Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-04-2020 Ran by Stepan (administrator) on STEPAN-PC (ASUS All Series) (13-04-2020 09:10:02) Running from C:\Users\Stepan\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads Loaded Profiles: Stepan & NeroMediaHomeUser.4 & Jordyn & Natasha & Diane & DefaultAppPool (Available Profiles: Stepan & NeroMediaHomeUser.4 & Jordyn & Natasha & Diane & DefaultAppPool) Platform: Windows 10 Home Version 1909 18363.720 (X64) Language: English (United States) Default browser: Edge Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) () [File not signed] C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe (ABBYY Production LLC -> ABBYY Production LLC) C:\Program Files (x86)\ABBYY FineReader 12\NetworkLicenseServer.exe (Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (Adobe Systems, Incorporated -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe (ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe (BitTorrent Inc -> BitTorrent Inc.) C:\Users\Stepan\AppData\Roaming\uTorrent\helper\helper.exe (BitTorrent Inc -> BitTorrent Inc.) C:\Users\Stepan\AppData\Roaming\uTorrent\updates\3.5.5_45608\utorrentie.exe <2> (BitTorrent Inc -> BitTorrent Inc.) C:\Users\Stepan\AppData\Roaming\uTorrent\uTorrent.exe (CyberLink -> ) C:\Program Files\CyberLink\Shared files\RichVideo64.exe (Electronic Arts, Inc. -> ) C:\Program Files (x86)\Origin\QtWebEngineProcess.exe <2> (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe (Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrB.exe (Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm.exe (Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm_service.exe (Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 4.0\ksde.exe (Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 4.0\ksdeui.exe (Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\avp.exe (Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\avpui.exe (LAVASOFT SOFTWARE CANADA INC -> ) C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe (LAVASOFT SOFTWARE CANADA INC -> Lavasoft) C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe (Logitech -> Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe (Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.20022.11011.0_x64__8wekyb3d8bbwe\Video.UI.exe (Microsoft Studios) C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.6.1224.0_x64__8wekyb3d8bbwe\Solitaire.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\GameBarPresenceWriter.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe <4> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mqsvc.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE (Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Nero MediaHome 4\NMMediaServerService.exe (Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2> (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Prolific Technology Inc.) [File not signed] C:\Windows\SysWOW64\IoctlSvc.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIHMA.EXE (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Windows\SysWOW64\SAgent4.exe ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-06-15] (NVIDIA Corporation -> NVIDIA Corporation) HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-26] (Logitech Inc -> Logitech, Inc.) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated -> Adobe Systems Incorporated) HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3022416 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated) HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation -> Microsoft Corporation) HKLM-x32\...\Run: [UpdatePPShortCut] => C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe [222504 2010-09-17] (CyberLink -> CyberLink Corp.) HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2072928 2014-10-31] (Wondershare software CO., LIMITED -> Wondershare) HKLM-x32\...\Run: [Bonus.SSR.FR12] => C:\Program Files (x86)\ABBYY FineReader 12\Bonus.ScreenshotReader.exe [1472312 2016-07-21] (ABBYY PRODUCTION LLC -> ABBYY Production LLC.) [File not signed] HKLM-x32\...\Run: [TP-LINK USB Printer Controller] => C:\Program Files (x86)\TP-LINK\USB Printer Controller\USB Printer Controller.exe [4226048 2012-09-21] () [File not signed] HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle America, Inc. -> Oracle Corporation) HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed] HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated) HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3500056 2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.) HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1150760 2018-04-06] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\Run: [EPSON Stylus Photo 1410 Series] => C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIBUP.EXE [139264 2006-07-04] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION) HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\Run: [Nero MediaHome 4] => C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe [5178664 2010-10-29] (Nero AG -> Nero AG) HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIHMA.EXE [283232 2012-02-28] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\Run: [Prolific_OneButton] => C:\Program Files (x86)\Prolific Backup\OneBtn.exe [139264 2010-10-20] () [File not signed] HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [8022104 2020-04-05] (LAVASOFT SOFTWARE CANADA INC -> Lavasoft) HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\Run: [kpm.exe] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm.exe [582672 2020-04-01] (Kaspersky Lab -> AO Kaspersky Lab) HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\Run: [utweb] => "C:\Users\Stepan\AppData\Roaming\uTorrent Web\utweb.exe" /MINIMIZED HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\Run: [EPLTarget\P0000000000000001] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIHMA.EXE [283232 2012-02-28] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [365160 2020-03-19] (AVB Disc Soft, SIA -> Disc Soft Ltd) HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\MountPoints2: {78805666-67e7-11ea-9f01-7824afc129ae} - "G:\autorun.exe" HKU\S-1-5-21-600410608-1858306824-1911990453-1001\...\MountPoints2: {788056d6-67e7-11ea-9f01-7824afc129ae} - "I:\setup.exe" HKU\S-1-5-21-600410608-1858306824-1911990453-1004\...\Run: [EPSON Stylus Photo 1410 Series] => C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIBUP.EXE [139264 2006-07-04] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION) HKU\S-1-5-21-600410608-1858306824-1911990453-1004\...\Run: [Nero MediaHome 4] => C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe [5178664 2010-10-29] (Nero AG -> Nero AG) HKU\S-1-5-21-600410608-1858306824-1911990453-1004\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-21-600410608-1858306824-1911990453-1005\...\Run: [EPSON Stylus Photo 1410 Series] => C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIBUP.EXE [139264 2006-07-04] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION) HKU\S-1-5-21-600410608-1858306824-1911990453-1005\...\Run: [Nero MediaHome 4] => C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe [5178664 2010-10-29] (Nero AG -> Nero AG) HKU\S-1-5-21-600410608-1858306824-1911990453-1005\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-21-600410608-1858306824-1911990453-1005\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [38400 2019-03-19] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-21-600410608-1858306824-1911990453-1006\...\Run: [EPSON Stylus Photo 1410 Series] => C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIBUP.EXE [139264 2006-07-04] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION) HKU\S-1-5-21-600410608-1858306824-1911990453-1006\...\Run: [Nero MediaHome 4] => C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe [5178664 2010-10-29] (Nero AG -> Nero AG) HKU\S-1-5-21-600410608-1858306824-1911990453-1006\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-21-600410608-1858306824-1911990453-1006\...\Policies\system: [LogonHoursAction] 2 HKU\S-1-5-21-600410608-1858306824-1911990453-1006\...\Policies\system: [DontDisplayLogonHoursWarnings] 1 HKU\S-1-5-21-600410608-1858306824-1911990453-1007\...\Run: [EPSON Stylus Photo 1410 Series] => C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIBUP.EXE [139264 2006-07-04] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION) HKU\S-1-5-21-600410608-1858306824-1911990453-1007\...\Run: [Nero MediaHome 4] => C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe [5178664 2010-10-29] (Nero AG -> Nero AG) HKU\S-1-5-21-600410608-1858306824-1911990453-1007\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-21-600410608-1858306824-1911990453-1007\...\Policies\system: [LogonHoursAction] 2 HKU\S-1-5-21-600410608-1858306824-1911990453-1007\...