This topic is locked
Follow up from previous thread. This is my daughter's old laptop which Malwarebytes found 76 infections .
It runs pretty slow so I fear there may be others
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-06-2020
Ran by sworton (administrator) on SOPH-PC (TOSHIBA SATELLITE C55D-A-14W) (25-06-2020 19:22:14)
Running from C:\Users\sworton\Desktop
Loaded Profiles: sworton
Platform: Windows 10 Home Version 1803 17134.1246 (X64) Language: English (United Kingdom)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\hidfind.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(DTS, Inc. -> ) C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <10>
(IDT, Inc.) [File not signed] C:\Program Files\IDT\WDM\stacsv64.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\sworton\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SrTasks.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Qualcomm Atheros -> Windows ® Win 7 DDK provider) [File not signed] C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(TOSHIBA CORPORATION -> ) C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(TOSHIBA CORPORATION -> Toshiba Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA CORPORATION -> TOSHIBA) C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe <3>
(Toshiba Europe GmbH -> Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [688472 2013-07-24] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-08-17] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [178016 2013-08-21] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TSSSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [296520 2013-09-11] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [354144 2013-08-13] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-01-27] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [1.TPUReg] => C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe [2216800 2013-03-27] (TOSHIBA CORPORATION -> TOSHIBA)
HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [516512 2013-07-23] (TOSHIBA CORPORATION -> TOSHIBA)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-809454615-2631668767-2191910371-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2015-04-26] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-809454615-2631668767-2191910371-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2015-04-26] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-809454615-2631668767-2191910371-1001\...\Run: [Google Update] => C:\Users\sworton\AppData\Local\Google\Update\1.3.35.452\GoogleUpdateCore.exe [217544 2020-06-18] (Google LLC -> Google LLC)
HKU\S-1-5-21-809454615-2631668767-2191910371-1001\...\Run: [Chromium] => "c:\users\sworton\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session
HKU\S-1-5-21-809454615-2631668767-2191910371-1001\...\Run: [GoogleChromeAutoLaunch_BDD88F478892A6EF92770702062E4753] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
HKLM\...\Windows x64\Print Processors\hpzpp5k2: C:\Windows\System32\spool\prtprocs\x64\hpzpp5k2.dll [224768 2007-07-04] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\HP B111 Status Monitor: C:\WINDOWS\system32\hpinkstsB111LM.dll [328552 2012-01-11] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\IppMon: C:\WINDOWS\system32\IPPMon.dll [251392 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\PCL hpz3l5k2: C:\WINDOWS\system32\hpz3l5k2.dll [130048 2007-07-04] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Company)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.116\Installer\chrmstp.exe [2020-06-25] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0513DFE3-4711-476C-89BA-5A4BEA3552E8} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {0CA46D15-3C30-4541-B56D-99E57180FFE4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {338659AF-3D22-427A-A3AE-7F84B5F2050E} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3FA264C8-86D1-4101-88A0-4FD89F2E5739} - \WPD\SqmUpload_S-1-5-21-809454615-2631668767-2191910371-1001 -> No File <==== ATTENTION
Task: {4D05EC48-0D2A-4A21-A50B-9AA2F364FCE3} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {55804AD8-0106-4821-B01F-F0C174D3B5A8} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [563000 2015-08-27] (Apple Inc. -> Apple Inc.)
Task: {56483286-D005-43E7-86B2-7226598D21E1} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {5A3FB241-0B11-4EA5-BC66-0D9F1B406040} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM => {C8367320-6F85-11E0-A1F0-0800200C9A66} C:\WINDOWS\System32\BthTelemetry.dll [33280 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
Task: {5D689AAC-C438-4296-998F-B8AE6450E664} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {6FEB9B68-D8BE-44A9-AA8C-D00EE0BC24BE} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {7A7108D1-26E7-4515-A06E-C240B8DD3C8A} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [655464 2013-07-31] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
Task: {862FEC28-DC03-4445-8206-92F9E3DFFBF2} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [120636720 2020-06-18] (Microsoft Windows -> Microsoft Corporation)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {894B2297-CA30-4661-9629-10BA16F03CC5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {960F3A6C-88C2-4CA9-8060-886BAED09A6A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {ACDAC615-4439-419D-97EC-F75728FC06C9} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {AF2DE1F3-FC1B-4D45-ABE6-4D06416228FB} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {BE629869-F646-4110-BCA4-BA4CD95E018E} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {CBE43BA4-2D39-4307-B81C-2352FB56F757} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {D0C6704F-1B13-4227-B403-01DD6BAD7D46} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {D8F9FFE1-3FA1-49D7-ADFA-55E6D9C01BFB} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {DD68579D-7C0A-4DD5-A6A0-C6CA02EC3428} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-809454615-2631668767-2191910371-1001UA => C:\Users\sworton\AppData\Local\Google\Update\GoogleUpdate.exe [153752 2017-04-02] (Google Inc -> Google Inc.)
Task: {DDB41C3C-91C2-42B8-BDC5-2F820F4B3033} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-809454615-2631668767-2191910371-1001Core => C:\Users\sworton\AppData\Local\Google\Update\GoogleUpdate.exe [153752 2017-04-02] (Google Inc -> Google Inc.)
Task: {EEF5480B-7550-4FB1-B151-1D00BE940CDA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {F0A50F69-CC86-45FF-AFDF-5A0A842445AB} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [471416 2013-07-18] (Toshiba Europe GmbH -> Toshiba Europe GmbH)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 194.168.4.100 194.168.8.100
Tcpip\..\Interfaces\{765dbe02-54bc-4ea3-a003-9995c5aa1a43}: [DhcpNameServer] 192.168.160.1
Tcpip\..\Interfaces\{8ca3a220-721b-4b53-8b2f-7b28100c8ecf}: [DhcpNameServer] 194.168.4.100 194.168.8.100
Internet Explorer:
==================
HKU\S-1-5-21-809454615-2631668767-2191910371-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com/?pc=TEJB
HKU\S-1-5-21-809454615-2631668767-2191910371-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://toshiba.eu/symbaloo_c
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] (Apple Inc. -> )
Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\sworton\AppData\Local\Google\Chrome\User Data\Guest Profile [2015-10-12]
CHR Profile: C:\Users\sworton\AppData\Local\Google\Chrome\User Data\Profile 1 [2020-06-25]
CHR DownloadDir: C:\Users\sworton\Desktop
CHR Notifications: Profile 1 -> hxxps://mail.google.com; hxxps://mail.google.com; hxxps://teams.microsoft.com; hxxps://www.facebook.com
CHR Extension: (Slides) - C:\Users\sworton\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-02-01]
CHR Extension: (Docs) - C:\Users\sworton\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2018-02-01]
CHR Extension: (Google Drive) - C:\Users\sworton\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-29]
CHR Extension: (IBM Security Rapport) - C:\Users\sworton\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2020-06-18]
CHR Extension: (YouTube) - C:\Users\sworton\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-29]
CHR Extension: (Sheets) - C:\Users\sworton\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-02-01]
CHR Extension: (Google Docs Offline) - C:\Users\sworton\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-06-18]
CHR Extension: (Google Hangouts) - C:\Users\sworton\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2019-05-28]
CHR Extension: (Chrome Web Store Payments) - C:\Users\sworton\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-06-18]
CHR Extension: (Gmail) - C:\Users\sworton\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-08]
CHR Extension: (Chrome Media Router) - C:\Users\sworton\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-06-18]
CHR Profile: C:\Users\sworton\AppData\Local\Google\Chrome\User Data\System Profile [2018-01-31]
CHR HKU\S-1-5-21-809454615-2631668767-2191910371-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [99328 2013-08-30] () [File not signed]
R2 AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [264224 2015-09-11] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc. -> Apple Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-10-01] (Qualcomm Atheros -> Windows ® Win 7 DDK provider) [File not signed]
R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [19792 2013-09-10] (DTS, Inc. -> )
R2 GFNEXSrv; C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe [163168 2013-03-27] (TOSHIBA CORPORATION -> )
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-06-18] (Malwarebytes Inc -> Malwarebytes)
S2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2387952 2016-09-04] () [File not signed]
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [339456 2013-08-16] (IDT, Inc.) [File not signed]
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [116088 2013-07-18] (Toshiba Europe GmbH -> Toshiba Europe GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\NisSrv.exe [3917016 2018-11-10] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MsMpEng.exe [114208 2018-11-10] (Microsoft Corporation -> Microsoft Corporation)
S2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.236\WsAppService.exe [495840 2018-01-26] (Wondershare Technology Co.,Ltd -> Wondershare)
S3 rtop; "c:\program files\bytefence\rtop\bin\rtop_svc.exe" [X] <==== ATTENTION
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AmdAS4; C:\WINDOWS\System32\drivers\AmdAS4.sys [17504 2013-02-06] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, INC.)
R3 amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [21653520 2015-09-11] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [686080 2015-09-11] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R2 APXACC; C:\WINDOWS\system32\DRIVERS\appexDrv.sys [219360 2013-04-18] (APPEX NETWORKS CORPORATION -> AppEx Networks Corporation)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [214496 2020-06-18] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-06-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-06-18] (Malwarebytes Inc -> Malwarebytes)
R2 PEGAGFN; C:\Program Files (x86)\TOSHIBA\PasswordUtility\PEGAGFN.sys [14344 2009-09-11] (PEGATRON CORPORATION -> PEGATRON)
S1 RapportCerberus_1609042; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1609042.sys [1157960 2016-07-30] (IBM -> IBM Corp.)
S1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [567336 2016-09-04] (IBM -> IBM Corp.)
S0 RapportHades64; C:\WINDOWS\System32\Drivers\RapportHades64.sys [215560 2016-07-11] (IBM -> IBM Corp.)
S0 RapportKE64; C:\WINDOWS\System32\Drivers\RapportKE64.sys [470056 2016-07-11] (IBM -> IBM Corp.)
