Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Weird login screen behavior from Windows 10

Started by daba , Jan 22 2020 03:35 PM
windows 10 password login fake login screen

  • Please log in to reply

#136
daba
Posted 21 June 2020 - 04:29 PM

daba

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 367 posts

Disregard. It went to an older version directory. Deleted it and now it's working.


  • 0

Advertisements

#137
daba
Posted 21 June 2020 - 04:52 PM

daba

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 367 posts

Thanks. NO menu!

Here you go:

Fix result of Farbar Recovery Scan Tool (x64) Version: 21-06-2020
Ran by David Jackson (21-06-2020 23:29:04) Run:9
Running from C:\Users\David Jackson\Desktop
Loaded Profiles: defaultuser0 & David Jackson
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
HKU\S-1-5-21-2490165305-1638453623-257508744-1001\...\Run: [Opera Browser Assistant] => C:\Users\David Jackson\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3004440 2020-06-18] (Opera Software AS -> Opera Software)
Task: {4AFCC561-2326-43EB-ADD3-5E455ABD4F05} - System32\Tasks\Opera scheduled assistant Autoupdate 1591996505 => C:\Users\David Jackson\AppData\Local\Programs\Opera\launcher.exe [1517592 2020-06-10] (Opera Software AS -> Opera Software)
Task: {F9A0A415-CBB2-4AAB-AB9A-F6952291FA85} - System32\Tasks\Opera scheduled Autoupdate 1591996491 => C:\Users\David Jackson\AppData\Local\Programs\Opera\launcher.exe [1517592 2020-06-10] (Opera Software AS -> Opera Software)
Task: {ADEA3A59-2CA0-4892-BBFF-138A3C4CE8C3} - System32\Tasks\Uninstaller_SkipUac_David_Jackson => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
C:\Program Files (x86)\IObit
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} -  No File
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} -  No File
Filter: lzdhtml - {8f6b0360-b80d-11d0-a9b3-006097942311} -  No File
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} -  No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} =>  -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> No File
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} =>  -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} =>  -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
HKU\S-1-5-21-2490165305-1638453623-257508744-1001\...\StartupApproved\Run: => "utweb"
HKU\S-1-5-21-2490165305-1638453623-257508744-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
FirewallRules: [{5322391E-FE48-473B-B9B0-1BB87ED159E8}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Updater.exe (Vector Ltd. -> Flash-Integro LLC)
FirewallRules: [{7262E687-30AF-4516-A3EB-BDD73F01D92D}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Updater.exe (Vector Ltd. -> Flash-Integro LLC)
FirewallRules: [{F1762C98-A62E-4070-A945-31953984BF5B}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Activation.exe (Vector Ltd. -> Flash-Integro LLC)
FirewallRules: [{9EE2A854-72C4-40ED-A0C1-CF71E6B31BA5}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Activation.exe (Vector Ltd. -> Flash-Integro LLC)
FirewallRules: [{1040F48C-620B-4841-9962-D6E65EDFD6D3}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\VideoEditor.exe (Vector Ltd. -> Flash-Integro LLC)
FirewallRules: [{E018D2E6-79C3-4A09-8762-20F7057D8463}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\VideoEditor.exe (Vector Ltd. -> Flash-Integro LLC)
S2 AdobeARMservice; "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" [X]
Unlock:  C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
File: C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"
Reboot:
 
 
*****************
 
"HKU\S-1-5-21-2490165305-1638453623-257508744-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Opera Browser Assistant" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4AFCC561-2326-43EB-ADD3-5E455ABD4F05}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4AFCC561-2326-43EB-ADD3-5E455ABD4F05}" => removed successfully
C:\WINDOWS\System32\Tasks\Opera scheduled assistant Autoupdate 1591996505 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera scheduled assistant Autoupdate 1591996505" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F9A0A415-CBB2-4AAB-AB9A-F6952291FA85}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F9A0A415-CBB2-4AAB-AB9A-F6952291FA85}" => removed successfully
C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1591996491 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera scheduled Autoupdate 1591996491" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{ADEA3A59-2CA0-4892-BBFF-138A3C4CE8C3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ADEA3A59-2CA0-4892-BBFF-138A3C4CE8C3}" => removed successfully
C:\WINDOWS\System32\Tasks\Uninstaller_SkipUac_David_Jackson => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Uninstaller_SkipUac_David_Jackson" => removed successfully
C:\Program Files (x86)\IObit => moved successfully
HKLM\Software\Classes\PROTOCOLS\Filter\deflate => removed successfully
HKLM\Software\Classes\PROTOCOLS\Filter\gzip => removed successfully
HKLM\Software\Classes\PROTOCOLS\Filter\lzdhtml => removed successfully
HKLM\Software\Classes\PROTOCOLS\Handler\gopher => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\IObitUnstaler => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\IObitUnstaler => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\IObitUnstaler => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
"HKU\S-1-5-21-2490165305-1638453623-257508744-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\utweb" => removed successfully
"HKU\S-1-5-21-2490165305-1638453623-257508744-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\utweb" => not found
"HKU\S-1-5-21-2490165305-1638453623-257508744-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\CCleaner Smart Cleaning" => removed successfully
"HKU\S-1-5-21-2490165305-1638453623-257508744-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\CCleaner Smart Cleaning" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5322391E-FE48-473B-B9B0-1BB87ED159E8}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7262E687-30AF-4516-A3EB-BDD73F01D92D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F1762C98-A62E-4070-A945-31953984BF5B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9EE2A854-72C4-40ED-A0C1-CF71E6B31BA5}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1040F48C-620B-4841-9962-D6E65EDFD6D3}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E018D2E6-79C3-4A09-8762-20F7057D8463}" => removed successfully
HKLM\System\CurrentControlSet\Services\AdobeARMservice => removed successfully
AdobeARMservice => service removed successfully
"C:\Program Files\AMD\CNext\CNext\Qt5Core.dll" => was unlocked
 
========================= File: C:\Program Files\AMD\CNext\CNext\Qt5Core.dll ========================
 
C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
File not signed
MD5: F4947C3CDB01F25C4B3FE0B19EDEBC5C
Creation and modification date: 2020-05-15 15:34 - 2020-05-15 15:34
Size: 006010880
Attributes: ----A
Company Name: The Qt Company Ltd.
Internal Name: 
Original Name: Qt5Core.dll
Product: Qt5
Description: C++ Application Development Framework
File Version: 5.13.0.0
Product Version: 5.13.0.0
Copyright: Copyright © 2019 The Qt Company Ltd.
 
====== End of File: ======
 
 
========= FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i" =========
 
Failed to clear log AirSpaceChannel.
The requested operation cannot be performed over an enabled direct channel. The channel must first be disabled.
Failed to clear log DebugChannel.
The requested operation cannot be performed over an enabled direct channel. The channel must first be disabled.
Failed to clear log Intel-SST-CFD-HDA/IntelSST.
The instance name passed was not recognized as valid by a WMI data provider.
Failed to clear log Microsoft-RMS-MSIPC/Debug.
The requested operation cannot be performed over an enabled direct channel. The channel must first be disabled.
Failed to clear log Microsoft-Windows-LiveId/Analytic.
Access is denied.
Failed to clear log Microsoft-Windows-LiveId/Operational.
Access is denied.
Failed to clear log Microsoft-Windows-USBVideo/Analytic.
The instance name passed was not recognized as valid by a WMI data provider.
 
========= End of CMD: =========
 
 
 
The system needed a reboot.
 
==== End of Fixlog 23:30:25 ====
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-06-2020
Ran by David Jackson (21-06-2020 23:48:59)
Running from C:\Users\David Jackson\Desktop
Windows 10 Home Version 1909 18363.900 (X64) (2019-08-25 22:15:07)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2490165305-1638453623-257508744-500 - Administrator - Disabled)
David Jackson (S-1-5-21-2490165305-1638453623-257508744-1001 - Administrator - Enabled) => C:\Users\David Jackson
DefaultAccount (S-1-5-21-2490165305-1638453623-257508744-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-2490165305-1638453623-257508744-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-2490165305-1638453623-257508744-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2490165305-1638453623-257508744-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Panda Dome (Enabled - Up to date) {CF440CD9-5435-10B1-04E0-7768B6F10320}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
7-Zip 19.02 alpha (x64) (HKLM\...\7-Zip) (Version: 19.02 alpha - Igor Pavlov)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.387 - Adobe)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 20.4.2 - Advanced Micro Devices, Inc.)
Anki (HKLM-x32\...\Anki) (Version: 2.1.13 - )
Branding64 (HKLM\...\{856DA29A-EA4A-468B-BBC2-B5F60DD75BFE}) (Version: 1.00.0002 - Advanced Micro Devices, Inc.) Hidden
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 83.1.10.93 - Brave Software Inc)
calibre (HKLM-x32\...\{55043EFA-2201-40F4-86CA-CC465251D9DC}) (Version: 4.14.0 - Kovid Goyal)
f.lux (HKU\S-1-5-21-2490165305-1638453623-257508744-1001\...\Flux) (Version:  - f.lux Software LLC)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 10.0.0.35798 - Foxit Software Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 83.0.4103.106 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden
Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{c4a581e8-a702-448c-80c7-4b6192985db2}) (Version: 10.1.18228.8176 - Intel® Corporation)
Intel® Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.3.10209.6897 - Intel Corporation)
Intel® Graphics Driver Software (HKLM-x32\...\{34b71f5b-fd06-4029-966e-c1d187ea90a7}) (Version: 3.11.1.0 - Intel) Hidden
Intel® Graphics Driver Software (HKLM-x32\...\{d7a872bf-e69e-4300-8537-086dc6abbf23}) (Version: 3.11.1.0 - Intel) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1914.12.0.1255 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 26.20.100.7212 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 17.5.0.1017 - Intel Corporation)
Intel® Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.52.230.1 - Intel Corporation) Hidden
Intel® Trusted Connect Services Client (HKLM-x32\...\{c6de84fd-ece7-4c2a-9f06-8cabe7ab79a0}) (Version: 1.52.230.1 - Intel Corporation) Hidden
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{7D4998B3-AC68-4815-AC47-5A1969D91E30}) (Version: 17.5.0.1017 - Intel Corporation)
Luminar 3 (HKLM\...\Luminar 3) (Version: 3.2.0.5246 - Skylum)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.7.9326.0 - Waves Audio Ltd.) Hidden
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2490165305-1638453623-257508744-1001\...\OneDriveSetup.exe) (Version: 19.152.0801.0008 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Mozilla Firefox 77.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 77.0.1 (x64 en-US)) (Version: 77.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 65.0.2 - Mozilla)
OEM Application Profile (HKLM-x32\...\{12C2AEB0-ED60-4CCF-DD83-C65BC7CCFB50}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Open-Shell (HKLM\...\{FD722BB1-4960-455F-89C6-EFAEB79527EF}) (Version: 4.4.131 - The Open-Shell Team)
Opera Stable 68.0.3618.165 (HKU\S-1-5-21-2490165305-1638453623-257508744-1001\...\Opera 68.0.3618.165) (Version: 68.0.3618.165 - Opera Software)
Outils de vérification linguistique 2016 de Microsoft Office - Français (HKLM\...\{90160000-001F-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Panda Devices Agent (HKLM-x32\...\{DB0164A2-ADE9-4FEE-B080-D506BDD6427F}) (Version: 1.08.09 - Panda Security) Hidden
Panda Devices Agent (HKLM-x32\...\Panda Devices Agent) (Version: 1.03.09 - Panda Security) Hidden
Panda Dome (HKLM\...\{10EDA2C8-03AB-4C27-BDC4-39143A81B12F}) (Version: 11.12.30 - Panda Security) Hidden
Panda Dome (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 20.00.00.0001 - Panda Security)
Qualcomm 11ac Wireless LAN&Bluetooth Installer (HKLM-x32\...\{E7086B15-806E-4519-A876-DBA9FDDE9A13}) (Version: 11.0.0.10505 - Qualcomm)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.18362.31252 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8339 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.1.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.5 - VS Revo Group, Ltd.)
Skype version 8.61 (HKLM-x32\...\Skype_is1) (Version: 8.61 - Skype Technologies S.A.)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Update for Skype for Business 2016 (KB3127939) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{0E31A60F-4066-4FD8-AB36-4119E0FED3D9}) (Version:  - Microsoft)
Update for Skype for Business 2016 (KB3127939) 64-Bit Edition (HKLM\...\{90160000-012B-0409-1000-0000000FF1CE}_Office16.PROPLUS_{0E31A60F-4066-4FD8-AB36-4119E0FED3D9}) (Version:  - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.10 - VideoLAN)
VSDC Free Video Editor version 6.3.1.939 (HKLM\...\VSDC Free Video Editor_is1) (Version: 6.3.1.939 - Flash-Integro LLC)
Vulkan Run Time Libraries 1.0.68.0 (HKLM\...\VulkanRT1.0.68.0) (Version: 1.0.68.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.68.0 (HKLM\...\VulkanRT1.0.68.0-2) (Version: 1.0.68.0 - LunarG, Inc.) Hidden
Zoom (HKU\S-1-5-21-2490165305-1638453623-257508744-1001\...\ZoomUMX) (Version: 5.1 - Zoom Video Communications, Inc.)
 
Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-08] (Autodesk Inc.)
Intel® Graphics Command Center -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.2727.0_x64__8j3eq9eme6ctt [2020-03-13] (INTEL CORP) [Startup Task]
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2020-02-19] (INTEL CORP)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-29] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-29] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.6.4030.0_x64__8wekyb3d8bbwe [2020-04-18] (Microsoft Studios) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.14.6005.0_x64__8wekyb3d8bbwe [2020-04-16] (Microsoft Studios)
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad]
Photos Add-on -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2019-03-15] (Microsoft Corporation)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-12-24] (Microsoft Corporation)
PhotoScape X -> C:\Program Files\WindowsApps\MooiiTech.PhotoScapeX_4.0.2.0_x64__f5eddttrpssna [2019-12-31] (Mooii Tech)
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-2490165305-1638453623-257508744-1001_Classes\CLSID\{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1}\localserver32 -> C:\Program Files\Waves\MaxxAudio\MaxxAudioPro.exe (Waves Inc -> Waves Audio Ltd)
ShellIconOverlayIdentifiers: [  OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-05-09] (Intel® Rapid Storage Technology -> )
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Open-Shell\ClassicExplorer64.dll [2018-08-18] (Open-Shell) [File not signed]
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Open-Shell\ClassicExplorer64.dll [2018-08-18] (Open-Shell) [File not signed]
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-09-05] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll [2019-06-18] (Panda Security S.L. -> Panda Security, S.L.)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-05-09] (Intel® Rapid Storage Technology -> )
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-09-05] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2020-05-15] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll [2019-06-18] (Panda Security S.L. -> Panda Security, S.L.)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-09-05] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\WINDOWS\system32\StartMenuHelper64.dll [2018-08-18] (Open-Shell) [File not signed]
ContextMenuHandlers6: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll [2019-06-18] (Panda Security S.L. -> Panda Security, S.L.)
 
==================== Codecs (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Drivers32: [msacm.voxacm160] => C:\WINDOWS\system32\vct3216.acm [82944 2003-05-21] (Voxware, Inc.) [File not signed]
HKLM\...\Drivers32: [msacm.scg726] => C:\WINDOWS\system32\scg726.acm [13239 2000-03-14] (SHARP Corporation) [File not signed]
HKLM\...\Drivers32: [msacm.alf2cd] => C:\WINDOWS\system32\alf2cd.acm [38912 2003-05-21] (NCT Company) [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\system32\AC3ACM.acm [81920 2004-02-04] (fccHandler) [File not signed]
HKLM\...\Drivers32: [msacm.lame] => C:\WINDOWS\system32\lame.ax [245760 2005-08-01] () [File not signed]
HKLM\...\Drivers32: [vidc.dvsd] => C:\WINDOWS\system32\mcdvd_32.dll [261632 2003-05-21] (MainConcept) [File not signed]
HKLM\...\Drivers32: [vidc.mpg4] => C:\WINDOWS\system32\mpg4c32.dll [413760 2002-08-20] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.mp42] => C:\WINDOWS\system32\mpg4c32.dll [413760 2002-08-20] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.mp43] => C:\WINDOWS\system32\mpg4c32.dll [413760 2002-08-20] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.xvid] => C:\WINDOWS\system32\xvidvfw.dll [139264 2004-07-03] () [File not signed]
HKLM\...\Drivers32: [vidc.DIVX] => C:\WINDOWS\system32\DivX.dll [638976 2003-05-22] (DivXNetworks, Inc.) [File not signed]
HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.VP62] => C:\WINDOWS\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.LAGS] => C:\WINDOWS\system32\lagarith.dll [216064 2011-12-07] () [File not signed]
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
ShortcutWithArgument: C:\Users\David Jackson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Brave Apps\Secure, Fast & Private Web Browser with Adblocker _ Brave Browser.lnk -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\chrome_proxy.exe (Brave Software, Inc.) ->  --profile-directory=Default --app-id=dnglpbpmfhoikjfpaeipmeobcbnoikhg
ShortcutWithArgument: C:\Users\David Jackson\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\e2f3576b7abb043d\Brave.lnk -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc.) -> --profile-directory=Default
 
==================== Loaded Modules (Whitelisted) =============
 
2019-07-18 11:30 - 2019-07-18 11:30 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 003567616 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2018-03-13 04:47 - 2018-03-13 04:47 - 000912896 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\aws-cpp-sdk-core.dll
2018-03-13 04:47 - 2018-03-13 04:47 - 003109888 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\aws-cpp-sdk-s3.dll
2015-02-19 01:13 - 2015-02-19 01:13 - 000817152 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\Device.dll
2015-02-19 01:13 - 2015-02-19 01:13 - 003650560 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\Platform.dll
2019-10-18 16:48 - 2019-09-05 20:00 - 000076800 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2018-08-18 22:57 - 2018-08-18 22:57 - 003447808 _____ (Open-Shell) [File not signed] C:\Program Files\Open-Shell\StartMenuDLL.dll
2018-08-18 22:57 - 2018-08-18 22:57 - 000301568 _____ (Open-Shell) [File not signed] C:\WINDOWS\system32\StartMenuHelper64.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qgif.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000039424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qicns.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qico.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000413696 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qjpeg.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qsvg.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qtga.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwbmp.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000519168 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwebp.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 001431040 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\platforms\qwindows.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 001180672 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000135680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\styles\qwindowsvistastyle.dll
2020-05-15 15:34 - 2020-05-15 15:34 - 006010880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 006345216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 001078272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000313856 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 004000256 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 003802624 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000171008 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickControls2.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 001083904 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickTemplates2.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000205312 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000329728 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000113152 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000376320 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 092323328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 005560832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000463360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000188416 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 002888704 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000053760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000287232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000329216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000136192 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000089088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000312320 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2020-05-15 15:34 - 2020-05-15 15:34 - 000085504 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtWebEngine\qtwebengineplugin.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
==================== Safe Mode (Whitelisted) ==================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MB3Service => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MB3Service => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service"
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer trusted/restricted ==========
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\S-1-5-21-2490165305-1638453623-257508744-1001\...\localhost -> localhost
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2016-07-16 12:47 - 2019-10-11 16:40 - 000000855 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1       localhost
 
2019-09-29 20:13 - 2019-09-29 20:13 - 000000440 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2490165305-1638453623-257508744-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
DNS Servers: 10.0.0.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
HKLM\...\StartupApproved\Run: => "WindowsDefender"
HKU\S-1-5-21-2490165305-1638453623-257508744-1001\...\StartupApproved\Run: => "OneDrive"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [UDP Query User{FCA55D5D-7C11-43D9-BE5C-AF42F4705963}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{FA87A6B8-3905-474D-8007-7A444EAD1613}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{2B068F4C-AD4C-4CAD-A478-02D7224AB2ED}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C94A512A-482D-4332-843B-29B804F22DBB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{3EBE2972-F1C6-4B63-9055-16A9896B355F}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9B577813-145A-4B2A-974A-581F724B04CF}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1E20A7E5-59B2-42F2-BED9-FB04D19643AE}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3DA20463-FDCA-456A-8F99-4A7721540B47}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{194FEEA0-9365-4201-9F22-1C18DED52A83}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{21A82943-4743-4655-9964-877F56AFD9E9}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3F799464-D1A9-44C8-806A-3B801BFB982C}] => (Allow) C:\Users\David Jackson\AppData\Local\Programs\Opera\68.0.3618.165\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{16FCEF0E-0A42-4A86-97D6-538BD857B0F5}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{174A2998-6AF3-42F0-BDD1-4E6A69F3A2DF}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1F6133EB-9274-4BEE-889D-EA8B56E73A9B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{DCD5F65D-B4F5-4F0F-B10E-B2328E54BBD9}] => (Allow) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [{066146B5-2CFD-4617-984F-22B7E8118678}] => (Allow) C:\Users\David Jackson\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{414559B2-6F57-438D-905E-1A3EC88A422C}] => (Allow) C:\Users\David Jackson\AppData\Roaming\Zoom\bin\airhost.exe => No File
 
==================== Restore Points =========================
 
12-06-2020 22:03:38 AA11
21-06-2020 17:41:43 Scheduled Checkpoint
 
==================== Faulty Device Manager Devices ============
 
 
==================== Event log errors: ========================
 
Application errors:
==================
 
System errors:
=============
Error: (06/21/2020 11:31:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The AMD User Experience Program Launcher service terminated unexpectedly.  It has done this 1 time(s).
 
 
==================== Memory info =========================== 
 
BIOS: Dell Inc. 1.9.0 07/04/2019
Motherboard: Dell Inc. 0RKTGR
Processor: Intel® Core™ i5-8250U CPU @ 1.60GHz
Percentage of memory in use: 73%
Total physical RAM: 3961.07 MB
Available physical RAM: 1048.67 MB
Total Virtual: 7417.07 MB
Available Virtual: 3115.95 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:100 GB) (Free:19.41 GB) NTFS
Drive d: () (Fixed) (Total:272 GB) (Free:234.05 GB) NTFS
Drive e: () (Fixed) (Total:272 GB) (Free:240.7 GB) NTFS
Drive f: () (Fixed) (Total:272.88 GB) (Free:265.95 GB) NTFS
 
\\?\Volume{3f430384-b413-4fd9-8d5a-36680837eb73}\ (WINRETOOLS) (Fixed) (Total:0.97 GB) (Free:0.53 GB) NTFS
\\?\Volume{e34ef38a-3c5e-4b5c-8b7d-6e369a09d72f}\ (Image) (Fixed) (Total:11.76 GB) (Free:0.13 GB) NTFS
\\?\Volume{14ad7310-6585-44c2-acde-6de083ea88c1}\ (DELLSUPPORT) (Fixed) (Total:1.13 GB) (Free:0.05 GB) NTFS
\\?\Volume{7bd86504-d9e3-4a41-a225-36b9f05f67dd}\ (ESP) (Fixed) (Total:0.63 GB) (Free:0.6 GB) FAT32
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 1AFE04F0)
 
Partition: GPT.
 
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-06-2020
Ran by David Jackson (administrator) on DAVIDDELL2 (Dell Inc. Vostro 3478) (21-06-2020 23:45:23)
Running from C:\Users\David Jackson\Desktop
Loaded Profiles: David Jackson
Platform: Windows 10 Home Version 1909 18363.900 (X64) Language: English (United States)
Default browser: "C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe" -- "%1"
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Program Files\AMD\Performance Profile Client\AUEPLauncher.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Program Files\AMD\Performance Profile Client\AUEPUF.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0355311.inf_amd64_815d26f2163260da\B355199\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0355311.inf_amd64_815d26f2163260da\B355199\atiesrxx.exe
(Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe <11>
(FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_f3a64c75ee4defb7\igfxCUIService.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_f3a64c75ee4defb7\igfxEM.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_38bfcb542ef4272e\IntelCpHDCPSvc.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_38bfcb542ef4272e\IntelCpHeciSvc.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\InputMethod\CHS\ChsIME.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdlogsr.exe
(Microsoft Windows Hardware Compatibility Publisher -> Windows ® Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Open-Shell) [File not signed] C:\Program Files\Open-Shell\StartMenu.exe
(Panda Security S.L. -> Panda Security S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\pselamsvc.exe
(Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9246656 2018-01-08] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1505728 2018-01-08] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [1210288 2017-11-14] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [Open-Shell Start Menu] => C:\Program Files\Open-Shell\StartMenu.exe [216576 2018-08-18] (Open-Shell) [File not signed]
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [318920 2019-05-30] (Intel® Rapid Storage Technology -> Intel Corporation)
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [165120 2019-10-16] (Panda Security S.L. -> Panda Security, S.L.)
HKU\S-1-5-21-2490165305-1638453623-257508744-1001\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe [2098344 2020-06-17] (Brave Software, Inc. -> Brave Software, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Installer\chrmstp.exe [2020-06-16] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\83.1.10.93\Installer\chrmstp.exe [2020-06-17] (Brave Software, Inc.) [File not signed]
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {044E1B9A-370F-4F6F-BADB-0A0F0DA37B38} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2020-05-15] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {0F7C1C56-8410-4414-A7DF-96E48A74FF96} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe [1628160 2020-05-15] (Advanced Micro Devices, Inc.) [File not signed]
Task: {11FCF4AA-3F7D-4378-967A-F69D76B06EE6} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_387_pepper.exe [1454648 2020-06-09] (Adobe Inc. -> Adobe)
Task: {1628DE49-B22E-47A2-9958-9B7685BB85C5} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [159368 2019-08-23] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {1FEE1AB6-7875-4C51-8A22-DFEA95CAE2DE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {5FC8279F-34E1-4E48-96E4-05997EF10D17} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe
Task: {74F7F83F-2E3D-47E4-AB60-9AD942D901C5} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {75198F92-0F54-4164-926B-3AA5947FE1E3} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe
Task: {85493095-4007-4EB6-9694-D88CFAE7F7AE} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {8A408B5D-FB1B-4DEC-B6C8-7B2A2CC01B52} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [69304 2020-05-15] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {8EEC5CF0-6E3A-4C54-8E3A-812E083C98B1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {BB8CD43C-4901-4FC2-AA25-E43E380B45FF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-24] (Google LLC -> Google LLC)
Task: {CA437914-1533-42A0-9BD7-557841658C20} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1628160 2020-05-15] (Advanced Micro Devices, Inc.) [File not signed]
Task: {D399D880-303A-47CC-94F1-D96370C19676} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Task: {DC6795B8-FE5E-4511-8151-24C490DD4E68} - System32\Tasks\StartCNBM => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2020-05-15] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {E7611AFD-1B56-4D55-AE60-0C0DE6CB3B2D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-24] (Google LLC -> Google LLC)
Task: {E98EE99C-7858-4B66-8CEF-13D1B6181553} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [124624 2020-06-09] (Mozilla Corporation -> Mozilla Foundation)
Task: {EC8B1B18-0FAC-4DC3-9501-10DB2041BDAC} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-09] (Adobe Inc. -> Adobe)
Task: {F3BD7406-3407-4868-B770-5B166A045ADE} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [159368 2019-08-23] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {FFC6F3A6-C377-49CB-A29E-2CE99D857A1D} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1628160 2020-05-15] (Advanced Micro Devices, Inc.) [File not signed]
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 10.0.0.254
Tcpip\..\Interfaces\{8c70cad8-062e-4f13-8ce5-2a31ab038f35}: [DhcpNameServer] 10.0.0.254
Tcpip\..\Interfaces\{b3d91cbd-008e-4ca0-a438-0fc4de714817}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{e74bf68f-123f-41dc-be80-cfca9c0eab71}: [DhcpNameServer] 192.168.88.1 192.168.1.1
 
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2490165305-1638453623-257508744-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2016-10-17] (Microsoft Corporation -> Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Open-Shell\ClassicExplorer64.dll [2018-08-18] (Open-Shell) [File not signed]
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2016-10-17] (Microsoft Corporation -> Microsoft Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Open-Shell\ClassicIEDLL_64.dll [2018-08-18] (Open-Shell) [File not signed]
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Open-Shell\ClassicExplorer32.dll [2018-08-18] (Open-Shell) [File not signed]
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2016-10-17] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Open-Shell\ClassicIEDLL_32.dll [2018-08-18] (Open-Shell) [File not signed]
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Open-Shell\ClassicExplorer64.dll [2018-08-18] (Open-Shell) [File not signed]
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Open-Shell\ClassicExplorer32.dll [2018-08-18] (Open-Shell) [File not signed]
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-10-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-10-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-10-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-10-17] (Microsoft Corporation -> Microsoft Corporation)
 
FireFox:
========
FF DefaultProfile: 58x27176.default-1552496324060
FF ProfilePath: C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060 [2020-06-12]
FF Extension: (Clear Cache) - C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060\Extensions\[email protected] [2019-07-10]
FF Extension: (Reverso Translate in Context) - C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060\Extensions\[email protected] [2020-05-11]
FF Extension: (Simple Translate) - C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060\Extensions\[email protected] [2020-05-11]
FF Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060\Extensions\[email protected] [2020-05-11]
FF Extension: (uBlock Origin) - C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060\Extensions\[email protected] [2020-05-11]
FF Extension: (Avast Online Security) - C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060\Extensions\[email protected] [2020-04-10] [UpdateUrl:hxxps://firefoxext.avcdn.net/firefoxext/avast/aos/update.json]
FF Extension: (Startpage.com — Private Search Engine) - C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060\Extensions\{20fc2e06-e3e4-4b2b-812b-ab431220cada}.xpi [2019-10-27]
FF Extension: (Zhongwen: Chinese-English Dictionary) - C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060\Extensions\{b65c7bc6-846b-4f65-b6ed-099d7e042309}.xpi [2019-03-14] [UpdateUrl:hxxps://clients2.google.com/service/update2/crx]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-10-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=3 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2019-08-23] (Brave Software, Inc. -> BraveSoftware Inc.)
FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=9 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2019-08-23] (Brave Software, Inc. -> BraveSoftware Inc.)
 