\Policies\system: [DontDisplayLogonHoursWarnings] 1 HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.163\Installer\chrmstp.exe [2020-04-03] (Google LLC -> Google LLC) HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] -> Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2020-03-12] ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) [File not signed] Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageBrowser EX Agent.lnk [2016-08-25] ShortcutTarget: ImageBrowser EX Agent.lnk -> C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe () [File not signed] GroupPolicy\User: Restriction ? <==== ATTENTION ==================== Scheduled Tasks (Whitelisted) ============ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {02956C8B-4C94-4BE3-83EF-2D2BC950856B} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION Task: {07DEFE58-0104-4E76-A64D-418F836F87AB} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316} Task: {202B9C98-8397-4C1D-8816-E5CB32EE1987} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-08-26] (Google Inc -> Google Inc.) Task: {275525EF-010D-4A6D-8111-EDD26CCFDC2F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems) Task: {301891F7-9AE9-46B5-B6CD-AC52928045E9} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-03-12] (Adobe Inc. -> Adobe) Task: {4720EF61-D7AD-4C88-838C-29666D426201} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3022416 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated) Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB} Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A} Task: {651EE370-8FC1-4624-96DB-B48627003889} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_344_pepper.exe [1453624 2020-03-12] (Adobe Inc. -> Adobe) Task: {9F8B5608-9E8E-4BAE-A6A5-E18D494F75E6} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E} Task: {A1848D82-3D26-4137-B560-CE3918EFDDC3} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61} Task: {A53684C2-F1AF-47F1-AB78-C4975C8A2178} - System32\Tasks\{61CD6456-A0C2-46D9-A1DC-A3A08D5D51C1} => "C:\Program Files\Internet Explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/7.0.0.102/en/abandoninstall?page=tsMain Task: {A8EEB754-3C67-4A13-B499-245A7CDAFE1A} - System32\Tasks\Opera scheduled Autoupdate 1498468288 => C:\Users\Stepan\AppData\Local\Programs\Opera\launcher.exe Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371} Task: {BC03D4B8-DF01-4158-98B5-F71AF503A51D} - System32\Tasks\FileAdvisorUpdate => C:\Program Files (x86)\File Type Advisor\fileadvisor.exe [3725312 2015-07-15] (File Type Advisor) [File not signed] Task: {BD0D8DEC-396C-48E6-99B9-E63464A7F733} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [791232 2019-09-10] (Kaspersky Lab -> AO Kaspersky Lab) Task: {D6E77A3A-271C-4E89-8857-329B893FD614} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-08-26] (Google Inc -> Google Inc.) Task: {DEE99C80-497E-4783-A8F6-07F1CB28FECA} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1} Task: {F785096B-2909-40D1-B0DB-D1B0F80F69C8} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969} (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4 Tcpip\..\Interfaces\{aaf35c55-9740-40c9-bb04-9067357337f0}: [NameServer] 8.8.8.8,8.8.4.4 Tcpip\..\Interfaces\{b372b17b-aae5-404a-86c5-292d6999387b}: [DhcpNameServer] 10.10.6.1 Tcpip\..\Interfaces\{ceafe424-a186-49d6-bd98-7cd15d1e0654}: [DhcpNameServer] 8.8.8.8 8.8.4.4 Internet Explorer: ================== HKU\S-1-5-21-600410608-1858306824-1911990453-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/?pc=COS2&ptag=D121918-A5AF4E3D53C&form=CONMHP&conlogo=CT3335878 HKU\S-1-5-21-600410608-1858306824-1911990453-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.iinet.net.au/customers/ HKU\S-1-5-21-600410608-1858306824-1911990453-1005\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com.au/ HKU\S-1-5-21-600410608-1858306824-1911990453-1006\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp SearchScopes: HKU\S-1-5-21-600410608-1858306824-1911990453-1001 -> DefaultScope {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} SearchScopes: HKU\S-1-5-21-600410608-1858306824-1911990453-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag=D121918-N0700A5AF4E3D53C&form=CONBDF&conlogo=CT3335878&q={searchTerms} SearchScopes: HKU\S-1-5-21-600410608-1858306824-1911990453-1001 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} SearchScopes: HKU\S-1-5-21-600410608-1858306824-1911990453-1004 -> DefaultScope {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} SearchScopes: HKU\S-1-5-21-600410608-1858306824-1911990453-1004 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-600410608-1858306824-1911990453-1004 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} SearchScopes: HKU\S-1-5-21-600410608-1858306824-1911990453-1005 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} SearchScopes: HKU\S-1-5-21-600410608-1858306824-1911990453-1006 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04 SearchScopes: HKU\S-1-5-21-600410608-1858306824-1911990453-1006 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04 SearchScopes: HKU\S-1-5-21-600410608-1858306824-1911990453-1006 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} SearchScopes: HKU\S-1-5-21-600410608-1858306824-1911990453-1007 -> DefaultScope {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} SearchScopes: HKU\S-1-5-21-600410608-1858306824-1911990453-1007 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-600410608-1858306824-1911990453-1007 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2011-01-26] (SEIKO EPSON CORPORATION) [File not signed] BHO: Kaspersky Protection -> {9F904093-6E18-4536-BF5F-B03689CF00F0} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\IEExt\ie_plugin.dll [2019-12-18] (Kaspersky Lab -> AO Kaspersky Lab) BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-26] (Logitech Inc -> Logitech, Inc.) BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO: Kaspersky Password Manager -> {F710F7E5-A520-471D-989C-F653AC328FB2} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\x64\ie_engine.dll [2020-04-01] (Kaspersky Lab -> AO Kaspersky Lab) BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Kaspersky Protection -> {9F904093-6E18-4536-BF5F-B03689CF00F0} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\IEExt\ie_plugin.dll [2019-12-18] (Kaspersky Lab -> AO Kaspersky Lab) BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-03-29] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-26] (Logitech Inc -> Logitech, Inc.) BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-03-29] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO-x32: Kaspersky Password Manager -> {F710F7E5-A520-471D-989C-F653AC328FB2} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\ie_engine.dll [2020-04-01] (Kaspersky Lab -> AO Kaspersky Lab) Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2011-01-26] (SEIKO EPSON CORPORATION) [File not signed] Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Toolbar: HKLM - Kaspersky Protection Toolbar - {EF293C5A-9F37-49FD-91C4-2B867063FC54} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\IEExt\ie_plugin.dll [2019-12-18] (Kaspersky Lab -> AO Kaspersky Lab) Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-03-29] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {EF293C5A-9F37-49FD-91C4-2B867063FC54} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\IEExt\ie_plugin.dll [2019-12-18] (Kaspersky Lab -> AO Kaspersky Lab) Toolbar: HKU\S-1-5-21-600410608-1858306824-1911990453-1001 -> No Name - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - No File Toolbar: HKU\S-1-5-21-600410608-1858306824-1911990453-1001 -> No Name - {093F479D-712E-46CD-9E06-62E734A05F68} - No File Toolbar: HKU\S-1-5-21-600410608-1858306824-1911990453-1001 -> No Name - {C500C267-63BF-451F-8797-4D720C9A2ED9} - No File Toolbar: HKU\S-1-5-21-600410608-1858306824-1911990453-1001 -> Kaspersky Protection Toolbar - {EF293C5A-9F37-49FD-91C4-2B867063FC54} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\IEExt\ie_plugin.dll [2019-12-18] (Kaspersky Lab -> AO Kaspersky Lab) Toolbar: HKU\S-1-5-21-600410608-1858306824-1911990453-1004 -> No Name - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - No File Toolbar: HKU\S-1-5-21-600410608-1858306824-1911990453-1004 -> No Name - {093F479D-712E-46CD-9E06-62E734A05F68} - No File Toolbar: HKU\S-1-5-21-600410608-1858306824-1911990453-1005 -> No Name - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - No File Toolbar: HKU\S-1-5-21-600410608-1858306824-1911990453-1005 -> No Name - {093F479D-712E-46CD-9E06-62E734A05F68} - No File Toolbar: HKU\S-1-5-21-600410608-1858306824-1911990453-1006 -> No Name - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - No File Toolbar: HKU\S-1-5-21-600410608-1858306824-1911990453-1006 -> No Name - {093F479D-712E-46CD-9E06-62E734A05F68} - No File Toolbar: HKU\S-1-5-21-600410608-1858306824-1911990453-1007 -> No Name - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - No File Toolbar: HKU\S-1-5-21-600410608-1858306824-1911990453-1007 -> No Name - {093F479D-712E-46CD-9E06-62E734A05F68} - No File Edge: ====== DownloadDir: C:\Users\Stepan\Downloads Edge HomeButtonPage: HKU\S-1-5-21-600410608-1858306824-1911990453-1001 -> about:start Edge Extension: (Kaspersky Password Manager) -> EdgeExtension_KasperskyLabKasperskyPasswordManagerExtension_8jx5e25qw3tdc => C:\Program Files\WindowsApps\KasperskyLab.KasperskyPasswordManagerExtension_2.9.1.0_x64__8jx5e25qw3tdc [2019-12-18] FireFox: ======== FF HKLM\...\Firefox\Extensions: [light_plugin_F363A72DD7B6435783A76E5F612C9006@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi => not found FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2017-11-01] FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2017-10-23] [Legacy] [not signed] FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F363A72DD7B6435783A76E5F612C9006@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi => not found FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2018-08-07] [Legacy] [not signed] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems Incorporated -> Adobe Systems) FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1229199.dll [2017-03-31] (Adobe Systems, Inc.) [File not signed] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @Nero.com/KM -> C:\Program Files (x86)\Common Files\Nero\BrowserPlugin\npBrowserPlugin.dll [2015-08-28] (Nero AG -> Nero AG) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN) FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-03-06] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems Incorporated -> Adobe Systems) Chrome: ======= CHR Profile: C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default [2020-04-13] CHR Notifications: Default -> hxxps://engage.lasalle.wa.edu.au; hxxps://gibney.coneqt-p.cathednet.wa.edu.au; hxxps://www.epson.de CHR Extension: (Google Drive) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-15] CHR Extension: (YouTube) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-15] CHR Extension: (Google Search) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-15] CHR Extension: (Kaspersky Password Manager) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhnkblpjbkfklfloegejegedcafpliaa [2019-12-19] CHR Extension: (Tasty World (Moscow/RUSSIA)) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ebchgchabgghpakkgbpmknjpadmpinih [2016-08-24] CHR Extension: (Kaspersky Protection) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\elhpdacimkjpccooodognopfhbdgnpbk [2020-02-17] CHR Extension: (Hot Shot Sniper) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibbhkjoamnfmpcilggihmfeebhienpea [2015-12-26] CHR Extension: (Chrome Web Store Payments) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-11] CHR Extension: (Gmail) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-02] CHR Extension: (Chrome Media Router) - C:\Users\Stepan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-07] CHR HKLM\...