S1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [548968 2016-09-04] (IBM -> IBM Corp.)
R3 STHDA; C:\WINDOWS\system32\DRIVERS\stwrt64.sys [551936 2013-08-16] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [54424 2015-07-29] (TOSHIBA CORPORATION -> Toshiba Corporation)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2014-07-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46184 2018-11-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [328696 2018-11-10] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [60408 2018-11-10] (Microsoft Windows -> Microsoft Corporation)
S3 AmUStor; \SystemRoot\system32\drivers\AmUStor.SYS [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-06-25 19:22 - 2020-06-25 19:25 - 000020749 _____ C:\Users\sworton\Desktop\FRST.txt
2020-06-25 19:21 - 2020-06-25 19:24 - 000000000 ____D C:\FRST
2020-06-25 19:19 - 2020-06-25 19:19 - 002290688 _____ (Farbar) C:\Users\sworton\Desktop\FRST64.exe
2020-06-25 17:03 - 2020-06-25 17:03 - 000000000 ____D C:\Users\sworton\AppData\Roaming\CrystalIdea Software
2020-06-25 17:01 - 2020-06-25 17:01 - 001514640 _____ (SpeedyFox) C:\Users\sworton\Desktop\speedyfox.exe
2020-06-18 15:05 - 2020-06-18 15:05 - 000214496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-06-18 14:13 - 2019-03-28 07:35 - 000622832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp140_clr0400.dll
2020-06-18 14:13 - 2019-03-28 07:35 - 000433448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp140_clr0400.dll
2020-06-18 14:13 - 2019-03-28 07:35 - 000087296 _____ (Microsoft Corporation) C:\WINDOWS\system32\vcruntime140_clr0400.dll
2020-06-18 14:13 - 2019-03-28 07:35 - 000083768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vcruntime140_clr0400.dll
2020-06-18 14:12 - 2019-03-28 10:11 - 000029232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll
2020-06-18 14:12 - 2019-03-28 10:11 - 000017968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr100_clr0400.dll
2020-06-18 14:12 - 2019-03-28 10:09 - 000032816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2020-06-18 14:12 - 2019-03-28 10:09 - 000017968 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr100_clr0400.dll
2020-06-18 14:12 - 2019-03-28 07:35 - 000772176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_clr0400.dll
2020-06-18 14:12 - 2019-03-28 07:35 - 000702400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase_clr0400.dll
2020-06-18 13:24 - 2020-06-18 13:24 - 000000000 ___HD C:\$WINDOWS.~BT
2020-06-18 12:06 - 2019-09-04 06:15 - 000323904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2020-06-18 12:04 - 2019-09-04 10:42 - 000167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\NcaSvc.dll
2020-06-18 12:02 - 2020-01-07 10:36 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiarpc.dll
2020-06-18 12:02 - 2020-01-07 10:35 - 000152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiadss.dll
2020-06-18 12:02 - 2020-01-07 09:03 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiadss.dll
2020-06-18 12:02 - 2019-11-08 08:45 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usp10.dll
2020-06-18 12:02 - 2019-11-08 07:03 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usp10.dll
2020-06-18 12:02 - 2019-11-08 03:40 - 000060216 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvhostsvc.dll
2020-06-18 12:02 - 2019-11-08 03:30 - 000785776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2020-06-18 12:02 - 2019-11-08 03:12 - 000159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2020-06-18 12:02 - 2019-10-02 05:14 - 000578048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2020-06-18 12:02 - 2019-09-04 10:44 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2020-06-18 12:01 - 2020-01-07 10:35 - 000317952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV1.dll
2020-06-18 12:01 - 2020-01-07 04:58 - 000383504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-06-18 12:01 - 2019-11-28 11:30 - 000046592 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2020-06-18 12:01 - 2019-11-28 09:52 - 000038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2020-06-18 12:01 - 2019-11-08 03:38 - 001188000 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2020-06-18 12:01 - 2019-11-08 03:38 - 000376120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2020-06-18 12:01 - 2019-10-02 11:11 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\compact.exe
2020-06-18 12:01 - 2019-10-02 10:12 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\compact.exe
2020-06-18 12:01 - 2019-10-02 06:04 - 002774120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2020-06-18 12:01 - 2019-10-02 06:00 - 000036368 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2020-06-18 12:01 - 2019-10-02 05:51 - 000192312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2020-06-18 12:01 - 2019-10-02 05:48 - 000545808 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2020-06-18 12:01 - 2019-10-02 05:47 - 002260928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2020-06-18 12:01 - 2019-10-02 05:14 - 001222656 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2020-06-18 12:01 - 2019-10-02 05:14 - 000267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnservice.dll
2020-06-18 12:01 - 2019-09-13 05:21 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\edpnotify.exe
2020-06-18 12:01 - 2019-09-13 05:13 - 000927232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2020-06-18 12:01 - 2019-09-13 05:11 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2020-06-18 12:01 - 2019-09-04 05:43 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2020-06-18 12:01 - 2019-09-04 05:40 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2020-06-18 12:00 - 2020-01-07 10:34 - 000611840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2020-06-18 12:00 - 2019-11-28 11:31 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2020-06-18 12:00 - 2019-11-28 11:31 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2020-06-18 12:00 - 2019-11-28 05:41 - 000034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevQueryBroker.dll
2020-06-18 12:00 - 2019-11-28 05:36 - 000320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2020-06-18 12:00 - 2019-11-08 03:13 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll
2020-06-18 12:00 - 2019-11-08 03:12 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\udhisapi.dll
2020-06-18 12:00 - 2019-11-08 03:11 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2020-06-18 12:00 - 2019-10-02 05:48 - 000402744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2020-06-18 12:00 - 2019-10-02 05:14 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2020-06-18 12:00 - 2019-10-02 05:11 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2020-06-18 12:00 - 2019-09-13 05:47 - 000275768 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2020-06-18 12:00 - 2019-09-13 05:47 - 000039736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msfs.sys
2020-06-18 12:00 - 2019-09-13 05:13 - 001154048 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2020-06-18 12:00 - 2019-08-13 15:44 - 000163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2020-06-18 12:00 - 2019-08-13 15:43 - 000202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll
2020-06-18 12:00 - 2019-08-13 05:12 - 000244224 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2020-06-18 12:00 - 2019-08-13 05:12 - 000205312 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2020-06-18 12:00 - 2019-08-13 05:11 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-06-18 11:59 - 2020-01-07 04:29 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-06-18 11:59 - 2020-01-07 04:28 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2020-06-18 11:59 - 2020-01-07 04:23 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-06-18 11:59 - 2020-01-07 04:23 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
2020-06-18 11:59 - 2020-01-07 04:22 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2020-06-18 11:59 - 2019-10-02 11:09 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\prntvpt.dll
2020-06-18 11:59 - 2019-10-02 10:11 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prntvpt.dll
2020-06-18 11:59 - 2019-10-02 06:05 - 000092472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2020-06-18 11:59 - 2019-10-02 05:50 - 000536832 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2020-06-18 11:59 - 2019-10-02 05:35 - 000465832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2020-06-18 11:59 - 2019-09-13 11:40 - 000402944 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2020-06-18 11:59 - 2019-09-13 05:21 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2020-06-18 11:59 - 2019-09-04 06:14 - 000594032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2020-06-18 11:59 - 2019-09-04 05:45 - 000294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2020-06-18 11:59 - 2019-09-04 05:45 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ws2ifsl.sys
2020-06-18 11:58 - 2020-01-07 10:34 - 000316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2020-06-18 11:58 - 2020-01-07 09:00 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2020-06-18 11:58 - 2020-01-07 04:58 - 000694184 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2020-06-18 11:58 - 2020-01-07 04:48 - 000538912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2020-06-18 11:58 - 2019-11-28 05:28 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2020-06-18 11:58 - 2019-11-08 08:41 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2020-06-18 11:58 - 2019-11-08 03:39 - 000227848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2020-06-18 11:58 - 2019-11-08 03:38 - 000605712 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2020-06-18 11:58 - 2019-10-02 11:07 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2020-06-18 11:58 - 2019-09-13 05:47 - 000081720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\npfs.sys
2020-06-18 11:58 - 2019-09-13 05:17 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2020-06-18 11:58 - 2019-08-13 03:51 - 000421376 _____ (curl, hxxps://curl.haxx.se/) C:\WINDOWS\system32\curl.exe
2020-06-18 11:57 - 2020-01-07 10:37 - 000187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti_ci.dll
2020-06-18 11:57 - 2020-01-07 04:59 - 000791352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-06-18 11:57 - 2020-01-07 04:58 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-06-18 11:57 - 2019-11-28 09:53 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2020-06-18 11:57 - 2019-11-28 09:53 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2020-06-18 11:57 - 2019-11-08 08:43 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll
2020-06-18 11:57 - 2019-10-02 11:47 - 000878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2020-06-18 11:57 - 2019-10-02 09:41 - 000704000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-06-18 11:57 - 2019-10-02 05:28 - 000085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
2020-06-18 11:57 - 2019-10-02 05:27 - 002126336 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2020-06-18 11:57 - 2019-09-13 05:20 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2020-06-18 11:57 - 2019-09-04 06:14 - 000420984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xbgmengine.dll
2020-06-18 11:56 - 2019-11-28 05:52 - 025857024 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-06-18 11:56 - 2019-10-02 11:09 - 000409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2020-06-18 11:56 - 2019-10-02 06:01 - 000491208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2020-06-18 11:56 - 2019-10-02 06:00 - 000433168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2020-06-18 11:56 - 2019-10-02 05:49 - 000550512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2020-06-18 11:56 - 2019-10-02 05:25 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2020-06-18 11:56 - 2019-10-02 05:18 - 000187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2020-06-18 11:56 - 2019-09-13 05:48 - 000170296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2020-06-18 11:56 - 2019-09-13 05:20 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
2020-06-18 11:56 - 2019-09-13 05:20 - 000166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2020-06-18 11:56 - 2019-09-13 05:17 - 000114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BitLockerCsp.dll
2020-06-18 11:56 - 2019-09-04 06:13 - 000129040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2020-06-18 11:55 - 2020-01-07 05:00 - 000568312 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-06-18 11:55 - 2020-01-07 04:24 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-06-18 11:55 - 2019-11-28 05:40 - 022016000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-06-18 11:55 - 2019-11-08 08:42 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2020-06-18 11:55 - 2019-10-02 11:45 - 002871608 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2020-06-18 11:55 - 2019-10-02 05:23 - 000755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2020-06-18 11:55 - 2019-10-02 05:22 - 000506368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2020-06-18 11:55 - 2019-10-02 05:17 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthA2DP.sys