Chrome: 
=======
CHR Profile: C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default [2020-06-07]
CHR Extension: (Slides) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-04-24]
CHR Extension: (Docs) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-04-24]
CHR Extension: (Google Drive) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-04-24]
CHR Extension: (YouTube) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-04-24]
CHR Extension: (uBlock Origin) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2020-04-25]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-04-25]
CHR Extension: (Sheets) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-04-24]
CHR Extension: (Google Docs Offline) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-04-24]
CHR Extension: (Avast Online Security) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2020-04-25]
CHR Extension: (Chrome Web Store Payments) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-04-24]
CHR Extension: (Gmail) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-04-24]
CHR Extension: (Chrome Media Router) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-24]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
 
Opera: 
=======
OPR StartupUrls: "hxxps://www.startpage.com/"
OPR Extension: (AdBlock) - C:\Users\David Jackson\AppData\Roaming\Opera Software\Opera Stable\Extensions\aobdicepooefnbaeokijohmhjlleamfj [2019-03-13]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-09] (Adobe Inc. -> Adobe)
R2 AMD External Events Utility; C:\WINDOWS\System32\DriverStore\FileRepository\c0355311.inf_amd64_815d26f2163260da\B355199\atiesrxx.exe [523880 2020-05-25] (Advanced Micro Devices, Inc. -> AMD)
R2 AMD Log Utility; C:\WINDOWS\System32\amdlogsr.exe [483248 2020-05-05] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R2 AtherosSvc; C:\WINDOWS\System32\drivers\AdminService.exe [386976 2019-08-09] (Microsoft Windows Hardware Compatibility Publisher -> Windows ® Win 7 DDK provider)
R2 AUEPLauncher; C:\Program Files\AMD\CIM\..\Performance Profile Client\AUEPLauncher.exe [60600 2020-05-15] (Advanced Micro Devices, Inc. -> AMD)
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [159368 2019-08-23] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [159368 2019-08-23] (Brave Software, Inc. -> BraveSoftware Inc.)
R2 FoxitReaderUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe [1995184 2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [109536 2019-10-16] (Panda Security S.L. -> Panda Security, S.L.)
S3 Panda VPN Service; C:\Program Files (x86)\Panda Security\Panda Security Protection\Hydra.Sdk.Windows.Service.exe [320848 2017-11-20] (AnchorFree Inc -> )
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [84176 2019-02-19] (Panda Security S.L. -> Panda Security, S.L.)
R2 pselamsvc; C:\Program Files (x86)\Panda Security\Panda Security Protection\pselamsvc.exe [189448 2018-07-25] (Panda Security S.L. -> Panda Security S.L.)
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [48784 2019-10-16] (Panda Security S.L. -> Panda Security, S.L.)
R2 QcomWlanSrv; C:\WINDOWS\System32\drivers\QcomWlanSrvx64.exe [191768 2019-08-09] (Qualcomm Atheros -> Qualcomm Technologies Inc.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324544 2018-01-08] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 WavesSysSvc; C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe [833456 2017-11-14] (Waves Inc -> Waves Audio Ltd.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\NisSrv.exe [2484256 2020-06-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\MsMpEng.exe [103168 2020-06-12] (Microsoft Windows Publisher -> Microsoft Corporation)
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 aftap0901; C:\WINDOWS\System32\drivers\aftap0901.sys [48624 2017-11-16] (AnchorFree Inc -> The OpenVPN Project)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0355311.inf_amd64_815d26f2163260da\B355199\atikmdag.sys [65752680 2020-05-25] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0355311.inf_amd64_815d26f2163260da\B355199\atikmpag.sys [591464 2020-05-25] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdlog; C:\WINDOWS\System32\drivers\amdlog.sys [89200 2020-05-05] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 asvpndrv; C:\WINDOWS\System32\drivers\asvpndrv.sys [31744 2014-05-18] (Astrill -> Astrill)
R3 BtFilter; C:\WINDOWS\System32\drivers\btfilter.sys [81680 2019-08-09] (Qualcomm Atheros -> Qualcomm)
R1 NNSALPC; C:\WINDOWS\system32\DRIVERS\NNSALPC.sys [111384 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSDNS; C:\WINDOWS\system32\DRIVERS\NNSDNS.sys [104728 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSHTTP; C:\WINDOWS\system32\DRIVERS\NNSHTTP.sys [211736 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSHTTPS; C:\WINDOWS\system32\DRIVERS\NNSHTTPS.sys [125720 2019-03-06] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSIDS; C:\WINDOWS\system32\DRIVERS\NNSIDS.sys [132888 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSNAHSL; C:\WINDOWS\system32\DRIVERS\NNSNAHSL.sys [95472 2018-07-16] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPICC; C:\WINDOWS\system32\DRIVERS\NNSPICC.sys [149784 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPIHSW; C:\WINDOWS\system32\DRIVERS\NNSPIHSW.sys [95000 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPOP3; C:\WINDOWS\system32\DRIVERS\NNSPOP3.sys [135448 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPROT; C:\WINDOWS\system32\DRIVERS\NNSPROT.sys [346392 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPRV; C:\WINDOWS\system32\DRIVERS\NNSPRV.sys [290584 2019-05-30] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSSMTP; C:\WINDOWS\system32\DRIVERS\NNSSMTP.sys [123160 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSSTRM; C:\WINDOWS\system32\DRIVERS\NNSSTRM.sys [295192 2019-05-30] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSTLSC; C:\WINDOWS\system32\DRIVERS\NNSTLSC.sys [132376 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.)
U5 PROCMON24; C:\Windows\System32\Drivers\PROCMON24.sys [97176 2019-10-13] (Microsoft Windows Hardware Compatibility Publisher -> Sysinternals - www.sysinternals.com)
R2 PSINAflt; C:\WINDOWS\system32\DRIVERS\PSINAflt.sys [198424 2019-06-12] (Panda Security S.L. -> Panda Security, S.L.)
S0 psinelam; C:\WINDOWS\System32\DRIVERS\psinelam.sys [21952 2019-01-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Panda Security, S.L.)
R2 PSINFile; C:\WINDOWS\System32\DRIVERS\PSINFile.sys [160536 2019-06-12] (Panda Security S.L. -> Panda Security, S.L.)
R1 PSINKNC; C:\WINDOWS\system32\DRIVERS\PSINKNC.sys [215320 2019-03-04] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINProc; C:\WINDOWS\System32\DRIVERS\PSINProc.sys [147224 2019-06-12] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINProt; C:\WINDOWS\system32\DRIVERS\PSINProt.sys [159512 2019-06-12] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINReg; C:\WINDOWS\system32\DRIVERS\PSINReg.sys [129304 2019-06-12] (Panda Security S.L. -> Panda Security, S.L.)
R3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [72648 2017-05-22] (Panda Security S.L. -> Panda Security, S.L.)
R3 Qcamain10x64; C:\WINDOWS\System32\drivers\Qcamain10x64.sys [2436376 2019-08-09] (Qualcomm Atheros -> Qualcomm Atheros, Inc.)
S3 rspLLL; C:\WINDOWS\System32\DRIVERS\rspLLL64.sys [26368 2015-07-13] (Daniel Terhell -> Resplendence Software Projects Sp.)
S3 rspWhySoSlow; C:\WINDOWS\System32\DRIVERS\rspWhy64.sys [28928 2016-12-17] (Daniel Terhell -> Resplendence Software Projects Sp.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45960 2020-06-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [401120 2020-06-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [64224 2020-06-12] (Microsoft Windows -> Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ===================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-06-21 23:45 - 2020-06-21 23:48 - 000029933 _____ C:\Users\David Jackson\Desktop\FRST.txt
2020-06-21 23:36 - 2020-06-21 23:36 - 000003132 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2020-06-21 23:36 - 2020-06-21 23:36 - 000003118 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2020-06-21 23:34 - 2017-05-22 06:01 - 000072648 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSKMAD.sys
2020-06-21 23:29 - 2020-06-21 23:30 - 000010642 _____ C:\Users\David Jackson\Desktop\Fixlog.txt
2020-06-21 23:19 - 2020-06-21 23:19 - 002290176 _____ (Farbar) C:\Users\David Jackson\Desktop\FRST64 (1).exe
2020-06-20 21:18 - 2020-06-20 21:18 - 000001955 _____ C:\Users\David Jackson\Desktop\Zoom.lnk
2020-06-20 21:18 - 2020-06-20 21:18 - 000000000 ____D C:\Users\David Jackson\Documents\Zoom
2020-06-20 17:58 - 2020-06-20 17:58 - 000391599 _____ C:\Users\David Jackson\Downloads\FAI+Guide+to+DBS.pdf
2020-06-20 17:50 - 2020-06-20 17:50 - 000000000 ____D C:\Users\David Jackson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2020-06-20 17:49 - 2020-06-20 17:50 - 000000000 ____D C:\Users\David Jackson\AppData\Roaming\Zoom
2020-06-19 11:15 - 2020-06-19 11:15 - 001884579 _____ C:\Users\David Jackson\Downloads\Keeping Intouch - Issue 4 fv.pdf
2020-06-12 22:23 - 2020-06-12 22:23 - 000002320 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Dome.lnk
2020-06-12 22:21 - 2020-06-12 22:21 - 000000000 ____D C:\Users\David Jackson\AppData\Roaming\Panda Security
2020-06-12 22:18 - 2019-06-12 03:29 - 000198424 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSINAflt.sys
2020-06-12 22:18 - 2019-06-12 03:29 - 000159512 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSINProt.sys
2020-06-12 22:18 - 2019-06-12 03:29 - 000129304 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSINReg.sys
2020-06-12 22:18 - 2019-05-30 06:57 - 000295192 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnsstrm.sys
2020-06-12 22:18 - 2019-03-06 04:06 - 000125720 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnshttps.sys
2020-06-12 22:18 - 2019-03-05 06:44 - 000346392 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnsprot.sys
2020-06-12 22:18 - 2019-03-05 06:44 - 000211736 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnshttp.sys
2020-06-12 22:18 - 2019-03-05 06:44 - 000149784 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnspicc.sys
2020-06-12 22:18 - 2019-03-05 06:44 - 000135448 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnspop3.sys
2020-06-12 22:18 - 2019-03-05 06:44 - 000132888 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnsids.sys
2020-06-12 22:18 - 2019-03-05 06:44 - 000132376 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnstlsc.sys
2020-06-12 22:18 - 2019-03-05 06:44 - 000123160 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnssmtp.sys
2020-06-12 22:18 - 2019-03-05 06:44 - 000104728 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnsdns.sys
2020-06-12 22:18 - 2019-03-05 06:44 - 000095000 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnspihsw.sys
2020-06-12 22:17 - 2019-03-05 06:44 - 000111384 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnsalpc.sys
2020-06-12 22:17 - 2019-03-04 14:20 - 000215320 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSINKNC.sys
2020-06-12 22:17 - 2019-01-22 04:44 - 000021952 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\psinelam.sys
2020-06-12 22:16 - 2020-06-12 22:23 - 000002305 _____ C:\Users\Public\Desktop\Panda Dome.lnk
2020-06-12 22:16 - 2020-06-12 22:23 - 000002305 _____ C:\ProgramData\Desktop\Panda Dome.lnk
2020-06-12 22:16 - 2020-06-12 22:16 - 000000000 ____D C:\Users\David Jackson\AppData\Local\Opera Software
2020-06-12 22:16 - 2020-06-12 22:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Dome
2020-06-12 22:14 - 2020-06-12 22:22 - 000000000 ____D C:\Program Files (x86)\Panda Security
2020-06-12 22:14 - 2020-06-12 22:14 - 000001491 _____ C:\Users\David Jackson\Desktop\Opera Browser.lnk
2020-06-12 22:14 - 2020-06-12 22:14 - 000001491 _____ C:\Users\David Jackson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera Browser.lnk
2020-06-12 22:09 - 2020-06-12 22:22 - 000000000 ____D C:\ProgramData\Panda Security
2020-06-12 22:08 - 2020-06-12 22:08 - 003240752 _____ (Panda Security, S.L.) C:\Users\David Jackson\Downloads\PANDAFREEAV.exe
2020-06-12 19:52 - 2020-06-12 19:52 - 000000000 ____D C:\Users\David Jackson\AppData\Local\AdAwareDesktop
2020-06-12 19:45 - 2020-06-12 19:45 - 000000000 ____D C:\Users\David Jackson\AppData\Local\AdAwareUpdater
2020-06-12 19:17 - 2020-06-12 19:17 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-06-12 09:24 - 2020-06-05 22:03 - 000835480 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-06-12 09:24 - 2020-06-05 22:03 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2020-06-11 19:58 - 2020-06-11 19:58 - 000069533 _____ C:\Users\David Jackson\Downloads\humility.epub
2020-06-11 19:51 - 2020-06-11 19:51 - 001934661 _____ C:\Users\David Jackson\Downloads\don-t-waste-your-life-en.pdf
2020-06-11 19:50 - 2020-06-11 19:50 - 000657045 _____ C:\Users\David Jackson\Downloads\the-hidden-smile-of-god-en.pdf
2020-06-11 19:49 - 2020-06-11 19:49 - 001786549 _____ C:\Users\David Jackson\Downloads\still-not-professionals-en.pdf
2020-06-11 19:49 - 2020-06-11 19:49 - 000634801 _____ C:\Users\David Jackson\Downloads\the-marks-of-a-spiritual-leader-en.pdf
2020-06-11 19:48 - 2020-06-11 19:49 - 001616875 _____ C:\Users\David Jackson\Downloads\brothers-we-are-not-professionals-en.pdf
2020-06-11 11:07 - 2020-06-11 11:07 - 011608064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2020-06-11 11:07 - 2020-06-11 11:07 - 009712640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2020-06-11 11:07 - 2020-06-11 11:07 - 004470272 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2020-06-11 11:07 - 2020-06-11 11:07 - 003365376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2020-06-11 11:07 - 2020-06-11 11:07 - 001539072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2020-06-11 11:07 - 2020-06-11 11:07 - 000940544 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2020-06-11 11:07 - 2020-06-11 11:07 - 000920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2020-06-11 11:07 - 2020-06-11 11:07 - 000723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2020-06-11 11:07 - 2020-06-11 11:07 - 000688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2020-06-11 11:07 - 2020-06-11 11:07 - 000651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMEX.dll
2020-06-11 11:07 - 2020-06-11 11:07 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msra.exe
2020-06-11 11:07 - 2020-06-11 11:07 - 000526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2020-06-11 11:07 - 2020-06-11 11:07 - 000503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSCOMEX.dll
2020-06-11 11:07 - 2020-06-11 11:07 - 000466944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2020-06-11 11:07 - 2020-06-11 11:07 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\WalletService.dll
2020-06-11 11:07 - 2020-06-11 11:07 - 000338944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2020-06-11 11:07 - 2020-06-11 11:07 - 000219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpdxm.dll
2020-06-11 11:07 - 2020-06-11 11:07 - 000166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpdxm.dll
2020-06-11 11:07 - 2020-06-11 11:07 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeUISrv.exe
2020-06-11 11:06 - 2020-06-11 11:06 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 019851776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 019812864 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 018029056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 007012864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 006292480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 005909504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 003822592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 003525608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 003515392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-06-11 11:06 - 2020-06-11 11:06 - 002494744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 002230240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 002204160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 001704448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmcndmgr.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 001467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 001410048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmc.exe
2020-06-11 11:06 - 2020-06-11 11:06 - 001344512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMNetMgr.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 001312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 001272160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 001151824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 001112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMNetMgr.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 001099608 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 001012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000868352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2fs.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000850944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapi3.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000832512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdosys.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000747832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000740352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000686080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000571904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2020-06-11 11:06 - 2020-06-11 11:06 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000555520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000549376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2020-06-11 11:06 - 2020-06-11 11:06 - 000484864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\psisdecd.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000478208 _____ (Microsoft® Windows® Operating System) C:\WINDOWS\SysWOW64\wvc.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswmdm.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000420352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000361472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\termmgr.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassdo.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswmdm.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Feedback.Analog.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WlanMM.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000267776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000248320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wavemsp.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg2splt.ax
2020-06-11 11:06 - 2020-06-11 11:06 - 000199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmidx.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cic.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000146944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmidx.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000133120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasrecst.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasnap.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkspbrokerAx.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000083600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devenum.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2020-06-11 11:06 - 2020-06-11 11:06 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000028368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SecurityCenterBrokerPS.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 025902080 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 008015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 007760384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 007268864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 005765144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 004858880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 004610560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 003398656 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-06-11 11:05 - 2020-06-11 11:05 - 002281472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcndmgr.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 002184504 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 001803776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmc.exe
2020-06-11 11:05 - 2020-06-11 11:05 - 001637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 001416224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 001397560 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-06-11 11:05 - 2020-06-11 11:05 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 001314304 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagperf.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 001284608 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 001215488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe
2020-06-11 11:05 - 2020-06-11 11:05 - 001193984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 001138688 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 001077048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-06-11 11:05 - 2020-06-11 11:05 - 001066496 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdosys.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000994304 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000992256 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2fs.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapi3.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregcmd.exe
2020-06-11 11:05 - 2020-06-11 11:05 - 000897536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000783496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-06-11 11:05 - 2020-06-11 11:05 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000740664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DismApi.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000692224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000674304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000640000 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000632320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000619008 _____ (Microsoft Corporation) C:\WINDOWS\system32\azroles.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\psisdecd.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000575488 _____ (Microsoft® Windows® Operating System) C:\WINDOWS\system32\wvc.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msTextPrediction.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2020-06-11 11:05 - 2020-06-11 11:05 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\azroles.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000498176 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000490496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassdo.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\termmgr.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000423424 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000407864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwizeng.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000398336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMM.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000398336 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000384512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\CXHProvisioningServer.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000271360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpviewerax.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000260096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wavemsp.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpg2splt.ax
2020-06-11 11:05 - 2020-06-11 11:05 - 000249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\FileHistory.exe
2020-06-11 11:05 - 2020-06-11 11:05 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000223544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Dism.exe
2020-06-11 11:05 - 2020-06-11 11:05 - 000211256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\cic.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000204008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityCenterBroker.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000196096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasrecst.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netprofm.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdrsvc.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasnap.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkspbrokerAx.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaatext.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2020-06-11 11:05 - 2020-06-11 11:05 - 000099712 _____ (Microsoft Corporation) C:\WINDOWS\system32\FsIso.exe
2020-06-11 11:05 - 2020-06-11 11:05 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000093448 _____ (Microsoft Corporation) C:\WINDOWS\system32\devenum.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwanRadioManager.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2020-06-11 11:05 - 2020-06-11 11:05 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasads.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasads.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtutils.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000041864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityCenterBrokerPS.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-06-11 11:05 - 2020-06-11 11:05 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-06-11 11:05 - 2020-06-11 11:05 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-06-11 11:05 - 2020-06-11 11:05 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-06-11 11:05 - 2020-06-11 11:05 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-06-11 11:05 - 2020-06-11 11:05 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-06-11 11:05 - 2020-06-11 11:05 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-06-11 11:05 - 2020-06-11 11:05 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-06-11 11:05 - 2020-06-11 11:05 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-06-11 11:05 - 2020-06-11 11:05 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-06-11 11:05 - 2020-06-11 11:05 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-06-11 11:05 - 2020-06-11 11:05 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-06-11 11:04 - 2020-06-11 11:04 - 009931576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-06-11 11:04 - 2020-06-11 11:04 - 007604592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 006526448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 006435840 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 006091048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 005195432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 005111808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 005004344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 003368104 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 002831872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 002798592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-06-11 11:04 - 2020-06-11 11:04 - 002583496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 001654960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 001649152 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 001393952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 001348096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 001283072 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 001261568 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 001250816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpsharercom.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 001153024 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowsperformancerecordercontrol.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 001100288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 001055184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 001003832 _____ (Microsoft Corporation) C:\WINDOWS\system32\DismApi.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000932256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2020-06-11 11:04 - 2020-06-11 11:04 - 000929280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000894024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000892416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000892048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowsperformancerecordercontrol.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000797464 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000782336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000777216 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BTAGService.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000696832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000690176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkObjCore.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000684856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000651776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000628408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000614400 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000593424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000572200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000564496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000561464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2020-06-11 11:04 - 2020-06-11 11:04 - 000557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000522240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000518456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2020-06-11 11:04 - 2020-06-11 11:04 - 000508720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000508216 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizeng.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000467952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000461112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000453944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2020-06-11 11:04 - 2020-06-11 11:04 - 000451864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000440832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprt.exe
2020-06-11 11:04 - 2020-06-11 11:04 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000405936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000384000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000380728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000357176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpr.exe
2020-06-11 11:04 - 2020-06-11 11:04 - 000325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpviewerax.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-06-11 11:04 - 2020-06-11 11:04 - 000309248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2020-06-11 11:04 - 2020-06-11 11:04 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\RASMM.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000287232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Preview.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000280376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Dism.exe
2020-06-11 11:04 - 2020-06-11 11:04 - 000259776 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoncli.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000247856 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkEd.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000221496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-06-11 11:04 - 2020-06-11 11:04 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdigest.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000199992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-06-11 11:04 - 2020-06-11 11:04 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\psr.exe
2020-06-11 11:04 - 2020-06-11 11:04 - 000193592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000190048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logoncli.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdigest.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000179512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2020-06-11 11:04 - 2020-06-11 11:04 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaatext.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000165832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2020-06-11 11:04 - 2020-06-11 11:04 - 000165296 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000165192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSM.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000150328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2020-06-11 11:04 - 2020-06-11 11:04 - 000132424 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000130112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000129600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkStatus.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMM.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleprn.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000108856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000090952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000089344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atl.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\RpcEpMap.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtutils.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000063288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
2020-06-11 11:04 - 2020-06-11 11:04 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnrollCtrl.exe
2020-06-11 11:04 - 2020-06-11 11:04 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2020-06-11 11:04 - 2020-06-11 11:04 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atlthunk.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2020-06-11 11:04 - 2020-06-11 11:04 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryCore.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 007911176 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 007266080 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 006066808 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 005283264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 004565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-06-11 11:03 - 2020-06-11 11:03 - 004012032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 003726848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-06-11 11:03 - 2020-06-11 11:03 - 003712000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 003581240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-06-11 11:03 - 2020-06-11 11:03 - 003187200 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-06-11 11:03 - 2020-06-11 11:03 - 002656256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 002289664 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 002235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 001942528 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 001919488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 001743680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 001683968 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 001637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 001583104 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 001486336 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-06-11 11:03 - 2020-06-11 11:03 - 001466368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpsharercom.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 001447424 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2020-06-11 11:03 - 2020-06-11 11:03 - 001274128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 001260744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 001158144 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 001155944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-06-11 11:03 - 2020-06-11 11:03 - 001073664 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 001007104 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000931840 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkObjCore.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-06-11 11:03 - 2020-06-11 11:03 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000826368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2020-06-11 11:03 - 2020-06-11 11:03 - 000760296 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000727040 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntime.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000722072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000716320 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntimewindows.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000553984 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-06-11 11:03 - 2020-06-11 11:03 - 000548984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000531768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2020-06-11 11:03 - 2020-06-11 11:03 - 000472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.ConversationalAgent.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-06-11 11:03 - 2020-06-11 11:03 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000425056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkEd.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000264192 _____ (Microsoft Corporation) C:\WINDOWS\system32\netman.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000242688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\psr.exe
2020-06-11 11:03 - 2020-06-11 11:03 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpdMtp.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000209216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSM.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000201528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SIUF.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AarSvc.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3mm.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpdMtpUS.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleprn.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2020-06-11 11:03 - 2020-06-11 11:03 - 000128312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2020-06-11 11:03 - 2020-06-11 11:03 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000104248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\atl.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanRadioManager.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxGipRadioManager.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnrollCtrl.exe
2020-06-11 11:03 - 2020-06-11 11:03 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\NfcRadioMedia.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnosticsTool.exe
2020-06-11 11:03 - 2020-06-11 11:03 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\atlthunk.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2020-06-11 00:16 - 2020-06-11 00:17 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-06-11 00:16 - 2020-06-11 00:17 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-06-10 12:45 - 2020-06-10 12:45 - 000895969 _____ C:\Users\David Jackson\Downloads\UK-Internships-2020-with-marks.pdf
2020-06-10 10:38 - 2020-06-10 10:38 - 000000000 ____D C:\WINDOWS\system32\AMD
2020-06-10 09:51 - 2020-06-10 09:53 - 000000000 ____D C:\Users\David Jackson\Downloads\chipset-10.1.18228.8176-public-mup (1)
2020-06-10 09:49 - 2020-06-10 09:51 - 006563247 _____ C:\Users\David Jackson\Downloads\chipset-10.1.18228.8176-public-mup (1).zip
2020-06-09 23:41 - 2020-06-21 23:33 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-06-09 14:09 - 2020-06-09 14:09 - 010580024 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2020-06-08 16:59 - 2020-06-12 00:05 - 000002374 _____ C:\WINDOWS\system32\Tasks\StartCNBM
2020-06-08 13:42 - 2020-06-08 13:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Software
2020-06-08 13:40 - 2020-06-08 13:40 - 000000000 ____D C:\Program Files (x86)\AMD
2020-06-08 12:11 - 2020-05-25 12:41 - 001783920 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2020-06-08 12:11 - 2020-05-25 12:41 - 001783920 _____ C:\WINDOWS\system32\vulkaninfo.exe
2020-06-08 12:11 - 2020-05-25 12:41 - 001593448 _____ (AMD) C:\WINDOWS\system32\coinst_19.50.dll
2020-06-08 12:11 - 2020-05-25 12:41 - 001374320 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-06-08 12:11 - 2020-05-25 12:41 - 001374320 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2020-06-08 12:11 - 2020-05-25 12:41 - 001085360 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2020-06-08 12:11 - 2020-05-25 12:41 - 001085360 _____ C:\WINDOWS\system32\vulkan-1.dll
2020-06-08 12:11 - 2020-05-25 12:41 - 000944208 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2020-06-08 12:11 - 2020-05-25 12:41 - 000944208 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2020-06-08 12:11 - 2020-05-25 12:41 - 000760424 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2020-06-08 12:11 - 2020-05-25 12:41 - 000574056 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2020-06-08 12:11 - 2020-05-25 12:41 - 000493160 _____ C:\WINDOWS\system32\dgtrayicon.exe
2020-06-08 12:11 - 2020-05-25 12:41 - 000491104 _____ C:\WINDOWS\system32\GameManager64.dll
2020-06-08 12:11 - 2020-05-25 12:41 - 000484968 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2020-06-08 12:11 - 2020-05-25 12:41 - 000468584 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2020-06-08 12:11 - 2020-05-25 12:41 - 000451176 _____ C:\WINDOWS\system32\atieah64.exe
2020-06-08 12:11 - 2020-05-25 12:41 - 000373864 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2020-06-08 12:11 - 2020-05-25 12:41 - 000345192 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2020-06-08 12:11 - 2020-05-25 12:41 - 000344168 _____ C:\WINDOWS\system32\clinfo.exe
2020-06-08 12:11 - 2020-05-25 12:41 - 000241256 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2020-06-08 12:11 - 2020-05-25 12:41 - 000208488 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2020-06-08 12:11 - 2020-05-25 12:41 - 000183912 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2020-06-08 12:11 - 2020-05-25 12:41 - 000162408 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2020-06-08 12:11 - 2020-05-25 12:41 - 000158824 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2020-06-08 12:11 - 2020-05-25 12:41 - 000152680 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2020-06-08 12:11 - 2020-05-25 12:41 - 000137832 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2020-06-08 12:11 - 2020-05-25 12:41 - 000135784 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2020-06-08 12:11 - 2020-05-25 12:41 - 000135784 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2020-06-08 12:11 - 2020-05-25 12:41 - 000124000 _____ C:\WINDOWS\system32\atidxx64.dll
2020-06-08 12:11 - 2020-05-25 12:41 - 000106600 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2020-06-08 12:11 - 2020-05-25 12:41 - 000046696 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2020-06-08 12:11 - 2020-05-25 12:41 - 000043624 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2020-06-08 12:11 - 2020-05-25 12:41 - 000019768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2020-06-08 12:11 - 2020-05-25 12:41 - 000019768 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2020-06-08 12:11 - 2020-05-25 12:40 - 004585056 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2020-06-08 12:11 - 2020-05-25 12:40 - 004094568 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2020-06-08 12:11 - 2020-05-25 12:40 - 001730152 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2020-06-08 12:11 - 2020-05-25 12:40 - 001242728 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2020-06-08 12:11 - 2020-05-25 12:40 - 001242728 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2020-06-08 12:11 - 2020-05-25 12:40 - 000178240 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2020-06-08 12:11 - 2020-05-25 12:40 - 000157592 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2020-06-08 12:11 - 2020-05-25 12:40 - 000128112 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2020-06-08 12:11 - 2020-05-25 12:40 - 000107216 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2020-06-08 12:11 - 2020-05-25 12:40 - 000070248 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2020-06-08 12:11 - 2020-05-25 11:35 - 003471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2020-06-08 12:11 - 2020-05-25 11:35 - 003437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2020-06-08 12:11 - 2020-05-25 11:35 - 000543168 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2020-06-08 12:11 - 2020-05-25 11:35 - 000543168 _____ C:\WINDOWS\system32\atiapfxx.blb
2020-06-08 12:11 - 2020-05-05 13:49 - 000483248 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlogsr.exe
2020-06-08 12:11 - 2020-05-05 13:49 - 000089200 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdlog.sys
2020-06-08 12:10 - 2020-05-25 12:40 - 062867048 _____ C:\WINDOWS\system32\amd_comgr.dll
2020-06-08 12:10 - 2020-05-25 12:40 - 052402792 _____ C:\WINDOWS\SysWOW64\amd_comgr32.dll
2020-06-08 12:10 - 2020-05-25 12:40 - 000941160 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2020-06-08 12:10 - 2020-05-25 12:40 - 000768616 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2020-06-08 12:10 - 2020-05-25 12:40 - 000553576 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll
2020-06-08 12:10 - 2020-05-25 12:40 - 000483944 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2020-06-08 12:10 - 2020-05-25 12:40 - 000383592 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll
2020-06-08 12:10 - 2020-05-25 12:40 - 000373352 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2020-06-08 12:10 - 2020-05-25 12:40 - 000197280 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdihk64.dll
2020-06-08 12:10 - 2020-05-25 12:40 - 000166880 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdihk32.dll
2020-06-08 12:10 - 2020-05-25 12:40 - 000134760 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2020-06-08 12:10 - 2020-05-25 12:40 - 000120936 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2020-06-08 12:10 - 2020-05-25 12:40 - 000120424 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2020-06-08 12:10 - 2020-05-25 12:40 - 000105576 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2020-06-08 12:10 - 2020-05-25 12:39 - 000545712 _____ C:\WINDOWS\system32\amdmiracast.dll
2020-06-08 12:10 - 2020-05-25 12:39 - 000134328 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2020-06-08 12:10 - 2020-05-25 12:39 - 000128128 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2020-06-08 12:10 - 2020-05-25 12:39 - 000119240 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2020-06-08 12:10 - 2020-05-25 12:39 - 000107224 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2020-06-06 22:21 - 2020-06-06 22:21 - 000213719 _____ C:\Users\David Jackson\Downloads\ironsideholiness.pdf
2020-06-05 11:00 - 2020-06-05 11:00 - 000285585 _____ C:\Users\David Jackson\Downloads\[email protected]
2020-06-04 11:17 - 2020-06-04 11:17 - 000266924 _____ C:\Users\David Jackson\Downloads\wecshorttermmission.zip
2020-06-02 21:21 - 2020-06-02 21:21 - 000769365 _____ C:\Users\David Jackson\Downloads\Wuxi_Pix_Courtesy_of_John_Zhang_(eom).zip
2020-05-31 18:19 - 2020-05-31 18:19 - 004248267 _____ C:\Users\David Jackson\Downloads\Wewerewrong.pdf
2020-05-31 17:45 - 2020-05-31 17:45 - 002951108 _____ C:\Users\David Jackson\Downloads\The_Spiritual_Man.pdf
2020-05-31 17:44 - 2020-05-31 17:44 - 001847750 _____ C:\Users\David Jackson\Downloads\Life of Moody.pdf
2020-05-31 17:43 - 2020-05-31 17:44 - 000123921 _____ C:\Users\David Jackson\Downloads\Exegetical_Fallacies.pdf
2020-05-31 17:42 - 2020-05-31 17:42 - 005001581 _____ C:\Users\David Jackson\Downloads\captive-to-glory-en.pdf
2020-05-31 17:42 - 2020-05-31 17:42 - 001631341 _____ C:\Users\David Jackson\Downloads\an-all-consuming-passion-for-jesus-en.pdf
2020-05-31 17:41 - 2020-05-31 17:41 - 000752137 _____ C:\Users\David Jackson\Downloads\a-tribute-to-my-father-en.pdf
2020-05-31 17:41 - 2020-05-31 17:41 - 000535038 _____ C:\Users\David Jackson\Downloads\sanctification-in-the-everyday-en.pdf
2020-05-31 17:40 - 2020-05-31 17:41 - 001510909 _____ C:\Users\David Jackson\Downloads\martin-luther-en.pdf
2020-05-31 17:40 - 2020-05-31 17:40 - 003065948 _____ C:\Users\David Jackson\Downloads\john-g-paton-en.pdf
2020-05-31 17:39 - 2020-05-31 17:39 - 000901007 _____ C:\Users\David Jackson\Downloads\david-brainerd-en.pdf
2020-05-31 17:38 - 2020-05-31 17:38 - 003361884 _____ C:\Users\David Jackson\Downloads\adoniram-judson-en.pdf
2020-05-31 09:51 - 2020-05-31 09:51 - 000000000 ____D C:\Users\Public\Foxit Software
2020-05-31 09:51 - 2020-05-31 09:51 - 000000000 ____D C:\Users\David Jackson\AppData\Roaming\Foxit AgentInformation
2020-05-31 09:51 - 2020-05-31 09:51 - 000000000 ____D C:\Users\David Jackson\AppData\LocalLow\Foxit
2020-05-31 09:51 - 2020-05-31 09:51 - 000000000 ____D C:\ProgramData\Foxit Software
2020-05-31 09:51 - 2020-05-31 09:51 - 000000000 ____D C:\ProgramData\Foxit ContentPlatform
2020-05-31 09:50 - 2020-06-06 22:22 - 000000000 ____D C:\Users\David Jackson\AppData\Roaming\Foxit Software
2020-05-31 09:50 - 2020-05-31 09:50 - 000001436 _____ C:\Users\Public\Desktop\Foxit Reader.lnk
2020-05-31 09:50 - 2020-05-31 09:50 - 000001436 _____ C:\ProgramData\Desktop\Foxit Reader.lnk
2020-05-31 09:50 - 2020-05-31 09:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2020-05-31 09:50 - 2020-05-31 09:50 - 000000000 ____D C:\Program Files (x86)\Foxit Software
2020-05-26 11:12 - 2020-05-26 11:13 - 000277049 _____ C:\Users\David Jackson\Downloads\PSN 48539.pdf
2020-05-25 23:00 - 2020-05-25 23:00 - 000001079 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2020-05-25 23:00 - 2020-05-25 23:00 - 000001079 _____ C:\ProgramData\Desktop\Revo Uninstaller.lnk
2020-05-25 22:58 - 2020-05-25 22:58 - 000000000 ____D C:\ProgramData\UCheck
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-06-21 23:47 - 2020-01-24 00:15 - 000000000 ____D C:\FRST
2020-06-21 23:46 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-06-21 23:35 - 2018-10-17 11:39 - 000000000 __SHD C:\Users\David Jackson\IntelGraphicsProfiles
2020-06-21 23:34 - 2020-04-19 10:57 - 000520784 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-06-21 23:33 - 2019-08-25 23:13 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-06-21 23:33 - 2018-12-07 13:00 - 000000000 ____D C:\ProgramData\AVAST Software
2020-06-21 23:33 - 2018-10-17 11:02 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-06-21 23:32 - 2019-03-19 05:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-06-21 23:31 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-06-21 21:03 - 2019-08-25 22:43 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-06-21 13:05 - 2018-12-19 10:36 - 000000000 ____D C:\Users\David Jackson\AppData\Local\CrashDumps
2020-06-21 13:04 - 2019-10-06 14:14 - 000000000 ____D C:\Users\David Jackson\AppData\Local\OpenShell
2020-06-21 07:48 - 2020-02-28 09:15 - 000000000 ____D C:\Users\David Jackson\Downloads\opera autoupdate
2020-06-21 00:27 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-06-17 23:34 - 2020-05-11 12:00 - 000002424 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2020-06-17 23:34 - 2020-05-11 12:00 - 000002383 _____ C:\Users\Public\Desktop\Brave.lnk
2020-06-17 23:34 - 2020-05-11 12:00 - 000002383 _____ C:\ProgramData\Desktop\Brave.lnk
2020-06-17 18:32 - 2020-05-12 15:09 - 000000000 ____D C:\Users\David Jackson\AppData\Local\ElevatedDiagnostics
2020-06-16 21:01 - 2020-04-24 13:53 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-06-16 21:01 - 2020-04-24 13:53 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-06-16 21:01 - 2020-04-24 13:53 - 000002262 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-06-16 17:18 - 2018-10-17 11:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2020-06-16 17:09 - 2019-06-08 11:19 - 000000000 ____D C:\Users\David Jackson\AppData\Roaming\Anki2
2020-06-16 09:48 - 2019-03-16 17:30 - 000000000 ____D C:\Users\David Jackson\AppData\Local\D3DSCache
2020-06-12 22:23 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2020-06-12 22:21 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2020-06-12 22:21 - 2016-07-16 12:47 - 000000000 ____D C:\WINDOWS\system32\GroupPolicy
2020-06-12 21:02 - 2018-10-17 11:02 - 000000000 ____D C:\Users\David Jackson\AppData\LocalLow\Mozilla
2020-06-12 19:44 - 2018-10-18 10:25 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-06-12 19:33 - 2020-02-23 23:13 - 000744808 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2020-06-12 19:17 - 2018-10-17 11:02 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-06-12 09:27 - 2020-03-05 15:22 - 000735058 _____ C:\WINDOWS\system32\perfh010.dat
2020-06-12 09:27 - 2020-03-05 15:22 - 000135432 _____ C:\WINDOWS\system32\perfc010.dat
2020-06-12 09:27 - 2020-01-14 21:53 - 000745756 _____ C:\WINDOWS\system32\perfh00C.dat
2020-06-12 09:27 - 2020-01-14 21:53 - 000139160 _____ C:\WINDOWS\system32\perfc00C.dat
2020-06-12 09:27 - 2020-01-14 21:35 - 000696098 _____ C:\WINDOWS\system32\perfh007.dat
2020-06-12 09:27 - 2020-01-14 21:35 - 000139468 _____ C:\WINDOWS\system32\perfc007.dat
2020-06-12 09:27 - 2019-08-26 08:17 - 000395550 _____ C:\WINDOWS\system32\prfh0804.dat
2020-06-12 09:27 - 2019-08-26 08:17 - 000122334 _____ C:\WINDOWS\system32\prfc0804.dat
2020-06-12 09:27 - 2019-08-25 23:03 - 003916954 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-06-12 09:27 - 2018-10-25 14:52 - 000000000 ___RD C:\Users\David Jackson\3D Objects
2020-06-12 09:27 - 2016-11-20 19:51 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-06-12 00:20 - 2019-03-19 07:20 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2020-06-12 00:20 - 2019-03-19 07:20 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2020-06-12 00:20 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2020-06-12 00:20 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\F12
2020-06-12 00:20 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2020-06-12 00:20 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-06-12 00:20 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2020-06-12 00:20 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2020-06-12 00:20 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-06-12 00:20 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-06-12 00:20 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-06-12 00:20 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Com
2020-06-12 00:20 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2020-06-12 00:20 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-06-12 00:20 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-06-12 00:05 - 2020-04-24 13:51 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-06-12 00:05 - 2020-04-24 13:51 - 000003124 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-06-12 00:05 - 2020-03-19 15:58 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-06-12 00:05 - 2020-01-30 14:14 - 000002392 _____ C:\WINDOWS\system32\Tasks\ModifyLinkUpdate
2020-06-12 00:05 - 2020-01-30 14:14 - 000002202 _____ C:\WINDOWS\system32\Tasks\StartCN
2020-06-12 00:05 - 2020-01-30 14:14 - 000002122 _____ C:\WINDOWS\system32\Tasks\StartDVR
2020-06-12 00:05 - 2019-10-11 16:41 - 000002588 _____ C:\WINDOWS\system32\Tasks\CreateExplorerShellUnelevatedTask
2020-06-12 00:05 - 2019-08-25 23:25 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2490165305-1638453623-257508744-1001
2020-06-12 00:05 - 2019-08-25 23:13 - 000003720 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier
2020-06-12 00:05 - 2019-08-25 23:13 - 000003404 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player Updater
2020-06-12 00:05 - 2019-08-25 23:13 - 000003364 _____ C:\WINDOWS\system32\Tasks\BraveSoftwareUpdateTaskMachineUA
2020-06-12 00:05 - 2019-08-25 23:13 - 000003140 _____ C:\WINDOWS\system32\Tasks\BraveSoftwareUpdateTaskMachineCore
2020-06-11 11:16 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-06-11 11:03 - 2019-08-25 22:48 - 002876416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2020-06-10 10:37 - 2019-03-13 22:07 - 000000000 ____D C:\ProgramData\Package Cache
2020-06-09 23:26 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-06-09 18:12 - 2019-10-07 12:18 - 000014661 _____ C:\VEW.txt
2020-06-09 14:29 - 2018-10-17 11:31 - 000000000 ____D C:\Program Files\AMD
2020-06-09 14:09 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-06-09 14:09 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-06-08 16:59 - 2020-02-14 10:27 - 000000000 ____D C:\ProgramData\AMD
2020-06-08 12:11 - 2020-02-14 10:27 - 000000000 ____D C:\AMD
2020-06-07 11:01 - 2018-10-17 10:44 - 000000000 ____D C:\Users\David Jackson\AppData\Roaming\vlc
2020-06-06 12:13 - 2018-10-17 11:39 - 000000000 ____D C:\Users\David Jackson\AppData\Local\Packages
2020-06-04 08:15 - 2019-03-19 05:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-05-31 09:31 - 2019-06-11 19:34 - 000000000 ____D C:\Program Files (x86)\Adobe
2020-05-31 00:40 - 2019-08-25 22:52 - 000000000 ____D C:\Users\David Jackson
2020-05-30 10:34 - 2019-06-19 10:08 - 000000000 ____D C:\Program Files\UNP
2020-05-26 19:33 - 2019-01-12 22:37 - 000000000 ____D C:\Users\David Jackson\AppData\Local\Adobe
2020-05-25 23:00 - 2018-11-09 03:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
 