\Chrome\Extension: [elhpdacimkjpccooodognopfhbdgnpbk] - hxxps://chrome.google.com/webstore/detail/elhpdacimkjpccooodognopfhbdgnpbk CHR HKU\S-1-5-21-600410608-1858306824-1911990453-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhnkblpjbkfklfloegejegedcafpliaa] - hxxps://chrome.google.com/webstore/detail/dhnkblpjbkfklfloegejegedcafpliaa CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2017-11-01] CHR HKLM-x32\...\Chrome\Extension: [elhpdacimkjpccooodognopfhbdgnpbk] - hxxps://chrome.google.com/webstore/detail/elhpdacimkjpccooodognopfhbdgnpbk CHR HKLM-x32\...\Chrome\Extension: [nladljmabboanhihfkjacnnkgjhnokhj] ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 ABBYY.Licensing.FineReader.Professional.12.0; C:\Program Files (x86)\ABBYY FineReader 12\NetworkLicenseServer.exe [925904 2014-01-23] (ABBYY Production LLC -> ABBYY Production LLC) R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3374160 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3103824 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated) R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2016-01-19] (ASUSTeK Computer Inc. -> ) R2 AVP20.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\avp.exe [357416 2019-03-21] (Kaspersky Lab -> AO Kaspersky Lab) S2 CLKMSVC10_90970B6B; C:\Program Files (x86)\CyberLink\PowerProducer\BDSDK\NavFilter\kmsvc.exe [246256 2010-11-09] (CyberLink -> CyberLink) R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4506728 2020-03-19] (AVB Disc Soft, SIA -> Disc Soft Ltd) R2 EpsonCustomerResearchParticipation; C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe [677880 2017-04-25] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) R2 EPSON_PM_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE [102400 2006-04-18] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION) S3 klvssbridge64_20.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 20.0\x64\vssbridge64.exe [438928 2019-03-21] (Kaspersky Lab -> AO Kaspersky Lab) R2 kpm_launch_service; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm_service.exe [354152 2020-04-01] (Kaspersky Lab -> AO Kaspersky Lab) R2 KSDE4.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 4.0\ksde.exe [619752 2019-03-21] (Kaspersky Lab -> AO Kaspersky Lab) R2 NeroMediaHomeService.4; C:\Program Files (x86)\Nero\Nero MediaHome 4\NMMediaServerService.exe [517416 2010-10-29] (Nero AG -> Nero AG) S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-06-15] (NVIDIA Corporation -> NVIDIA Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2495792 2020-04-12] (Electronic Arts, Inc. -> Electronic Arts) R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3447608 2020-04-12] (Electronic Arts, Inc. -> Electronic Arts) R2 PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [81920 2010-10-20] (Prolific Technology Inc.) [File not signed] R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [66872 2020-04-12] (Even Balance, Inc. -> ) R2 PnkBstrB; C:\WINDOWS\SysWOW64\PnkBstrB.exe [107832 2020-04-12] (Even Balance, Inc. -> ) R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390672 2012-08-08] (CyberLink -> ) R2 StatusAgent4; C:\WINDOWS\SysWOW64\SAgent4.exe [136576 2011-05-25] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed] R2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [29272 2020-04-05] (LAVASOFT SOFTWARE CANADA INC -> ) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 2310_00; C:\WINDOWS\system32\drivers\2310_00.sys [170528 2009-06-12] (HighPoint Technologies, Inc. -> HighPoint Technologies, Inc.) S3 272x_1x; C:\WINDOWS\system32\drivers\272x_1x.sys [612672 2012-04-25] (HighPoint Technologies, Inc. -> HighPoint Technologies, Inc.) S3 274x_3x; C:\WINDOWS\system32\drivers\274x_3x.sys [240960 2012-04-25] (HighPoint Technologies, Inc. -> HighPoint Technologies, Inc.) S3 ahcix64s; C:\WINDOWS\system32\drivers\ahcix64s.sys [226616 2009-07-15] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc) S3 amdhub30; C:\WINDOWS\system32\drivers\amdhub30.sys [106664 2012-08-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, INC.) S3 amdide64; C:\WINDOWS\system32\drivers\amdide64.sys [11904 2011-12-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) S3 amdxhc; C:\WINDOWS\system32\drivers\amdxhc.sys [226984 2012-08-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, INC.) S3 amd_sata; C:\WINDOWS\system32\drivers\amd_sata.sys [82560 2012-04-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices) S3 amd_xata; C:\WINDOWS\system32\drivers\amd_xata.sys [42624 2012-04-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices) S3 arcm_a64; C:\WINDOWS\system32\drivers\arcm_a64.sys [52768 2009-11-09] (Areca Technology Corporation -> ARECA Technology Corporation) S3 asahci64; C:\WINDOWS\system32\drivers\asahci64.sys [49048 2012-07-18] (ASMedia Technology Inc. -> Asmedia Technology) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2016-01-19] (ASUSTeK Computer Inc. -> ) S3 b06diag; C:\WINDOWS\system32\drivers\bxdiaga.sys [88104 2012-03-08] (Broadcom Corporation -> Broadcom Corporation) S3 BFN7x64; C:\WINDOWS\system32\drivers\Xeno7x64.sys [157288 2012-02-22] (Bigfoot Networks, Inc. -> Bigfoot Networks, Inc.) S3 cbaf; C:\WINDOWS\System32\Drivers\cbaf.sys [15872 2008-01-10] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corp.) R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [246912 2019-02-16] (Kaspersky Lab -> AO Kaspersky Lab) S3 DC133; C:\WINDOWS\system32\drivers\DC133.sys [39320 2011-05-02] (Dawicontrol Computersysteme GmbH -> Dawicontrol GmbH) S3 DC150; C:\WINDOWS\system32\drivers\DC150.sys [39832 2011-05-02] (Dawicontrol Computersysteme GmbH -> Dawicontrol GmbH) S3 DC154; C:\WINDOWS\system32\drivers\DC154.sys [48136 2011-05-02] (Dawicontrol Computersysteme GmbH -> Dawicontrol GmbH) S3 DC300e; C:\WINDOWS\system32\drivers\DC300e.sys [40344 2011-05-02] (Dawicontrol Computersysteme GmbH -> Dawicontrol GmbH) S3 DC324e; C:\WINDOWS\system32\drivers\DC324e.sys [49752 2011-05-02] (Dawicontrol Computersysteme GmbH -> Dawicontrol GmbH) S3 DC3410; C:\WINDOWS\system32\drivers\DC3410.sys [48328 2011-05-02] (Dawicontrol Computersysteme GmbH -> Dawicontrol GmbH) S3 DC4300; C:\WINDOWS\system32\drivers\DC4300.sys [48360 2011-05-02] (Dawicontrol Computersysteme GmbH -> Dawicontrol GmbH) S3 DC600e; C:\WINDOWS\system32\drivers\DC600e.sys [40744 2011-05-02] (Dawicontrol Computersysteme GmbH -> Dawicontrol GmbH) S3 dfuuwb; C:\WINDOWS\System32\Drivers\DfuUWB.sys [503296 2008-09-12] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corp.) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2020-03-19] (AVB Disc Soft, SIA -> Disc Soft Ltd) R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2020-03-19] (AVB Disc Soft, SIA -> Disc Soft Ltd) S3 EtronHub3; C:\WINDOWS\System32\Drivers\EtronHub3.sys [65152 2012-08-07] (Microsoft Windows Hardware Compatibility Publisher -> Etron Technology Inc) S3 EtronSTOR; C:\WINDOWS\System32\Drivers\EtronSTOR.sys [32512 2012-08-07] (Microsoft Windows Hardware Compatibility Publisher -> Etron Technology Inc) S3 EtronXHCI; C:\WINDOWS\System32\Drivers\EtronXHCI.sys [88832 2012-08-07] (Microsoft Windows Hardware Compatibility Publisher -> Etron Technology Inc) S3 FLxHCIh; C:\WINDOWS\system32\drivers\FLxHCIh.sys [77040 2012-11-02] (Fresco Logic Inc -> Fresco Logic) S3 hptiop; C:\WINDOWS\system32\drivers\hptiop.sys [17440 2009-05-26] (HighPoint Technologies, Inc. -> HighPoint Technologies, Inc.) S3 hptmv; C:\WINDOWS\system32\drivers\hptmv.sys [93472 2006-09-18] (HighPoint Technologies, Inc. -> HighPoint Technologies, Inc.) S3 hptmv6; C:\WINDOWS\system32\drivers\hptmv6.sys [152096 2007-11-01] (HighPoint Technologies, Inc. -> HighPoint Technologies, Inc.) S3 HWA; C:\WINDOWS\System32\Drivers\HWA.sys [61440 2008-09-29] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corp.) S3 iaStorS; C:\WINDOWS\system32\drivers\iaStorS.sys [651224 2012-06-30] (Intel Corporation -> Intel Corporation) S3 iteatapi; C:\WINDOWS\system32\drivers\iteatapi.sys [38680 2008-05-14] (ITE Tech. Inc. -> ITE Tech. Inc.) S3 iteraid; C:\WINDOWS\system32\drivers\iteraid.sys [32768 2007-05-02] (Microsoft Windows Hardware Compatibility Publisher -> ITE Tech. Inc.) R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [79768 2020-02-12] (Kaspersky Lab -> AO Kaspersky Lab) R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [145504 2020-02-12] (Kaspersky Lab -> AO Kaspersky Lab) R1 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [93312 2019-03-12] (Kaspersky Lab -> AO Kaspersky Lab) S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [37816 2019-01-24] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab) R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [251512 2019-10-30] (Kaspersky Lab -> AO Kaspersky Lab) R1 klgse; C:\WINDOWS\System32\DRIVERS\klgse.sys [586496 2020-01-27] (Kaspersky Lab -> AO Kaspersky Lab) R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [1163216 2020-01-24] (Kaspersky Lab -> AO Kaspersky Lab) R3 klids; C:\ProgramData\Kaspersky Lab\AVP20.0\Bases\klids.sys [214592 2020-04-07] (Kaspersky Lab -> AO Kaspersky Lab) R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [998296 2020-02-12] (Kaspersky Lab -> AO Kaspersky