2020-06-18 11:55 - 2019-09-13 05:17 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2020-06-18 11:55 - 2019-09-13 05:14 - 001809408 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2020-06-18 11:55 - 2019-09-13 05:12 - 001634304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2020-06-18 11:55 - 2019-09-04 05:43 - 000282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2020-06-18 11:55 - 2019-08-13 05:11 - 000302592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2020-06-18 11:54 - 2020-01-07 10:33 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2020-06-18 11:54 - 2020-01-07 04:47 - 000222736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2020-06-18 11:54 - 2020-01-07 03:02 - 000001312 _____ C:\WINDOWS\system32\tcbres.wim
2020-06-18 11:54 - 2019-11-28 11:52 - 000094216 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2020-06-18 11:54 - 2019-11-28 06:09 - 000636848 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2020-06-18 11:54 - 2019-11-08 08:40 - 004055552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-06-18 11:54 - 2019-11-08 08:38 - 000210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2020-06-18 11:54 - 2019-11-08 06:57 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2020-06-18 11:54 - 2019-11-08 06:55 - 004056064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-06-18 11:54 - 2019-11-08 03:13 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApiSetHost.AppExecutionAlias.dll
2020-06-18 11:54 - 2019-11-08 03:12 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ApiSetHost.AppExecutionAlias.dll
2020-06-18 11:54 - 2019-11-08 03:11 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-06-18 11:54 - 2019-11-08 03:10 - 001827328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2020-06-18 11:54 - 2019-11-08 03:10 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
2020-06-18 11:54 - 2019-11-08 03:09 - 000332800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll
2020-06-18 11:54 - 2019-10-02 11:48 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2020-06-18 11:54 - 2019-10-02 09:25 - 000249856 _____ (Gracenote, Inc.) C:\WINDOWS\SysWOW64\gnsdk_fp.dll
2020-06-18 11:54 - 2019-10-02 06:19 - 000374584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2020-06-18 11:54 - 2019-10-02 06:01 - 002468048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2020-06-18 11:54 - 2019-10-02 05:48 - 001990056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2020-06-18 11:54 - 2019-10-02 05:48 - 001023800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2020-06-18 11:54 - 2019-09-13 11:40 - 000351232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Narrator.exe
2020-06-18 11:54 - 2019-09-13 05:16 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2020-06-18 11:54 - 2019-09-13 05:14 - 000257536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2020-06-18 11:54 - 2019-09-04 10:39 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2020-06-18 11:54 - 2019-08-13 05:16 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll
2020-06-18 11:53 - 2020-01-07 10:32 - 001663488 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-06-18 11:53 - 2020-01-07 08:58 - 001472000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-06-18 11:53 - 2019-11-28 06:09 - 000786080 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2020-06-18 11:53 - 2019-11-28 05:48 - 000603792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2020-06-18 11:53 - 2019-11-08 08:46 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-06-18 11:53 - 2019-11-08 08:43 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2020-06-18 11:53 - 2019-11-08 08:40 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2020-06-18 11:53 - 2019-11-08 06:58 - 000548864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
2020-06-18 11:53 - 2019-11-08 03:38 - 000466744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-06-18 11:53 - 2019-11-08 03:12 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tunnel.sys
2020-06-18 11:53 - 2019-10-02 11:46 - 000740864 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2020-06-18 11:53 - 2019-10-02 11:29 - 001517480 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-06-18 11:53 - 2019-10-02 10:24 - 001320640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2020-06-18 11:53 - 2019-10-02 05:40 - 000415544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2020-06-18 11:53 - 2019-10-02 05:21 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_BackgroundApps.dll
2020-06-18 11:53 - 2019-10-02 05:19 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_AppExecutionAlias.dll
2020-06-18 11:53 - 2019-10-02 05:18 - 000203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2020-06-18 11:53 - 2019-09-13 05:18 - 000273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2020-06-18 11:53 - 2019-08-13 03:49 - 000806328 _____ C:\WINDOWS\SysWOW64\locale.nls
2020-06-18 11:53 - 2019-08-13 03:49 - 000806328 _____ C:\WINDOWS\system32\locale.nls
2020-06-18 11:52 - 2020-01-07 05:00 - 001224504 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-06-18 11:52 - 2020-01-07 05:00 - 001027384 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-06-18 11:52 - 2019-10-02 06:01 - 000722744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2020-06-18 11:52 - 2019-10-02 06:01 - 000527160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2020-06-18 11:52 - 2019-10-02 05:48 - 000103736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2020-06-18 11:52 - 2019-10-02 05:19 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2020-06-18 11:52 - 2019-10-02 05:18 - 000361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2020-06-18 11:52 - 2019-10-02 05:13 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2020-06-18 11:52 - 2019-09-13 05:15 - 000504832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2020-06-18 11:52 - 2019-09-13 05:15 - 000403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\DavSyncProvider.dll
2020-06-18 11:52 - 2019-09-13 05:12 - 000372736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2020-06-18 11:52 - 2019-09-13 05:11 - 000346112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DavSyncProvider.dll
2020-06-18 11:52 - 2019-09-04 05:40 - 001232384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2020-06-18 11:52 - 2019-09-04 05:39 - 000976896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2020-06-18 11:51 - 2020-01-07 04:30 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-06-18 11:51 - 2020-01-07 04:23 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2020-06-18 11:51 - 2019-11-28 06:10 - 001098272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2020-06-18 11:51 - 2019-11-28 05:49 - 001130776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2020-06-18 11:51 - 2019-11-08 09:20 - 000747320 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2020-06-18 11:51 - 2019-11-08 09:20 - 000638264 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2020-06-18 11:51 - 2019-11-08 09:20 - 000465208 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2020-06-18 11:51 - 2019-11-08 03:13 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2020-06-18 11:51 - 2019-10-02 11:46 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2020-06-18 11:51 - 2019-10-02 11:45 - 001726264 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2020-06-18 11:51 - 2019-10-02 11:45 - 000811320 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2020-06-18 11:51 - 2019-10-02 11:45 - 000164152 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2020-06-18 11:51 - 2019-10-02 11:34 - 000540984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2020-06-18 11:51 - 2019-10-02 11:07 - 001262592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2020-06-18 11:51 - 2019-10-02 06:01 - 000514576 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2020-06-18 11:51 - 2019-10-02 06:01 - 000513336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2020-06-18 11:51 - 2019-10-02 05:28 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2020-06-18 11:51 - 2019-10-02 05:28 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2020-06-18 11:51 - 2019-10-02 05:26 - 000908800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL
2020-06-18 11:51 - 2019-10-02 05:26 - 000468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2020-06-18 11:51 - 2019-10-02 05:24 - 000857088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL
2020-06-18 11:51 - 2019-10-02 05:24 - 000582144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2020-06-18 11:51 - 2019-10-02 05:24 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2020-06-18 11:51 - 2019-10-02 05:17 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2020-06-18 11:51 - 2019-09-13 11:56 - 000341392 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll
2020-06-18 11:51 - 2019-09-13 11:44 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2020-06-18 11:51 - 2019-09-13 11:44 - 000124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2020-06-18 11:51 - 2019-09-13 05:21 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2020-06-18 11:51 - 2019-09-13 05:13 - 001371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2020-06-18 11:51 - 2019-09-10 08:17 - 023862272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-06-18 11:51 - 2019-09-04 05:39 - 000961536 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2020-06-18 11:51 - 2019-09-04 05:39 - 000884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2020-06-18 11:51 - 2019-09-04 05:39 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2020-06-18 11:51 - 2019-09-04 05:38 - 000884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2020-06-18 11:51 - 2019-09-04 05:38 - 000705024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2020-06-18 11:51 - 2019-08-13 15:42 - 000331776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2020-06-18 11:51 - 2019-08-13 15:40 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2020-06-18 11:50 - 2020-01-07 10:34 - 000664064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
2020-06-18 11:50 - 2020-01-07 09:01 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll
2020-06-18 11:50 - 2020-01-07 04:28 - 000395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-06-18 11:50 - 2020-01-07 04:27 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-06-18 11:50 - 2019-11-28 11:47 - 000490336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2020-06-18 11:50 - 2019-11-08 03:39 - 000249088 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-06-18 11:50 - 2019-11-08 03:13 - 000069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhvr.sys
2020-06-18 11:50 - 2019-10-02 11:50 - 002019840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2020-06-18 11:50 - 2019-10-02 11:45 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll
2020-06-18 11:50 - 2019-10-02 05:50 - 000148288 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2020-06-18 11:50 - 2019-10-02 05:49 - 000088016 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhostw.exe
2020-06-18 11:50 - 2019-10-02 05:34 - 000129360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2020-06-18 11:50 - 2019-10-02 05:17 - 000302080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2020-06-18 11:50 - 2019-10-02 05:16 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwm.exe
