Drive 2) (Fixed) (Total:1862.36 GB) (Free:52.49 GB) NTFS
Drive q: (Movie Database) (Fixed) (Total:3726.01 GB) (Free:1792.01 GB) NTFS
Drive r: (WD SmartWare) (CDROM) (Total:0.43 GB) (Free:0 GB) UDF
 
\\?\Volume{0f31a190-fb66-489c-8c04-ba608e96b750}\ (Recovery) (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{d2c1f802-c8ab-4171-8f07-d3f4c6d8b1ac}\ () (Fixed) (Total:0.83 GB) (Free:0.41 GB) NTFS
\\?\Volume{4a328854-32e7-42ae-9c9a-8b29bdebc0ce}\ () (Fixed) (Total:0 GB) (Free:0 GB) 
\\?\Volume{82229a9c-1fc4-40ed-8424-2dcd096f2061}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
\\?\Volume{1d8fcae8-164c-47bc-878d-e18900b90343}\ () (Fixed) (Total:0.09 GB) (Free:0.08 GB) FAT32
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (Protective MBR) (Size: 3726 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
==========================================================
Disk: 1 (Size: 3726 GB) (Disk ID: 16F2A91F)
 
Partition: GPT.
 
==========================================================
Disk: 2 (Protective MBR) (Size: 232.9 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
==========================================================
Disk: 3 (Protective MBR) (Size: 3726 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
==========================================================
Disk: 4 (Protective MBR) (Size: 3726 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
==========================================================
Disk: 5 (Size: 931.5 GB) (Disk ID: 805F9C05)
 
Partition: GPT.
 
==========================================================
Disk: 6 (Size: 5589 GB) (Disk ID: 16F2A91F)
 
Partition: GPT.
 
==========================================================
Disk: 7 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: D778A451)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 8.
 
==========================================================
Disk: 9 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: 2179637F)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
 
==========================================================
Disk: 10 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: 000E63A1)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
 
==========================================================
Disk: 11 (Size: 1862.4 GB) (Disk ID: 41557A8E)
Partition 1: (Not Active) - (Size=1862.4 GB) - (Type=07 NTFS)
 
==========================================================
Disk: 12 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: 00020FC3)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
 
==========================================================
Disk: 13 (Size: 1863 GB) (Disk ID: CDE5FBB7)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt =======================

Edited by jeff matthews, 04 July 2020 - 05:15 PM.


#12 Satchfan

Satchfan

    SuperHelper

  • Malware Team
  • 6,753 posts
  • Interests:LFC, music, more LFC, more music

Posted 04 July 2020 - 05:54 PM

So you are saying my Computer is clean? There are no virus infections at all?

Yes but I'll check the new logs again thoroughly anyway.

 

One of the things that I was concerned about was what Emisoft found as 2 specific trojan varients.

I’m pretty sure they are false-positives thown up by BitDefender’s scanning engine, (used by Emsisoft).

I think we’ll use a different scan other than Emsisoft.

===================================================

Turn on Windows Security Real-Time Protection

Windows Swcurity, (Windows Defender as was), needs to be enabled as you have no current antivirus, (AV), running on your compuer.

  • click on Start, > Settings,  > Update & Security > Windows Security > Virus & threat protection
  • do one of the following:

In the current version of Windows 10: under 'Virus & threat protection' settings, select Manage settings and then switch the Real-time protection setting to On

In previous versions of Windows 10: select 'Virus & threat protection' settings, and then switch the Real-time protection setting to On.

===================================================

Download ESET Online Scanner and save it to your desktop.

