Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

My computer is infected [Closed]

Started by Visalbun , Jan 12 2020 04:51 AM

  • This topic is locked This topic is locked

#1
Visalbun
Posted 12 January 2020 - 04:51 AM

Visalbun

    New Member

  • Member
  • Pip
  • 2 posts
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-01-2020
Ran by PRIVATE_PC (administrator) on RAZERMAN (MSI MS-7A15) (12-01-2020 17:39:42)
Running from C:\Users\PRIVATE_PC\Desktop
Loaded Profiles: PRIVATE_PC (Available Profiles: PRIVATE_PC)
Platform: Windows 10 Pro Version 1909 18363.535 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Inc.) [File not signed] C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\acrotray.exe
(ASUSTEK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files (x86)\ASUS\AURA(GRAPHICS CARD)\ledcontrolservice.exe
(ASUSTEK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.00.01\atkexComSvc.exe
(Dell Inc -> Dell Technologies) C:\Program Files\Alienware\Alienware Command Center\AWCC.Background.Server.exe
(Dell Inc -> Dell Technologies) C:\Program Files\Alienware\Alienware Command Center\AWCC.Service.exe
(Dell Inc) C:\Program Files\WindowsApps\DellInc.AlienwareCommandCenter_5.2.63.0_x64__htrsf667h5kn2\AWCC.exe
(Dell Inc) C:\Program Files\WindowsApps\DellInc.AlienwareCommandCenter_5.2.63.0_x64__htrsf667h5kn2\GameLibrary\GameLibraryAppService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler64.exe
(Google LLC -> Google) C:\Users\PRIVATE_PC\AppData\Local\Google\Chrome\User Data\SwReporter\77.225.200\software_reporter_tool.exe
(Google LLC -> Google) C:\Users\PRIVATE_PC\AppData\Local\Google\Chrome\User Data\SwReporter\77.225.200\software_reporter_tool.exe
(Google LLC -> Google) C:\Users\PRIVATE_PC\AppData\Local\Google\Chrome\User Data\SwReporter\77.225.200\software_reporter_tool.exe
(Google LLC -> Google) C:\Users\PRIVATE_PC\AppData\Local\Google\Chrome\User Data\SwReporter\77.225.200\software_reporter_tool.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel® Small Business Advantage -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Small Business Advantage Next\SbaService.exe
(Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11912.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_3.36.6003.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_3.36.6003.0_x64__8wekyb3d8bbwe\GameBarFT.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\GameBarPresenceWriter.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\NisSrv.exe
(Nitro Software, Inc. -> ) C:\Program Files\Nitro\Pro 10\Nitro_UpdateService.exe
(Nitro Software, Inc. -> Nitro PDF Software) C:\Program Files\Nitro\Pro 10\NitroPDFDriverService10x64.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\AudioVisualizer\ChromaVisualizer.exe
(Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe
(Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
(Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe
(Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Tonec Inc. -> Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(Tonec Inc.) [File not signed] C:\Program Files (x86)\Internet Download Manager\IDMan.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9270208 2018-04-02] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [18727048 2018-10-05] (Logitech Inc -> Logitech Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [465544 2016-02-10] (Power Software Limited -> Power Software Ltd)
HKLM-x32\...\Run: [Acrobat Assistant 7.0] => C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\Acrotray.exe [483328 2004-12-14] (Adobe Systems Inc.) [File not signed]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [644552 2019-07-04] (Oracle America, Inc. -> Oracle Corporation)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-2603013266-1580333838-3049538279-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19645800 2019-01-10] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2603013266-1580333838-3049538279-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [4030520 2018-12-28] (Tonec Inc.) [File not signed]
HKU\S-1-5-21-2603013266-1580333838-3049538279-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3508464 2019-11-19] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-2603013266-1580333838-3049538279-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3288016 2019-12-17] (Valve -> Valve Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.117\Installer\chrmstp.exe [2020-01-10] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk [2019-01-30]
ShortcutTarget: Adobe Acrobat Speed Launcher.lnk -> C:\Windows\Installer\{AC76BA86-1033-F400-7760-100000000002}\SC_Acrobat.exe () [File not signed]
Startup: C:\Users\PRIVATE_PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2019-08-24]
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe (Firebit OU -> Rainmeter)
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {07A656A3-BD2C-4A3B-B3A9-E63B97D9B60B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6128536 2020-01-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {0B9080C9-1E24-41A2-B81B-3ED14BEAB911} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158544 2020-01-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {22D22A13-2ABF-4C7A-9CE9-D1D17DD0C729} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1873288 2019-09-19] (AVAST Software s.r.o. -> AVAST Software)
Task: {2371A3B7-C6E4-4622-8FC0-06FB949BEFC1} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {28F1941D-A185-415D-BFF9-8A214EB047A0} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [177288 2015-05-29] (Intel® Update Manager -> )
Task: {29816580-8349-4E61-BF64-D634AFA36E34} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302880 2019-12-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2E365500-DDF3-46F9-8160-E5B02924B4C4} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2EC144FB-73D7-492F-AE3B-8015A28773BA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-01-23] (Google Inc -> Google Inc.)
Task: {3106BE40-0CD9-4BBD-898E-E3C5C65F3CA7} - System32\Tasks\Microsoft\Windows\Windows Error Reporting\winrmsrv => C:\Windows\system32\winrmsrv.exe [731136 2020-01-07] (Microsoft Corporation) [File not signed] <==== ATTENTION
Task: {33D03D0B-2957-4360-94F5-5241CB364813} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24625520 2020-01-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {3A80FEAC-B4F5-4ECC-ABDA-405017E72498} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {41904CC4-B55D-43F3-8E5B-272C52BB4502} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {453B98F9-B968-4804-B3E9-3E367A6C3CB5} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [653848 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4A650DD6-B97A-4CE0-B945-47D785BAF827} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4E4D75EB-6F82-494C-8235-BC3453E7B478} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [14679256 2019-01-10] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {5B3A548B-5184-499D-AED1-70D87EFB8CF0} - System32\Tasks\GPU Tweak II => C:\Program Files (x86)\ASUS\GPU TweakII\GPUTweakII.exe [12795392 2019-09-09] (ASUSTEK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {5C8E0002-7F78-4B1C-B5EB-33AA5B9D8217} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-01-23] (Google Inc -> Google Inc.)
Task: {5E54AD70-8019-45D0-975E-3F1A675D8FAF} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [816960 2017-09-21] (Intel® Trust Services -> Intel® Corporation)
Task: {5E968351-582E-40D3-A0B7-50EE119D93B4} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {6902F261-DFF7-462A-96E9-DF7F36E7E69C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6BC9DFF9-ECC8-47E2-BA13-94AFBE481696} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6F8937C6-0B52-47CB-AC4C-46A1B9C530B3} - System32\Tasks\Microsoft\Windows\Wininet\Winlogui => winlogui.exe <==== ATTENTION
Task: {70E47816-E16C-4A65-A666-A4B20E836D02} - System32\Tasks\Opera scheduled Autoupdate 1548198806 => C:\Users\PRIVATE_PC\AppData\Local\Programs\Opera\launcher.exe
Task: {76F3CBE6-79FD-4401-856B-F0AC2288142E} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {79F41D68-3EF2-42F6-AD51-615B37A844FE} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24625520 2020-01-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {7F079CBA-1BBB-41B0-A1A3-D89F394EB549} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {845196F5-57C6-4F8F-9780-70F72B35DCF7} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8A50FE70-FDFF-4C17-B932-36C9CA75E9E6} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {96799E66-FC25-4CEE-81A1-4F7D14F09F9C} - System32\Tasks\Microsoft\Windows\Application Experience\StartupCheckLibrary => rundll32.exe StartupCheckLibrary.dll,DllMainRunLibrary <==== ATTENTION
Task: {A062419E-D67A-4FC3-A797-D684E0F6ED0E} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [177288 2015-05-29] (Intel® Update Manager -> )
Task: {A8CEB2EF-3CC2-4566-A8E1-CB9CC5964158} - System32\Tasks\AURA => C:\Program Files (x86)\ASUS\AURA(GRAPHICS CARD)\ledcontrolservice.exe [2416640 2019-08-14] (ASUSTEK COMPUTER INC. -> ASUSTek COMPUTER INC.)
Task: {B8254BFA-E0E0-4201-998E-F4E2D08E1275} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2050448 2020-01-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {C1614ED6-6C59-4884-AA24-EA0F417E6191} - System32\Tasks\Microsoft\Windows\WDI\SrvHost => rundll32.exe winscomrssrv.dll,SrvMainHost <==== ATTENTION
Task: {C29F2AA8-B712-4DFD-ADD0-6F276A28001D} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2050448 2020-01-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {CA4983E1-8A96-4E77-A8A0-AC7C5B339084} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-11] (Adobe Inc. -> Adobe Systems)
Task: {CC78F887-5DF3-4091-8B90-C7E94952A634} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158544 2020-01-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {EC3F9BB5-782D-429A-B8F4-E8CCB95CDEC6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6128536 2020-01-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {F20F3775-9C6F-4EC8-B900-4A466D121CA9} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FD775773-8946-45A2-A510-1F4641D70D2F} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 202.58.98.202 1.1.1.1
Tcpip\..\Interfaces\{0d1c6e63-f664-4080-b09e-415689aa9745}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{d03485be-316c-4f84-a89e-ee4e529a2092}: [DhcpNameServer] 202.58.98.202 1.1.1.1
 
Internet Explorer:
==================
HKU\S-1-5-21-2603013266-1580333838-3049538279-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10454__190122
SearchScopes: HKU\S-1-5-21-2603013266-1580333838-3049538279-1001 -> {BDF61FAE-9D19-40F0-8F34-688DEB334CA9} URL = hxxp://securedsearch.lavasoft.com/results.php?pr=vmn&id=webcompa&ent=ch_WCYID10454__190122&q={searchTerms}
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2018-11-21] (Tonec Inc. -> Internet Download Manager, Tonec Inc.)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2020-01-11] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2018-11-21] (Tonec Inc. -> Internet Download Manager, Tonec Inc.)
BHO-x32: AcroIEHlprObj Class -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-01-11] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\ssv.dll [2019-07-19] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: AcroIEToolbarHelper Class -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2004-12-14] (Adobe Systems Incorporated) [File not signed]
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\jp2ssv.dll [2019-07-19] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2004-12-14] (Adobe Systems Incorporated) [File not signed]
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-01-11] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-01-11] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-01-11] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-01-11] (Microsoft Corporation -> Microsoft Corporation)
 
Edge: 
======
DownloadDir: C:\Users\PRIVATE_PC\Downloads
 
FireFox:
========
FF HKU\S-1-5-21-2603013266-1580333838-3049538279-1001\...\SeaMonkey\Extensions: [[email protected]] - C:\Users\PRIVATE_PC\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\PRIVATE_PC\AppData\Roaming\IDM\idmmzcc5 [2019-03-25] [Legacy] [not signed]
FF HKU\S-1-5-21-2603013266-1580333838-3049538279-1001\...\SeaMonkey\Extensions: [[email protected]] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-12-20] [Legacy]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-11] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll [2019-07-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\plugin2\npjp2.dll [2019-07-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-01-11] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 10\npnitromozilla.dll [2015-05-06] (Nitro Software, Inc. -> Nitro PDF)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-03] (Adobe Inc. -> Adobe Systems Inc.)
 