Lab) R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [58192 2019-03-19] (Kaspersky Lab -> AO Kaspersky Lab) R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [79184 2019-03-18] (Kaspersky Lab -> AO Kaspersky Lab) R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [59512 2019-03-18] (Kaspersky Lab -> AO Kaspersky Lab) R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [51328 2019-03-13] (Kaspersky Lab -> AO Kaspersky Lab) S3 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [45904 2019-03-10] (Kaspersky Lab -> AO Kaspersky Lab) R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [48592 2018-03-16] (AnchorFree Inc -> The OpenVPN Project) R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [256752 2020-04-09] (Kaspersky Lab -> AO Kaspersky Lab) R3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [99152 2019-03-21] (Kaspersky Lab -> AO Kaspersky Lab) R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [309968 2020-04-09] (Kaspersky Lab -> AO Kaspersky Lab) R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [117496 2020-04-09] (Kaspersky Lab -> AO Kaspersky Lab) R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [206880 2020-04-10] (Kaspersky Lab -> AO Kaspersky Lab) S3 klupd_klif_swmon; C:\WINDOWS\System32\Drivers\klupd_klif_swmon.sys [209928 2018-10-04] (Kaspersky Lab -> AO Kaspersky Lab) R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [105600 2019-03-05] (Kaspersky Lab -> AO Kaspersky Lab) R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [211048 2019-12-18] (Kaspersky Lab -> AO Kaspersky Lab) R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [232272 2019-03-19] (Kaspersky Lab -> AO Kaspersky Lab) S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-10-01] (Malwarebytes Corporation -> Malwarebytes) S3 megasas2; C:\WINDOWS\system32\drivers\megasas2.sys [51496 2012-02-29] (LSI Corporation -> LSI Corporation) S3 megasr1; C:\WINDOWS\system32\drivers\MegaSR1.sys [461320 2009-04-16] (LSI Corporation -> LSI Corporation, Inc.) R3 msvad_simple; C:\WINDOWS\system32\drivers\povrtdev.sys [28528 2015-10-29] (MediaMall Technologies, Inc. -> MediaMall Technologies, Inc.) S3 mv61xx; C:\WINDOWS\system32\drivers\mv61xx.sys [183144 2012-05-23] (Marvell Semiconductor -> Marvell Semiconductor, Inc.) S3 mv91cons; C:\WINDOWS\system32\drivers\mv91cons.sys [28008 2012-10-09] (Marvell Semiconductor -> Marvell Semiconductor Inc.) S3 mvs91xx; C:\WINDOWS\system32\drivers\mvs91xx.sys [322920 2012-10-09] (Marvell Semiconductor -> Marvell Semiconductor, Inc.) S3 mvs94xx; C:\WINDOWS\system32\drivers\mvs94xx.sys [367920 2010-12-01] (Marvell Semiconductor -> Marvell Semiconductor, Inc.) R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_db678424d2641c3d\nvlddmkm.sys [22094728 2019-10-04] (NVIDIA Corporation -> NVIDIA Corporation) S3 nvrd64; C:\WINDOWS\system32\drivers\nvrd64.sys [175720 2010-04-09] (NVIDIA Corporation -> NVIDIA Corporation) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-06-15] (NVIDIA Corporation -> NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation -> NVIDIA Corporation) S3 ocz10xx; C:\WINDOWS\system32\drivers\ocz10xx.sys [139056 2012-04-06] (OCZ Technology Group -> OCZ Technology Group, Inc.) S3 ocz12xx; C:\WINDOWS\system32\drivers\ocz12xx.sys [138544 2011-09-15] (OCZ Technology Group -> OCZ Technology Group, Inc.) S3 Pnp680; C:\WINDOWS\system32\drivers\pnp680.sys [80424 2007-11-13] (Silicon Image, Inc. -> Silicon Image, Inc) S3 rr174x; C:\WINDOWS\system32\drivers\rr174x.sys [159264 2007-11-01] (HighPoint Technologies, Inc. -> HighPoint Technologies, Inc.) S3 rr2210; C:\WINDOWS\system32\drivers\rr2210.sys [153632 2007-11-01] (HighPoint Technologies, Inc. -> HighPoint Technologies, Inc.) S3 rr232x; C:\WINDOWS\system32\drivers\rr232x.sys [152096 2008-05-06] (HighPoint Technologies, Inc. -> HighPoint Technologies, Inc.) S3 rr2340; C:\WINDOWS\system32\drivers\rr2340.sys [162400 2010-01-01] (HighPoint Technologies, Inc. -> HighPoint Technologies, Inc.) S3 rr2522; C:\WINDOWS\system32\drivers\rr2522.sys [168032 2010-01-01] (HighPoint Technologies, Inc. -> HighPoint Technologies, Inc.) S3 rr276x; C:\WINDOWS\system32\drivers\rr276x.sys [241472 2012-04-25] (HighPoint Technologies, Inc. -> HighPoint Technologies, Inc.) S3 rr278x; C:\WINDOWS\system32\drivers\rr278x.sys [240960 2012-04-25] (HighPoint Technologies, Inc. -> HighPoint Technologies, Inc.) S3 rr62x; C:\WINDOWS\system32\drivers\rr62x.sys [156256 2010-06-17] (HighPoint Technologies, Inc. -> HighPoint Technologies, Inc.) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [888064 2015-10-15] (Realtek Semiconductor Corp -> Realtek ) S3 rusb3hub; C:\WINDOWS\system32\drivers\rusb3hub.sys [114568 2012-08-28] (Renesas Electronics Corporation -> Renesas Electronics Corporation) S3 rusb3xhc; C:\WINDOWS\system32\drivers\rusb3xhc.sys [230280 2012-08-28] (Renesas Electronics Corporation -> Renesas Electronics Corporation) S3 Ser2pl; C:\WINDOWS\system32\drivers\ser2pl64.sys [158720 2012-07-27] (Microsoft Windows Hardware Compatibility Publisher -> Prolific Technology Inc.) S3 SI3112r; C:\WINDOWS\system32\drivers\SI3112r.sys [164656 2007-02-01] (Silicon Image, Inc. -> Silicon Image, Inc) S3 SI3114; C:\WINDOWS\system32\drivers\SI3114.sys [99120 2006-11-10] (Silicon Image, Inc. -> Silicon Image, Inc.) S3 SI3114r; C:\WINDOWS\system32\drivers\SI3114R.sys [163632 2007-04-11] (Silicon Image, Inc. -> Silicon Image, Inc) S3 SI3124; C:\WINDOWS\system32\drivers\SI3124.sys [113456 2006-11-02] (Silicon Image, Inc. -> Silicon Image, Inc.) S3 Si3124r5; C:\WINDOWS\system32\drivers\Si3124r5.sys [340008 2010-04-13] (Silicon Image, Inc. -> Silicon Image, Inc) S3 SI3132; C:\WINDOWS\system32\drivers\SI3132.sys [90664 2007-10-03] (Silicon Image, Inc. -> Silicon Image, Inc) S3 Si3531; C:\WINDOWS\system32\drivers\Si3531.sys [333864 2009-02-09] (Silicon Image, Inc. -> Silicon Image, Inc) R0 SiFilter; C:\WINDOWS\System32\drivers\SiWinAcc.sys [22056 2007-10-03] (Silicon Image, Inc. -> Silicon Image, Inc) R0 SiRemFil; C:\WINDOWS\System32\drivers\SiRemFil.sys [17448 2007-10-03] (Silicon Image, Inc. -> Silicon Image, Inc) R0 sptd2; C:\WINDOWS\System32\Drivers\sptd2.sys [207344 2020-03-19] (Disc Soft Ltd -> Duplex Secure Ltd) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2017-04-11] (OpenVPN Technologies, Inc. -> The OpenVPN Project) R3 TplinkUDSMBus; C:\WINDOWS\system32\drivers\TplinkUDSMBus.sys [102688 2012-09-21] (KCODES CORPORATION -> Windows (R) Codename Longhorn DDK provider) S3 uwbusb; C:\WINDOWS\System32\Drivers\usbuwbmini.sys [13312 2008-09-15] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corp.) S3 viamrx64; C:\WINDOWS\system32\drivers\viamrx64.sys [161904 2010-12-03] (VIA Technologies Inc. -> VIA Technologies Inc.,Ltd) S3 videX64; C:\WINDOWS\system32\drivers\videX64.sys [15000 2010-02-11] (VIA Technologies Inc. -> VIA Technologies, Inc.) S3 VUSB3HUB; C:\WINDOWS\system32\drivers\ViaHub3.sys [210944 2012-05-30] (Microsoft Windows Hardware Compatibility Publisher -> VIA Technologies, Inc.) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation) S3 WiseHDInfo; C:\WINDOWS\WiseHDInfo64.dll [14800 2016-03-31] (Lespeed Technology Ltd. -> wisecleaner.com) [File not signed] R0 xfiltx64; C:\WINDOWS\System32\drivers\xfiltx64.sys [26776 2010-02-11] (VIA Technologies Inc. -> VIA Technologies, Inc.) S3 xhcdrv; C:\WINDOWS\system32\drivers\xhcdrv.sys [261120 2012-05-30] (Microsoft Windows Hardware Compatibility Publisher -> VIA Technologies, Inc.) R2 {C5F942FD-1110-4664-86CE-0C6BDA305235}; C:\Program Files (x86)\CyberLink\PowerDVD14\Common\NavFilter\000.fcl [32456 2014-11-04] (CyberLink Corp. -> CyberLink Corp.) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) =================== (If an entry is included in the fixlist, the file/folder will be moved.) 2020-04-13 08:48 - 2020-04-13 08:48 - 002281472 _____ (Farbar) C:\Users\Stepan\Desktop\FRST64.exe 2020-04-12 19:14 - 2020-04-12 19:14 - 000000000 ____D C:\ProgramData\Ubisoft 2020-04-12 19:13 - 2020-04-12 19:39 - 002337865 _____ C:\WINDOWS\SysWOW64\pbsvc.exe 2020-04-12 19:13 - 2020-04-12 19:39 - 000107832 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe 2020-04-12 19:13 - 2020-04-12 19:39 - 000066872 _____ C:\WINDOWS\SysWOW64\PnkBstrA.exe 2020-04-12 18:01 - 2020-04-12 18:01 - 000178800 _____ (Sony DADC Austria AG.) C:\WINDOWS\SysWOW64\CmdLineExt_x64.dll 2020-04-12 18:01 - 2020-04-12 18:01 - 000000000 __RHD C:\Users\Stepan\AppData\Roaming\SecuROM 2020-04-12 17:52 - 2020-04-12 18:30 - 000000000 ____D C:\Users\Stepan\Documents\Ubisoft 2020-04-12 17:43 - 2020-04-12 19:46 - 000000000 ____D C:\Program Files (x86)\Ubisoft 2020-04-12 17:42 - 2020-04-12 18:57 - 000000000 ____D C:\Users\Stepan\Desktop\Games 2020-04-12 09:01 - 2020-04-12 09:27 - 000000000 ____D C:\Users\Stepan\Downloads\www.alt.bitworld.to...Tom.Clancys.Rainbow.Six.Vegas.2-RELOADED 2020-04-10 10:58 - 2020-04-13 08:47 - 000000000 ____D C:\Users\Stepan\AppData\LocalLow\uTorrent 2020-04-09 09:47 - 2020-04-09 09:47 - 000309968 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klark.sys 2020-04-09 09:45 - 2020-04-10 10:31 - 000206880 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_mark.sys 2020-04-09 09:45 - 2020-04-09 09:45 - 000256752 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_arkmon.sys 2020-04-09 09:45 - 2020-04-09 09:45 - 000117496 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klbg.sys 2020-03-30 15:32 - 2020-04-13 09:37 - 1048751219 _____ C:\Users\Stepan\Downloads\Doctor.Sleep.2019.UHD.4K.HDR.2160p.mkv 2020-03-19 10:23 - 2020-03-19 10:23 - 000000000 ____D C:\Games 2020-03-19 10:12 - 2020-03-19 10:28 - 000000910 _____ C:\Users\Stepan\Desktop\Tom Clancys Rainbow Six Siege.lnk 2020-03-19 10:12 - 2020-03-19 10:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tom Clancys Rainbow Six Siege 2020-03-19 08:24 - 2020-03-19 08:24 - 000059360 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtliteusbbus.sys 2020-03-19 08:24 - 2020-03-19 08:24 - 000042256 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtlitescsibus.sys 2020-03-19 08:24 - 2020-03-19 08:24 - 000000834 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk 2020-03-19 08:24 - 2020-03-19 08:24 - 000000834 _____ C:\ProgramData\Desktop\DAEMON Tools Lite.lnk 2020-03-19 08:24 - 2020-03-19 08:24 - 000000000 ____D C:\Users\Public\Documents\Catch! 