2020-06-18 11:50 - 2019-10-02 05:15 - 001023488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2020-06-18 11:50 - 2019-09-13 05:21 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2020-06-18 11:50 - 2019-09-04 06:14 - 000361752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2020-06-18 11:50 - 2019-08-13 10:49 - 001060864 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2020-06-18 11:49 - 2020-01-07 04:59 - 001798664 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-06-18 11:49 - 2020-01-07 04:29 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2020-06-18 11:49 - 2020-01-07 04:28 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2020-06-18 11:49 - 2020-01-07 04:28 - 000121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2020-06-18 11:49 - 2019-11-28 11:47 - 000790928 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2020-06-18 11:49 - 2019-11-28 11:47 - 000396304 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2020-06-18 11:49 - 2019-11-28 11:26 - 000842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2020-06-18 11:49 - 2019-11-28 10:07 - 000662840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2020-06-18 11:49 - 2019-11-28 10:06 - 000322360 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2020-06-18 11:49 - 2019-11-28 06:09 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2020-06-18 11:49 - 2019-11-28 05:48 - 000581808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2020-06-18 11:49 - 2019-11-08 03:39 - 000727584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2020-06-18 11:49 - 2019-11-08 03:39 - 000435728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2020-06-18 11:49 - 2019-11-08 03:31 - 000379432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2020-06-18 11:49 - 2019-11-08 03:12 - 000202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2020-06-18 11:49 - 2019-11-08 03:10 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2020-06-18 11:49 - 2019-11-08 03:09 - 000659456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2020-06-18 11:49 - 2019-10-02 06:02 - 000210448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2020-06-18 11:49 - 2019-10-02 06:02 - 000194352 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2020-06-18 11:49 - 2019-10-02 06:00 - 000039032 _____ (Microsoft Corporation) C:\WINDOWS\system32\NtlmShared.dll
2020-06-18 11:49 - 2019-10-02 05:50 - 000095224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2020-06-18 11:49 - 2019-10-02 05:48 - 000430304 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2020-06-18 11:49 - 2019-10-02 05:48 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NtlmShared.dll
2020-06-18 11:49 - 2019-10-02 05:34 - 000081040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2020-06-18 11:49 - 2019-10-02 05:32 - 000412696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
2020-06-18 11:49 - 2019-10-02 05:28 - 002929152 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2020-06-18 11:49 - 2019-10-02 05:25 - 001862656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
2020-06-18 11:49 - 2019-10-02 05:16 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2020-06-18 11:49 - 2019-10-02 05:14 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2020-06-18 11:49 - 2019-09-13 05:49 - 000274792 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2020-06-18 11:49 - 2019-09-13 05:48 - 000710240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2020-06-18 11:49 - 2019-09-13 05:13 - 000910848 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-06-18 11:49 - 2019-09-13 05:11 - 000782336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2020-06-18 11:49 - 2019-09-04 06:13 - 000735680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-06-18 11:49 - 2019-09-04 06:02 - 000560600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2020-06-18 11:49 - 2019-09-04 05:41 - 001347584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2020-06-18 11:49 - 2019-09-04 05:40 - 002364928 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2020-06-18 11:49 - 2019-09-04 05:38 - 000885760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2020-06-18 11:49 - 2019-08-13 05:13 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2020-06-18 11:49 - 2019-08-13 05:13 - 000137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Storage.dll
2020-06-18 11:48 - 2019-11-28 05:41 - 000487936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-06-18 11:48 - 2019-11-28 05:40 - 000369152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2020-06-18 11:48 - 2019-11-28 05:39 - 000929280 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-06-18 11:48 - 2019-11-28 05:36 - 000629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2020-06-18 11:48 - 2019-11-28 05:35 - 001418752 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2020-06-18 11:48 - 2019-10-02 12:14 - 000349216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2020-06-18 11:48 - 2019-10-02 12:08 - 001047568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2020-06-18 11:48 - 2019-10-02 11:27 - 000117240 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2020-06-18 11:48 - 2019-10-02 11:06 - 000599040 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2020-06-18 11:48 - 2019-10-02 10:23 - 000106560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2020-06-18 11:48 - 2019-10-02 10:07 - 000486400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2020-06-18 11:48 - 2019-10-02 09:53 - 000917816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2020-06-18 11:48 - 2019-10-02 05:49 - 000722744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2020-06-18 11:48 - 2019-10-02 05:47 - 000607248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2020-06-18 11:48 - 2019-10-02 05:18 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShellExtFramework.dll
2020-06-18 11:48 - 2019-10-02 05:09 - 000537600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2020-06-18 11:48 - 2019-09-13 12:03 - 000586680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2020-06-18 11:48 - 2019-09-13 11:41 - 001644032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2020-06-18 11:48 - 2019-09-13 11:41 - 001127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2020-06-18 11:48 - 2019-09-13 11:40 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2020-06-18 11:48 - 2019-09-13 10:18 - 000470512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2020-06-18 11:48 - 2019-09-13 10:01 - 001300480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2020-06-18 11:48 - 2019-09-13 10:01 - 000622592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2020-06-18 11:48 - 2019-09-13 05:19 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2020-06-18 11:48 - 2019-09-13 05:18 - 000567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2020-06-18 11:48 - 2019-09-13 05:17 - 000761344 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2020-06-18 11:48 - 2019-09-13 05:16 - 000910336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2020-06-18 11:48 - 2019-09-13 05:15 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2020-06-18 11:48 - 2019-09-13 05:14 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2020-06-18 11:48 - 2019-09-13 05:14 - 000602112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2020-06-18 11:48 - 2019-09-13 05:14 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2020-06-18 11:48 - 2019-09-13 05:12 - 000627712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2020-06-18 11:48 - 2019-08-13 19:06 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ComputerDefaults.exe
2020-06-18 11:48 - 2019-08-13 16:04 - 001585304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2020-06-18 11:48 - 2019-08-13 10:49 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ComputerDefaults.exe
2020-06-18 11:48 - 2019-08-13 05:44 - 001793472 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2020-06-18 11:47 - 2020-01-07 10:54 - 001639864 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-06-18 11:47 - 2020-01-07 09:15 - 001628496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-06-18 11:47 - 2020-01-07 05:00 - 000076328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2020-06-18 11:47 - 2020-01-07 04:59 - 001964176 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2020-06-18 11:47 - 2020-01-07 04:48 - 001659944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2020-06-18 11:47 - 2020-01-07 04:25 - 000874496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2020-06-18 11:47 - 2020-01-07 04:24 - 000796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-06-18 11:47 - 2020-01-07 04:24 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-06-18 11:47 - 2019-11-28 06:11 - 000498072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2020-06-18 11:47 - 2019-11-28 05:51 - 000424208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2020-06-18 11:47 - 2019-11-28 05:39 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2020-06-18 11:47 - 2019-11-28 05:38 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2020-06-18 11:47 - 2019-11-28 05:28 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2020-06-18 11:47 - 2019-10-02 11:05 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll
2020-06-18 11:47 - 2019-10-02 10:08 - 000472576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll
2020-06-18 11:47 - 2019-10-02 05:49 - 000769288 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2020-06-18 11:47 - 2019-10-02 05:34 - 000526512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2020-06-18 11:47 - 2019-10-02 05:23 - 004938240 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-06-18 11:47 - 2019-10-02 05:23 - 004517376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2020-06-18 11:47 - 2019-10-02 05:19 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2020-06-18 11:47 - 2019-10-02 05:18 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2020-06-18 11:47 - 2019-10-02 05:14 - 000523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2020-06-18 11:47 - 2019-10-02 05:14 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2020-06-18 11:47 - 2019-10-02 05:14 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2020-06-18 11:47 - 2019-10-02 05:13 - 000889344 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2020-06-18 11:47 - 2019-10-02 05:09 - 000445952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2020-06-18 11:47 - 2019-09-13 11:40 - 001725952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-06-18 11:47 - 2019-09-13 10:00 - 001530880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2020-06-18 11:47 - 2019-09-13 05:11 - 000979456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2020-06-18 11:47 - 2019-09-04 06:24 - 000705336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2020-06-18 11:47 - 2019-09-04 06:14 - 001209696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2020-06-18 11:47 - 2019-09-04 06:13 - 000335672 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2020-06-18 11:47 - 2019-09-04 06:03 - 001011872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2020-06-18 11:47 - 2019-09-04 05:42 - 001765888 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-06-18 11:47 - 2019-09-04 05:41 - 000686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2020-06-18 11:46 - 2020-01-07 04:27 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2020-06-18 11:46 - 2019-11-28 11:46 - 001632112 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-06-18 11:46 - 2019-11-28 10:09 - 001453624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-06-18 11:46 - 2019-11-28 06:09 - 001459120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-06-18 11:46 - 2019-11-28 06:09 - 001260784 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2020-06-18 11:46 - 2019-11-28 06:09 - 001141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-06-18 11:46 - 2019-11-28 06:09 - 000983936 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2020-06-18 11:46 - 2019-11-08 03:39 - 000500752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2020-06-18 11:46 - 2019-11-08 03:11 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2020-06-18 11:46 - 2019-11-08 03:09 - 001920512 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2020-06-18 11:46 - 2019-11-08 03:08 - 003203072 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2020-06-18 11:46 - 2019-11-08 03:08 - 002603008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2020-06-18 11:46 - 2019-11-01 03:10 - 001312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-06-18 11:46 - 2019-10-02 11:09 - 000347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2020-06-18 11:46 - 2019-10-02 10:06 - 002406912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2020-06-18 11:46 - 2019-10-02 06:00 - 002371504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-06-18 11:46 - 2019-10-02 05:59 - 000260800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2020-06-18 11:46 - 2019-10-02 05:48 - 002331480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2020-06-18 11:46 - 2019-10-02 05:47 - 000129088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2020-06-18 11:46 - 2019-10-02 05:15 - 000517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2020-06-18 11:46 - 2019-09-13 05:58 - 007900880 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2020-06-18 11:46 - 2019-09-13 05:56 - 005821448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2020-06-18 11:46 - 2019-09-13 05:15 - 002913792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2020-06-18 11:46 - 2019-09-10 02:20 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2020-06-18 11:46 - 2019-09-10 02:20 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2020-06-18 11:46 - 2019-09-04 05:41 - 000379904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2020-06-18 11:46 - 2019-08-13 05:46 - 000611640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2020-06-18 