Chrome: 
=======
CHR DefaultProfile: Profile 1
CHR StartupUrls: Profile 1 -> "chrome://apps/","hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP"
CHR DefaultSearchURL: Profile 1 -> hxxps://defaultsearch.co/?q={searchTerms}
CHR DefaultSearchKeyword: Profile 1 -> Adaware Secure
CHR Notifications: Profile 1 -> hxxps://download-alert.com
CHR Profile: C:\Users\PRIVATE_PC\AppData\Local\Google\Chrome\User Data\Default [2020-01-12]
CHR DownloadDir: C:\Users\PRIVATE_PC\Desktop
CHR Extension: (Slides) - C:\Users\PRIVATE_PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-01-23]
CHR Extension: (Docs) - C:\Users\PRIVATE_PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-01-23]
CHR Extension: (Google Drive) - C:\Users\PRIVATE_PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-01-23]
CHR Extension: (YouTube) - C:\Users\PRIVATE_PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-01-23]
CHR Extension: (Sheets) - C:\Users\PRIVATE_PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-01-23]
CHR Extension: (Google Docs Offline) - C:\Users\PRIVATE_PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-01-23]
CHR Extension: (Ask Web Search) - C:\Users\PRIVATE_PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgfehfbnofiffladdncogfobimealokp [2019-05-17]
CHR Extension: (TelevisionFanatic) - C:\Users\PRIVATE_PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\mebdidmfdpgkcjfhcbdljpldmnmeplfi [2019-05-09]
CHR Extension: (IDM Integration Module) - C:\Users\PRIVATE_PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2019-05-11]
CHR Extension: (Chrome Web Store Payments) - C:\Users\PRIVATE_PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-01-23]
CHR Extension: (Gmail) - C:\Users\PRIVATE_PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-16]
CHR Extension: (Chrome Media Router) - C:\Users\PRIVATE_PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-04-25]
CHR Profile: C:\Users\PRIVATE_PC\AppData\Local\Google\Chrome\User Data\Profile 1 [2020-01-12]
CHR Extension: (Slides) - C:\Users\PRIVATE_PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-02-05]
CHR Extension: (Docs) - C:\Users\PRIVATE_PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2019-02-05]
CHR Extension: (Google Drive) - C:\Users\PRIVATE_PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-02-05]
CHR Extension: (YouTube) - C:\Users\PRIVATE_PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-02-05]
CHR Extension: (Adobe Acrobat) - C:\Users\PRIVATE_PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-10-25]
CHR Extension: (Sheets) - C:\Users\PRIVATE_PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-02-05]
CHR Extension: (Google Docs Offline) - C:\Users\PRIVATE_PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-09]
CHR Extension: (Adaware Secure) - C:\Users\PRIVATE_PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nladljmabboanhihfkjacnnkgjhnokhj [2019-05-17]
CHR Extension: (Chrome Web Store Payments) - C:\Users\PRIVATE_PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\PRIVATE_PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-17]
CHR Extension: (Chrome Media Router) - C:\Users\PRIVATE_PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-13]
CHR Profile: C:\Users\PRIVATE_PC\AppData\Local\Google\Chrome\User Data\System Profile [2020-01-12]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2018-12-20]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2018-12-20]
CHR HKLM-x32\...\Chrome\Extension: [nladljmabboanhihfkjacnnkgjhnokhj]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.00.01\atkexComSvc.exe [384000 2019-03-22] (ASUSTEK COMPUTER INC. -> ASUSTeK Computer Inc.)
R2 AWCCService; C:\Program Files\Alienware\Alienware Command Center\AWCC.Service.exe [15424 2019-11-18] (Dell Inc -> Dell Technologies)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11164232 2020-01-07] (Microsoft Corporation -> Microsoft Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [742704 2017-09-21] (Intel® Trust Services -> Intel® Corporation)
S2 Intel® TPM Provisioning Service; C:\Program Files\Intel\iCLS Client\TPMProvisioningService.exe [668472 2017-09-21] (Intel® Trust Services -> Intel® Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [177288 2015-05-29] (Intel® Update Manager -> )
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [197264 2017-09-26] (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [206472 2018-10-05] (Logitech Inc -> Logitech Inc.)
R2 NitroDriverReadSpool10; C:\Program Files\Nitro\Pro 10\NitroPDFDriverService10x64.exe [324760 2015-05-06] (Nitro Software, Inc. -> Nitro PDF Software)
R2 NitroUpdateService; C:\Program Files\Nitro\Pro 10\Nitro_UpdateService.exe [418968 2015-05-06] (Nitro Software, Inc. -> )
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [974936 2019-11-15] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [1457240 2019-11-15] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [253776 2019-10-02] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [287472 2019-11-19] (Razer USA Ltd. -> Razer Inc.)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [532864 2019-10-29] (Razer USA Ltd. -> Razer Inc.)
R2 SbaService; C:\Program Files (x86)\Intel\Intel® Small Business Advantage Next\SbaService.exe [26296 2015-10-15] (Intel® Small Business Advantage -> Intel Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5796168 2019-10-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11814232 2019-06-05] (TeamViewer GmbH -> TeamViewer GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2017-04-14] (ASUSTeK Computer Inc. -> )
R3 AWCCDriver; C:\WINDOWS\System32\drivers\AWCCDriver.sys [51168 2019-01-23] (IndiLogic LLC -> Dell Inc.)
R4 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [34064 2019-01-22] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-22] (Logitech -> Logitech)
S3 LGJoyHidFilter; C:\WINDOWS\system32\drivers\LGJoyHidFilter.sys [57368 2018-10-05] (Logitech Inc -> Logitech Inc.)
S3 LGJoyHidLo; C:\WINDOWS\system32\drivers\LGJoyHidLo.sys [47256 2018-10-05] (Logitech Inc -> Logitech Inc.)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2018-10-05] (Logitech Inc -> Logitech Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_ce13a81bcfac4a48\nvlddmkm.sys [23251968 2019-12-28] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-12-07] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [75600 2019-08-23] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1026896 2018-03-20] (Realtek Semiconductor Corp. -> Realtek )
R3 RtlWlanu; C:\WINDOWS\System32\drivers\rtwlanu.sys [8206848 2019-03-19] (Microsoft Windows -> Realtek Semiconductor Corporation )
R3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [50240 2019-09-20] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0046; C:\WINDOWS\System32\drivers\RzDev_0046.sys [51688 2018-04-23] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_006c; C:\WINDOWS\System32\drivers\RzDev_006c.sys [51696 2018-04-23] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0221; C:\WINDOWS\System32\drivers\RzDev_0221.sys [51776 2019-10-10] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0c04; C:\WINDOWS\System32\drivers\RzDev_0c04.sys [51800 2019-06-21] (Razer USA Ltd. -> Razer Inc)
S3 rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [51224 2016-05-10] (Razer USA Ltd. -> Razer Inc)
S3 rzmpos; C:\WINDOWS\System32\drivers\rzmpos.sys [47640 2016-05-10] (Razer USA Ltd. -> Razer Inc)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45664 2019-12-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [355760 2019-12-09] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-09] (Microsoft Windows -> Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ===================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-01-13 04:44 - 2020-01-12 13:51 - 000000000 ____D C:\Windows.old
2020-01-13 04:38 - 2020-01-13 04:44 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2020-01-13 04:37 - 2020-01-13 04:38 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2020-01-13 04:37 - 2020-01-13 04:37 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2020-01-13 04:35 - 2020-01-13 04:35 - 025901056 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 025443840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 022627840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 017787904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 014816256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 009927992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-01-13 04:35 - 2020-01-13 04:35 - 009711616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 008011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 007905000 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 007849424 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 007754240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 007278592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 007263992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 007195648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 007015936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 006516648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 006435840 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 006232576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 006227104 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 006166016 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 006083832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 005943296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 005914112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 005890048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AI.MachineLearning.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 005764664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 005501952 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 005112320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 004615616 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2020-01-13 04:35 - 2020-01-13 04:35 - 004578816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 004307968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 004150272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AI.MachineLearning.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 004140544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 004047360 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 004005888 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 003968512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 003967920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2020-01-13 04:35 - 2020-01-13 04:35 - 003791360 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 003752960 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 003742544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-01-13 04:35 - 2020-01-13 04:35 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 003591208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-01-13 04:35 - 2020-01-13 04:35 - 003487232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 003387392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 003371928 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 003105792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 003084800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 002988344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-01-13 04:35 - 2020-01-13 04:35 - 002956472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 002871848 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2020-01-13 04:35 - 2020-01-13 04:35 - 002870784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-01-13 04:35 - 2020-01-13 04:35 - 002772272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 002762296 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-01-13 04:35 - 2020-01-13 04:35 - 002703872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 002698768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2020-01-13 04:35 - 2020-01-13 04:35 - 002586816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 002576384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 002562048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 002494432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 002399232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 002369552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.AppAgent.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 002284544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 002258848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 002188816 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 002158080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ModernAppAgent.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 002147328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 002126112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 002120704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 002114048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 002082208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 001974824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2020-01-13 04:35 - 2020-01-13 04:35 - 001942528 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 001920512 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 001916984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 001866272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 001856512 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 001757304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-01-13 04:35 - 2020-01-13 04:35 - 001748480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 001743888 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 001726480 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 001718584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 001691648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 001687040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 001664904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 001659192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.AppAgent.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 001656600 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 001647072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 001616696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 001539584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 001512528 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2020-01-13 04:35 - 2020-01-13 04:35 - 001496080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 001451520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-01-13 04:35 - 2020-01-13 04:35 - 001428992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2020-01-13 04:35 - 2020-01-13 04:35 - 001413912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 001413840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 001399312 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-01-13 04:35 - 2020-01-13 04:35 - 001394168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 001387024 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 001366128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-01-13 04:35 - 2020-01-13 04:35 - 001348096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 001327064 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 001312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 001283072 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 001261464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 001259416 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2020-01-13 04:35 - 2020-01-13 04:35 - 001257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 001189376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 001185792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AgentService.exe
2020-01-13 04:35 - 2020-01-13 04:35 - 001182720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CommonBridge.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 001182448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2020-01-13 04:35 - 2020-01-13 04:35 - 001171704 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 001154656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-01-13 04:35 - 2020-01-13 04:35 - 001126912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplySettingsTemplateCatalog.exe
2020-01-13 04:35 - 2020-01-13 04:35 - 001098928 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 001094656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-01-13 04:35 - 2020-01-13 04:35 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 001069064 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 001066496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 001062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 001059840 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2020-01-13 04:35 - 2020-01-13 04:35 - 001054864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 001047352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPolicy.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 001027000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 001017680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 001007616 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 001006904 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000986936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2020-01-13 04:35 - 2020-01-13 04:35 - 000982840 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000975872 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000960040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVManifest.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000911824 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000892696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000878080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000874936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000874536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-01-13 04:35 - 2020-01-13 04:35 - 000864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000849920 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-01-13 04:35 - 2020-01-13 04:35 - 000844800 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2020-01-13 04:35 - 2020-01-13 04:35 - 000842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000842552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000832000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000827192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000826368 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2020-01-13 04:35 - 2020-01-13 04:35 - 000822416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2020-01-13 04:35 - 2020-01-13 04:35 - 000822072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000816952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000811536 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000797112 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000774456 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2020-01-13 04:35 - 2020-01-13 04:35 - 000768528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000768488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2020-01-13 04:35 - 2020-01-13 04:35 - 000762880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.PrinterCustomActions.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000747320 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000743224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000741376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Office2013CustomActions.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntimewindows.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000704000 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntime.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000700416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BTAGService.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000689664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000679152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000674280 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2020-01-13 04:35 - 2020-01-13 04:35 - 000673456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2020-01-13 04:35 - 2020-01-13 04:35 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-01-13 04:35 - 2020-01-13 04:35 - 000669352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000666640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000657424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2020-01-13 04:35 - 2020-01-13 04:35 - 000649728 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000644096 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000642560 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2020-01-13 04:35 - 2020-01-13 04:35 - 000638264 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000632320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000618496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000604984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000598016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-01-13 04:35 - 2020-01-13 04:35 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000593128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000589592 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2020-01-13 04:35 - 2020-01-13 04:35 - 000586768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2020-01-13 04:35 - 2020-01-13 04:35 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2020-01-13 04:35 - 2020-01-13 04:35 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000552448 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000551736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Vid.sys