==================== Files in the root of some directories ========
 
2019-01-27 14:38 - 2019-01-27 14:48 - 000000094 _____ () C:\Users\David Jackson\AppData\Roaming\AlamySizeCheck Preferences
2019-03-15 01:43 - 2019-03-15 01:43 - 039718141 _____ () C:\Users\David Jackson\AppData\Local\Ahiramto
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ========================

  • 0

#138
daba
Posted 21 June 2020 - 04:53 PM

daba

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 367 posts

Thanks. NO menu!

Here you go:

Fix result of Farbar Recovery Scan Tool (x64) Version: 21-06-2020
Ran by David Jackson (21-06-2020 23:29:04) Run:9
Running from C:\Users\David Jackson\Desktop
Loaded Profiles: defaultuser0 & David Jackson
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
HKU\S-1-5-21-2490165305-1638453623-257508744-1001\...\Run: [Opera Browser Assistant] => C:\Users\David Jackson\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3004440 2020-06-18] (Opera Software AS -> Opera Software)
Task: {4AFCC561-2326-43EB-ADD3-5E455ABD4F05} - System32\Tasks\Opera scheduled assistant Autoupdate 1591996505 => C:\Users\David Jackson\AppData\Local\Programs\Opera\launcher.exe [1517592 2020-06-10] (Opera Software AS -> Opera Software)
Task: {F9A0A415-CBB2-4AAB-AB9A-F6952291FA85} - System32\Tasks\Opera scheduled Autoupdate 1591996491 => C:\Users\David Jackson\AppData\Local\Programs\Opera\launcher.exe [1517592 2020-06-10] (Opera Software AS -> Opera Software)
Task: {ADEA3A59-2CA0-4892-BBFF-138A3C4CE8C3} - System32\Tasks\Uninstaller_SkipUac_David_Jackson => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
C:\Program Files (x86)\IObit
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} -  No File
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} -  No File
Filter: lzdhtml - {8f6b0360-b80d-11d0-a9b3-006097942311} -  No File
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} -  No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} =>  -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> No File
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} =>  -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} =>  -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
HKU\S-1-5-21-2490165305-1638453623-257508744-1001\...\StartupApproved\Run: => "utweb"
HKU\S-1-5-21-2490165305-1638453623-257508744-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
FirewallRules: [{5322391E-FE48-473B-B9B0-1BB87ED159E8}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Updater.exe (Vector Ltd. -> Flash-Integro LLC)
FirewallRules: [{7262E687-30AF-4516-A3EB-BDD73F01D92D}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Updater.exe (Vector Ltd. -> Flash-Integro LLC)
FirewallRules: [{F1762C98-A62E-4070-A945-31953984BF5B}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Activation.exe (Vector Ltd. -> Flash-Integro LLC)
FirewallRules: [{9EE2A854-72C4-40ED-A0C1-CF71E6B31BA5}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Activation.exe (Vector Ltd. -> Flash-Integro LLC)
FirewallRules: [{1040F48C-620B-4841-9962-D6E65EDFD6D3}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\VideoEditor.exe (Vector Ltd. -> Flash-Integro LLC)
FirewallRules: [{E018D2E6-79C3-4A09-8762-20F7057D8463}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\VideoEditor.exe (Vector Ltd. -> Flash-Integro LLC)
S2 AdobeARMservice; "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" [X]
Unlock:  C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
File: C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"
Reboot:
 
 
*****************
 
"HKU\S-1-5-21-2490165305-1638453623-257508744-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Opera Browser Assistant" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4AFCC561-2326-43EB-ADD3-5E455ABD4F05}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4AFCC561-2326-43EB-ADD3-5E455ABD4F05}" => removed successfully
C:\WINDOWS\System32\Tasks\Opera scheduled assistant Autoupdate 1591996505 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera scheduled assistant Autoupdate 1591996505" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F9A0A415-CBB2-4AAB-AB9A-F6952291FA85}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F9A0A415-CBB2-4AAB-AB9A-F6952291FA85}" => removed successfully
C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1591996491 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera scheduled Autoupdate 1591996491" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{ADEA3A59-2CA0-4892-BBFF-138A3C4CE8C3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ADEA3A59-2CA0-4892-BBFF-138A3C4CE8C3}" => removed successfully
C:\WINDOWS\System32\Tasks\Uninstaller_SkipUac_David_Jackson => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Uninstaller_SkipUac_David_Jackson" => removed successfully
C:\Program Files (x86)\IObit => moved successfully
HKLM\Software\Classes\PROTOCOLS\Filter\deflate => removed successfully
HKLM\Software\Classes\PROTOCOLS\Filter\gzip => removed successfully
HKLM\Software\Classes\PROTOCOLS\Filter\lzdhtml => removed successfully
HKLM\Software\Classes\PROTOCOLS\Handler\gopher => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\IObitUnstaler => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\IObitUnstaler => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\IObitUnstaler => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
"HKU\S-1-5-21-2490165305-1638453623-257508744-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\utweb" => removed successfully
"HKU\S-1-5-21-2490165305-1638453623-257508744-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\utweb" => not found
"HKU\S-1-5-21-2490165305-1638453623-257508744-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\CCleaner Smart Cleaning" => removed successfully
"HKU\S-1-5-21-2490165305-1638453623-257508744-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\CCleaner Smart Cleaning" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5322391E-FE48-473B-B9B0-1BB87ED159E8}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7262E687-30AF-4516-A3EB-BDD73F01D92D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F1762C98-A62E-4070-A945-31953984BF5B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9EE2A854-72C4-40ED-A0C1-CF71E6B31BA5}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1040F48C-620B-4841-9962-D6E65EDFD6D3}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E018D2E6-79C3-4A09-8762-20F7057D8463}" => removed successfully
HKLM\System\CurrentControlSet\Services\AdobeARMservice => removed successfully
AdobeARMservice => service removed successfully
"C:\Program Files\AMD\CNext\CNext\Qt5Core.dll" => was unlocked
 
========================= File: C:\Program Files\AMD\CNext\CNext\Qt5Core.dll ========================
 
C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
File not signed
MD5: F4947C3CDB01F25C4B3FE0B19EDEBC5C
Creation and modification date: 2020-05-15 15:34 - 2020-05-15 15:34
Size: 006010880
Attributes: ----A
Company Name: The Qt Company Ltd.
Internal Name: 
Original Name: Qt5Core.dll
Product: Qt5
Description: C++ Application Development Framework
File Version: 5.13.0.0
Product Version: 5.13.0.0
Copyright: Copyright © 2019 The Qt Company Ltd.
 
====== End of File: ======
 
 
========= FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i" =========
 
Failed to clear log AirSpaceChannel.
The requested operation cannot be performed over an enabled direct channel. The channel must first be disabled.
Failed to clear log DebugChannel.
The requested operation cannot be performed over an enabled direct channel. The channel must first be disabled.
Failed to clear log Intel-SST-CFD-HDA/IntelSST.
The instance name passed was not recognized as valid by a WMI data provider.
Failed to clear log Microsoft-RMS-MSIPC/Debug.
The requested operation cannot be performed over an enabled direct channel. The channel must first be disabled.
Failed to clear log Microsoft-Windows-LiveId/Analytic.
Access is denied.
Failed to clear log Microsoft-Windows-LiveId/Operational.
Access is denied.
Failed to clear log Microsoft-Windows-USBVideo/Analytic.
The instance name passed was not recognized as valid by a WMI data provider.
 