  • right-click on esetonlinescanner_enu.exe and select Run as Administrator.
  • when the tool opens, click Get Started.
  • read and accept the license agreement.
  • at the Welcome to ESET Online Scanner window, click Get Started.
  • select whether you would like to send anonymous data to ESET.
  • Note: if you see the "Welcome Back to ESET Online Scanner" screen, click Computer Scan > Full Scan.
  • click on the Full Scan option.
  • select Enable ESET to detect and remove potentially unwanted applications, then click Start scan.
  • ESET will now begin scanning your computer. This may take some time.
  • when the scan is finished and if threats have been detected, select Save scan log. Save it to your desktop as eset.txt. Click on Continue.
  • ESET Online Scanner may ask if you'd like to turn on the Periodic Scan feature: click on Continue.
  • on the next screen, you can leave feedback about the program if you wish. Check the box for Delete application data on closing. If you left feedback, click Submit and continue. If not, Close without feedback.
  • open the scan log on your desktop (eset.txt) and copy and paste its contents into your next reply.

 

It's late again here Jeff but the Eset scan will take time anyway.

 

Meanwhile, I'll check your logs and reply tomorrow, after you have given me the result of the scan.

 

Satchfan


NINA - Proud graduate of the WTT Classroom

Member of UNITE

The help you receive here is free but if you feel I have helped, you may consider making a Donation.

#13 jeff matthews

jeff matthews

    Advanced Member

  • Authentic Member
  • PipPipPipPip
  • 768 posts

Posted 04 July 2020 - 06:08 PM

ok sounds good. Yeah i usually use ESET as a deeper system scan to identify any other remnants of anything left over but it takes a LONG time for a full scan at least from my experiences but I am scanning it currently right now and I'll post the results in my next reply, thank you. 


Edited by jeff matthews, 04 July 2020 - 06:09 PM.


#14 Satchfan

Satchfan

    SuperHelper

  • Malware Team
  • 6,753 posts
  • Interests:LFC, music, more LFC, more music

Posted 04 July 2020 - 06:11 PM

No problem.


NINA - Proud graduate of the WTT Classroom

Member of UNITE

The help you receive here is free but if you feel I have helped, you may consider making a Donation.

#15 jeff matthews

jeff matthews

    Advanced Member

  • Authentic Member
  • PipPipPipPip
  • 768 posts

Posted 05 July 2020 - 02:03 AM

I just want to add that I am getting some unusual stuttering issues and my video is cutting out. Something is not right, things are slowing down to a crawl during specific times. Although the scans on ESET mostly look like false positive and or Pups that are not harmful and some remnants of old torrent exe files that i used many years ago. I don't use Utorrent anymore, i use vuze. so I am not sure what is causing this but ill let you decide what the next course of action to take is. Maybe some of my video drivers or extensions/addons for my browsers got corropted? It seems to happen when I am playing video's and streams on my browser. 

 

 

Here is the LOG from ESET:

 

 

 

7/4/2020 23:10:22 PM
Files scanned: 1737287
Detected files: 90
Cleaned files: 90
Total scan time 03:32:04
Scan status: Finished
 