2020-01-13 04:35 - 2020-01-13 04:35 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-01-13 04:35 - 2020-01-13 04:35 - 000534528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.UserService.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000530944 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000524264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000522176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2020-01-13 04:35 - 2020-01-13 04:35 - 000517432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2020-01-13 04:35 - 2020-01-13 04:35 - 000516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000514576 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2020-01-13 04:35 - 2020-01-13 04:35 - 000513336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000512512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.Office2013CustomActions.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000511000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000494904 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000492032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Narrator.exe
2020-01-13 04:35 - 2020-01-13 04:35 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000477712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-01-13 04:35 - 2020-01-13 04:35 - 000477184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000466928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000465208 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000461320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2020-01-13 04:35 - 2020-01-13 04:35 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.ConversationalAgent.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000453632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000452920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2020-01-13 04:35 - 2020-01-13 04:35 - 000446464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Magnify.exe
2020-01-13 04:35 - 2020-01-13 04:35 - 000443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-01-13 04:35 - 2020-01-13 04:35 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CscUnpinTool.exe
2020-01-13 04:35 - 2020-01-13 04:35 - 000422712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2020-01-13 04:35 - 2020-01-13 04:35 - 000416016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000415544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000406480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000404904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2020-01-13 04:35 - 2020-01-13 04:35 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-01-13 04:35 - 2020-01-13 04:35 - 000396088 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000382976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppLockerCSP.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000380944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000380928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000375720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000372752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2020-01-13 04:35 - 2020-01-13 04:35 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\MbbCx.sys
2020-01-13 04:35 - 2020-01-13 04:35 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000354816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Magnify.exe
2020-01-13 04:35 - 2020-01-13 04:35 - 000350720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SpeechPrivacy.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2020-01-13 04:35 - 2020-01-13 04:35 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-01-13 04:35 - 2020-01-13 04:35 - 000332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000324624 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-01-13 04:35 - 2020-01-13 04:35 - 000322504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000292664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2020-01-13 04:35 - 2020-01-13 04:35 - 000291256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ManagedEventLogging.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ConfigWrapper.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmd.exe
2020-01-13 04:35 - 2020-01-13 04:35 - 000278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2020-01-13 04:35 - 2020-01-13 04:35 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000259384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVFileSystemMetadata.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000251512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2020-01-13 04:35 - 2020-01-13 04:35 - 000249856 _____ (Gracenote, Inc.) C:\WINDOWS\SysWOW64\gnsdk_fp.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000247856 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-01-13 04:35 - 2020-01-13 04:35 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\accessibilitycpl.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmd.exe
2020-01-13 04:35 - 2020-01-13 04:35 - 000235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000230200 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVStreamMap.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2020-01-13 04:35 - 2020-01-13 04:35 - 000220472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-01-13 04:35 - 2020-01-13 04:35 - 000219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagSvc.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000214016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CmUtil.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-01-13 04:35 - 2020-01-13 04:35 - 000210744 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincredui.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000204816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2020-01-13 04:35 - 2020-01-13 04:35 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000202552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2020-01-13 04:35 - 2020-01-13 04:35 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000199680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\accessibilitycpl.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000199480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-01-13 04:35 - 2020-01-13 04:35 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000193800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2020-01-13 04:35 - 2020-01-13 04:35 - 000184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\AarSvc.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmvdsitf.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2020-01-13 04:35 - 2020-01-13 04:35 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscinterop.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000164776 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000164368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2020-01-13 04:35 - 2020-01-13 04:35 - 000162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincredui.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmvdsitf.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatialAudioLicenseSrv.exe
2020-01-13 04:35 - 2020-01-13 04:35 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000136536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\omadmapi.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2020-01-13 04:35 - 2020-01-13 04:35 - 000131584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwbase.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcDecoderHost.exe
2020-01-13 04:35 - 2020-01-13 04:35 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tunnel.sys
2020-01-13 04:35 - 2020-01-13 04:35 - 000127272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinHvPlatform.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationControlCSP.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Utilman.exe
2020-01-13 04:35 - 2020-01-13 04:35 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\EaseOfAccessDialog.exe
2020-01-13 04:35 - 2020-01-13 04:35 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2020-01-13 04:35 - 2020-01-13 04:35 - 000113160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2020-01-13 04:35 - 2020-01-13 04:35 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000105488 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\sethc.exe
2020-01-13 04:35 - 2020-01-13 04:35 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys
2020-01-13 04:35 - 2020-01-13 04:35 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2020-01-13 04:35 - 2020-01-13 04:35 - 000097080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Utilman.exe
2020-01-13 04:35 - 2020-01-13 04:35 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EaseOfAccessDialog.exe
2020-01-13 04:35 - 2020-01-13 04:35 - 000093496 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2020-01-13 04:35 - 2020-01-13 04:35 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000089536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000088568 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApiSetHost.AppExecutionAlias.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcXtrnal.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AtBroker.exe
2020-01-13 04:35 - 2020-01-13 04:35 - 000084488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhvr.sys
2020-01-13 04:35 - 2020-01-13 04:35 - 000084488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2020-01-13 04:35 - 2020-01-13 04:35 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2020-01-13 04:35 - 2020-01-13 04:35 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.SyncController.exe
2020-01-13 04:35 - 2020-01-13 04:35 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2020-01-13 04:35 - 2020-01-13 04:35 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sethc.exe
2020-01-13 04:35 - 2020-01-13 04:35 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usp10.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usp10.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2020-01-13 04:35 - 2020-01-13 04:35 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\reg.exe
2020-01-13 04:35 - 2020-01-13 04:35 - 000073024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000071480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Common.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdProxy.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2020-01-13 04:35 - 2020-01-13 04:35 - 000067112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AtBroker.exe
2020-01-13 04:35 - 2020-01-13 04:35 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ApiSetHost.AppExecutionAlias.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000061240 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvhostsvc.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstUI.exe
2020-01-13 04:35 - 2020-01-13 04:35 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\reg.exe
2020-01-13 04:35 - 2020-01-13 04:35 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ModernAppCore.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\udhisapi.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UevAppMonitor.exe
2020-01-13 04:35 - 2020-01-13 04:35 - 000054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CabUtil.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2020-01-13 04:35 - 2020-01-13 04:35 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nsiproxy.sys
2020-01-13 04:35 - 2020-01-13 04:35 - 000047616 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000047208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2020-01-13 04:35 - 2020-01-13 04:35 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.EventLogMessages.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelineprxy.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Office2010CustomActions.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2020-01-13 04:35 - 2020-01-13 04:35 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\UevAgentPolicyGenerator.exe
2020-01-13 04:35 - 2020-01-13 04:35 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnpcont.exe
2020-01-13 04:35 - 2020-01-13 04:35 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthMini.SYS
2020-01-13 04:35 - 2020-01-13 04:35 - 000036368 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2020-01-13 04:35 - 2020-01-13 04:35 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.Office2010CustomActions.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnpcont.exe
2020-01-13 04:35 - 2020-01-13 04:35 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winnsi.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevQueryBroker.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2020-01-13 04:35 - 2020-01-13 04:35 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\posetup.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000032056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2020-01-13 04:35 - 2020-01-13 04:35 - 000030720 _____ C:\WINDOWS\system32\uwfservicingapi.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\nsisvc.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000028344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winnsi.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscisvif.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilotdiag.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidtel.exe
2020-01-13 04:35 - 2020-01-13 04:35 - 000024792 _____ (Microsoft Corporation) C:\WINDOWS\system32\nsi.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Management.WmiAccess.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Management.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000021304 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ModernAppData.WinRT.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nsi.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.SyncCommon.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscproxystub.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Common.WinRT.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\applockerfltr.sys
2020-01-13 04:35 - 2020-01-13 04:35 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.LocalSyncProvider.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsilog.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcXtrnal.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ModernSync.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDJPN.DLL
2020-01-13 04:35 - 2020-01-13 04:35 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\UevTemplateBaselineGenerator.exe
2020-01-13 04:35 - 2020-01-13 04:35 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\dstokenclean.exe
2020-01-13 04:35 - 2020-01-13 04:35 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\pacjsworker.exe
2020-01-13 04:35 - 2020-01-13 04:35 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\UevTemplateConfigItemGenerator.exe
2020-01-13 04:35 - 2020-01-13 04:35 - 000011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.SmbSyncProvider.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwmp.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscadminui.exe
2020-01-13 04:35 - 2020-01-13 04:35 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.MonitorSyncProvider.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbd106.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.SyncConditions.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.ocx
2020-01-13 04:35 - 2020-01-13 04:35 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxmasf.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmploc.DLL
2020-01-13 04:35 - 2020-01-13 04:35 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2020-01-13 04:35 - 2020-01-13 04:35 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tier2punctuations.dll
2020-01-13 04:32 - 2020-01-13 04:32 - 000000000 ____D C:\Program Files\Reference Assemblies
2020-01-13 04:32 - 2020-01-13 04:32 - 000000000 ____D C:\Program Files\MSBuild
2020-01-13 04:32 - 2020-01-13 04:32 - 000000000 ____D C:\Program Files (x86)\MSBuild
2020-01-13 04:32 - 2019-03-02 08:31 - 001166488 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2020-01-13 04:32 - 2019-03-02 08:31 - 000124568 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2020-01-13 04:32 - 2019-03-02 08:31 - 000035592 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2020-01-13 04:32 - 2019-02-06 09:41 - 000778912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2020-01-13 04:32 - 2019-02-06 09:41 - 000103072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2020-01-13 04:32 - 2019-02-06 09:41 - 000035592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2020-01-13 04:31 - 2020-01-13 04:31 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-01-13 04:31 - 2020-01-13 04:31 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-01-12 17:39 - 2020-01-12 17:40 - 000039986 ____C C:\Users\PRIVATE_PC\Desktop\FRST.txt