========= End of CMD: =========
 
 
 
The system needed a reboot.
 
==== End of Fixlog 23:30:25 ====
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-06-2020
Ran by David Jackson (21-06-2020 23:48:59)
Running from C:\Users\David Jackson\Desktop
Windows 10 Home Version 1909 18363.900 (X64) (2019-08-25 22:15:07)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2490165305-1638453623-257508744-500 - Administrator - Disabled)
David Jackson (S-1-5-21-2490165305-1638453623-257508744-1001 - Administrator - Enabled) => C:\Users\David Jackson
DefaultAccount (S-1-5-21-2490165305-1638453623-257508744-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-2490165305-1638453623-257508744-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-2490165305-1638453623-257508744-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2490165305-1638453623-257508744-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Panda Dome (Enabled - Up to date) {CF440CD9-5435-10B1-04E0-7768B6F10320}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
7-Zip 19.02 alpha (x64) (HKLM\...\7-Zip) (Version: 19.02 alpha - Igor Pavlov)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.387 - Adobe)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 20.4.2 - Advanced Micro Devices, Inc.)
Anki (HKLM-x32\...\Anki) (Version: 2.1.13 - )
Branding64 (HKLM\...\{856DA29A-EA4A-468B-BBC2-B5F60DD75BFE}) (Version: 1.00.0002 - Advanced Micro Devices, Inc.) Hidden
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 83.1.10.93 - Brave Software Inc)
calibre (HKLM-x32\...\{55043EFA-2201-40F4-86CA-CC465251D9DC}) (Version: 4.14.0 - Kovid Goyal)
f.lux (HKU\S-1-5-21-2490165305-1638453623-257508744-1001\...\Flux) (Version:  - f.lux Software LLC)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 10.0.0.35798 - Foxit Software Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 83.0.4103.106 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden
Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{c4a581e8-a702-448c-80c7-4b6192985db2}) (Version: 10.1.18228.8176 - Intel® Corporation)
Intel® Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.3.10209.6897 - Intel Corporation)
Intel® Graphics Driver Software (HKLM-x32\...\{34b71f5b-fd06-4029-966e-c1d187ea90a7}) (Version: 3.11.1.0 - Intel) Hidden
Intel® Graphics Driver Software (HKLM-x32\...\{d7a872bf-e69e-4300-8537-086dc6abbf23}) (Version: 3.11.1.0 - Intel) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1914.12.0.1255 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 26.20.100.7212 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 17.5.0.1017 - Intel Corporation)
Intel® Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.52.230.1 - Intel Corporation) Hidden
Intel® Trusted Connect Services Client (HKLM-x32\...\{c6de84fd-ece7-4c2a-9f06-8cabe7ab79a0}) (Version: 1.52.230.1 - Intel Corporation) Hidden
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{7D4998B3-AC68-4815-AC47-5A1969D91E30}) (Version: 17.5.0.1017 - Intel Corporation)
Luminar 3 (HKLM\...\Luminar 3) (Version: 3.2.0.5246 - Skylum)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.7.9326.0 - Waves Audio Ltd.) Hidden
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2490165305-1638453623-257508744-1001\...\OneDriveSetup.exe) (Version: 19.152.0801.0008 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Mozilla Firefox 77.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 77.0.1 (x64 en-US)) (Version: 77.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 65.0.2 - Mozilla)
OEM Application Profile (HKLM-x32\...\{12C2AEB0-ED60-4CCF-DD83-C65BC7CCFB50}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Open-Shell (HKLM\...\{FD722BB1-4960-455F-89C6-EFAEB79527EF}) (Version: 4.4.131 - The Open-Shell Team)
Opera Stable 68.0.3618.165 (HKU\S-1-5-21-2490165305-1638453623-257508744-1001\...\Opera 68.0.3618.165) (Version: 68.0.3618.165 - Opera Software)
Outils de vérification linguistique 2016 de Microsoft Office - Français (HKLM\...\{90160000-001F-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Panda Devices Agent (HKLM-x32\...\{DB0164A2-ADE9-4FEE-B080-D506BDD6427F}) (Version: 1.08.09 - Panda Security) Hidden
Panda Devices Agent (HKLM-x32\...\Panda Devices Agent) (Version: 1.03.09 - Panda Security) Hidden
Panda Dome (HKLM\...\{10EDA2C8-03AB-4C27-BDC4-39143A81B12F}) (Version: 11.12.30 - Panda Security) Hidden
Panda Dome (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 20.00.00.0001 - Panda Security)
Qualcomm 11ac Wireless LAN&Bluetooth Installer (HKLM-x32\...\{E7086B15-806E-4519-A876-DBA9FDDE9A13}) (Version: 11.0.0.10505 - Qualcomm)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.18362.31252 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8339 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.1.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.5 - VS Revo Group, Ltd.)
Skype version 8.61 (HKLM-x32\...\Skype_is1) (Version: 8.61 - Skype Technologies S.A.)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Update for Skype for Business 2016 (KB3127939) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{0E31A60F-4066-4FD8-AB36-4119E0FED3D9}) (Version:  - Microsoft)
Update for Skype for Business 2016 (KB3127939) 64-Bit Edition (HKLM\...\{90160000-012B-0409-1000-0000000FF1CE}_Office16.PROPLUS_{0E31A60F-4066-4FD8-AB36-4119E0FED3D9}) (Version:  - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.10 - VideoLAN)
VSDC Free Video Editor version 6.3.1.939 (HKLM\...\VSDC Free Video Editor_is1) (Version: 6.3.1.939 - Flash-Integro LLC)
Vulkan Run Time Libraries 1.0.68.0 (HKLM\...\VulkanRT1.0.68.0) (Version: 1.0.68.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.68.0 (HKLM\...\VulkanRT1.0.68.0-2) (Version: 1.0.68.0 - LunarG, Inc.) Hidden
Zoom (HKU\S-1-5-21-2490165305-1638453623-257508744-1001\...\ZoomUMX) (Version: 5.1 - Zoom Video Communications, Inc.)
 
Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-08] (Autodesk Inc.)
Intel® Graphics Command Center -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.2727.0_x64__8j3eq9eme6ctt [2020-03-13] (INTEL CORP) [Startup Task]
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2020-02-19] (INTEL CORP)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-29] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-29] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.6.4030.0_x64__8wekyb3d8bbwe [2020-04-18] (Microsoft Studios) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.14.6005.0_x64__8wekyb3d8bbwe [2020-04-16] (Microsoft Studios)
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad]
Photos Add-on -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2019-03-15] (Microsoft Corporation)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-12-24] (Microsoft Corporation)
PhotoScape X -> C:\Program Files\WindowsApps\MooiiTech.PhotoScapeX_4.0.2.0_x64__f5eddttrpssna [2019-12-31] (Mooii Tech)
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-2490165305-1638453623-257508744-1001_Classes\CLSID\{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1}\localserver32 -> C:\Program Files\Waves\MaxxAudio\MaxxAudioPro.exe (Waves Inc -> Waves Audio Ltd)
ShellIconOverlayIdentifiers: [  OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-05-09] (Intel® Rapid Storage Technology -> )
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Open-Shell\ClassicExplorer64.dll [2018-08-18] (Open-Shell) [File not signed]
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Open-Shell\ClassicExplorer64.dll [2018-08-18] (Open-Shell) [File not signed]
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-09-05] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll [2019-06-18] (Panda Security S.L. -> Panda Security, S.L.)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-05-09] (Intel® Rapid Storage Technology -> )
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-09-05] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2020-05-15] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll [2019-06-18] (Panda Security S.L. -> Panda Security, S.L.)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-09-05] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\WINDOWS\system32\StartMenuHelper64.dll [2018-08-18] (Open-Shell) [File not signed]
ContextMenuHandlers6: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll [2019-06-18] (Panda Security S.L. -> Panda Security, S.L.)
 
==================== Codecs (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Drivers32: [msacm.voxacm160] => C:\WINDOWS\system32\vct3216.acm [82944 2003-05-21] (Voxware, Inc.) [File not signed]
HKLM\...\Drivers32: [msacm.scg726] => C:\WINDOWS\system32\scg726.acm [13239 2000-03-14] (SHARP Corporation) [File not signed]
HKLM\...\Drivers32: [msacm.alf2cd] => C:\WINDOWS\system32\alf2cd.acm [38912 2003-05-21] (NCT Company) [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\system32\AC3ACM.acm [81920 2004-02-04] (fccHandler) [File not signed]
HKLM\...\Drivers32: [msacm.lame] => C:\WINDOWS\system32\lame.ax [245760 2005-08-01] () [File not signed]
HKLM\...\Drivers32: [vidc.dvsd] => C:\WINDOWS\system32\mcdvd_32.dll [261632 2003-05-21] (MainConcept) [File not signed]
HKLM\...\Drivers32: [vidc.mpg4] => C:\WINDOWS\system32\mpg4c32.dll [413760 2002-08-20] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.mp42] => C:\WINDOWS\system32\mpg4c32.dll [413760 2002-08-20] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.mp43] => C:\WINDOWS\system32\mpg4c32.dll [413760 2002-08-20] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.xvid] => C:\WINDOWS\system32\xvidvfw.dll [139264 2004-07-03] () [File not signed]
HKLM\...\Drivers32: [vidc.DIVX] => C:\WINDOWS\system32\DivX.dll [638976 2003-05-22] (DivXNetworks, Inc.) [File not signed]
HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.VP62] => C:\WINDOWS\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.LAGS] => C:\WINDOWS\system32\lagarith.dll [216064 2011-12-07] () [File not signed]
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
ShortcutWithArgument: C:\Users\David Jackson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Brave Apps\Secure, Fast & Private Web Browser with Adblocker _ Brave Browser.lnk -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\chrome_proxy.exe (Brave Software, Inc.) ->  --profile-directory=Default --app-id=dnglpbpmfhoikjfpaeipmeobcbnoikhg
ShortcutWithArgument: C:\Users\David Jackson\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\e2f3576b7abb043d\Brave.lnk -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc.) -> --profile-directory=Default
 
==================== Loaded Modules (Whitelisted) =============
 
2019-07-18 11:30 - 2019-07-18 11:30 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 003567616 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2018-03-13 04:47 - 2018-03-13 04:47 - 000912896 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\aws-cpp-sdk-core.dll
2018-03-13 04:47 - 2018-03-13 04:47 - 003109888 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\aws-cpp-sdk-s3.dll
2015-02-19 01:13 - 2015-02-19 01:13 - 000817152 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\Device.dll
2015-02-19 01:13 - 2015-02-19 01:13 - 003650560 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\Platform.dll
2019-10-18 16:48 - 2019-09-05 20:00 - 000076800 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2018-08-18 22:57 - 2018-08-18 22:57 - 003447808 _____ (Open-Shell) [File not signed] C:\Program Files\Open-Shell\StartMenuDLL.dll
2018-08-18 22:57 - 2018-08-18 22:57 - 000301568 _____ (Open-Shell) [File not signed] C:\WINDOWS\system32\StartMenuHelper64.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qgif.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000039424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qicns.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qico.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000413696 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qjpeg.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qsvg.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qtga.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwbmp.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000519168 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwebp.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 001431040 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\platforms\qwindows.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 001180672 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000135680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\styles\qwindowsvistastyle.dll
2020-05-15 15:34 - 2020-05-15 15:34 - 006010880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 006345216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 001078272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000313856 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 004000256 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 003802624 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000171008 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickControls2.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 001083904 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickTemplates2.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000205312 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000329728 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000113152 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000376320 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 092323328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 005560832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000463360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000188416 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 002888704 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000053760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000287232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000329216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000136192 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000089088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000312320 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2020-05-15 15:34 - 2020-05-15 15:34 - 000085504 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtWebEngine\qtwebengineplugin.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
==================== Safe Mode (Whitelisted) ==================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MB3Service => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MB3Service => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service"
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer trusted/restricted ==========
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\S-1-5-21-2490165305-1638453623-257508744-1001\...\localhost -> localhost
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2016-07-16 12:47 - 2019-10-11 16:40 - 000000855 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1       localhost
 
2019-09-29 20:13 - 2019-09-29 20:13 - 000000440 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2490165305-1638453623-257508744-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
DNS Servers: 10.0.0.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
HKLM\...\StartupApproved\Run: => "WindowsDefender"
HKU\S-1-5-21-2490165305-1638453623-257508744-1001\...\StartupApproved\Run: => "OneDrive"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [UDP Query User{FCA55D5D-7C11-43D9-BE5C-AF42F4705963}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{FA87A6B8-3905-474D-8007-7A444EAD1613}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{2B068F4C-AD4C-4CAD-A478-02D7224AB2ED}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C94A512A-482D-4332-843B-29B804F22DBB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{3EBE2972-F1C6-4B63-9055-16A9896B355F}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9B577813-145A-4B2A-974A-581F724B04CF}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1E20A7E5-59B2-42F2-BED9-FB04D19643AE}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3DA20463-FDCA-456A-8F99-4A7721540B47}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{194FEEA0-9365-4201-9F22-1C18DED52A83}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{21A82943-4743-4655-9964-877F56AFD9E9}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3F799464-D1A9-44C8-806A-3B801BFB982C}] => (Allow) C:\Users\David Jackson\AppData\Local\Programs\Opera\68.0.3618.165\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{16FCEF0E-0A42-4A86-97D6-538BD857B0F5}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{174A2998-6AF3-42F0-BDD1-4E6A69F3A2DF}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1F6133EB-9274-4BEE-889D-EA8B56E73A9B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{DCD5F65D-B4F5-4F0F-B10E-B2328E54BBD9}] => (Allow) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [{066146B5-2CFD-4617-984F-22B7E8118678}] => (Allow) C:\Users\David Jackson\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{414559B2-6F57-438D-905E-1A3EC88A422C}] => (Allow) C:\Users\David Jackson\AppData\Roaming\Zoom\bin\airhost.exe => No File
 
==================== Restore Points =========================
 
12-06-2020 22:03:38 AA11
21-06-2020 17:41:43 Scheduled Checkpoint
 
==================== Faulty Device Manager Devices ============
 
 
==================== Event log errors: ========================
 
Application errors:
==================
 
System errors:
=============
Error: (06/21/2020 11:31:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The AMD User Experience Program Launcher service terminated unexpectedly.  It has done this 1 time(s).
 
 
==================== Memory info =========================== 
 
BIOS: Dell Inc. 1.9.0 07/04/2019
Motherboard: Dell Inc. 0RKTGR
Processor: Intel® Core™ i5-8250U CPU @ 1.60GHz
Percentage of memory in use: 73%
Total physical RAM: 3961.07 MB
Available physical RAM: 1048.67 MB
Total Virtual: 7417.07 MB
Available Virtual: 3115.95 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:100 GB) (Free:19.41 GB) NTFS
Drive d: () (Fixed) (Total:272 GB) (Free:234.05 GB) NTFS
Drive e: () (Fixed) (Total:272 GB) (Free:240.7 GB) NTFS
Drive f: () (Fixed) (Total:272.88 GB) (Free:265.95 GB) NTFS
 
\\?\Volume{3f430384-b413-4fd9-8d5a-36680837eb73}\ (WINRETOOLS) (Fixed) (Total:0.97 GB) (Free:0.53 GB) NTFS
\\?\Volume{e34ef38a-3c5e-4b5c-8b7d-6e369a09d72f}\ (Image) (Fixed) (Total:11.76 GB) (Free:0.13 GB) NTFS
\\?\Volume{14ad7310-6585-44c2-acde-6de083ea88c1}\ (DELLSUPPORT) (Fixed) (Total:1.13 GB) (Free:0.05 GB) NTFS
\\?\Volume{7bd86504-d9e3-4a41-a225-36b9f05f67dd}\ (ESP) (Fixed) (Total:0.63 GB) (Free:0.6 GB) FAT32
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 1AFE04F0)
 
Partition: GPT.
 
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-06-2020
Ran by David Jackson (administrator) on DAVIDDELL2 (Dell Inc. Vostro 3478) (21-06-2020 23:45:23)
Running from C:\Users\David Jackson\Desktop
Loaded Profiles: David Jackson
Platform: Windows 10 Home Version 1909 18363.900 (X64) Language: English (United States)
Default browser: "C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe" -- "%1"
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Program Files\AMD\Performance Profile Client\AUEPLauncher.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Program Files\AMD\Performance Profile Client\AUEPUF.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0355311.inf_amd64_815d26f2163260da\B355199\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0355311.inf_amd64_815d26f2163260da\B355199\atiesrxx.exe
(Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe <11>
(FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_f3a64c75ee4defb7\igfxCUIService.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_f3a64c75ee4defb7\igfxEM.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_38bfcb542ef4272e\IntelCpHDCPSvc.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_38bfcb542ef4272e\IntelCpHeciSvc.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\InputMethod\CHS\ChsIME.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdlogsr.exe
(Microsoft Windows Hardware Compatibility Publisher -> Windows ® Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Open-Shell) [File not signed] C:\Program Files\Open-Shell\StartMenu.exe
(Panda Security S.L. -> Panda Security S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\pselamsvc.exe
(Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9246656 2018-01-08] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1505728 2018-01-08] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [1210288 2017-11-14] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [Open-Shell Start Menu] => C:\Program Files\Open-Shell\StartMenu.exe [216576 2018-08-18] (Open-Shell) [File not signed]
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [318920 2019-05-30] (Intel® Rapid Storage Technology -> Intel Corporation)
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [165120 2019-10-16] (Panda Security S.L. -> Panda Security, S.L.)
HKU\S-1-5-21-2490165305-1638453623-257508744-1001\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe [2098344 2020-06-17] (Brave Software, Inc. -> Brave Software, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Installer\chrmstp.exe [2020-06-16] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\83.1.10.93\Installer\chrmstp.exe [2020-06-17] (Brave Software, Inc.) [File not signed]
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {044E1B9A-370F-4F6F-BADB-0A0F0DA37B38} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2020-05-15] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {0F7C1C56-8410-4414-A7DF-96E48A74FF96} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe [1628160 2020-05-15] (Advanced Micro Devices, Inc.) [File not signed]
Task: {11FCF4AA-3F7D-4378-967A-F69D76B06EE6} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_387_pepper.exe [1454648 2020-06-09] (Adobe Inc. -> Adobe)
Task: {1628DE49-B22E-47A2-9958-9B7685BB85C5} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [159368 2019-08-23] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {1FEE1AB6-7875-4C51-8A22-DFEA95CAE2DE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {5FC8279F-34E1-4E48-96E4-05997EF10D17} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe
Task: {74F7F83F-2E3D-47E4-AB60-9AD942D901C5} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {75198F92-0F54-4164-926B-3AA5947FE1E3} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe
Task: {85493095-4007-4EB6-9694-D88CFAE7F7AE} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {8A408B5D-FB1B-4DEC-B6C8-7B2A2CC01B52} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [69304 2020-05-15] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {8EEC5CF0-6E3A-4C54-8E3A-812E083C98B1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {BB8CD43C-4901-4FC2-AA25-E43E380B45FF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-24] (Google LLC -> Google LLC)
Task: {CA437914-1533-42A0-9BD7-557841658C20} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1628160 2020-05-15] (Advanced Micro Devices, Inc.) [File not signed]
Task: {D399D880-303A-47CC-94F1-D96370C19676} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Task: {DC6795B8-FE5E-4511-8151-24C490DD4E68} - System32\Tasks\StartCNBM => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2020-05-15] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {E7611AFD-1B56-4D55-AE60-0C0DE6CB3B2D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-24] (Google LLC -> Google LLC)
Task: {E98EE99C-7858-4B66-8CEF-13D1B6181553} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [124624 2020-06-09] (Mozilla Corporation -> Mozilla Foundation)
Task: {EC8B1B18-0FAC-4DC3-9501-10DB2041BDAC} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-09] (Adobe Inc. -> Adobe)
Task: {F3BD7406-3407-4868-B770-5B166A045ADE} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [159368 2019-08-23] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {FFC6F3A6-C377-49CB-A29E-2CE99D857A1D} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1628160 2020-05-15] (Advanced Micro Devices, Inc.) [File not signed]
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 10.0.0.254
Tcpip\..\Interfaces\{8c70cad8-062e-4f13-8ce5-2a31ab038f35}: [DhcpNameServer] 10.0.0.254
Tcpip\..\Interfaces\{b3d91cbd-008e-4ca0-a438-0fc4de714817}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{e74bf68f-123f-41dc-be80-cfca9c0eab71}: [DhcpNameServer] 192.168.88.1 192.168.1.1
 
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2490165305-1638453623-257508744-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2016-10-17] (Microsoft Corporation -> Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Open-Shell\ClassicExplorer64.dll [2018-08-18] (Open-Shell) [File not signed]
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2016-10-17] (Microsoft Corporation -> Microsoft Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Open-Shell\ClassicIEDLL_64.dll [2018-08-18] (Open-Shell) [File not signed]
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Open-Shell\ClassicExplorer32.dll [2018-08-18] (Open-Shell) [File not signed]
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2016-10-17] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Open-Shell\ClassicIEDLL_32.dll [2018-08-18] (Open-Shell) [File not signed]
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Open-Shell\ClassicExplorer64.dll [2018-08-18] (Open-Shell) [File not signed]
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Open-Shell\ClassicExplorer32.dll [2018-08-18] (Open-Shell) [File not signed]
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-10-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-10-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-10-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-10-17] (Microsoft Corporation -> Microsoft Corporation)
 
FireFox:
========
FF DefaultProfile: 58x27176.default-1552496324060
FF ProfilePath: C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060 [2020-06-12]
FF Extension: (Clear Cache) - C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060\Extensions\[email protected] [2019-07-10]
FF Extension: (Reverso Translate in Context) - C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060\Extensions\[email protected] [2020-05-11]
FF Extension: (Simple Translate) - C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060\Extensions\[email protected] [2020-05-11]
FF Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060\Extensions\[email protected] [2020-05-11]
FF Extension: (uBlock Origin) - C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060\Extensions\[email protected] [2020-05-11]
FF Extension: (Avast Online Security) - C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060\Extensions\[email protected] [2020-04-10] [UpdateUrl:hxxps://firefoxext.avcdn.net/firefoxext/avast/aos/update.json]
FF Extension: (Startpage.com — Private Search Engine) - C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060\Extensions\{20fc2e06-e3e4-4b2b-812b-ab431220cada}.xpi [2019-10-27]
FF Extension: (Zhongwen: Chinese-English Dictionary) - C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060\Extensions\{b65c7bc6-846b-4f65-b6ed-099d7e042309}.xpi [2019-03-14] [UpdateUrl:hxxps://clients2.google.com/service/update2/crx]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-10-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=3 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2019-08-23] (Brave Software, Inc. -> BraveSoftware Inc.)
FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=9 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2019-08-23] (Brave Software, Inc. -> BraveSoftware Inc.)
 