 
C:\Users\Jeff\Documents\Documents\Virus Removal Tools\ccsetup541.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting
C:\Users\Jeff\Documents\Documents\Virus Removal Tools\disk-defrag-setup.exe a variant of Win32/Auslogics.AA potentially unwanted application cleaned by deleting
C:\Users\Jeff\Documents\Documents\Virus Removal Tools\uTorrent.exe a variant of Win32/uTorrent.C potentially unwanted application,a variant of MSIL/WebCompanion.A potentially unwanted application,a variant of Win32/WebCompanion.B potentially unwanted application cleaned by deleting
C:\Users\Jeff\Documents\Documents\utorrent-3.3.1-build-30017.exe a variant of Win32/uTorrent.C potentially unwanted application cleaned by deleting
E:\X Movies\ForeignFilms.net\ccsetup541 (1).exe Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting
E:\X Movies\ForeignFilms.net\ccsetup541 (2).exe Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting
E:\X Movies\ForeignFilms.net\ccsetup541.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting
E:\X Movies\ForeignFilms.net\disk-defrag-setup.exe a variant of Win32/Auslogics.AA potentially unwanted application cleaned by deleting
E:\X Movies\ForeignFilms.net\utorrent-3-5-1-build-44332.exe a variant of Win32/uTorrent.C potentially unwanted application,a variant of MSIL/WebCompanion.A potentially unwanted application,a variant of Win32/WebCompanion.B potentially unwanted application cleaned by deleting
E:\X Movies\ForeignFilms.net\uTorrent.exe MSIL/WebCompanion.A potentially unwanted application cleaned by deleting
E:\X Movies\FFSetup.exe Win32/FusionCore.L potentially unwanted application,a variant of Win32/FusionCore.L potentially unwanted application cleaned by deleting
E:\X Movies\FFSetup3.9.5.0.exe Win32/FusionCore.L potentially unwanted application,a variant of Win32/FusionCore.L potentially unwanted application cleaned by deleting
E:\formatfactory-4-5-0-0.exe a variant of Win32/FusionCore.AD potentially unwanted application cleaned by deleting
F:\Back up playstation\Back-up Laptop\Documents\Back-Up ASUS Laptop\Desktop\Utorrent\utorrent-3.3.1-build-30017.exe a variant of Win32/uTorrent.C potentially unwanted application cleaned by deleting
F:\Back up playstation\Back-up Laptop\Documents\Back-Up ASUS Laptop\Desktop\utorrent-3-3-build-29126-es-en-br-fr-de-it-cn-jp-ar-ru-win.exe a variant of Win32/uTorrent.C potentially unwanted application cleaned by deleting
F:\Back up playstation\Back-up Laptop\Documents\Back-Up ASUS Laptop\Documents\cpu-z_1.60.1-setup-en.exe a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application,a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application cleaned by deleting
F:\Back up playstation\Back-up Laptop\Documents\Back-Up ASUS Laptop\downloads\ccsetup418.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting
F:\Back up playstation\Back-up Laptop\Documents\Back-Up ASUS Laptop\downloads\SetupImgBurn_2.5.8.0.exe Win32/FusionCore.L potentially unwanted application,a variant of Win32/FusionCore.L potentially unwanted application cleaned by deleting
F:\Back up playstation\Back-up Laptop\Documents\Back-Up ASUS Laptop\downloads\utorrent-3.3.1-build 30003.exe a variant of Win32/uTorrent.C potentially unwanted application cleaned by deleting
F:\Back up playstation\Back-up Laptop\Documents\Back-Up ASUS Laptop\downloads\uTorrent.exe a variant of Win32/uTorrent.C potentially unwanted application cleaned by deleting
F:\Back up playstation\Back-up Laptop\Downloads\Downloads\utorrent_2.2.1.exe a variant of Win32/uTorrent.D potentially unwanted application cleaned by deleting
G:\Back-up Laptop\Documents\Back-Up Laptop\Desktop\Utorrent\utorrent-3.3.1-build-30017.exe a variant of Win32/uTorrent.C potentially unwanted application cleaned by deleting
G:\Back-up Laptop\Documents\Back-Up Laptop\Desktop\utorrent-3-3-build-29126-es-en-br-fr-de-it-cn-jp-ar-ru-win.exe a variant of Win32/uTorrent.C potentially unwanted application cleaned by deleting
G:\Back-up Laptop\Documents\Back-Up Laptop\Documents\cpu-z_1.60.1-setup-en.exe a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application,a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application cleaned by deleting
G:\Back-up Laptop\Documents\Back-Up Laptop\downloads\ccsetup418.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting
G:\Back-up Laptop\Documents\Back-Up Laptop\downloads\SetupImgBurn_2.5.8.0.exe Win32/FusionCore.L potentially unwanted application,a variant of Win32/FusionCore.L potentially unwanted application cleaned by deleting
G:\Back-up Laptop\Documents\Back-Up Laptop\downloads\utorrent-3.3.1-build 30003.exe a variant of Win32/uTorrent.C potentially unwanted application cleaned by deleting
G:\Back-up Laptop\Documents\Back-Up Laptop\downloads\uTorrent.exe a variant of Win32/uTorrent.C potentially unwanted application cleaned by deleting
G:\Back-up Laptop\Downloads\Downloads\utorrent_2.2.1.exe a variant of Win32/uTorrent.D potentially unwanted application cleaned by deleting
G:\Back-up Laptop\Downloads\ccsetup418.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting
G:\Back-up Laptop\Downloads\Setup_WinThruster_2015.exe Win32/Systweak potentially unwanted application cleaned by deleting
G:\Back-up Laptop\Downloads\uTorrent (1).exe a variant of Win32/uTorrent.C potentially unwanted application cleaned by deleting
G:\Back-up Laptop\Downloads\utorrent-3.3.1-build 30003.exe a variant of Win32/uTorrent.C potentially unwanted application cleaned by deleting
G:\Back-up Laptop\Downloads\uTorrent.exe a variant of Win32/uTorrent.C potentially unwanted application cleaned by deleting
G:\Desktop\Documents\Anime Torrents [2016]\spsetup129.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting
G:\Desktop\Documents\Utorrent\utorrent-3.3.1-build-30017.exe a variant of Win32/uTorrent.C potentially unwanted application cleaned by deleting
G:\Documents\Clutter\Antivirus and maleware tools\disk-defrag-setup.exe a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application,a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application cleaned by deleting
G:\Documents\Clutter\Antivirus and maleware tools\PS_AIO_05_C309a_Net_Full_Win_enu_140_047.exe a variant of Win32/Adware.Coupons.AA application cleaned by deleting
G:\Documents\Programs\FFSetup296\FFSetup296.exe multiple threats,a variant of Win32/Hao123.A potentially unwanted application,a variant of Win32/Adware.ELEX.PIS application,a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application,a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application cleaned by deleting
G:\Documents\Programs\cpu-z_1.60.1-setup-en.exe a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application,a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application cleaned by deleting
G:\Documents\Programs\ffortsetup.exe a variant of Win32/Toolbar.Conduit.H potentially unwanted application deleted
G:\Documents\Programs\Nero-9.4.12.3d_free.exe Win32/Toolbar.AskSBar potentially unwanted application cleaned by deleting
G:\Documents\Programs\utorrent.exe a variant of Win32/uTorrent.D potentially unwanted application cleaned by deleting
G:\Documents\Virus and Removal Tools\disk-defrag-setup.exe a variant of Win32/Auslogics.AA potentially unwanted application cleaned by deleting
G:\Documents\X\Stories\disk-defrag-setup.exe a variant of Win32/Toolbar.Widgi.N potentially unwanted application,a variant of Win32/Auslogics.C potentially unwanted application,a variant of Win32/Auslogics.AA potentially unwanted application cleaned by deleting
G:\Local Disk E Backup Files\Back up's\Back up main Desktop Clean Pc\cbsidlm-cbsi188-FormatFactory-SEO-10968547.exe a variant of Win32/CNETInstaller.B potentially unwanted application cleaned by deleting
G:\Local Disk E Backup Files\Back up's\Back up main Desktop Clean Pc\cbsidlm-cbsi188-SpeedFan-SEO-10067444.exe a variant of Win32/CNETInstaller.B potentially unwanted application cleaned by deleting
G:\Local Disk E Backup Files\Back up's\Back up main Desktop Clean Pc\disk-defrag-setup.exe a variant of Win32/Toolbar.Widgi.N potentially unwanted application cleaned by deleting
G:\Local Disk E Backup Files\Back up's\Back Up Main Desktop Computer\Desktop\usb back up\PS_AIO_05_C309a_Net_Full_Win_enu_140_047.exe a variant of Win32/Adware.Coupons.AA application cleaned by deleting
G:\Local Disk E Backup Files\Back up's\Back Up Main Desktop Computer\Desktop\Utorrent\utorrent-3.3.1-build-30017.exe a variant of Win32/uTorrent.C potentially unwanted application cleaned by deleting
G:\Local Disk E Backup Files\Back up's\Back Up Main Desktop Computer\downloads\ccsetup418.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting
G:\Local Disk E Backup Files\Back up's\Back Up Main Desktop Computer\downloads\utorrent-3.3.1-build 30003.exe a variant of Win32/uTorrent.C potentially unwanted application cleaned by deleting
G:\Local Disk E Backup Files\Back up's\Back Up Main Desktop Computer\downloads\uTorrent.exe a variant of Win32/uTorrent.C potentially unwanted application cleaned by deleting
G:\Local Disk E Backup Files\Users\JEFF\AppData\Roaming\RHEng\0F45E2F91C06415F8DC3BF9A1D396B6C\WcInstaller.exe a variant of MSIL/WebCompanion.C potentially unwanted application cleaned by deleting
G:\Local Disk E Backup Files\Users\JEFF\AppData\Roaming\uTorrent\updates\3.3.1_30017.exe a variant of Win32/uTorrent.C potentially unwanted application cleaned by deleting
G:\Local Disk E Backup Files\Users\JEFF\AppData\Roaming\uTorrent\updates\3.4.2_39744.exe a variant of Win32/uTorrent.C potentially unwanted application cleaned by deleting
G:\Local Disk E Backup Files\Users\JEFF\AppData\Roaming\uTorrent\updates\3.4.3_40097.exe a variant of Win32/uTorrent.C potentially unwanted application cleaned by deleting
G:\Local Disk E Backup Files\Users\JEFF\AppData\Roaming\uTorrent\updates\3.4.3_40298.exe a variant of Win32/uTorrent.C potentially unwanted application cleaned by deleting
G:\Local Disk E Backup Files\Users\JEFF\AppData\Roaming\uTorrent\updates\3.4.3_40760.exe a variant of Win32/uTorrent.C potentially unwanted application cleaned by deleting
G:\Local Disk E Backup Files\Users\JEFF\AppData\Roaming\uTorrent\updates\3.4.5_41372.exe a variant of Win32/uTorrent.C potentially unwanted application cleaned by deleting
G:\Local Disk E Backup Files\Users\JEFF\AppData\Roaming\uTorrent\uTorrent.exe a variant of Win32/uTorrent.C potentially unwanted application cleaned by deleting
G:\Local Disk E Backup Files\Users\JEFF\Downloads\Massive OVA Collection\utorrent_2.2.1.exe a variant of Win32/uTorrent.D potentially unwanted application cleaned by deleting
G:\Local Disk E Backup Files\Users\JEFF\Downloads\Massive OVA Collection\utorrent_2.2.1_build_25302.exe a variant of Win32/uTorrent.D potentially unwanted application cleaned by deleting
G:\Local Disk E Backup Files\Users\JEFF\Downloads\Massive OVA Collection\utorrent_3.0.exe a variant of Win32/uTorrent.D potentially unwanted application cleaned by deleting
G:\Local Disk E Backup Files\Users\JEFF\Downloads\Massive OVA Collection\uTorrent_3.1.3_build_27220.exe a variant of Win32/Toolbar.Conduit.AY potentially unwanted application cleaned by deleting
G:\Local Disk E Backup Files\Users\JEFF\Downloads\utorrent_2.2.1.exe a variant of Win32/uTorrent.D potentially unwanted application cleaned by deleting
G:\Local Disk E Backup Files\Users\JEFF\Downloads\utorrent_2.2.1_build_25302.exe a variant of Win32/uTorrent.D potentially unwanted application cleaned by deleting
G:\Local Disk E Backup Files\Users\JEFF\Downloads\utorrent_3.0.exe a variant of Win32/uTorrent.D potentially unwanted application cleaned by deleting
G:\Local Disk E Backup Files\Users\JEFF\Downloads\uTorrent_3.1.3_build_27220.exe a variant of Win32/Toolbar.Conduit.AY potentially unwanted application cleaned by deleting
I:\$RECYCLE.BIN\S-1-5-21-1870932749-3697413752-2901118604-1001\$RSPABZH\Emulators\fba64_029743\Sega Genesis RPG ROMS\Barver Battle Saga - The Space Fighter (Chinese)_4223233743.exe Win32/InstallCore.Gen.A potentially unwanted application cleaned by deleting
I:\$RECYCLE.BIN\S-1-5-21-1870932749-3697413752-2901118604-1001\$RSPABZH\Emulators\CR_Downloader_for_3do-bios_2532238113.exe Win32/InstallCore.Gen.A potentially unwanted application cleaned by deleting
I:\Laptop Back-up\Downloads Folder\Downloads\utorrent_2.2.1.exe a variant of Win32/uTorrent.D potentially unwanted application cleaned by deleting
I:\Laptop Back-up\Downloads Folder\uTorrent (1).exe a variant of Win32/uTorrent.C potentially unwanted application cleaned by deleting
I:\Laptop Back-up\Downloads Folder\uTorrent.exe a variant of Win32/uTorrent.C potentially unwanted application cleaned by deleting
I:\Laptop Back-up\Ice Cream Cake Recipee\Downloads\Downloads\utorrent_2.2.1.exe a variant of Win32/uTorrent.D potentially unwanted application cleaned by deleting
I:\Laptop Back-up\Ice Cream Cake Recipee\Downloads\ccsetup418.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting
I:\Laptop Back-up\Ice Cream Cake Recipee\Downloads\cpu-z_1.60.1-setup-en.exe a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application,a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application cleaned by deleting
I:\Laptop Back-up\Ice Cream Cake Recipee\Downloads\FFSetup.exe Win32/FusionCore.L potentially unwanted application,a variant of Win32/FusionCore.L potentially unwanted application cleaned by deleting
I:\Laptop Back-up\Ice Cream Cake Recipee\Downloads\FFSetup3.9.5.0.exe Win32/FusionCore.L potentially unwanted application,a variant of Win32/FusionCore.L potentially unwanted application cleaned by deleting
I:\Laptop Back-up\Ice Cream Cake Recipee\Downloads\formatfactory-4-5-0-0.exe a variant of Win32/FusionCore.AD potentially unwanted application cleaned by deleting
I:\Laptop Back-up\Ice Cream Cake Recipee\Downloads\Setup_WinThruster_2015.exe Win32/Systweak potentially unwanted application cleaned by deleting
I:\Laptop Back-up\Ice Cream Cake Recipee\Downloads\uTorrent (1).exe a variant of Win32/uTorrent.C potentially unwanted application cleaned by deleting
I:\Laptop Back-up\Ice Cream Cake Recipee\Downloads\utorrent-3.3.1-build 30003.exe a variant of Win32/uTorrent.C potentially unwanted application cleaned by deleting
I:\Laptop Back-up\Ice Cream Cake Recipee\Downloads\uTorrent.exe a variant of Win32/uTorrent.C potentially unwanted application cleaned by deleting
I:\Laptop Back-up\Ice Cream Cake Recipee\Downloads\utorrent_2.2.1.exe a variant of Win32/uTorrent.D potentially unwanted application cleaned by deleting
I:\Laptop Back-up\Ice Cream Cake Recipee\Downloads\utorrent_2.2.1_build_25302.exe a variant of Win32/uTorrent.D potentially unwanted application cleaned by deleting
I:\Laptop Back-up\Ice Cream Cake Recipee\Downloads\utorrent_3.0.exe a variant of Win32/uTorrent.D potentially unwanted application cleaned by deleting
I:\Laptop Back-up\Ice Cream Cake Recipee\Downloads\uTorrent_3.1.3_build_27220.exe a variant of Win32/Toolbar.Conduit.AY potentially unwanted application cleaned by deleting
L:\Back-up Laptop\Virus and Removal Tools\disk-defrag-setup.exe a variant of Win32/Auslogics.AA potentially unwanted application cleaned by deleting
L:\Ellen\Stories\disk-defrag-setup.exe a variant of Win32/Toolbar.Widgi.N potentially unwanted application,a variant of Win32/Auslogics.C potentially unwanted application,a variant of Win32/Auslogics.AA potentially unwanted application cleaned by deleting

Edited by jeff matthews, 05 July 2020 - 02:25 AM.

Related Topics



1 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users


    Bing (1)