2020-03-19 08:24 - 2020-03-19 08:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\DAEMON Tools Lite 2020-03-19 08:24 - 2020-03-19 08:24 - 000000000 ____D C:\ProgramData\Documents\Catch! 2020-03-19 08:18 - 2020-03-19 08:18 - 000000000 ___RD C:\Users\Stepan\accomadation expences forms 2020-03-16 12:26 - 2020-03-16 12:26 - 011607552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll 2020-03-16 12:26 - 2020-03-16 12:26 - 009711616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll 2020-03-16 12:26 - 2020-03-16 12:26 - 002315680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll 2020-03-16 12:26 - 2020-03-16 12:26 - 001867816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2020-03-16 12:26 - 2020-03-16 12:26 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll 2020-03-16 12:26 - 2020-03-16 12:26 - 001555904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll 2020-03-16 12:26 - 2020-03-16 12:26 - 001417976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll 2020-03-16 12:26 - 2020-03-16 12:26 - 001108040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2020-03-16 12:26 - 2020-03-16 12:26 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll 2020-03-16 12:26 - 2020-03-16 12:26 - 001012792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll 2020-03-16 12:26 - 2020-03-16 12:26 - 000952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll 2020-03-16 12:26 - 2020-03-16 12:26 - 000757632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll 2020-03-16 12:26 - 2020-03-16 12:26 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll 2020-03-16 12:26 - 2020-03-16 12:26 - 000239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacEncoder.dll 2020-03-16 12:25 - 2020-03-16 12:26 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 025900544 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 022635008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 019850240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 019812352 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 018027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 007755776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 007259648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 006520776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 006285312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 006084344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 005911040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 005764664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 005112832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 005040640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 004855808 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 004580352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 004538880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 004348408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 004129648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 003971808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2020-03-16 12:25 - 2020-03-16 12:25 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 003819520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 003488768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 003243296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 002956688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 002875904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2020-03-16 12:25 - 2020-03-16 12:25 - 002773568 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2020-03-16 12:25 - 2020-03-16 12:25 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2020-03-16 12:25 - 2020-03-16 12:25 - 002740736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directml.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 002584008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 002494744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 002307584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 002259872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 002224952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 002180408 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 002072664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 002031104 _____ C:\WINDOWS\system32\rdpnano.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 002021888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 001985104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 001835128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 001770552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 001729024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 001688064 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 001684992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 001665416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 001647072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 001490640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 001484600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 001413632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 001412096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 001398584 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2020-03-16 12:25 - 2020-03-16 12:25 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 001284096 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 001283600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2020-03-16 12:25 - 2020-03-16 12:25 - 001282944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 001273856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 001264128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpsharercom.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 001218632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe 2020-03-16 12:25 - 2020-03-16 12:25 - 001214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 001190912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 001097728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 001088000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 001080832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 001077048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2020-03-16 12:25 - 2020-03-16 12:25 - 001054376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 001031680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 001007672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 001000960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000980320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000935040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe 2020-03-16 12:25 - 2020-03-16 12:25 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000921088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000915296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000898048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000892696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000883712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowsperformancerecordercontrol.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000783480 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe 2020-03-16 12:25 - 2020-03-16 12:25 - 000776488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000769552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000748032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000734720 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpksetup.exe 2020-03-16 12:25 - 2020-03-16 12:25 - 000732000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000710144 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbc32.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000680184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe 2020-03-16 12:25 - 2020-03-16 12:25 - 000669496 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000668296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000627216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000613888 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000604160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbc32.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000551824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxs.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000526848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000518656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000510768 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe 2020-03-16 12:25 - 2020-03-16 12:25 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprdim.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000478792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv 2020-03-16 12:25 - 2020-03-16 12:25 - 000403456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprdim.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000382976 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe 2020-03-16 12:25 - 2020-03-16 12:25 - 000330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe 2020-03-16 12:25 - 2020-03-16 12:25 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys 2020-03-16 12:25 - 2020-03-16 12:25 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys 2020-03-16 12:25 - 2020-03-16 12:25 - 000287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacEncoder.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000287232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcomapi.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000251392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000213984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe 2020-03-16 12:25 - 2020-03-16 12:25 - 000210744 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndiswan.sys 2020-03-16 12:25 - 2020-03-16 12:25 - 000199480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe 2020-03-16 12:25 - 2020-03-16 12:25 - 000193592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe 2020-03-16 12:25 - 2020-03-16 12:25 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe 2020-03-16 12:25 - 2020-03-16 12:25 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtm.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeHelper.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000166400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000165504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000164776 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtm.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe 2020-03-16 12:25 - 2020-03-16 12:25 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe 2020-03-16 12:25 - 2020-03-16 12:25 - 000146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceUpdateAgent.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAuto.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceMetadataRetrievalClient.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnpclean.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000136328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\omadmapi.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NdisImPlatform.sys 2020-03-16 12:25 - 2020-03-16 12:25 - 000133944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000130112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000120560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys 2020-03-16 12:25 - 2020-03-16 12:25 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GraphicsCapture.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000105832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe 2020-03-16 12:25 - 2020-03-16 12:25 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe 2020-03-16 12:25 - 2020-03-16 12:25 - 000102760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profapi.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000097080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000089568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3api.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3msm.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpremove.exe 2020-03-16 12:25 - 2020-03-16 12:25 - 000068408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceReactivation.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManMigrationPlugin.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmRes.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstUI.exe 2020-03-16 12:25 - 2020-03-16 12:25 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\udhisapi.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmapi.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000042336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbs.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000042296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe 2020-03-16 12:25 - 2020-03-16 12:25 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnpcont.exe 2020-03-16 12:25 - 2020-03-16 12:25 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afunix.sys 2020-03-16 12:25 - 2020-03-16 12:25 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmtask.exe 2020-03-16 12:25 - 2020-03-16 12:25 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmprovhost.exe 2020-03-16 12:25 - 2020-03-16 12:25 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe 2020-03-16 12:25 - 2020-03-16 12:25 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnpcont.exe 2020-03-16 12:25 - 2020-03-16 12:25 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe 2020-03-16 12:25 - 2020-03-16 12:25 - 000032056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys 2020-03-16 12:25 - 2020-03-16 12:25 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxstrace.exe 2020-03-16 12:25 - 2020-03-16 12:25 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Drivers\afunix.sys 2020-03-16 12:25 - 2020-03-16 12:25 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAgent.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msauserext.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000019768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe 2020-03-16 12:25 - 2020-03-16 12:25 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msauserext.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\MUILanguageCleanup.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\LangCleanupSysprepAction.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmplpxy.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtprio.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchTM.exe 2020-03-16 12:25 - 2020-03-16 12:25 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpksetupproxyserv.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtprio.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCertResources.dll 2020-03-16 12:25 - 2020-03-16 12:25 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin 2020-03-16 12:25 - 2020-03-16 12:25 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin 2020-03-16 12:25 - 2020-03-16 12:25 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin 2020-03-16 12:25 - 2020-03-16 12:25 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin 2020-03-16 12:25 - 2020-03-16 12:25 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin 2020-03-16 12:25 - 2020-03-16 12:25 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin 2020-03-16 12:25 - 2020-03-16 12:25 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin 2020-03-16 12:25 - 2020-03-16 12:25 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin 2020-03-16 12:25 - 2020-03-16 12:25 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin 2020-03-16 12:25 - 2020-03-16 12:25 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin 2020-03-16 12:25 - 2020-03-16 12:25 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin 2020-03-16 12:25 - 2020-03-16 12:25 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin 2020-03-16 12:24 - 2020-03-16 12:24 - 009930552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2020-03-16 12:24 - 2020-03-16 12:24 - 007905784 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 007604584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 007263992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 006436352 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 006168064 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 004898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 004622280 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2020-03-16 12:24 - 2020-03-16 12:24 - 004563416 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe 2020-03-16 12:24 - 2020-03-16 12:24 - 004471296 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 004140544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 004048896 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 003799552 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 003728896 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2020-03-16 12:24 - 2020-03-16 12:24 - 003708928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 003587896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2020-03-16 12:24 - 2020-03-16 12:24 - 003552768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 003371720 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 003260928 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 003143168 _____ (Microsoft Corporation) C:\WINDOWS\system32\directml.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 002986808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2020-03-16 12:24 - 2020-03-16 12:24 - 002870272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 002808832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 002768440 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 002715648 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2020-03-16 12:24 - 2020-03-16 12:24 - 002698040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2020-03-16 12:24 - 2020-03-16 12:24 - 002522112 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 002474496 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 002453504 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 002289152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 002157056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 002087376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 001999952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 001972536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys 2020-03-16 12:24 - 2020-03-16 12:24 - 001885184 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 001823232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 001764336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 001762304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 001757304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2020-03-16 12:24 - 2020-03-16 12:24 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 001743888 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 001657120 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 001609216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 001581056 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 001513040 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2020-03-16 12:24 - 2020-03-16 12:24 - 001482040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys 2020-03-16 12:24 - 2020-03-16 12:24 - 001481216 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpsharercom.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 001480192 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe 2020-03-16 12:24 - 2020-03-16 12:24 - 001428992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys 2020-03-16 12:24 - 2020-03-16 12:24 - 001396152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 001394168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 001366128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2020-03-16 12:24 - 2020-03-16 12:24 - 001354080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 001260480 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 001182448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2020-03-16 12:24 - 2020-03-16 12:24 - 001180160 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 001153024 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowsperformancerecordercontrol.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe 2020-03-16 12:24 - 2020-03-16 12:24 - 001092096 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 001091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 001083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 001071184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe 2020-03-16 12:24 - 2020-03-16 12:24 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 001032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 001027000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\refsutil.exe 2020-03-16 12:24 - 2020-03-16 12:24 - 000983896 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000974848 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000945384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000929144 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe 2020-03-16 12:24 - 2020-03-16 12:24 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000914944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000908504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000878080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000877232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2020-03-16 12:24 - 2020-03-16 12:24 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000851968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe 2020-03-16 12:24 - 2020-03-16 12:24 - 000845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2020-03-16 12:24 - 2020-03-16 12:24 - 000838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000833616 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000802304 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000796904 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000782848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys 2020-03-16 12:24 - 2020-03-16 12:24 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000749568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000741392 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000661816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys 2020-03-16 12:24 - 2020-03-16 12:24 - 000649728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000642216 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000637240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys 2020-03-16 12:24 - 2020-03-16 12:24 - 000636848 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxs.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000605896 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2020-03-16 12:24 - 2020-03-16 12:24 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe 2020-03-16 12:24 - 2020-03-16 12:24 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000561464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys 2020-03-16 12:24 - 2020-03-16 12:24 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2020-03-16 12:24 - 2020-03-16 12:24 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv 2020-03-16 12:24 - 2020-03-16 12:24 - 000535552 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000531768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS 2020-03-16 12:24 - 2020-03-16 12:24 - 000522384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe 2020-03-16 12:24 - 2020-03-16 12:24 - 000489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS 2020-03-16 12:24 - 2020-03-16 12:24 - 000460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe 2020-03-16 12:24 - 2020-03-16 12:24 - 000459688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe 2020-03-16 12:24 - 2020-03-16 12:24 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys 2020-03-16 12:24 - 2020-03-16 12:24 - 000457016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys 2020-03-16 12:24 - 2020-03-16 12:24 - 000448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2020-03-16 12:24 - 2020-03-16 12:24 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountExtension.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000429880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys 2020-03-16 12:24 - 2020-03-16 12:24 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe 2020-03-16 12:24 - 2020-03-16 12:24 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000355000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys 2020-03-16 12:24 - 2020-03-16 12:24 - 000353960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Acx01000.sys 2020-03-16 12:24 - 2020-03-16 12:24 - 000320312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000309248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys 2020-03-16 12:24 - 2020-03-16 12:24 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountCloudAP.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnservice.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\netman.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000260920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys 2020-03-16 12:24 - 2020-03-16 12:24 - 000259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000250896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys 2020-03-16 12:24 - 2020-03-16 12:24 - 000250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys 2020-03-16 12:24 - 2020-03-16 12:24 - 000248064 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe 2020-03-16 12:24 - 2020-03-16 12:24 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000234984 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\TetheringMgr.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000224056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys 2020-03-16 12:24 - 2020-03-16 12:24 - 000222520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ataport.sys 2020-03-16 12:24 - 2020-03-16 12:24 - 000221200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe 2020-03-16 12:24 - 2020-03-16 12:24 - 000208696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys 2020-03-16 12:24 - 2020-03-16 12:24 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000201744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys 2020-03-16 12:24 - 2020-03-16 12:24 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000201528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys 2020-03-16 12:24 - 2020-03-16 12:24 - 000199992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys 2020-03-16 12:24 - 2020-03-16 12:24 - 000183608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys 2020-03-16 12:24 - 2020-03-16 12:24 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000180232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys 2020-03-16 12:24 - 2020-03-16 12:24 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAuto.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000174392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys 2020-03-16 12:24 - 2020-03-16 12:24 - 000151568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys 2020-03-16 12:24 - 2020-03-16 12:24 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000146712 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\GraphicsCapture.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000141840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys 2020-03-16 12:24 - 2020-03-16 12:24 - 000141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\TelephonyInteractiveUser.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000133256 _____ (Microsoft Corporation) C:\WINDOWS\system32\profapi.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000131896 _____ (Microsoft Corporation) C:\WINDOWS\system32\DTUHandler.exe 2020-03-16 12:24 - 2020-03-16 12:24 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000128312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe 2020-03-16 12:24 - 2020-03-16 12:24 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000120048 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe 2020-03-16 12:24 - 2020-03-16 12:24 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Taskbar.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys 2020-03-16 12:24 - 2020-03-16 12:24 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys 2020-03-16 12:24 - 2020-03-16 12:24 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000107832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3msm.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS 2020-03-16 12:24 - 2020-03-16 12:24 - 000098104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys 2020-03-16 12:24 - 2020-03-16 12:24 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3api.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000089616 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe 2020-03-16 12:24 - 2020-03-16 12:24 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe 2020-03-16 12:24 - 2020-03-16 12:24 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\monitor.sys 2020-03-16 12:24 - 2020-03-16 12:24 - 000067112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000066336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlrmdr.exe 2020-03-16 12:24 - 2020-03-16 12:24 - 000063288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe 2020-03-16 12:24 - 2020-03-16 12:24 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmRes.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000056632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pciidex.sys 2020-03-16 12:24 - 2020-03-16 12:24 - 000054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAProfileNotificationHandler.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000048256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbs.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmprovhost.exe 2020-03-16 12:24 - 2020-03-16 12:24 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\cellulardatacapabilityhandler.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe 2020-03-16 12:24 - 2020-03-16 12:24 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe 2020-03-16 12:24 - 2020-03-16 12:24 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthMini.SYS 2020-03-16 12:24 - 2020-03-16 12:24 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxstrace.exe 2020-03-16 12:24 - 2020-03-16 12:24 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAgent.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys 2020-03-16 12:24 - 2020-03-16 12:24 - 000030008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\atapi.sys 2020-03-16 12:24 - 2020-03-16 12:24 - 000029712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tbs.sys 2020-03-16 12:24 - 2020-03-16 12:24 - 000028936 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmbuspipe.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilotdiag.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wci.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000019984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelide.sys 2020-03-16 12:24 - 2020-03-16 12:24 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpnotify.exe 2020-03-16 12:24 - 2020-03-16 12:24 - 000016912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pciide.sys 2020-03-16 12:24 - 2020-03-16 12:24 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmplpxy.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\pacjsworker.exe 2020-03-16 12:24 - 2020-03-16 12:24 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchTM.exe 2020-03-16 12:24 - 2020-03-16 12:24 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCertResources.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tier2punctuations.dll 2020-03-16 12:24 - 2020-03-16 12:24 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\TelephonyInteractiveUserRes.dll 2020-03-16 12:04 - 2020-03-16 12:04 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe 2020-03-16 12:04 - 2020-03-16 12:04 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2020-04-13 09:37 - 2019-10-11 10:23 - 000000000 ____D C:\Users\Stepan\AppData\Roaming\uTorrent 2020-04-13 09:26 - 2014-11-30 10:42 - 000000000 ____D C:\Users\Stepan\AppData\Roaming\Origin 2020-04-13 09:21 - 2019-03-19 12:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2020-04-13 09:21 - 2014-11-29 16:09 - 000000000 ____D C:\ProgramData\Kaspersky Lab 2020-04-13 09:14 - 2016-08-21 16:42 - 000000000 ____D C:\FRST 2020-04-13 08:47 - 2019-10-11 10:25 - 000000000 ____D C:\Users\Stepan\AppData\Local\BitTorrentHelper 2020-04-13 08:33 - 2014-11-30 10:45 - 000000000 ____D C:\Program Files (x86)\Origin Games 2020-04-13 08:33 - 2014-11-30 10:39 - 000000000 ____D C:\ProgramData\Origin 2020-04-13 08:32 - 2014-11-30 10:42 - 000000000 ____D C:\Users\Stepan\AppData\Local\Origin 2020-04-13 08:23 - 2016-04-27 11:32 - 000000000 ____D C:\Users\Stepan\AppData\Roaming\FileAdvisor 2020-04-12 20:19 - 2019-10-04 22:00 - 000000000 ____D C:\Users\Stepan 2020-04-12 20:19 - 2017-06-02 15:56 - 000000000 ____D C:\ProgramData\NVIDIA 2020-04-12 19:57 - 2019-10-04 22:13 - 000972156 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2020-04-12 19:57 - 2019-03-19 12:50 - 000000000 ____D C:\WINDOWS\INF 2020-04-12 19:53 - 2014-11-29 20:05 - 000000000 ____D C:\torrents 2020-04-12 19:50 - 2019-10-04 22:32 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2020-04-12 19:50 - 2019-10-04 22:00 - 000000000 ____D C:\Users\NeroMediaHomeUser.4 2020-04-12 19:50 - 2019-10-04 21:49 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2020-04-12 19:50 - 2015-08-08 17:46 - 000152048 ____N (CyberLink Corp.) C:\WINDOWS\system32\Drivers\rikvm_90970B6B.sys 2020-04-12 19:47 - 2014-12-03 13:47 - 000000000 ____D C:\Users\Stepan\Documents\My Games 2020-04-12 19:25 - 2014-11-29 15:17 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2020-04-12 19:13 - 2018-05-23 12:16 - 000000000 ____D C:\Users\Stepan\AppData\Local\D3DSCache 2020-04-12 15:41 - 2019-03-19 12:37 - 001048576 _____ C:\WINDOWS\system32\config\BBI 2020-04-12 12:47 - 2019-03-19 12:52 - 000000000 ___HD C:\Program Files\WindowsApps 2020-04-12 12:47 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\AppReadiness 2020-04-12 10:07 - 2017-11-25 09:51 - 000000000 ____D C:\Users\Stepan\AppData\Roaming\SlickVPN 2020-04-12 10:07 - 2017-11-24 08:47 - 000000000 ____D C:\Program Files (x86)\SlickVPN 2020-04-12 10:04 - 2018-11-13 07:42 - 000000000 ____D C:\Users\Stepan\Documents\iZotope 2020-04-12 09:55 - 2014-12-12 20:02 - 000000000 ____D C:\ProgramData\Apple 2020-04-12 09:43 - 2018-12-19 08:50 - 000000000 ____D C:\ProgramData\Citrix 2020-04-12 09:41 - 2018-12-19 08:49 - 000000000 ____D C:\Users\Stepan\AppData\Local\Citrix 2020-04-12 08:45 - 2014-11-30 10:39 - 000000000 ____D C:\Program Files (x86)\Origin 2020-04-12 08:29 - 2019-10-01 13:28 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData 2020-04-12 08:29 - 2019-10-01 13:28 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData 2020-04-12 08:27 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\system32\FxsTmp 2020-04-07 18:42 - 2019-03-19 12:37 - 000008192 _____ C:\WINDOWS\system32\config\ELAM 2020-04-05 18:02 - 2016-08-26 11:15 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2020-03-31 11:02 - 2019-10-04 22:00 - 000000000 ____D C:\Users\Natasha 2020-03-31 11:02 - 2019-10-04 22:00 - 000000000 ____D C:\Users\Jordyn 2020-03-31 11:02 - 2019-10-04 22:00 - 000000000 ____D C:\Users\Diane 2020-03-31 11:02 - 2019-10-04 22:00 - 000000000 ____D C:\Users\DefaultAppPool 2020-03-31 10:48 - 2018-01-01 20:00 - 000000000 ____D C:\Users\Stepan\AppData\Local\PlaceholderTileLogoFolder 2020-03-22 10:47 - 2019-10-04 22:32 - 000003368 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-600410608-1858306824-1911990453-1001 2020-03-22 10:46 - 2019-10-04 22:00 - 000002405 _____ C:\Users\Stepan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2020-03-22 10:46 - 2015-08-08 18:12 - 000000000 ___RD C:\Users\Stepan\OneDrive 2020-03-21 10:16 - 2019-10-04 22:32 - 000003420 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2020-03-21 10:16 - 2019-10-04 22:32 - 000003296 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2020-03-20 19:10 - 2019-10-04 22:32 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2020-03-20 19:09 - 2016-02-01 17:29 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2020-03-20 15:30 - 2014-11-29 15:58 - 000000000 ____D C:\Users\Stepan\AppData\Roaming\vlc 2020-03-20 08:47 - 2017-05-13 17:25 - 000002332 _____ C:\Users\Stepan\Desktop\Google Chrome.lnk 2020-03-19 15:10 - 2019-03-19 12:37 - 000000000 ____D C:\WINDOWS\CbsTemp 2020-03-19 08:25 - 2016-04-17 20:46 - 000000000 ____D C:\Users\Stepan\AppData\Local\Disc_Soft_Ltd 2020-03-19 08:24 - 2017-10-29 10:56 - 000000000 ____D C:\Program Files\DAEMON Tools Lite 2020-03-19 08:24 - 2016-04-17 09:08 - 000207344 _____ (Duplex Secure Ltd) C:\WINDOWS\system32\Drivers\sptd2.sys 2020-03-19 08:24 - 2016-04-15 07:59 - 000000000 ____D C:\ProgramData\DAEMON Tools Lite 2020-03-17 08:39 - 2015-08-10 11:24 - 000000000 ___RD C:\Users\Stepan\3D Objects 2020-03-17 08:39 - 2015-08-08 17:59 - 000000000 __RHD C:\Users\Public\AccountPictures 2020-03-17 08:38 - 2019-10-04 21:49 - 005195688 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2020-03-16 21:18 - 2019-03-19 12:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2020-03-16 21:18 - 2019-03-19 12:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2020-03-16 21:18 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2020-03-16 21:18 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2020-03-16 21:18 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\SystemResources 2020-03-16 21:18 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2020-03-16 21:18 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\system32\setup 2020-03-16 21:18 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\system32\oobe 2020-03-16 21:18 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\system32\Dism 2020-03-16 21:18 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\ShellExperiences 2020-03-16 21:18 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\bcastdvr 2020-03-16 21:18 - 2019-03-19 12:52 - 000000000 ____D C:\Program Files\Windows Defender 2020-03-16 21:18 - 2019-03-19 12:37 - 000000000 ____D C:\WINDOWS\servicing 2020-03-16 12:25 - 2014-01-02 05:35 - 000410830 __RSH C:\bootmgr 2020-03-14 09:46 - 2015-05-08 12:13 - 000000000 ____D C:\ProgramData\boost_interprocess ==================== Files in the root of some directories ======== 2016-08-21 20:06 - 2016-08-21 20:41 - 000000115 _____ () C:\Users\Stepan\AppData\Roaming\LogFile.txt 2014-11-29 21:28 - 2014-12-04 07:28 - 000000166 _____ () C:\Users\Stepan\AppData\Roaming\WB.CFG 2015-08-13 20:21 - 2015-09-07 15:49 - 212809145 _____ () C:\Users\Stepan\AppData\Local\ACCCx3_2_0_129.zip.aamdownload 2015-08-13 20:21 - 2015-09-07 15:49 - 000002489 _____ () C:\Users\Stepan\AppData\Local\ACCCx3_2_0_129.zip.aamdownload.aamd 2016-12-05 16:28 - 2018-11-18 12:55 - 000007680 _____ () C:\Users\Stepan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-12-01 19:29 - 2014-12-03 07:28 - 000000001 _____ () C:\Users\Stepan\AppData\Local\DSI.DAT 2014-11-29 22:00 - 2014-11-29 22:00 - 000000036 _____ () C:\Users\Stepan\AppData\Local\housecall.guid.cache 2018-09-23 18:33 - 2018-09-23 18:33 - 000000000 _____ () C:\Users\Stepan\AppData\Local\oobelibMkey.log 2015-07-13 14:25 - 2015-07-13 14:25 - 000000600 _____ () C:\Users\Stepan\AppData\Local\PUTTY.RND 2016-04-20 08:22 - 2016-04-20 08:22 - 000000017 _____ () C:\Users\Stepan\AppData\Local\resmon.resmoncfg 2014-11-30 09:14 - 2015-11-22 07:58 - 000000010 _____ () C:\Users\Stepan\AppData\Local\sponge.last.runtime.cache ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ========================