11:46 - 2019-08-13 05:12 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2020-06-18 11:46 - 2019-08-13 02:24 - 000313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2020-06-18 11:46 - 2019-08-13 01:57 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2020-06-18 11:45 - 2020-01-07 10:33 - 003614208 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-06-18 11:45 - 2020-01-07 08:59 - 002882048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-06-18 11:45 - 2020-01-07 04:59 - 002810896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-06-18 11:45 - 2020-01-07 04:58 - 009080848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-06-18 11:45 - 2020-01-07 04:24 - 002163712 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-06-18 11:45 - 2020-01-07 04:24 - 000673792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-06-18 11:45 - 2020-01-07 04:23 - 000783360 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-06-18 11:45 - 2019-11-28 05:35 - 000545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-06-18 11:45 - 2019-11-28 05:25 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-06-18 11:45 - 2019-11-08 03:38 - 002711352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-06-18 11:45 - 2019-10-02 06:01 - 001288928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-06-18 11:45 - 2019-10-02 05:59 - 001784696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2020-06-18 11:45 - 2019-10-02 05:59 - 000930616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2020-06-18 11:45 - 2019-10-02 05:48 - 002421776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2020-06-18 11:45 - 2019-10-02 05:48 - 001922056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2020-06-18 11:45 - 2019-10-02 05:47 - 001380312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2020-06-18 11:45 - 2019-10-02 05:47 - 001020280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-06-18 11:45 - 2019-10-02 05:47 - 000829752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2020-06-18 11:45 - 2019-10-02 05:22 - 001110016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2020-06-18 11:45 - 2019-10-02 05:11 - 000848384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2020-06-18 11:45 - 2019-09-13 05:47 - 001947168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2020-06-18 11:45 - 2019-09-13 05:35 - 001559272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2020-06-18 11:45 - 2019-09-04 06:04 - 000286616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2020-06-18 11:44 - 2020-01-07 11:02 - 000403584 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2020-06-18 11:44 - 2020-01-07 09:15 - 000358128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2020-06-18 11:44 - 2020-01-07 05:03 - 001035040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-06-18 11:44 - 2020-01-07 04:30 - 003403264 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-06-18 11:44 - 2020-01-07 04:27 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-06-18 11:44 - 2020-01-07 04:26 - 000924160 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2020-06-18 11:44 - 2020-01-07 04:25 - 002179072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-06-18 11:44 - 2020-01-07 04:25 - 000858112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-06-18 11:44 - 2020-01-07 04:24 - 001563648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-06-18 11:44 - 2020-01-07 04:24 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-06-18 11:44 - 2020-01-07 04:23 - 001058816 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-06-18 11:44 - 2020-01-07 04:23 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-06-18 11:44 - 2019-11-28 06:10 - 002571336 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-06-18 11:44 - 2019-11-28 05:49 - 001979960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-06-18 11:44 - 2019-11-08 08:38 - 001289216 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2020-06-18 11:44 - 2019-11-08 08:38 - 000488960 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2020-06-18 11:44 - 2019-11-08 06:56 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2020-06-18 11:44 - 2019-11-08 03:39 - 000776792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-06-18 11:44 - 2019-11-08 03:39 - 000494904 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2020-06-18 11:44 - 2019-11-08 03:39 - 000440768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2020-06-18 11:44 - 2019-11-08 03:39 - 000209936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-06-18 11:44 - 2019-11-08 03:39 - 000159864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2020-06-18 11:44 - 2019-11-08 03:32 - 000435216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2020-06-18 11:44 - 2019-11-08 03:32 - 000385272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2020-06-18 11:44 - 2019-11-08 03:32 - 000191800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-06-18 11:44 - 2019-11-08 03:32 - 000146920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2020-06-18 11:44 - 2019-11-08 03:31 - 000665432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-06-18 11:44 - 2019-11-08 03:10 - 003091968 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-06-18 11:44 - 2019-10-02 11:50 - 004491264 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2020-06-18 11:44 - 2019-10-02 11:50 - 000810496 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2020-06-18 11:44 - 2019-10-02 11:48 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2020-06-18 11:44 - 2019-10-02 11:45 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2020-06-18 11:44 - 2019-10-02 11:06 - 000672768 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2020-06-18 11:44 - 2019-10-02 10:07 - 000645632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2020-06-18 11:44 - 2019-10-02 09:42 - 003397120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2020-06-18 11:44 - 2019-10-02 05:20 - 001647616 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-06-18 11:44 - 2019-09-13 11:57 - 001375456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2020-06-18 11:44 - 2019-09-13 11:40 - 000806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2020-06-18 11:44 - 2019-09-13 11:40 - 000326656 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2020-06-18 11:44 - 2019-09-13 11:39 - 000305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2020-06-18 11:44 - 2019-09-13 10:17 - 001026280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2020-06-18 11:44 - 2019-09-13 05:48 - 003290584 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-06-18 11:44 - 2019-09-13 05:36 - 002478152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-06-18 11:44 - 2019-09-13 05:15 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2020-06-18 11:44 - 2019-09-13 05:15 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2020-06-18 11:44 - 2019-09-13 05:13 - 000845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2020-06-18 11:44 - 2019-09-13 05:12 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2020-06-18 11:44 - 2019-09-13 05:11 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2020-06-18 11:44 - 2019-08-13 19:21 - 000221016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2020-06-18 11:43 - 2020-01-07 04:49 - 001462192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2020-06-18 11:43 - 2019-10-02 11:28 - 021411976 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-06-18 11:43 - 2019-10-02 05:16 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ComposableShellProxyStub.dll
2020-06-18 11:43 - 2019-10-02 05:10 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ComposableShellProxyStub.dll
2020-06-18 11:43 - 2019-09-13 05:17 - 003148288 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2020-06-18 11:43 - 2019-09-13 05:13 - 002893312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2020-06-18 11:43 - 2019-08-13 19:06 - 000668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2020-06-18 11:43 - 2019-08-13 15:43 - 000624128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2020-06-18 11:43 - 2019-08-13 10:46 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2020-06-18 11:43 - 2019-08-13 05:11 - 000737280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2020-06-18 11:42 - 2020-01-07 10:54 - 001616608 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-06-18 11:42 - 2020-01-07 10:37 - 008628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-06-18 11:42 - 2020-01-07 09:00 - 007991808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-06-18 11:42 - 2020-01-07 04:59 - 007520104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-06-18 11:42 - 2020-01-07 04:48 - 006566448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-06-18 11:42 - 2019-11-28 11:27 - 001609216 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2020-06-18 11:42 - 2019-11-28 05:38 - 007573504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-06-18 11:42 - 2019-11-28 05:28 - 005769728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-06-18 11:42 - 2019-11-08 03:17 - 022736384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-06-18 11:42 - 2019-10-02 12:10 - 004527072 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-06-18 11:42 - 2019-10-02 05:25 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2020-06-18 11:42 - 2019-10-02 05:23 - 001724928 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2020-06-18 11:42 - 2019-09-13 11:39 - 002085888 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2020-06-18 11:42 - 2019-09-13 09:59 - 002017280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2020-06-18 11:42 - 2019-09-13 05:48 - 001363536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-06-18 11:42 - 2019-09-04 05:44 - 003687424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-06-18 11:42 - 2019-09-04 05:43 - 004849664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-06-18 11:42 - 2019-09-04 05:42 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2020-06-18 11:42 - 2019-09-04 05:40 - 000978944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2020-06-18 11:42 - 2019-09-04 05:40 - 000851968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2020-06-18 11:42 - 2019-09-04 05:39 - 001264640 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2020-06-18 11:41 - 2020-01-07 04:30 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-06-18 11:41 - 2020-01-07 04:27 - 003392000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-06-18 11:41 - 2020-01-07 04:26 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-06-18 11:41 - 2020-01-07 04:24 - 002738688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-06-18 11:41 - 2019-11-28 06:10 - 002161072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2020-06-18 11:41 - 2019-11-28 05:49 - 001651040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2020-06-18 11:41 - 2019-10-02 06:02 - 004404720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-06-18 11:41 - 2019-10-02 05:50 - 006979128 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2020-06-18 11:41 - 2019-10-02 05:47 - 004789944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2020-06-18 11:41 - 2019-10-02 05:33 - 003330880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2020-06-18 11:41 - 2019-10-02 05:16 - 001676800 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShell.dll
2020-06-18 11:41 - 2019-09-04 05:48 - 007057408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2020-06-18 11:41 - 2019-09-04 05:45 - 005883904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2020-06-18 11:41 - 2019-09-04 05:43 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2020-06-18 11:41 - 2019-09-04 05:42 - 006032384 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2020-06-18 11:41 - 2019-08-13 15:45 - 002969600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2020-06-18 11:41 - 2019-08-13 05:17 - 004708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2020-06-18 11:40 - 2020-01-07 08:24 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2020-06-18 11:40 - 2020-01-07 06:27 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2020-06-18 11:40 - 2019-11-28 05:43 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2020-06-18 11:40 - 2019-11-28 05:34 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2020-06-18 11:40 - 2019-11-08 03:31 - 006053808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-06-18 11:40 - 2019-10-02 12:08 - 002394960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2020-06-18 11:40 - 2019-10-02 11:13 - 013572096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2020-06-18 11:40 - 2019-10-02 10:11 - 012500992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2020-06-18 11:40 - 2019-10-02 09:52 - 002206424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2020-06-18 11:40 - 2019-09-10 08:16 - 019525632 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-06-18 11:40 - 2019-09-04 06:14 - 001934808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2020-06-18 11:40 - 2019-09-04 06:02 - 001805872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2020-06-18 11:40 - 2019-09-04 05:46 - 009084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2020-06-18 11:40 - 2019-09-04 05:44 - 006647296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2020-06-18 11:40 - 2019-09-04 05:43 - 002825728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2020-06-18 11:40 - 2019-09-04 05:43 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2020-06-18 11:40 - 2019-09-04 05:42 - 003381248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2020-06-18 11:40 - 2019-09-04 05:41 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2020-06-18 11:40 - 2019-09-04 05:41 - 001986560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2020-06-18 11:40 - 2019-09-04 05:39 - 001225216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2020-06-18 11:39 - 2019-11-28 05:28 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2020-06-18 11:39 - 2019-11-08 08:43 - 012835328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-06-18 11:39 - 2019-11-08 07:00 - 012036096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-06-18 11:39 - 2019-11-08 03:40 - 005627280 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2020-06-18 11:39 - 2019-11-08 03:38 - 007447904 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-06-18 11:39 - 2019-11-08 03:15 - 019386368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-06-18 11:39 - 2019-10-02 11:53 - 004852736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2020-06-18 11:39 - 2019-10-02 11:47 - 000957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2020-06-18 11:39 - 2019-10-02 11:34 - 004098912 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2020-06-18 11:39 - 2019-10-02 11:13 - 006594048 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-06-18 11:39 - 2019-10-02 11:12 - 004718080 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-06-18 11:39 - 2019-10-02 10:22 - 003751824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2020-06-18 11:39 - 2019-10-02 10:16 - 005662720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-06-18 11:39 - 2019-10-02 09:41 - 000901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2020-06-18 11:39 - 2019-10-02 06:21 - 002417744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2020-06-18 11:39 - 2019-10-02 06:20 - 003180080 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2020-06-18 11:39 - 2019-10-02 05:58 - 000795360 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2020-06-18 11:39 - 2019-10-02 05:49 - 001662480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2020-06-18 11:39 - 2019-10-02 05:33 - 001254712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2020-06-18 11:39 - 2019-10-02 05:27 - 003554304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2020-06-18 11:39 - 2019-10-02 05:26 - 016598528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2020-06-18 11:39 - 2019-10-02 05:21 - 013878784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2020-06-18 11:39 - 2019-09-13 05:58 - 001613096 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2020-06-18 11:39 - 2019-09-13 05:56 - 001299472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2020-06-18 11:39 - 2019-08-13 19:21 - 000665400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2020-06-18 11:39 - 2019-08-13 11:09 - 000771384 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2020-06-18 11:39 - 2019-08-13 11:09 - 000571688 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2020-06-18 11:39 - 2019-08-13 10:51 - 000905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe
2020-06-18 11:39 - 2019-08-13 10:50 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll
2020-06-18 11:38 - 2019-11-08 03:14 - 004383232 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2020-06-18 11:38 - 2019-10-02 10:22 - 020402960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-06-18 11:38 - 2019-10-02 05:28 - 004771840 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2020-06-18 11:38 - 2019-10-02 05:16 - 002379264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2020-06-18 11:33 - 2020-06-18 11:33 - 000000000 ____D C:\Users\sworton\AppData\Local\mbam
2020-06-18 11:32 - 2020-06-18 11:32 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-06-18 11:32 - 2020-06-18 11:32 - 000002044 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-06-18 11:32 - 2020-06-18 11:32 - 000002032 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-06-18 11:32 - 2020-06-18 11:30 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-06-18 11:32 - 2020-06-18 11:30 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-06-18 11:28 - 2020-06-18 11:28 - 001988280 _____ (Malwarebytes) C:\Users\sworton\Downloads\MBSetup.exe
2020-06-18 11:28 - 2020-06-18 11:28 - 001988280 _____ (Malwarebytes) C:\Users\sworton\Downloads\MBSetup (1).exe
2020-06-18 11:28 - 2020-06-18 11:28 - 000000000 ____D C:\Program Files\Malwarebytes
2020-06-18 11:28 - 2020-06-18 11:28 - 000000000 ____D C:\Malwarebytes
2020-06-18 11:04 - 2020-06-18 11:04 - 000000000 ____D C:\681bb84162c83d4f03
2020-06-18 10:35 - 2020-06-18 10:36 - 011070192 _____ (McAfee, LLC) C:\Users\sworton\Downloads\MCPR.exe
2020-06-18 09:37 - 2020-06-18 09:37 - 000000000 ____D C:\Users\sworton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Ads Editor
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-06-25 19:16 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-06-25 19:15 - 2019-03-20 06:32 - 000838560 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-06-25 19:15 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2020-06-25 19:14 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF
2020-06-25 19:09 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-06-25 19:07 - 2019-03-20 06:46 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-06-25 19:07 - 2019-03-20 06:10 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-06-25 16:51 - 2019-03-20 06:46 - 000004154 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{99A5A314-FBF3-44F6-814D-483465A3D26C}
2020-06-25 16:33 - 2019-03-20 06:46 - 000003366 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-809454615-2631668767-2191910371-1001
2020-06-25 16:32 - 2019-03-20 06:18 - 000002418 _____ C:\Users\sworton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-06-25 16:32 - 2015-01-21 00:06 - 000000000 __RDO C:\Users\sworton\OneDrive
2020-06-18 16:08 - 2019-03-19 23:32 - 000000000 ___DC C:\WINDOWS\Panther
2020-06-18 15:04 - 2018-04-11 22:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-06-18 15:04 - 2017-08-13 02:35 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2020-06-18 14:27 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-06-18 13:30 - 2014-09-17 13:28 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-06-18 13:26 - 2014-09-17 13:28 - 120636720 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-06-18 13:25 - 2017-04-12 20:51 - 000000000 ____D C:\Program Files\UNP
2020-06-18 12:58 - 2018-02-01 09:12 - 000000000 ___RD C:\Users\sworton\3D Objects
2020-06-18 12:58 - 2014-09-15 17:03 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-06-18 12:54 - 2019-03-20 06:10 - 000405312 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-06-18 12:50 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\TextInput
2020-06-18 12:50 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2020-06-18 12:50 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-06-18 12:49 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\system32\UNP
2020-06-18 12:49 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2020-06-18 12:49 - 2018-04-12 00:38 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-06-18 12:49 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2020-06-18 12:49 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-06-18 12:49 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\appraiser
2020-06-18 12:49 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-06-18 12:49 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\ShellComponents
2020-06-18 12:49 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2020-06-18 12:49 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-06-18 12:49 - 2018-04-11 22:04 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-06-18 12:47 - 2018-04-12 00:38 - 000017800 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2020-06-18 11:32 - 2018-04-12 00:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-06-18 11:30 - 2014-09-15 16:21 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-06-18 11:28 - 2018-02-01 01:35 - 000000000 ____D C:\Users\sworton\AppData\Local\Packages
2020-06-18 11:23 - 2014-01-25 16:20 - 000000000 ____D C:\Program Files (x86)\TOSHIBA Games
2020-06-18 11:22 - 2014-01-25 15:53 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2020-06-18 11:22 - 2014-01-25 15:53 - 000000000 ____D C:\ProgramData\WildTangent
2020-06-18 11:19 - 2015-09-26 19:00 - 000000000 ____D C:\Users\sworton\AppData\Roaming\Spotify
2020-06-18 11:13 - 2017-04-02 13:48 - 000000000 ____D C:\Users\sworton\AppData\Roaming\Google
2020-06-18 11:11 - 2014-09-15 22:18 - 000000000 ____D C:\Users\sworton\AppData\Roaming\Apple Computer
2020-06-18 11:06 - 2014-09-15 18:34 - 000002162 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-06-18 10:25 - 2019-03-20 06:18 - 000000000 ____D C:\Users\sworton
2020-06-18 10:25 - 2015-10-18 11:10 - 000000000 ____D C:\Users\sworton\AppData\Local\Apple Inc
2020-06-18 10:05 - 2018-07-24 19:29 - 000000000 ____D C:\Program Files (x86)\Kingo ROOT
2020-06-18 10:01 - 2014-10-13 20:39 - 000000000 ____D C:\Users\sworton\AppData\Roaming\uTorrent
2020-06-18 10:00 - 2018-05-21 08:04 - 000000000 ____D C:\ProgramData\Citrix
2020-06-18 09:54 - 2018-05-21 08:03 - 000000000 ____D C:\Users\sworton\AppData\Local\Citrix
2020-06-18 09:34 - 2019-03-19 22:14 - 000000000 ____D C:\Program Files\CUAssistant
2020-06-18 09:29 - 2019-03-20 06:46 - 000003420 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-06-18 09:29 - 2019-03-20 06:46 - 000003296 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-06-18 09:25 - 2014-09-15 18:33 - 000000000 ____D C:\Program Files (x86)\Google
2020-06-18 09:22 - 2019-03-20 06:46 - 000003684 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-809454615-2631668767-2191910371-1001UA
2020-06-18 09:22 - 2019-03-20 06:46 - 000003416 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-809454615-2631668767-2191910371-1001Core
2020-06-18 09:20 - 2019-05-06 17:37 - 000000000 ____D C:\Users\sworton\AppData\Local\D3DSCache
==================== Files in the root of some directories ========
2016-02-14 20:15 - 2016-02-14 20:15 - 000000055 _____ () C:\Users\sworton\AppData\Roaming\MouseServer.ini
2018-09-01 00:26 - 2019-08-14 08:56 - 000000155 _____ () C:\Users\sworton\AppData\Roaming\WB.CFG
2015-04-26 23:26 - 2015-04-26 23:26 - 000000000 _____ () C:\Users\sworton\AppData\Local\{90113BD3-9F97-42E0-8275-9EC20952D062}
2015-06-21 13:26 - 2015-06-21 13:26 - 000000000 _____ () C:\Users\sworton\AppData\Local\{C50C774F-C764-4878-951E-460E9A29970A}
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-06-2020
Ran by sworton (25-06-2020 19:27:41)
Running from C:\Users\sworton\Desktop
Windows 10 Home Version 1803 17134.1246 (X64) (2019-03-20 05:48:52)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-809454615-2631668767-2191910371-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-809454615-2631668767-2191910371-503 - Limited - Disabled)
Guest (S-1-5-21-809454615-2631668767-2191910371-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-809454615-2631668767-2191910371-1003 - Limited - Enabled)
sworton (S-1-5-21-809454615-2631668767-2191910371-1001 - Administrator - Enabled) => C:\Users\sworton
WDAGUtilityAccount (S-1-5-21-809454615-2631668767-2191910371-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.100.303.509 - Alps Electric)
AMD Catalyst Install Manager (HKLM\...\{5D42947B-E961-C0B5-5A70-EA0F753331EB}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 3.4.4.2 - AppEx Networks)
Apple Application Support (32-bit) (HKLM-x32\...\{2FE00055-C4F3-4F7A-AEDD-E198D54CF12F}) (Version: 3.1.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{28791292-D18D-42FA-AE66-3D3D20AA8618}) (Version: 3.1.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5ED7462B-EF58-4757-B609-53755021EC34}) (Version: 8.1.0.18 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Atheros)
Chromium (HKLM-x32\...\{5B2FB3EF-0BAF-626F-BA2F-12EF6AAFC16F}) (Version: - )
DTS Sound (HKLM-x32\...\{2DFA9084-CEB3-4A48-B9F7-9038FEF1B8F4}) (Version: 1.01.2700 - DTS, Inc.)
Evernote (HKLM-x32\...\Evernote) (Version: 1.0.0 - Evernote Launcher by Toshiba Europe GmbH)
Google Ads Editor (HKLM-x32\...\{1DED8B00-79E5-11EA-9C71-DC4A3E998CF6}) (Version: 13.3.1.0 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 83.0.4103.116 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
iCloud (HKLM\...\{709A2D23-C25E-47B5-9268-CB6FEE648504}) (Version: 4.1.1.53 - Apple Inc.)
IDT Audio Driver (HKLM\...\{588A747E-CFF6-46B3-9207-CD754F9473AF}) (Version: 6.10.6491.0 - IDT)
iTunes (HKLM\...\{7B8D4E8A-EA2B-4A71-BFEB-A4AAAB87C5D0}) (Version: 12.1.0.71 - Apple Inc.)
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-809454615-2631668767-2191910371-1001\...\OneDriveSetup.exe) (Version: 20.084.0426.0007 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d07b0db5-8dad-40e1-be90-88026298a46b}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{2749c485-3a8b-4533-92ff-7cf6e8221cff}) (Version: 11.0.61030.0 - Microsoft Corporation)
MouseServer version 1.7.1 (HKLM-x32\...\{E13018F5-FFC7-4729-9C1B-1A85807D03E6}_is1) (Version: 1.7.1 - Necta Co.)
OEM Application Profile (HKLM-x32\...\{70D5F822-F4C4-33D9-7EEC-2A4AF4EA7BDC}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.306 - Qualcomm Atheros)
Qualcomm Atheros Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
Rapport (HKLM-x32\...\{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}) (Version: 3.5.1609.76 - Trusteer) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.24.0 - SAMSUNG Electronics Co., Ltd.)
TOSHIBA Addendum (HKLM-x32\...\{C1569944-FAD6-4B3B-85E5-C213C2FF8EFC}) (Version: 1.00 - TOSHIBA)
TOSHIBA Desktop Assist (HKLM\...\{95CCACF0-010D-45F0-82BF-858643D8BC02}) (Version: 1.02.01.6407 - Toshiba Corporation)
TOSHIBA Display Utility (HKLM\...\{5F6AC07E-50EF-422E-B56E-6521E5B35139}) (Version: 1.1.12.0 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.2.0.6404 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.1.0001.6403 - Toshiba Corporation)
TOSHIBA Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.10 - TOSHIBA)
TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{78931270-BC9E-441A-A52B-73ECD4ACFAB5}) (Version: 3.00.346 - Toshiba Corporation)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.9.09.6400 - Toshiba Corporation)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.1.02.55065006 - Toshiba Corporation)
TOSHIBA Service Station (HKLM\...\{FBFCEEA5-96EA-4C8E-9262-43CBBEBAE413}) (Version: 2.6.8 - Toshiba Corporation)
TOSHIBA Start Screen Option (HKLM\...\{06B71035-F19F-4F76-9875-FFCCD4FC3F83}) (Version: 1.00.00.6403 - Toshiba Corporation)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0030 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.1.2.32001 - Toshiba Corporation)
Toshiba TEMPRO (HKLM-x32\...\{F76F5214-83A8-4030-80C9-1EF57391D72A}) (Version: 4.5.0 - Toshiba Europe GmbH)
TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.3.27.102 - Toshiba Corporation)
Trusteer Endpoint Protection (HKLM-x32\...\Rapport_msi) (Version: 3.5.1609.76 - Trusteer)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{3BAE4496-6F6C-4330-A8AA-B93D3D346FA5}) (Version: 2.53.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22532 - Microsoft Corporation)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
Packages:
=========
Amazon -> C:\Program Files\WindowsApps\Amazon.com.Amazon_2018.519.2811.0_x64__343d40qqvtj1t [2018-06-28] (Amazon.com)
Doodle God™ Free for Toshiba -> C:\Program Files\WindowsApps\7E440FBB.DoodleGodFreeforToshiba_2.0.0.48_x64__pvm5kvqj2rwym [2013-11-24] (JoyBits-Ltd.)
Evernote -> C:\Program Files\WindowsApps\Evernote.Evernote_6.24.8919.0_x86__q4d96b2w5wcc2 [2020-06-25] (Evernote)
Fresh Paint -> C:\Program Files\WindowsApps\Microsoft.FreshPaint_3.1.10383.1000_x86__8wekyb3d8bbwe [2019-07-19] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_100.1.581.0_x64__v10z8vjag6ke6 [2019-07-19] (HP Inc.)
Kindle -> C:\Program Files\WindowsApps\AMZNMobileLLC.KindleforWindows8_2.1.0.2_neutral__stfe6vwa9jnbp [2015-06-22] (AMZN Mobile LLC)
Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11901.20184.0_x64__8wekyb3d8bbwe [2019-08-05] (Microsoft Corporation) [MS Ad]
McAfee® Central for Toshiba -> C:\Program Files\WindowsApps\McAfeeInc.04.McAfeeSecurityAdvisorforToshiba_5.0.170.1_x64__m0mgz90br52t0 [2018-04-03] (McAfee_Incorporated)
Media Player by sMedio TrueLink+ -> C:\Program Files\WindowsApps\sMedioforToshiba.TOSHIBAMediaPlayerbysMedioTrueLin_3.4.33.0_x64__679ekb9hp1h62 [2019-03-02] (sMedio)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-03-02] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-03-02] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.31.12124.0_x64__8wekyb3d8bbwe [2019-08-14] (Microsoft Corporation) [MS Ad]
Microsoft Phone -> C:\Program Files\WindowsApps\Microsoft.CommsPhone_3.43.20002.1000_x64__8wekyb3d8bbwe [2018-09-16] (Microsoft Corporation)
Microsoft Phone Companion -> C:\Program Files\WindowsApps\Microsoft.WindowsPhone_10.1802.311.0_x64__8wekyb3d8bbwe [2018-02-12] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.5012.0_x64__8wekyb3d8bbwe [2020-06-18] (Microsoft Studios) [MS Ad]
MSN Food & Drink -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-15] (Microsoft Corporation) [MS Ad]
MSN Health & Fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-15] (Microsoft Corporation) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-19] (Microsoft Corporation) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-19] (Microsoft Corporation) [MS Ad]
MSN Travel -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-15] (Microsoft Corporation) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-06-25] (Microsoft Corporation) [MS Ad]
My Toshiba -> C:\Program Files\WindowsApps\EnnovaResearch.ToshibaPlaces_3.2.49.0_x64__3s2an63h56yee [2016-02-08] (Ennova Research)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.93.478.0_x64__mcm4njqhnhss8 [2019-07-19] (Netflix, Inc.)
Parcelgenie for Toshiba -> C:\Program Files\WindowsApps\ParcelPokeLimited.ParcelgenieforToshiba_2.1.1.25_neutral__8xyyyq1qzh8hy [2014-09-17] (Parcel Poke Limited)
Sage 50 Accounts Pulse for Toshiba -> C:\Program Files\WindowsApps\FA176213.Sage50AccountsPulseforToshiba_1.2.0.128_x64__z9k4tam8pb7vw [2014-09-15] (Sage (UK) Ltd)
Skitch Touch -> C:\Program Files\WindowsApps\Evernote.Skitch_2.4.2000.1918_neutral__q4d96b2w5wcc2 [2014-09-17] (Evernote)
Skyscanner -> C:\Program Files\WindowsApps\Skyscanner.Skyscanner_1.4.2.0_neutral__623c9he0pwcym [2014-09-17] (Skyscanner)
The Telegraph -> C:\Program Files\WindowsApps\TelegraphMediaGroupLtd.TheTelegraph_2.0.1.134_x64__8zqgb9yvnry22 [2013-11-24] (Telegraph Media Group Ltd)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-16] (Twitter Inc.)
Vimeo for Toshiba (UK) -> C:\Program Files\WindowsApps\DEA48DA5.VimeoforToshibaUK_1.4.0.0_neutral__20zyggj7fjyag [2013-11-24] (Vimeo, LLC .)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-809454615-2631668767-2191910371-1001_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\sworton\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-809454615-2631668767-2191910371-1001_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\sworton\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-809454615-2631668767-2191910371-1001_Classes\CLSID\{86508D42-E5D7-4D10-9C6F-D427AEEB85B5}\InprocServer32 -> C:\Users\sworton\AppData\Local\Google\Update\1.3.34.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-809454615-2631668767-2191910371-1001_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\sworton\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-809454615-2631668767-2191910371-1001_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\sworton\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-809454615-2631668767-2191910371-1001_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> C:\Users\sworton\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-809454615-2631668767-2191910371-1001_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\sworton\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-809454615-2631668767-2191910371-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\sworton\AppData\Local\Google\Update\1.3.35.452\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-809454615-2631668767-2191910371-1001_Classes\CLSID\{E9E7529D-7F09-410B-AF2A-CC154473B19C}\InprocServer32 -> C:\Users\sworton\AppData\Local\Google\Update\1.3.35.452\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-809454615-2631668767-2191910371-1001_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\sworton\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll => No File
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2015-04-26] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-06-18] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-06-18] (Malwarebytes Corporation -> Malwarebytes)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\sworton\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
==================== Loaded Modules (Whitelisted) =============
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2020-06-18 09:51 - 000002105 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-809454615-2631668767-2191910371-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 194.168.4.100 - 194.168.8.100
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
Network Binding:
=============
WiFi: AppEx Networks Accelerator -> appex_acc (enabled)
Ethernet: AppEx Networks Accelerator -> appex_acc (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "TCrdMain"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{E8D547E7-A3E1-4CF3-AE7E-49A8FE18AD65}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{0366120C-CE02-4697-B799-7B3B13F404D1}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{135617A1-4FD0-45D9-9461-1EDF6C9700DB}] => (Allow) C:\WINDOWS\system32\config\systemprofile\AppData\Local\Chromium\Application\chrome.exe => No File
FirewallRules: [{E860DF75-880E-49B0-8413-66F2B4C629CD}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{110EBF6F-EA1F-4217-8232-8D4EB81AC3BD}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe => No File
FirewallRules: [{3AE946B0-2360-4429-81C8-3AEB4EE2760C}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe => No File
FirewallRules: [{8475EB15-45FA-4ED0-B9F8-5AC5C0131D6A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{F1786561-0306-4A9B-A3C2-D96D563C3E49}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{D994D0B8-706F-405E-B648-52216055DCE9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{289A4F76-0FD9-4727-A5EA-8E3BBD25629E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{3B611E62-FAD6-4CDB-89A3-FA9BC8B3165A}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe => No File
FirewallRules: [{F66E6971-54AD-45A3-90BA-35756AF83C2B}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe => No File
FirewallRules: [{040BCEED-7D91-426C-B600-4D39548E85C7}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe => No File
FirewallRules: [{E743C8F7-6FBD-4D0F-8E32-6136CB3BBC2A}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe => No File
FirewallRules: [{E1543919-C633-453D-BA60-844BB45B6854}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe => No File
FirewallRules: [{DAD7730B-16B0-4642-8DF2-482423E6F362}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe => No File
FirewallRules: [TCP Query User{B52FCBCB-D94F-4F3B-BA30-870FC23D3999}C:\users\sworton\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\sworton\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{0AE8AA3E-A175-44AA-A39F-B7052D8E3839}C:\users\sworton\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\sworton\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{54ED3B61-2E4D-4BC3-940E-EBEC8003E2E0}C:\users\sworton\appdata\roaming\sky\sky go\sky go.exe] => (Block) C:\users\sworton\appdata\roaming\sky\sky go\sky go.exe => No File
FirewallRules: [UDP Query User{A82ED1F1-E1F1-4284-9B73-4EA0855E26DC}C:\users\sworton\appdata\roaming\sky\sky go\sky go.exe] => (Block) C:\users\sworton\appdata\roaming\sky\sky go\sky go.exe => No File
FirewallRules: [TCP Query User{69818AB6-26FD-49BF-8CB6-D99AED5921FD}C:\windows\system32\settingsynchost.exe] => (Block) C:\windows\system32\settingsynchost.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{9C9D787C-3B24-485E-81CE-108F04CAEE85}C:\windows\system32\settingsynchost.exe] => (Block) C:\windows\system32\settingsynchost.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{2E942837-69BF-4A9D-AFC4-FFAB5D6DE518}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
14-08-2019 09:33:59 Windows Update
04-09-2019 08:56:33 Windows Update
18-06-2020 09:27:34 Windows Update
25-06-2020 19:14:19 Windows Update
==================== Faulty Device Manager Devices ============
Name: TSSTcorp CDDVDW SU-208FB
Description: CD-ROM Drive
Class Guid: {4d36e965-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard CD-ROM drives)
Service: cdrom
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.
==================== Event log errors: ========================
Application errors:
==================
Error: (06/25/2020 07:14:51 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
System Error:
Access is denied.
.
Error: (06/25/2020 07:14:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: TPCHSrv.exe, version: 1.0.0.27, time stamp: 0x52278080
Faulting module name: ntdll.dll, version: 10.0.17134.799, time stamp: 0x7f828745
Exception code: 0xc0000374
Fault offset: 0x00000000000f479b
Faulting process ID: 0x22f8
Faulting application start time: 0x01d64b1c7412b79f
Faulting application path: C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report ID: 28dbec83-eac7-48fd-a3fc-d1de15ee8f28
Faulting package full name:
Faulting package-relative application ID:
Error: (06/25/2020 07:11:30 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Users\sworton\AppData\Local\chromium\Application\chrome.exe".
Dependent Assembly 58.0.2988.0,language="*",type="win32",version="58.0.2988.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (06/25/2020 07:09:16 PM) (Source: COM) (EventID: 10031) (User: )
Description: An unmarshaling policy check was performed when unmarshaling a custom marshaled object and the class {41FD88F7-F295-4D39-91AC-A85F3149A05B} was rejected
Error: (06/25/2020 07:09:16 PM) (Source: COM) (EventID: 10031) (User: )
Description: An unmarshaling policy check was performed when unmarshaling a custom marshaled object and the class {41FD88F7-F295-4D39-91AC-A85F3149A05B} was rejected
Error: (06/25/2020 07:09:16 PM) (Source: COM) (EventID: 10031) (User: )
Description: An unmarshaling policy check was performed when unmarshaling a custom marshaled object and the class {41FD88F7-F295-4D39-91AC-A85F3149A05B} was rejected
Error: (06/25/2020 07:09:15 PM) (Source: COM) (EventID: 10031) (User: )
Description: An unmarshaling policy check was performed when unmarshaling a custom marshaled object and the class {41FD88F7-F295-4D39-91AC-A85F3149A05B} was rejected
Error: (06/25/2020 07:08:05 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Trusteer\Rapport\bin\trf.dll".Error in manifest or policy file "C:\Program Files (x86)\Trusteer\Rapport\bin\Trusteer.PrivateCRT.MANIFEST" on line 0.
Invalid Xml syntax.
System errors:
=============
Error: (06/25/2020 07:16:23 PM) (Source: DCOM) (EventID: 10010) (User: SOPH-PC)
Description: The server {45CC1698-D1CF-417B-BC32-80EB79E05EF1} did not register with DCOM within the required timeout.
Error: (06/25/2020 07:14:31 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The TPCH Service service terminated unexpectedly. It has done this 1 time(s).
Error: (06/25/2020 07:13:42 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
Windows.SecurityCenter.WscBrokerManager
and APPID
Unavailable
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (06/25/2020 07:12:56 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (06/25/2020 07:12:38 PM) (Source: DCOM) (EventID: 10016) (User: SOPH-PC)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user Soph-pc\sworton SID (S-1-5-21-809454615-2631668767-2191910371-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (06/25/2020 07:11:19 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {784E29F4-5EBE-4279-9948-1E8FE941646D} did not register with DCOM within the required timeout.
Error: (06/25/2020 07:08:57 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (06/25/2020 07:08:57 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
CodeIntegrity:
===================================
Date: 2020-06-18 11:38:24.576
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MbamPt.exe that did not meet the Microsoft signing level requirements.
Date: 2020-06-18 11:33:23.732
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\pmls64.dll that did not meet the Microsoft signing level requirements.
Date: 2020-06-18 11:28:23.754
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\pmls64.dll that did not meet the Microsoft signing level requirements.
Date: 2020-06-18 11:23:23.730
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\pmls64.dll that did not meet the Microsoft signing level requirements.
Date: 2020-06-18 11:20:44.013
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\pmls64.dll that did not meet the Microsoft signing level requirements.
Date: 2020-06-18 11:20:43.996
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\pmls64.dll that did not meet the Microsoft signing level requirements.
Date: 2020-06-18 11:20:43.978
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\pmls64.dll that did not meet the Microsoft signing level requirements.
Date: 2020-06-18 11:20:43.960
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\pmls64.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: Insyde Corp. 1.20 08/30/2013
Motherboard: AMD PT10AN
Processor: AMD A4-5000 APU with Radeon™ HD Graphics
Percentage of memory in use: 59%
Total physical RAM: 3523.07 MB
Available physical RAM: 1416.25 MB
Total Virtual: 7107.07 MB
Available Virtual: 4701.43 MB
==================== Drives ================================
Drive c: (TI31254100A) (Fixed) (Total:919.64 GB) (Free:789.38 GB) NTFS
\\?\Volume{01773966-6472-11e3-aab2-ff588c914329}\ (System) (Fixed) (Total:1 GB) (Free:0.62 GB) NTFS
\\?\Volume{74f8e88f-38f6-42df-927c-a5e6362b427a}\ () (Fixed) (Total:0.86 GB) (Free:0.31 GB) NTFS
\\?\Volume{7abb33a6-85d5-11e3-8d59-2025642be837}\ (Recovery) (Fixed) (Total:9.79 GB) (Free:0.98 GB) NTFS
\\?\Volume{0177396e-6472-11e3-aab2-ff588c914329}\ () (Fixed) (Total:0.09 GB) (Free:0.05 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================
Sign In
Create Account