Chrome: 
=======
CHR Profile: C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default [2020-06-07]
CHR Extension: (Slides) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-04-24]
CHR Extension: (Docs) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-04-24]
CHR Extension: (Google Drive) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-04-24]
CHR Extension: (YouTube) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-04-24]
CHR Extension: (uBlock Origin) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2020-04-25]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-04-25]
CHR Extension: (Sheets) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-04-24]
CHR Extension: (Google Docs Offline) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-04-24]
CHR Extension: (Avast Online Security) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2020-04-25]
CHR Extension: (Chrome Web Store Payments) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-04-24]
CHR Extension: (Gmail) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-04-24]
CHR Extension: (Chrome Media Router) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-24]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
 
Opera: 
=======
OPR StartupUrls: "hxxps://www.startpage.com/"
OPR Extension: (AdBlock) - C:\Users\David Jackson\AppData\Roaming\Opera Software\Opera Stable\Extensions\aobdicepooefnbaeokijohmhjlleamfj [2019-03-13]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-09] (Adobe Inc. -> Adobe)
R2 AMD External Events Utility; C:\WINDOWS\System32\DriverStore\FileRepository\c0355311.inf_amd64_815d26f2163260da\B355199\atiesrxx.exe [523880 2020-05-25] (Advanced Micro Devices, Inc. -> AMD)
R2 AMD Log Utility; C:\WINDOWS\System32\amdlogsr.exe [483248 2020-05-05] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R2 AtherosSvc; C:\WINDOWS\System32\drivers\AdminService.exe [386976 2019-08-09] (Microsoft Windows Hardware Compatibility Publisher -> Windows ® Win 7 DDK provider)
R2 AUEPLauncher; C:\Program Files\AMD\CIM\..\Performance Profile Client\AUEPLauncher.exe [60600 2020-05-15] (Advanced Micro Devices, Inc. -> AMD)
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [159368 2019-08-23] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [159368 2019-08-23] (Brave Software, Inc. -> BraveSoftware Inc.)
R2 FoxitReaderUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe [1995184 2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [109536 2019-10-16] (Panda Security S.L. -> Panda Security, S.L.)
S3 Panda VPN Service; C:\Program Files (x86)\Panda Security\Panda Security Protection\Hydra.Sdk.Windows.Service.exe [320848 2017-11-20] (AnchorFree Inc -> )
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [84176 2019-02-19] (Panda Security S.L. -> Panda Security, S.L.)
R2 pselamsvc; C:\Program Files (x86)\Panda Security\Panda Security Protection\pselamsvc.exe [189448 2018-07-25] (Panda Security S.L. -> Panda Security S.L.)
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [48784 2019-10-16] (Panda Security S.L. -> Panda Security, S.L.)
R2 QcomWlanSrv; C:\WINDOWS\System32\drivers\QcomWlanSrvx64.exe [191768 2019-08-09] (Qualcomm Atheros -> Qualcomm Technologies Inc.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324544 2018-01-08] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 WavesSysSvc; C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe [833456 2017-11-14] (Waves Inc -> Waves Audio Ltd.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\NisSrv.exe [2484256 2020-06-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\MsMpEng.exe [103168 2020-06-12] (Microsoft Windows Publisher -> Microsoft Corporation)
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 aftap0901; C:\WINDOWS\System32\drivers\aftap0901.sys [48624 2017-11-16] (AnchorFree Inc -> The OpenVPN Project)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0355311.inf_amd64_815d26f2163260da\B355199\atikmdag.sys [65752680 2020-05-25] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0355311.inf_amd64_815d26f2163260da\B355199\atikmpag.sys [591464 2020-05-25] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdlog; C:\WINDOWS\System32\drivers\amdlog.sys [89200 2020-05-05] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 asvpndrv; C:\WINDOWS\System32\drivers\asvpndrv.sys [31744 2014-05-18] (Astrill -> Astrill)
R3 BtFilter; C:\WINDOWS\System32\drivers\btfilter.sys [81680 2019-08-09] (Qualcomm Atheros -> Qualcomm)
R1 NNSALPC; C:\WINDOWS\system32\DRIVERS\NNSALPC.sys [111384 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSDNS; C:\WINDOWS\system32\DRIVERS\NNSDNS.sys [104728 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSHTTP; C:\WINDOWS\system32\DRIVERS\NNSHTTP.sys [211736 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSHTTPS; C:\WINDOWS\system32\DRIVERS\NNSHTTPS.sys [125720 2019-03-06] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSIDS; C:\WINDOWS\system32\DRIVERS\NNSIDS.sys [132888 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSNAHSL; C:\WINDOWS\system32\DRIVERS\NNSNAHSL.sys [95472 2018-07-16] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPICC; C:\WINDOWS\system32\DRIVERS\NNSPICC.sys [149784 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPIHSW; C:\WINDOWS\system32\DRIVERS\NNSPIHSW.sys [95000 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPOP3; C:\WINDOWS\system32\DRIVERS\NNSPOP3.sys [135448 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPROT; C:\WINDOWS\system32\DRIVERS\NNSPROT.sys [346392 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPRV; C:\WINDOWS\system32\DRIVERS\NNSPRV.sys [290584 2019-05-30] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSSMTP; C:\WINDOWS\system32\DRIVERS\NNSSMTP.sys [123160 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSSTRM; C:\WINDOWS\system32\DRIVERS\NNSSTRM.sys [295192 2019-05-30] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSTLSC; C:\WINDOWS\system32\DRIVERS\NNSTLSC.sys [132376 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.)
U5 PROCMON24; C:\Windows\System32\Drivers\PROCMON24.sys [97176 2019-10-13] (Microsoft Windows Hardware Compatibility Publisher -> Sysinternals - www.sysinternals.com)
R2 PSINAflt; C:\WINDOWS\system32\DRIVERS\PSINAflt.sys [198424 2019-06-12] (Panda Security S.L. -> Panda Security, S.L.)
S0 psinelam; C:\WINDOWS\System32\DRIVERS\psinelam.sys [21952 2019-01-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Panda Security, S.L.)
R2 PSINFile; C:\WINDOWS\System32\DRIVERS\PSINFile.sys [160536 2019-06-12] (Panda Security S.L. -> Panda Security, S.L.)
R1 PSINKNC; C:\WINDOWS\system32\DRIVERS\PSINKNC.sys [215320 2019-03-04] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINProc; C:\WINDOWS\System32\DRIVERS\PSINProc.sys [147224 2019-06-12] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINProt; C:\WINDOWS\system32\DRIVERS\PSINProt.sys [159512 2019-06-12] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINReg; C:\WINDOWS\system32\DRIVERS\PSINReg.sys [129304 2019-06-12] (Panda Security S.L. -> Panda Security, S.L.)
R3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [72648 2017-05-22] (Panda Security S.L. -> Panda Security, S.L.)
R3 Qcamain10x64; C:\WINDOWS\System32\drivers\Qcamain10x64.sys [2436376 2019-08-09] (Qualcomm Atheros -> Qualcomm Atheros, Inc.)
S3 rspLLL; C:\WINDOWS\System32\DRIVERS\rspLLL64.sys [26368 2015-07-13] (Daniel Terhell -> Resplendence Software Projects Sp.)
S3 rspWhySoSlow; C:\WINDOWS\System32\DRIVERS\rspWhy64.sys [28928 2016-12-17] (Daniel Terhell -> Resplendence Software Projects Sp.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45960 2020-06-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [401120 2020-06-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [64224 2020-06-12] (Microsoft Windows -> Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ===================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-06-21 23:45 - 2020-06-21 23:48 - 000029933 _____ C:\Users\David Jackson\Desktop\FRST.txt
2020-06-21 23:36 - 2020-06-21 23:36 - 000003132 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2020-06-21 23:36 - 2020-06-21 23:36 - 000003118 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2020-06-21 23:34 - 2017-05-22 06:01 - 000072648 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSKMAD.sys
2020-06-21 23:29 - 2020-06-21 23:30 - 000010642 _____ C:\Users\David Jackson\Desktop\Fixlog.txt
2020-06-21 23:19 - 2020-06-21 23:19 - 002290176 _____ (Farbar) C:\Users\David Jackson\Desktop\FRST64 (1).exe
2020-06-20 21:18 - 2020-06-20 21:18 - 000001955 _____ C:\Users\David Jackson\Desktop\Zoom.lnk
2020-06-20 21:18 - 2020-06-20 21:18 - 000000000 ____D C:\Users\David Jackson\Documents\Zoom
2020-06-20 17:58 - 2020-06-20 17:58 - 000391599 _____ C:\Users\David Jackson\Downloads\FAI+Guide+to+DBS.pdf
2020-06-20 17:50 - 2020-06-20 17:50 - 000000000 ____D C:\Users\David Jackson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2020-06-20 17:49 - 2020-06-20 17:50 - 000000000 ____D C:\Users\David Jackson\AppData\Roaming\Zoom
2020-06-19 11:15 - 2020-06-19 11:15 - 001884579 _____ C:\Users\David Jackson\Downloads\Keeping Intouch - Issue 4 fv.pdf
2020-06-12 22:23 - 2020-06-12 22:23 - 000002320 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Dome.lnk
2020-06-12 22:21 - 2020-06-12 22:21 - 000000000 ____D C:\Users\David Jackson\AppData\Roaming\Panda Security
2020-06-12 22:18 - 2019-06-12 03:29 - 000198424 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSINAflt.sys
2020-06-12 22:18 - 2019-06-12 03:29 - 000159512 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSINProt.sys
2020-06-12 22:18 - 2019-06-12 03:29 - 000129304 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSINReg.sys
2020-06-12 22:18 - 2019-05-30 06:57 - 000295192 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnsstrm.sys
2020-06-12 22:18 - 2019-03-06 04:06 - 000125720 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnshttps.sys
2020-06-12 22:18 - 2019-03-05 06:44 - 000346392 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnsprot.sys
2020-06-12 22:18 - 2019-03-05 06:44 - 000211736 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnshttp.sys
2020-06-12 22:18 - 2019-03-05 06:44 - 000149784 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnspicc.sys
2020-06-12 22:18 - 2019-03-05 06:44 - 000135448 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnspop3.sys
2020-06-12 22:18 - 2019-03-05 06:44 - 000132888 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnsids.sys
2020-06-12 22:18 - 2019-03-05 06:44 - 000132376 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnstlsc.sys
2020-06-12 22:18 - 2019-03-05 06:44 - 000123160 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnssmtp.sys
2020-06-12 22:18 - 2019-03-05 06:44 - 000104728 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnsdns.sys
2020-06-12 22:18 - 2019-03-05 06:44 - 000095000 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnspihsw.sys
2020-06-12 22:17 - 2019-03-05 06:44 - 000111384 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnsalpc.sys
2020-06-12 22:17 - 2019-03-04 14:20 - 000215320 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSINKNC.sys
2020-06-12 22:17 - 2019-01-22 04:44 - 000021952 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\psinelam.sys
2020-06-12 22:16 - 2020-06-12 22:23 - 000002305 _____ C:\Users\Public\Desktop\Panda Dome.lnk
2020-06-12 22:16 - 2020-06-12 22:23 - 000002305 _____ C:\ProgramData\Desktop\Panda Dome.lnk
2020-06-12 22:16 - 2020-06-12 22:16 - 000000000 ____D C:\Users\David Jackson\AppData\Local\Opera Software
2020-06-12 22:16 - 2020-06-12 22:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Dome
2020-06-12 22:14 - 2020-06-12 22:22 - 000000000 ____D C:\Program Files (x86)\Panda Security
2020-06-12 22:14 - 2020-06-12 22:14 - 000001491 _____ C:\Users\David Jackson\Desktop\Opera Browser.lnk
2020-06-12 22:14 - 2020-06-12 22:14 - 000001491 _____ C:\Users\David Jackson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera Browser.lnk
2020-06-12 22:09 - 2020-06-12 22:22 - 000000000 ____D C:\ProgramData\Panda Security
2020-06-12 22:08 - 2020-06-12 22:08 - 003240752 _____ (Panda Security, S.L.) C:\Users\David Jackson\Downloads\PANDAFREEAV.exe
2020-06-12 19:52 - 2020-06-12 19:52 - 000000000 ____D C:\Users\David Jackson\AppData\Local\AdAwareDesktop
2020-06-12 19:45 - 2020-06-12 19:45 - 000000000 ____D C:\Users\David Jackson\AppData\Local\AdAwareUpdater
2020-06-12 19:17 - 2020-06-12 19:17 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-06-12 09:24 - 2020-06-05 22:03 - 000835480 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-06-12 09:24 - 2020-06-05 22:03 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2020-06-11 19:58 - 2020-06-11 19:58 - 000069533 _____ C:\Users\David Jackson\Downloads\humility.epub
2020-06-11 19:51 - 2020-06-11 19:51 - 001934661 _____ C:\Users\David Jackson\Downloads\don-t-waste-your-life-en.pdf
2020-06-11 19:50 - 2020-06-11 19:50 - 000657045 _____ C:\Users\David Jackson\Downloads\the-hidden-smile-of-god-en.pdf
2020-06-11 19:49 - 2020-06-11 19:49 - 001786549 _____ C:\Users\David Jackson\Downloads\still-not-professionals-en.pdf
2020-06-11 19:49 - 2020-06-11 19:49 - 000634801 _____ C:\Users\David Jackson\Downloads\the-marks-of-a-spiritual-leader-en.pdf
2020-06-11 19:48 - 2020-06-11 19:49 - 001616875 _____ C:\Users\David Jackson\Downloads\brothers-we-are-not-professionals-en.pdf
2020-06-11 11:07 - 2020-06-11 11:07 - 011608064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2020-06-11 11:07 - 2020-06-11 11:07 - 009712640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2020-06-11 11:07 - 2020-06-11 11:07 - 004470272 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2020-06-11 11:07 - 2020-06-11 11:07 - 003365376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2020-06-11 11:07 - 2020-06-11 11:07 - 001539072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2020-06-11 11:07 - 2020-06-11 11:07 - 000940544 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2020-06-11 11:07 - 2020-06-11 11:07 - 000920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2020-06-11 11:07 - 2020-06-11 11:07 - 000723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2020-06-11 11:07 - 2020-06-11 11:07 - 000688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2020-06-11 11:07 - 2020-06-11 11:07 - 000651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMEX.dll
2020-06-11 11:07 - 2020-06-11 11:07 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msra.exe
2020-06-11 11:07 - 2020-06-11 11:07 - 000526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2020-06-11 11:07 - 2020-06-11 11:07 - 000503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSCOMEX.dll
2020-06-11 11:07 - 2020-06-11 11:07 - 000466944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2020-06-11 11:07 - 2020-06-11 11:07 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\WalletService.dll
2020-06-11 11:07 - 2020-06-11 11:07 - 000338944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2020-06-11 11:07 - 2020-06-11 11:07 - 000219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpdxm.dll
2020-06-11 11:07 - 2020-06-11 11:07 - 000166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpdxm.dll
2020-06-11 11:07 - 2020-06-11 11:07 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeUISrv.exe
2020-06-11 11:06 - 2020-06-11 11:06 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 019851776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 019812864 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 018029056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 007012864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 006292480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 005909504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 003822592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 003525608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 003515392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-06-11 11:06 - 2020-06-11 11:06 - 002494744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 002230240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 002204160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 001704448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmcndmgr.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 001467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 001410048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmc.exe
2020-06-11 11:06 - 2020-06-11 11:06 - 001344512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMNetMgr.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 001312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 001272160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 001151824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 001112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMNetMgr.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 001099608 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 001012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000868352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2fs.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000850944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapi3.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000832512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdosys.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000747832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000740352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000686080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000571904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2020-06-11 11:06 - 2020-06-11 11:06 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000555520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000549376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2020-06-11 11:06 - 2020-06-11 11:06 - 000484864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\psisdecd.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000478208 _____ (Microsoft® Windows® Operating System) C:\WINDOWS\SysWOW64\wvc.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswmdm.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000420352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000361472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\termmgr.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassdo.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswmdm.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Feedback.Analog.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WlanMM.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000267776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000248320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wavemsp.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg2splt.ax
2020-06-11 11:06 - 2020-06-11 11:06 - 000199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmidx.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cic.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000146944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmidx.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000133120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasrecst.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasnap.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkspbrokerAx.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000083600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devenum.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2020-06-11 11:06 - 2020-06-11 11:06 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000028368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SecurityCenterBrokerPS.dll
2020-06-11 11:06 - 2020-06-11 11:06 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 025902080 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 008015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 007760384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 007268864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 005765144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 004858880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 004610560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 003398656 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-06-11 11:05 - 2020-06-11 11:05 - 002281472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcndmgr.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 002184504 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 001803776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmc.exe
2020-06-11 11:05 - 2020-06-11 11:05 - 001637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 001416224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 001397560 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-06-11 11:05 - 2020-06-11 11:05 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 001314304 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagperf.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 001284608 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 001215488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe
2020-06-11 11:05 - 2020-06-11 11:05 - 001193984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 001138688 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 001077048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-06-11 11:05 - 2020-06-11 11:05 - 001066496 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdosys.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000994304 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000992256 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2fs.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapi3.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregcmd.exe
2020-06-11 11:05 - 2020-06-11 11:05 - 000897536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000783496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-06-11 11:05 - 2020-06-11 11:05 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000740664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DismApi.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000692224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000674304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000640000 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000632320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000619008 _____ (Microsoft Corporation) C:\WINDOWS\system32\azroles.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\psisdecd.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000575488 _____ (Microsoft® Windows® Operating System) C:\WINDOWS\system32\wvc.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msTextPrediction.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2020-06-11 11:05 - 2020-06-11 11:05 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\azroles.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000498176 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000490496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassdo.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\termmgr.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000423424 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000407864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwizeng.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000398336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMM.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000398336 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000384512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\CXHProvisioningServer.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000271360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpviewerax.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000260096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wavemsp.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpg2splt.ax
2020-06-11 11:05 - 2020-06-11 11:05 - 000249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\FileHistory.exe
2020-06-11 11:05 - 2020-06-11 11:05 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000223544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Dism.exe
2020-06-11 11:05 - 2020-06-11 11:05 - 000211256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\cic.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000204008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityCenterBroker.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000196096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasrecst.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netprofm.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdrsvc.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasnap.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkspbrokerAx.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaatext.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2020-06-11 11:05 - 2020-06-11 11:05 - 000099712 _____ (Microsoft Corporation) C:\WINDOWS\system32\FsIso.exe
2020-06-11 11:05 - 2020-06-11 11:05 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000093448 _____ (Microsoft Corporation) C:\WINDOWS\system32\devenum.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwanRadioManager.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2020-06-11 11:05 - 2020-06-11 11:05 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasads.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasads.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtutils.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000041864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityCenterBrokerPS.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-06-11 11:05 - 2020-06-11 11:05 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-06-11 11:05 - 2020-06-11 11:05 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-06-11 11:05 - 2020-06-11 11:05 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-06-11 11:05 - 2020-06-11 11:05 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-06-11 11:05 - 2020-06-11 11:05 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-06-11 11:05 - 2020-06-11 11:05 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-06-11 11:05 - 2020-06-11 11:05 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-06-11 11:05 - 2020-06-11 11:05 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-06-11 11:05 - 2020-06-11 11:05 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-06-11 11:05 - 2020-06-11 11:05 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-06-11 11:05 - 2020-06-11 11:05 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-06-11 11:05 - 2020-06-11 11:05 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-06-11 11:04 - 2020-06-11 11:04 - 009931576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-06-11 11:04 - 2020-06-11 11:04 - 007604592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 006526448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 006435840 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 006091048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 005195432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 005111808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 005004344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 003368104 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 002831872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 002798592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-06-11 11:04 - 2020-06-11 11:04 - 002583496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 001654960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 001649152 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 001393952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 001348096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 001283072 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 001261568 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 001250816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpsharercom.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 001153024 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowsperformancerecordercontrol.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 001100288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 001055184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 001003832 _____ (Microsoft Corporation) C:\WINDOWS\system32\DismApi.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000932256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2020-06-11 11:04 - 2020-06-11 11:04 - 000929280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000894024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000892416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000892048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowsperformancerecordercontrol.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000797464 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000782336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000777216 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BTAGService.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000696832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000690176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkObjCore.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000684856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000651776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000628408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000614400 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000593424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000572200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000564496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000561464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2020-06-11 11:04 - 2020-06-11 11:04 - 000557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000522240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000518456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2020-06-11 11:04 - 2020-06-11 11:04 - 000508720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000508216 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizeng.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000467952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000461112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000453944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2020-06-11 11:04 - 2020-06-11 11:04 - 000451864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000440832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprt.exe
2020-06-11 11:04 - 2020-06-11 11:04 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000405936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000384000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000380728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000357176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpr.exe
2020-06-11 11:04 - 2020-06-11 11:04 - 000325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpviewerax.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-06-11 11:04 - 2020-06-11 11:04 - 000309248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2020-06-11 11:04 - 2020-06-11 11:04 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\RASMM.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000287232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Preview.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000280376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Dism.exe
2020-06-11 11:04 - 2020-06-11 11:04 - 000259776 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoncli.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000247856 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkEd.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000221496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-06-11 11:04 - 2020-06-11 11:04 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdigest.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000199992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-06-11 11:04 - 2020-06-11 11:04 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\psr.exe
2020-06-11 11:04 - 2020-06-11 11:04 - 000193592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000190048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logoncli.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdigest.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000179512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2020-06-11 11:04 - 2020-06-11 11:04 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaatext.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000165832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2020-06-11 11:04 - 2020-06-11 11:04 - 000165296 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000165192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSM.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000150328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2020-06-11 11:04 - 2020-06-11 11:04 - 000132424 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000130112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000129600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkStatus.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMM.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleprn.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000108856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000090952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000089344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atl.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\RpcEpMap.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtutils.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000063288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
2020-06-11 11:04 - 2020-06-11 11:04 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnrollCtrl.exe
2020-06-11 11:04 - 2020-06-11 11:04 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2020-06-11 11:04 - 2020-06-11 11:04 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atlthunk.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2020-06-11 11:04 - 2020-06-11 11:04 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryCore.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-06-11 11:04 - 2020-06-11 11:04 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 007911176 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 007266080 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 006066808 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 005283264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 004565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-06-11 11:03 - 2020-06-11 11:03 - 004012032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 003726848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-06-11 11:03 - 2020-06-11 11:03 - 003712000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 003581240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-06-11 11:03 - 2020-06-11 11:03 - 003187200 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-06-11 11:03 - 2020-06-11 11:03 - 002656256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 002289664 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 002235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 001942528 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 001919488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 001743680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 001683968 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 001637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 001583104 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 001486336 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-06-11 11:03 - 2020-06-11 11:03 - 001466368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpsharercom.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 001447424 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2020-06-11 11:03 - 2020-06-11 11:03 - 001274128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 001260744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 001158144 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 001155944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-06-11 11:03 - 2020-06-11 11:03 - 001073664 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 001007104 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000931840 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkObjCore.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-06-11 11:03 - 2020-06-11 11:03 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000826368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2020-06-11 11:03 - 2020-06-11 11:03 - 000760296 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000727040 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntime.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000722072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000716320 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntimewindows.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000553984 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-06-11 11:03 - 2020-06-11 11:03 - 000548984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000531768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2020-06-11 11:03 - 2020-06-11 11:03 - 000472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.ConversationalAgent.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-06-11 11:03 - 2020-06-11 11:03 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000425056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkEd.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000264192 _____ (Microsoft Corporation) C:\WINDOWS\system32\netman.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000242688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\psr.exe
2020-06-11 11:03 - 2020-06-11 11:03 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpdMtp.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000209216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSM.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000201528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SIUF.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AarSvc.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3mm.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpdMtpUS.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleprn.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2020-06-11 11:03 - 2020-06-11 11:03 - 000128312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2020-06-11 11:03 - 2020-06-11 11:03 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000104248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\atl.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanRadioManager.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxGipRadioManager.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnrollCtrl.exe
2020-06-11 11:03 - 2020-06-11 11:03 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\NfcRadioMedia.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnosticsTool.exe
2020-06-11 11:03 - 2020-06-11 11:03 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\atlthunk.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2020-06-11 11:03 - 2020-06-11 11:03 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2020-06-11 00:16 - 2020-06-11 00:17 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-06-11 00:16 - 2020-06-11 00:17 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-06-10 12:45 - 2020-06-10 12:45 - 000895969 _____ C:\Users\David Jackson\Downloads\UK-Internships-2020-with-marks.pdf
2020-06-10 10:38 - 2020-06-10 10:38 - 000000000 ____D C:\WINDOWS\system32\AMD
2020-06-10 09:51 - 2020-06-10 09:53 - 000000000 ____D C:\Users\David Jackson\Downloads\chipset-10.1.18228.8176-public-mup (1)
2020-06-10 09:49 - 2020-06-10 09:51 - 006563247 _____ C:\Users\David Jackson\Downloads\chipset-10.1.18228.8176-public-mup (1).zip
2020-06-09 23:41 - 2020-06-21 23:33 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-06-09 14:09 - 2020-06-09 14:09 - 010580024 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2020-06-08 16:59 - 2020-06-12 00:05 - 000002374 _____ C:\WINDOWS\system32\Tasks\StartCNBM
2020-06-08 13:42 - 2020-06-08 13:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Software
2020-06-08 13:40 - 2020-06-08 13:40 - 000000000 ____D C:\Program Files (x86)\AMD
2020-06-08 12:11 - 2020-05-25 12:41 - 001783920 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2020-06-08 12:11 - 2020-05-25 12:41 - 001783920 _____ C:\WINDOWS\system32\vulkaninfo.exe
2020-06-08 12:11 - 2020-05-25 12:41 - 001593448 _____ (AMD) C:\WINDOWS\system32\coinst_19.50.dll
2020-06-08 12:11 - 2020-05-25 12:41 - 001374320 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-06-08 12:11 - 2020-05-25 12:41 - 001374320 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2020-06-08 12:11 - 2020-05-25 12:41 - 001085360 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2020-06-08 12:11 - 2020-05-25 12:41 - 001085360 _____ C:\WINDOWS\system32\vulkan-1.dll
2020-06-08 12:11 - 2020-05-25 12:41 - 000944208 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2020-06-08 12:11 - 2020-05-25 12:41 - 000944208 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2020-06-08 12:11 - 2020-05-25 12:41 - 000760424 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2020-06-08 12:11 - 2020-05-25 12:41 - 000574056 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2020-06-08 12:11 - 2020-05-25 12:41 - 000493160 _____ C:\WINDOWS\system32\dgtrayicon.exe
2020-06-08 12:11 - 2020-05-25 12:41 - 000491104 _____ C:\WINDOWS\system32\GameManager64.dll
2020-06-08 12:11 - 2020-05-25 12:41 - 000484968 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2020-06-08 12:11 - 2020-05-25 12:41 - 000468584 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2020-06-08 12:11 - 2020-05-25 12:41 - 000451176 _____ C:\WINDOWS\system32\atieah64.exe
2020-06-08 12:11 - 2020-05-25 12:41 - 000373864 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2020-06-08 12:11 - 2020-05-25 12:41 - 000345192 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2020-06-08 12:11 - 2020-05-25 12:41 - 000344168 _____ C:\WINDOWS\system32\clinfo.exe
2020-06-08 12:11 - 2020-05-25 12:41 - 000241256 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2020-06-08 12:11 - 2020-05-25 12:41 - 000208488 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2020-06-08 12:11 - 2020-05-25 12:41 - 000183912 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2020-06-08 12:11 - 2020-05-25 12:41 - 000162408 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2020-06-08 12:11 - 2020-05-25 12:41 - 000158824 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2020-06-08 12:11 - 2020-05-25 12:41 - 000152680 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2020-06-08 12:11 - 2020-05-25 12:41 - 000137832 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2020-06-08 12:11 - 2020-05-25 12:41 - 000135784 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2020-06-08 12:11 - 2020-05-25 12:41 - 000135784 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2020-06-08 12:11 - 2020-05-25 12:41 - 000124000 _____ C:\WINDOWS\system32\atidxx64.dll
2020-06-08 12:11 - 2020-05-25 12:41 - 000106600 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2020-06-08 12:11 - 2020-05-25 12:41 - 000046696 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2020-06-08 12:11 - 2020-05-25 12:41 - 000043624 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2020-06-08 12:11 - 2020-05-25 12:41 - 000019768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2020-06-08 12:11 - 2020-05-25 12:41 - 000019768 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2020-06-08 12:11 - 2020-05-25 12:40 - 004585056 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2020-06-08 12:11 - 2020-05-25 12:40 - 004094568 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2020-06-08 12:11 - 2020-05-25 12:40 - 001730152 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2020-06-08 12:11 - 2020-05-25 12:40 - 001242728 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2020-06-08 12:11 - 2020-05-25 12:40 - 001242728 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2020-06-08 12:11 - 2020-05-25 12:40 - 000178240 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2020-06-08 12:11 - 2020-05-25 12:40 - 000157592 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2020-06-08 12:11 - 2020-05-25 12:40 - 000128112 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2020-06-08 12:11 - 2020-05-25 12:40 - 000107216 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2020-06-08 12:11 - 2020-05-25 12:40 - 000070248 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2020-06-08 12:11 - 2020-05-25 11:35 - 003471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2020-06-08 12:11 - 2020-05-25 11:35 - 003437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2020-06-08 12:11 - 2020-05-25 11:35 - 000543168 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2020-06-08 12:11 - 2020-05-25 11:35 - 000543168 _____ C:\WINDOWS\system32\atiapfxx.blb
2020-06-08 12:11 - 2020-05-05 13:49 - 000483248 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlogsr.exe
2020-06-08 12:11 - 2020-05-05 13:49 - 000089200 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdlog.sys
2020-06-08 12:10 - 2020-05-25 12:40 - 062867048 _____ C:\WINDOWS\system32\amd_comgr.dll
2020-06-08 12:10 - 2020-05-25 12:40 - 052402792 _____ C:\WINDOWS\SysWOW64\amd_comgr32.dll
2020-06-08 12:10 - 2020-05-25 12:40 - 000941160 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2020-06-08 12:10 - 2020-05-25 12:40 - 000768616 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2020-06-08 12:10 - 2020-05-25 12:40 - 000553576 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll
2020-06-08 12:10 - 2020-05-25 12:40 - 000483944 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2020-06-08 12:10 - 2020-05-25 12:40 - 000383592 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll
2020-06-08 12:10 - 2020-05-25 12:40 - 000373352 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2020-06-08 12:10 - 2020-05-25 12:40 - 000197280 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdihk64.dll
2020-06-08 12:10 - 2020-05-25 12:40 - 000166880 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdihk32.dll
2020-06-08 12:10 - 2020-05-25 12:40 - 000134760 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2020-06-08 12:10 - 2020-05-25 12:40 - 000120936 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2020-06-08 12:10 - 2020-05-25 12:40 - 000120424 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2020-06-08 12:10 - 2020-05-25 12:40 - 000105576 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2020-06-08 12:10 - 2020-05-25 12:39 - 000545712 _____ C:\WINDOWS\system32\amdmiracast.dll
2020-06-08 12:10 - 2020-05-25 12:39 - 000134328 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2020-06-08 12:10 - 2020-05-25 12:39 - 000128128 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2020-06-08 12:10 - 2020-05-25 12:39 - 000119240 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2020-06-08 12:10 - 2020-05-25 12:39 - 000107224 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2020-06-06 22:21 - 2020-06-06 22:21 - 000213719 _____ C:\Users\David Jackson\Downloads\ironsideholiness.pdf
2020-06-05 11:00 - 2020-06-05 11:00 - 000285585 _____ C:\Users\David Jackson\Downloads\[email protected]
2020-06-04 11:17 - 2020-06-04 11:17 - 000266924 _____ C:\Users\David Jackson\Downloads\wecshorttermmission.zip
2020-06-02 21:21 - 2020-06-02 21:21 - 000769365 _____ C:\Users\David Jackson\Downloads\Wuxi_Pix_Courtesy_of_John_Zhang_(eom).zip
2020-05-31 18:19 - 2020-05-31 18:19 - 004248267 _____ C:\Users\David Jackson\Downloads\Wewerewrong.pdf
2020-05-31 17:45 - 2020-05-31 17:45 - 002951108 _____ C:\Users\David Jackson\Downloads\The_Spiritual_Man.pdf
2020-05-31 17:44 - 2020-05-31 17:44 - 001847750 _____ C:\Users\David Jackson\Downloads\Life of Moody.pdf
2020-05-31 17:43 - 2020-05-31 17:44 - 000123921 _____ C:\Users\David Jackson\Downloads\Exegetical_Fallacies.pdf
2020-05-31 17:42 - 2020-05-31 17:42 - 005001581 _____ C:\Users\David Jackson\Downloads\captive-to-glory-en.pdf
2020-05-31 17:42 - 2020-05-31 17:42 - 001631341 _____ C:\Users\David Jackson\Downloads\an-all-consuming-passion-for-jesus-en.pdf
2020-05-31 17:41 - 2020-05-31 17:41 - 000752137 _____ C:\Users\David Jackson\Downloads\a-tribute-to-my-father-en.pdf
2020-05-31 17:41 - 2020-05-31 17:41 - 000535038 _____ C:\Users\David Jackson\Downloads\sanctification-in-the-everyday-en.pdf
2020-05-31 17:40 - 2020-05-31 17:41 - 001510909 _____ C:\Users\David Jackson\Downloads\martin-luther-en.pdf
2020-05-31 17:40 - 2020-05-31 17:40 - 003065948 _____ C:\Users\David Jackson\Downloads\john-g-paton-en.pdf
2020-05-31 17:39 - 2020-05-31 17:39 - 000901007 _____ C:\Users\David Jackson\Downloads\david-brainerd-en.pdf
2020-05-31 17:38 - 2020-05-31 17:38 - 003361884 _____ C:\Users\David Jackson\Downloads\adoniram-judson-en.pdf
2020-05-31 09:51 - 2020-05-31 09:51 - 000000000 ____D C:\Users\Public\Foxit Software
2020-05-31 09:51 - 2020-05-31 09:51 - 000000000 ____D C:\Users\David Jackson\AppData\Roaming\Foxit AgentInformation
2020-05-31 09:51 - 2020-05-31 09:51 - 000000000 ____D C:\Users\David Jackson\AppData\LocalLow\Foxit
2020-05-31 09:51 - 2020-05-31 09:51 - 000000000 ____D C:\ProgramData\Foxit Software
2020-05-31 09:51 - 2020-05-31 09:51 - 000000000 ____D C:\ProgramData\Foxit ContentPlatform
2020-05-31 09:50 - 2020-06-06 22:22 - 000000000 ____D C:\Users\David Jackson\AppData\Roaming\Foxit Software
2020-05-31 09:50 - 2020-05-31 09:50 - 000001436 _____ C:\Users\Public\Desktop\Foxit Reader.lnk
2020-05-31 09:50 - 2020-05-31 09:50 - 000001436 _____ C:\ProgramData\Desktop\Foxit Reader.lnk
2020-05-31 09:50 - 2020-05-31 09:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2020-05-31 09:50 - 2020-05-31 09:50 - 000000000 ____D C:\Program Files (x86)\Foxit Software
2020-05-26 11:12 - 2020-05-26 11:13 - 000277049 _____ C:\Users\David Jackson\Downloads\PSN 48539.pdf
2020-05-25 23:00 - 2020-05-25 23:00 - 000001079 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2020-05-25 23:00 - 2020-05-25 23:00 - 000001079 _____ C:\ProgramData\Desktop\Revo Uninstaller.lnk
2020-05-25 22:58 - 2020-05-25 22:58 - 000000000 ____D C:\ProgramData\UCheck
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-06-21 23:47 - 2020-01-24 00:15 - 000000000 ____D C:\FRST
2020-06-21 23:46 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-06-21 23:35 - 2018-10-17 11:39 - 000000000 __SHD C:\Users\David Jackson\IntelGraphicsProfiles
2020-06-21 23:34 - 2020-04-19 10:57 - 000520784 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-06-21 23:33 - 2019-08-25 23:13 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-06-21 23:33 - 2018-12-07 13:00 - 000000000 ____D C:\ProgramData\AVAST Software
2020-06-21 23:33 - 2018-10-17 11:02 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-06-21 23:32 - 2019-03-19 05:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-06-21 23:31 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-06-21 21:03 - 2019-08-25 22:43 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-06-21 13:05 - 2018-12-19 10:36 - 000000000 ____D C:\Users\David Jackson\AppData\Local\CrashDumps
2020-06-21 13:04 - 2019-10-06 14:14 - 000000000 ____D C:\Users\David Jackson\AppData\Local\OpenShell
2020-06-21 07:48 - 2020-02-28 09:15 - 000000000 ____D C:\Users\David Jackson\Downloads\opera autoupdate
2020-06-21 00:27 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-06-17 23:34 - 2020-05-11 12:00 - 000002424 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2020-06-17 23:34 - 2020-05-11 12:00 - 000002383 _____ C:\Users\Public\Desktop\Brave.lnk
2020-06-17 23:34 - 2020-05-11 12:00 - 000002383 _____ C:\ProgramData\Desktop\Brave.lnk
2020-06-17 18:32 - 2020-05-12 15:09 - 000000000 ____D C:\Users\David Jackson\AppData\Local\ElevatedDiagnostics
2020-06-16 21:01 - 2020-04-24 13:53 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-06-16 21:01 - 2020-04-24 13:53 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-06-16 21:01 - 2020-04-24 13:53 - 000002262 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-06-16 17:18 - 2018-10-17 11:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2020-06-16 17:09 - 2019-06-08 11:19 - 000000000 ____D C:\Users\David Jackson\AppData\Roaming\Anki2
2020-06-16 09:48 - 2019-03-16 17:30 - 000000000 ____D C:\Users\David Jackson\AppData\Local\D3DSCache
2020-06-12 22:23 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2020-06-12 22:21 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2020-06-12 22:21 - 2016-07-16 12:47 - 000000000 ____D C:\WINDOWS\system32\GroupPolicy
2020-06-12 21:02 - 2018-10-17 11:02 - 000000000 ____D C:\Users\David Jackson\AppData\LocalLow\Mozilla
2020-06-12 19:44 - 2018-10-18 10:25 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-06-12 19:33 - 2020-02-23 23:13 - 000744808 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2020-06-12 19:17 - 2018-10-17 11:02 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-06-12 09:27 - 2020-03-05 15:22 - 000735058 _____ C:\WINDOWS\system32\perfh010.dat
2020-06-12 09:27 - 2020-03-05 15:22 - 000135432 _____ C:\WINDOWS\system32\perfc010.dat
2020-06-12 09:27 - 2020-01-14 21:53 - 000745756 _____ C:\WINDOWS\system32\perfh00C.dat
2020-06-12 09:27 - 2020-01-14 21:53 - 000139160 _____ C:\WINDOWS\system32\perfc00C.dat
2020-06-12 09:27 - 2020-01-14 21:35 - 000696098 _____ C:\WINDOWS\system32\perfh007.dat
2020-06-12 09:27 - 2020-01-14 21:35 - 000139468 _____ C:\WINDOWS\system32\perfc007.dat
2020-06-12 09:27 - 2019-08-26 08:17 - 000395550 _____ C:\WINDOWS\system32\prfh0804.dat
2020-06-12 09:27 - 2019-08-26 08:17 - 000122334 _____ C:\WINDOWS\system32\prfc0804.dat
2020-06-12 09:27 - 2019-08-25 23:03 - 003916954 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-06-12 09:27 - 2018-10-25 14:52 - 000000000 ___RD C:\Users\David Jackson\3D Objects
2020-06-12 09:27 - 2016-11-20 19:51 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-06-12 00:20 - 2019-03-19 07:20 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2020-06-12 00:20 - 2019-03-19 07:20 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2020-06-12 00:20 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2020-06-12 00:20 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\F12
2020-06-12 00:20 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2020-06-12 00:20 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-06-12 00:20 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2020-06-12 00:20 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2020-06-12 00:20 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-06-12 00:20 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-06-12 00:20 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-06-12 00:20 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Com
2020-06-12 00:20 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2020-06-12 00:20 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-06-12 00:20 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-06-12 00:05 - 2020-04-24 13:51 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-06-12 00:05 - 2020-04-24 13:51 - 000003124 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-06-12 00:05 - 2020-03-19 15:58 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-06-12 00:05 - 2020-01-30 14:14 - 000002392 _____ C:\WINDOWS\system32\Tasks\ModifyLinkUpdate
2020-06-12 00:05 - 2020-01-30 14:14 - 000002202 _____ C:\WINDOWS\system32\Tasks\StartCN
2020-06-12 00:05 - 2020-01-30 14:14 - 000002122 _____ C:\WINDOWS\system32\Tasks\StartDVR
2020-06-12 00:05 - 2019-10-11 16:41 - 000002588 _____ C:\WINDOWS\system32\Tasks\CreateExplorerShellUnelevatedTask
2020-06-12 00:05 - 2019-08-25 23:25 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2490165305-1638453623-257508744-1001
2020-06-12 00:05 - 2019-08-25 23:13 - 000003720 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier
2020-06-12 00:05 - 2019-08-25 23:13 - 000003404 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player Updater
2020-06-12 00:05 - 2019-08-25 23:13 - 000003364 _____ C:\WINDOWS\system32\Tasks\BraveSoftwareUpdateTaskMachineUA
2020-06-12 00:05 - 2019-08-25 23:13 - 000003140 _____ C:\WINDOWS\system32\Tasks\BraveSoftwareUpdateTaskMachineCore
2020-06-11 11:16 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-06-11 11:03 - 2019-08-25 22:48 - 002876416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2020-06-10 10:37 - 2019-03-13 22:07 - 000000000 ____D C:\ProgramData\Package Cache
2020-06-09 23:26 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-06-09 18:12 - 2019-10-07 12:18 - 000014661 _____ C:\VEW.txt
2020-06-09 14:29 - 2018-10-17 11:31 - 000000000 ____D C:\Program Files\AMD
2020-06-09 14:09 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-06-09 14:09 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-06-08 16:59 - 2020-02-14 10:27 - 000000000 ____D C:\ProgramData\AMD
2020-06-08 12:11 - 2020-02-14 10:27 - 000000000 ____D C:\AMD
2020-06-07 11:01 - 2018-10-17 10:44 - 000000000 ____D C:\Users\David Jackson\AppData\Roaming\vlc
2020-06-06 12:13 - 2018-10-17 11:39 - 000000000 ____D C:\Users\David Jackson\AppData\Local\Packages
2020-06-04 08:15 - 2019-03-19 05:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-05-31 09:31 - 2019-06-11 19:34 - 000000000 ____D C:\Program Files (x86)\Adobe
2020-05-31 00:40 - 2019-08-25 22:52 - 000000000 ____D C:\Users\David Jackson
2020-05-30 10:34 - 2019-06-19 10:08 - 000000000 ____D C:\Program Files\UNP
2020-05-26 19:33 - 2019-01-12 22:37 - 000000000 ____D C:\Users\David Jackson\AppData\Local\Adobe
2020-05-25 23:00 - 2018-11-09 03:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
 