2020-01-12 17:39 - 2020-01-12 17:40 - 000000000 ____D C:\FRST
2020-01-12 17:38 - 2020-01-12 17:38 - 002573312 ____C (Farbar) C:\Users\PRIVATE_PC\Desktop\FRST64.exe
2020-01-12 13:55 - 2020-01-12 17:26 - 000840852 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-01-12 13:53 - 2020-01-12 13:53 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2020-01-12 13:53 - 2019-10-31 01:17 - 000079368 _____ (Razer Inc) C:\WINDOWS\system32\RazerS3Coinstaller.dll
2020-01-12 13:51 - 2020-01-12 17:22 - 000003090 _____ C:\WINDOWS\system32\Tasks\GPU Tweak II
2020-01-12 13:51 - 2020-01-12 17:21 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-01-12 13:51 - 2020-01-12 13:51 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2020-01-12 13:51 - 2020-01-12 13:51 - 000007623 _____ C:\WINDOWS\diagerr.xml
2020-01-12 13:51 - 2020-01-12 13:51 - 000003634 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1548198806
2020-01-12 13:51 - 2020-01-12 13:51 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-01-12 13:51 - 2020-01-12 13:51 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-12 13:51 - 2020-01-12 13:51 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-01-12 13:51 - 2020-01-12 13:51 - 000003320 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{AB15FB59-D965-44AA-9E3A-6859B4BB8841}
2020-01-12 13:51 - 2020-01-12 13:51 - 000003196 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-12 13:51 - 2020-01-12 13:51 - 000003194 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-01-12 13:51 - 2020-01-12 13:51 - 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-12 13:51 - 2020-01-12 13:51 - 000003124 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-01-12 13:51 - 2020-01-12 13:51 - 000003118 _____ C:\WINDOWS\system32\Tasks\Intel PTT EK Recertification
2020-01-12 13:51 - 2020-01-12 13:51 - 000003042 _____ C:\WINDOWS\system32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2020-01-12 13:51 - 2020-01-12 13:51 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-12 13:51 - 2020-01-12 13:51 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-12 13:51 - 2020-01-12 13:51 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-12 13:51 - 2020-01-12 13:51 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-12 13:51 - 2020-01-12 13:51 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-12 13:51 - 2020-01-12 13:51 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-12 13:51 - 2020-01-12 13:51 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-12 13:51 - 2020-01-12 13:51 - 000002680 _____ C:\WINDOWS\system32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon
2020-01-12 13:51 - 2020-01-12 13:51 - 000002608 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2020-01-12 13:51 - 2020-01-12 13:51 - 000002238 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2020-01-12 13:51 - 2020-01-12 13:51 - 000002138 _____ C:\WINDOWS\system32\Tasks\AURA
2020-01-12 13:51 - 2020-01-12 13:51 - 000000020 ___SH C:\Users\PRIVATE_PC\ntuser.ini
2020-01-12 13:51 - 2020-01-12 13:51 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2020-01-12 13:48 - 2020-01-12 13:51 - 000000000 ____D C:\Users\PRIVATE_PC
2020-01-12 13:48 - 2019-03-19 11:46 - 000001105 _____ C:\Users\PRIVATE_PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-01-12 13:47 - 2019-10-07 09:56 - 002874368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2020-01-12 13:44 - 2020-01-12 16:58 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-01-12 13:44 - 2020-01-12 13:49 - 004739304 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-01-12 13:01 - 2020-01-12 17:07 - 000000000 ___DC C:\WINDOWS\Panther
2020-01-12 12:57 - 2020-01-12 13:51 - 000000000 ___HD C:\$GetCurrent
2020-01-12 07:33 - 2020-01-12 13:00 - 000000036 _____ C:\WINDOWS\progress.ini
2020-01-12 06:41 - 2020-01-12 13:51 - 000000000 ____D C:\Windows10Upgrade
2020-01-12 06:41 - 2020-01-12 12:57 - 000000731 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10 Update Assistant.lnk
2020-01-12 06:41 - 2020-01-12 12:57 - 000000719 ____C C:\Users\PRIVATE_PC\Desktop\Windows 10 Update Assistant.lnk
2020-01-10 01:18 - 2020-01-10 01:19 - 000000000 ____D C:\Users\PRIVATE_PC\AppData\Local\Steam
2020-01-10 01:16 - 2020-01-13 04:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2020-01-10 01:16 - 2020-01-12 17:22 - 000000000 ____D C:\Program Files (x86)\Steam
2020-01-10 01:16 - 2020-01-10 01:16 - 000001036 _____ C:\Users\Public\Desktop\Steam.lnk
2020-01-10 01:16 - 2020-01-10 01:16 - 000001036 _____ C:\ProgramData\Desktop\Steam.lnk
2020-01-09 19:48 - 2020-01-09 19:48 - 000000000 ____D C:\Users\PRIVATE_PC\AppData\Roaming\AudioVisualizerApp
2020-01-07 20:36 - 2020-01-07 20:36 - 000731136 _____ (Microsoft Corporation) C:\WINDOWS\system32\winrmsrv.exe
2020-01-07 20:36 - 2020-01-07 20:36 - 000681472 _____ (Microsoft Corporation) C:\WINDOWS\system32\winscomrssrv.dll
2020-01-07 20:36 - 2020-01-07 20:36 - 000000024 _____ C:\WINDOWS\system32\WinUpdates105.dat
2020-01-07 20:36 - 2020-01-07 20:36 - 000000003 _____ C:\WINDOWS\system32\wdbcache.tmp
2020-01-07 20:36 - 2019-12-29 14:39 - 000024512 _____ C:\WINDOWS\system32\7B296FC0-376B-497d-B013-58F4D9633A22-5P-1.B5841A4C-A289-439d-8115-50AB69CD450
2020-01-07 13:52 - 2019-12-28 10:55 - 011843296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2020-01-07 13:52 - 2019-12-28 10:55 - 010169416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2020-01-07 13:52 - 2019-12-28 10:55 - 001729448 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2020-01-07 13:52 - 2019-12-28 10:55 - 001729448 _____ C:\WINDOWS\system32\vulkaninfo.exe
2020-01-07 13:52 - 2019-12-28 10:55 - 001329568 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-01-07 13:52 - 2019-12-28 10:55 - 001329568 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2020-01-07 13:52 - 2019-12-28 10:55 - 001079200 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2020-01-07 13:52 - 2019-12-28 10:55 - 001079200 _____ C:\WINDOWS\system32\vulkan-1.dll
2020-01-07 13:52 - 2019-12-28 10:55 - 000937888 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2020-01-07 13:52 - 2019-12-28 10:55 - 000937888 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2020-01-07 13:52 - 2019-12-28 10:55 - 000450176 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2020-01-07 13:52 - 2019-12-28 10:55 - 000354520 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2020-01-07 13:52 - 2019-12-28 10:54 - 002076080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2020-01-07 13:52 - 2019-12-28 10:54 - 001485688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2020-01-07 13:52 - 2019-12-28 10:54 - 001145280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2020-01-07 13:52 - 2019-12-28 10:54 - 000824064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2020-01-07 13:52 - 2019-12-28 10:54 - 000685256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2020-01-07 13:52 - 2019-12-28 10:54 - 000678264 _____ C:\WINDOWS\system32\nvofapi64.dll
2020-01-07 13:52 - 2019-12-28 10:54 - 000558080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2020-01-07 13:52 - 2019-12-28 10:54 - 000544976 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2020-01-07 13:52 - 2019-12-28 10:53 - 040510200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2020-01-07 13:52 - 2019-12-28 10:53 - 035380240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2020-01-07 13:52 - 2019-12-28 10:53 - 017462152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2020-01-07 13:52 - 2019-12-28 10:53 - 015029720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2020-01-07 13:52 - 2019-12-28 10:53 - 005383184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2020-01-07 13:52 - 2019-12-28 10:53 - 004718512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2020-01-07 13:52 - 2019-12-28 10:53 - 001727320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6444187.dll
2020-01-07 13:52 - 2019-12-28 10:53 - 001570160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2020-01-07 13:52 - 2019-12-28 10:53 - 001492480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6444187.dll
2020-01-07 13:52 - 2019-12-28 10:53 - 001371512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2020-01-07 13:52 - 2019-12-28 10:53 - 001064368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2020-01-07 13:52 - 2019-12-28 10:53 - 000813984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2020-01-07 13:52 - 2019-12-28 10:53 - 000659288 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2020-01-07 13:52 - 2019-12-28 10:49 - 004963480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2020-01-07 13:52 - 2019-12-28 10:49 - 004229024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2020-01-07 13:52 - 2019-12-26 13:13 - 001683032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2020-01-07 13:52 - 2019-12-26 13:13 - 000228792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2020-01-07 13:52 - 2019-12-26 13:13 - 000047272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2020-01-07 13:52 - 2019-12-24 17:54 - 000055783 _____ C:\WINDOWS\system32\nvinfo.pb
2020-01-07 13:52 - 2019-08-23 01:35 - 000075600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2019-12-29 14:39 - 2019-12-29 14:39 - 000024512 _____ C:\WINDOWS\system32\7B296FC0-376B-497d-B013-58F4D9633A22-5P-1.B5841A4C-A289-439d-8115-50AB69CD450B
2019-12-29 14:39 - 2019-12-29 14:39 - 000000000 _____ C:\WINDOWS\system32\setup4.2.6.tmp
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-01-13 04:44 - 2019-10-17 00:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2020-01-13 04:44 - 2019-08-07 16:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2020-01-13 04:44 - 2019-08-07 16:47 - 000000000 ____D C:\Program Files (x86)\Razer
2020-01-13 04:44 - 2019-07-16 05:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2020-01-13 04:44 - 2019-06-19 16:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project CARS 2
2020-01-13 04:44 - 2019-06-19 15:57 - 000000000 ____D C:\Program Files\UNP
2020-01-13 04:44 - 2019-06-17 23:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pro Evolution Soccer 2019
2020-01-13 04:44 - 2019-06-13 16:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Need for Speed™ Payback
2020-01-13 04:44 - 2019-06-13 06:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2020-01-13 04:44 - 2019-03-19 11:52 - 000000000 __RHD C:\Users\Public\Libraries
2020-01-13 04:44 - 2019-03-19 11:52 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2020-01-13 04:44 - 2019-03-19 11:52 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2020-01-13 04:44 - 2019-03-19 11:52 - 000000000 ____D C:\WINDOWS\system32\spool
2020-01-13 04:44 - 2019-03-19 11:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-01-13 04:44 - 2019-03-19 11:52 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-01-13 04:44 - 2019-03-19 11:52 - 000000000 ____D C:\WINDOWS\ServiceState
2020-01-13 04:44 - 2019-03-19 11:52 - 000000000 ____D C:\WINDOWS\Help
2020-01-13 04:44 - 2019-03-19 11:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-01-13 04:44 - 2019-03-19 11:49 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2020-01-13 04:44 - 2019-02-12 12:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2020-01-13 04:44 - 2019-02-11 15:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-01-13 04:44 - 2019-01-23 06:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2020-01-13 04:44 - 2019-01-23 04:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
2020-01-13 04:44 - 2019-01-23 03:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alienware
2020-01-13 04:44 - 2019-01-23 02:35 - 000000000 ____D C:\Program Files\Intel
2020-01-13 04:44 - 2019-01-23 02:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2020-01-13 04:44 - 2018-04-12 06:38 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2020-01-13 04:38 - 2019-03-19 13:23 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2020-01-13 04:38 - 2019-03-19 13:23 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2020-01-13 04:38 - 2019-03-19 11:52 - 000000000 ____D C:\WINDOWS\Resources
2020-01-13 04:38 - 2019-03-19 11:52 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2020-01-13 04:38 - 2019-01-30 16:55 - 000000000 ____D C:\WINDOWS\SysWOW64\spool
2020-01-13 04:38 - 2019-01-23 04:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2020-01-13 04:38 - 2019-01-23 02:40 - 000000000 ____D C:\Program Files\Realtek
2020-01-13 04:38 - 2019-01-23 02:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2020-01-13 04:38 - 2019-01-23 02:32 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2020-01-13 04:37 - 2019-03-19 11:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-01-13 04:37 - 2019-03-19 11:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-01-13 04:37 - 2019-03-19 11:52 - 000000000 ____D C:\WINDOWS\system32\appraiser
2020-01-13 04:37 - 2019-03-19 11:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-01-13 04:37 - 2019-03-19 11:52 - 000000000 ____D C:\WINDOWS\ShellComponents
2020-01-13 04:37 - 2019-03-19 11:52 - 000000000 ____D C:\WINDOWS\DiagTrack
2020-01-13 04:37 - 2019-03-19 11:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-01-13 04:32 - 2019-03-19 11:56 - 000000000 ____D C:\WINDOWS\Setup
2020-01-12 17:39 - 2019-03-19 11:50 - 000000000 ____D C:\WINDOWS\INF
2020-01-12 17:34 - 2019-03-25 18:44 - 000000000 ___DC C:\Users\PRIVATE_PC\AppData\Roaming\IDM
2020-01-12 17:33 - 2019-03-19 11:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-01-12 17:23 - 2019-02-11 15:36 - 000000000 ___DC C:\Users\PRIVATE_PC\AppData\Roaming\DMCache
2020-01-12 17:23 - 2019-01-23 02:32 - 000000000 ___DC C:\ProgramData\NVIDIA
2020-01-12 17:21 - 2019-06-22 18:01 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-01-12 17:21 - 2019-03-19 11:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-01-12 17:08 - 2019-01-23 04:04 - 000000000 ___DC C:\Users\PRIVATE_PC\AppData\Local\D3DSCache
2020-01-12 17:07 - 2019-03-19 11:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-01-12 17:07 - 2019-01-23 05:56 - 000000000 ___DC C:\Users\PRIVATE_PC\AppData\Local\CrashDumps
2020-01-12 17:04 - 2019-03-19 11:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-01-12 15:37 - 2019-03-19 11:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-01-12 15:35 - 2019-03-19 11:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-01-12 14:01 - 2019-03-19 11:52 - 000000000 ___RD C:\WINDOWS\PrintDialog
2020-01-12 13:52 - 2019-03-19 11:52 - 000000000 ____D C:\ProgramData\USOPrivate
2020-01-12 13:51 - 2019-03-19 11:52 - 000000000 ____D C:\Program Files\Windows Defender
2020-01-12 13:51 - 2019-03-19 11:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2020-01-12 13:51 - 2019-01-23 06:03 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-01-12 13:51 - 2019-01-23 06:03 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-01-12 13:51 - 2019-01-23 06:03 - 000002260 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-01-12 13:51 - 2019-01-23 02:16 - 000000000 _RHDC C:\Users\Public\AccountPictures
2020-01-12 13:51 - 2019-01-23 02:16 - 000000000 __RDC C:\Users\PRIVATE_PC\3D Objects
2020-01-12 13:50 - 2019-03-19 11:52 - 000000000 __RSD C:\WINDOWS\Media
2020-01-12 13:49 - 2019-07-16 05:32 - 000000000 ___DC C:\Users\PRIVATE_PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubiquiti UniFi
2020-01-12 13:49 - 2019-03-25 18:44 - 000000000 ___DC C:\Users\PRIVATE_PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2020-01-12 13:49 - 2019-02-11 15:29 - 000000000 ___DC C:\Users\PRIVATE_PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-01-12 13:48 - 2019-06-16 18:06 - 000000000 ___DC C:\Users\PRIVATE_PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2020-01-12 13:48 - 2019-01-23 02:16 - 000000000 ___DC C:\Users\PRIVATE_PC\AppData\Local\Packages
2020-01-12 13:47 - 2019-08-07 16:55 - 000000000 ____D C:\temp
2020-01-12 13:47 - 2019-01-23 02:40 - 000000000 ___DC C:\ProgramData\Audyssey Labs
2020-01-12 13:47 - 2019-01-23 02:40 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2020-01-12 13:47 - 2019-01-23 02:40 - 000000000 ____D C:\WINDOWS\system32\DAX3
2020-01-12 13:47 - 2019-01-23 02:40 - 000000000 ____D C:\WINDOWS\system32\DAX2
2020-01-12 13:45 - 2019-01-23 02:29 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2020-01-12 06:33 - 2019-01-23 02:32 - 000000000 ____D C:\Users\PRIVATE_PC\AppData\Local\ElevatedDiagnostics
2020-01-11 20:39 - 2019-12-11 06:49 - 000000000 __HDC C:\Users\Public\Documents\AdobeGCData
2020-01-11 20:39 - 2019-12-11 06:49 - 000000000 __HDC C:\ProgramData\Documents\AdobeGCData
2020-01-11 20:37 - 2019-01-30 16:33 - 000000000 ____D C:\Program Files\Microsoft Office
2020-01-11 20:27 - 2019-01-23 02:39 - 000000000 ___DC C:\Users\PRIVATE_PC\AppData\Local\NVIDIA
2020-01-09 22:59 - 2019-03-24 20:20 - 000000000 ___DC C:\Users\PRIVATE_PC\AppData\Roaming\CC
2020-01-07 13:34 - 2019-01-23 02:39 - 000001447 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2020-01-07 13:34 - 2019-01-23 02:39 - 000001447 _____ C:\ProgramData\Desktop\GeForce Experience.lnk
2020-01-07 13:34 - 2019-01-23 02:32 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2020-01-07 13:34 - 2019-01-23 02:31 - 000000000 ___DC C:\ProgramData\NVIDIA Corporation
2019-12-26 10:11 - 2019-03-24 20:13 - 000000000 ____D C:\ros
2019-12-24 15:29 - 2019-01-23 02:33 - 005574128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2019-12-24 15:29 - 2019-01-23 02:33 - 002655072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2019-12-24 15:29 - 2019-01-23 02:33 - 001767280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2019-12-24 15:29 - 2019-01-23 02:33 - 000670048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2019-12-24 15:29 - 2019-01-23 02:33 - 000454696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2019-12-24 15:29 - 2019-01-23 02:33 - 000129560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2019-12-24 15:29 - 2019-01-23 02:33 - 000083440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2019-12-23 02:28 - 2019-01-23 02:32 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2019-12-19 21:24 - 2019-10-25 11:36 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-12-19 10:33 - 2019-03-24 20:16 - 000001438 _____ C:\Users\Public\Desktop\Rules of Survival.lnk
2019-12-19 10:33 - 2019-03-24 20:16 - 000001438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rules of Survival.lnk
2019-12-19 10:33 - 2019-03-24 20:16 - 000001438 _____ C:\ProgramData\Desktop\Rules of Survival.lnk
2019-12-19 06:26 - 2019-01-23 02:33 - 008861662 _____ C:\WINDOWS\system32\nvcoproc.bin
2019-12-15 15:45 - 2019-01-23 02:16 - 000000000 ___DC C:\Users\PRIVATE_PC\AppData\Roaming\Adobe
2019-12-14 15:56 - 2019-01-24 05:42 - 129221664 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-12-14 15:56 - 2019-01-24 05:42 - 000000000 ____D C:\WINDOWS\system32\MRT
 
==================== Files in the root of some directories ========
 
2019-12-12 09:27 - 2019-12-12 09:27 - 000000000 _____ () C:\Users\PRIVATE_PC\AppData\Local\oobelibMkey.log
2019-10-13 18:26 - 2019-10-13 18:26 - 000007606 _____ () C:\Users\PRIVATE_PC\AppData\Local\Resmon.ResmonCfg
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ========================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-01-2020
Ran by PRIVATE_PC (12-01-2020 17:40:35)
Running from C:\Users\PRIVATE_PC\Desktop
Windows 10 Pro Version 1909 18363.535 (X64) (2020-01-12 06:51:53)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2603013266-1580333838-3049538279-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2603013266-1580333838-3049538279-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-2603013266-1580333838-3049538279-1000 - Limited - Disabled)
Guest (S-1-5-21-2603013266-1580333838-3049538279-501 - Limited - Disabled)
PRIVATE_PC (S-1-5-21-2603013266-1580333838-3049538279-1001 - Administrator - Enabled) => C:\Users\PRIVATE_PC
WDAGUtilityAccount (S-1-5-21-2603013266-1580333838-3049538279-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-2603013266-1580333838-3049538279-1001\...\uTorrent) (Version: 3.5.5.45395 - BitTorrent Inc.)
Adobe Acrobat 7.0 Professional - English, Français, Deutsch (HKLM-x32\...\Adobe Acrobat 7.0 Professional - English, Français, Deutsch - V) (Version: 7.0.0 - Adobe Systems)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0) (Version: 20.0.0 - Adobe Systems Incorporated)
Alienware CC Components for AWCC (1.1.13.1) (HKLM\...\Alienware CC Components for AWCC) (Version: 1.1.13.1 - Dell Inc)
Alienware Command Center Suite (HKLM\...\{822AAF78-06DB-4C14-85A2-BCE22E3B81A9}) (Version: 5.2.63.0 - Dell Inc) Hidden
Alienware Command Center Suite (HKLM-x32\...\InstallShield_{822AAF78-06DB-4C14-85A2-BCE22E3B81A9}) (Version: 5.2.63.0 - Dell Inc)
ASUS GPU TweakII (HKLM-x32\...\{2914BAB6-CA16-4B5A-BF41-2466656C7040}) (Version: 2.0.7.2 - ASUSTek COMPUTER INC.) Hidden
ASUS GPU TweakII (HKLM-x32\...\InstallShield_{2914BAB6-CA16-4B5A-BF41-2466656C7040}) (Version: 2.0.7.2 - ASUSTek COMPUTER INC.)
AURA RGB Lighting Control for Graphic card & XG-STATION (HKLM-x32\...\{3B47B9A9-82B9-4B7E-BB4A-C20948C2AA7D}) (Version: 0.0.6.3 - ASUSTek COMPUTER INC.) Hidden
AURA RGB Lighting Control for Graphic card & XG-STATION (HKLM-x32\...\InstallShield_{3B47B9A9-82B9-4B7E-BB4A-C20948C2AA7D}) (Version: 0.0.6.3 - ASUSTek COMPUTER INC.)
CCleaner (HKLM\...\CCleaner) (Version: 5.52 - Piriform)
Controller Vibration Tester (HKU\S-1-5-21-2603013266-1580333838-3049538279-1001\...\Controller Vibration Tester) (Version:  - )
CPUID CPU-Z MSI 1.84 (HKLM\...\CPUID CPU-Z MSI_is1) (Version: 1.84 - CPUID, Inc.)
DiRT 4 (HKLM\...\ZGlydDQ_is1) (Version: 1 - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.117 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1043 - Intel Corporation)
Intel® Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.715.0 - Intel Corporation) Hidden
Intel® Trusted Connect Services Client (HKLM-x32\...\{2b32b7d0-4f9f-47c8-adb7-807e6cb2fb75}) (Version: 1.47.715.0 - Intel Corporation) Hidden
Intel® Update Manager (HKLM-x32\...\{89E5F369-612A-4A5E-8BF2-7938C76ABF29}) (Version: 3.0.135 - Intel Corporation)
Intel® Small Business Advantage (HKLM-x32\...\{C7A82877-2365-4A03-B23F-DFDD629B7F3A}) (Version: 4.0.44 - Intel Corporation)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version:  - Tonek Inc.)
Java 8 Update 221 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180221F0}) (Version: 8.0.2210.11 - Oracle Corporation)
Khmer Unicode 1.2.5 (HKLM-x32\...\Khmer Unicode 1.2.5) (Version:  - )
Logitech Gaming Software 9.02 (HKLM\...\Logitech Gaming Software) (Version: 9.02.65 - Logitech Inc.)
Microsoft Office Professional Plus 2019 - en-us (HKLM\...\ProPlus2019Retail - en-us) (Version: 16.0.12325.20288 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Need for Speed™ Payback (HKLM-x32\...\{F4CF3D08-565C-40B7-B351-D3033DE2172B}) (Version: 1.0.51.15364 - Electronic Arts)
Nitro Pro 10 (HKLM\...\{C78478E6-8206-470E-B843-0204995371C6}) (Version: 10.5.1.17 - Nitro)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.2.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.2.34 - NVIDIA Corporation)
NVIDIA Graphics Driver 441.87 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 441.87 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.21 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.12325.20288 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.12325.20280 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.12325.20288 - Microsoft Corporation) Hidden
PowerISO (HKLM-x32\...\PowerISO) (Version: 6.5 - Power Software Ltd)
Pro Evolution Soccer 2019 (HKLM-x32\...\{879B9B7F-6AAF-4686-A7FC-E937EE6BE37B}_is1) (Version:  - KONAMI)
Project CARS 2 (HKLM-x32\...\Project CARS 2_is1) (Version:  - )
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 4.3 r3298 - Rainmeter)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.4.1112.111915 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.25.119.2018 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8412 - Realtek Semiconductor Corp.)
Rules of Survival version 1.244068.255487 (HKLM-x32\...\{F560482D-4378-4FB8-8EB7-4F017FDBCC90}_is1) (Version: 1.244068.255487 - Hong Kong Netease Interactive Entertainment Limited)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.3.4730 - TeamViewer)
The Crew (Worldwide) (HKLM-x32\...\Uplay Install 413) (Version:  - Ubisoft)
Ubiquiti UniFi (remove only) (HKLM-x32\...\Ubiquiti UniFi) (Version:  - )
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 88.0 - Ubisoft)
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22925 - Microsoft Corporation)
Windows Driver Package - STMicroelectronics (STTub30) USB  (04/03/2017 3.0.6.0) (HKLM\...\BFD1FB244691FDF6328C70B79647C9046B65397A) (Version: 04/03/2017 3.0.6.0 - STMicroelectronics)
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
 
Packages:
=========
Alienware Command Center -> C:\Program Files\WindowsApps\DellInc.AlienwareCommandCenter_5.2.63.0_x64__htrsf667h5kn2 [2019-11-27] (Dell Inc)
Alienware Control Center -> C:\Program Files\WindowsApps\DellInc.6066037A8FCF7_1.1.18.0_x64__htrsf667h5kn2 [2019-10-27] (Dell Inc)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1670.2.0_x86__kgqvnymyfvs32 [2020-01-12] (king.com)
Cooking Fever -> C:\Program Files\WindowsApps\NORDCURRENT.COOKINGFEVER_7.0.0.2_x86__m9bz608c1b9ra [2019-12-07] (Nordcurrent)
Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x64__6mqt6hf9g46tw [2019-01-23] (Fitbit)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-23] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-23] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-21] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-15] (Microsoft Studios) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-21] (Microsoft Corporation) [MS Ad]
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-09-22] (Microsoft Corporation)
Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_2.2.16.0_x64__nfy108tqq3p12 [2019-09-27] (Thumbmunkeys Ltd) [MS Ad]
ROBLOX -> C:\Program Files\WindowsApps\ROBLOXCORPORATION.ROBLOX_2.414.44205.0_x86__55nm5eh3cm0pr [2020-01-12] (ROBLOX Corporation)
Telegram Desktop -> C:\Program Files\WindowsApps\TelegramMessengerLLP.TelegramDesktop_1.9.3.0_x64__t4vj0pshhgkwm [2020-01-06] (Telegram Messenger LLP)
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2018-05-12] (Tonec Inc. -> Tonec Inc.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ContextMenuHandlers1-x32: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat Elements\ContextMenu.dll [2004-12-14] (Adobe Systems Inc.) [File not signed]
ContextMenuHandlers1: [NP8ShellExtension] -> {9C4B85B8-956C-49BF-9BA5-101384E562B2} => C:\Program Files\Nitro\Pro 10\NPShellExtension.dll [2015-05-06] (Nitro Software, Inc. -> Nitro PDF)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2016-02-10] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-10-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-10-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2016-02-10] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-12-24] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2016-02-10] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-10-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-10-01] (win.rar GmbH -> Alexander Roshal)
 
==================== Codecs (Whitelisted) ====================
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
ShortcutWithArgument: C:\Users\PRIVATE_PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\VISAL - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
 
==================== Loaded Modules (Whitelisted) =============
 
2019-10-17 00:49 - 2017-12-26 21:26 - 000053248 _____ () [File not signed] C:\Program Files (x86)\ASUS\AXSP\4.00.01\cpuutil.dll
2019-11-27 23:43 - 2019-11-27 23:44 - 000476672 _____ () [File not signed] C:\Program Files\WindowsApps\DellInc.AlienwareCommandCenter_5.2.63.0_x64__htrsf667h5kn2\AWCC.RPC.Proxy.WinRT.dll
2019-11-27 23:43 - 2019-11-27 23:44 - 000178688 _____ () [File not signed] C:\Program Files\WindowsApps\DellInc.AlienwareCommandCenter_5.2.63.0_x64__htrsf667h5kn2\AWCCPlugin.dll
2019-11-27 23:43 - 2019-11-27 23:44 - 000021504 _____ () [File not signed] C:\Program Files\WindowsApps\DellInc.AlienwareCommandCenter_5.2.63.0_x64__htrsf667h5kn2\IInspectableParser.dll
2019-11-27 23:43 - 2019-11-27 23:44 - 000316416 _____ () [File not signed] C:\Program Files\WindowsApps\DellInc.AlienwareCommandCenter_5.2.63.0_x64__htrsf667h5kn2\PM.UI.Controls.dll
2004-12-14 03:27 - 2004-12-14 03:27 - 000019456 _____ (Adobe Systems Inc.) [File not signed] C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\AcroTray.DEU
2004-12-14 03:25 - 2004-12-14 03:25 - 000019968 _____ (Adobe Systems Inc.) [File not signed] C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\AcroTray.FRA
2019-10-27 22:14 - 2019-10-27 22:14 - 001801728 _____ (Dell Inc) [File not signed] C:\Program Files\WindowsApps\DellInc.6066037A8FCF7_1.1.18.0_x64__htrsf667h5kn2\DellInc.6066037A8FCF7.AFX.Model.Plugin.dll
2019-11-27 23:43 - 2019-11-27 23:43 - 000110080 _____ (Dell Technologies) [File not signed] C:\Program Files\WindowsApps\DellInc.AlienwareCommandCenter_5.2.63.0_x64__htrsf667h5kn2\AFXModelPlugin.dll
2019-11-27 23:43 - 2019-11-27 23:44 - 030495744 _____ (Dell Technologies) [File not signed] C:\Program Files\WindowsApps\DellInc.AlienwareCommandCenter_5.2.63.0_x64__htrsf667h5kn2\AWCC.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
==================== Safe Mode (Whitelisted) ==================
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer trusted/restricted ==========
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\S-1-5-21-2603013266-1580333838-3049538279-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2603013266-1580333838-3049538279-1001\...\webcompanion.com -> hxxp://webcompanion.com
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2018-04-12 06:38 - 2018-04-12 06:36 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Program Files (x86)\Razer\ChromaBroadcast\bin;C:\Program Files\Razer\ChromaBroadcast\bin;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT;C:\Program Files\Intel\Intel® Management Engine Components\IPT;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\WindowsApps;;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2603013266-1580333838-3049538279-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\PRIVATE_PC\AppData\Local\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 202.58.98.202 - 1.1.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
HKLM\...\StartupApproved\Run32: => "AvastUI.exe"
HKLM\...\StartupApproved\Run32: => "RazerCortex"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-2603013266-1580333838-3049538279-1001\...\StartupApproved\StartupFolder: => "Rainmeter.lnk"
HKU\S-1-5-21-2603013266-1580333838-3049538279-1001\...\StartupApproved\Run: => "SoftMiner"
HKU\S-1-5-21-2603013266-1580333838-3049538279-1001\...\StartupApproved\Run: => "FreeYouTubeDownloader"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{BE2EC622-CC04-4C2D-901C-BC80CA64BDDB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{57C5E48C-73A5-4CE1-99DE-2D869DD9339E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{4B3AE3EF-CFF3-49BC-A1F4-24A58B66C832}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{DC12F6BF-1262-465F-A026-4C21F0F22D36}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{6D49B2F1-A19A-41CF-A1B6-D4CB7F384F3E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{F0586E64-98A8-41B9-B2FC-BAEA97BF1206}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8026728F-84A8-4607-B915-53A34ADD1D10}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{75AC1CF2-0E93-4939-BC28-B712EC60C58A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E2C40E43-DE76-4ED8-94D7-DEFE73D83CC3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{460B5034-BD45-4407-97EB-A0F2CA9FF506}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{521FA4DC-5646-4056-9439-C5517A3649DB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D5E1EB94-DC45-4528-8DAF-ED9322DC2E0D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2E86B83C-430D-43F0-A98F-0CD0790CE31F}] => (Allow) C:\Program Files (x86)\Intel\Intel® Small Business Advantage Next\Sba.exe (Intel® Small Business Advantage -> Intel Corporation)
FirewallRules: [{12F6B02E-48F8-42BA-BD42-401CEA373BA6}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{CE6D2895-1009-439A-80D7-ED4B5B6E9A4B}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{E4604608-37D6-4820-B747-CE55B01164D2}] => (Allow) C:\Users\PRIVATE_PC\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{9114797D-C496-430E-8C4D-EE699D859609}] => (Allow) C:\Users\PRIVATE_PC\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{E72698B4-7115-4F89-9EFA-0E204863ADF4}] => (Allow) C:\Users\PRIVATE_PC\AppData\Local\Programs\Opera\57.0.3098.116\opera.exe No File
FirewallRules: [{66FCD9F7-24C7-4424-8487-A131185A680D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8BF4C771-9909-4644-8D21-72465D127FF5}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{DB6BD405-CCD9-43D5-A06D-D5DE327F3112}C:\ros\ros.exe] => (Allow) C:\ros\ros.exe (NetEase(Hangzhou) Network Co. Ltd. -> )
FirewallRules: [UDP Query User{B5A11ABC-EB98-479D-A952-EBE625350597}C:\ros\ros.exe] => (Allow) C:\ros\ros.exe (NetEase(Hangzhou) Network Co. Ltd. -> )
FirewallRules: [TCP Query User{FE1EBC33-45F1-4A27-AC4F-7325020B04EF}C:\ros\ccmini\ccmini.exe] => (Allow) C:\ros\ccmini\ccmini.exe (NetEase(Hangzhou) Network Co. Ltd. -> 网易公司) [File not signed]
FirewallRules: [UDP Query User{10C1355F-A9C0-4378-9149-32DF7EB762CC}C:\ros\ccmini\ccmini.exe] => (Allow) C:\ros\ccmini\ccmini.exe (NetEase(Hangzhou) Network Co. Ltd. -> 网易公司) [File not signed]
FirewallRules: [{675C372C-931E-4AE5-BBB7-2ACB3B07C8DD}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4DFBF6BB-5D77-42BC-B838-0760E9673B32}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{6469E22F-B335-4902-95E1-9302FE2DBD61}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [UDP Query User{711A051A-B9FF-44BB-BF63-F128C16554EA}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [TCP Query User{2C689705-5B1A-4F66-B700-0C08B15BFA41}D:\ros\ros.exe] => (Allow) D:\ros\ros.exe No File
FirewallRules: [UDP Query User{031F0BCE-EFF7-4DF3-876A-5257B768BAE3}D:\ros\ros.exe] => (Allow) D:\ros\ros.exe No File
FirewallRules: [TCP Query User{FC98C3F6-03F1-4CF7-AE9E-F9182EA78DEF}D:\ros\ccmini\ccmini.exe] => (Allow) D:\ros\ccmini\ccmini.exe No File
FirewallRules: [UDP Query User{BC1A96E6-8DAD-46E1-AA70-AC90D4EBF262}D:\ros\ccmini\ccmini.exe] => (Allow) D:\ros\ccmini\ccmini.exe No File
FirewallRules: [{63EA5324-D31C-4C1D-A9C8-11D469481091}] => (Allow) C:\Program Files (x86)\Need For Speed Payback\NeedForSpeedPaybackTrial.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{B7808131-332A-4491-A516-2B6D82CD847D}] => (Allow) C:\Program Files (x86)\Need For Speed Payback\NeedForSpeedPaybackTrial.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{946DA0C0-3A00-416B-9045-EC4B8E36E65D}] => (Allow) C:\Program Files (x86)\Need For Speed Payback\NeedForSpeedPayback.exe (Electronic Arts) [File not signed]
FirewallRules: [{04E741B3-9056-492C-8826-33769037B7F2}] => (Allow) C:\Program Files (x86)\Need For Speed Payback\NeedForSpeedPayback.exe (Electronic Arts) [File not signed]
FirewallRules: [{8284C581-08F4-43FB-9712-BB37169DF10A}] => (Allow) G:\The Crew (Worldwide)\TheCrew.exe (Shanghai Ubi Computer Software Co Ltd -> UBISoft)
FirewallRules: [{6168D1D0-114B-4693-8155-98C4EA477543}] => (Allow) G:\The Crew (Worldwide)\TheCrew.exe (Shanghai Ubi Computer Software Co Ltd -> UBISoft)
FirewallRules: [{638FB128-94C3-408F-A78F-AC6439862B5C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{095A7B88-7961-4D3C-875D-FE26227B019C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{338B5451-804A-4807-AB2B-71BD8B384167}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{F064445A-3816-4F1A-8BE3-884C175C9589}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{975CFE86-285C-4EC9-9801-DCB65AD3B14C}] => (Allow) C:\Program Files (x86)\Java\jre1.8.0_211\bin\java.exe No File
FirewallRules: [{1AD3A42B-60F1-4F1F-9914-1460A5A9FF41}] => (Allow) C:\Program Files (x86)\Java\jre1.8.0_211\bin\java.exe No File
FirewallRules: [{961CA0DF-E078-4154-8830-85CFE5FFBB9A}] => (Allow) C:\Users\PRIVATE_PC\Ubiquiti UniFi\bin\mongod.exe () [File not signed]
FirewallRules: [{F0878321-09DA-4F53-A99D-4F8F54BDA1EC}] => (Allow) C:\Users\PRIVATE_PC\Ubiquiti UniFi\bin\mongod.exe () [File not signed]
FirewallRules: [TCP Query User{B6604908-2445-4111-AFA0-3BCED87FA87A}C:\program files (x86)\java\jre1.8.0_211\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_211\bin\javaw.exe No File
FirewallRules: [UDP Query User{9B2F965D-6539-491D-AD32-6F3DD9C2CD41}C:\program files (x86)\java\jre1.8.0_211\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_211\bin\javaw.exe No File
 
==================== Restore Points =========================
 
ATTENTION: System Restore is disabled (Total:110.63 GB) (Free:25.26 GB) (23%)
 
==================== Faulty Device Manager Devices ============
 
Name: Standard PS/2 Keyboard
Description: Standard PS/2 Keyboard
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: Microsoft PS/2 Mouse
Description: Microsoft PS/2 Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (01/12/2020 05:22:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AWCC.exe, version: 5.2.63.0, time stamp: 0x5dd2c7d0
Faulting module name: twinapi.appcore.dll, version: 10.0.18362.1, time stamp: 0x42f071ca
Exception code: 0xc000027b
Fault offset: 0x00000000000d5cc8
Faulting process id: 0x2334
Faulting application start time: 0x01d5c9321eeaccc4
Faulting application path: C:\Program Files\WindowsApps\DellInc.AlienwareCommandCenter_5.2.63.0_x64__htrsf667h5kn2\AWCC.exe
Faulting module path: C:\WINDOWS\SYSTEM32\twinapi.appcore.dll
Report Id: 5255b5d2-ef67-42f8-9e1c-e5658f411305
Faulting package full name: DellInc.AlienwareCommandCenter_5.2.63.0_x64__htrsf667h5kn2
Faulting package-relative application ID: App
 
Error: (01/12/2020 05:09:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: explorer.exe, version: 10.0.18362.449, time stamp: 0xd3046e6b
Faulting module name: NitroPDFThumbnailProvider.dll, version: 0.0.0.0, time stamp: 0x55491d94
Exception code: 0xc0000005
Fault offset: 0x0000000000001bb5
Faulting process id: 0x23dc
Faulting application start time: 0x01d5c930656a1c5e
Faulting application path: C:\WINDOWS\explorer.exe
Faulting module path: C:\Program Files\Nitro\Pro 10\NitroPDFThumbnailProvider.dll
Report Id: 65d8b825-c4dc-4d5c-8207-e011cc4096ed
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (01/12/2020 05:09:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: explorer.exe, version: 10.0.18362.449, time stamp: 0xd3046e6b
Faulting module name: NitroPDFThumbnailProvider.dll, version: 0.0.0.0, time stamp: 0x55491d94
Exception code: 0xc0000005
Fault offset: 0x0000000000001bb5
Faulting process id: 0x2a3c
Faulting application start time: 0x01d5c930639a7da2
Faulting application path: C:\WINDOWS\explorer.exe
Faulting module path: C:\Program Files\Nitro\Pro 10\NitroPDFThumbnailProvider.dll
Report Id: 010ac469-651e-44ea-bdae-99e1fb3f8534
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (01/12/2020 05:09:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 10.0.18362.449, time stamp: 0xd3046e6b
Faulting module name: NitroPDFThumbnailProvider.dll, version: 0.0.0.0, time stamp: 0x55491d94
Exception code: 0xc0000005
Fault offset: 0x0000000000001bb5
Faulting process id: 0x19c8
Faulting application start time: 0x01d5c9305ceb96f6
Faulting application path: C:\WINDOWS\Explorer.EXE
Faulting module path: C:\Program Files\Nitro\Pro 10\NitroPDFThumbnailProvider.dll
Report Id: 83321631-f666-44b4-b24e-f85ce2fe7a78
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (01/12/2020 05:09:02 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress.
.
 
Error: (01/12/2020 05:09:02 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
 
Error: (01/12/2020 05:09:02 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress.
.
 
Error: (01/12/2020 05:09:02 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
 
 
System errors:
=============
Error: (01/12/2020 05:21:53 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
 
Module Path: C:\WINDOWS\system32\Rtlihvs.dll
Error Code: 126
 
Error: (01/12/2020 05:09:21 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
 
Module Path: C:\WINDOWS\system32\Rtlihvs.dll
Error Code: 126
 
Error: (01/12/2020 05:07:07 PM) (Source: DCOM) (EventID: 10000) (User: RAZERMAN)
Description: Unable to start a DCOM Server: {0358B920-0AC7-461F-98F4-58E32CD89148}. The error:
"2147942767"
Happened while starting this command:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
 
Error: (01/12/2020 05:05:48 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
 
Module Path: C:\WINDOWS\system32\Rtlihvs.dll
Error Code: 126
 
Error: (01/12/2020 02:00:44 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
 
Module Path: C:\WINDOWS\system32\Rtlihvs.dll
Error Code: 126
 
Error: (01/12/2020 01:50:14 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
 
Module Path: C:\WINDOWS\system32\Rtlihvs.dll
Error Code: 126
 
Error: (01/12/2020 01:49:31 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
 
Module Path: C:\WINDOWS\system32\Rtlihvs.dll
Error Code: 126
 
Error: (01/12/2020 01:49:02 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {A47979D2-C419-11D9-A5B4-001185AD2B89} did not register with DCOM within the required timeout.
 
 
Windows Defender:
===================================
Date: 2020-01-12 17:20:34.981
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {C393FD13-3259-4CC1-AA5F-9AB722EDDAF6}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2020-01-12 17:18:48.348
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {B58A2A2E-2FBA-4754-8702-7B42FE7074FB}
Scan Type: Antimalware
Scan Parameters: Full Scan
 
Date: 2020-01-12 13:52:07.459
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Trojan:Win32/Wacatac.B!ml
ID: 2147735505
Severity: Severe
Category: Trojan
Path: file:_C:\Windows\System32\StartupCheckLibrary.dll
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: System
Process Name: Unknown
Security intelligence Version: AV: 1.307.1790.0, AS: 1.307.1790.0, NIS: 0.0.0.0
Engine Version: AM: 1.1.16600.7, NIS: 0.0.0.0
 
Date: 2020-01-12 13:51:56.300
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Trojan:Win32/DefenseEvasion!rfn
ID: 2147743421
Severity: Severe
Category: Trojan
Path: file:_C:\Windows\System32\winlogui.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Windows\System32\svchost.exe
Security intelligence Version: AV: 1.307.1790.0, AS: 1.307.1790.0, NIS: 0.0.0.0
Engine Version: AM: 1.1.16600.7, NIS: 0.0.0.0
 
==================== Memory info =========================== 
 
BIOS: American Megatrends Inc. 1.70 04/21/2017
Motherboard: MSI H110M PRO-VD PLUS (MS-7A15)
Processor: Intel® Core™ i7-7700 CPU @ 3.60GHz
Percentage of memory in use: 54%
Total physical RAM: 8155.96 MB
Available physical RAM: 3735.12 MB
Total Virtual: 11867.96 MB
Available Virtual: 5498.3 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:110.63 GB) (Free:25.26 GB) NTFS
Drive e: (New Volume) (Fixed) (Total:488.28 GB) (Free:314.61 GB) NTFS
Drive f: (New Volume) (Fixed) (Total:443.23 GB) (Free:435.81 GB) NTFS
Drive g: () (Fixed) (Total:232.87 GB) (Free:37.84 GB) NTFS
 
\\?\Volume{73c0bc2a-1ee8-483e-84aa-b917cc54988a}\ (Recovery) (Fixed) (Total:0.49 GB) (Free:0.47 GB) NTFS
\\?\Volume{b53f96ad-9d3f-4735-b078-31de1f55cbeb}\ () (Fixed) (Total:0.55 GB) (Free:0.08 GB) NTFS
\\?\Volume{5aa4c667-fef8-4a1f-bb08-dc694b739fd8}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: D9FA2484)
 
Partition: GPT.
 
==========================================================
Disk: 1 (Protective MBR) (Size: 111.8 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
==========================================================
Disk: 2 (Size: 232.9 GB) (Disk ID: 78CB6321)
 
Partition: GPT.
 
==================== End of Addition.txt =======================

Edited by iMacg3, 12 January 2020 - 09:58 PM.
Merged topics/posts ~ iMacg3

  • 0

Advertisements

#2
DR M
Posted 13 January 2020 - 07:51 AM

DR M

    The Grecian Geek

  • Malware Removal
  • 4,096 posts

Hello, Visalbun. 

I am DR M and I will be assisting you with your computer's issues. I am still in training and my fixes have to be approved by my instructor, so there may be a slight delay in my replies. Look at it as a good thing though, since you will have two people looking at your problem.

 

Adhere to the guidelines below, and then carefully follow, with the same order, all the instructions after:

1. You have to reply to my posts within three days. If you need some additional time, just let me know. If I don't get any reply from you within these three days, the topic will be closed. You can send me a PM if you still want help, after this period of time.

2. Always ask before act! Do not continue if you are not sure, or if something unexpected happens!

3. Do not run any tools unless instructed to do so. Also, do not uninstall or install any software during the proceedure, unless I ask you to do so.

4. Please, copy all the content of the required logs and paste it inside your post. Do not attach any log or other file, unless directed otherwise.

5. Logs from malware diagnostic or removal programs can take some time to get analyzed. Also, have in mind that all the experts here are volunteers and may not be available to assist when you post. Please, be patient, while I analyze your logs. I will be with you, as far as I can.

 

----------------------------------------------------------------------------------------------------------------------------

 

Please give me some time to go over your logs and I'll get back to you as soon as possible.


  • 0

#3
DR M
Posted 16 January 2020 - 03:37 AM

DR M

    The Grecian Geek

  • Malware Removal
  • 4,096 posts

Hi, Visalbun.

 

I apologize for the delayed reply.

Let's start work.

1. Warning

You have Bittorrent installed in your computer. This is a P2P program. P2P programs form a direct conduit on to a computer. They have always been a target of malware writers and are increasingly so of late. P2P security measures are easily circumvented and if your P2P program is not configured correctly, you may be sharing more files than you realize. There have been cases where people's passwords, address books and other personal, private, and financial details have been exposed to the file sharing network by a badly configured program. If you don't uninstall it, your computer will probably get infected again, as soon as you use it again. But it is your computer and of course your decision.

  • If you decide to uninstall it, uninstall it along with the unwanted programs in Step 2 below.
  • If you decide to keep it, DON'T use it during the cleaning procedure.

 

2. Uninstall programs

It appears that you play games so likely need Java. If that is the case, you need to update Java with the latest critical security update. For now, let's uninstall the old version and keep the updating (if you want it) at the end of the cleaning procedure.

I would like to ask you: Have you tried Acrobat 7 to work? Is it working properly? I'm asking because Adobe Acrobat 7 is not compatible with Windows 10. If you don't use it or if it does not work properly, I would recommend you to uninstall it.
For more, see here: https://community.ad...e/td-p/8958889

  • Press the Windows icon key on your keyboard, together with the letter I (it's the capital I), to go to the Settings.
  • Choose Apps, and from the menu at the left make sure the Apps & features is selected.
  • In the apps & features list on the right sight, find Adobe Acrobat 7.0 Professional and Java 8 Update 221 (μtorrent > optional), click on them, one by one, and select uninstall for each one.
  • Restart the computer.

 

3. Uninstall Chrome extensions

  • Open Chrome.
  • Type chrome://extensions in the address bar and press Enter.
  • Click Remove under the following extensions:

Ask Web Search > lgfehfbnofiffladdncogfobimealokp
Adware Secure > nladljmabboanhihfkjacnnkgjhnokhj

  • A confirmation dialog appears, click Remove.

 

4. Run FRST fix

Note: If the tool warns you about the version you're using being an outdated version please download and run the updated version.

NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system

  • Please select the entire contents of the code box below, from the "Start::" line to "End", including both lines. Right-click and select "Copy ".
Start::
closeprocesses:
SystemRestore: on
createrestorepoint:
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
Task: {22D22A13-2ABF-4C7A-9CE9-D1D17DD0C729} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1873288 2019-09-19] (AVAST Software s.r.o. -> AVAST Software)
Task: {3106BE40-0CD9-4BBD-898E-E3C5C65F3CA7} - System32\Tasks\Microsoft\Windows\Windows Error Reporting\winrmsrv => C:\Windows\system32\winrmsrv.exe [731136 2020-01-07] (Microsoft Corporation) [File not signed] <==== ATTENTION
Task: {6F8937C6-0B52-47CB-AC4C-46A1B9C530B3} - System32\Tasks\Microsoft\Windows\Wininet\Winlogui => winlogui.exe <==== ATTENTION
Task: {70E47816-E16C-4A65-A666-A4B20E836D02} - System32\Tasks\Opera scheduled Autoupdate 1548198806 => C:\Users\PRIVATE_PC\AppData\Local\Programs\Opera\launcher.exe
Task: {96799E66-FC25-4CEE-81A1-4F7D14F09F9C} - System32\Tasks\Microsoft\Windows\Application Experience\StartupCheckLibrary => rundll32.exe StartupCheckLibrary.dll,DllMainRunLibrary <==== ATTENTION
Task: {C1614ED6-6C59-4884-AA24-EA0F417E6191} - System32\Tasks\Microsoft\Windows\WDI\SrvHost => rundll32.exe winscomrssrv.dll,SrvMainHost <==== ATTENTION
HKU\S-1-5-21-2603013266-1580333838-3049538279-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10454__190122
SearchScopes: HKU\S-1-5-21-2603013266-1580333838-3049538279-1001 -> {BDF61FAE-9D19-40F0-8F34-688DEB334CA9} URL = hxxp://securedsearch.lavasoft.com/results.php?pr=vmn&id=webcompa&ent=ch_WCYID10454__190122&q={searchTerms}
CHR DefaultSearchURL: Profile 1 -> hxxps://defaultsearch.co/?q={searchTerms}
CHR DefaultSearchKeyword: Profile 1 -> Adaware Secure
CHR Notifications: Profile 1 -> hxxps://download-alert.com
CHR HKLM-x32\...\Chrome\Extension: [nladljmabboanhihfkjacnnkgjhnokhj]
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
IE trusted site: HKU\S-1-5-21-2603013266-1580333838-3049538279-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2603013266-1580333838-3049538279-1001\...\webcompanion.com -> hxxp://webcompanion.com
HKLM\...\StartupApproved\Run32: => "AvastUI.exe"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-2603013266-1580333838-3049538279-1001\...\StartupApproved\Run: => "FreeYouTubeDownloader"
FirewallRules: [{E72698B4-7115-4F89-9EFA-0E204863ADF4}] => (Allow) C:\Users\PRIVATE_PC\AppData\Local\Programs\Opera\57.0.3098.116\opera.exe No File
FirewallRules: [TCP Query User{2C689705-5B1A-4F66-B700-0C08B15BFA41}D:\ros\ros.exe] => (Allow) D:\ros\ros.exe No File
FirewallRules: [UDP Query User{031F0BCE-EFF7-4DF3-876A-5257B768BAE3}D:\ros\ros.exe] => (Allow) D:\ros\ros.exe No File
FirewallRules: [TCP Query User{FC98C3F6-03F1-4CF7-AE9E-F9182EA78DEF}D:\ros\ccmini\ccmini.exe] => (Allow) D:\ros\ccmini\ccmini.exe No File
FirewallRules: [UDP Query User{BC1A96E6-8DAD-46E1-AA70-AC90D4EBF262}D:\ros\ccmini\ccmini.exe] => (Allow) D:\ros\ccmini\ccmini.exe No File
FirewallRules: [{975CFE86-285C-4EC9-9801-DCB65AD3B14C}] => (Allow) C:\Program Files (x86)\Java\jre1.8.0_211\bin\java.exe No File
FirewallRules: [{1AD3A42B-60F1-4F1F-9914-1460A5A9FF41}] => (Allow) C:\Program Files (x86)\Java\jre1.8.0_211\bin\java.exe No File
FirewallRules: [TCP Query User{B6604908-2445-4111-AFA0-3BCED87FA87A}C:\program files (x86)\java\jre1.8.0_211\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_211\bin\javaw.exe No File
FirewallRules: [UDP Query User{9B2F965D-6539-491D-AD32-6F3DD9C2CD41}C:\program files (x86)\java\jre1.8.0_211\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_211\bin\javaw.exe No File
C:\Program Files\Common Files\AVAST Software
C:\Users\PRIVATE_PC\AppData\Local\Programs\Opera
C:\WINDOWS\system32\Tasks\Avast Software
C:\Windows\System32\winrmsrv.exe
emptytemp:
end::
  • Please right-click on FRST/FRST64 to run as administrator. When the tool opens, click "yes" to the disclaimer.
  • Press the Fix button once and wait.
  • FRST will process fixlist.txt
  • When finished, it will produce a log fixlog.txt in the same folder/directory as FRST/FRST64.exe
  • Please post the log in your next reply.

 

4. Farbar Recovery Scan Tool - Search

  • Double-click FRST64.exe to run it.
  • Copy and paste the following into the Search: box:
winlogui.exe;StartupCheckLibrary.dll;winscomrssrv.dll
  • Press the Search Files button.
  • When complete, FRST will generate a log on your Desktop (Search.txt)
  • Please copy and paste its contents into your reply.

 

In your next reply, please make sure to give your feedback about the following:

  • What you have decided to do with the μtorrent.
  • What you did with the Adobe Acrobat 7 Professional.
  • Have you intentionally set multiple Chrome profiles? (Profile 1)
  • Paste the fixlog.txt content.
  • Paste the Search.txt content.

Edited by DR M, 16 January 2020 - 03:40 AM.

  • 0

#4
DR M
Posted 19 January 2020 - 02:54 AM

DR M

    The Grecian Geek

  • Malware Removal
  • 4,096 posts

Hi, Visalbun.

 

Do you still need help? 


  • 0

#5
iMacg3
Posted 20 January 2020 - 11:20 PM

iMacg3

    GeekU PowerPC G3

  • GeekU Moderator
  • 1,921 posts

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP