All other devices in the house have around 75Mbps speds.
My laptop gets between 0.2 and around 5Mbps.
Have run Malwarebytes and Adware Removal Tool but still remains slow.
Not possible to watch streaming video.
Grateful for your help.
Attached notepad files
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:21-02-2016 01
Ran by Nigel (administrator) on NIGEL-PC (10-04-2020 10:47:34)
Running from C:\Users\Nigel\Desktop
Loaded Profiles: Nigel (Available Profiles: Nigel)
Platform: Windows 10 Home Version 1903 (X64) Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
Failed to access process -> Registry
Failed to access process -> Memory Compression
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
() C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
() C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2Service.exe
() C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(CrypKey (Canada) Ltd.) C:\Windows\System32\Crypserv.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Reason Software Company Inc.) C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\SgrmBroker.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\SecurityHealthService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files (x86)\PHotkey\PHotkey.exe
(Reason Software Company Inc.) C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
() C:\Program Files (x86)\PHotkey\Atouch64.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files (x86)\PHotkey\POsd.exe
() C:\Program Files (x86)\PHotkey\GPMTray.exe
() C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
(TODO: <Company name>) C:\Program Files (x86)\PHotkey\HCSynApi.exe
() C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20022.82.0_x64__8wekyb3d8bbwe\YourPhone.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(f.lux Software LLC) C:\Users\Nigel\AppData\Local\FluxSoftware\Flux\flux.exe
(Opera Software) C:\Program Files\Opera\67.0.3575.137\opera.exe
(Opera Software) C:\Program Files\Opera\67.0.3575.137\opera_crashreporter.exe
(Opera Software) C:\Program Files\Opera\67.0.3575.137\opera.exe
(Opera Software) C:\Program Files\Opera\67.0.3575.137\opera.exe
(Opera Software) C:\Program Files\Opera\67.0.3575.137\opera.exe
(Opera Software) C:\Program Files\Opera\67.0.3575.137\opera.exe
(Opera Software) C:\Program Files\Opera\67.0.3575.137\opera.exe
(Opera Software) C:\Program Files\Opera\67.0.3575.137\opera.exe
(Opera Software) C:\Program Files\Opera\67.0.3575.137\opera.exe
(Opera Software) C:\Program Files\Opera\67.0.3575.137\opera.exe
(Opera Software) C:\Program Files\Opera\67.0.3575.137\opera.exe
(Opera Software) C:\Program Files\Opera\67.0.3575.137\opera.exe
() C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20022.82.0_x64__8wekyb3d8bbwe\YourPhoneServer\YourPhoneServer.exe
(Opera Software) C:\Program Files\Opera\67.0.3575.137\opera.exe
(Opera Software) C:\Program Files\Opera\67.0.3575.137\opera.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Opera Software) C:\Program Files\Opera\67.0.3575.137\opera.exe
(Opera Software) C:\Program Files\Opera\67.0.3575.137\opera.exe
(Opera Software) C:\Program Files\Opera\67.0.3575.137\opera.exe
(Opera Software) C:\Program Files\Opera\67.0.3575.137\opera.exe
(Opera Software) C:\Program Files\Opera\67.0.3575.137\opera.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Windows\system32\SecurityHealthSystray.exe [84992 2020-02-13] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170280 2015-06-29] (Apple Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-06-03] (Synaptics Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-01] (Intel Corporation)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-20] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-13] (CyberLink Corp.)
HKLM-x32\...\Run: [YouCam Service] => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [258592 2012-11-27] (CyberLink Corp.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-05-15] (Apple Inc.)
HKLM-x32\...\Run: [Opera Browser Assistant] => C:\Program Files\Opera\assistant\browser_assistant.exe [2774040 2019-12-19] (Opera Software)
HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1
HKU\S-1-5-21-4040141387-3011007431-2631040067-1001\...\Run: [F.lux] => C:\Users\Nigel\AppData\Local\FluxSoftware\Flux\flux.exe [1385480 2019-08-30] (f.lux Software LLC)
HKU\S-1-5-21-4040141387-3011007431-2631040067-1001\...\Run: [AceStream] => C:\Users\Nigel\AppData\Roaming\ACEStream\engine\ace_engine.exe [27960 2018-08-30] (Innovative Digital Technologies)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Nigel\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll [2013-08-27] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Nigel\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll [2013-08-27] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Nigel\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll [2013-08-27] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Nigel\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll [2013-08-27] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Nigel\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll [2013-08-27] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Nigel\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll [2013-08-27] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2017-09-06]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.599\SSScheduler.exe (McAfee, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 194.168.4.100 194.168.8.100
Tcpip\..\Interfaces\{32a5e555-f93c-4cdf-93c2-ca42ebc72347}: [DhcpNameServer] 194.168.4.100 194.168.8.100
Tcpip\..\Interfaces\{66cb41a6-c2e0-4e78-8a4c-ef22656af993}: [DhcpNameServer] 194.168.4.100 194.168.8.100
Internet Explorer:
==================
HKU\S-1-5-21-4040141387-3011007431-2631040067-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll => No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-04-06] (Oracle Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-04-06] (Oracle Corporation)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
FireFox:
========
FF ProfilePath: C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\gv7jttb3.default
FF Homepage: hxxps://www.google.co.uk/?gws_rd=cr
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_344.dll [2020-03-11] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_344.dll [2020-03-11] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-04-06] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-04-06] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-03-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4040141387-3011007431-2631040067-1001: @acestream.net/acestreamplugin,version=2.1.7.2 -> C:\Users\Nigel\AppData\Roaming\ACEStream\player\npace_plugin.dll [2017-01-31] (Innovative Digital Technologies)
FF Plugin HKU\S-1-5-21-4040141387-3011007431-2631040067-1001: @acestream.net/acestreamplugin,version=3.1.2 -> C:\Users\Nigel\AppData\Roaming\ACEStream\player\npace_plugin.dll [2017-01-31] (Innovative Digital Technologies)
FF Extension: No Name - C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\gv7jttb3.default\Extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}.xpi [2019-01-30]
FF Extension: No Name - C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\gv7jttb3.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-06-01]
FF HKU\S-1-5-21-4040141387-3011007431-2631040067-1001\...\Firefox\Extensions: [
[email protected]] - C:\Users\Nigel\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi
FF Extension: No Name - C:\Users\Nigel\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi [2018-11-26]
Chrome:
=======
CHR HomePage: Default -> hxxps://duckduckgo.com/
CHR StartupUrls: Default -> "hxxps://duckduckgo.com/"
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.6.703\_platform_specific\win_x86\widevinecdmadapter.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.149\PepperFlash\pepflashplayer.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.149\pdf.dll => No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll => No File
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.550.14) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll => No File
CHR Plugin: (Java Platform SE 7 U55) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll => No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll => No File
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Ace Stream P2P Multimedia Plug-in) - C:\Users\Nigel\AppData\Roaming\ACEStream\player\npace_plugin.dll (Innovative Digital Technologies)
CHR Profile: C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-09]
CHR Extension: (Google Drive) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-05-30]
CHR Extension: (Google Search) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Adobe Acrobat) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-05-31]
CHR Extension: (Google Docs Offline) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-10-08]
CHR Extension: (Gmail) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-30]
CHR Extension: (Chrome Media Router) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-05-31]
CHR HKU\S-1-5-21-4040141387-3011007431-2631040067-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
Opera:
=======
OPR Extension: (WhatsApp™ Messenger) - C:\Users\Nigel\AppData\Roaming\Opera Software\Opera Stable\Extensions\dldmjnlgpemdnceadnpcfenlhhnlbbnl [2020-04-01]
OPR Extension: (Adblock Plus - free ad blocker) - C:\Users\Nigel\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2020-04-02]
StartMenuInternet: (HKLM) OperaStable - C:\Program Files\Opera\Launcher.exe
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AarSvc; C:\Windows\System32\AarSvc.dll [184832 2020-02-13] (Microsoft Corporation)
S3 AarSvc_b6d02b; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation)
S3 AarSvc_b6d02b; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation)
R2 ACT2_Service; C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2Service.exe [1421216 2011-08-22] ()
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-03-11] (Adobe)
R2 AHDDC2; C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe [1518504 2012-07-30] ()
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
S3 autotimesvc; C:\Windows\System32\autotimesvc.dll [116224 2019-03-19] (Microsoft Corporation)
S3 BcastDVRUserService; C:\Windows\System32\BcastDVRUserService.dll [1392640 2019-03-19] (Microsoft Corporation)
S3 BcastDVRUserService_b6d02b; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation)
S3 BcastDVRUserService_b6d02b; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation)
S3 BluetoothUserService; C:\Windows\System32\Microsoft.Bluetooth.UserService.dll [534528 2020-01-29] (Microsoft Corporation)
S3 BluetoothUserService_b6d02b; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation)
S3 BluetoothUserService_b6d02b; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation)
R2 BrokerInfrastructure; C:\Windows\System32\psmsrv.dll [236544 2020-01-29] (Microsoft Corporation)
R3 BTAGService; C:\Windows\System32\BTAGService.dll [1070080 2020-01-29] (Microsoft Corporation)
R3 BTAGService; C:\WINDOWS\SysWOW64\BTAGService.dll [700416 2020-01-29] (Microsoft Corporation)
R3 BthAvctpSvc; C:\Windows\System32\BthAvctpSvc.dll [382976 2019-03-19] (Microsoft Corporation)
R3 camsvc; C:\Windows\system32\CapabilityAccessManager.dll [344576 2020-01-29] (Microsoft Corporation)
S3 CaptureService; C:\Windows\System32\CaptureService.dll [128000 2019-03-19] (Microsoft Corporation)
S3 CaptureService_b6d02b; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation)
S3 CaptureService_b6d02b; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation)
S3 cbdhsvc; C:\Windows\System32\cbdhsvc.dll [1122816 2020-01-29] (Microsoft Corporation)
R3 cbdhsvc_b6d02b; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation)
R3 cbdhsvc_b6d02b; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation)
S2 CDPUserSvc; C:\Windows\System32\CDPUserSvc.dll [524800 2020-01-29] (Microsoft Corporation)
R2 CDPUserSvc_b6d02b; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation)
R2 CDPUserSvc_b6d02b; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation)
S3 ConsentUxUserSvc; C:\Windows\System32\ConsentUxClient.dll [177152 2019-03-19] (Microsoft Corporation)
S3 ConsentUxUserSvc_b6d02b; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation)
S3 ConsentUxUserSvc_b6d02b; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation)
S3 CredentialEnrollmentManagerUserSvc; C:\Windows\system32\CredentialEnrollmentManager.exe [380120 2019-03-19] (Microsoft Corporation)
S3 CredentialEnrollmentManagerUserSvc_b6d02b; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [380120 2019-03-19] (Microsoft Corporation)
R2 Crypkey License; C:\WINDOWS\system32\crypserv.exe [122880 2008-05-08] (CrypKey (Canada) Ltd.) [File not signed]
R2 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [70952 2011-04-13] (CyberLink)
R2 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [312616 2011-04-13] (CyberLink)
S3 DeviceAssociationBrokerSvc; C:\Windows\System32\deviceaccess.dll [231912 2019-03-19] (Microsoft Corporation)
S3 DeviceAssociationBrokerSvc; C:\WINDOWS\SysWOW64\deviceaccess.dll [185944 2019-03-19] (Microsoft Corporation)
S3 DeviceAssociationBrokerSvc_b6d02b; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation)
S3 DeviceAssociationBrokerSvc_b6d02b; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation)
S3 DevicePickerUserSvc; C:\Windows\System32\Windows.Devices.Picker.dll [465920 2019-03-19] (Microsoft Corporation)
S3 DevicePickerUserSvc; C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll [338432 2019-03-19] (Microsoft Corporation)
S3 DevicePickerUserSvc_b6d02b; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation)
S3 DevicePickerUserSvc_b6d02b; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation)
S3 DevicesFlowUserSvc; C:\Windows\System32\DevicesFlowBroker.dll [649728 2020-01-29] (Microsoft Corporation)
R3 DevicesFlowUserSvc_b6d02b; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation)
R3 DevicesFlowUserSvc_b6d02b; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation)
S3 diagsvc; C:\Windows\system32\DiagSvc.dll [214528 2020-01-29] (Microsoft Corporation)
R2 DispBrokerDesktopSvc; C:\Windows\System32\DispBroker.Desktop.dll [407040 2020-02-13] (Microsoft Corporation)
R3 DisplayEnhancementService; C:\Windows\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll [1190912 2020-03-11] (Microsoft Corporation)
R2 DusmSvc; C:\Windows\System32\dusmsvc.dll [358912 2020-03-11] (Microsoft Corporation)
S3 FrameServer; C:\Windows\system32\FrameServer.dll [749568 2020-02-13] (Microsoft Corporation)
R2 GFNEXSrv; C:\Program Files (x86)\PHotkey\GFNEXSrv.exe [805888 2012-11-29] () [File not signed]
S3 GoogleChromeElevationService; C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.163\elevation_service.exe [1113072 2020-04-02] (Google LLC)
S3 GraphicsPerfSvc; C:\Windows\System32\GraphicsPerfSvc.dll [97792 2019-03-19] (Microsoft Corporation)
S3 HvHost; C:\Windows\System32\hvhostsvc.dll [61240 2020-01-29] (Microsoft Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [337888 2016-05-03] (Intel Corporation)
R3 InstallService; C:\Windows\system32\InstallService.dll [2453504 2020-03-11] (Microsoft Corporation)
R3 InstallService; C:\WINDOWS\SysWOW64\InstallService.dll [1729024 2020-03-11] (Microsoft Corporation)
S3 IpxlatCfgSvc; C:\Windows\System32\IpxlatCfg.dll [64512 2019-03-19] (Microsoft Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
S3 LxpSvc; C:\Windows\System32\LanguageOverlayServer.dll [317952 2019-03-19] (Microsoft Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6960640 2020-01-31] (Malwarebytes)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.599\McCHSvc.exe [404368 2017-08-21] (McAfee, Inc.)
S3 NaturalAuthentication; C:\Windows\System32\NaturalAuth.dll [831488 2019-03-19] (Microsoft Corporation)
S3 perceptionsimulation; C:\Windows\system32\PerceptionSimulation\PerceptionSimulationService.exe [103424 2019-03-19] (Microsoft Corporation)
S3 PrintWorkflowUserSvc; C:\Windows\System32\PrintWorkflowService.dll [178688 2019-03-19] (Microsoft Corporation)
S3 PrintWorkflowUserSvc; C:\WINDOWS\SysWOW64\PrintWorkflowService.dll [141312 2019-03-19] (Microsoft Corporation)
S3 PrintWorkflowUserSvc_b6d02b; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation)
S3 PrintWorkflowUserSvc_b6d02b; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation)
S3 PushToInstall; C:\Windows\system32\PushToInstall.dll [269824 2019-03-19] (Microsoft Corporation)
R3 RmSvc; C:\Windows\System32\RMapi.dll [157184 2020-01-29] (Microsoft Corporation)
R3 SecurityHealthService; C:\Windows\system32\SecurityHealthService.exe [929144 2020-03-11] (Microsoft Corporation)
S3 SEMgrSvc; C:\Windows\system32\SEMgrSvc.dll [1270784 2019-03-19] (Microsoft Corporation)
R2 SgrmBroker; C:\Windows\system32\SgrmBroker.exe [263904 2019-03-19] (Microsoft Corporation)
S3 SharedRealitySvc; C:\Windows\System32\SharedRealitySvc.dll [472576 2020-01-29] (Microsoft Corporation)
S4 shpamsvc; C:\Windows\system32\Windows.SharedPC.AccountManager.dll [239104 2019-03-19] (Microsoft Corporation)
S3 spectrum; C:\Windows\system32\spectrum.exe [986112 2020-01-29] (Microsoft Corporation)
S4 ssh-agent; C:\Windows\System32\OpenSSH\ssh-agent.exe [384512 2019-03-19] ()
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [249032 2015-06-03] (Synaptics Incorporated)
R3 TimeBrokerSvc; C:\Windows\System32\TimeBrokerServer.dll [172032 2019-03-19] (Microsoft Corporation)
R3 TokenBroker; C:\Windows\System32\TokenBroker.dll [1497088 2020-01-29] (Microsoft Corporation)
R3 TokenBroker; C:\WINDOWS\SysWOW64\TokenBroker.dll [1244672 2020-01-29] (Microsoft Corporation)
S3 TroubleshootingSvc; C:\Windows\system32\MitigationClient.dll [394752 2019-03-19] (Microsoft Corporation)
S4 tzautoupdate; C:\WINDOWS\SysWOW64\tzautoupdate.dll [72704 2020-01-29] (Microsoft Corporation)
R2 Unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [297240 2018-04-09] (Reason Software Company Inc.)
R2 UsoSvc; C:\Windows\system32\usosvc.dll [535552 2020-03-11] (Microsoft Corporation)
S3 VacSvc; C:\Windows\System32\vac.dll [422192 2019-03-19] (Microsoft Corporation)
S3 vmicrdv; C:\Windows\System32\icsvcext.dll [311808 2019-03-19] (Microsoft Corporation)
S3 vmicvss; C:\Windows\System32\icsvcext.dll [311808 2019-03-19] (Microsoft Corporation)
S3 WaaSMedicSvc; C:\Windows\System32\WaaSMedicSvc.dll [355840 2020-02-13] (Microsoft Corporation)
S3 WarpJITSvc; C:\Windows\System32\Windows.WARP.JITService.dll [61952 2019-03-19] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation)
S3 WFDSConMgrSvc; C:\Windows\System32\wfdsconmgrsvc.dll [740352 2019-03-19] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation)
S3 wisvc; C:\Windows\system32\flightsettings.dll [893440 2020-01-29] (Microsoft Corporation)
S3 wisvc; C:\WINDOWS\SysWOW64\flightsettings.dll [729088 2020-01-29] (Microsoft Corporation)
S3 wlpasvc; C:\Windows\System32\lpasvc.dll [1390080 2019-03-19] (Microsoft Corporation)
S3 WManSvc; C:\Windows\system32\Windows.Management.Service.dll [878080 2020-03-11] (Microsoft Corporation)
S3 WpcMonSvc; C:\Windows\System32\WpcDesktopMonSvc.dll [2120704 2020-01-29] (Microsoft Corporation)
S2 WpnUserService; C:\Windows\System32\WpnUserService.dll [82432 2019-03-19] (Microsoft Corporation)
R2 WpnUserService_b6d02b; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation)
R2 WpnUserService_b6d02b; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe [495720 2018-07-04] (Wondershare)
S3 XboxGipSvc; C:\Windows\System32\XboxGipSvc.dll [72704 2019-03-19] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AcpiDev; C:\Windows\System32\drivers\AcpiDev.sys [20992 2019-03-19] (Microsoft Corporation)
R2 ACT2PM; C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2ProcessMonitor64.sys [15160 2011-06-10] ()
S3 Acx01000; C:\Windows\System32\drivers\Acx01000.sys [337920 2020-03-11] (Microsoft Corporation)
R1 afunix; C:\Windows\system32\drivers\afunix.sys [40960 2020-03-11] (Microsoft Corporation)
S3 amdgpio2; C:\Windows\System32\drivers\amdgpio2.sys [18432 2019-03-19] (Advanced Micro Devices, Inc)
S3 amdi2c; C:\Windows\System32\drivers\amdi2c.sys [37888 2019-03-19] (Advanced Micro Devices, Inc)
S3 applockerfltr; C:\Windows\System32\drivers\applockerfltr.sys [18432 2020-01-29] (Microsoft Corporation)
S0 b06bdrv; C:\Windows\System32\drivers\bxvbda.sys [534032 2019-03-19] (QLogic Corporation)
R1 bam; C:\Windows\System32\drivers\bam.sys [70456 2019-03-19] (Microsoft Corporation)
R1 BasicDisplay; C:\Windows\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_307898c750ba9e44\BasicDisplay.sys [68096 2020-01-29] (Microsoft Corporation)
R1 BasicRender; C:\Windows\System32\DriverStore\FileRepository\basicrender.inf_amd64_ba2a8de08ea0d469\BasicRender.sys [37888 2020-01-29] (Microsoft Corporation)
R3 bindflt; C:\Windows\system32\drivers\bindflt.sys [117264 2020-02-13] (Microsoft Corporation)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [231936 2020-03-11] (Microsoft Corporation)
S3 BthHFAud; C:\Windows\System32\drivers\BthHfAud.sys [57856 2019-03-19] (Microsoft Corporation)
S3 BthLEEnum; C:\Windows\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [97280 2019-03-19] (Microsoft Corporation)
S3 BthMini; C:\Windows\System32\drivers\BTHMINI.sys [36864 2020-03-11] (Microsoft Corporation)
S0 bttflt; C:\Windows\System32\drivers\bttflt.sys [42808 2019-03-19] (Microsoft Corporation)
R3 CAD; C:\Windows\System32\drivers\CAD.sys [64312 2019-03-19] (Microsoft Corporation)
S0 cht4iscsi; C:\Windows\System32\drivers\cht4sx64.sys [319528 2019-03-19] (Chelsio Communications)
S3 cht4vbd; C:\Windows\System32\drivers\cht4vx64.sys [1866768 2019-03-19] (Chelsio Communications)
R2 CldFlt; C:\Windows\System32\drivers\cldflt.sys [457216 2020-03-11] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 genericusbfn; C:\Windows\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_b9c53b80e63af230\genericusbfn.sys [20992 2020-01-29] (Microsoft Corporation)
S3 hidspi; C:\Windows\System32\drivers\hidspi.sys [64000 2020-01-29] (Microsoft Corporation)
S4 hvcrash; C:\Windows\System32\drivers\hvcrash.sys [32568 2019-03-19] (Microsoft Corporation)
S3 hvservice; C:\Windows\System32\drivers\hvservice.sys [84496 2020-02-13] (Microsoft Corporation)
S3 HwNClx0101; C:\Windows\System32\Drivers\mshwnclx.sys [28672 2019-03-19] (Microsoft Corporation)
S3 iagpio; C:\Windows\System32\drivers\iagpio.sys [36352 2019-03-19] (Intel® Corporation)
S3 iaLPSS2i_GPIO2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys [79360 2019-03-19] (Intel Corporation)
S3 iaLPSS2i_GPIO2_BXT_P; C:\Windows\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [93184 2019-03-19] (Intel Corporation)
S3 iaLPSS2i_GPIO2_CNL; C:\Windows\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [112128 2019-03-19] (Intel Corporation)
S3 iaLPSS2i_GPIO2_GLK; C:\Windows\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [96256 2019-03-19] (Intel Corporation)
S3 iaLPSS2i_I2C_BXT_P; C:\Windows\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [175104 2019-03-19] (Intel Corporation)
S3 iaLPSS2i_I2C_CNL; C:\Windows\System32\drivers\iaLPSS2i_I2C_CNL.sys [180736 2019-03-19] (Intel Corporation)
S3 iaLPSS2i_I2C_GLK; C:\Windows\System32\drivers\iaLPSS2i_I2C_GLK.sys [177664 2019-03-19] (Intel Corporation)
S0 iaStorAVC; C:\Windows\System32\drivers\iaStorAVC.sys [885048 2019-03-19] (Intel Corporation)
S3 IndirectKmd; C:\Windows\System32\drivers\IndirectKmd.sys [46592 2019-03-19] (Microsoft Corporation)
S3 intelpmax; C:\Windows\System32\drivers\intelpmax.sys [28672 2019-03-19] (Microsoft Corporation)
R0 iorate; C:\Windows\System32\drivers\iorate.sys [56632 2019-03-19] (Microsoft Corporation)
S3 IPT; C:\Windows\System32\drivers\ipt.sys [54584 2019-03-19] (Microsoft Corporation)
S0 ItSas35i; C:\Windows\System32\drivers\ItSas35i.sys [148520 2019-03-19] (Avago Technologies)
S3 mausbhost; C:\Windows\System32\drivers\mausbhost.sys [535864 2019-03-19] (Microsoft Corporation)
S3 mausbip; C:\Windows\System32\drivers\mausbip.sys [62264 2019-03-19] (Microsoft Corporation)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [214496 2020-04-09] (Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [20936 2020-01-31] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248968 2020-04-09] (Malwarebytes)
S3 MbbCx; C:\Windows\System32\drivers\MbbCx.sys [359424 2020-01-29] (Microsoft Corporation)
S0 megasas2i; C:\Windows\System32\drivers\MegaSas2i.sys [75280 2019-03-19] (Avago Technologies)
S0 megasas35i; C:\Windows\System32\drivers\megasas35i.sys [94736 2019-03-19] (Avago Technologies)
S3 Microsoft_Bluetooth_AvrcpTransport; C:\Windows\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [64512 2019-03-19] (Microsoft Corporation)
R1 MpKsl637b3027; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{22DB89C5-5B94-410F-8AC8-35F71C92A2F5}\MpKsl637b3027.sys [58120 2020-04-10] (Microsoft Corporation)
S3 NDKPing; C:\Windows\System32\drivers\NDKPing.sys [63488 2019-03-19] (Microsoft Corporation)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [187904 2019-03-19] (Microsoft Corporation)
R3 NETwNe64; C:\Windows\System32\drivers\NETwew01.sys [3343872 2019-03-19] (Intel Corporation)
R1 NetworkX; C:\Windows\system32\ckldrv.sys [28664 2008-03-17] ()
S3 nvdimm; C:\Windows\System32\drivers\nvdimm.sys [158520 2019-03-19] (Microsoft Corporation)
R2 PEGAGFN; C:\Program Files (x86)\PHotkey\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
S0 percsas2i; C:\Windows\System32\drivers\percsas2i.sys [58896 2019-03-19] (Avago Technologies)
S3 PktMon; C:\Windows\System32\drivers\PktMon.sys [96056 2019-03-19] (Microsoft Corporation)
S3 pmem; C:\Windows\System32\drivers\pmem.sys [127800 2019-03-19] (Microsoft Corporation)
S3 portcfg; C:\Windows\System32\drivers\portcfg.sys [25600 2019-03-19] (Microsoft Corporation)
S0 Ramdisk; C:\Windows\System32\DRIVERS\ramdisk.sys [41784 2019-03-19] (Microsoft Corporation)
S3 rhproxy; C:\Windows\System32\drivers\rhproxy.sys [113152 2019-03-19] (Microsoft Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2015-09-11] (Research In Motion Limited)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [662528 2019-03-19] (Realtek )
S0 scmbus; C:\Windows\System32\drivers\scmbus.sys [151352 2019-03-19] (Microsoft Corporation)
S3 SDFRd; C:\Windows\System32\drivers\SDFRd.sys [33592 2019-03-19] (Microsoft Corporation)
R0 SgrmAgent; C:\Windows\System32\drivers\SgrmAgent.sys [89096 2019-03-19] (Microsoft Corporation)
S0 SmartSAMD; C:\Windows\System32\drivers\SmartSAMD.sys [220176 2019-03-19] (Microsemi Corportation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-09-21] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-06-03] (Synaptics Incorporated)
S3 SpatialGraphFilter; C:\Windows\System32\drivers\SpatialGraphFilter.sys [76088 2019-03-19] (Microsoft Corporation)
R3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 tap-tb-0901; C:\Windows\System32\drivers\tap-tb-0901.sys [38656 2018-01-31] (The OpenVPN Project)
S3 UcmTcpciCx0101; C:\Windows\System32\Drivers\UcmTcpciCx.sys [186368 2019-03-19] (Microsoft Corporation)
S3 UcmUcsiAcpiClient; C:\Windows\System32\drivers\UcmUcsiAcpiClient.sys [34816 2019-03-19] (Microsoft Corporation)
S3 UcmUcsiCx0101; C:\Windows\System32\Drivers\UcmUcsiCx.sys [111104 2019-03-19] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\DriverStore\FileRepository\uefi.inf_amd64_4fcaf0fc6eaf7533\UEFI.sys [32568 2020-01-29] (Microsoft Corporation)
S3 UfxChipidea; C:\Windows\System32\DriverStore\FileRepository\ufxchipidea.inf_amd64_624eef84faf426d6\UfxChipidea.sys [108584 2020-01-29] (Microsoft Corporation)
R3 umbus; C:\Windows\System32\DriverStore\FileRepository\umbus.inf_amd64_e566af5dd9858a0e\umbus.sys [57856 2020-01-29] (Microsoft Corporation)
S3 UrsChipidea; C:\Windows\System32\DriverStore\FileRepository\urschipidea.inf_amd64_86da23c455846f41\urschipidea.sys [30224 2020-01-29] (Microsoft Corporation)
S3 UrsSynopsys; C:\Windows\System32\DriverStore\FileRepository\urssynopsys.inf_amd64_7302ce5d1420ed71\urssynopsys.sys [28472 2020-01-29] (Microsoft Corporation)
S3 usbaudio2; C:\Windows\System32\drivers\usbaudio2.sys [257536 2020-01-29] (Microsoft Corporation)
S3 vmgid; C:\Windows\System32\drivers\vmgid.sys [18232 2019-03-19] (Microsoft Corporation)
R0 volume; C:\Windows\System32\drivers\volume.sys [16696 2019-03-19] (Microsoft Corporation)
R2 wcifs; C:\Windows\system32\drivers\wcifs.sys [201744 2020-03-11] (Microsoft Corporation)
S3 wcnfs; C:\Windows\system32\drivers\wcnfs.sys [92672 2019-03-19] (Microsoft Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Corporation)
S3 WdmCompanionFilter; C:\Windows\System32\drivers\WdmCompanionFilter.sys [21816 2019-03-19] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Corporation)
S3 WinNat; C:\Windows\System32\drivers\winnat.sys [250880 2020-03-11] (Microsoft Corporation)
R3 WinQuic; C:\Windows\System32\drivers\winquic.sys [205112 2020-01-29] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
NETSVC: PushToInstall -> C:\Windows\system32\PushToInstall.dll (Microsoft Corporation)
NETSVC: InstallService -> C:\Windows\system32\InstallService.dll (Microsoft Corporation)
NETSVC: TroubleshootingSvc -> C:\Windows\system32\MitigationClient.dll (Microsoft Corporation)
NETSVC: LxpSvc -> C:\Windows\System32\LanguageOverlayServer.dll (Microsoft Corporation)
NETSVC: shpamsvc -> C:\Windows\system32\Windows.SharedPC.AccountManager.dll (Microsoft Corporation)
NETSVC: WManSvc -> C:\Windows\system32\Windows.Management.Service.dll (Microsoft Corporation)
NETSVC: TokenBroker -> C:\Windows\System32\TokenBroker.dll (Microsoft Corporation)
NETSVC: wisvc -> C:\Windows\system32\flightsettings.dll (Microsoft Corporation)
NETSVC: WpnService -> C:\Windows\system32\WpnService.dll (Microsoft Corporation)
NETSVC: XboxGipSvc -> C:\Windows\System32\XboxGipSvc.dll (Microsoft Corporation)
NETSVC: NaturalAuthentication -> C:\Windows\System32\NaturalAuth.dll (Microsoft Corporation)
NETSVCx32: TokenBroker -> C:\Windows\SysWOW64\TokenBroker.dll (Microsoft Corporation)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-04-09 22:10 - 2020-04-09 22:10 - 00248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-04-09 22:10 - 2020-04-09 22:10 - 00214496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-04-09 19:23 - 2020-04-09 19:23 - 00290304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\subinacl.exe
2020-04-09 19:23 - 2020-04-09 19:23 - 00000000 ____D C:\Program Files (x86)\Adware Removal Tool by TSA
2020-04-09 18:47 - 2020-04-09 18:48 - 00000000 ____D C:\Users\Nigel\AppData\Local\BitTorrentHelper
2020-04-09 18:47 - 2020-04-09 18:47 - 00000000 ____D C:\ProgramData\Lavasoft
2020-04-09 18:36 - 2020-04-09 18:37 - 00000000 ____D C:\Users\Nigel\AppData\LocalLow\IObit
2020-04-09 18:36 - 2020-04-09 18:36 - 00000000 ____D C:\ProgramData\ProductData
2020-04-09 18:35 - 2020-04-09 19:09 - 00000000 ____D C:\Program Files (x86)\IObit
2020-04-09 18:35 - 2020-04-09 18:44 - 00000000 ____D C:\Users\Nigel\AppData\Roaming\IObit
2020-04-09 18:35 - 2020-04-09 18:36 - 00000000 ____D C:\ProgramData\IObit
2020-04-07 13:33 - 2020-04-07 13:33 - 00000000 ____D C:\Users\Nigel\Downloads\Cardinal.Series.1.Complete.WEB-DL.XviD.B4ND1T69
2020-04-04 14:45 - 2020-04-04 14:46 - 00000000 ____D C:\Users\Nigel\Downloads\GEORGE ORWELL
2020-04-03 21:18 - 2020-04-03 21:18 - 00000000 ____D C:\Users\Nigel\Downloads\Joseph and the Amazing Technicolour Dreamcoat [1999 PAL DVD][En Subs[Fr.De.Es]
2020-04-03 19:26 - 2020-04-03 20:26 - 00000000 ____D C:\Users\Nigel\Downloads\==Andrew_Lloyd_Webber_-_Joseph_And_The Amazing_Technicolor_Dreamcoat[Musical-VHS-Rip-To-DVD]
2020-03-20 12:54 - 2020-03-20 17:35 - 00000000 ____D C:\Users\Nigel\Downloads\The.English.Game.S01.COMPLETE.1080p.WEB.x264-GHOSTS[TGx]
2020-03-15 17:40 - 2020-03-15 17:40 - 25444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-03-15 17:40 - 2020-03-15 17:40 - 09930552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-03-15 17:40 - 2020-03-15 17:40 - 07604584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-03-15 17:40 - 2020-03-15 17:40 - 06520776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-03-15 17:40 - 2020-03-15 17:40 - 04563416 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-03-15 17:40 - 2020-03-15 17:40 - 01610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-03-15 17:40 - 2020-03-15 17:40 - 01398584 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-03-15 17:40 - 2020-03-15 17:40 - 01077048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-03-15 17:40 - 2020-03-15 17:40 - 00772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2020-03-15 17:40 - 2020-03-15 17:40 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-03-15 17:40 - 2020-03-15 17:40 - 00561464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2020-03-11 23:25 - 2020-03-11 23:25 - 11607552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2020-03-11 23:25 - 2020-03-11 23:25 - 09711616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 25900544 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 22635008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 19850240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 19812352 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 18027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 07755776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 07259648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 05911040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 04855808 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 04580352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 04348408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 04129648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 03819520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 03488768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 03243296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 02956688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-03-11 23:24 - 2020-03-11 23:24 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-03-11 23:24 - 2020-03-11 23:24 - 02494744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 02315680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 02224952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 02180408 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 02072664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 02031104 _____ C:\WINDOWS\system32\rdpnano.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 01867816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 01835128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 01770552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 01555904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 01540096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 01490640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 01417976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 01319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 01284096 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 01282944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 01273856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 01218632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2020-03-11 23:24 - 2020-03-11 23:24 - 01214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 01108040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 01098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 01088000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 01080832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 01012792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 01000960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 00952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 00923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 00883712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 00843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 00835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 00757632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbc32.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 00701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 00669496 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 00668672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 00604160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbc32.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 00510768 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2020-03-11 23:24 - 2020-03-11 23:24 - 00444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 00380416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacEncoder.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacEncoder.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 00183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2020-03-11 23:24 - 2020-03-11 23:24 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 00105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 00105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2020-03-11 23:24 - 2020-03-11 23:24 - 00097080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\udhisapi.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 00042296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2020-03-11 23:24 - 2020-03-11 23:24 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnpcont.exe
2020-03-11 23:24 - 2020-03-11 23:24 - 00032056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2020-03-11 23:24 - 2020-03-11 23:24 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 00019768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
2020-03-11 23:23 - 2020-03-11 23:23 - 06084344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 05764664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 05112832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 05040640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 04538880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 03971808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2020-03-11 23:23 - 2020-03-11 23:23 - 03860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 02875904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 02800640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-03-11 23:23 - 2020-03-11 23:23 - 02773568 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 02740736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directml.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 02584008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 02561536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 02307584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 02305536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 02259872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 02021888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 01985104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 01854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 01835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 01729024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 01697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 01688064 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 01684992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 01665416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 01664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 01647072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 01484600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 01458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 01413632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 01412096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 01283600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2020-03-11 23:23 - 2020-03-11 23:23 - 01264128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpsharercom.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 01190912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 01097728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 01054376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 01031680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 01007672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00980320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00935040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2020-03-11 23:23 - 2020-03-11 23:23 - 00921088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00915296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00898048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00892696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowsperformancerecordercontrol.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00783480 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-03-11 23:23 - 2020-03-11 23:23 - 00776488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00769552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00748032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00734720 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpksetup.exe
2020-03-11 23:23 - 2020-03-11 23:23 - 00732000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00680184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-03-11 23:23 - 2020-03-11 23:23 - 00668296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00627216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00613888 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00551824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxs.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00526848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00518656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00516096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprdim.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00478792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2020-03-11 23:23 - 2020-03-11 23:23 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprdim.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00382976 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-03-11 23:23 - 2020-03-11 23:23 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2020-03-11 23:23 - 2020-03-11 23:23 - 00329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-03-11 23:23 - 2020-03-11 23:23 - 00308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2020-03-11 23:23 - 2020-03-11 23:23 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcomapi.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00251392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00213984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-03-11 23:23 - 2020-03-11 23:23 - 00210744 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndiswan.sys
2020-03-11 23:23 - 2020-03-11 23:23 - 00199480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-03-11 23:23 - 2020-03-11 23:23 - 00193592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2020-03-11 23:23 - 2020-03-11 23:23 - 00181248 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2020-03-11 23:23 - 2020-03-11 23:23 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtm.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeHelper.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00165504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00164776 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtm.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2020-03-11 23:23 - 2020-03-11 23:23 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceUpdateAgent.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAuto.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceMetadataRetrievalClient.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnpclean.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00136328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\omadmapi.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NdisImPlatform.sys
2020-03-11 23:23 - 2020-03-11 23:23 - 00133944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00130112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00120560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2020-03-11 23:23 - 2020-03-11 23:23 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GraphicsCapture.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00105832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2020-03-11 23:23 - 2020-03-11 23:23 - 00102760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profapi.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00089568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3api.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3msm.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpremove.exe
2020-03-11 23:23 - 2020-03-11 23:23 - 00068408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceReactivation.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManMigrationPlugin.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmRes.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstUI.exe
2020-03-11 23:23 - 2020-03-11 23:23 - 00055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmapi.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00042336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbs.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnpcont.exe
2020-03-11 23:23 - 2020-03-11 23:23 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afunix.sys
2020-03-11 23:23 - 2020-03-11 23:23 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmtask.exe
2020-03-11 23:23 - 2020-03-11 23:23 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmprovhost.exe
2020-03-11 23:23 - 2020-03-11 23:23 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2020-03-11 23:23 - 2020-03-11 23:23 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2020-03-11 23:23 - 2020-03-11 23:23 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxstrace.exe
2020-03-11 23:23 - 2020-03-11 23:23 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Drivers\afunix.sys
2020-03-11 23:23 - 2020-03-11 23:23 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAgent.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msauserext.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msauserext.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\MUILanguageCleanup.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\LangCleanupSysprepAction.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmplpxy.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtprio.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchTM.exe
2020-03-11 23:23 - 2020-03-11 23:23 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpksetupproxyserv.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtprio.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00003584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCertResources.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-03-11 23:23 - 2020-03-11 23:23 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-03-11 23:23 - 2020-03-11 23:23 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-03-11 23:23 - 2020-03-11 23:23 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-03-11 23:23 - 2020-03-11 23:23 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-03-11 23:23 - 2020-03-11 23:23 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-03-11 23:23 - 2020-03-11 23:23 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-03-11 23:23 - 2020-03-11 23:23 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-03-11 23:23 - 2020-03-11 23:23 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-03-11 23:23 - 2020-03-11 23:23 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-03-11 23:23 - 2020-03-11 23:23 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-03-11 23:23 - 2020-03-11 23:23 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-03-11 23:22 - 2020-03-11 23:22 - 07905784 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 07263992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 06436352 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 06168064 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 04898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 04471296 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 04140544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 04048896 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 03799552 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 03728896 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-03-11 23:22 - 2020-03-11 23:22 - 03552768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 03371720 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 03263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 03260928 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 02986808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-03-11 23:22 - 2020-03-11 23:22 - 02870272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 02768440 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 02698040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2020-03-11 23:22 - 2020-03-11 23:22 - 02453504 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 02087376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 01999952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 01972536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2020-03-11 23:22 - 2020-03-11 23:22 - 01885184 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 01823232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 01764336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 01757304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-03-11 23:22 - 2020-03-11 23:22 - 01743888 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 01657120 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 01609216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 01513040 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2020-03-11 23:22 - 2020-03-11 23:22 - 01482040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2020-03-11 23:22 - 2020-03-11 23:22 - 01481216 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpsharercom.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 01480192 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-03-11 23:22 - 2020-03-11 23:22 - 01396152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 01394168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 01366128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-03-11 23:22 - 2020-03-11 23:22 - 01354080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 01260480 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 01182448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2020-03-11 23:22 - 2020-03-11 23:22 - 01153024 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowsperformancerecordercontrol.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 01091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 01083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 01071184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2020-03-11 23:22 - 2020-03-11 23:22 - 01032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\refsutil.exe
2020-03-11 23:22 - 2020-03-11 23:22 - 00983896 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00945384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00929144 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2020-03-11 23:22 - 2020-03-11 23:22 - 00916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00908504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00877232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00851968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-03-11 23:22 - 2020-03-11 23:22 - 00845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2020-03-11 23:22 - 2020-03-11 23:22 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00796904 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00741392 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00661816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2020-03-11 23:22 - 2020-03-11 23:22 - 00642216 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00636848 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxs.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00605896 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-03-11 23:22 - 2020-03-11 23:22 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2020-03-11 23:22 - 2020-03-11 23:22 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-03-11 23:22 - 2020-03-11 23:22 - 00535552 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00522384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2020-03-11 23:22 - 2020-03-11 23:22 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-03-11 23:22 - 2020-03-11 23:22 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe
2020-03-11 23:22 - 2020-03-11 23:22 - 00459688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2020-03-11 23:22 - 2020-03-11 23:22 - 00457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2020-03-11 23:22 - 2020-03-11 23:22 - 00457016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2020-03-11 23:22 - 2020-03-11 23:22 - 00448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-03-11 23:22 - 2020-03-11 23:22 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00353960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00320312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00309248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2020-03-11 23:22 - 2020-03-11 23:22 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnservice.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00260920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2020-03-11 23:22 - 2020-03-11 23:22 - 00258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00248064 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-03-11 23:22 - 2020-03-11 23:22 - 00234984 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00221200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-03-11 23:22 - 2020-03-11 23:22 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00201744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2020-03-11 23:22 - 2020-03-11 23:22 - 00177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00146712 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\GraphicsCapture.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00133256 _____ (Microsoft Corporation) C:\WINDOWS\system32\profapi.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00120048 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2020-03-11 23:22 - 2020-03-11 23:22 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Taskbar.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00107832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00098104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys
2020-03-11 23:22 - 2020-03-11 23:22 - 00089616 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00063288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
2020-03-11 23:22 - 2020-03-11 23:22 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2020-03-11 23:22 - 2020-03-11 23:22 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxstrace.exe
2020-03-11 23:22 - 2020-03-11 23:22 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wci.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\pacjsworker.exe
2020-03-11 23:22 - 2020-03-11 23:22 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchTM.exe
2020-03-11 23:22 - 2020-03-11 23:22 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tier2punctuations.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 04622280 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2020-03-11 23:21 - 2020-03-11 23:21 - 03708928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 03587896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-03-11 23:21 - 2020-03-11 23:21 - 03143168 _____ (Microsoft Corporation) C:\WINDOWS\system32\directml.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 02808832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 02715648 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-03-11 23:21 - 2020-03-11 23:21 - 02522112 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 02474496 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 02289152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 02157056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 01762304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 01751040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 01581056 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 01428992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2020-03-11 23:21 - 2020-03-11 23:21 - 01180160 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 01149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-03-11 23:21 - 2020-03-11 23:21 - 01092096 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 01057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 01027000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00914944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00878080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-03-11 23:21 - 2020-03-11 23:21 - 00863232 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00833616 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00802304 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00782848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00649728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00637240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2020-03-11 23:21 - 2020-03-11 23:21 - 00540672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2020-03-11 23:21 - 2020-03-11 23:21 - 00531768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2020-03-11 23:21 - 2020-03-11 23:21 - 00441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-03-11 23:21 - 2020-03-11 23:21 - 00433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountExtension.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00429880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2020-03-11 23:21 - 2020-03-11 23:21 - 00379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00355000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2020-03-11 23:21 - 2020-03-11 23:21 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Acx01000.sys
2020-03-11 23:21 - 2020-03-11 23:21 - 00306696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys
2020-03-11 23:21 - 2020-03-11 23:21 - 00294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountCloudAP.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\netman.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00250896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2020-03-11 23:21 - 2020-03-11 23:21 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2020-03-11 23:21 - 2020-03-11 23:21 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\TetheringMgr.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthA2dp.sys
2020-03-11 23:21 - 2020-03-11 23:21 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00224056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2020-03-11 23:21 - 2020-03-11 23:21 - 00222520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ataport.sys
2020-03-11 23:21 - 2020-03-11 23:21 - 00208696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2020-03-11 23:21 - 2020-03-11 23:21 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00201528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2020-03-11 23:21 - 2020-03-11 23:21 - 00199992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2020-03-11 23:21 - 2020-03-11 23:21 - 00183608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2020-03-11 23:21 - 2020-03-11 23:21 - 00182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00180232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2020-03-11 23:21 - 2020-03-11 23:21 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAuto.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00174392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2020-03-11 23:21 - 2020-03-11 23:21 - 00151568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2020-03-11 23:21 - 2020-03-11 23:21 - 00141840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2020-03-11 23:21 - 2020-03-11 23:21 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\TelephonyInteractiveUser.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00131896 _____ (Microsoft Corporation) C:\WINDOWS\system32\DTUHandler.exe
2020-03-11 23:21 - 2020-03-11 23:21 - 00128312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2020-03-11 23:21 - 2020-03-11 23:21 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2020-03-11 23:21 - 2020-03-11 23:21 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2020-03-11 23:21 - 2020-03-11 23:21 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3msm.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2020-03-11 23:21 - 2020-03-11 23:21 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3api.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2020-03-11 23:21 - 2020-03-11 23:21 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2020-03-11 23:21 - 2020-03-11 23:21 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\monitor.sys
2020-03-11 23:21 - 2020-03-11 23:21 - 00067112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00066336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlrmdr.exe
2020-03-11 23:21 - 2020-03-11 23:21 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmRes.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00056632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pciidex.sys
2020-03-11 23:21 - 2020-03-11 23:21 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAProfileNotificationHandler.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00048256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbs.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmprovhost.exe
2020-03-11 23:21 - 2020-03-11 23:21 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\cellulardatacapabilityhandler.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2020-03-11 23:21 - 2020-03-11 23:21 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthMini.SYS
2020-03-11 23:21 - 2020-03-11 23:21 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAgent.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys
2020-03-11 23:21 - 2020-03-11 23:21 - 00030008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\atapi.sys
2020-03-11 23:21 - 2020-03-11 23:21 - 00029712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tbs.sys
2020-03-11 23:21 - 2020-03-11 23:21 - 00028936 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmbuspipe.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilotdiag.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00019984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelide.sys
2020-03-11 23:21 - 2020-03-11 23:21 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpnotify.exe
2020-03-11 23:21 - 2020-03-11 23:21 - 00016912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pciide.sys
2020-03-11 23:21 - 2020-03-11 23:21 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmplpxy.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCertResources.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\TelephonyInteractiveUserRes.dll
2020-03-11 22:49 - 2020-02-11 05:48 - 00390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-03-11 22:49 - 2020-02-11 05:37 - 00492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-04-10 10:49 - 2016-02-22 20:25 - 00041886 _____ C:\Users\Nigel\Desktop\FRST.txt
2020-04-10 10:47 - 2016-02-22 13:05 - 00000000 ____D C:\FRST
2020-04-10 10:29 - 2019-03-19 05:52 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-04-10 09:40 - 2015-08-26 10:42 - 00000000 __SHD C:\Users\Nigel\IntelGraphicsProfiles
2020-04-10 09:37 - 2020-01-29 13:27 - 00842708 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-04-10 09:37 - 2019-03-19 05:50 - 00000000 ____D C:\WINDOWS\INF
2020-04-10 00:27 - 2019-03-19 05:52 - 00000000 ___HD C:\Program Files\WindowsApps
2020-04-10 00:26 - 2019-03-19 05:52 - 00000000 ____D C:\WINDOWS\AppReadiness
2020-04-10 00:17 - 2020-01-29 13:56 - 00004154 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B36B5B0B-3BFB-42EB-BDEA-CF50958C5376}
2020-04-09 23:14 - 2020-01-29 12:59 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2020-04-09 22:09 - 2020-01-29 13:56 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-04-09 22:08 - 2019-03-19 05:37 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2020-04-09 18:57 - 2013-09-04 13:49 - 00000000 ____D C:\Users\Nigel\AppData\Roaming\uTorrent
2020-04-09 18:47 - 2014-12-28 16:39 - 00000000 ____D C:\ProgramData\Unchecky
2020-04-09 17:28 - 2013-08-27 21:23 - 00000000 ____D C:\Users\Nigel\AppData\Roaming\vlc
2020-04-09 15:46 - 2020-02-02 17:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2020-04-09 15:46 - 2018-05-13 10:26 - 00000000 ____D C:\Program Files\Opera
2020-04-09 15:46 - 2015-11-14 19:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-04-08 21:24 - 2020-01-29 13:56 - 00003944 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1526203677
2020-04-08 21:24 - 2018-05-13 10:28 - 00001111 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera browser.lnk
2020-04-07 08:39 - 2014-12-31 14:56 - 00002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-04-07 08:39 - 2014-12-31 14:56 - 00002264 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-04-06 18:31 - 2018-02-23 21:20 - 00000000 ____D C:\Users\Nigel\AppData\LocalLow\Mozilla
2020-04-06 18:31 - 2016-03-10 20:46 - 00000000 ____D C:\Users\Nigel\AppData\Roaming\.ACEStream
2020-04-06 18:27 - 2015-11-14 19:15 - 00001236 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-04-03 20:34 - 2014-02-18 21:43 - 00000000 ____D C:\Users\Nigel\AppData\Roaming\dvdcss
2020-03-21 00:45 - 2020-02-05 05:59 - 00003326 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore1d5b20961366e42
2020-03-21 00:45 - 2020-01-29 13:56 - 00003420 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2020-03-18 19:34 - 2020-01-29 13:56 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2020-03-18 19:33 - 2016-01-05 11:38 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-03-15 20:23 - 2019-03-19 05:52 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB
2020-03-15 20:23 - 2019-03-19 05:52 - 00000000 ____D C:\WINDOWS\system32\en-GB
2020-03-15 20:23 - 2019-03-19 05:52 - 00000000 ____D C:\WINDOWS\ShellExperiences
2020-03-15 20:23 - 2019-03-19 05:52 - 00000000 ____D C:\WINDOWS\bcastdvr
2020-03-15 17:46 - 2019-03-19 05:37 - 00000000 ____D C:\WINDOWS\CbsTemp
2020-03-12 23:58 - 2013-04-17 10:38 - 00000000 __RHD C:\Users\Public\AccountPictures
2020-03-12 23:57 - 2015-09-16 10:10 - 00000000 ___RD C:\Users\Nigel\3D Objects
2020-03-12 23:55 - 2020-01-29 12:59 - 00454432 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-03-12 23:48 - 2019-03-19 05:52 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2020-03-12 23:48 - 2019-03-19 05:52 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-03-12 23:48 - 2019-03-19 05:52 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2020-03-12 23:48 - 2019-03-19 05:52 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-03-12 23:48 - 2019-03-19 05:52 - 00000000 ____D C:\WINDOWS\SystemResources
2020-03-12 23:48 - 2019-03-19 05:52 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2020-03-12 23:48 - 2019-03-19 05:52 - 00000000 ____D C:\WINDOWS\system32\setup
2020-03-12 23:48 - 2019-03-19 05:52 - 00000000 ____D C:\WINDOWS\system32\oobe
2020-03-12 23:48 - 2019-03-19 05:52 - 00000000 ____D C:\WINDOWS\system32\Dism
2020-03-12 23:48 - 2019-03-19 05:52 - 00000000 ____D C:\Program Files\Windows Defender
2020-03-12 23:48 - 2019-03-19 05:37 - 00000000 ____D C:\WINDOWS\servicing
2020-03-12 09:51 - 2013-08-29 01:11 - 00000000 ____D C:\WINDOWS\system32\MRT
2020-03-11 23:36 - 2013-03-22 18:03 - 121542864 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-03-11 13:53 - 2020-01-29 13:56 - 00004586 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2020-03-11 13:52 - 2019-03-19 05:52 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-03-11 13:52 - 2019-03-19 05:52 - 00000000 ____D C:\WINDOWS\system32\Macromed
2020-03-11 13:30 - 2020-01-29 13:56 - 00004574 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
==================== Files in the root of some directories =======
2014-12-26 21:19 - 2014-12-26 21:19 - 0085130 _____ () C:\Users\Nigel\AppData\Local\ars.cache
2014-12-26 21:19 - 2014-12-26 21:19 - 0135658 _____ () C:\Users\Nigel\AppData\Local\census.cache
2015-07-06 22:43 - 2015-08-21 18:25 - 0005120 _____ () C:\Users\Nigel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-12-26 21:11 - 2014-12-26 21:11 - 0000036 _____ () C:\Users\Nigel\AppData\Local\housecall.guid.cache
2014-12-26 21:16 - 2014-12-26 21:16 - 0000010 _____ () C:\Users\Nigel\AppData\Local\sponge.last.runtime.cache
2014-12-26 19:49 - 2014-12-26 19:49 - 0248096 _____ () C:\ProgramData\1419619243.bdinstall.bin
2014-12-26 21:08 - 2014-12-26 21:08 - 0037670 _____ () C:\ProgramData\1419624472.bdinstall.bin
2014-12-26 21:08 - 2014-12-26 21:08 - 0098176 _____ () C:\ProgramData\1419624488.bdinstall.bin
2017-08-02 11:37 - 2017-08-02 11:37 - 0000000 _____ () C:\ProgramData\DP45977C.lfl
Files to move or delete:
====================
C:\Users\Nigel\mb3-setup-consumer-3.5.1.2522-1.0.365-1.0.5170.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
C:\WINDOWS\system32\codeintegrity\Bootcat.cache IS MISSING <==== ATTENTION
==================== End of FRST.txt ============================Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:21-02-2016 01
Ran by Nigel (administrator) on NIGEL-PC (10-04-2020 10:47:34)
Running from C:\Users\Nigel\Desktop
Loaded Profiles: Nigel (Available Profiles: Nigel)
Platform: Windows 10 Home Version 1903 (X64) Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
Failed to access process -> Registry
Failed to access process -> Memory Compression
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
() C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
() C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2Service.exe
() C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(CrypKey (Canada) Ltd.) C:\Windows\System32\Crypserv.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Reason Software Company Inc.) C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\SgrmBroker.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\SecurityHealthService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files (x86)\PHotkey\PHotkey.exe
(Reason Software Company Inc.) C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
() C:\Program Files (x86)\PHotkey\Atouch64.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files (x86)\PHotkey\POsd.exe
() C:\Program Files (x86)\PHotkey\GPMTray.exe
() C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
(TODO: <Company name>) C:\Program Files (x86)\PHotkey\HCSynApi.exe
() C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20022.82.0_x64__8wekyb3d8bbwe\YourPhone.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(f.lux Software LLC) C:\Users\Nigel\AppData\Local\FluxSoftware\Flux\flux.exe
(Opera Software) C:\Program Files\Opera\67.0.3575.137\opera.exe
(Opera Software) C:\Program Files\Opera\67.0.3575.137\opera_crashreporter.exe
(Opera Software) C:\Program Files\Opera\67.0.3575.137\opera.exe
(Opera Software) C:\Program Files\Opera\67.0.3575.137\opera.exe
(Opera Software) C:\Program Files\Opera\67.0.3575.137\opera.exe
(Opera Software) C:\Program Files\Opera\67.0.3575.137\opera.exe
(Opera Software) C:\Program Files\Opera\67.0.3575.137\opera.exe
(Opera Software) C:\Program Files\Opera\67.0.3575.137\opera.exe
(Opera Software) C:\Program Files\Opera\67.0.3575.137\opera.exe
(Opera Software) C:\Program Files\Opera\67.0.3575.137\opera.exe
(Opera Software) C:\Program Files\Opera\67.0.3575.137\opera.exe
(Opera Software) C:\Program Files\Opera\67.0.3575.137\opera.exe
() C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20022.82.0_x64__8wekyb3d8bbwe\YourPhoneServer\YourPhoneServer.exe
(Opera Software) C:\Program Files\Opera\67.0.3575.137\opera.exe
(Opera Software) C:\Program Files\Opera\67.0.3575.137\opera.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Opera Software) C:\Program Files\Opera\67.0.3575.137\opera.exe
(Opera Software) C:\Program Files\Opera\67.0.3575.137\opera.exe
(Opera Software) C:\Program Files\Opera\67.0.3575.137\opera.exe
(Opera Software) C:\Program Files\Opera\67.0.3575.137\opera.exe
(Opera Software) C:\Program Files\Opera\67.0.3575.137\opera.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Windows\system32\SecurityHealthSystray.exe [84992 2020-02-13] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170280 2015-06-29] (Apple Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-06-03] (Synaptics Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-01] (Intel Corporation)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-20] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-13] (CyberLink Corp.)
HKLM-x32\...\Run: [YouCam Service] => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [258592 2012-11-27] (CyberLink Corp.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-05-15] (Apple Inc.)
HKLM-x32\...\Run: [Opera Browser Assistant] => C:\Program Files\Opera\assistant\browser_assistant.exe [2774040 2019-12-19] (Opera Software)
HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1
HKU\S-1-5-21-4040141387-3011007431-2631040067-1001\...\Run: [F.lux] => C:\Users\Nigel\AppData\Local\FluxSoftware\Flux\flux.exe [1385480 2019-08-30] (f.lux Software LLC)
HKU\S-1-5-21-4040141387-3011007431-2631040067-1001\...\Run: [AceStream] => C:\Users\Nigel\AppData\Roaming\ACEStream\engine\ace_engine.exe [27960 2018-08-30] (Innovative Digital Technologies)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Nigel\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll [2013-08-27] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Nigel\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll [2013-08-27] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Nigel\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll [2013-08-27] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Nigel\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll [2013-08-27] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Nigel\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll [2013-08-27] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Nigel\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll [2013-08-27] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2017-09-06]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.599\SSScheduler.exe (McAfee, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 194.168.4.100 194.168.8.100
Tcpip\..\Interfaces\{32a5e555-f93c-4cdf-93c2-ca42ebc72347}: [DhcpNameServer] 194.168.4.100 194.168.8.100
Tcpip\..\Interfaces\{66cb41a6-c2e0-4e78-8a4c-ef22656af993}: [DhcpNameServer] 194.168.4.100 194.168.8.100
Internet Explorer:
==================
HKU\S-1-5-21-4040141387-3011007431-2631040067-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll => No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-04-06] (Oracle Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-04-06] (Oracle Corporation)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
FireFox:
========
FF ProfilePath: C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\gv7jttb3.default
FF Homepage: hxxps://www.google.co.uk/?gws_rd=cr
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_344.dll [2020-03-11] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_344.dll [2020-03-11] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-04-06] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-04-06] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-03-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4040141387-3011007431-2631040067-1001: @acestream.net/acestreamplugin,version=2.1.7.2 -> C:\Users\Nigel\AppData\Roaming\ACEStream\player\npace_plugin.dll [2017-01-31] (Innovative Digital Technologies)
FF Plugin HKU\S-1-5-21-4040141387-3011007431-2631040067-1001: @acestream.net/acestreamplugin,version=3.1.2 -> C:\Users\Nigel\AppData\Roaming\ACEStream\player\npace_plugin.dll [2017-01-31] (Innovative Digital Technologies)
FF Extension: No Name - C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\gv7jttb3.default\Extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}.xpi [2019-01-30]
FF Extension: No Name - C:\Users\Nigel\AppData\Roaming\Mozilla\Firefox\Profiles\gv7jttb3.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-06-01]
FF HKU\S-1-5-21-4040141387-3011007431-2631040067-1001\...\Firefox\Extensions: [
[email protected]] - C:\Users\Nigel\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi
FF Extension: No Name - C:\Users\Nigel\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi [2018-11-26]
Chrome:
=======
CHR HomePage: Default -> hxxps://duckduckgo.com/
CHR StartupUrls: Default -> "hxxps://duckduckgo.com/"
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.6.703\_platform_specific\win_x86\widevinecdmadapter.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.149\PepperFlash\pepflashplayer.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.149\pdf.dll => No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll => No File
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.550.14) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll => No File
CHR Plugin: (Java Platform SE 7 U55) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll => No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll => No File
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Ace Stream P2P Multimedia Plug-in) - C:\Users\Nigel\AppData\Roaming\ACEStream\player\npace_plugin.dll (Innovative Digital Technologies)
CHR Profile: C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-09]
CHR Extension: (Google Drive) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-05-30]
CHR Extension: (Google Search) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Adobe Acrobat) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-05-31]
CHR Extension: (Google Docs Offline) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-10-08]
CHR Extension: (Gmail) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-30]
CHR Extension: (Chrome Media Router) - C:\Users\Nigel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-05-31]
CHR HKU\S-1-5-21-4040141387-3011007431-2631040067-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
Opera:
=======
OPR Extension: (WhatsApp™ Messenger) - C:\Users\Nigel\AppData\Roaming\Opera Software\Opera Stable\Extensions\dldmjnlgpemdnceadnpcfenlhhnlbbnl [2020-04-01]
OPR Extension: (Adblock Plus - free ad blocker) - C:\Users\Nigel\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2020-04-02]
StartMenuInternet: (HKLM) OperaStable - C:\Program Files\Opera\Launcher.exe
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AarSvc; C:\Windows\System32\AarSvc.dll [184832 2020-02-13] (Microsoft Corporation)
S3 AarSvc_b6d02b; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation)
S3 AarSvc_b6d02b; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation)
R2 ACT2_Service; C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2Service.exe [1421216 2011-08-22] ()
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-03-11] (Adobe)
R2 AHDDC2; C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe [1518504 2012-07-30] ()
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
S3 autotimesvc; C:\Windows\System32\autotimesvc.dll [116224 2019-03-19] (Microsoft Corporation)
S3 BcastDVRUserService; C:\Windows\System32\BcastDVRUserService.dll [1392640 2019-03-19] (Microsoft Corporation)
S3 BcastDVRUserService_b6d02b; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation)
S3 BcastDVRUserService_b6d02b; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation)
S3 BluetoothUserService; C:\Windows\System32\Microsoft.Bluetooth.UserService.dll [534528 2020-01-29] (Microsoft Corporation)
S3 BluetoothUserService_b6d02b; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation)
S3 BluetoothUserService_b6d02b; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation)
R2 BrokerInfrastructure; C:\Windows\System32\psmsrv.dll [236544 2020-01-29] (Microsoft Corporation)
R3 BTAGService; C:\Windows\System32\BTAGService.dll [1070080 2020-01-29] (Microsoft Corporation)
R3 BTAGService; C:\WINDOWS\SysWOW64\BTAGService.dll [700416 2020-01-29] (Microsoft Corporation)
R3 BthAvctpSvc; C:\Windows\System32\BthAvctpSvc.dll [382976 2019-03-19] (Microsoft Corporation)
R3 camsvc; C:\Windows\system32\CapabilityAccessManager.dll [344576 2020-01-29] (Microsoft Corporation)
S3 CaptureService; C:\Windows\System32\CaptureService.dll [128000 2019-03-19] (Microsoft Corporation)
S3 CaptureService_b6d02b; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation)
S3 CaptureService_b6d02b; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation)
S3 cbdhsvc; C:\Windows\System32\cbdhsvc.dll [1122816 2020-01-29] (Microsoft Corporation)
R3 cbdhsvc_b6d02b; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation)
R3 cbdhsvc_b6d02b; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation)
S2 CDPUserSvc; C:\Windows\System32\CDPUserSvc.dll [524800 2020-01-29] (Microsoft Corporation)
R2 CDPUserSvc_b6d02b; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation)
R2 CDPUserSvc_b6d02b; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation)
S3 ConsentUxUserSvc; C:\Windows\System32\ConsentUxClient.dll [177152 2019-03-19] (Microsoft Corporation)
S3 ConsentUxUserSvc_b6d02b; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation)
S3 ConsentUxUserSvc_b6d02b; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation)
S3 CredentialEnrollmentManagerUserSvc; C:\Windows\system32\CredentialEnrollmentManager.exe [380120 2019-03-19] (Microsoft Corporation)
S3 CredentialEnrollmentManagerUserSvc_b6d02b; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [380120 2019-03-19] (Microsoft Corporation)
R2 Crypkey License; C:\WINDOWS\system32\crypserv.exe [122880 2008-05-08] (CrypKey (Canada) Ltd.) [File not signed]
R2 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [70952 2011-04-13] (CyberLink)
R2 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [312616 2011-04-13] (CyberLink)
S3 DeviceAssociationBrokerSvc; C:\Windows\System32\deviceaccess.dll [231912 2019-03-19] (Microsoft Corporation)
S3 DeviceAssociationBrokerSvc; C:\WINDOWS\SysWOW64\deviceaccess.dll [185944 2019-03-19] (Microsoft Corporation)
S3 DeviceAssociationBrokerSvc_b6d02b; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation)
S3 DeviceAssociationBrokerSvc_b6d02b; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation)
S3 DevicePickerUserSvc; C:\Windows\System32\Windows.Devices.Picker.dll [465920 2019-03-19] (Microsoft Corporation)
S3 DevicePickerUserSvc; C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll [338432 2019-03-19] (Microsoft Corporation)
S3 DevicePickerUserSvc_b6d02b; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation)
S3 DevicePickerUserSvc_b6d02b; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation)
S3 DevicesFlowUserSvc; C:\Windows\System32\DevicesFlowBroker.dll [649728 2020-01-29] (Microsoft Corporation)
R3 DevicesFlowUserSvc_b6d02b; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation)
R3 DevicesFlowUserSvc_b6d02b; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation)
S3 diagsvc; C:\Windows\system32\DiagSvc.dll [214528 2020-01-29] (Microsoft Corporation)
R2 DispBrokerDesktopSvc; C:\Windows\System32\DispBroker.Desktop.dll [407040 2020-02-13] (Microsoft Corporation)
R3 DisplayEnhancementService; C:\Windows\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll [1190912 2020-03-11] (Microsoft Corporation)
R2 DusmSvc; C:\Windows\System32\dusmsvc.dll [358912 2020-03-11] (Microsoft Corporation)
S3 FrameServer; C:\Windows\system32\FrameServer.dll [749568 2020-02-13] (Microsoft Corporation)
R2 GFNEXSrv; C:\Program Files (x86)\PHotkey\GFNEXSrv.exe [805888 2012-11-29] () [File not signed]
S3 GoogleChromeElevationService; C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.163\elevation_service.exe [1113072 2020-04-02] (Google LLC)
S3 GraphicsPerfSvc; C:\Windows\System32\GraphicsPerfSvc.dll [97792 2019-03-19] (Microsoft Corporation)
S3 HvHost; C:\Windows\System32\hvhostsvc.dll [61240 2020-01-29] (Microsoft Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [337888 2016-05-03] (Intel Corporation)
R3 InstallService; C:\Windows\system32\InstallService.dll [2453504 2020-03-11] (Microsoft Corporation)
R3 InstallService; C:\WINDOWS\SysWOW64\InstallService.dll [1729024 2020-03-11] (Microsoft Corporation)
S3 IpxlatCfgSvc; C:\Windows\System32\IpxlatCfg.dll [64512 2019-03-19] (Microsoft Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
S3 LxpSvc; C:\Windows\System32\LanguageOverlayServer.dll [317952 2019-03-19] (Microsoft Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6960640 2020-01-31] (Malwarebytes)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.599\McCHSvc.exe [404368 2017-08-21] (McAfee, Inc.)
S3 NaturalAuthentication; C:\Windows\System32\NaturalAuth.dll [831488 2019-03-19] (Microsoft Corporation)
S3 perceptionsimulation; C:\Windows\system32\PerceptionSimulation\PerceptionSimulationService.exe [103424 2019-03-19] (Microsoft Corporation)
S3 PrintWorkflowUserSvc; C:\Windows\System32\PrintWorkflowService.dll [178688 2019-03-19] (Microsoft Corporation)
S3 PrintWorkflowUserSvc; C:\WINDOWS\SysWOW64\PrintWorkflowService.dll [141312 2019-03-19] (Microsoft Corporation)
S3 PrintWorkflowUserSvc_b6d02b; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation)
S3 PrintWorkflowUserSvc_b6d02b; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation)
S3 PushToInstall; C:\Windows\system32\PushToInstall.dll [269824 2019-03-19] (Microsoft Corporation)
R3 RmSvc; C:\Windows\System32\RMapi.dll [157184 2020-01-29] (Microsoft Corporation)
R3 SecurityHealthService; C:\Windows\system32\SecurityHealthService.exe [929144 2020-03-11] (Microsoft Corporation)
S3 SEMgrSvc; C:\Windows\system32\SEMgrSvc.dll [1270784 2019-03-19] (Microsoft Corporation)
R2 SgrmBroker; C:\Windows\system32\SgrmBroker.exe [263904 2019-03-19] (Microsoft Corporation)
S3 SharedRealitySvc; C:\Windows\System32\SharedRealitySvc.dll [472576 2020-01-29] (Microsoft Corporation)
S4 shpamsvc; C:\Windows\system32\Windows.SharedPC.AccountManager.dll [239104 2019-03-19] (Microsoft Corporation)
S3 spectrum; C:\Windows\system32\spectrum.exe [986112 2020-01-29] (Microsoft Corporation)
S4 ssh-agent; C:\Windows\System32\OpenSSH\ssh-agent.exe [384512 2019-03-19] ()
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [249032 2015-06-03] (Synaptics Incorporated)
R3 TimeBrokerSvc; C:\Windows\System32\TimeBrokerServer.dll [172032 2019-03-19] (Microsoft Corporation)
R3 TokenBroker; C:\Windows\System32\TokenBroker.dll [1497088 2020-01-29] (Microsoft Corporation)
R3 TokenBroker; C:\WINDOWS\SysWOW64\TokenBroker.dll [1244672 2020-01-29] (Microsoft Corporation)
S3 TroubleshootingSvc; C:\Windows\system32\MitigationClient.dll [394752 2019-03-19] (Microsoft Corporation)
S4 tzautoupdate; C:\WINDOWS\SysWOW64\tzautoupdate.dll [72704 2020-01-29] (Microsoft Corporation)
R2 Unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [297240 2018-04-09] (Reason Software Company Inc.)
R2 UsoSvc; C:\Windows\system32\usosvc.dll [535552 2020-03-11] (Microsoft Corporation)
S3 VacSvc; C:\Windows\System32\vac.dll [422192 2019-03-19] (Microsoft Corporation)
S3 vmicrdv; C:\Windows\System32\icsvcext.dll [311808 2019-03-19] (Microsoft Corporation)
S3 vmicvss; C:\Windows\System32\icsvcext.dll [311808 2019-03-19] (Microsoft Corporation)
S3 WaaSMedicSvc; C:\Windows\System32\WaaSMedicSvc.dll [355840 2020-02-13] (Microsoft Corporation)
S3 WarpJITSvc; C:\Windows\System32\Windows.WARP.JITService.dll [61952 2019-03-19] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation)
S3 WFDSConMgrSvc; C:\Windows\System32\wfdsconmgrsvc.dll [740352 2019-03-19] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation)
S3 wisvc; C:\Windows\system32\flightsettings.dll [893440 2020-01-29] (Microsoft Corporation)
S3 wisvc; C:\WINDOWS\SysWOW64\flightsettings.dll [729088 2020-01-29] (Microsoft Corporation)
S3 wlpasvc; C:\Windows\System32\lpasvc.dll [1390080 2019-03-19] (Microsoft Corporation)
S3 WManSvc; C:\Windows\system32\Windows.Management.Service.dll [878080 2020-03-11] (Microsoft Corporation)
S3 WpcMonSvc; C:\Windows\System32\WpcDesktopMonSvc.dll [2120704 2020-01-29] (Microsoft Corporation)
S2 WpnUserService; C:\Windows\System32\WpnUserService.dll [82432 2019-03-19] (Microsoft Corporation)
R2 WpnUserService_b6d02b; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Corporation)
R2 WpnUserService_b6d02b; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe [495720 2018-07-04] (Wondershare)
S3 XboxGipSvc; C:\Windows\System32\XboxGipSvc.dll [72704 2019-03-19] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AcpiDev; C:\Windows\System32\drivers\AcpiDev.sys [20992 2019-03-19] (Microsoft Corporation)
R2 ACT2PM; C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2ProcessMonitor64.sys [15160 2011-06-10] ()
S3 Acx01000; C:\Windows\System32\drivers\Acx01000.sys [337920 2020-03-11] (Microsoft Corporation)
R1 afunix; C:\Windows\system32\drivers\afunix.sys [40960 2020-03-11] (Microsoft Corporation)
S3 amdgpio2; C:\Windows\System32\drivers\amdgpio2.sys [18432 2019-03-19] (Advanced Micro Devices, Inc)
S3 amdi2c; C:\Windows\System32\drivers\amdi2c.sys [37888 2019-03-19] (Advanced Micro Devices, Inc)
S3 applockerfltr; C:\Windows\System32\drivers\applockerfltr.sys [18432 2020-01-29] (Microsoft Corporation)
S0 b06bdrv; C:\Windows\System32\drivers\bxvbda.sys [534032 2019-03-19] (QLogic Corporation)
R1 bam; C:\Windows\System32\drivers\bam.sys [70456 2019-03-19] (Microsoft Corporation)
R1 BasicDisplay; C:\Windows\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_307898c750ba9e44\BasicDisplay.sys [68096 2020-01-29] (Microsoft Corporation)
R1 BasicRender; C:\Windows\System32\DriverStore\FileRepository\basicrender.inf_amd64_ba2a8de08ea0d469\BasicRender.sys [37888 2020-01-29] (Microsoft Corporation)
R3 bindflt; C:\Windows\system32\drivers\bindflt.sys [117264 2020-02-13] (Microsoft Corporation)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [231936 2020-03-11] (Microsoft Corporation)
S3 BthHFAud; C:\Windows\System32\drivers\BthHfAud.sys [57856 2019-03-19] (Microsoft Corporation)
S3 BthLEEnum; C:\Windows\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [97280 2019-03-19] (Microsoft Corporation)
S3 BthMini; C:\Windows\System32\drivers\BTHMINI.sys [36864 2020-03-11] (Microsoft Corporation)
S0 bttflt; C:\Windows\System32\drivers\bttflt.sys [42808 2019-03-19] (Microsoft Corporation)
R3 CAD; C:\Windows\System32\drivers\CAD.sys [64312 2019-03-19] (Microsoft Corporation)
S0 cht4iscsi; C:\Windows\System32\drivers\cht4sx64.sys [319528 2019-03-19] (Chelsio Communications)
S3 cht4vbd; C:\Windows\System32\drivers\cht4vx64.sys [1866768 2019-03-19] (Chelsio Communications)
R2 CldFlt; C:\Windows\System32\drivers\cldflt.sys [457216 2020-03-11] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 genericusbfn; C:\Windows\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_b9c53b80e63af230\genericusbfn.sys [20992 2020-01-29] (Microsoft Corporation)
S3 hidspi; C:\Windows\System32\drivers\hidspi.sys [64000 2020-01-29] (Microsoft Corporation)
S4 hvcrash; C:\Windows\System32\drivers\hvcrash.sys [32568 2019-03-19] (Microsoft Corporation)
S3 hvservice; C:\Windows\System32\drivers\hvservice.sys [84496 2020-02-13] (Microsoft Corporation)
S3 HwNClx0101; C:\Windows\System32\Drivers\mshwnclx.sys [28672 2019-03-19] (Microsoft Corporation)
S3 iagpio; C:\Windows\System32\drivers\iagpio.sys [36352 2019-03-19] (Intel® Corporation)
S3 iaLPSS2i_GPIO2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys [79360 2019-03-19] (Intel Corporation)
S3 iaLPSS2i_GPIO2_BXT_P; C:\Windows\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [93184 2019-03-19] (Intel Corporation)
S3 iaLPSS2i_GPIO2_CNL; C:\Windows\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [112128 2019-03-19] (Intel Corporation)
S3 iaLPSS2i_GPIO2_GLK; C:\Windows\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [96256 2019-03-19] (Intel Corporation)
S3 iaLPSS2i_I2C_BXT_P; C:\Windows\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [175104 2019-03-19] (Intel Corporation)
S3 iaLPSS2i_I2C_CNL; C:\Windows\System32\drivers\iaLPSS2i_I2C_CNL.sys [180736 2019-03-19] (Intel Corporation)
S3 iaLPSS2i_I2C_GLK; C:\Windows\System32\drivers\iaLPSS2i_I2C_GLK.sys [177664 2019-03-19] (Intel Corporation)
S0 iaStorAVC; C:\Windows\System32\drivers\iaStorAVC.sys [885048 2019-03-19] (Intel Corporation)
S3 IndirectKmd; C:\Windows\System32\drivers\IndirectKmd.sys [46592 2019-03-19] (Microsoft Corporation)
S3 intelpmax; C:\Windows\System32\drivers\intelpmax.sys [28672 2019-03-19] (Microsoft Corporation)
R0 iorate; C:\Windows\System32\drivers\iorate.sys [56632 2019-03-19] (Microsoft Corporation)
S3 IPT; C:\Windows\System32\drivers\ipt.sys [54584 2019-03-19] (Microsoft Corporation)
S0 ItSas35i; C:\Windows\System32\drivers\ItSas35i.sys [148520 2019-03-19] (Avago Technologies)
S3 mausbhost; C:\Windows\System32\drivers\mausbhost.sys [535864 2019-03-19] (Microsoft Corporation)
S3 mausbip; C:\Windows\System32\drivers\mausbip.sys [62264 2019-03-19] (Microsoft Corporation)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [214496 2020-04-09] (Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [20936 2020-01-31] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248968 2020-04-09] (Malwarebytes)
S3 MbbCx; C:\Windows\System32\drivers\MbbCx.sys [359424 2020-01-29] (Microsoft Corporation)
S0 megasas2i; C:\Windows\System32\drivers\MegaSas2i.sys [75280 2019-03-19] (Avago Technologies)
S0 megasas35i; C:\Windows\System32\drivers\megasas35i.sys [94736 2019-03-19] (Avago Technologies)
S3 Microsoft_Bluetooth_AvrcpTransport; C:\Windows\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [64512 2019-03-19] (Microsoft Corporation)
R1 MpKsl637b3027; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{22DB89C5-5B94-410F-8AC8-35F71C92A2F5}\MpKsl637b3027.sys [58120 2020-04-10] (Microsoft Corporation)
S3 NDKPing; C:\Windows\System32\drivers\NDKPing.sys [63488 2019-03-19] (Microsoft Corporation)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [187904 2019-03-19] (Microsoft Corporation)
R3 NETwNe64; C:\Windows\System32\drivers\NETwew01.sys [3343872 2019-03-19] (Intel Corporation)
R1 NetworkX; C:\Windows\system32\ckldrv.sys [28664 2008-03-17] ()
S3 nvdimm; C:\Windows\System32\drivers\nvdimm.sys [158520 2019-03-19] (Microsoft Corporation)
R2 PEGAGFN; C:\Program Files (x86)\PHotkey\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
S0 percsas2i; C:\Windows\System32\drivers\percsas2i.sys [58896 2019-03-19] (Avago Technologies)
S3 PktMon; C:\Windows\System32\drivers\PktMon.sys [96056 2019-03-19] (Microsoft Corporation)
S3 pmem; C:\Windows\System32\drivers\pmem.sys [127800 2019-03-19] (Microsoft Corporation)
S3 portcfg; C:\Windows\System32\drivers\portcfg.sys [25600 2019-03-19] (Microsoft Corporation)
S0 Ramdisk; C:\Windows\System32\DRIVERS\ramdisk.sys [41784 2019-03-19] (Microsoft Corporation)
S3 rhproxy; C:\Windows\System32\drivers\rhproxy.sys [113152 2019-03-19] (Microsoft Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2015-09-11] (Research In Motion Limited)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [662528 2019-03-19] (Realtek )
S0 scmbus; C:\Windows\System32\drivers\scmbus.sys [151352 2019-03-19] (Microsoft Corporation)
S3 SDFRd; C:\Windows\System32\drivers\SDFRd.sys [33592 2019-03-19] (Microsoft Corporation)
R0 SgrmAgent; C:\Windows\System32\drivers\SgrmAgent.sys [89096 2019-03-19] (Microsoft Corporation)
S0 SmartSAMD; C:\Windows\System32\drivers\SmartSAMD.sys [220176 2019-03-19] (Microsemi Corportation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-09-21] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-06-03] (Synaptics Incorporated)
S3 SpatialGraphFilter; C:\Windows\System32\drivers\SpatialGraphFilter.sys [76088 2019-03-19] (Microsoft Corporation)
R3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 tap-tb-0901; C:\Windows\System32\drivers\tap-tb-0901.sys [38656 2018-01-31] (The OpenVPN Project)
S3 UcmTcpciCx0101; C:\Windows\System32\Drivers\UcmTcpciCx.sys [186368 2019-03-19] (Microsoft Corporation)
S3 UcmUcsiAcpiClient; C:\Windows\System32\drivers\UcmUcsiAcpiClient.sys [34816 2019-03-19] (Microsoft Corporation)
S3 UcmUcsiCx0101; C:\Windows\System32\Drivers\UcmUcsiCx.sys [111104 2019-03-19] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\DriverStore\FileRepository\uefi.inf_amd64_4fcaf0fc6eaf7533\UEFI.sys [32568 2020-01-29] (Microsoft Corporation)
S3 UfxChipidea; C:\Windows\System32\DriverStore\FileRepository\ufxchipidea.inf_amd64_624eef84faf426d6\UfxChipidea.sys [108584 2020-01-29] (Microsoft Corporation)
R3 umbus; C:\Windows\System32\DriverStore\FileRepository\umbus.inf_amd64_e566af5dd9858a0e\umbus.sys [57856 2020-01-29] (Microsoft Corporation)
S3 UrsChipidea; C:\Windows\System32\DriverStore\FileRepository\urschipidea.inf_amd64_86da23c455846f41\urschipidea.sys [30224 2020-01-29] (Microsoft Corporation)
S3 UrsSynopsys; C:\Windows\System32\DriverStore\FileRepository\urssynopsys.inf_amd64_7302ce5d1420ed71\urssynopsys.sys [28472 2020-01-29] (Microsoft Corporation)
S3 usbaudio2; C:\Windows\System32\drivers\usbaudio2.sys [257536 2020-01-29] (Microsoft Corporation)
S3 vmgid; C:\Windows\System32\drivers\vmgid.sys [18232 2019-03-19] (Microsoft Corporation)
R0 volume; C:\Windows\System32\drivers\volume.sys [16696 2019-03-19] (Microsoft Corporation)
R2 wcifs; C:\Windows\system32\drivers\wcifs.sys [201744 2020-03-11] (Microsoft Corporation)
S3 wcnfs; C:\Windows\system32\drivers\wcnfs.sys [92672 2019-03-19] (Microsoft Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Corporation)
S3 WdmCompanionFilter; C:\Windows\System32\drivers\WdmCompanionFilter.sys [21816 2019-03-19] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Corporation)
S3 WinNat; C:\Windows\System32\drivers\winnat.sys [250880 2020-03-11] (Microsoft Corporation)
R3 WinQuic; C:\Windows\System32\drivers\winquic.sys [205112 2020-01-29] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
NETSVC: PushToInstall -> C:\Windows\system32\PushToInstall.dll (Microsoft Corporation)
NETSVC: InstallService -> C:\Windows\system32\InstallService.dll (Microsoft Corporation)
NETSVC: TroubleshootingSvc -> C:\Windows\system32\MitigationClient.dll (Microsoft Corporation)
NETSVC: LxpSvc -> C:\Windows\System32\LanguageOverlayServer.dll (Microsoft Corporation)
NETSVC: shpamsvc -> C:\Windows\system32\Windows.SharedPC.AccountManager.dll (Microsoft Corporation)
NETSVC: WManSvc -> C:\Windows\system32\Windows.Management.Service.dll (Microsoft Corporation)
NETSVC: TokenBroker -> C:\Windows\System32\TokenBroker.dll (Microsoft Corporation)
NETSVC: wisvc -> C:\Windows\system32\flightsettings.dll (Microsoft Corporation)
NETSVC: WpnService -> C:\Windows\system32\WpnService.dll (Microsoft Corporation)
NETSVC: XboxGipSvc -> C:\Windows\System32\XboxGipSvc.dll (Microsoft Corporation)
NETSVC: NaturalAuthentication -> C:\Windows\System32\NaturalAuth.dll (Microsoft Corporation)
NETSVCx32: TokenBroker -> C:\Windows\SysWOW64\TokenBroker.dll (Microsoft Corporation)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-04-09 22:10 - 2020-04-09 22:10 - 00248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-04-09 22:10 - 2020-04-09 22:10 - 00214496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-04-09 19:23 - 2020-04-09 19:23 - 00290304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\subinacl.exe
2020-04-09 19:23 - 2020-04-09 19:23 - 00000000 ____D C:\Program Files (x86)\Adware Removal Tool by TSA
2020-04-09 18:47 - 2020-04-09 18:48 - 00000000 ____D C:\Users\Nigel\AppData\Local\BitTorrentHelper
2020-04-09 18:47 - 2020-04-09 18:47 - 00000000 ____D C:\ProgramData\Lavasoft
2020-04-09 18:36 - 2020-04-09 18:37 - 00000000 ____D C:\Users\Nigel\AppData\LocalLow\IObit
2020-04-09 18:36 - 2020-04-09 18:36 - 00000000 ____D C:\ProgramData\ProductData
2020-04-09 18:35 - 2020-04-09 19:09 - 00000000 ____D C:\Program Files (x86)\IObit
2020-04-09 18:35 - 2020-04-09 18:44 - 00000000 ____D C:\Users\Nigel\AppData\Roaming\IObit
2020-04-09 18:35 - 2020-04-09 18:36 - 00000000 ____D C:\ProgramData\IObit
2020-04-07 13:33 - 2020-04-07 13:33 - 00000000 ____D C:\Users\Nigel\Downloads\Cardinal.Series.1.Complete.WEB-DL.XviD.B4ND1T69
2020-04-04 14:45 - 2020-04-04 14:46 - 00000000 ____D C:\Users\Nigel\Downloads\GEORGE ORWELL
2020-04-03 21:18 - 2020-04-03 21:18 - 00000000 ____D C:\Users\Nigel\Downloads\Joseph and the Amazing Technicolour Dreamcoat [1999 PAL DVD][En Subs[Fr.De.Es]
2020-04-03 19:26 - 2020-04-03 20:26 - 00000000 ____D C:\Users\Nigel\Downloads\==Andrew_Lloyd_Webber_-_Joseph_And_The Amazing_Technicolor_Dreamcoat[Musical-VHS-Rip-To-DVD]
2020-03-20 12:54 - 2020-03-20 17:35 - 00000000 ____D C:\Users\Nigel\Downloads\The.English.Game.S01.COMPLETE.1080p.WEB.x264-GHOSTS[TGx]
2020-03-15 17:40 - 2020-03-15 17:40 - 25444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-03-15 17:40 - 2020-03-15 17:40 - 09930552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-03-15 17:40 - 2020-03-15 17:40 - 07604584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-03-15 17:40 - 2020-03-15 17:40 - 06520776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-03-15 17:40 - 2020-03-15 17:40 - 04563416 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-03-15 17:40 - 2020-03-15 17:40 - 01610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-03-15 17:40 - 2020-03-15 17:40 - 01398584 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-03-15 17:40 - 2020-03-15 17:40 - 01077048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-03-15 17:40 - 2020-03-15 17:40 - 00772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2020-03-15 17:40 - 2020-03-15 17:40 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-03-15 17:40 - 2020-03-15 17:40 - 00561464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2020-03-11 23:25 - 2020-03-11 23:25 - 11607552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2020-03-11 23:25 - 2020-03-11 23:25 - 09711616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 25900544 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 22635008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 19850240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 19812352 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 18027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 07755776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 07259648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 05911040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 04855808 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 04580352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 04348408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 04129648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 03819520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 03488768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 03243296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 02956688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-03-11 23:24 - 2020-03-11 23:24 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-03-11 23:24 - 2020-03-11 23:24 - 02494744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 02315680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 02224952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 02180408 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 02072664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 02031104 _____ C:\WINDOWS\system32\rdpnano.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 01867816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 01835128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 01770552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 01555904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 01540096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 01490640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 01417976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 01319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 01284096 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 01282944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 01273856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 01218632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2020-03-11 23:24 - 2020-03-11 23:24 - 01214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 01108040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 01098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 01088000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 01080832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 01012792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 01000960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 00952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 00923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 00883712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 00843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 00835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 00757632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbc32.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 00701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 00669496 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 00668672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 00604160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbc32.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 00510768 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2020-03-11 23:24 - 2020-03-11 23:24 - 00444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 00380416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacEncoder.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacEncoder.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 00183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2020-03-11 23:24 - 2020-03-11 23:24 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 00105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 00105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2020-03-11 23:24 - 2020-03-11 23:24 - 00097080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\udhisapi.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 00042296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2020-03-11 23:24 - 2020-03-11 23:24 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnpcont.exe
2020-03-11 23:24 - 2020-03-11 23:24 - 00032056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2020-03-11 23:24 - 2020-03-11 23:24 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-03-11 23:24 - 2020-03-11 23:24 - 00019768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
2020-03-11 23:23 - 2020-03-11 23:23 - 06084344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 05764664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 05112832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 05040640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 04538880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 03971808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2020-03-11 23:23 - 2020-03-11 23:23 - 03860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 02875904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 02800640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-03-11 23:23 - 2020-03-11 23:23 - 02773568 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 02740736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directml.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 02584008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 02561536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 02307584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 02305536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 02259872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 02021888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 01985104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 01854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 01835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 01729024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 01697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 01688064 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 01684992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 01665416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 01664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 01647072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 01484600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 01458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 01413632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 01412096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 01283600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2020-03-11 23:23 - 2020-03-11 23:23 - 01264128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpsharercom.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 01190912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 01097728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 01054376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 01031680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 01007672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00980320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00935040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2020-03-11 23:23 - 2020-03-11 23:23 - 00921088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00915296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00898048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00892696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowsperformancerecordercontrol.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00783480 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-03-11 23:23 - 2020-03-11 23:23 - 00776488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00769552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00748032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00734720 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpksetup.exe
2020-03-11 23:23 - 2020-03-11 23:23 - 00732000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00680184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-03-11 23:23 - 2020-03-11 23:23 - 00668296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00627216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00613888 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00551824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxs.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00526848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00518656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00516096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprdim.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00478792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2020-03-11 23:23 - 2020-03-11 23:23 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprdim.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00382976 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-03-11 23:23 - 2020-03-11 23:23 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2020-03-11 23:23 - 2020-03-11 23:23 - 00329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-03-11 23:23 - 2020-03-11 23:23 - 00308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2020-03-11 23:23 - 2020-03-11 23:23 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcomapi.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00251392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00213984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-03-11 23:23 - 2020-03-11 23:23 - 00210744 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndiswan.sys
2020-03-11 23:23 - 2020-03-11 23:23 - 00199480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-03-11 23:23 - 2020-03-11 23:23 - 00193592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2020-03-11 23:23 - 2020-03-11 23:23 - 00181248 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2020-03-11 23:23 - 2020-03-11 23:23 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtm.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeHelper.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00165504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00164776 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtm.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2020-03-11 23:23 - 2020-03-11 23:23 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceUpdateAgent.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAuto.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceMetadataRetrievalClient.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnpclean.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00136328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\omadmapi.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NdisImPlatform.sys
2020-03-11 23:23 - 2020-03-11 23:23 - 00133944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00130112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00120560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2020-03-11 23:23 - 2020-03-11 23:23 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GraphicsCapture.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00105832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2020-03-11 23:23 - 2020-03-11 23:23 - 00102760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profapi.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00089568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3api.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3msm.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpremove.exe
2020-03-11 23:23 - 2020-03-11 23:23 - 00068408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceReactivation.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManMigrationPlugin.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmRes.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstUI.exe
2020-03-11 23:23 - 2020-03-11 23:23 - 00055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmapi.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00042336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbs.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnpcont.exe
2020-03-11 23:23 - 2020-03-11 23:23 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afunix.sys
2020-03-11 23:23 - 2020-03-11 23:23 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmtask.exe
2020-03-11 23:23 - 2020-03-11 23:23 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmprovhost.exe
2020-03-11 23:23 - 2020-03-11 23:23 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2020-03-11 23:23 - 2020-03-11 23:23 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2020-03-11 23:23 - 2020-03-11 23:23 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxstrace.exe
2020-03-11 23:23 - 2020-03-11 23:23 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Drivers\afunix.sys
2020-03-11 23:23 - 2020-03-11 23:23 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAgent.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msauserext.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msauserext.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\MUILanguageCleanup.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\LangCleanupSysprepAction.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmplpxy.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtprio.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchTM.exe
2020-03-11 23:23 - 2020-03-11 23:23 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpksetupproxyserv.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtprio.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00003584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCertResources.dll
2020-03-11 23:23 - 2020-03-11 23:23 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-03-11 23:23 - 2020-03-11 23:23 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-03-11 23:23 - 2020-03-11 23:23 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-03-11 23:23 - 2020-03-11 23:23 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-03-11 23:23 - 2020-03-11 23:23 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-03-11 23:23 - 2020-03-11 23:23 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-03-11 23:23 - 2020-03-11 23:23 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-03-11 23:23 - 2020-03-11 23:23 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-03-11 23:23 - 2020-03-11 23:23 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-03-11 23:23 - 2020-03-11 23:23 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-03-11 23:23 - 2020-03-11 23:23 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-03-11 23:23 - 2020-03-11 23:23 - 00000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-03-11 23:22 - 2020-03-11 23:22 - 07905784 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 07263992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 06436352 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 06168064 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 04898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 04471296 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 04140544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 04048896 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 03799552 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 03728896 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-03-11 23:22 - 2020-03-11 23:22 - 03552768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 03371720 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 03263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 03260928 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 02986808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-03-11 23:22 - 2020-03-11 23:22 - 02870272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 02768440 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 02698040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2020-03-11 23:22 - 2020-03-11 23:22 - 02453504 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 02087376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 01999952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 01972536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2020-03-11 23:22 - 2020-03-11 23:22 - 01885184 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 01823232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 01764336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 01757304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-03-11 23:22 - 2020-03-11 23:22 - 01743888 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 01657120 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 01609216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 01513040 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2020-03-11 23:22 - 2020-03-11 23:22 - 01482040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2020-03-11 23:22 - 2020-03-11 23:22 - 01481216 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpsharercom.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 01480192 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-03-11 23:22 - 2020-03-11 23:22 - 01396152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 01394168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 01366128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-03-11 23:22 - 2020-03-11 23:22 - 01354080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 01260480 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 01182448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2020-03-11 23:22 - 2020-03-11 23:22 - 01153024 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowsperformancerecordercontrol.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 01091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 01083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 01071184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2020-03-11 23:22 - 2020-03-11 23:22 - 01032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\refsutil.exe
2020-03-11 23:22 - 2020-03-11 23:22 - 00983896 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00945384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00929144 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2020-03-11 23:22 - 2020-03-11 23:22 - 00916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00908504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00877232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00851968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-03-11 23:22 - 2020-03-11 23:22 - 00845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2020-03-11 23:22 - 2020-03-11 23:22 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00796904 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00741392 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00661816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2020-03-11 23:22 - 2020-03-11 23:22 - 00642216 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00636848 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxs.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00605896 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-03-11 23:22 - 2020-03-11 23:22 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2020-03-11 23:22 - 2020-03-11 23:22 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-03-11 23:22 - 2020-03-11 23:22 - 00535552 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00522384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2020-03-11 23:22 - 2020-03-11 23:22 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-03-11 23:22 - 2020-03-11 23:22 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe
2020-03-11 23:22 - 2020-03-11 23:22 - 00459688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2020-03-11 23:22 - 2020-03-11 23:22 - 00457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2020-03-11 23:22 - 2020-03-11 23:22 - 00457016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2020-03-11 23:22 - 2020-03-11 23:22 - 00448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-03-11 23:22 - 2020-03-11 23:22 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00353960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00320312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00309248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2020-03-11 23:22 - 2020-03-11 23:22 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnservice.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00260920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2020-03-11 23:22 - 2020-03-11 23:22 - 00258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00248064 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-03-11 23:22 - 2020-03-11 23:22 - 00234984 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00221200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-03-11 23:22 - 2020-03-11 23:22 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00201744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2020-03-11 23:22 - 2020-03-11 23:22 - 00177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00146712 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\GraphicsCapture.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00133256 _____ (Microsoft Corporation) C:\WINDOWS\system32\profapi.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00120048 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2020-03-11 23:22 - 2020-03-11 23:22 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Taskbar.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00107832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00098104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys
2020-03-11 23:22 - 2020-03-11 23:22 - 00089616 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00063288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
2020-03-11 23:22 - 2020-03-11 23:22 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2020-03-11 23:22 - 2020-03-11 23:22 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxstrace.exe
2020-03-11 23:22 - 2020-03-11 23:22 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wci.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\pacjsworker.exe
2020-03-11 23:22 - 2020-03-11 23:22 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchTM.exe
2020-03-11 23:22 - 2020-03-11 23:22 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tier2punctuations.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 04622280 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2020-03-11 23:21 - 2020-03-11 23:21 - 03708928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 03587896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-03-11 23:21 - 2020-03-11 23:21 - 03143168 _____ (Microsoft Corporation) C:\WINDOWS\system32\directml.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 02808832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 02715648 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-03-11 23:21 - 2020-03-11 23:21 - 02522112 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 02474496 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 02289152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 02157056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 01762304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 01751040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 01581056 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 01428992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2020-03-11 23:21 - 2020-03-11 23:21 - 01180160 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 01149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-03-11 23:21 - 2020-03-11 23:21 - 01092096 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 01057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 01027000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00914944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00878080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-03-11 23:21 - 2020-03-11 23:21 - 00863232 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00833616 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00802304 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00782848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00649728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00637240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2020-03-11 23:21 - 2020-03-11 23:21 - 00540672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2020-03-11 23:21 - 2020-03-11 23:21 - 00531768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2020-03-11 23:21 - 2020-03-11 23:21 - 00441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-03-11 23:21 - 2020-03-11 23:21 - 00433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountExtension.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00429880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2020-03-11 23:21 - 2020-03-11 23:21 - 00379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00355000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2020-03-11 23:21 - 2020-03-11 23:21 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Acx01000.sys
2020-03-11 23:21 - 2020-03-11 23:21 - 00306696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys
2020-03-11 23:21 - 2020-03-11 23:21 - 00294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountCloudAP.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\netman.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00250896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2020-03-11 23:21 - 2020-03-11 23:21 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2020-03-11 23:21 - 2020-03-11 23:21 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\TetheringMgr.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthA2dp.sys
2020-03-11 23:21 - 2020-03-11 23:21 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00224056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2020-03-11 23:21 - 2020-03-11 23:21 - 00222520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ataport.sys
2020-03-11 23:21 - 2020-03-11 23:21 - 00208696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2020-03-11 23:21 - 2020-03-11 23:21 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00201528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2020-03-11 23:21 - 2020-03-11 23:21 - 00199992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2020-03-11 23:21 - 2020-03-11 23:21 - 00183608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2020-03-11 23:21 - 2020-03-11 23:21 - 00182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00180232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2020-03-11 23:21 - 2020-03-11 23:21 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAuto.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00174392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2020-03-11 23:21 - 2020-03-11 23:21 - 00151568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2020-03-11 23:21 - 2020-03-11 23:21 - 00141840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2020-03-11 23:21 - 2020-03-11 23:21 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\TelephonyInteractiveUser.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00131896 _____ (Microsoft Corporation) C:\WINDOWS\system32\DTUHandler.exe
2020-03-11 23:21 - 2020-03-11 23:21 - 00128312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2020-03-11 23:21 - 2020-03-11 23:21 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2020-03-11 23:21 - 2020-03-11 23:21 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2020-03-11 23:21 - 2020-03-11 23:21 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3msm.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2020-03-11 23:21 - 2020-03-11 23:21 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3api.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2020-03-11 23:21 - 2020-03-11 23:21 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2020-03-11 23:21 - 2020-03-11 23:21 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\monitor.sys
2020-03-11 23:21 - 2020-03-11 23:21 - 00067112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00066336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlrmdr.exe
2020-03-11 23:21 - 2020-03-11 23:21 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmRes.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00056632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pciidex.sys
2020-03-11 23:21 - 2020-03-11 23:21 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAProfileNotificationHandler.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00048256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbs.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmprovhost.exe
2020-03-11 23:21 - 2020-03-11 23:21 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\cellulardatacapabilityhandler.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2020-03-11 23:21 - 2020-03-11 23:21 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthMini.SYS
2020-03-11 23:21 - 2020-03-11 23:21 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAgent.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys
2020-03-11 23:21 - 2020-03-11 23:21 - 00030008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\atapi.sys
2020-03-11 23:21 - 2020-03-11 23:21 - 00029712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tbs.sys
2020-03-11 23:21 - 2020-03-11 23:21 - 00028936 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmbuspipe.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilotdiag.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00019984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelide.sys
2020-03-11 23:21 - 2020-03-11 23:21 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpnotify.exe
2020-03-11 23:21 - 2020-03-11 23:21 - 00016912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pciide.sys
2020-03-11 23:21 - 2020-03-11 23:21 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmplpxy.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCertResources.dll
2020-03-11 23:21 - 2020-03-11 23:21 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\TelephonyInteractiveUserRes.dll
2020-03-11 22:49 - 2020-02-11 05:48 - 00390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-03-11 22:49 - 2020-02-11 05:37 - 00492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-04-10 10:49 - 2016-02-22 20:25 - 00041886 _____ C:\Users\Nigel\Desktop\FRST.txt
2020-04-10 10:47 - 2016-02-22 13:05 - 00000000 ____D C:\FRST
2020-04-10 10:29 - 2019-03-19 05:52 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-04-10 09:40 - 2015-08-26 10:42 - 00000000 __SHD C:\Users\Nigel\IntelGraphicsProfiles
2020-04-10 09:37 - 2020-01-29 13:27 - 00842708 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-04-10 09:37 - 2019-03-19 05:50 - 00000000 ____D C:\WINDOWS\INF
2020-04-10 00:27 - 2019-03-19 05:52 - 00000000 ___HD C:\Program Files\WindowsApps
2020-04-10 00:26 - 2019-03-19 05:52 - 00000000 ____D C:\WINDOWS\AppReadiness
2020-04-10 00:17 - 2020-01-29 13:56 - 00004154 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B36B5B0B-3BFB-42EB-BDEA-CF50958C5376}
2020-04-09 23:14 - 2020-01-29 12:59 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2020-04-09 22:09 - 2020-01-29 13:56 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-04-09 22:08 - 2019-03-19 05:37 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2020-04-09 18:57 - 2013-09-04 13:49 - 00000000 ____D C:\Users\Nigel\AppData\Roaming\uTorrent
2020-04-09 18:47 - 2014-12-28 16:39 - 00000000 ____D C:\ProgramData\Unchecky
2020-04-09 17:28 - 2013-08-27 21:23 - 00000000 ____D C:\Users\Nigel\AppData\Roaming\vlc
2020-04-09 15:46 - 2020-02-02 17:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2020-04-09 15:46 - 2018-05-13 10:26 - 00000000 ____D C:\Program Files\Opera
2020-04-09 15:46 - 2015-11-14 19:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-04-08 21:24 - 2020-01-29 13:56 - 00003944 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1526203677
2020-04-08 21:24 - 2018-05-13 10:28 - 00001111 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera browser.lnk
2020-04-07 08:39 - 2014-12-31 14:56 - 00002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-04-07 08:39 - 2014-12-31 14:56 - 00002264 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-04-06 18:31 - 2018-02-23 21:20 - 00000000 ____D C:\Users\Nigel\AppData\LocalLow\Mozilla
2020-04-06 18:31 - 2016-03-10 20:46 - 00000000 ____D C:\Users\Nigel\AppData\Roaming\.ACEStream
2020-04-06 18:27 - 2015-11-14 19:15 - 00001236 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-04-03 20:34 - 2014-02-18 21:43 - 00000000 ____D C:\Users\Nigel\AppData\Roaming\dvdcss
2020-03-21 00:45 - 2020-02-05 05:59 - 00003326 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore1d5b20961366e42
2020-03-21 00:45 - 2020-01-29 13:56 - 00003420 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2020-03-18 19:34 - 2020-01-29 13:56 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2020-03-18 19:33 - 2016-01-05 11:38 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-03-15 20:23 - 2019-03-19 05:52 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB
2020-03-15 20:23 - 2019-03-19 05:52 - 00000000 ____D C:\WINDOWS\system32\en-GB
2020-03-15 20:23 - 2019-03-19 05:52 - 00000000 ____D C:\WINDOWS\ShellExperiences
2020-03-15 20:23 - 2019-03-19 05:52 - 00000000 ____D C:\WINDOWS\bcastdvr
2020-03-15 17:46 - 2019-03-19 05:37 - 00000000 ____D C:\WINDOWS\CbsTemp
2020-03-12 23:58 - 2013-04-17 10:38 - 00000000 __RHD C:\Users\Public\AccountPictures
2020-03-12 23:57 - 2015-09-16 10:10 - 00000000 ___RD C:\Users\Nigel\3D Objects
2020-03-12 23:55 - 2020-01-29 12:59 - 00454432 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-03-12 23:48 - 2019-03-19 05:52 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2020-03-12 23:48 - 2019-03-19 05:52 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-03-12 23:48 - 2019-03-19 05:52 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2020-03-12 23:48 - 2019-03-19 05:52 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-03-12 23:48 - 2019-03-19 05:52 - 00000000 ____D C:\WINDOWS\SystemResources
2020-03-12 23:48 - 2019-03-19 05:52 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2020-03-12 23:48 - 2019-03-19 05:52 - 00000000 ____D C:\WINDOWS\system32\setup
2020-03-12 23:48 - 2019-03-19 05:52 - 00000000 ____D C:\WINDOWS\system32\oobe
2020-03-12 23:48 - 2019-03-19 05:52 - 00000000 ____D C:\WINDOWS\system32\Dism
2020-03-12 23:48 - 2019-03-19 05:52 - 00000000 ____D C:\Program Files\Windows Defender
2020-03-12 23:48 - 2019-03-19 05:37 - 00000000 ____D C:\WINDOWS\servicing
2020-03-12 09:51 - 2013-08-29 01:11 - 00000000 ____D C:\WINDOWS\system32\MRT
2020-03-11 23:36 - 2013-03-22 18:03 - 121542864 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-03-11 13:53 - 2020-01-29 13:56 - 00004586 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2020-03-11 13:52 - 2019-03-19 05:52 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-03-11 13:52 - 2019-03-19 05:52 - 00000000 ____D C:\WINDOWS\system32\Macromed
2020-03-11 13:30 - 2020-01-29 13:56 - 00004574 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
==================== Files in the root of some directories =======
2014-12-26 21:19 - 2014-12-26 21:19 - 0085130 _____ () C:\Users\Nigel\AppData\Local\ars.cache
2014-12-26 21:19 - 2014-12-26 21:19 - 0135658 _____ () C:\Users\Nigel\AppData\Local\census.cache
2015-07-06 22:43 - 2015-08-21 18:25 - 0005120 _____ () C:\Users\Nigel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-12-26 21:11 - 2014-12-26 21:11 - 0000036 _____ () C:\Users\Nigel\AppData\Local\housecall.guid.cache
2014-12-26 21:16 - 2014-12-26 21:16 - 0000010 _____ () C:\Users\Nigel\AppData\Local\sponge.last.runtime.cache
2014-12-26 19:49 - 2014-12-26 19:49 - 0248096 _____ () C:\ProgramData\1419619243.bdinstall.bin
2014-12-26 21:08 - 2014-12-26 21:08 - 0037670 _____ () C:\ProgramData\1419624472.bdinstall.bin
2014-12-26 21:08 - 2014-12-26 21:08 - 0098176 _____ () C:\ProgramData\1419624488.bdinstall.bin
2017-08-02 11:37 - 2017-08-02 11:37 - 0000000 _____ () C:\ProgramData\DP45977C.lfl
Files to move or delete:
====================
C:\Users\Nigel\mb3-setup-consumer-3.5.1.2522-1.0.365-1.0.5170.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
C:\WINDOWS\system32\codeintegrity\Bootcat.cache IS MISSING <==== ATTENTION
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version:21-02-2016 01
Ran by Nigel (2020-04-10 10:50:48)
Running from C:\Users\Nigel\Desktop
Windows 10 Home Version 1903 (X64) (2020-01-29 12:58:19)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-4040141387-3011007431-2631040067-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4040141387-3011007431-2631040067-503 - Limited - Disabled)
Guest (S-1-5-21-4040141387-3011007431-2631040067-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4040141387-3011007431-2631040067-1005 - Limited - Enabled)
Nigel (S-1-5-21-4040141387-3011007431-2631040067-1001 - Administrator - Enabled) => C:\Users\Nigel
WDAGUtilityAccount (S-1-5-21-4040141387-3011007431-2631040067-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Ace Stream Media 3.1.2 (HKU\S-1-5-21-4040141387-3011007431-2631040067-1001\...\AceStream) (Version: 3.1.2 - Ace Stream Media) <==== ATTENTION
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 20.006.20042 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.344 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.344 - Adobe)
Apple Application Support (32-bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo AppLauncher v.1.0.0 (HKLM-x32\...\Ashampoo AppLauncher_is1) (Version: 1.0.0 - Ashampoo GmbH & Co. KG)
Ashampoo Burning Studio 11 v.11.0.4 (HKLM-x32\...\Ashampoo Burning Studio 11_is1) (Version: 11.0.4 - Ashampoo GmbH & Co. KG)
Ashampoo Core Tuner 2 v.2.0.1 (HKLM-x32\...\Ashampoo Core Tuner 2_is1) (Version: 2.01 - Ashampoo GmbH & Co. KG)
Ashampoo GetBack Photo v.1.0.1 (HKLM-x32\...\Ashampoo GetBack Photo_is1) (Version: 1.0.1 - Ashampoo GmbH & Co. KG)
Ashampoo HDD Control 2 v.2.1.0 (HKLM-x32\...\Ashampoo HDD Control 2_is1) (Version: 2.1.0 - Ashampoo GmbH & Co. KG)
Ashampoo Music Studio 4 v.4.0.1 (HKLM-x32\...\Ashampoo Music Studio 4_is1) (Version: 4.0.1 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Commander 10 v.10.1.3 (HKLM-x32\...\Ashampoo Photo Commander 10_is1) (Version: 10.1.3 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Optimizer 5 v.5.1.2 (HKLM-x32\...\Ashampoo Photo Optimizer 5_is1) (Version: 5.1.2 - Ashampoo GmbH & Co. KG)
Ashampoo Slideshow Studio HD 2 v.2.0.5 (HKLM-x32\...\Ashampoo Slideshow Studio HD 2_is1) (Version: 2.0.5 - Ashampoo GmbH & Co. KG)
Ashampoo Snap 5 v.5.1.5 (HKLM-x32\...\Ashampoo Snap 5_is1) (Version: 5.1.5 - Ashampoo GmbH & Co. KG)
Ashampoo UnInstaller 4 v.4.30 (HKLM-x32\...\Ashampoo UnInstaller 4_is1) (Version: 4.3.0 - Ashampoo GmbH & Co. KG)
Ashampoo Video Styler v.1.0.1 (HKLM-x32\...\Ashampoo Video Styler_is1) (Version: 1.0.1 - Ashampoo GmbH & Co. KG)
Ashampoo WinOptimizer 9 v.9.04.31 (HKLM-x32\...\Ashampoo WinOptimizer 9_is1) (Version: 9.04.31 - Ashampoo GmbH & Co. KG)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.7.0.0913 - CyberLink Corp.)
CyberLink PowerRecover (Version: 5.7.0.0913 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
f.lux (HKU\S-1-5-21-4040141387-3011007431-2631040067-1001\...\Flux) (Version: - f.lux Software LLC)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalerija (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalleri (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalleriet (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotoğraf Galerisi (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotótár (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galeria de Fotografias (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galería de fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galeria fotografii (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.163 - Google LLC)
Google Earth Plug-in (HKLM-x32\...\{57BB4801-61C8-4E74-9672-2160728A461E}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.35.451 - Google LLC) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{1593C708-5535-47A4-8C0F-F8D4BE2B4560}) (Version: 15.05.6000.1620 - Intel Corporation)
iTunes (HKLM\...\{4046F74A-28F8-48C6-A5D3-2AFC472574C1}) (Version: 12.2.0.145 - Apple Inc.)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.599.3 - McAfee, Inc.)
Mediathek (HKLM-x32\...\{EFFED0C0-5299-422E-AFE6-8B8066D18A2A}) (Version: 1.4.0 - Medion)
Medion Home Cinema 10 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
Medion Home Cinema 10 (x32 Version: 10.1924 - CyberLink Corp.) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-4040141387-3011007431-2631040067-1001\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 72.0.2 (x64 en-GB) (HKLM\...\Mozilla Firefox 72.0.2 (x64 en-GB)) (Version: 72.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 72.0.2.7321 - Mozilla)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NOW TV Player 6.8.0.0 (HKU\S-1-5-21-4040141387-3011007431-2631040067-1001\...\com.bskyb.nowtvplayer_is1) (Version: 6.8.0.0 - NOW TV)
Opera Stable 67.0.3575.137 (HKLM-x32\...\Opera 67.0.3575.137) (Version: 67.0.3575.137 - Opera Software)
PHotkey (HKLM-x32\...\{E50C224A-BBF2-428D-9DCF-DBF9DF85C40E}) (Version: 1.00.0081 - Pegatron Corporation)
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
Podstawowe programy Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.30136 - Realtek Semiconductor Corp.)
Speccy (HKLM\...\Speccy) (Version: 1.29 - Piriform)
Stellar Phoenix Outlook PST Repair (HKLM-x32\...\Stellar Phoenix Outlook PST Repair_is1) (Version: 5.0.0.0 - Stellar Information Systems Ltd.)
Stellar Phoenix Photo Recovery (HKLM-x32\...\Stellar Phoenix Photo Recovery_is1) (Version: 6.0.0.1 - Stellar Information Technology Pvt Ltd.)
StreamTorrent 1.0 (HKLM-x32\...\StreamTorrent 1.0) (Version: - )
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.9.5 - Synaptics Incorporated)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Unchecky v1.2 (HKLM-x32\...\Unchecky) (Version: 1.2 - Reason Software Company Inc.)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{FBA3961B-D1DF-493C-BC1F-E67D3B832895}) (Version: 2.56.0.0 - Microsoft Corporation)
Valokuvavalikoima (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.6 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Συλλογή φωτογραφιών (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-4040141387-3011007431-2631040067-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {004931F3-BBCD-4B05-B9F7-513A3AE32D09} - System32\Tasks\Opera scheduled Autoupdate 1526203677 => C:\Program Files\Opera\launcher.exe [2020-04-08] (Opera Software)
Task: {01D1734E-E775-481D-A8FA-3E480E0994F3} - \WPD\SqmUpload_S-1-5-21-4040141387-3011007431-2631040067-1001 -> No File <==== ATTENTION
Task: {01F94132-A3BF-4AD3-BA30-D631FD3A67CA} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceLocationRightsChange
Task: {04C10A9D-5360-47B2-9C96-2DDBCE8EC3F7} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierdaily => C:\Windows\system32\AppHostRegistrationVerifier.exe [2019-03-19] (Microsoft Corporation)
Task: {083F3813-82BC-4622-A1B0-070C619B7D11} - System32\Tasks\Microsoft\Windows\Diagnosis\RecommendedTroubleshootingScanner => C:\Windows\system32\mitigationscanner.exe [2019-03-19] (Microsoft Corporation)
Task: {0FFAE542-7BB9-4A04-AEB0-99B7D9D321CD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {105D676A-D551-4274-81E7-97AC52E4FD87} - System32\Tasks\Microsoft\Windows\Speech\HeadsetButtonPress => C:\Windows\system32\speech_onecore\common\SpeechRuntime.exe [2020-02-13] (Microsoft Corporation)
Task: {12B77A7C-1DDB-48D8-9A89-E91548474357} - System32\Tasks\Microsoft\Windows\USB\Usb-Notifications
Task: {190A2CED-1F02-443D-8860-0CE1051F01CD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {191384C9-85A1-4EB2-81D4-48F5A0C6ACB7} - System32\Tasks\Microsoft\Windows\UNP\RunUpdateNotificationMgr => C:\Windows\System32\UNP\UpdateNotificationMgr.exe [2020-01-29] (Microsoft Corporation)
Task: {19DA621D-875F-4003-895C-7A6455DAD07A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {1B596975-CD26-4891-8C69-293025208229} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\ReconcileFeatures
Task: {220D3535-F0C2-4BE0-9FA8-341454F3B598} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleWnsCommand
Task: {24E304A2-E433-490A-835C-D8D97079C62B} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {2BB692C1-F60F-479E-ADC2-1CAF9422A2AC} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitorToastTask
Task: {2C917EC3-7D15-46D6-BC2C-4936B6F6CEA9} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_344_pepper.exe [2020-03-11] (Adobe)
Task: {2F0BCB97-A472-42F3-A2B6-CA48498B4F6C} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_344_Plugin.exe [2020-03-11] (Adobe)
Task: {351E0F75-E900-4994-AB76-D7BB36445128} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe
Task: {3D8E83D8-967E-44AC-8896-42CDEC763404} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdatesAsUser
Task: {3E7650E7-DBA3-4B90-8D84-4232AE8A029F} - System32\Tasks\Microsoft\Windows\ExploitGuard\ExploitGuard MDM policy Refresh
Task: {3EBAF09A-814C-4FB9-9F00-8BB931BFE845} - System32\Tasks\Microsoft\Windows\Chkdsk\SyspartRepair => C:\Windows\system32\bcdboot.exe [2019-03-19] (Microsoft Corporation)
Task: {40378C7B-CE71-41E6-9B6F-EDE9D47789DE} - System32\Tasks\Microsoft\Windows\BitLocker\BitLocker MDM policy Refresh
Task: {416FBFEF-09C2-4D51-9358-72205B2F5ED3} - System32\Tasks\Microsoft\Windows\BitLocker\BitLocker Encrypt All Drives
Task: {47B89A79-53D2-485E-AD87-148165B28519} - System32\Tasks\Microsoft\Windows\PushToInstall\Registration => Sc.exe start pushtoinstall registration
Task: {48F207D2-23BE-4F26-A115-B05B486F6CA6} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndScanForUpdates
Task: {4A61BCE1-02FC-4F8D-AD7D-06CC80F2C130} - System32\Tasks\Microsoft\Windows\EDP\StorageCardEncryption Task
Task: {4D496758-CF92-424B-8FC7-E95278FD13F2} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefreshTask
Task: {4DDF305C-E963-45BE-A8F0-DB2A76C9E03C} - System32\Tasks\Microsoft\Windows\EDP\EDP Inaccessible Credentials Task
Task: {4E199D7B-4F5E-422F-8AE0-7AE00FA5A645} - System32\Tasks\Microsoft\Windows\rempl\shell => C:\Program Files\rempl\sedlauncher.exe [2019-03-16] (Microsoft Corporation)
Task: {52C1F2DA-58AA-494C-8D61-BFE8A0FC2285} - System32\Tasks\Microsoft\Windows\EDP\EDP Auth Task
Task: {53DD12F4-F2CC-4E6A-9100-C885108EF2A6} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2020-03-11] (Microsoft Corporation)
Task: {55394AAB-D0F9-4CB6-9AD8-1200F7C99793} - System32\Tasks\Microsoft\Windows\SharedPC\Account Cleanup => Rundll32.exe %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance
Task: {55412461-F053-4583-A6BF-19F36DAAD46D} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdates
Task: {57B62CE6-60B1-49E6-8113-DE25518C6B6D} - System32\Tasks\Microsoft\Windows\Flighting\OneSettings\RefreshCache
Task: {58288CB7-4BC3-4408-B52F-202304CE9DCD} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\LocateCommandUserSession
Task: {6087B43D-6CAD-4401-B75B-0A743CE9AB12} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {613A083C-17CD-47F4-AC35-96FC308E59CF} - System32\Tasks\Microsoft\Windows\Workplace Join\Device-Sync
Task: {62C4A8CD-9106-4A28-ADC3-EA65B0C2CEF0} - System32\Tasks\Dolby Selector => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [2020-01-29] (Dolby Laboratories Inc.)
Task: {65116D36-6A5E-42CB-994F-D2631801C0A8} - System32\Tasks\Microsoft\Windows\BrokerInfrastructure\BgTaskRegistrationMaintenanceTask
Task: {68560DFD-FC67-4EF8-BAA4-7F72211F3FD5} - System32\Tasks\Microsoft\Windows\DirectX\DXGIAdapterCache => C:\Windows\system32\dxgiadaptercache.exe [2020-01-29] (Microsoft Corporation)
Task: {6FFA775B-E7BB-4DE0-A8F8-EA6FA07E6B25} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\ReconcileLanguageResources
Task: {71BFB70C-91A5-41C9-B858-C9DACBEF4900} - System32\Tasks\Microsoft\Windows\EDP\EDP App Launch Task
Task: {73CB9900-BD4D-4C69-9F68-6746AE3BB44B} - System32\Tasks\Microsoft\Windows\InstallService\SmartRetry
Task: {74B0D4CA-6723-42DD-B0C9-66999B8A0E12} - System32\Tasks\Microsoft\Windows\Subscription\LicenseAcquisition => C:\Windows\system32\ClipRenew.exe [2019-03-19] (Microsoft Corporation)
Task: {798DB582-30ED-4D82-974F-12178BC4D55A} - System32\Tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask => C:\Windows\system32\speech_onecore\common\SpeechModelDownload.exe [2020-03-11] (Microsoft Corporation)
Task: {7C8034B4-286F-4E86-AD41-4140C28A9604} - System32\Tasks\Microsoft\Windows\WaaSMedic\PerformRemediation
Task: {81FB0949-0CBA-41DB-9B06-ADC3373A7C77} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceWnsFallback
Task: {8444CBF9-7E8B-46A2-9328-8157ADFEB33A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {84BF2CA5-C49E-4F8F-A2B5-EE0130618888} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2020-03-11] (Adobe)
Task: {88C2DD99-9005-4BA8-9752-E3FC8750C43A} - System32\Tasks\Synaptics TouchPad Enhancements => Program Files\Synaptics\SynTP\SynTPEnh.exe
Task: {8CE419DE-4815-423C-8287-51CEF62C7937} - System32\Tasks\Microsoft\Windows\WlanSvc\CDSSync
Task: {90C28B5C-2A50-48E1-9579-EEE75F1B1F2E} - System32\Tasks\Microsoft\Windows\StateRepository\MaintenanceTasks => Rundll32.exe %windir%\system32\Windows.StateRepositoryClient.dll,StateRepositoryDoMaintenanceTasks
Task: {9CB9760E-A5CF-40B2-AA8B-66B3D69315E7} - System32\Tasks\Microsoft\Windows\Management\Provisioning\Cellular => C:\Windows\system32\ProvTool.exe [2020-03-11] (Microsoft Corporation)
Task: {9E42E54A-6BB4-4F7E-892C-2C5183F55B20} - System32\Tasks\Microsoft\Windows\Printing\EduPrintProv => C:\Windows\system32\eduprintprov.exe [2019-03-19] (Microsoft Corporation)
Task: {9EA74475-AD2A-45B3-8F30-39A9AC591942} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTaskLogon => C:\Windows\System32\XblGameSaveTask.exe [2019-03-19] (Microsoft Corporation)
Task: {A75B5455-7AEB-4924-8B0E-41496DCF4BC9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {A8E26236-4D4B-46F7-AAF3-75902A32BB15} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePolicyChange
Task: {AB6A2C2A-DD90-40C7-BCA0-8BD111A95963} - System32\Tasks\Microsoft\Windows\Device Information\Device => C:\Windows\system32\devicecensus.exe [2020-01-29] (Microsoft Corporation)
Task: {AF9F5DF7-0DA0-4860-94F9-5B9C5092BE90} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {B5DE1D30-1A03-418D-B051-FECCCBDB1679} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {B8F0DEC7-8392-4F57-9990-74FCB934033F} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\Windows\System32\WinBioPlugIns\FaceFodUninstaller.exe [2020-02-13] ()
Task: {C06DFBDA-FDA4-4007-85BB-B52EFC1EEDC4} - System32\Tasks\GoogleUpdateTaskMachineCore1d5b20961366e42 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {CFC57D4D-2EE9-400B-A34A-3FEA8BEF3E22} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {D676F02B-B9BF-4DE6-940C-09A83B369DEE} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {D8A50F3C-4BF2-46E9-B708-B51207C90FF2} - System32\Tasks\Microsoft\Windows\PushToInstall\LoginCheck => Sc.exe start pushtoinstall login
Task: {DAE12BEE-AF8C-4826-8A2D-E22471168A4D} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierinstall => C:\Windows\system32\AppHostRegistrationVerifier.exe [2019-03-19] (Microsoft Corporation)
Task: {DAE818A6-AF80-4CAD-9AE5-C33C9DFEDC45} - System32\Tasks\Microsoft\Windows\DirectX\DirectXDatabaseUpdater => C:\Windows\system32\directxdatabaseupdater.exe [2020-01-29] (Microsoft Corporation)
Task: {DF8ABE54-47C9-4567-8DD0-36F92A2CC529} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndContinueUpdates
Task: {E0E61B47-8FCD-4A5B-AEDA-581B6CF8FE50} - System32\Tasks\Microsoft\Windows\Subscription\EnableLicenseAcquisition => C:\Windows\system32\ClipRenew.exe [2019-03-19] (Microsoft Corporation)
Task: {E4AEB720-7F18-419F-A20E-6E0B5C4ED968} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceProtectionStateChanged
Task: {E609D366-10F0-4EC1-96C8-1F8161C673C5} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask => C:\Windows\system32\MDMAgent.exe [2019-03-19] (Microsoft Corporation)
Task: {E9A46D73-1D61-4419-90FD-B0B371A44777} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleCommand
Task: {E9F72BB7-4F4F-45F8-BEED-DEDF70DC2C38} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {EC14EA5D-5261-4F02-AF96-AF87F0D83D93} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {EC3DD447-1885-404A-ADBE-2B2201F18213} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2020-02-25] (Adobe Systems)
Task: {F2E8AA59-252D-4EA4-AF79-32DB90AB50D6} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTask => C:\Windows\System32\XblGameSaveTask.exe [2019-03-19] (Microsoft Corporation)
Task: {F369958F-78A7-4AF3-9208-D840060ECE2F} - System32\Tasks\Microsoft\Windows\DiskFootprint\StorageSense
Task: {F36E245A-30C8-46BD-9EBF-969ADDEBC402} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Opera scheduled assistant Autoupdate 1576860502.job => C:\Program Files\Opera\launcher.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Nigel\Desktop\Windows 8 Info.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.windows.com/getstarted
ShortcutWithArgument: C:\Users\Nigel\Desktop\Programs\eBay.co.uk.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://rover.ebay.com/rover/1/710-154513-44482-12/4
ShortcutWithArgument: C:\Users\Nigel\Desktop\Programs\Windows 8 Info.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.windows.com/getstarted
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MEDIONhome.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.medion.com
==================== Loaded Modules (Whitelisted) ==============
2019-03-19 05:43 - 2019-03-19 05:43 - 00054960 _____ () C:\WINDOWS\System32\UMPDC.dll
2013-04-09 12:58 - 2012-11-29 13:53 - 00805888 _____ () C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
2013-04-09 13:22 - 2011-08-22 13:44 - 01421216 _____ () C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2Service.exe
2013-04-09 13:21 - 2012-07-30 10:48 - 01518504 _____ () C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe
2015-05-15 16:26 - 2015-05-15 16:26 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2020-01-29 12:02 - 2020-01-29 12:02 - 00037888 _____ () C:\Windows\System32\usocoreps.dll
2020-02-13 12:46 - 2020-02-13 12:46 - 00602688 _____ () C:\WINDOWS\SYSTEM32\WINBIOPLUGINS\FACEBOOTSTRAPADAPTER.DLL
2013-04-09 12:58 - 2012-11-27 15:18 - 02215424 _____ () C:\Program Files (x86)\PHotkey\PHotkey.exe
2019-11-23 11:34 - 2020-02-16 01:03 - 03636952 _____ () C:\Program Files\Malwarebytes\Anti-Malware\QtANGLE.dll
2013-04-09 12:58 - 2010-01-12 17:36 - 00117256 _____ () C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
2013-04-09 12:58 - 2010-01-12 17:36 - 00121864 _____ () C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
2013-04-09 12:58 - 2010-12-17 14:04 - 00449032 _____ () C:\Program Files (x86)\PHotkey\ATouch64.exe
2019-03-19 05:59 - 2019-03-19 12:37 - 00094720 _____ () C:\Windows\System32\VirtualMonitorManager.dll
2019-03-19 05:43 - 2019-03-19 05:43 - 00494592 _____ () C:\Windows\ShellExperiences\TileControl.dll
2020-01-29 12:02 - 2020-01-29 12:02 - 02880000 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2013-04-09 12:58 - 2012-10-23 18:07 - 03471872 _____ () C:\Program Files (x86)\PHotkey\POSD.exe
2013-04-09 12:58 - 2012-08-08 18:10 - 07536128 _____ () C:\Program Files (x86)\PHotkey\GPMTray.exe
2020-01-29 12:02 - 2020-01-29 12:02 - 00944144 _____ () C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
2020-03-27 10:28 - 2020-03-27 10:28 - 17578496 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20022.82.0_x64__8wekyb3d8bbwe\YourPhone.exe
2020-03-27 10:28 - 2020-03-27 10:28 - 01126912 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20022.82.0_x64__8wekyb3d8bbwe\YourPhone.AppCore.dll
2020-03-27 10:28 - 2020-03-27 10:28 - 08597504 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20022.82.0_x64__8wekyb3d8bbwe\YourPhone.AppCore.WinRT.dll
2020-01-29 16:24 - 2020-01-29 16:24 - 01000448 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20022.82.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2020-03-27 10:28 - 2020-03-27 10:28 - 04447232 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20022.82.0_x64__8wekyb3d8bbwe\PhoneCommunicationAppService.dll
2020-02-13 12:45 - 2020-02-13 12:45 - 01841152 _____ () C:\WINDOWS\system32\TextInputMethodFormatter.dll
2020-04-08 21:23 - 2020-04-08 21:23 - 01006104 _____ () C:\Program Files\Opera\67.0.3575.137\opera_elf.dll
2020-04-08 21:23 - 2020-04-08 21:23 - 118566424 _____ () C:\Program Files\Opera\67.0.3575.137\opera_browser.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 01796608 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2020-03-11 23:22 - 2020-03-11 23:22 - 00258560 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.CppWinRT.dll
2020-04-08 21:23 - 2020-04-08 21:21 - 04511256 _____ () C:\Program Files\Opera\67.0.3575.137\libglesv2.dll
2020-04-08 21:23 - 2020-04-08 21:21 - 00384024 _____ () C:\Program Files\Opera\67.0.3575.137\libegl.dll
2020-03-27 10:28 - 2020-03-27 10:28 - 00033792 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20022.82.0_x64__8wekyb3d8bbwe\YourPhoneServer\YourPhoneServer.exe
2020-03-27 10:28 - 2020-03-27 10:28 - 00582656 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20022.82.0_x64__8wekyb3d8bbwe\YourPhone.FullTrustServer.dll
2013-04-09 11:36 - 2012-06-25 10:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2013-04-09 12:58 - 2009-12-18 15:36 - 00973432 _____ () C:\Program Files (x86)\PHotkey\acAuth.dll
2013-04-09 12:58 - 2009-12-18 15:41 - 00129544 _____ () C:\Program Files (x86)\PHotkey\GFNEX.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:F0D7EE30
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioEndpointBuilder => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioSrv => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CBDHSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudAddService.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudBus.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetSetupSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SerCx2.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\usbaudio.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinQuic => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2020-04-09 22:09 - 00001342 ____A C:\WINDOWS\system32\Drivers\etc\hosts
0.0.0.1 mssplus.mcafee.com0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 api.recommendedsw.com
0.0.0.0 rp.yefeneri2.com
0.0.0.0 os.yefeneri2.com
0.0.0.0 os2.yefeneri2.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com
There are 7 more lines.
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-4040141387-3011007431-2631040067-1001\Control Panel\Desktop\\Wallpaper -> c:\users\nigel\appdata\roaming\microsoft\windows photo viewer\windows photo viewer wallpaper.jpg
DNS Servers: 194.168.4.100 - 194.168.8.100
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "GrooveMonitor"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKU\S-1-5-21-4040141387-3011007431-2631040067-1001\...\StartupApproved\StartupFolder: => "Nigel.lnk"
HKU\S-1-5-21-4040141387-3011007431-2631040067-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-4040141387-3011007431-2631040067-1001\...\StartupApproved\Run: => "AceStream"
HKU\S-1-5-21-4040141387-3011007431-2631040067-1001\...\StartupApproved\Run: => "OneDriveSetup"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [WirelessDisplay-Infra-In-TCP] => (Allow) %systemroot%\system32\CastSrv.exe
FirewallRules: [Microsoft-Windows-DeviceManagement-CertificateInstall-TCP-Out] => (Allow) %SystemRoot%\system32\dmcertinst.exe
FirewallRules: [Microsoft-Windows-DeviceManagement-deviceenroller-TCP-Out] => (Allow) %SystemRoot%\system32\deviceenroller.exe
FirewallRules: [Microsoft-Windows-DeviceManagement-OmaDmClient-TCP-Out] => (Allow) %SystemRoot%\system32\omadmclient.exe
FirewallRules: [UDP Query User{2FB28704-ADE4-493C-8EC2-4D6827F52738}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [TCP Query User{BDD951EC-D2DE-4785-813F-54CE7E6B8F83}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [UDP Query User{9B742844-15ED-4099-BBED-D88A890B57A3}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{FE47FEA8-BD99-4886-BD42-87D629809F70}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{D26E603F-FED2-49C5-9DD2-9D90E4560A8D}C:\users\nigel\appdata\roaming\acestream\engine\ace_engine.exe] => (Allow) C:\users\nigel\appdata\roaming\acestream\engine\ace_engine.exe
FirewallRules: [TCP Query User{95C91757-53FF-4755-AD48-6A190EDBEF95}C:\users\nigel\appdata\roaming\acestream\engine\ace_engine.exe] => (Allow) C:\users\nigel\appdata\roaming\acestream\engine\ace_engine.exe
FirewallRules: [{06CC81A1-B80C-421A-9A42-AB155F83A7E9}] => (Allow) C:\Program Files\Opera\67.0.3575.115\opera.exe
FirewallRules: [{8D35A74D-7CE4-4005-B805-0B37A688E4F8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{029B6DC2-101F-40D9-A8C3-1B01450185C8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6BF3A1B8-307B-4218-A1C7-E7F105008D33}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{DF8089A1-8C5B-4660-A282-6A43D62CB0EA}] => (Allow) C:\Program Files\Opera\67.0.3575.137\opera.exe
==================== Restore Points =========================
15-03-2020 17:22:00 Windows Update
04-04-2020 20:46:00 Scheduled Checkpoint
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (04/10/2020 10:19:53 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3192,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (04/10/2020 10:08:26 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8788,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (04/10/2020 09:59:14 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (604,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (04/10/2020 09:48:28 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4348,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (04/10/2020 12:32:24 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 29344
Error: (04/10/2020 12:32:24 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 29344
Error: (04/10/2020 12:32:24 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (04/10/2020 12:32:23 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 27891
Error: (04/10/2020 12:32:23 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 27891
Error: (04/10/2020 12:32:23 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
System errors:
=============
Error: (04/10/2020 09:43:37 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}
Error: (04/09/2020 11:27:57 PM) (Source: BTHUSB) (EventID: 16) (User: )
Description: The mutual authentication between the local Bluetooth adapter and a device with Bluetooth adapter address (bd:eb:6b:85:cd:ca) failed.
Error: (04/09/2020 11:27:35 PM) (Source: BTHUSB) (EventID: 16) (User: )
Description: The mutual authentication between the local Bluetooth adapter and a device with Bluetooth adapter address (bd:eb:6b:85:cd:ca) failed.
Error: (04/09/2020 10:17:18 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}
Error: (04/09/2020 10:14:03 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Background Intelligent Transfer Service service did not respond on starting.
Error: (04/09/2020 10:13:11 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}
Error: (04/09/2020 10:11:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error:
%%1053
Error: (04/09/2020 10:11:19 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect.
Error: (04/09/2020 07:07:47 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}
Error: (04/09/2020 07:00:37 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}
CodeIntegrity:
===================================
Date: 2020-04-09 18:01:05.052
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-04-09 18:01:04.711
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-04-09 18:00:55.747
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-04-09 18:00:55.008
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-04-09 17:57:43.942
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-04-09 17:57:27.045
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-04-09 17:56:54.655
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-04-09 17:56:34.308
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-04-09 17:56:25.196
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-04-09 17:56:22.688
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel® Celeron® CPU 1000M @ 1.80GHz
Percentage of memory in use: 71%
Total physical RAM: 3976.96 MB
Available physical RAM: 1124.53 MB
Total Virtual: 5192.96 MB
Available Virtual: 2003.14 MB
==================== Drives ================================
Drive c: (Boot) (Fixed) (Total:402.36 GB) (Free:236.51 GB) NTFS
Drive d: (Recover) (Fixed) (Total:60 GB) (Free:39.33 GB) NTFS
Drive g: (SAMSUNG) (Fixed) (Total:931.51 GB) (Free:95.68 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 00000000)
Partition: GPT.
========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 28676295)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================