==================== Files in the root of some directories ========
 
2019-01-27 14:38 - 2019-01-27 14:48 - 000000094 _____ () C:\Users\David Jackson\AppData\Roaming\AlamySizeCheck Preferences
2019-03-15 01:43 - 2019-03-15 01:43 - 039718141 _____ () C:\Users\David Jackson\AppData\Local\Ahiramto
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ========================

  • 0

#139
RKinner
Posted 21 June 2020 - 05:29 PM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP

For some reason your system interprets the first half of your user name as a file name tho I have no idea where it gets the text from.  It appears to me that when you installed Panda it also installed Opera.  Normally that wouldn't matter but on your system the Opera files are stored in:  C:\Users\David Jackson\AppData\Local\Programs\Opera\...   (As far as I am concerned they are supposed to be in C:\Program Files and not in Appdata but for some reason Opera decided to do it differently.)

 

There were two tasks and a registry Run entry using the path to check for Opera updates.  I had FRST remove them.  They will probably come back if you ever update Opera.

 

You are only getting one error:

Error: (06/21/2020 11:31:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The AMD User Experience Program Launcher service terminated unexpectedly.  It has done this 1 time(s).
 

There is no need for this service to run.  It is just a way for AMD to get feedback on customer problems and apparently it is not working all that well:

 

https://community.am...m/thread/233629

 

Recomme3ndation is to turn it off using msconfig:

 

Search for

msconfig

hit ENter

click on Services.

 

Uncheck the entry for AMD User Experience (or maybe just user experience)

 

OK

 

Reboot.

 

 


  • 0

#140
daba
Posted 22 June 2020 - 04:48 AM

daba

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 367 posts

Thank you very much. I confess to having a soft spot for Opera and so when they dangled it temptingly before me, I bit even though I haven't used it once of late. So I used Revo to get rid. If I reinstall at a later date do you think it will go where it's supposed to? I found the AMD and turned it off. Thanks for that.

 

You've helped me so much over these past couple of years and I very much appreciate it. Gold or Silver I have not, but I did write an interesting spiritual memoir which a lot of people have enjoyed reading. I'd be happy to send you the PDF if you'd like to read it. (No obligation, obviously). Just want to give something back, however small. I'm terminated from my job at TUI due to Covid. Anyway, the offer's there if you're interested. No worries. Again though, thanks a lot for all the help. (May I ask why you do this?) If that's intrusive, tell me to shut up!


  • 0

#141
daba
Posted 12 July 2020 - 08:55 AM

daba

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 367 posts

Hello there and trust you are well. Back again I'm afraid after doing something dumb, presumably. I used to have this blog but I hadn't used in ages so yesterday I deleted it, at least that was my intention. But on start up brave keeps opening this page and I can't seem to get rid of it. Would it be at all possible to ask for your help again? Quite understand if I've exhausted my credit, so to speak. I attach the screeenshot. Thank you very much, either way.


  • 0

#142
RKinner
Posted 12 July 2020 - 09:33 AM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP

Open Brave, Go to the page you want it to start with.  (If it doubt set it to google.com)

Close all other pages.

 

Click on the three horizontal lines icon in the upper right.

Click on Settings.

Under "Get Started" find "On Startup"

Check the button for "Use Current Pages"

Close the settings page.   Restart Brave.

 

Is that what you wanted?


  • 0

#143
daba
Posted 12 July 2020 - 10:21 AM

daba

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 367 posts

I wanted it gone and - thanks to you - it's gone. Easy when you know how, infuriating when you don't. Thank you!


  • 0

#144
daba
Posted 01 September 2020 - 08:52 AM

daba

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 367 posts

Hello. It's been a while so if it's not okay to hop back on this, just say. I've got the old problem back of hitting keys and them not producing text. Sometimes I may have to hit the key fifteen times before it appears, the next key might need three strikes, the next types normally - really annoying. But it's sporadic: right now, for example, I'm inexplicably able to type normally. Presumably something to do with Windows, not that I'd know. If you have any fix possibilities, I'd be grateful to hear them. Thank you very much for any help.


  • 0

#145
RKinner
Posted 01 September 2020 - 08:55 AM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP

Could I see a new FRST log?


  • 0

Advertisements

#146
daba
Posted 01 September 2020 - 11:23 AM

daba

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 367 posts

Thank you very much.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-08-2020
Ran by David Jackson (administrator) on DAVIDDELL2 (Dell Inc. Vostro 3478) (01-09-2020 17:39:00)
Running from C:\Users\David Jackson\Desktop
Loaded Profiles: David Jackson
Platform: Windows 10 Home Version 1909 18363.1016 (X64) Language: English (United States)
Default browser: "C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe" -- "%1"
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0355311.inf_amd64_815d26f2163260da\B355199\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0355311.inf_amd64_815d26f2163260da\B355199\atiesrxx.exe
(Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe <10>
(F.lux Software LLC -> f.lux Software LLC) C:\Users\David Jackson\AppData\Local\FluxSoftware\Flux\flux.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel® pGFX 2020 -> ) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_cf129e457c51e71b\OneApp.IGCC.WinService.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_0ff9f497187b8bed\igfxCUIService.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_0ff9f497187b8bed\igfxEM.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_020c2c7d3ac4a7d3\IntelCpHDCPSvc.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_020c2c7d3ac4a7d3\IntelCpHeciSvc.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\InputMethod\CHS\ChsIME.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdlogsr.exe
(Microsoft Windows Hardware Compatibility Publisher -> Windows ® Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Open-Shell) [File not signed] C:\Program Files\Open-Shell\StartMenu.exe
(Panda Security S.L. -> Panda Security S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\pselamsvc.exe
(Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9246656 2018-01-08] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1505728 2018-01-08] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [1210288 2017-11-14] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [Open-Shell Start Menu] => C:\Program Files\Open-Shell\StartMenu.exe [216576 2018-08-18] (Open-Shell) [File not signed]
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [318920 2019-05-30] (Intel® Rapid Storage Technology -> Intel Corporation)
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [165120 2019-10-16] (Panda Security S.L. -> Panda Security, S.L.)
HKU\S-1-5-21-2490165305-1638453623-257508744-1001\...\Run: [f.lux] => C:\Users\David Jackson\AppData\Local\FluxSoftware\Flux\flux.exe [1469968 2020-06-17] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-2490165305-1638453623-257508744-1001\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe [2075816 2020-08-27] (Brave Software, Inc. -> Brave Software, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\85.0.4183.83\Installer\chrmstp.exe [2020-08-27] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\85.1.13.82\Installer\chrmstp.exe [2020-08-28] (Brave Software, Inc.) [File not signed]
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {044E1B9A-370F-4F6F-BADB-0A0F0DA37B38} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2020-05-15] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {11FCF4AA-3F7D-4378-967A-F69D76B06EE6} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_414_pepper.exe [1471032 2020-08-11] (Adobe Inc. -> Adobe)
Task: {1628DE49-B22E-47A2-9958-9B7685BB85C5} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [159368 2019-08-23] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {1FEE1AB6-7875-4C51-8A22-DFEA95CAE2DE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {5FC8279F-34E1-4E48-96E4-05997EF10D17} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe
Task: {70430A0A-6C3D-4E78-AB37-CC19CF4B741D} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe [1628160 2020-05-15] (Advanced Micro Devices, Inc.) [File not signed]
Task: {74F7F83F-2E3D-47E4-AB60-9AD942D901C5} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {75198F92-0F54-4164-926B-3AA5947FE1E3} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe
Task: {85493095-4007-4EB6-9694-D88CFAE7F7AE} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {8A408B5D-FB1B-4DEC-B6C8-7B2A2CC01B52} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [69304 2020-05-15] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {8EEC5CF0-6E3A-4C54-8E3A-812E083C98B1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {BB8CD43C-4901-4FC2-AA25-E43E380B45FF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-24] (Google LLC -> Google LLC)
Task: {CA437914-1533-42A0-9BD7-557841658C20} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1628160 2020-05-15] (Advanced Micro Devices, Inc.) [File not signed]
Task: {D399D880-303A-47CC-94F1-D96370C19676} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Task: {DC6795B8-FE5E-4511-8151-24C490DD4E68} - System32\Tasks\StartCNBM => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2020-05-15] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {E7611AFD-1B56-4D55-AE60-0C0DE6CB3B2D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-24] (Google LLC -> Google LLC)
Task: {E98EE99C-7858-4B66-8CEF-13D1B6181553} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [124624 2020-06-09] (Mozilla Corporation -> Mozilla Foundation)
Task: {EC8B1B18-0FAC-4DC3-9501-10DB2041BDAC} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-08-11] (Adobe Inc. -> Adobe)
Task: {F3B44636-CBFA-493D-A6AD-6854DD13752F} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1628160 2020-05-15] (Advanced Micro Devices, Inc.) [File not signed]
Task: {F3BD7406-3407-4868-B770-5B166A045ADE} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [159368 2019-08-23] (Brave Software, Inc. -> BraveSoftware Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 10.0.0.254
Tcpip\..\Interfaces\{8c70cad8-062e-4f13-8ce5-2a31ab038f35}: [DhcpNameServer] 10.0.0.254
Tcpip\..\Interfaces\{b3d91cbd-008e-4ca0-a438-0fc4de714817}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{e74bf68f-123f-41dc-be80-cfca9c0eab71}: [DhcpNameServer] 192.168.88.1 192.168.1.1
 
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2490165305-1638453623-257508744-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2016-10-17] (Microsoft Corporation -> Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Open-Shell\ClassicExplorer64.dll [2018-08-18] (Open-Shell) [File not signed]
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2016-10-17] (Microsoft Corporation -> Microsoft Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Open-Shell\ClassicIEDLL_64.dll [2018-08-18] (Open-Shell) [File not signed]
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Open-Shell\ClassicExplorer32.dll [2018-08-18] (Open-Shell) [File not signed]
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2016-10-17] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Open-Shell\ClassicIEDLL_32.dll [2018-08-18] (Open-Shell) [File not signed]
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Open-Shell\ClassicExplorer64.dll [2018-08-18] (Open-Shell) [File not signed]
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Open-Shell\ClassicExplorer32.dll [2018-08-18] (Open-Shell) [File not signed]
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-10-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-10-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-10-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-10-17] (Microsoft Corporation -> Microsoft Corporation)
 
FireFox:
========
FF DefaultProfile: 58x27176.default-1552496324060
FF ProfilePath: C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060 [2020-07-22]
FF Extension: (Clear Cache) - C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060\Extensions\[email protected] [2019-07-10]
FF Extension: (Reverso – Translation, dictionary) - C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060\Extensions\[email protected] [2020-07-21]
FF Extension: (Simple Translate) - C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060\Extensions\[email protected] [2020-05-11]
FF Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060\Extensions\[email protected] [2020-07-21]
FF Extension: (uBlock Origin) - C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060\Extensions\[email protected] [2020-07-21]
FF Extension: (Avast Online Security) - C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060\Extensions\[email protected] [2020-04-10] [UpdateUrl:hxxps://firefoxext.avcdn.net/firefoxext/avast/aos/update.json]
FF Extension: (Startpage.com — Private Search Engine) - C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060\Extensions\{20fc2e06-e3e4-4b2b-812b-ab431220cada}.xpi [2019-10-27]
FF Extension: (Zhongwen: Chinese-English Dictionary) - C:\Users\David Jackson\AppData\Roaming\Mozilla\Firefox\Profiles\58x27176.default-1552496324060\Extensions\{b65c7bc6-846b-4f65-b6ed-099d7e042309}.xpi [2019-03-14] [UpdateUrl:hxxps://clients2.google.com/service/update2/crx]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-10-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=3 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2019-08-23] (Brave Software, Inc. -> BraveSoftware Inc.)
FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=9 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2019-08-23] (Brave Software, Inc. -> BraveSoftware Inc.)
 
Chrome: 
=======
CHR Profile: C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default [2020-06-27]
CHR Extension: (Slides) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-04-24]
CHR Extension: (Docs) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-04-24]
CHR Extension: (Google Drive) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-04-24]
CHR Extension: (YouTube) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-04-24]
CHR Extension: (uBlock Origin) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2020-06-27]
CHR Extension: (Sheets) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-04-24]
CHR Extension: (Google Docs Offline) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-06-27]
CHR Extension: (Avast Online Security) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2020-06-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-04-24]
CHR Extension: (Gmail) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-04-24]
CHR Extension: (Chrome Media Router) - C:\Users\David Jackson\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-06-27]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-08-11] (Adobe Inc. -> Adobe)
S4 AUEPLauncher; C:\Program Files\AMD\CIM\..\Performance Profile Client\AUEPLauncher.exe [60600 2020-05-15] (Advanced Micro Devices, Inc. -> AMD)
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [159368 2019-08-23] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [159368 2019-08-23] (Brave Software, Inc. -> BraveSoftware Inc.)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [109536 2019-10-16] (Panda Security S.L. -> Panda Security, S.L.)
S3 Panda VPN Service; C:\Program Files (x86)\Panda Security\Panda Security Protection\Hydra.Sdk.Windows.Service.exe [320848 2017-11-20] (AnchorFree Inc -> )
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [84176 2019-02-19] (Panda Security S.L. -> Panda Security, S.L.)
R2 pselamsvc; C:\Program Files (x86)\Panda Security\Panda Security Protection\pselamsvc.exe [189448 2018-07-25] (Panda Security S.L. -> Panda Security S.L.)
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [48784 2019-10-16] (Panda Security S.L. -> Panda Security, S.L.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\NisSrv.exe [2484256 2020-06-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\MsMpEng.exe [103168 2020-06-12] (Microsoft Windows Publisher -> Microsoft Corporation)
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 aftap0901; C:\WINDOWS\System32\drivers\aftap0901.sys [48624 2017-11-16] (AnchorFree Inc -> The OpenVPN Project)
S3 asvpndrv; C:\WINDOWS\System32\drivers\asvpndrv.sys [31744 2014-05-18] (Astrill -> Astrill)
R1 NNSALPC; C:\WINDOWS\system32\DRIVERS\NNSALPC.sys [111384 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSDNS; C:\WINDOWS\system32\DRIVERS\NNSDNS.sys [104728 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSHTTP; C:\WINDOWS\system32\DRIVERS\NNSHTTP.sys [211736 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSHTTPS; C:\WINDOWS\system32\DRIVERS\NNSHTTPS.sys [125720 2019-03-06] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSIDS; C:\WINDOWS\system32\DRIVERS\NNSIDS.sys [132888 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSNAHSL; C:\WINDOWS\system32\DRIVERS\NNSNAHSL.sys [95472 2018-07-16] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPICC; C:\WINDOWS\system32\DRIVERS\NNSPICC.sys [149784 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPIHSW; C:\WINDOWS\system32\DRIVERS\NNSPIHSW.sys [95000 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPOP3; C:\WINDOWS\system32\DRIVERS\NNSPOP3.sys [135448 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPROT; C:\WINDOWS\system32\DRIVERS\NNSPROT.sys [346392 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPRV; C:\WINDOWS\system32\DRIVERS\NNSPRV.sys [290584 2019-05-30] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSSMTP; C:\WINDOWS\system32\DRIVERS\NNSSMTP.sys [123160 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSSTRM; C:\WINDOWS\system32\DRIVERS\NNSSTRM.sys [295192 2019-05-30] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSTLSC; C:\WINDOWS\system32\DRIVERS\NNSTLSC.sys [132376 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.)
U5 PROCMON24; C:\Windows\System32\Drivers\PROCMON24.sys [97176 2019-10-13] (Microsoft Windows Hardware Compatibility Publisher -> Sysinternals - www.sysinternals.com)
R2 PSINAflt; C:\WINDOWS\system32\DRIVERS\PSINAflt.sys [198424 2019-06-12] (Panda Security S.L. -> Panda Security, S.L.)
S0 psinelam; C:\WINDOWS\System32\DRIVERS\psinelam.sys [21952 2019-01-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Panda Security, S.L.)
R2 PSINFile; C:\WINDOWS\System32\DRIVERS\PSINFile.sys [160536 2019-06-12] (Panda Security S.L. -> Panda Security, S.L.)
R1 PSINKNC; C:\WINDOWS\system32\DRIVERS\PSINKNC.sys [215320 2019-03-04] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINProc; C:\WINDOWS\System32\DRIVERS\PSINProc.sys [147224 2019-06-12] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINProt; C:\WINDOWS\system32\DRIVERS\PSINProt.sys [159512 2019-06-12] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINReg; C:\WINDOWS\system32\DRIVERS\PSINReg.sys [129304 2019-06-12] (Panda Security S.L. -> Panda Security, S.L.)
U3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [72648 2017-05-22] (Panda Security S.L. -> Panda Security, S.L.)
S3 rspLLL; C:\WINDOWS\System32\DRIVERS\rspLLL64.sys [26368 2015-07-13] (Daniel Terhell -> Resplendence Software Projects Sp.)
S3 rspWhySoSlow; C:\WINDOWS\System32\DRIVERS\rspWhy64.sys [28928 2016-12-17] (Daniel Terhell -> Resplendence Software Projects Sp.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45960 2020-06-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [401120 2020-06-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [64224 2020-06-12] (Microsoft Windows -> Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ===================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-09-01 17:39 - 2020-09-01 17:41 - 000027511 _____ C:\Users\David Jackson\Desktop\FRST.txt
2020-09-01 17:38 - 2020-09-01 17:38 - 002298880 _____ (Farbar) C:\Users\David Jackson\Desktop\FRST64 (1).exe
2020-09-01 17:38 - 2020-09-01 17:38 - 000000000 ____D C:\Users\David Jackson\Desktop\FRST-OlderVersion
2020-09-01 10:07 - 2020-09-01 10:07 - 000003132 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2020-09-01 10:07 - 2020-09-01 10:07 - 000003118 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2020-08-31 14:16 - 2017-05-22 06:01 - 000072648 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSKMAD.sys
2020-08-24 20:37 - 2020-08-24 20:37 - 000000000 ____D C:\Users\David Jackson\Documents\Chinese dox
2020-08-18 13:31 - 2020-08-18 13:31 - 001622658 _____ C:\Users\David Jackson\Downloads\IMG_3219.MOV
2020-08-17 10:18 - 2020-08-17 10:18 - 000000000 ____D C:\Users\David Jackson\AppData\LocalLow\Intel
2020-08-17 10:10 - 2020-06-14 18:27 - 021268312 _____ (Intel Corporation) C:\WINDOWS\system32\libmfxhw64.dll
2020-08-17 10:10 - 2020-06-14 18:27 - 020173688 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\libmfxhw32.dll
2020-08-17 10:10 - 2020-06-14 18:27 - 003183928 _____ (Intel Corporation) C:\WINDOWS\system32\mfx_mft_h265ve_64.dll
2020-08-17 10:10 - 2020-06-14 18:27 - 003177152 _____ (Intel Corporation) C:\WINDOWS\system32\mfx_mft_vp9ve_64.dll
2020-08-17 10:10 - 2020-06-14 18:27 - 003163656 _____ (Intel Corporation) C:\WINDOWS\system32\mfx_mft_h264ve_64.dll
2020-08-17 10:10 - 2020-06-14 18:27 - 003005448 _____ (Intel Corporation) C:\WINDOWS\system32\mfx_mft_mjpgvd_64.dll
2020-08-17 10:10 - 2020-06-14 18:27 - 002962120 _____ (Intel Corporation) C:\WINDOWS\system32\mfx_mft_encrypt_64.dll
2020-08-17 10:10 - 2020-06-14 18:27 - 002575616 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\mfx_mft_h265ve_32.dll
2020-08-17 10:10 - 2020-06-14 18:27 - 002570944 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\mfx_mft_vp9ve_32.dll
2020-08-17 10:10 - 2020-06-14 18:27 - 002562000 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\mfx_mft_h264ve_32.dll
2020-08-17 10:10 - 2020-06-14 18:27 - 002406240 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\mfx_mft_encrypt_32.dll
2020-08-17 10:10 - 2020-06-14 18:27 - 001776600 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2020-08-17 10:10 - 2020-06-14 18:27 - 001776600 _____ C:\WINDOWS\system32\vulkaninfo.exe
2020-08-17 10:10 - 2020-06-14 18:27 - 001367008 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-08-17 10:10 - 2020-06-14 18:27 - 001367008 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2020-08-17 10:10 - 2020-06-14 18:27 - 001087304 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2020-08-17 10:10 - 2020-06-14 18:27 - 001087304 _____ C:\WINDOWS\system32\vulkan-1.dll
2020-08-17 10:10 - 2020-06-14 18:27 - 000947016 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2020-08-17 10:10 - 2020-06-14 18:27 - 000947016 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2020-08-17 10:10 - 2020-06-14 18:27 - 000208680 _____ (Intel Corporation) C:\WINDOWS\system32\intel_gfx_api-x64.dll
2020-08-17 10:10 - 2020-06-14 18:27 - 000176456 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\intel_gfx_api-x86.dll
2020-08-17 10:10 - 2020-06-14 18:26 - 025068552 _____ (Intel Corporation) C:\WINDOWS\system32\mfxplugin64_hw.dll
2020-08-17 10:10 - 2020-06-14 18:26 - 011912200 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\mfxplugin32_hw.dll
2020-08-17 10:10 - 2020-06-14 18:26 - 002430984 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\mfx_mft_mjpgvd_32.dll
2020-08-17 10:10 - 2020-06-14 18:26 - 000118280 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2020-08-17 10:10 - 2020-06-14 18:26 - 000103432 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2020-08-17 10:10 - 2020-01-27 11:03 - 000072305 _____ C:\WINDOWS\SysWOW64\h265e_32.vp
2020-08-17 10:10 - 2020-01-27 11:03 - 000071888 _____ C:\WINDOWS\SysWOW64\vp9e_32.vp
2020-08-17 10:10 - 2020-01-27 11:03 - 000070721 _____ C:\WINDOWS\SysWOW64\he_32.vp
2020-08-17 10:10 - 2020-01-27 11:03 - 000066153 _____ C:\WINDOWS\SysWOW64\mj_32.vp
2020-08-17 10:10 - 2020-01-27 11:03 - 000014145 _____ C:\WINDOWS\system32\h265e_64.vp
2020-08-17 10:10 - 2020-01-27 11:03 - 000013996 _____ C:\WINDOWS\system32\vp9e_64.vp
2020-08-17 10:10 - 2020-01-27 11:03 - 000013589 _____ C:\WINDOWS\system32\he_64.vp
2020-08-17 10:10 - 2020-01-27 11:03 - 000013309 _____ C:\WINDOWS\system32\mj_64.vp
2020-08-17 10:09 - 2020-01-27 11:03 - 000057143 _____ C:\WINDOWS\SysWOW64\dev_32.vp
2020-08-17 10:09 - 2020-01-27 11:03 - 000056359 _____ C:\WINDOWS\system32\dev_64.vp
2020-08-17 10:09 - 2020-01-27 11:03 - 000001125 _____ C:\WINDOWS\SysWOW64\cpa_32.vp
2020-08-17 10:09 - 2020-01-27 11:03 - 000001125 _____ C:\WINDOWS\system32\cpa_64.vp
2020-08-15 09:32 - 2020-08-15 09:32 - 000000000 ____D C:\Users\David Jackson\Desktop\E
2020-08-14 10:12 - 2020-08-14 10:12 - 003365376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2020-08-14 10:12 - 2020-08-14 10:12 - 000941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2020-08-14 10:12 - 2020-08-14 10:12 - 000724480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2020-08-14 10:12 - 2020-08-14 10:12 - 000709120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2020-08-14 10:12 - 2020-08-14 10:12 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WalletService.dll
2020-08-14 10:12 - 2020-08-14 10:12 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2020-08-14 10:12 - 2020-08-14 10:12 - 000338944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2020-08-14 10:12 - 2020-08-14 10:12 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrahc.dll
2020-08-14 10:11 - 2020-08-14 10:11 - 025903104 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-08-14 10:11 - 2020-08-14 10:11 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-08-14 10:11 - 2020-08-14 10:11 - 022642688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-08-14 10:11 - 2020-08-14 10:11 - 019852288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-08-14 10:11 - 2020-08-14 10:11 - 019812352 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-08-14 10:11 - 2020-08-14 10:11 - 018032128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-08-14 10:11 - 2020-08-14 10:11 - 007758848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-08-14 10:11 - 2020-08-14 10:11 - 007270912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-08-14 10:11 - 2020-08-14 10:11 - 006294528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-08-14 10:11 - 2020-08-14 10:11 - 005904896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-08-14 10:11 - 2020-08-14 10:11 - 005013504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2020-08-14 10:11 - 2020-08-14 10:11 - 004859904 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-08-14 10:11 - 2020-08-14 10:11 - 004611072 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-08-14 10:11 - 2020-08-14 10:11 - 004129408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-08-14 10:11 - 2020-08-14 10:11 - 003822592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-08-14 10:11 - 2020-08-14 10:11 - 003637760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2020-08-14 10:11 - 2020-08-14 10:11 - 003516416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-08-14 10:11 - 2020-08-14 10:11 - 002950808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2020-08-14 10:11 - 2020-08-14 10:11 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-08-14 10:11 - 2020-08-14 10:11 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-08-14 10:11 - 2020-08-14 10:11 - 002588688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2020-08-14 10:11 - 2020-08-14 10:11 - 002422384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2020-08-14 10:11 - 2020-08-14 10:11 - 002259192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2020-08-14 10:11 - 2020-08-14 10:11 - 002138280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2020-08-14 10:11 - 2020-08-14 10:11 - 001870200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2020-08-14 10:11 - 2020-08-14 10:11 - 001836160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2020-08-14 10:11 - 2020-08-14 10:11 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-08-14 10:11 - 2020-08-14 10:11 - 001418832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2020-08-14 10:11 - 2020-08-14 10:11 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2020-08-14 10:11 - 2020-08-14 10:11 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-08-14 10:11 - 2020-08-14 10:11 - 001282872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2020-08-14 10:11 - 2020-08-14 10:11 - 001215488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe
2020-08-14 10:11 - 2020-08-14 10:11 - 001197056 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2020-08-14 10:11 - 2020-08-14 10:11 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-08-14 10:11 - 2020-08-14 10:11 - 001012792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-08-14 10:11 - 2020-08-14 10:11 - 001009664 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2020-08-14 10:11 - 2020-08-14 10:11 - 000995840 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2020-08-14 10:11 - 2020-08-14 10:11 - 000971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregcmd.exe
2020-08-14 10:11 - 2020-08-14 10:11 - 000893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2020-08-14 10:11 - 2020-08-14 10:11 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2020-08-14 10:11 - 2020-08-14 10:11 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2020-08-14 10:11 - 2020-08-14 10:11 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-08-14 10:11 - 2020-08-14 10:11 - 000783480 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-08-14 10:11 - 2020-08-14 10:11 - 000738064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2020-08-14 10:11 - 2020-08-14 10:11 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-08-14 10:11 - 2020-08-14 10:11 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-08-14 10:11 - 2020-08-14 10:11 - 000692224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-08-14 10:11 - 2020-08-14 10:11 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-08-14 10:11 - 2020-08-14 10:11 - 000671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2020-08-14 10:11 - 2020-08-14 10:11 - 000671040 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2020-08-14 10:11 - 2020-08-14 10:11 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2020-08-14 10:11 - 2020-08-14 10:11 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2020-08-14 10:11 - 2020-08-14 10:11 - 000666280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2020-08-14 10:11 - 2020-08-14 10:11 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-08-14 10:11 - 2020-08-14 10:11 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2020-08-14 10:11 - 2020-08-14 10:11 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2020-08-14 10:11 - 2020-08-14 10:11 - 000405504 _____ (Microsoft Corporation) C:\WINDOWS\system32\DispBroker.Desktop.dll
2020-08-14 10:11 - 2020-08-14 10:11 - 000359496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP4SDECD.DLL
2020-08-14 10:11 - 2020-08-14 10:11 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2020-08-14 10:11 - 2020-08-14 10:11 - 000343408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP4SDECD.DLL
2020-08-14 10:11 - 2020-08-14 10:11 - 000330240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll
2020-08-14 10:11 - 2020-08-14 10:11 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2020-08-14 10:11 - 2020-08-14 10:11 - 000309248 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapisrv.dll
2020-08-14 10:11 - 2020-08-14 10:11 - 000252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapisrv.dll
2020-08-14 10:11 - 2020-08-14 10:11 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-08-14 10:11 - 2020-08-14 10:11 - 000211256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-08-14 10:11 - 2020-08-14 10:11 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\net1.exe
2020-08-14 10:11 - 2020-08-14 10:11 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-08-14 10:11 - 2020-08-14 10:11 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-08-14 10:11 - 2020-08-14 10:11 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdrsvc.dll
2020-08-14 10:11 - 2020-08-14 10:11 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\net1.exe
2020-08-14 10:11 - 2020-08-14 10:11 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-08-14 10:11 - 2020-08-14 10:11 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2020-08-14 10:11 - 2020-08-14 10:11 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2020-08-14 10:11 - 2020-08-14 10:11 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-08-14 10:11 - 2020-08-14 10:11 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-08-14 10:11 - 2020-08-14 10:11 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdSSDP.dll
2020-08-14 10:11 - 2020-08-14 10:11 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiarpc.dll
2020-08-14 10:11 - 2020-08-14 10:11 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-08-14 10:11 - 2020-08-14 10:11 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-08-14 10:11 - 2020-08-14 10:11 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\udhisapi.dll
2020-08-14 10:11 - 2020-08-14 10:11 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnpcont.exe
2020-08-14 10:11 - 2020-08-14 10:11 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll
2020-08-14 10:11 - 2020-08-14 10:11 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-08-14 10:11 - 2020-08-14 10:11 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-08-14 10:11 - 2020-08-14 10:11 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll
2020-08-14 10:11 - 2020-08-14 10:11 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiatrace.dll
2020-08-14 10:11 - 2020-08-14 10:11 - 000000357 _____ C:\WINDOWS\system32\DrtmAuthKeyDelegate_From_20190529_To_20200303.bin
2020-08-14 10:11 - 2020-08-14 10:11 - 000000357 _____ C:\WINDOWS\system32\DrtmAuth1KeyDelegate.bin
2020-08-14 10:11 - 2020-08-14 10:11 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-08-14 10:11 - 2020-08-14 10:11 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-08-14 10:11 - 2020-08-14 10:11 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-08-14 10:11 - 2020-08-14 10:11 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-08-14 10:11 - 2020-08-14 10:11 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-08-14 10:11 - 2020-08-14 10:11 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-08-14 10:11 - 2020-08-14 10:11 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-08-14 10:11 - 2020-08-14 10:11 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-08-14 10:11 - 2020-08-14 10:11 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-08-14 10:11 - 2020-08-14 10:11 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-08-14 10:11 - 2020-08-14 10:11 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-08-14 10:11 - 2020-08-14 10:11 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-08-14 10:10 - 2020-08-14 10:10 - 014820352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 006526448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 006074552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 005946368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 005849872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 005767224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 005111296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 005003824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 003974376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2020-08-14 10:10 - 2020-08-14 10:10 - 003743056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 002799104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-08-14 10:10 - 2020-08-14 10:10 - 002739200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directml.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 002737664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 002583496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 002576896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 002307584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 002096128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 002022400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 001740800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 001672544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 001669344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 001654312 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 001564160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 001420320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 001406464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 001397576 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-08-14 10:10 - 2020-08-14 10:10 - 001101312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 001077048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-08-14 10:10 - 2020-08-14 10:10 - 001015296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000914432 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000897648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000894032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000875520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000782336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000775480 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2020-08-14 10:10 - 2020-08-14 10:10 - 000718336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.FileExplorer.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000702976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BTAGService.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000690536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000675040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2020-08-14 10:10 - 2020-08-14 10:10 - 000675024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000673088 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000672256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000649728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000629760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000593480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000579584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000572200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000568128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000564488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000535040 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprdim.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000495104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000467968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000431104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000403456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprdim.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000379704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000339456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\HrtfApo.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-08-14 10:10 - 2020-08-14 10:10 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000273744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BCP47Langs.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasplap.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000199680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasplap.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000199480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-08-14 10:10 - 2020-08-14 10:10 - 000194048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatializerApo.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000193592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtm.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvcext.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000165176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtm.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAuto.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Winlangdb.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000133256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BCP47mrm.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000124512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceUpdateAgent.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdSSDP.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\globinputhost.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000090936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000089328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpkinstall.exe
2020-08-14 10:10 - 2020-08-14 10:10 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManMigrationPlugin.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmRes.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguageProfileCallback.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnpcont.exe
2020-08-14 10:10 - 2020-08-14 10:10 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afunix.sys
2020-08-14 10:10 - 2020-08-14 10:10 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\acwow64.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmprovhost.exe
2020-08-14 10:10 - 2020-08-14 10:10 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2020-08-14 10:10 - 2020-08-14 10:10 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2020-08-14 10:10 - 2020-08-14 10:10 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryCore.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Drivers\afunix.sys
2020-08-14 10:10 - 2020-08-14 10:10 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAgent.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
2020-08-14 10:10 - 2020-08-14 10:10 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmplpxy.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtprio.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtprio.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\instnm.exe
2020-08-14 10:10 - 2020-08-14 10:10 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000006144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll
2020-08-14 10:10 - 2020-08-14 10:10 - 000004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe
2020-08-14 10:10 - 2020-08-14 10:10 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2020-08-14 10:09 - 2020-08-14 10:09 - 009932088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-08-14 10:09 - 2020-08-14 10:09 - 007604584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-08-14 10:09 - 2020-08-14 10:09 - 007270728 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-08-14 10:09 - 2020-08-14 10:09 - 006436864 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-08-14 10:09 - 2020-08-14 10:09 - 004565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-08-14 10:09 - 2020-08-14 10:09 - 003806208 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-08-14 10:09 - 2020-08-14 10:09 - 003727872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-08-14 10:09 - 2020-08-14 10:09 - 003368616 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-08-14 10:09 - 2020-08-14 10:09 - 002986808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-08-14 10:09 - 2020-08-14 10:09 - 002766952 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-08-14 10:09 - 2020-08-14 10:09 - 002698048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2020-08-14 10:09 - 2020-08-14 10:09 - 002085632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-08-14 10:09 - 2020-08-14 10:09 - 001756592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-08-14 10:09 - 2020-08-14 10:09 - 001743680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-08-14 10:09 - 2020-08-14 10:09 - 001665024 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2020-08-14 10:09 - 2020-08-14 10:09 - 001512848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2020-08-14 10:09 - 2020-08-14 10:09 - 001482568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2020-08-14 10:09 - 2020-08-14 10:09 - 001393960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-08-14 10:09 - 2020-08-14 10:09 - 001366144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-08-14 10:09 - 2020-08-14 10:09 - 001182248 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2020-08-14 10:09 - 2020-08-14 10:09 - 000963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2020-08-14 10:09 - 2020-08-14 10:09 - 000888352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-08-14 10:09 - 2020-08-14 10:09 - 000867840 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2020-08-14 10:09 - 2020-08-14 10:09 - 000865280 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2020-08-14 10:09 - 2020-08-14 10:09 - 000841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2020-08-14 10:09 - 2020-08-14 10:09 - 000823744 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2020-08-14 10:09 - 2020-08-14 10:09 - 000822800 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2020-08-14 10:09 - 2020-08-14 10:09 - 000677888 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2020-08-14 10:09 - 2020-08-14 10:09 - 000661816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2020-08-14 10:09 - 2020-08-14 10:09 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-08-14 10:09 - 2020-08-14 10:09 - 000548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2020-08-14 10:09 - 2020-08-14 10:09 - 000534016 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2020-08-14 10:09 - 2020-08-14 10:09 - 000522688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2020-08-14 10:09 - 2020-08-14 10:09 - 000477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-08-14 10:09 - 2020-08-14 10:09 - 000463168 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2020-08-14 10:09 - 2020-08-14 10:09 - 000461112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2020-08-14 10:09 - 2020-08-14 10:09 - 000457016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2020-08-14 10:09 - 2020-08-14 10:09 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-08-14 10:09 - 2020-08-14 10:09 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2020-08-14 10:09 - 2020-08-14 10:09 - 000335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2020-08-14 10:09 - 2020-08-14 10:09 - 000314368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2020-08-14 10:09 - 2020-08-14 10:09 - 000247856 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-08-14 10:09 - 2020-08-14 10:09 - 000220984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-08-14 10:09 - 2020-08-14 10:09 - 000179512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2020-08-14 10:09 - 2020-08-14 10:09 - 000132408 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2020-08-14 10:09 - 2020-08-14 10:09 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2020-08-14 10:09 - 2020-08-14 10:09 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-08-14 10:09 - 2020-08-14 10:09 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2020-08-14 10:09 - 2020-08-14 10:09 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-08-14 10:09 - 2020-08-14 10:09 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-08-14 10:09 - 2020-08-14 10:09 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2020-08-14 10:09 - 2020-08-14 10:09 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2020-08-14 10:09 - 2020-08-14 10:09 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2020-08-14 10:09 - 2020-08-14 10:09 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2020-08-14 10:08 - 2020-08-14 10:09 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-08-14 10:08 - 2020-08-14 10:08 - 017792512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2020-08-14 10:08 - 2020-08-14 10:08 - 007915864 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-08-14 10:08 - 2020-08-14 10:08 - 007850784 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2020-08-14 10:08 - 2020-08-14 10:08 - 007583272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2020-08-14 10:08 - 2020-08-14 10:08 - 007297536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2020-08-14 10:08 - 2020-08-14 10:08 - 005283776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2020-08-14 10:08 - 2020-08-14 10:08 - 004625184 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2020-08-14 10:08 - 2020-08-14 10:08 - 004227116 _____ C:\WINDOWS\system32\DefaultHrtfs.bin
2020-08-14 10:08 - 2020-08-14 10:08 - 004005376 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2020-08-14 10:08 - 2020-08-14 10:08 - 003712000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-08-14 10:08 - 2020-08-14 10:08 - 003581240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-08-14 10:08 - 2020-08-14 10:08 - 003141632 _____ (Microsoft Corporation) C:\WINDOWS\system32\directml.dll
2020-08-14 10:08 - 2020-08-14 10:08 - 003084800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2020-08-14 10:08 - 2020-08-14 10:08 - 002808832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2020-08-14 10:08 - 2020-08-14 10:08 - 002717696 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-08-14 10:08 - 2020-08-14 10:08 - 002552120 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2020-08-14 10:08 - 2020-08-14 10:08 - 002523136 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2020-08-14 10:08 - 2020-08-14 10:08 - 002471936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-08-14 10:08 - 2020-08-14 10:08 - 002289152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-08-14 10:08 - 2020-08-14 10:08 - 002260312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2020-08-14 10:08 - 2020-08-14 10:08 - 002136064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2020-08-14 10:08 - 2020-08-14 10:08 - 001942528 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-08-14 10:08 - 2020-08-14 10:08 - 001885184 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2020-08-14 10:08 - 2020-08-14 10:08 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-08-14 10:08 - 2020-08-14 10:08 - 001660536 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-08-14 10:08 - 2020-08-14 10:08 - 001612800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2020-08-14 10:08 - 2020-08-14 10:08 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2020-08-14 10:08 - 2020-08-14 10:08 - 001338368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2020-08-14 10:08 - 2020-08-14 10:08 - 001274128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2020-08-14 10:08 - 2020-08-14 10:08 - 001182208 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-08-14 10:08 - 2020-08-14 10:08 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-08-14 10:08 - 2020-08-14 10:08 - 001127424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2020-08-14 10:08 - 2020-08-14 10:08 - 001123344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2020-08-14 10:08 - 2020-08-14 10:08 - 001072128 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2020-08-14 10:08 - 2020-08-14 10:08 - 001059328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2020-08-14 10:08 - 2020-08-14 10:08 - 001055232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2020-08-14 10:08 - 2020-08-14 10:08 - 001008128 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-08-14 10:08 - 2020-08-14 10:08 - 000937984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2020-08-14 10:08 - 2020-08-14 10:08 - 000917800 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-08-14 10:08 - 2020-08-14 10:08 - 000875424 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2020-08-14 10:08 - 2020-08-14 10:08 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-08-14 10:08 - 2020-08-14 10:08 - 000716312 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2020-08-14 10:08 - 2020-08-14 10:08 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2020-08-14 10:08 - 2020-08-14 10:08 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2020-08-14 10:08 - 2020-08-14 10:08 - 000521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2020-08-14 10:08 - 2020-08-14 10:08 - 000464384 _____ (Microsoft Corporation) C:\WINDOWS\system32\HrtfApo.dll
2020-08-14 10:08 - 2020-08-14 10:08 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-08-14 10:08 - 2020-08-14 10:08 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2020-08-14 10:08 - 2020-08-14 10:08 - 000369304 _____ (Microsoft Corporation) C:\WINDOWS\system32\BCP47Langs.dll
2020-08-14 10:08 - 2020-08-14 10:08 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2020-08-14 10:08 - 2020-08-14 10:08 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageOverlayServer.dll
2020-08-14 10:08 - 2020-08-14 10:08 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2020-08-14 10:08 - 2020-08-14 10:08 - 000302080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2020-08-14 10:08 - 2020-08-14 10:08 - 000287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2020-08-14 10:08 - 2020-08-14 10:08 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2020-08-14 10:08 - 2020-08-14 10:08 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2020-08-14 10:08 - 2020-08-14 10:08 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-08-14 10:08 - 2020-08-14 10:08 - 000263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2020-08-14 10:08 - 2020-08-14 10:08 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnservice.dll
2020-08-14 10:08 - 2020-08-14 10:08 - 000252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatializerApo.dll
2020-08-14 10:08 - 2020-08-14 10:08 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-08-14 10:08 - 2020-08-14 10:08 - 000209208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2020-08-14 10:08 - 2020-08-14 10:08 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2020-08-14 10:08 - 2020-08-14 10:08 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-08-14 10:08 - 2020-08-14 10:08 - 000201544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SIUF.dll
2020-08-14 10:08 - 2020-08-14 10:08 - 000199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Winlangdb.dll
2020-08-14 10:08 - 2020-08-14 10:08 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBAUDIO.sys
2020-08-14 10:08 - 2020-08-14 10:08 - 000186472 _____ (Microsoft Corporation) C:\WINDOWS\system32\BCP47mrm.dll
2020-08-14 10:08 - 2020-08-14 10:08 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAuto.dll
2020-08-14 10:08 - 2020-08-14 10:08 - 000152416 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2020-08-14 10:08 - 2020-08-14 10:08 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\globinputhost.dll
2020-08-14 10:08 - 2020-08-14 10:08 - 000104248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2020-08-14 10:08 - 2020-08-14 10:08 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2020-08-14 10:08 - 2020-08-14 10:08 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll
2020-08-14 10:08 - 2020-08-14 10:08 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2020-08-14 10:08 - 2020-08-14 10:08 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\keepaliveprovider.dll
2020-08-14 10:08 - 2020-08-14 10:08 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmRes.dll
2020-08-14 10:08 - 2020-08-14 10:08 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguageProfileCallback.dll
2020-08-14 10:08 - 2020-08-14 10:08 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmprovhost.exe
2020-08-14 10:08 - 2020-08-14 10:08 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2020-08-14 10:08 - 2020-08-14 10:08 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\cellulardatacapabilityhandler.dll
2020-08-14 10:08 - 2020-08-14 10:08 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2020-08-14 10:08 - 2020-08-14 10:08 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAgent.dll
2020-08-14 10:08 - 2020-08-14 10:08 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
2020-08-14 10:08 - 2020-08-14 10:08 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicPS.dll
2020-08-14 10:08 - 2020-08-14 10:08 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbservicetrigger.dll
2020-08-14 10:08 - 2020-08-14 10:08 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmplpxy.dll
2020-08-13 22:29 - 2020-08-13 22:30 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-08-13 22:29 - 2020-08-13 22:30 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-08-13 18:13 - 2020-08-13 18:14 - 000047021 _____ C:\Users\David Jackson\Downloads\Living Costs for Socotra.pdf
2020-08-13 10:26 - 2020-08-13 10:26 - 001937318 _____ C:\Users\David Jackson\Downloads\ReachAcross News August 2020.pdf
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-09-01 17:40 - 2020-01-24 00:15 - 000000000 ____D C:\FRST
2020-09-01 17:37 - 2019-08-25 22:43 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-09-01 15:56 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-09-01 10:27 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-09-01 10:27 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-09-01 10:06 - 2018-10-17 11:39 - 000000000 __SHD C:\Users\David Jackson\IntelGraphicsProfiles
2020-08-31 22:42 - 2019-10-06 14:14 - 000000000 ____D C:\Users\David Jackson\AppData\Local\OpenShell
2020-08-31 14:15 - 2019-08-25 23:13 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-08-31 14:14 - 2019-03-19 05:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-08-31 14:13 - 2020-03-05 15:22 - 000735058 _____ C:\WINDOWS\system32\perfh010.dat
2020-08-31 14:13 - 2020-03-05 15:22 - 000135432 _____ C:\WINDOWS\system32\perfc010.dat
2020-08-31 14:13 - 2020-01-14 21:53 - 000745756 _____ C:\WINDOWS\system32\perfh00C.dat
2020-08-31 14:13 - 2020-01-14 21:53 - 000139160 _____ C:\WINDOWS\system32\perfc00C.dat
2020-08-31 14:13 - 2020-01-14 21:35 - 000696098 _____ C:\WINDOWS\system32\perfh007.dat
2020-08-31 14:13 - 2020-01-14 21:35 - 000139468 _____ C:\WINDOWS\system32\perfc007.dat
2020-08-31 14:13 - 2019-08-26 08:17 - 000395550 _____ C:\WINDOWS\system32\prfh0804.dat
2020-08-31 14:13 - 2019-08-26 08:17 - 000122334 _____ C:\WINDOWS\system32\prfc0804.dat
2020-08-31 14:13 - 2019-08-25 23:03 - 003916954 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-08-31 14:13 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2020-08-31 14:08 - 2020-05-31 09:50 - 000000000 ____D C:\Users\David Jackson\AppData\Roaming\Foxit Software
2020-08-31 14:06 - 2020-05-31 09:51 - 000000000 ____D C:\ProgramData\Foxit Software
2020-08-28 11:13 - 2020-05-11 12:00 - 000002424 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2020-08-28 11:13 - 2020-05-11 12:00 - 000002383 _____ C:\Users\Public\Desktop\Brave.lnk
2020-08-28 11:13 - 2020-05-11 12:00 - 000002383 _____ C:\ProgramData\Desktop\Brave.lnk
2020-08-27 21:53 - 2020-04-24 13:53 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-08-27 21:53 - 2020-04-24 13:53 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-08-27 21:53 - 2020-04-24 13:53 - 000002262 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-08-27 13:08 - 2018-10-17 11:39 - 000000000 ____D C:\Users\David Jackson\AppData\Local\Packages
2020-08-25 15:39 - 2018-12-19 10:36 - 000000000 ____D C:\Users\David Jackson\AppData\Local\CrashDumps
2020-08-18 13:31 - 2018-10-17 10:44 - 000000000 ____D C:\Users\David Jackson\AppData\Roaming\vlc
2020-08-15 09:20 - 2018-10-25 14:52 - 000000000 ___RD C:\Users\David Jackson\3D Objects
2020-08-15 09:20 - 2016-11-20 19:51 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-08-15 09:18 - 2020-04-19 10:57 - 000520784 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-08-14 22:34 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2020-08-14 22:34 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2020-08-14 22:34 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-08-14 22:34 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-08-14 22:34 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\setup
2020-08-14 22:34 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2020-08-14 22:34 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-08-14 22:34 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-08-14 22:34 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-08-14 22:33 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-08-14 22:33 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\Provisioning
2020-08-14 22:33 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-08-14 22:33 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\servicing
2020-08-14 10:26 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-08-11 23:10 - 2020-06-12 09:24 - 000842296 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-08-11 23:10 - 2020-06-12 09:24 - 000175160 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2020-08-11 23:10 - 2020-06-09 14:09 - 004510264 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2020-08-11 23:10 - 2019-08-25 23:13 - 000004564 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier
2020-08-11 23:10 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-08-11 23:10 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-08-04 22:51 - 2019-08-25 22:52 - 000000000 ____D C:\Users\David Jackson
2020-08-04 19:43 - 2018-10-17 11:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
 
==================== Files in the root of some directories ========
 
2019-01-27 14:38 - 2019-01-27 14:48 - 000000094 _____ () C:\Users\David Jackson\AppData\Roaming\AlamySizeCheck Preferences
2019-03-15 01:43 - 2019-03-15 01:43 - 039718141 _____ () C:\Users\David Jackson\AppData\Local\Ahiramto
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ========================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-08-2020
Ran by David Jackson (01-09-2020 17:42:16)
Running from C:\Users\David Jackson\Desktop
Windows 10 Home Version 1909 18363.1016 (X64) (2019-08-25 22:15:07)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2490165305-1638453623-257508744-500 - Administrator - Disabled)
David Jackson (S-1-5-21-2490165305-1638453623-257508744-1001 - Administrator - Enabled) => C:\Users\David Jackson
DefaultAccount (S-1-5-21-2490165305-1638453623-257508744-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-2490165305-1638453623-257508744-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-2490165305-1638453623-257508744-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2490165305-1638453623-257508744-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Panda Dome (Enabled - Up to date) {CF440CD9-5435-10B1-04E0-7768B6F10320}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
7-Zip 19.02 alpha (x64) (HKLM\...\7-Zip) (Version: 19.02 alpha - Igor Pavlov)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.414 - Adobe)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 20.4.2 - Advanced Micro Devices, Inc.)
Anki (HKLM-x32\...\Anki) (Version: 2.1.13 - )
Branding64 (HKLM\...\{856DA29A-EA4A-468B-BBC2-B5F60DD75BFE}) (Version: 1.00.0002 - Advanced Micro Devices, Inc.) Hidden
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 85.1.13.82 - Brave Software Inc)
f.lux (HKU\S-1-5-21-2490165305-1638453623-257508744-1001\...\Flux) (Version:  - f.lux Software LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 85.0.4183.83 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden
Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{c4a581e8-a702-448c-80c7-4b6192985db2}) (Version: 10.1.18228.8176 - Intel® Corporation)
Intel® Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.3.10209.6897 - Intel Corporation)
Intel® Graphics Driver Software (HKLM-x32\...\{34b71f5b-fd06-4029-966e-c1d187ea90a7}) (Version: 3.11.1.0 - Intel) Hidden
Intel® Graphics Driver Software (HKLM-x32\...\{d7a872bf-e69e-4300-8537-086dc6abbf23}) (Version: 3.11.1.0 - Intel) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1914.12.0.1255 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 26.20.100.7212 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 17.5.0.1017 - Intel Corporation)
Intel® Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.52.230.1 - Intel Corporation) Hidden
Intel® Trusted Connect Services Client (HKLM-x32\...\{c6de84fd-ece7-4c2a-9f06-8cabe7ab79a0}) (Version: 1.52.230.1 - Intel Corporation) Hidden
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{7D4998B3-AC68-4815-AC47-5A1969D91E30}) (Version: 17.5.0.1017 - Intel Corporation)
Luminar 3 (HKLM\...\Luminar 3) (Version: 3.2.0.5246 - Skylum)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.7.9326.0 - Waves Audio Ltd.) Hidden
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2490165305-1638453623-257508744-1001\...\OneDriveSetup.exe) (Version: 19.152.0801.0008 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Mozilla Firefox 77.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 77.0.1 (x64 en-US)) (Version: 77.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 65.0.2 - Mozilla)
OEM Application Profile (HKLM-x32\...\{12C2AEB0-ED60-4CCF-DD83-C65BC7CCFB50}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Open-Shell (HKLM\...\{FD722BB1-4960-455F-89C6-EFAEB79527EF}) (Version: 4.4.131 - The Open-Shell Team)
Outils de vérification linguistique 2016 de Microsoft Office - Français (HKLM\...\{90160000-001F-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Panda Devices Agent (HKLM-x32\...\{DB0164A2-ADE9-4FEE-B080-D506BDD6427F}) (Version: 1.08.09 - Panda Security) Hidden
Panda Devices Agent (HKLM-x32\...\Panda Devices Agent) (Version: 1.03.09 - Panda Security) Hidden
Panda Dome (HKLM\...\{10EDA2C8-03AB-4C27-BDC4-39143A81B12F}) (Version: 11.12.30 - Panda Security) Hidden
Panda Dome (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 20.00.00.0001 - Panda Security)
Qualcomm 11ac Wireless LAN&Bluetooth Installer (HKLM-x32\...\{E7086B15-806E-4519-A876-DBA9FDDE9A13}) (Version: 11.0.0.10505 - Qualcomm)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.18362.31252 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8339 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.1.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.5 - VS Revo Group, Ltd.)
Skype version 8.63 (HKLM-x32\...\Skype_is1) (Version: 8.63 - Skype Technologies S.A.)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Update for Skype for Business 2016 (KB3127939) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{0E31A60F-4066-4FD8-AB36-4119E0FED3D9}) (Version:  - Microsoft)
Update for Skype for Business 2016 (KB3127939) 64-Bit Edition (HKLM\...\{90160000-012B-0409-1000-0000000FF1CE}_Office16.PROPLUS_{0E31A60F-4066-4FD8-AB36-4119E0FED3D9}) (Version:  - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
VSDC Free Video Editor version 6.3.1.939 (HKLM\...\VSDC Free Video Editor_is1) (Version: 6.3.1.939 - Flash-Integro LLC)
Vulkan Run Time Libraries 1.0.68.0 (HKLM\...\VulkanRT1.0.68.0) (Version: 1.0.68.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.68.0 (HKLM\...\VulkanRT1.0.68.0-2) (Version: 1.0.68.0 - LunarG, Inc.) Hidden
Zoom (HKU\S-1-5-21-2490165305-1638453623-257508744-1001\...\ZoomUMX) (Version: 5.1 - Zoom Video Communications, Inc.)
 
Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-08] (Autodesk Inc.)
Intel® Graphics Command Center -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.2727.0_x64__8j3eq9eme6ctt [2020-03-13] (INTEL CORP) [Startup Task]
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2020-02-19] (INTEL CORP)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-29] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-29] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.6.4030.0_x64__8wekyb3d8bbwe [2020-04-18] (Microsoft Studios) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.14.6005.0_x64__8wekyb3d8bbwe [2020-04-16] (Microsoft Studios)
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad]
Photos Add-on -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2019-03-15] (Microsoft Corporation)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-12-24] (Microsoft Corporation)
PhotoScape X -> C:\Program Files\WindowsApps\MooiiTech.PhotoScapeX_4.0.2.0_x64__f5eddttrpssna [2019-12-31] (Mooii Tech)
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c [2020-02-07] (Skype)
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-2490165305-1638453623-257508744-1001_Classes\CLSID\{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1}\localserver32 -> C:\Program Files\Waves\MaxxAudio\MaxxAudioPro.exe (Waves Inc -> Waves Audio Ltd)
ShellIconOverlayIdentifiers: [  OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-05-09] (Intel® Rapid Storage Technology -> )
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Open-Shell\ClassicExplorer64.dll [2018-08-18] (Open-Shell) [File not signed]
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Open-Shell\ClassicExplorer64.dll [2018-08-18] (Open-Shell) [File not signed]
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-09-05] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll [2019-06-18] (Panda Security S.L. -> Panda Security, S.L.)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-05-09] (Intel® Rapid Storage Technology -> )
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-09-05] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2020-05-15] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll [2019-06-18] (Panda Security S.L. -> Panda Security, S.L.)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-09-05] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\WINDOWS\system32\StartMenuHelper64.dll [2018-08-18] (Open-Shell) [File not signed]
ContextMenuHandlers6: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll [2019-06-18] (Panda Security S.L. -> Panda Security, S.L.)
 
==================== Codecs (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Drivers32: [msacm.voxacm160] => C:\WINDOWS\system32\vct3216.acm [82944 2003-05-21] (Voxware, Inc.) [File not signed]
HKLM\...\Drivers32: [msacm.scg726] => C:\WINDOWS\system32\scg726.acm [13239 2000-03-14] (SHARP Corporation) [File not signed]
HKLM\...\Drivers32: [msacm.alf2cd] => C:\WINDOWS\system32\alf2cd.acm [38912 2003-05-21] (NCT Company) [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\system32\AC3ACM.acm [81920 2004-02-04] (fccHandler) [File not signed]
HKLM\...\Drivers32: [msacm.lame] => C:\WINDOWS\system32\lame.ax [245760 2005-08-01] () [File not signed]
HKLM\...\Drivers32: [vidc.dvsd] => C:\WINDOWS\system32\mcdvd_32.dll [261632 2003-05-21] (MainConcept) [File not signed]
HKLM\...\Drivers32: [vidc.mpg4] => C:\WINDOWS\system32\mpg4c32.dll [413760 2002-08-20] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.mp42] => C:\WINDOWS\system32\mpg4c32.dll [413760 2002-08-20] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.mp43] => C:\WINDOWS\system32\mpg4c32.dll [413760 2002-08-20] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.xvid] => C:\WINDOWS\system32\xvidvfw.dll [139264 2004-07-03] () [File not signed]
HKLM\...\Drivers32: [vidc.DIVX] => C:\WINDOWS\system32\DivX.dll [638976 2003-05-22] (DivXNetworks, Inc.) [File not signed]
HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.VP62] => C:\WINDOWS\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.LAGS] => C:\WINDOWS\system32\lagarith.dll [216064 2011-12-07] () [File not signed]
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
ShortcutWithArgument: C:\Users\David Jackson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Brave Apps\Secure, Fast & Private Web Browser with Adblocker _ Brave Browser.lnk -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\chrome_proxy.exe (Brave Software, Inc.) ->  --profile-directory=Default --app-id=dnglpbpmfhoikjfpaeipmeobcbnoikhg
ShortcutWithArgument: C:\Users\David Jackson\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\e2f3576b7abb043d\Brave.lnk -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc.) -> --profile-directory=Default
 
==================== Loaded Modules (Whitelisted) =============
 
2019-07-18 11:30 - 2019-07-18 11:30 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 003567616 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2019-10-18 16:48 - 2019-09-05 20:00 - 000076800 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2018-08-18 22:57 - 2018-08-18 22:57 - 003447808 _____ (Open-Shell) [File not signed] C:\Program Files\Open-Shell\StartMenuDLL.dll
2018-08-18 22:57 - 2018-08-18 22:57 - 000301568 _____ (Open-Shell) [File not signed] C:\WINDOWS\system32\StartMenuHelper64.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qgif.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000039424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qicns.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qico.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000413696 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qjpeg.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qsvg.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qtga.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwbmp.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000519168 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwebp.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 001431040 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\platforms\qwindows.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 001180672 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000135680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\styles\qwindowsvistastyle.dll
2020-05-15 15:34 - 2020-05-15 15:34 - 006010880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 006345216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 001078272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000313856 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 004000256 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 003802624 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000171008 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickControls2.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 001083904 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickTemplates2.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000205312 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000329728 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000113152 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000376320 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 092323328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 005560832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000463360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000188416 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 002888704 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000053760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000287232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000329216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000136192 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000089088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000312320 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2019-07-18 11:30 - 2019-07-18 11:30 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2020-05-15 15:34 - 2020-05-15 15:34 - 000085504 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtWebEngine\qtwebengineplugin.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
==================== Safe Mode (Whitelisted) ==================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MB3Service => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MB3Service => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service"
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer trusted/restricted ==========
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\S-1-5-21-2490165305-1638453623-257508744-1001\...\localhost -> localhost
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2016-07-16 12:47 - 2019-10-11 16:40 - 000000855 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1       localhost
 
2019-09-29 20:13 - 2019-09-29 20:13 - 000000440 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2490165305-1638453623-257508744-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
DNS Servers: 10.0.0.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
MSCONFIG\Services: AUEPLauncher => 2
HKLM\...\StartupApproved\Run: => "WindowsDefender"
HKU\S-1-5-21-2490165305-1638453623-257508744-1001\...\StartupApproved\Run: => "OneDrive"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [UDP Query User{FCA55D5D-7C11-43D9-BE5C-AF42F4705963}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{FA87A6B8-3905-474D-8007-7A444EAD1613}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{2B068F4C-AD4C-4CAD-A478-02D7224AB2ED}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C94A512A-482D-4332-843B-29B804F22DBB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{3EBE2972-F1C6-4B63-9055-16A9896B355F}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9B577813-145A-4B2A-974A-581F724B04CF}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1E20A7E5-59B2-42F2-BED9-FB04D19643AE}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3DA20463-FDCA-456A-8F99-4A7721540B47}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{194FEEA0-9365-4201-9F22-1C18DED52A83}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{21A82943-4743-4655-9964-877F56AFD9E9}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{066146B5-2CFD-4617-984F-22B7E8118678}] => (Allow) C:\Users\David Jackson\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{414559B2-6F57-438D-905E-1A3EC88A422C}] => (Allow) C:\Users\David Jackson\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{8A4F0690-60CD-446D-940F-60974758D261}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{699D3121-F424-48C8-981B-878BFD4F9BF0}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D68D24B8-6976-4D6B-9EC5-48FF2EB614FD}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{92B68DB5-5C90-4C99-85FE-59466E4E39F6}] => (Allow) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
 
==================== Restore Points =========================
 
13-08-2020 13:28:57 Scheduled Checkpoint
17-08-2020 10:07:00 Windows Update
26-08-2020 12:08:13 Scheduled Checkpoint
 
==================== Faulty Device Manager Devices ============
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (09/01/2020 10:09:40 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
 
Error: (08/31/2020 02:06:48 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW.  hr = 0x80070006, The handle is invalid.
.
 
 
Operation:
   Executing Asynchronous Operation
 
Context:
   Current State: DoSnapshotSet
 
Error: (08/31/2020 02:05:00 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
 
 
Operation:
   Gathering Writer Data
 
Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {bd3efd4c-19c6-4ab8-9110-28b10c67d912}
 
Error: (08/31/2020 01:25:35 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
 
Error: (08/30/2020 11:43:20 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
 
Error: (08/29/2020 08:26:28 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
 
Error: (08/29/2020 08:23:34 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program RemindersServer.exe version 10.0.18362.997 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: 2660
 
Start Time: 01d67d24d1545757
 
Termination Time: 4294967295
 
Application Path: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
 
Report Id: 024da991-4f4d-413d-b139-a6115259fd98
 
Faulting package full name: Microsoft.Windows.Cortana_1.13.0.18362_neutral_neutral_cw5n1h2txyewy
 
Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1
 
Hang type: Quiesce
 
Error: (08/28/2020 11:13:56 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
 
 
System errors:
=============
Error: (08/29/2020 06:10:38 PM) (Source: DCOM) (EventID: 10010) (User: DAVIDDELL2)
Description: The server microsoft.windowscommunicationsapps_16005.12624.20368.0_x64__8wekyb3d8bbwe!microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca did not register with DCOM within the required timeout.
 
Error: (08/17/2020 10:14:01 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x8024ce0e: Intel Corporation - Display - 27.20.100.7990.
 
Error: (08/17/2020 10:13:39 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (60000 milliseconds) was reached while waiting for a transaction response from the igfxCUIService2.0.0.0 service.
 
Error: (08/17/2020 12:22:29 AM) (Source: DCOM) (EventID: 10010) (User: DAVIDDELL2)
Description: The server Microsoft.Windows.Cortana_1.13.0.18362_neutral_neutral_cw5n1h2txyewy!CortanaUI.AppXrav05394kr2asczrmehhj4x2zas01ft6.mca did not register with DCOM within the required timeout.
 
Error: (08/16/2020 12:10:52 AM) (Source: DCOM) (EventID: 10010) (User: DAVIDDELL2)
Description: The server Microsoft.Windows.Cortana_1.13.0.18362_neutral_neutral_cw5n1h2txyewy!CortanaUI.AppXrav05394kr2asczrmehhj4x2zas01ft6.mca did not register with DCOM within the required timeout.
 
Error: (08/15/2020 09:23:43 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {B91D5831-B1BD-4608-8198-D72E155020F7} did not register with DCOM within the required timeout.
 
Error: (08/15/2020 09:23:11 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Update Orchestrator Service service hung on starting.
 
Error: (08/14/2020 10:36:24 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: The Windows Update service did not shut down properly after receiving a preshutdown control.
 
 
==================== Memory info =========================== 
 
BIOS: Dell Inc. 1.9.0 07/04/2019
Motherboard: Dell Inc. 0RKTGR
Processor: Intel® Core™ i5-8250U CPU @ 1.60GHz
Percentage of memory in use: 73%
Total physical RAM: 3961.07 MB
Available physical RAM: 1053.04 MB
Total Virtual: 7033.07 MB
Available Virtual: 2184.41 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:100 GB) (Free:25.39 GB) NTFS
Drive d: () (Fixed) (Total:272 GB) (Free:245.06 GB) NTFS
Drive e: () (Fixed) (Total:272 GB) (Free:240.99 GB) NTFS
Drive f: () (Fixed) (Total:272.88 GB) (Free:265.95 GB) NTFS
 
\\?\Volume{3f430384-b413-4fd9-8d5a-36680837eb73}\ (WINRETOOLS) (Fixed) (Total:0.97 GB) (Free:0.53 GB) NTFS
\\?\Volume{e34ef38a-3c5e-4b5c-8b7d-6e369a09d72f}\ (Image) (Fixed) (Total:11.76 GB) (Free:0.13 GB) NTFS
\\?\Volume{14ad7310-6585-44c2-acde-6de083ea88c1}\ (DELLSUPPORT) (Fixed) (Total:1.13 GB) (Free:0.05 GB) NTFS
\\?\Volume{7bd86504-d9e3-4a41-a225-36b9f05f67dd}\ (ESP) (Fixed) (Total:0.63 GB) (Free:0.6 GB) FAT32
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 1AFE04F0)
 
Partition: GPT.
 
==================== End of Addition.txt =======================

  • 0

#147
RKinner
Posted 01 September 2020 - 12:19 PM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP

Are you using the keyboard on the laptop or an external wireless keyboard?

 

If external try new batteries.  Remove anything that might be blocking the transmitter or interfering with the line of sight.  Remove possible sources of interference.

 

Otherwise search for

device manager

hit Enter.

 

Click on the arrow in front of Keyboards then right click on the keyboard that shows up and uninstall.  Reboot.


  • 0

#148
daba
Posted 02 September 2020 - 05:16 AM

daba

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 367 posts

Thank you. I'm using the laptop's keyboard. I attach a screenshot of the three (!) items listed. Should I uninstall each one in turn or what do you suggest? Thank you.


  • 0

#149
RKinner
Posted 02 September 2020 - 06:37 AM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP

I would do all three.  If you are just using the laptop's keyboard the other two are not needed.  If you plug in an external USB keyboard or a wireless keyboard, Windows will reinstall it  but until then it is not needed.

 

What does it look like after the reboot?


  • 0

#150
daba
Posted 02 September 2020 - 06:52 AM

daba

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 367 posts

I did all three and rebooted. Couldn't even type 'device manager' into the field. Panicked! Opened geeks on phone. Saw your message. Rebooted again.No change.


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics


Also tagged with one or more of these keywords: windows 10, password login, fake login screen

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP