Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

I'm infected with something I do believe [Solved]

Infected antivirus software

  • This topic is locked This topic is locked

#16
sweetsuzee

sweetsuzee

    Member

  • Topic Starter
  • Member
  • PipPip
  • 55 posts

Before I do anything, I wanted to report an issue or two.  I have Malwarebytes Premium 4.2.0 and it runs a scan daily.  It ran today at 1030 or thereabouts and said no malware.  Sometimes it finds be guys and we quarantine them.  Will downloading again cause a problem with my paid subscription in light of the fact that they keep sending me emails telling me to setup an account, which I have not done yet.  Also, yes, I remote deal with AOL techs via Bombar I think it is called where they come into my computer and fix up their messes.  I'm a Beta tester.  I used to use Adware Cleaner but not sure why I got rid of it but it will be good to see it back again.  Just wanted to double check on the MB issue.  Please advise.  Thanks, Sue  By the way, what part of the world is your body sitting in right now?  It would appear your day is my night a vice versa.  On the other hand, you might just work a late shift.  LOL  


  • 0

Advertisements


#17
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 4,053 posts

Hi, Sue.

 

Of course you have already Malwarebytes installed. My mistake I asked you to download it again. You can follow my instructions from the 6th bullet.

 

Looking forward to checking your logs.

 

P.S. My time zone is GMT +2, so yes, it's morning now. :)


  • 0

#18
sweetsuzee

sweetsuzee

    Member

  • Topic Starter
  • Member
  • PipPip
  • 55 posts

I'm not able to do this tonight. It is way past my bedtime, my eyes are burning from the fires, and I know nothing about CLIPBOARD.  I'm not a dumb person by any stretch of the imagination so when I exported to clipboard and was getting nowhere, I researched.  I followed and it wound up the CLIPBOARD popped up in BING and although it showed that it was storing the Malwarebytes folder, we couldn't sync because I wasn't registered and a whole sort of other things.  However, I do not want to deal with BING and I don't appreciate MS always trying to shove that down my throat.  I am having full body MRIs and CAT Scans done tomorrow, Tuesday and Wednesday so I do not know for sure how much time I will have nor how much strength but I will do the best I can with what I have.  Is there an easier way I can get the darn Malwarebytes log for you?  It did, however, take 40 mins to scan.  I haven't downloaded the Adware yet - but now I have and I ran it so here is the log.   OOPS - before that knowing tha tI would never get to sleep, I tried and tried again with the Malwarebytes log to no avail.  However, out of sheer frustration I exported it to my hidden folder and here's what it said.  I hope this will work as the clipboard just showed a line.- - It's 1 A.M. and I need my rest so I am going to call it quits after this.  If I messed up, I'm sorry.  Sue

 

 

Malwarebytes
www.malwarebytes.com
 
-Log Details-
Scan Date: 9/13/20
Scan Time: 11:29 PM
Log File: a1a927e8-f653-11ea-93e6-c8f7331cce2d.json
 
-Software Information-
Version: 4.2.0.82
Components Version: 1.0.1036
Update Package Version: 1.0.29807
License: Premium
 
-System Information-
OS: Windows 10 (Build 18362.1082)
CPU: x64
File System: NTFS
User: SUESBABY\suesarkis
 
-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 321527
Threats Detected: 0
Threats Quarantined: 0
Time Elapsed: 39 min, 17 sec
 
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Detect
PUM: Detect
 
-Scan Details-
Process: 0
(No malicious items detected)
 
Module: 0
(No malicious items detected)
 
Registry Key: 0
(No malicious items detected)
 
Registry Value: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Data Stream: 0
(No malicious items detected)
 
Folder: 0
(No malicious items detected)
 
File: 0
(No malicious items detected)
 
Physical Sector: 0
(No malicious items detected)
 
WMI: 0
(No malicious items detected)
 
 
(end)
 
 
 

 

# -------------------------------
# Malwarebytes AdwCleaner 8.0.7.0
# -------------------------------
# Build:    07-22-2020
# Database: 2020-07-20.1 (Local)
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    09-14-2020
# Duration: 00:01:15
# OS:       Windows 10 Home
# Scanned:  31837
# Detected: 10
 
 
***** [ Services ] *****
 
No malicious services found.
 
***** [ Folders ] *****
 
PUP.Optional.AdvancedSystemRepairPro C:\ProgramData\TSR7Settings
 
***** [ Files ] *****
 
PUP.Optional.Legacy             C:\END
 
***** [ DLL ] *****
 
No malicious DLLs found.
 
***** [ WMI ] *****
 
No malicious WMI found.
 
***** [ Shortcuts ] *****
 
No malicious shortcuts found.
 
***** [ Tasks ] *****
 
No malicious tasks found.
 
***** [ Registry ] *****
 
PUP.Optional.AdvancedSystemRepairPro HKLM\Software\Classes\AppID\{233F8F82-F91E-4E49-2222-BD21AB39D1BB}
PUP.Optional.AdvancedSystemRepairPro HKLM\Software\Classes\tscmon.Gate
PUP.Optional.AdvancedSystemRepairPro HKLM\Software\Wow6432Node\\Classes\AppID\{233F8F82-F91E-4E49-2222-BD21AB39D1BB}
PUP.Optional.AdvancedSystemRepairPro HKLM\Software\Wow6432Node\\Classes\CLSID\{233F8F82-F91E-4E49-2222-BD21AB39D1BB}
PUP.Optional.Legacy             HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\dotomi.com
PUP.Optional.Legacy             HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\dotomi.com
PUP.Optional.SpeedItupFree      HKLM\Software\Classes\AppID\{A245B088-41FA-478E-8DEA-86177F1394BB}
PUP.Optional.SpeedItupFree      HKLM\Software\Wow6432Node\\Classes\AppID\{A245B088-41FA-478E-8DEA-86177F1394BB}
 
***** [ Chromium (and derivatives) ] *****
 
No malicious Chromium entries found.
 
***** [ Chromium URLs ] *****
 
No malicious Chromium URLs found.
 
***** [ Firefox (and derivatives) ] *****
 
No malicious Firefox entries found.
 
***** [ Firefox URLs ] *****
 
No malicious Firefox URLs found.
 
***** [ Hosts File Entries ] *****
 
No malicious hosts file entries found.
 
***** [ Preinstalled Software ] *****
 
No Preinstalled Software found.
 
 
AdwCleaner[S00].txt - [2114 octets] - [03/05/2019 09:36:18]
AdwCleaner[C00].txt - [2024 octets] - [03/05/2019 09:42:15]
AdwCleaner_Debug.log - [28997 octets] - [16/09/2019 20:13:44]
AdwCleaner[S01].txt - [3511 octets] - [16/09/2019 20:17:35]
AdwCleaner[C01].txt - [3390 octets] - [16/09/2019 20:31:53]
AdwCleaner[S02].txt - [1633 octets] - [29/09/2019 12:31:08]
 
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S03].txt ##########

  • 0

#19
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 4,053 posts

Hi, Sue.

I hope you had a good night's sleep and got the rest you need for the next difficult days. I hope everything will run fine for you.

As for the Clipboard, you had just only click on the Export button and then choose the option Copy to Clipboard. Then, just come here, right click in the reply area and choose paste. I apologize if my instructions confused you.

The good thing is that the Malwarebytes report is clean, so no need to run it again. :)

 

But we do have some cleaning, regarding the AdwCleaner log.

1. Scan with AdwCleaner - clean mode

  • Double click AdwCleaner.exe on your Desktop, to run it as you did before.
  • Click Scan Now.
  • When the scan has finished a Scan Results window will open.
  • Please check all threads found and then click Quarantine.
  • Click Next.
    • If any pre-installed software was found on your machine, a prompt window will open (Note: previous scan showed no pre-installed software in your machine, so you can skip these sub steps).
      • Click OK to close it.
    • Check any pre-installed software items you want to remove (previous scan showed no pre-installed software in your machine, so you can skip this).
    • Click Quarantine.
  • A prompt to save your work will appear.
    • Click Continue when you're ready to proceed.
  • A prompt to restart your computer will appear.
    • Click Restart Now.
  • Once your computer has restarted:
    • If it doesn't open automatically, please start ADWCleaner.
    • Click the Log Files tab.
    • Double click on the latest Clean log (Clean logs have a [C0*] suffix, where * is replaced by a number, the latest scan will have the largest number)
    • A Notepad file will open containing the results of the removal.
    • Please post the contents of the file in your next reply.

 

2. Fresh FRST logs

  • Double-click on the FRST icon to run it, as you did before. When the tool opens click Yes to disclaimer.
  • Press Scan button and wait for a while.
  • The scanner will produced two logs on your Desktop: FRST.txt and Addition.txt.
  • Please copy and paste the content of these two logs in your next reply.

  • 0

#20
sweetsuzee

sweetsuzee

    Member

  • Topic Starter
  • Member
  • PipPip
  • 55 posts
Although I could see the clipboard and I could read the file name, it would not come here with a right click.  Then I realized that CLIPBOARD was not in the Chrome Browser but rather BING and since I do not like BING, I figured I'd try something else since I know nothing about BING.  Regardless, I just couldn't get it over, not that your instructions were defective or faulty.  Anyway, here's the next request fulfillment.  LOL   I have to laugh because the FRST shows outside AOL support back in 2017 too.   
 
 
 
 
 
# -------------------------------
# Malwarebytes AdwCleaner 8.0.7.0
# -------------------------------
# Build:    07-22-2020
# Database: 2020-07-20.1 (Local)
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    09-14-2020
# Duration: 00:01:14
# OS:       Windows 10 Home
# Scanned:  31837
# Detected: 10
 
 
***** [ Services ] *****
 
No malicious services found.
 
***** [ Folders ] *****
 
PUP.Optional.AdvancedSystemRepairPro C:\ProgramData\TSR7Settings
 
***** [ Files ] *****
 
PUP.Optional.Legacy             C:\END
 
***** [ DLL ] *****
 
No malicious DLLs found.
 
***** [ WMI ] *****
 
No malicious WMI found.
 
***** [ Shortcuts ] *****
 
No malicious shortcuts found.
 
***** [ Tasks ] *****
 
No malicious tasks found.
 
***** [ Registry ] *****
 
PUP.Optional.AdvancedSystemRepairPro HKLM\Software\Classes\AppID\{233F8F82-F91E-4E49-2222-BD21AB39D1BB}
PUP.Optional.AdvancedSystemRepairPro HKLM\Software\Classes\tscmon.Gate
PUP.Optional.AdvancedSystemRepairPro HKLM\Software\Wow6432Node\\Classes\AppID\{233F8F82-F91E-4E49-2222-BD21AB39D1BB}
PUP.Optional.AdvancedSystemRepairPro HKLM\Software\Wow6432Node\\Classes\CLSID\{233F8F82-F91E-4E49-2222-BD21AB39D1BB}
PUP.Optional.Legacy             HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\dotomi.com
PUP.Optional.Legacy             HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\dotomi.com
PUP.Optional.SpeedItupFree      HKLM\Software\Classes\AppID\{A245B088-41FA-478E-8DEA-86177F1394BB}
PUP.Optional.SpeedItupFree      HKLM\Software\Wow6432Node\\Classes\AppID\{A245B088-41FA-478E-8DEA-86177F1394BB}
 
***** [ Chromium (and derivatives) ] *****
 
No malicious Chromium entries found.
 
***** [ Chromium URLs ] *****
 
No malicious Chromium URLs found.
 
***** [ Firefox (and derivatives) ] *****
 
No malicious Firefox entries found.
 
***** [ Firefox URLs ] *****
 
No malicious Firefox URLs found.
 
***** [ Hosts File Entries ] *****
 
No malicious hosts file entries found.
 
***** [ Preinstalled Software ] *****
 
No Preinstalled Software found.
 
 
AdwCleaner[S00].txt - [2114 octets] - [03/05/2019 09:36:18]
AdwCleaner[C00].txt - [2024 octets] - [03/05/2019 09:42:15]
AdwCleaner_Debug.log - [28997 octets] - [16/09/2019 20:13:44]
AdwCleaner[S01].txt - [3511 octets] - [16/09/2019 20:17:35]
AdwCleaner[C01].txt - [3390 octets] - [16/09/2019 20:31:53]
AdwCleaner[S02].txt - [1633 octets] - [29/09/2019 12:31:08]
AdwCleaner[S03].txt - [2864 octets] - [14/09/2020 00:35:40]
 
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S04].txt ##########
 
 
 
 
 
Fresh FRST log
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-09-2020
Ran by suesarkis (administrator) on SUESBABY (Hewlett-Packard HP Spectre XT TouchSmart PC) (14-09-2020 10:37:04)
Running from C:\Users\suesarkis\Desktop
Loaded Profiles: suesarkis
Platform: Windows 10 Home Version 1909 18363.1082 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe <2>
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Comfort Software Group -> Comfort Software Group) C:\Program Files (x86)\FreeCountdownTimer\FreeCountdownTimer.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_972058dc64815bf9\RstMwService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\MKCHelper.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2008.9-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2008.9-0\NisSrv.exe
(N. Harris Computer Corporation -> Copernic, a division of N. Harris Computer Corporation) C:\Program Files\Copernic\DesktopSearch\Copernic.DesktopSearch.exe
(N. Harris Computer Corporation -> Copernic, a division of N. Harris Computer Corporation) C:\Program Files\Copernic\DesktopSearch\Copernic.Plugins.PluginsService.exe
(N. Harris Computer Corporation -> Copernic, a division of N. Harris Computer Systems) C:\Program Files\Copernic\DesktopSearch\DesktopSearchOutlookConnector.exe
(PC Dynamics, Inc.) [File not signed] C:\Program Files (x86)\Corkboard\CORK.EXE
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [320056 2019-02-28] (Intel® Rapid Storage Technology -> Intel Corporation)
HKLM-x32\...\Run: [QuickFinder Scheduler] => c:\Program Files (x86)\Corel\WordPerfect Office X9\Programs\QFSCHD190.EXE [247512 2018-05-13] (Corel Corporation -> Corel Corporation)
HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\Run: [FreeCT] => C:\Program Files (x86)\FreeCountdownTimer\FreeCountdownTimer.exe [4126624 2016-01-22] (Comfort Software Group -> Comfort Software Group)
HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\Run: [AOLDesktop] => C:\Users\suesarkis\AppData\Local\AOLDesktop\AolDesktop.exe [563216 2020-09-08] (AOL, Inc -> AOL Inc.)
HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5482544 2020-08-17] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\Run: [Copernic Desktop Search] => C:\Program Files\Copernic\DesktopSearch\Copernic.DesktopSearch.exe [635104 2020-03-04] (N. Harris Computer Corporation -> Copernic, a division of N. Harris Computer Corporation)
HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\Policies\Explorer: [NoInstrumentation] 1
HKLM\...\Windows x64\Print Processors\HP1020PrintProc: C:\Windows\System32\spool\prtprocs\x64\pphp1020.dll [65024 2012-09-18] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\HP Standard TCP/IP Port: C:\WINDOWS\system32\HpTcpMon.dll [331264 2009-09-16] (Hewlett Packard) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\85.0.4183.102\Installer\chrmstp.exe [2020-09-09] (Google LLC -> Google LLC)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"
Startup: C:\Users\suesarkis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AOL Desktop Launcher.lnk [2020-09-14]
ShortcutTarget: AOL Desktop Launcher.lnk -> C:\Users\suesarkis\AppData\Local\AOLDesktop\AolTrayApp.exe (AOL, Inc -> AOL Inc.)
Startup: C:\Users\suesarkis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyCorkboard.lnk [2017-10-15]
ShortcutTarget: MyCorkboard.lnk -> C:\Program Files (x86)\Corkboard\CORK.EXE (PC Dynamics, Inc.) [File not signed]
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AOL Desktop Launcher.lnk [2019-11-15]
ShortcutTarget: AOL Desktop Launcher.lnk -> C:\Users\suesarkis\AppData\Local\AOLDesktop\AolTrayApp.exe (AOL, Inc -> AOL Inc.)
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {01AEFE23-8B51-4189-9C7B-9F6A3EE580CB} - System32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ceip.exe [39176 2017-10-11] (Microsoft Corporation -> Microsoft)
Task: {0405FE5E-2941-48AF-AE02-56CAE1594428} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_344_pepper.exe [1453624 2020-03-11] (Adobe Inc. -> Adobe)
Task: {1679F551-60AC-484D-A64D-79A079B5E144} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MpCmdRun.exe [525032 2020-09-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {185D8A69-4E7C-488D-AE93-83A8460CF2F1} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1283488 2020-09-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {2C455FCF-8A1C-4F05-BD47-24C5E0A0DFF9} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22764408 2020-09-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {2DCAC850-E0C4-43ED-9778-33873572DB4D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1336400 2020-07-08] (Adobe Inc. -> Adobe Inc.)
Task: {30515428-0D06-4844-BAC0-7FADFE6C79C3} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2497800 2017-10-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {366B36C9-EB22-4CCC-9BBD-BF52B3F13C11} - System32\Tasks\CorelUpdateHelperTaskCore => c:\Program Files (x86)\Corel\CUH\v2\CUH.exe [3583264 2020-06-03] (Corel Corporation -> Corel Corporation)
Task: {3A488821-1ABC-45C9-BC85-00E9BF0E7786} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\suesarkis\Downloads\esetonlinescanner_enu.exe [8149816 2019-09-29] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {48F582DD-B519-49AB-AFF7-1E812641931A} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-03-11] (Adobe Inc. -> Adobe)
Task: {559C1EE8-B918-4FF8-B901-40131935A0E1} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [855352 2016-02-19] (Intel® Trusted Connect Service -> Intel® Corporation)
Task: {57100AE3-B92D-4FC1-8D7F-8CFB19AA6707} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-06-01] (Google Inc -> Google Inc.)
Task: {75BF6DE9-4FCA-4BC3-827F-FE7528955A2E} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1844488 2017-10-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {7803EAFA-C860-4CA5-832E-A0EBB9CD14AF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MpCmdRun.exe [525032 2020-09-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {82B94AD8-29A8-40ED-A907-224D53D80DFA} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\suesarkis\Downloads\esetonlinescanner_enu.exe [8149816 2019-09-29] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {8FA0207E-0F04-4B48-BD37-B2136C28A95A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-06-01] (Google Inc -> Google Inc.)
Task: {926D5219-2D77-469E-99DB-3203D2EA83ED} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118120 2020-09-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {9B255169-60AD-44CA-9D0C-9EC3EE97AA0B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22764408 2020-09-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {A9A555E0-9B0D-4230-B577-05A5E76B8619} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [1967880 2017-10-11] (Microsoft Corporation -> Microsoft)
Task: {B4E4E23A-B57D-4458-9E53-2ED4C42667D6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MpCmdRun.exe [525032 2020-09-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BBF33665-2444-4F15-A3F4-F7AEC254031D} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2497800 2017-10-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {C752C1EA-34F5-4579-906B-C60F5065FA31} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118120 2020-09-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {C7AA6333-7B3F-4297-B701-B24279F83894} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MpCmdRun.exe [525032 2020-09-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DEC2E8AB-AF71-4069-837A-F83ADD0F36EC} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1844488 2017-10-11] (Microsoft Corporation -> Microsoft Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 209.18.47.63 209.18.47.61
Tcpip\..\Interfaces\{1b626343-04a6-45cd-b559-9a91b11fb27c}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{dace9ba1-7c81-4972-8e00-a728cdf2e3da}: [DhcpNameServer] 209.18.47.63 209.18.47.61
 
Edge: 
======
DownloadDir: C:\Users\suesarkis\Downloads
Edge Profile: C:\Users\suesarkis\AppData\Local\Microsoft\Edge\User Data\Default [2020-09-14]
Edge DownloadDir: C:\Users\suesarkis\Downloads
 
FireFox:
========
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-11] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-08-17] (Adobe Inc. -> Adobe Systems Inc.)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Default [2020-09-14]
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxps://us.search.yahoo.com/yhs/web?hspart=omr&hsimp=yhs-001&type=86311457&param1=y6bdVFVIsvuYsgEClQfz8HyFH9tZCHsOZFHNP%2BYwJC2KzKng6DqDwLXGzQuImnSkuMRjGBMJKVXU9IRCVZHYmv03SMviyUpr2foFPnoYkJaB3zfa5tmymI5biZxxjmVTIbN5ffDfL8kCtQrGoxi2kMRzHbkFAtg5EnpK5Hu5iMnnZUYerfkfO61IRimZ47UAtI3vkxx%2FSpXj3joplwZyWJfCIZm2pmJkfO%2F12o7jo58hmN5FO46RpWqsGGdB92u35v50dGIfe8QyECGyKPI9WTZlPjMpXto87EcWfoMMx88%3D"
CHR DefaultSearchKeyword: Default -> google.com_
CHR Extension: (Slides) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
CHR Extension: (Entanglement Web App) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2017-10-08]
CHR Extension: (e-Player) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Default\Extensions\agilokibjakdcmghlogojfbjmhbkhgmc [2020-06-08]
CHR Extension: (Docs) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Google Drive) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-06-01]
CHR Extension: (YouTube) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-06-01]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-09-10]
CHR Extension: (Adobe Acrobat) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-08-05]
CHR Extension: (Sheets) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (Google Docs Offline) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-08-13]
CHR Extension: (Poppit!) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2017-10-08]
CHR Extension: (Chrome Web Store Payments) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-23]
CHR Extension: (Chrome Media Router) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-09-03]
CHR Profile: C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-09-26]
CHR Profile: C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Profile 1 [2020-09-11]
CHR Extension: (Slides) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-02-24]
CHR Extension: (Docs) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2019-02-24]
CHR Extension: (Google Drive) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-02-24]
CHR Extension: (YouTube) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-02-24]
CHR Extension: (Adobe Acrobat) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-02-24]
CHR Extension: (Sheets) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-02-24]
CHR Extension: (Google Docs Offline) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-02-29]
CHR Extension: (Chrome Web Store Payments) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-11-24]
CHR Extension: (Gmail) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-11-24]
CHR Extension: (Chrome Media Router) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-02-29]
CHR Profile: C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\System Profile [2019-09-26]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169544 2020-07-08] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-03-11] (Adobe Inc. -> Adobe)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8838528 2020-09-04] (Microsoft Corporation -> Microsoft Corporation)
S3 Intel® Security Assist; C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe [335360 2016-03-18] (Intel Corporation) [File not signed]
R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe [8704 2016-03-18] (Intel Corporation) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7138296 2020-08-30] (Malwarebytes Inc -> Malwarebytes)
R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\NisSrv.exe [2343112 2020-09-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MsMpEng.exe [128360 2020-09-11] (Microsoft Windows Publisher -> Microsoft Corporation)
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-10-06] (Microsoft Corporation) [File not signed]
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2020-08-30] (Malwarebytes Corporation -> Malwarebytes)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [217608 2020-09-04] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-08-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [197280 2020-09-14] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73880 2020-09-14] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-09-03] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [131232 2020-09-14] (Malwarebytes Inc -> Malwarebytes)
R1 MpKslDrv; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DDEFCCB0-38C8-4592-9553-F9BBD79EA80B}\MpKslDrv.sys [78056 2020-09-14] (Microsoft Windows -> Microsoft Corporation)
S3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-05] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48520 2020-09-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [428256 2020-09-11] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [69856 2020-09-11] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [34944 2018-05-11] (HP Inc. -> HP)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ===================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-09-14 10:37 - 2020-09-14 10:39 - 000023995 _____ C:\Users\suesarkis\Desktop\FRST.txt
2020-09-14 10:34 - 2020-09-14 10:34 - 002297856 _____ (Farbar) C:\Users\suesarkis\Desktop\FRST64.exe
2020-09-14 10:33 - 2020-09-14 10:33 - 000002925 _____ C:\Users\suesarkis\Desktop\AdwCleaner[S04].txt
2020-09-14 10:27 - 2020-09-14 10:27 - 000197280 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2020-09-14 10:27 - 2020-09-14 10:27 - 000131232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2020-09-14 10:27 - 2020-09-14 10:27 - 000073880 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2020-09-14 10:14 - 2020-09-14 10:14 - 000001907 _____ C:\Users\suesarkis\Desktop\Current steps.txt
2020-09-14 09:20 - 2020-09-14 09:20 - 000002339 _____ C:\Users\suesarkis\Desktop\AOL Desktop Gold.lnk
2020-09-14 00:39 - 2020-09-14 00:39 - 000002864 _____ C:\Users\suesarkis\Desktop\AdwCleaner log.txt
2020-09-14 00:31 - 2020-09-14 00:31 - 008414384 _____ (Malwarebytes) C:\Users\suesarkis\Desktop\AdwCleaner.exe
2020-09-13 22:48 - 2020-09-13 22:48 - 002040904 _____ (Malwarebytes) C:\Users\suesarkis\Downloads\MBSetup (1).exe
2020-09-13 22:47 - 2020-09-13 22:47 - 002040904 _____ (Malwarebytes) C:\Users\suesarkis\Downloads\MBSetup.exe
2020-09-11 18:46 - 2020-09-11 18:46 - 005503488 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2020-09-11 18:46 - 2020-09-11 18:46 - 004470272 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2020-09-11 18:46 - 2020-09-11 18:46 - 004309504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2020-09-11 18:46 - 2020-09-11 18:46 - 003365376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2020-09-11 18:46 - 2020-09-11 18:46 - 000941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2020-09-11 18:46 - 2020-09-11 18:46 - 000928768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFS.exe
2020-09-11 18:46 - 2020-09-11 18:46 - 000724480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2020-09-11 18:46 - 2020-09-11 18:46 - 000709632 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2020-09-11 18:46 - 2020-09-11 18:46 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFSR.dll
2020-09-11 18:46 - 2020-09-11 18:46 - 000522752 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2020-09-11 18:46 - 2020-09-11 18:46 - 000415232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMPOSE.dll
2020-09-11 18:46 - 2020-09-11 18:46 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2020-09-11 18:46 - 2020-09-11 18:46 - 000338944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2020-09-11 18:46 - 2020-09-11 18:46 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOVER.exe
2020-09-11 18:46 - 2020-09-11 18:46 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSUTILITY.dll
2020-09-11 18:46 - 2020-09-11 18:46 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe
2020-09-11 18:46 - 2020-09-11 18:46 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMPOSERES.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 032928920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsRaw.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 031598936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsRaw.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 025444864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 019812864 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 018032128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 006304256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 005907456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 003822592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 003525608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 003501568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 002494752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 002422384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2020-09-11 18:45 - 2020-09-11 18:45 - 002315472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 002230240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 002138264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2020-09-11 18:45 - 2020-09-11 18:45 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 001491160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 001272160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 001247744 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2020-09-11 18:45 - 2020-09-11 18:45 - 001151808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 001108384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 001099600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 001039872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2020-09-11 18:45 - 2020-09-11 18:45 - 001012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 000952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 000748384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 000744240 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOE.DLL
2020-09-11 18:45 - 2020-09-11 18:45 - 000738072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2020-09-11 18:45 - 2020-09-11 18:45 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 000682752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOE.DLL
2020-09-11 18:45 - 2020-09-11 18:45 - 000666288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2020-09-11 18:45 - 2020-09-11 18:45 - 000609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfh264enc.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 000574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfh264enc.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 000537608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 000516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 000420168 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstext40.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NAPCRYPT.DLL
2020-09-11 18:45 - 2020-09-11 18:45 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 022642176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 019852288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 007761408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 007284736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 006526448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 005767744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 004859904 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 004605952 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 004538368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 002585032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 002259680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 001521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 001459200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 001421392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 001397560 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-09-11 18:44 - 2020-09-11 18:44 - 001326592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 001218424 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2020-09-11 18:44 - 2020-09-11 18:44 - 001138688 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 001077048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-09-11 18:44 - 2020-09-11 18:44 - 000894032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000864768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000783496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-09-11 18:44 - 2020-09-11 18:44 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000775480 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2020-09-11 18:44 - 2020-09-11 18:44 - 000706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000675032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2020-09-11 18:44 - 2020-09-11 18:44 - 000671560 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000632320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000593480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2020-09-11 18:44 - 2020-09-11 18:44 - 000528896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddraw.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000466352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000422008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000299072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2020-09-11 18:44 - 2020-09-11 18:44 - 000269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFMCP.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovs.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\FileHistory.exe
2020-09-11 18:44 - 2020-09-11 18:44 - 000245248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pdh.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000240128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ssdpsrv.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000224064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2P.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000211256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BitLockerCsp.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWSD.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnscmmc.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWSD.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000124416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnscmmc.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdSSDP.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000093496 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000090936 _____ (Microsoft Corporation) C:\WINDOWS\system32\vid.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdSSDP.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000084280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2020-09-11 18:44 - 2020-09-11 18:44 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2020-09-11 18:44 - 2020-09-11 18:44 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhuxgraphics.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ssdpapi.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\udhisapi.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndiscap.sys
2020-09-11 18:44 - 2020-09-11 18:44 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtutils.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\tar.exe
2020-09-11 18:44 - 2020-09-11 18:44 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NAPCRYPT.DLL
2020-09-11 18:44 - 2020-09-11 18:44 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edpnotify.exe
2020-09-11 18:44 - 2020-09-11 18:44 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tar.exe
2020-09-11 18:44 - 2020-09-11 18:44 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfctrs.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnpcont.exe
2020-09-11 18:44 - 2020-09-11 18:44 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfproc.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfdisk.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wslapi.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfos.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnpcont.exe
2020-09-11 18:44 - 2020-09-11 18:44 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfnet.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000021304 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDJPN.DLL
2020-09-11 18:44 - 2020-09-11 18:44 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDKOR.DLL
2020-09-11 18:44 - 2020-09-11 18:44 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbd106n.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbd106.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbd101.DLL
2020-09-11 18:44 - 2020-09-11 18:44 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3r.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-09-11 18:44 - 2020-09-11 18:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-09-11 18:44 - 2020-09-11 18:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-09-11 18:44 - 2020-09-11 18:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-09-11 18:44 - 2020-09-11 18:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-09-11 18:44 - 2020-09-11 18:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-09-11 18:44 - 2020-09-11 18:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-09-11 18:44 - 2020-09-11 18:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-09-11 18:44 - 2020-09-11 18:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-09-11 18:44 - 2020-09-11 18:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-09-11 18:44 - 2020-09-11 18:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-09-11 18:44 - 2020-09-11 18:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-09-11 18:43 - 2020-09-11 18:44 - 000553664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 006069360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 005848848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 005041152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 005003832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 003740456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 002799104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-09-11 18:43 - 2020-09-11 18:43 - 002774088 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 002576896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 002565120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 002306048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 001957552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 001750016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 001704960 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 001698816 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 001688064 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 001672544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 001664696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 001653792 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 001512960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdprt.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 001369088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 001307464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 001246208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 001141048 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 001124864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 001054160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 001009200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000892728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2020-09-11 18:43 - 2020-09-11 18:43 - 000867328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000844088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000777216 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000775768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000768504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-09-11 18:43 - 2020-09-11 18:43 - 000667312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000652800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000628400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000600064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000578048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddraw.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000572208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000564480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000544336 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000424448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Payments.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-09-11 18:43 - 2020-09-11 18:43 - 000332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2020-09-11 18:43 - 2020-09-11 18:43 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-09-11 18:43 - 2020-09-11 18:43 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000294728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000292864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Lights.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2020-09-11 18:43 - 2020-09-11 18:43 - 000285056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppLockerCSP.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2020-09-11 18:43 - 2020-09-11 18:43 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-09-11 18:43 - 2020-09-11 18:43 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000165184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000146640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000120832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mapistub.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000120832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mapi32.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2020-09-11 18:43 - 2020-09-11 18:43 - 000090944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000089344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000076800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtutils.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\edpnotify.exe
2020-09-11 18:43 - 2020-09-11 18:43 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfctrs.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfproc.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfdisk.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfos.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryCore.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmintegrator.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2020-09-11 18:43 - 2020-09-11 18:43 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys
2020-09-11 18:43 - 2020-09-11 18:43 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfnet.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidtel.exe
2020-09-11 18:43 - 2020-09-11 18:43 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fixmapi.exe
2020-09-11 18:43 - 2020-09-11 18:43 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDJPN.DLL
2020-09-11 18:43 - 2020-09-11 18:43 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbd106.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbd106n.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbd101.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6r.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3r.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 009926456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-09-11 18:42 - 2020-09-11 18:42 - 007910152 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 007604584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 007271232 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 006170624 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 005284328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 004565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-09-11 18:42 - 2020-09-11 18:42 - 004048384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 003805696 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 003727872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-09-11 18:42 - 2020-09-11 18:42 - 003547136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 003371176 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 003265024 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 002986808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-09-11 18:42 - 2020-09-11 18:42 - 002870784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 002772616 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 002697536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2020-09-11 18:42 - 2020-09-11 18:42 - 002483712 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 002260824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 002090280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 002073600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 001999968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 001930752 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 001918464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 001743680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 001726264 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 001670144 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 001522176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 001486848 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-09-11 18:42 - 2020-09-11 18:42 - 001485824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 001480520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2020-09-11 18:42 - 2020-09-11 18:42 - 001399216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 001393960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 001274128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 001260752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 001170960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 001092096 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000932256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2020-09-11 18:42 - 2020-09-11 18:42 - 000893104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000858928 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000851968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-09-11 18:42 - 2020-09-11 18:42 - 000842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000823752 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2020-09-11 18:42 - 2020-09-11 18:42 - 000822784 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000716304 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000675840 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000661832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2020-09-11 18:42 - 2020-09-11 18:42 - 000621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-09-11 18:42 - 2020-09-11 18:42 - 000602112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Payments.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2020-09-11 18:42 - 2020-09-11 18:42 - 000561464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2020-09-11 18:42 - 2020-09-11 18:42 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-09-11 18:42 - 2020-09-11 18:42 - 000544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2020-09-11 18:42 - 2020-09-11 18:42 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000510792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000492032 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-09-11 18:42 - 2020-09-11 18:42 - 000460192 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2020-09-11 18:42 - 2020-09-11 18:42 - 000457016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2020-09-11 18:42 - 2020-09-11 18:42 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-09-11 18:42 - 2020-09-11 18:42 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppLockerCSP.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000372536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2020-09-11 18:42 - 2020-09-11 18:42 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000363128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000356160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000260408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2020-09-11 18:42 - 2020-09-11 18:42 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnservice.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000254776 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-09-11 18:42 - 2020-09-11 18:42 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000213824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000209216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000205640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2020-09-11 18:42 - 2020-09-11 18:42 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000179512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2020-09-11 18:42 - 2020-09-11 18:42 - 000159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidpolicyconverter.exe
2020-09-11 18:42 - 2020-09-11 18:42 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000146248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2020-09-11 18:42 - 2020-09-11 18:42 - 000132408 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000131896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mup.sys
2020-09-11 18:42 - 2020-09-11 18:42 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000108856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000104248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000079576 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000066872 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.exe
2020-09-11 18:42 - 2020-09-11 18:42 - 000063296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
2020-09-11 18:42 - 2020-09-11 18:42 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000059392 _____ C:\WINDOWS\system32\runexehelper.exe
2020-09-11 18:42 - 2020-09-11 18:42 - 000057888 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2020-09-11 18:42 - 2020-09-11 18:42 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidtel.exe
2020-09-11 18:42 - 2020-09-11 18:42 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidcertstorecheck.exe
2020-09-11 18:42 - 2020-09-11 18:42 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\applockerfltr.sys
2020-09-11 18:42 - 2020-09-11 18:42 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tier2punctuations.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 007845080 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 007582768 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 006233080 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 004005888 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 003714048 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 003581240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-09-11 18:41 - 2020-09-11 18:41 - 003136000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 003084800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 002711552 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-09-11 18:41 - 2020-09-11 18:41 - 002454904 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 002291712 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 002060288 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdprt.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 001942016 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 001885184 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 001784832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 001767424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 001746232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 001499136 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 001182720 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 001182208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-09-11 18:41 - 2020-09-11 18:41 - 001008952 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000981320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2020-09-11 18:41 - 2020-09-11 18:41 - 000978232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000944680 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-09-11 18:41 - 2020-09-11 18:41 - 000841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000817152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2020-09-11 18:41 - 2020-09-11 18:41 - 000750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000722072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000555320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Vid.sys
2020-09-11 18:41 - 2020-09-11 18:41 - 000521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-09-11 18:41 - 2020-09-11 18:41 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountExtension.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-09-11 18:41 - 2020-09-11 18:41 - 000379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000375096 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\smbwmiv2.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000273208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000250680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2020-09-11 18:41 - 2020-09-11 18:41 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000224072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2020-09-11 18:41 - 2020-09-11 18:41 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000208712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2020-09-11 18:41 - 2020-09-11 18:41 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000201544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2020-09-11 18:41 - 2020-09-11 18:41 - 000200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000200008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2020-09-11 18:41 - 2020-09-11 18:41 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapistub.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapi32.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000142152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2020-09-11 18:41 - 2020-09-11 18:41 - 000129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcDecoderHost.exe
2020-09-11 18:41 - 2020-09-11 18:41 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2020-09-11 18:41 - 2020-09-11 18:41 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2020-09-11 18:41 - 2020-09-11 18:41 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000059192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2020-09-11 18:41 - 2020-09-11 18:41 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000047008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2020-09-11 18:41 - 2020-09-11 18:41 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2020-09-11 18:41 - 2020-09-11 18:41 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys
2020-09-11 18:41 - 2020-09-11 18:41 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys
2020-09-11 18:41 - 2020-09-11 18:41 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdiagnostics.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\fixmapi.exe
2020-09-11 18:41 - 2020-09-11 18:41 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll
2020-09-11 17:59 - 2020-09-11 17:59 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-09-11 17:59 - 2020-09-11 17:59 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-09-11 15:40 - 2020-09-10 16:40 - 000153723 _____ C:\Users\suesarkis\Documents\CDL.pdf
2020-09-11 15:23 - 2020-09-11 15:19 - 000744808 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2020-09-11 14:18 - 2020-09-11 14:22 - 011108576 _____ (McAfee, LLC) C:\Users\suesarkis\Desktop\MCPR.exe
2020-09-10 21:44 - 2020-09-10 21:44 - 000003372 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2069550446-780284186-1707450264-1001
2020-09-10 21:44 - 2020-09-10 21:44 - 000002375 _____ C:\Users\suesarkis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-09-09 14:50 - 2020-09-09 14:55 - 000057061 _____ C:\Users\suesarkis\Desktop\Additionold (1).txt
2020-09-09 14:48 - 2020-09-09 14:55 - 000087111 _____ C:\Users\suesarkis\Desktop\Additionold (2).txt
2020-09-09 13:51 - 2020-09-09 13:53 - 000002928 _____ C:\Users\suesarkis\Desktop\Geeks instructions.txt
2020-09-09 13:51 - 2020-09-09 13:51 - 000000085 _____ C:\WINDOWS\wininit.ini
2020-09-08 20:01 - 2020-09-08 20:01 - 005977466 _____ C:\Users\suesarkis\Desktop\Jon Voight Do or Die.mp4
2020-09-08 15:37 - 2020-09-08 16:03 - 001094172 _____ C:\WINDOWS\Minidump\090820-44484-01.dmp
2020-09-07 12:35 - 2020-09-07 12:48 - 000064068 _____ C:\Users\suesarkis\Downloads\Addition.txt
2020-09-07 12:11 - 2020-09-07 12:11 - 002297344 _____ (Farbar) C:\Users\suesarkis\Downloads\FRST64 (5).exe
2020-09-07 12:00 - 2020-09-07 12:00 - 002297344 _____ (Farbar) C:\Users\suesarkis\Downloads\FRST64 (4).exe
2020-09-07 12:00 - 2020-09-07 12:00 - 002297344 _____ (Farbar) C:\Users\suesarkis\Downloads\FRST64 (3).exe
2020-09-07 12:00 - 2020-09-07 12:00 - 002297344 _____ (Farbar) C:\Users\suesarkis\Downloads\FRST64 (2).exe
2020-09-07 09:46 - 2020-09-07 23:43 - 000001957 _____ C:\Users\suesarkis\Desktop\Geeks Leads.txt
2020-09-05 09:47 - 2020-09-05 09:47 - 000009346 _____ C:\Users\suesarkis\Documents\2020-9-5 Food Recipients.wpd
2020-09-04 22:30 - 2020-09-04 22:56 - 001124524 _____ C:\WINDOWS\Minidump\090420-41500-01.dmp
2020-09-04 08:35 - 2020-09-04 08:35 - 000000000 ____D C:\WINDOWS\%LOCALAPPDATA%
2020-09-04 08:23 - 2020-09-04 08:23 - 000217608 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-09-03 19:38 - 2020-09-03 19:38 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-09-03 01:07 - 2020-09-10 12:35 - 000000788 _____ C:\Users\suesarkis\Desktop\Walkenhorst.txt
2020-09-01 20:51 - 2020-09-01 20:51 - 000000160 _____ C:\Users\suesarkis\Desktop\Dr Lentz.txt
2020-08-31 21:09 - 2020-08-31 21:40 - 001284420 _____ C:\WINDOWS\Minidump\083120-40421-01.dmp
2020-08-31 15:02 - 2020-08-31 15:02 - 000000000 ____D C:\Users\suesarkis\db
2020-08-31 14:59 - 2020-08-31 15:00 - 093753336 _____ (Oath Inc.) C:\Users\suesarkis\Downloads\Install_AOL_Desktop (2).exe
2020-08-31 14:58 - 2020-08-31 15:00 - 000401025 _____ C:\Users\suesarkis\Desktop\AOL Desktop Backup 2020-08-31 14-58.AolSave
2020-08-30 19:32 - 2020-08-30 19:31 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-08-29 08:56 - 2020-08-29 09:19 - 000681148 _____ C:\WINDOWS\Minidump\082920-44640-01.dmp
2020-08-26 23:48 - 2020-08-26 23:48 - 011519037 _____ C:\Users\suesarkis\Desktop\Cal Mafia.mp4
2020-08-26 13:22 - 2020-09-12 07:29 - 000530360 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-08-26 13:22 - 2020-08-26 13:39 - 001154748 _____ C:\WINDOWS\Minidump\082620-46968-01.dmp
2020-08-26 11:02 - 2020-08-26 11:02 - 000000124 _____ C:\Users\suesarkis\Desktop\Voter Fraud cases.txt
2020-08-22 21:34 - 2020-08-22 21:34 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2020-08-22 21:34 - 2020-08-10 10:38 - 000436536 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2020-08-22 21:34 - 2020-08-10 10:37 - 000905528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2020-08-20 11:49 - 2020-08-20 11:49 - 000002144 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-08-20 08:02 - 2020-08-21 08:42 - 000000000 ____D C:\found.002
2020-08-17 11:49 - 2020-08-17 11:49 - 000011368 _____ C:\Users\suesarkis\Documents\Food Bank List entire.wpd
2020-08-17 10:44 - 2020-08-17 10:44 - 000006549 _____ C:\Users\suesarkis\Documents\Dora Tate food recipients numberless.wpd
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-09-14 10:38 - 2013-11-20 14:44 - 000000000 ____D C:\FRST
2020-09-14 10:34 - 2019-09-26 10:33 - 000000000 ____D C:\Users\suesarkis\Desktop\FRST-OlderVersion
2020-09-14 10:34 - 2019-03-18 21:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-09-14 10:32 - 2019-12-01 15:23 - 000842668 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-09-14 10:32 - 2019-03-18 21:50 - 000000000 ____D C:\WINDOWS\INF
2020-09-14 10:28 - 2014-11-23 14:39 - 000000000 __SHD C:\Users\suesarkis\IntelGraphicsProfiles
2020-09-14 10:26 - 2019-12-01 15:55 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-09-14 10:25 - 2019-03-18 21:37 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2020-09-14 10:01 - 2020-04-04 13:04 - 000000000 ____D C:\Users\suesarkis\AppData\LocalLow\IGDump
2020-09-14 09:20 - 2017-06-01 08:00 - 000000000 ____D C:\Users\suesarkis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aol Inc
2020-09-14 09:17 - 2019-12-01 15:02 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-09-14 08:32 - 2019-12-01 15:55 - 000004160 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{B2E84DCE-1944-445C-A875-3E8412E6C94E}
2020-09-14 08:28 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-09-14 08:26 - 2019-03-18 21:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-09-14 00:46 - 2013-04-23 16:55 - 000000000 ____D C:\Users\suesarkis\Documents\COMPUTER
2020-09-13 22:22 - 2013-04-23 16:54 - 000000000 ____D C:\Users\suesarkis\Documents\ARTICLES
2020-09-13 13:33 - 2013-04-24 08:40 - 000000000 ____D C:\Users\suesarkis\Documents\POLITICAL
2020-09-12 10:36 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2020-09-12 07:31 - 2017-12-09 17:00 - 000000000 ___RD C:\Users\suesarkis\3D Objects
2020-09-12 07:31 - 2013-01-14 11:27 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-09-12 00:24 - 2019-03-18 21:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2020-09-12 00:24 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-09-12 00:24 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-09-12 00:24 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-09-12 00:23 - 2019-03-18 21:52 - 000000000 ___RD C:\WINDOWS\PrintDialog
2020-09-12 00:23 - 2019-03-18 21:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-09-12 00:23 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-09-12 00:23 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\Provisioning
2020-09-12 00:23 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-09-11 23:34 - 2018-05-18 10:21 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-09-11 23:33 - 2019-03-18 21:52 - 000000000 ____D C:\Program Files\Windows Defender
2020-09-11 19:09 - 2017-06-01 12:00 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-09-11 19:02 - 2019-03-18 21:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-09-11 19:02 - 2017-06-01 11:59 - 129170736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-09-11 18:41 - 2019-12-01 15:07 - 002876416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2020-09-11 15:26 - 2019-02-24 13:37 - 000002400 _____ C:\Users\suesarkis\Desktop\Sweetsuzee - Chrome.lnk
2020-09-11 15:11 - 2019-09-26 10:34 - 000025937 _____ C:\Users\suesarkis\Desktop\Fixlog.txt
2020-09-11 09:07 - 2017-06-02 16:27 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-09-10 21:44 - 2014-12-28 20:34 - 000000000 ___RD C:\Users\suesarkis\OneDrive
2020-09-10 08:05 - 2020-06-14 07:38 - 000002400 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-09-10 08:05 - 2020-06-14 07:38 - 000002238 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-09-10 08:05 - 2020-06-14 07:38 - 000002238 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2020-09-10 08:03 - 2018-07-06 11:29 - 000000000 ____D C:\Users\suesarkis\AppData\Local\CrashDumps
2020-09-09 16:45 - 2017-06-01 07:49 - 000002261 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-09-09 16:45 - 2017-06-01 07:49 - 000002220 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-09-09 16:45 - 2017-06-01 07:49 - 000002220 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-09-08 17:14 - 2019-12-01 15:09 - 000000000 ____D C:\Users\suesarkis
2020-09-08 15:37 - 2020-03-19 14:42 - 000000000 ____D C:\WINDOWS\Minidump
2020-09-08 14:32 - 2018-04-26 18:20 - 000000000 ____D C:\Users\suesarkis\AppData\Local\AOLDesktop
2020-09-08 14:30 - 2017-06-01 07:59 - 000000000 ____D C:\Users\suesarkis\AppData\Local\SquirrelTemp
2020-09-07 18:42 - 2013-05-23 10:22 - 000000000 ____D C:\Users\suesarkis\Documents\PHONE BOOK
2020-09-07 16:29 - 2013-05-15 11:30 - 000000000 ____D C:\Users\suesarkis\Documents\PASSWORDS
2020-09-07 12:48 - 2013-11-30 18:43 - 000098336 _____ C:\Users\suesarkis\Downloads\FRST.txt
2020-09-06 23:15 - 2017-09-14 23:52 - 000001829 _____ C:\Users\suesarkis\Desktop\GROCERIES.txt
2020-09-05 23:28 - 2017-07-27 16:07 - 000003391 _____ C:\Users\suesarkis\Desktop\email addresses.txt
2020-09-05 14:51 - 2020-01-12 14:45 - 000000118 _____ C:\Users\suesarkis\Desktop\Ernestine.txt
2020-09-04 10:24 - 2013-05-23 10:25 - 000000000 ____D C:\Users\suesarkis\Documents\STOCKS
2020-09-03 23:49 - 2019-12-01 15:09 - 000000000 ____D C:\Users\Administrator
2020-09-01 23:18 - 2020-08-11 06:31 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-09-01 23:18 - 2020-06-14 07:37 - 000003408 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-09-01 23:18 - 2020-06-14 07:37 - 000003184 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-09-01 23:18 - 2020-03-04 12:16 - 000002440 _____ C:\WINDOWS\system32\Tasks\CorelUpdateHelperTaskCore
2020-09-01 23:18 - 2019-12-01 15:55 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-09-01 23:18 - 2019-12-01 15:55 - 000003124 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-09-01 23:18 - 2019-12-01 15:55 - 000003118 _____ C:\WINDOWS\system32\Tasks\Intel PTT EK Recertification
2020-09-01 23:18 - 2019-12-01 15:55 - 000002982 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn
2020-09-01 23:18 - 2019-12-01 15:55 - 000002896 _____ C:\WINDOWS\system32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe
2020-09-01 23:18 - 2019-12-01 15:55 - 000002856 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2069550446-780284186-1707450264-1004
2020-09-01 23:18 - 2019-12-01 15:55 - 000002602 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime
2020-09-01 23:18 - 2019-12-01 15:55 - 000002444 _____ C:\WINDOWS\system32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2020-09-01 23:18 - 2019-12-01 15:55 - 000002392 _____ C:\WINDOWS\system32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2020-09-01 23:18 - 2019-12-01 15:55 - 000002388 _____ C:\WINDOWS\system32\Tasks\Microsoft_Hardware_Launch_itype_exe
2020-09-01 23:18 - 2019-12-01 15:55 - 000002374 _____ C:\WINDOWS\system32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2020-09-01 23:18 - 2019-12-01 15:55 - 000002370 _____ C:\WINDOWS\system32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2020-09-01 23:18 - 2019-12-01 15:55 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2020-09-01 20:58 - 2013-05-23 10:21 - 000000000 ____D C:\Users\suesarkis\Documents\MISC
2020-08-31 15:02 - 2020-06-18 14:09 - 000000000 ____D C:\Users\suesarkis\AppData\Local\AOLDesktopData
2020-08-31 15:01 - 2018-06-09 17:51 - 000000000 ____D C:\Users\suesarkis\AppData\Local\D3DSCache
2020-08-31 10:58 - 2013-05-23 10:15 - 000000000 ____D C:\Users\suesarkis\Documents\Complaints
2020-08-30 19:32 - 2020-08-03 08:49 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-08-30 19:32 - 2020-08-03 08:49 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-08-30 19:32 - 2020-08-03 08:49 - 000002021 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-08-30 19:32 - 2019-03-18 21:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-08-30 19:31 - 2020-08-03 08:37 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-08-30 17:10 - 2013-05-20 14:48 - 000000000 ____D C:\Users\suesarkis\Documents\JOKES
2020-08-29 21:42 - 2020-05-17 21:52 - 000002968 _____ C:\Users\suesarkis\Desktop\Tenants.txt
 
==================== Files in the root of some directories ========
 
2015-02-11 19:02 - 2015-02-11 19:02 - 000880208 _____ (Google Inc.) C:\Users\suesarkis\ChromeSetup.exe
2019-12-01 10:41 - 2019-12-01 10:41 - 000000538 _____ () C:\Program Files (x86)\LMIR0838B001.tmp_r.bat
2019-12-01 13:57 - 2019-12-01 13:57 - 000000738 _____ () C:\Program Files (x86)\LMIR0B414001.tmp.bat
2019-12-01 13:57 - 2019-12-01 13:57 - 000000538 _____ () C:\Program Files (x86)\LMIR0B414001.tmp_r.bat
2019-12-01 13:51 - 2019-12-01 13:51 - 000000556 _____ () C:\Users\suesarkis\AppData\Local\LMIR09622001.tmp_r.bat
2019-12-01 14:18 - 2019-12-01 14:18 - 000000756 _____ () C:\Users\suesarkis\AppData\Local\LMIR0B406001.tmp.bat
2019-12-01 14:18 - 2019-12-01 14:18 - 000000556 _____ () C:\Users\suesarkis\AppData\Local\LMIR0B406001.tmp_r.bat
2017-11-17 09:38 - 2017-11-17 09:38 - 000000017 _____ () C:\Users\suesarkis\AppData\Local\resmon.resmoncfg
2017-10-15 07:43 - 2017-07-28 14:57 - 000105744 _____ (Bomgar) C:\Users\suesarkis\AppData\Local\Z@H!-147561942927653119494-32.tmp
2017-10-15 07:43 - 2017-07-28 14:57 - 000123152 _____ (Bomgar) C:\Users\suesarkis\AppData\Local\Z@H!-147561942927653119494-64.tmp
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ========================
 
 
 
ADDITION.txt
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-09-2020
Ran by suesarkis (14-09-2020 10:41:16)
Running from C:\Users\suesarkis\Desktop
Windows 10 Home Version 1909 18363.1082 (X64) (2019-12-01 22:57:22)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2069550446-780284186-1707450264-500 - Administrator - Disabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-2069550446-780284186-1707450264-503 - Limited - Disabled)
Guest (S-1-5-21-2069550446-780284186-1707450264-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2069550446-780284186-1707450264-1003 - Limited - Enabled)
suesarkis (S-1-5-21-2069550446-780284186-1707450264-1001 - Administrator - Enabled) => C:\Users\suesarkis
User (S-1-5-21-2069550446-780284186-1707450264-1004 - Administrator - Enabled) => C:\Users\User
WDAGUtilityAccount (S-1-5-21-2069550446-780284186-1707450264-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 20.012.20043 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.344 - Adobe)
AOL Desktop Gold (HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\AOLDesktop) (Version: 11.0.2811 - Oath Inc.)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Copernic Desktop Search (HKLM\...\{CFC6FE00-2609-4D6D-8209-C232864B9861}) (Version: 7.1.2.13449 - Copernic) Hidden
Copernic Desktop Search (HKLM\...\CopernicDesktopSearch7) (Version: 7.1.2.13449 - Copernic)
Corel Update Manager (HKLM-x32\...\{970F0689-74EE-4847-82DD-37F33D62C6A5}) (Version: 2.13.594 - Corel corporation) Hidden
Digital Coupon Printer (HKLM-x32\...\{2CDD20A5-DFDE-4AC0-97DD-F60B1196BF98}) (Version: 3.50.0.0 - Hopster, Inc. an Inmar company)
Free Alarm Clock (HKLM-x32\...\{8ED5A2F1-338F-4608-8AF7-BCD1ADC1E1F7}_is1) (Version: 4.0.1.0 - Comfort Software Group)
Free Countdown Timer (HKLM-x32\...\{404245D0-E836-4737-9C12-D4D0034540F5}_is1) (Version: 4.0.1.0 - Comfort Software Group)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 85.0.4183.102 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
HP LaserJet Pro M402-M403 n-dne (HKLM-x32\...\{e2164336-c5d8-4ac9-a53b-125779c4c21b}) (Version: 16.0.17174.675 - Hewlett-Packard)
HPDXP (HKLM-x32\...\{2D0909B2-FA33-4C36-8845-BF930A5A945E}) (Version: 3.0.26.20 - HP) Hidden
HPLJPRoM402M403ndne (HKLM-x32\...\{58532038-B97D-4C9B-9B96-C70D5EA763F4}) (Version: 0.10.0000 - Hewlett-Packard) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{314d4c01-f54b-4125-a71f-1e2722c29050}) (Version: 10.1.1.40 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.11.1193 - Intel Corporation)
Intel® PRO/Wireless Driver (HKLM\...\{66afb482-3029-428f-8283-135d3c272132}) (Version: 19.00.0000.4496 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4885 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 17.0.3.1080 - Intel Corporation)
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{C81FD018-F151-460F-B4F9-0D58039503E2}) (Version: 17.2.4.9002 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{B294CE94-FE0F-4427-910C-180AF9FCFED1}) (Version: 1.0.1.620 - Intel Corporation)
LJDXPHelperUI (HKLM-x32\...\{DEB23FB1-04FF-44AC-98B5-EEB243D65A28}) (Version: 140.069.007 - HP) Hidden
Malwarebytes version 4.2.0.82 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.2.0.82 - Malwarebytes)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.13127.20408 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 85.0.564.51 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.135.29 - )
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 3.2.116.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\OneDriveSetup.exe) (Version: 20.143.0716.0003 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 x64 ENU (HKLM\...\{8424B163-D1E0-48B7-88A2-C7A61767B3D7}) (Version: 4.0.8482.1 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{406C9ADB-1325-4FD0-9D13-C119CFF64E0A}) (Version: 2.65.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
MyCorkboard Screen Saver (HKLM-x32\...\Corkboard) (Version:  - )
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13127.20164 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13127.20164 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13127.20378 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.13127.20164 - Microsoft Corporation) Hidden
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Speccy (HKLM\...\Speccy) (Version: 1.30 - Piriform)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22899 - Microsoft Corporation)
WordPerfect Office IFilter 32-bit (HKLM-x32\...\{1DF03ECE-6AF4-414E-B118-C316F151A9A2}) (Version: 1.6 - Corel Corporation)
WordPerfect Office IFilter 64-bit (HKLM\...\{1B45B85C-99E8-4523-8FB3-0248B3DECFC8}) (Version: 1.6 - Corel Corporation)
WordPerfect Office X7 - IPM Content HSE (HKLM-x32\...\{8E879C65-6BA7-4108-9A0D-C455A30ECAF6}) (Version: 17.0 - Corel Corporation) Hidden
WordPerfect Office X7 - IPM HSE (HKLM-x32\...\{D55537B5-123F-4CEE-A56C-557582FA285D}) (Version: 17.2 - Corel Corporation) Hidden
WordPerfect Office X9 - Common Files (HKLM-x32\...\{50567D26-6C7E-4A3E-9752-BE23977A6C8D}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - Common Files English (HKLM-x32\...\{97D165C7-7B4C-442D-9DC6-FE0240A1C98C}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - IPM Content HSE (HKLM-x32\...\{2C332DEE-CB1A-4C4C-A976-7F6FBBDA08F1}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - IPM HSE (HKLM-x32\...\{EF04AF62-9B04-470E-B2EB-D28EE053D991}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - Lightning Files (HKLM-x32\...\{5D00E927-0798-4F5D-83B2-A60AFA4C7B93}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - Lightning Files English (HKLM-x32\...\{0705BB45-E2C0-41AF-A24D-BB66FB78F574}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - Oxford (HKLM-x32\...\{9B32CB12-C951-417E-8490-EAD6E56D920D}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - Presentations Files (HKLM-x32\...\{6C2494D8-AA48-49E8-8449-BCDA8BB7F01C}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - Presentations Files English (HKLM-x32\...\{C55FBD71-ACA9-495F-9EBA-EB23A51206D0}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - Quattro Pro Files (HKLM-x32\...\{B085C003-6454-4512-A3CB-B873E4F8ABEF}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - Quattro Pro Files English (HKLM-x32\...\{941020B9-7483-4FA2-B40B-C56815361DAB}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - Redists (HKLM-x32\...\{8092CE83-3E55-499F-B746-06E6825C7381}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - Setup Files (HKLM-x32\...\{F5784FBC-42E2-429F-A7CF-34959D995957}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - WordPerfect Files (HKLM-x32\...\{55D49A6A-BCBE-40A4-8A9E-1AEC5F125CAC}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - WordPerfect Files English (HKLM-x32\...\{6052701D-0BA0-4AC9-9E7C-0209E0CB2873}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - WPD format Props x64 (HKLM\...\{32B843EE-A124-4DBE-84D0-BB2AE22FF5C1}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - Writing Tools Files (HKLM-x32\...\{116B261F-1198-4F52-B46A-D6C3A70171FA}) (Version: 19.0 -  Corel Corporation) Hidden
WordPerfect Office X9 (HKLM-x32\...\_{F5784FBC-42E2-429F-A7CF-34959D995957}) (Version: 19.0.0.325 - Corel Corporation)
WordPerfect Office X9 (HKLM-x32\...\{60338C41-EFE7-42C2-9442-46AE4FE90CC5}) (Version: 19.0 - Corel Corporation) Hidden
 
Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2020-01-21] (Autodesk Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_115.1.152.0_x64__v10z8vjag6ke6 [2020-05-27] (HP Inc.)
Keeper - Password Manager & Secure File Storage -> C:\Program Files\WindowsApps\KeeperSecurityInc.Keeper_14.0.33.0_x64__kejf07qmg0jnm [2020-01-21] (Keeper Security Inc)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.8042.0_x64__8wekyb3d8bbwe [2020-08-08] (Microsoft Studios) [MS Ad]
Microsoft Ultimate Word Games -> C:\Program Files\WindowsApps\Microsoft.Studios.Wordament_3.6.10070.0_x64__8wekyb3d8bbwe [2020-01-21] (Microsoft Studios) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad]
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-02-23] (Microsoft Corporation)
Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2020-06-11] (Adobe Systems Incorporated)
RICOH Driver Utility -> C:\Program Files\WindowsApps\3EA2211E.RICOHDriverUtility_4.6.0.0_x86__fxme7667cy4q4 [2020-02-14] (Ricoh Company, Ltd.)
Synaptics TouchPad -> C:\Program Files\WindowsApps\SynapticsIncorporated.SynHPConsumerDApp_19005.35054.0.0_x64__807d65c4rvak2 [2020-03-13] (Synaptics Incorporated)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2020-01-21] (Twitter Inc.)
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-2069550446-780284186-1707450264-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel® pGFX -> Intel Corporation)
ShellIconOverlayIdentifiers: [  OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-02-25] () [File not signed] [File is in use]
ContextMenuHandlers1: [CopernicFileShellContextMenuExtension] -> {fad66f81-4ada-3a28-a8d3-97f227e9abc4} => C:\Program Files\Copernic\DesktopSearch\Copernic.DesktopSearch.ShellContextMenu.dll [2020-03-04] (N. Harris Computer Corporation -> Copernic, a division of N. Harris Computer Corporation)
ContextMenuHandlers2: [CopernicFolderShellContextMenuExtension] -> {c29b51af-17b7-3bf8-a3c1-93920128ef65} => C:\Program Files\Copernic\DesktopSearch\Copernic.DesktopSearch.ShellContextMenu.dll [2020-03-04] (N. Harris Computer Corporation -> Copernic, a division of N. Harris Computer Corporation)
ContextMenuHandlers2-x32: [QuickFinderMenu] -> {0c5824b1-555e-4799-b8be-97b08362623b} => c:\Program Files (x86)\Corel\WordPerfect Office X9\Programs\PFSE190.DLL [2018-05-13] (Corel Corporation -> Corel Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-08-03] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-02-25] () [File not signed] [File is in use]
ContextMenuHandlers4: [CopernicFolderShellContextMenuExtension] -> {c29b51af-17b7-3bf8-a3c1-93920128ef65} => C:\Program Files\Copernic\DesktopSearch\Copernic.DesktopSearch.ShellContextMenu.dll [2020-03-04] (N. Harris Computer Corporation -> Copernic, a division of N. Harris Computer Corporation)
ContextMenuHandlers4-x32: [QuickFinderMenu] -> {0c5824b1-555e-4799-b8be-97b08362623b} => c:\Program Files (x86)\Corel\WordPerfect Office X9\Programs\PFSE190.DLL [2018-05-13] (Corel Corporation -> Corel Corporation)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-01] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers5: [CopernicFolderShellContextMenuExtension] -> {c29b51af-17b7-3bf8-a3c1-93920128ef65} => C:\Program Files\Copernic\DesktopSearch\Copernic.DesktopSearch.ShellContextMenu.dll [2020-03-04] (N. Harris Computer Corporation -> Copernic, a division of N. Harris Computer Corporation)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-12-27] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-08-03] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-01] (Piriform Ltd -> Piriform Ltd)
 
==================== Codecs (Whitelisted) ====================
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
Shortcut: C:\Users\suesarkis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyCorkboard Screen Saver\Special Offers.lnk -> hxxp://www.mycorkboard.com/SpecialOffers.as
Shortcut: C:\Users\suesarkis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyCorkboard Screen Saver\Visit MyCorkboard.com.lnk -> hxxp://www.mycorkboard.com
ShortcutWithArgument: C:\Users\suesarkis\Desktop\Sweetsuzee - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"
 
==================== Loaded Modules (Whitelisted) =============
 
2009-09-16 19:44 - 2009-09-16 19:44 - 000153088 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\hptcpmib.dll
2009-09-16 19:45 - 2009-09-16 19:45 - 000331264 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\HpTcpMon.dll
2009-09-16 12:44 - 2009-09-16 12:44 - 000132096 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\hpzjrd01.dll
2019-02-25 14:15 - 2019-02-25 14:15 - 000126976 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\OptaneShellExtensions\iaStorAfsServiceApi.dll
1998-06-08 12:06 - 1998-06-08 12:06 - 000914432 _____ (LEAD Technologies, Inc.) [File not signed] C:\Program Files (x86)\Corkboard\LEAD51N.dll
2009-09-16 19:45 - 2009-09-16 19:45 - 000317440 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\HPTcpMUI.dll
2020-04-09 07:31 - 2020-04-09 07:31 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\AppvIsvSubsystems32.dll
2020-04-09 07:31 - 2020-04-09 07:31 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\c2r32.dll
2002-10-10 21:47 - 2002-10-10 21:47 - 000081920 _____ (PC Dynamics, Inc.) [File not signed] C:\Program Files (x86)\Corkboard\Animate.dll
2002-10-10 21:45 - 2017-10-15 21:50 - 000139264 _____ (PC Dynamics, Inc.) [File not signed] C:\Program Files (x86)\Corkboard\cork.dll
2002-10-10 21:47 - 2002-10-10 21:47 - 000061440 _____ (PC Dynamics, Inc.) [File not signed] C:\Program Files (x86)\Corkboard\objects\CALENDAR.CBL
2002-10-10 21:47 - 2002-10-10 21:47 - 000065536 _____ (PC Dynamics, Inc.) [File not signed] C:\Program Files (x86)\Corkboard\objects\CLOCKS.CBL
2002-10-10 21:47 - 2002-10-10 21:47 - 000032768 _____ (PC Dynamics, Inc.) [File not signed] C:\Program Files (x86)\Corkboard\objects\DECOR.CBL
2002-10-10 21:47 - 2002-10-10 21:47 - 000032768 _____ (PC Dynamics, Inc.) [File not signed] C:\Program Files (x86)\Corkboard\objects\DIALER.CBL
2002-10-10 21:47 - 2002-10-10 21:47 - 000032768 _____ (PC Dynamics, Inc.) [File not signed] C:\Program Files (x86)\Corkboard\objects\GENGIZMO.CBL
2002-10-10 21:47 - 2002-10-10 21:47 - 000057344 _____ (PC Dynamics, Inc.) [File not signed] C:\Program Files (x86)\Corkboard\objects\GIZMOS.CBL
2002-10-10 21:47 - 2002-10-10 21:47 - 000036864 _____ (PC Dynamics, Inc.) [File not signed] C:\Program Files (x86)\Corkboard\objects\NAMEPLT.CBL
2002-10-10 21:47 - 2002-10-10 21:47 - 000036864 _____ (PC Dynamics, Inc.) [File not signed] C:\Program Files (x86)\Corkboard\objects\PICTURES.CBL
2002-10-10 21:47 - 2002-10-10 21:47 - 000049152 _____ (PC Dynamics, Inc.) [File not signed] C:\Program Files (x86)\Corkboard\objects\STKYNOTE.CBL
2002-10-10 21:47 - 2002-10-10 21:47 - 000057344 _____ (PC Dynamics, Inc.) [File not signed] C:\Program Files (x86)\Corkboard\objects\TODOLIST.CBL
2002-10-10 21:47 - 2002-10-10 21:47 - 000077824 _____ (PC Dynamics, Inc.) [File not signed] C:\Program Files (x86)\Corkboard\public.dll
2020-04-29 19:48 - 2014-12-22 14:54 - 000110207 _____ (Un4seen Developments) [File not signed] C:\Program Files (x86)\FreeCountdownTimer\bass.dll
2020-04-29 19:48 - 2014-11-28 15:54 - 000021772 _____ (Un4seen Developments) [File not signed] C:\Program Files (x86)\FreeCountdownTimer\bassflac.dll
2020-04-29 19:48 - 2014-10-20 15:08 - 000017733 _____ (Un4seen Developments) [File not signed] C:\Program Files (x86)\FreeCountdownTimer\basswma.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
==================== Safe Mode (Whitelisted) ==================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer (Whitelisted) ==========
 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-09-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-09-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-09-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-09-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-09-11] (Microsoft Corporation -> Microsoft Corporation)
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\123simsen.com -> www.123simsen.com
 
There are 7863 more sites.
 
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2017-06-01 07:47 - 2020-02-29 16:05 - 000450599 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com
 
There are 15459 more lines.
 
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;c:\Program Files\Intel\WiFi\bin\;c:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT;C:\Program Files\Intel\Intel® Management Engine Components\IPT
HKU\S-1-5-21-2069550446-780284186-1707450264-1001\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 209.18.47.63 - 209.18.47.61
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
HKLM\...\StartupApproved\StartupFolder: => "AOL OnePoint.lnk"
HKLM\...\StartupApproved\Run: => "SynTPEnh"
HKLM\...\StartupApproved\Run32: => "Digital Coupon Print Driver"
HKLM\...\StartupApproved\Run32: => "SDTray"
HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\StartupApproved\Run: => "Copernic Desktop Search - Home"
HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\StartupApproved\Run: => "Embedded Callback - remotesupport.aol.com"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{644E8E3F-A22B-438C-9991-E79FCE7AEE80}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6FA02D24-8C66-4400-9D74-DB957DF26456}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{26A6A246-CD82-4BA1-A8FA-DF8EFF017DAF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FD5CA861-AF5A-4745-B6CF-8C9972039858}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{691BB49A-75DB-48CB-AE42-979AB3D5E7A5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{171D7A6E-D088-4CC2-A349-679171E9DA0F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{362CD2AD-DD29-4461-B961-06AFF91EC639}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2849DD0E-4B2C-41D6-8F6C-270D8B695EA8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{351E634D-B39D-4303-89E9-108F28D4CFCA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{56DFA6EE-B223-48DA-AE2D-7B6FB7B42EA2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AFF96C6E-87ED-48B0-9140-E9FBF107C4DD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{20476A79-F171-41B9-8A9F-AC2AA3C5D0D3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BCAFC238-F073-46A9-989F-09EC7909000D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3121FCA4-0227-4705-83A9-FEA5E7D75193}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{835B0B78-5478-41AD-B336-95A81D30AFAD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9244B37B-4BD6-4502-A28A-566F4B89C988}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3CD4EA73-50E6-4ED3-821B-42EDFC036842}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8C95CD6D-AA8F-4418-9B6F-50058C112E3E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{88388D18-1D93-4892-BC4C-04008E4A7C45}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D6CD4C8C-7F69-4F51-988A-13EF795379E1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C7D888F4-5E25-419A-AA35-A65EF831CEFD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E35B656B-CE90-4FB8-8F13-EFED49EA09BE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A415169A-3696-4674-9C2A-69E130772B05}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FFB02FD5-DDE7-40E8-8139-2DF0883E6689}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D2BB0580-314A-47EE-B439-D281FA70A33C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5061C8D4-DBED-4796-8760-442AEF3C4F10}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8DDDB957-5175-421C-B86B-5F7B90E5A2AC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F0D862E8-9DE5-4B32-B102-2EF907BEC393}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AD31E2C6-F3EB-4453-BCFE-B9241D7770E2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4DA0C036-3986-4D21-BEC2-7E7A5866CB21}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1F967218-F25E-454F-89E0-D0A8A7E7A35B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{54C4B7BB-0E96-490E-8C45-FC7C2B7D7FB8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{18296F8A-B57F-48C7-95AB-0E1F218B7D43}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E3D6C282-FF9F-41BC-AAF3-43BC982D8687}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6B48C52A-F93C-4C86-BD6B-A080A06AC8FC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F09221EE-7648-42C5-B166-DBCE3A859307}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5E44700D-544F-421A-9275-0E13366A81B4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{CCF1E509-4E11-407A-912A-28D1EB193B88}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{54C20567-1CA6-4DCB-84E3-91E28531BC4A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{EC585C8D-30EA-49C5-994B-CDC871132BD3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0DE47B94-519F-42C0-8D1F-70FD43447FD1}] => (Allow) C:\Program Files\Copernic\DesktopSearch\Copernic.DesktopSearch.exe (N. Harris Computer Corporation -> Copernic, a division of N. Harris Computer Corporation)
FirewallRules: [{0465935A-48A2-4394-9C58-239FC8F41820}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{51BC37A2-EFC6-4E76-AD5B-981860A1D7AD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B7BE7EC3-26C1-4DC8-AE90-2108C240B75B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E1D4E3B8-CE06-4DD1-8985-CE867AB0A314}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{EFCDA0CA-A386-47D5-B29D-15CDAE4CCFE3}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2793\cefsharp.browsersubprocess.exe] => (Allow) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2793\cefsharp.browsersubprocess.exe (AOL, Inc -> AOL)
FirewallRules: [UDP Query User{C4F5DBC4-7E72-4E7E-8627-4258EB62D1AD}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2793\cefsharp.browsersubprocess.exe] => (Allow) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2793\cefsharp.browsersubprocess.exe (AOL, Inc -> AOL)
FirewallRules: [{301EA605-51E0-4F86-AA0C-18AC031A1205}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{51EE5A0C-9731-41CF-ACA7-5B026C36C348}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2811\cefsharp.browsersubprocess.exe] => (Allow) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2811\cefsharp.browsersubprocess.exe (AOL, Inc -> AOL)
FirewallRules: [UDP Query User{D0C7915A-5D29-42E9-868A-4C74099A400A}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2811\cefsharp.browsersubprocess.exe] => (Allow) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2811\cefsharp.browsersubprocess.exe (AOL, Inc -> AOL)
FirewallRules: [{0B29D4C1-F05F-48D6-9476-0A84C896EA60}] => (Block) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2811\cefsharp.browsersubprocess.exe (AOL, Inc -> AOL)
FirewallRules: [{75A80072-DFC0-4B3D-AAF2-B73AA24CE619}] => (Block) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2811\cefsharp.browsersubprocess.exe (AOL, Inc -> AOL)
FirewallRules: [{DD87381C-BFB7-48EE-B29C-992B77A970DD}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{63E33B03-A319-4DEA-B586-8484DFAEBAA7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.141.634.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B2DDFCFD-0366-48AC-A573-0102EA32F992}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.141.634.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C13230EC-E355-45C3-A460-F18F338519F9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.141.634.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8A890488-724A-43EC-A8C5-991F1C95D457}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.141.634.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{89CC55C2-68D6-40FE-A722-BA69C393B4EB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.141.634.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{80667349-F81D-48E0-BFDA-7553DB142BDF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.141.634.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8D7C0224-0D8A-4F19-8481-3AD394B073E5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.141.634.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E225A57D-593D-410C-AD45-6F8C15193503}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.141.634.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1680976F-30E9-4F69-B406-49EEE183B5E3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5B9086FA-2F70-4AAD-B776-17995E9FB380}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B76CD90B-46F2-4381-81CB-01E0CF788D65}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1E989EEF-F355-4248-8D67-25B781DC44E7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
 
==================== Restore Points =========================
 
 
==================== Faulty Device Manager Devices ============
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (09/14/2020 10:39:15 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5468,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
 
Error: (09/14/2020 10:32:15 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: SUESBABY)
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.
 
Error: (09/14/2020 10:32:14 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: SUESBABY)
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.
 
Error: (09/14/2020 10:18:42 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (14160,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
 
Error: (09/14/2020 09:54:32 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
 
Error: (09/14/2020 09:46:51 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (6020,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
 
Error: (09/14/2020 09:25:09 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (6664,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
 
Error: (09/14/2020 09:02:26 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9340,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
 
 
System errors:
=============
Error: (09/14/2020 10:32:23 AM) (Source: DCOM) (EventID: 10010) (User: SUESBABY)
Description: The server Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.
 
Error: (09/14/2020 10:29:28 AM) (Source: DCOM) (EventID: 10010) (User: SUESBABY)
Description: The server Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.
 
Error: (09/14/2020 10:27:53 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
Error: (09/14/2020 10:27:53 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect.
 
Error: (09/14/2020 10:26:16 AM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 16953) (User: NT AUTHORITY)
Description: The password notification DLL "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter" failed to load with error 126. Please verify that the notification DLL path defined in the registry, HKLM\System\CurrentControlSet\Control\Lsa\Notification Packages, refers to a correct and absolute path (<drive>:\<path>\<filename>.<ext>) and not a relative or invalid path. If the DLL path is correct, please validate that any supporting files are located in the same directory, and that the system account has read access to both the DLL path and any supporting files.  Contact the provider of the notification DLL for additional support. Further details can be found on the web at http://go.microsoft..../?LinkId=245898.
 
Error: (09/14/2020 10:26:16 AM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 16953) (User: NT AUTHORITY)
Description: The password notification DLL C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter failed to load with error 126. Please verify that the notification DLL path defined in the registry, HKLM\System\CurrentControlSet\Control\Lsa\Notification Packages, refers to a correct and absolute path (<drive>:\<path>\<filename>.<ext>) and not a relative or invalid path. If the DLL path is correct, please validate that any supporting files are located in the same directory, and that the system account has read access to both the DLL path and any supporting files.  Contact the provider of the notification DLL for additional support. Further details can be found on the web at http://go.microsoft..../?LinkId=245898.
 
Error: (09/14/2020 10:24:15 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Modules Installer service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
 
Error: (09/14/2020 10:24:15 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel® Security Assist service terminated unexpectedly.  It has done this 1 time(s).
 
 
Windows Defender:
===================================
Date: 2020-09-14 09:17:14.574
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {FDB1AEDA-28BA-4D15-9835-62CC38CEFCC8}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2020-08-26 13:53:04.539
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {A83EF79B-1C54-40BA-8CEC-30976EF5DDC7}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2020-08-22 15:03:15.285
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {699C7A99-8BB5-4F93-BB2C-194CDBCAA81D}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2020-08-22 08:39:53.027
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {C7992FFE-4358-42A9-A902-0DF9369F879A}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2020-08-21 08:43:59.752
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {BFD15A39-521A-4FFF-87D0-7CFCCBCC5C97}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2020-09-11 15:11:24.446
Description: 
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: Behavior Monitoring
Error Code: 0x80004005
Error description: Unspecified error 
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
 
Date: 2020-09-11 15:11:24.446
Description: 
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: Behavior Monitoring
Error Code: 0x80004005
Error description: Unspecified error 
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
 
Date: 2020-08-26 13:59:15.172
Description: 
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.253.717.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.15500.2
Error code: 0x80070645
Error description: This action is only valid for products that are currently installed. 
 
Date: 2020-08-26 13:59:15.172
Description: 
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.253.717.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.15500.2
Error code: 0x80070645
Error description: This action is only valid for products that are currently installed. 
 
Date: 2020-08-26 13:59:15.171
Description: 
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.253.717.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.15500.2
Error code: 0x80070645
Error description: This action is only valid for products that are currently installed. 
 
CodeIntegrity:
===================================
 
Date: 2020-09-14 00:18:47.378
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-09-14 00:18:45.766
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-09-14 00:18:23.875
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-09-14 00:18:23.873
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-09-09 13:38:16.128
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Antivirus\snxhk.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-09-09 13:38:10.228
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Antivirus\snxhk.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-09-09 13:33:57.053
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Antivirus\snxhk.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-09-09 13:18:28.263
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Antivirus\snxhk.dll that did not meet the Microsoft signing level requirements.
 
==================== Memory info =========================== 
 
BIOS: Insyde F.04 11/10/2012
Motherboard: Hewlett-Packard 1886
Processor: Intel® Core™ i7-3517U CPU @ 1.90GHz
Percentage of memory in use: 46%
Total physical RAM: 8088.28 MB
Available physical RAM: 4310.67 MB
Total Virtual: 16280.28 MB
Available Virtual: 12529.02 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:444.93 GB) (Free:342.36 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (RECOVERY) (Fixed) (Total:19.19 GB) (Free:2.34 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (OD3.0 SSD) (Removable) (Total:117.53 GB) (Free:46.67 GB) FAT32
 
\\?\Volume{a4e7abf3-f886-47bb-96ff-bc698ba7c3ae}\ (WINRE) (Fixed) (Total:0.39 GB) (Free:0.14 GB) NTFS
\\?\Volume{6f3b996f-1ccc-4000-95d7-0bd109594337}\ () (Fixed) (Total:0.87 GB) (Free:0.24 GB) NTFS
\\?\Volume{01376181-7b57-4385-8f74-5719a12592e7}\ () (Fixed) (Total:0.25 GB) (Free:0.15 GB) FAT32
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: F893BEDB)
 
Partition: GPT.
 
==========================================================
Disk: 1 (Size: 8 GB) (Disk ID: 65103047)
 
Partition: GPT.
 
==========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 117.6 GB) (Disk ID: C3072E18)
Partition 1: (Not Active) - (Size=117.6 GB) - (Type=0C)
 

  • 0

#21
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 4,053 posts

Hi, Sue.

 

I'm afraid you have to repeat the procedure described here, as you didn't follow the instructions to clean/quarantine the adware found with the AdwCleaner's scan.

 

I will be waiting for your new logs. :)


  • 0

#22
sweetsuzee

sweetsuzee

    Member

  • Topic Starter
  • Member
  • PipPip
  • 55 posts

I repeated the scan to no avail. The prompt clearly said "No items were detected on your system", so there was nothing to quarantine.  I'm frustrated and in too much pain to continue right now.  I'm going to lie down as I am angry at myself.  In quarantine there are 2 files with today's date but I know I did stuff after midnight, my time, and I cannot recall if an Adware scan was one of them.  I was thinking about possibly restoring them but I don't want to do anything without your go ahead.  Please advise and again, I am so sorry.  I swear, I think the cancer is eating away at my brain and I sometimes feel so stupid.  My doctors assure me such is not the case as it hasn't gotten quite that high yet. LOL  


  • 0

#23
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 4,053 posts

Hi, Sue.

 

No need to be angry with your self. We all have our easy and difficult days. Relax and everything will go just fine. :)

 

Can you check if there is a log named AdwCleaner[C0*].txt?

 

Open AdwCleaner again, click the Log Files tab and check there for it.

 

(Clean logs have a [C0*] suffix, where * is replaced by a number, the latest scan will have the largest number)


  • 0

#24
sweetsuzee

sweetsuzee

    Member

  • Topic Starter
  • Member
  • PipPip
  • 55 posts

Sorry for the lateness but they kept me late at the hospital.  Tomorrow I believe they are keeping me overnight so I might not be able to respond until Saturday as I am truly exhausted and Friday I'll spend most of the day in bed I would think.  We'll see.  But yes, there is a cleaned file from the 14th named AdwCleaner[CO4].txt   I have to laugh as a similar file numbered CO1.txt was cleaned 9-16-19.   I have scans 3, 4 and 5 but only the one cleaned one as indicated.  I will respond as quickly as possible to your next order since you didn't tell me what to do with that file.  I'm afraid to touch it without your directions.for fear of messing everything up.  Please advise and again, thank you.  Sue 


  • 0

#25
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 4,053 posts
Hi, Sue.

No need to worry about being late. Take your time and take care of your self.

I would like to copy and paste here the content of that file: AdwCleaner[CO4].txt
  • 0

Advertisements


#26
sweetsuzee

sweetsuzee

    Member

  • Topic Starter
  • Member
  • PipPip
  • 55 posts

Here you go !!  Take your time.  LOL

 
 
# -------------------------------
# Malwarebytes AdwCleaner 8.0.7.0
# -------------------------------
# Build:    07-22-2020
# Database: 2020-07-20.1 (Local)
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    09-14-2020
# Duration: 00:00:10
# OS:       Windows 10 Home
# Cleaned:  10
# Failed:   0
 
 
***** [ Services ] *****
 
No malicious services cleaned.
 
***** [ Folders ] *****
 
Deleted       C:\ProgramData\TSR7Settings
 
***** [ Files ] *****
 
Deleted       C:\END
 
***** [ DLL ] *****
 
No malicious DLLs cleaned.
 
***** [ WMI ] *****
 
No malicious WMI cleaned.
 
***** [ Shortcuts ] *****
 
No malicious shortcuts cleaned.
 
***** [ Tasks ] *****
 
No malicious tasks cleaned.
 
***** [ Registry ] *****
 
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\dotomi.com
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\dotomi.com
Deleted       HKLM\Software\Classes\AppID\{233F8F82-F91E-4E49-2222-BD21AB39D1BB}
Deleted       HKLM\Software\Classes\AppID\{A245B088-41FA-478E-8DEA-86177F1394BB}
Deleted       HKLM\Software\Classes\tscmon.Gate
Deleted       HKLM\Software\Wow6432Node\\Classes\AppID\{233F8F82-F91E-4E49-2222-BD21AB39D1BB}
Deleted       HKLM\Software\Wow6432Node\\Classes\AppID\{A245B088-41FA-478E-8DEA-86177F1394BB}
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{233F8F82-F91E-4E49-2222-BD21AB39D1BB}
 
***** [ Chromium (and derivatives) ] *****
 
No malicious Chromium entries cleaned.
 
***** [ Chromium URLs ] *****
 
No malicious Chromium URLs cleaned.
 
***** [ Firefox (and derivatives) ] *****
 
No malicious Firefox entries cleaned.
 
***** [ Firefox URLs ] *****
 
No malicious Firefox URLs cleaned.
 
***** [ Hosts File Entries ] *****
 
No malicious hosts file entries cleaned.
 
***** [ Preinstalled Software ] *****
 
No Preinstalled Software cleaned.
 
 
*************************
 
[+] Delete Tracing Keys
[+] Reset Winsock
 
*************************
 
AdwCleaner[S00].txt - [2114 octets] - [03/05/2019 09:36:18]
AdwCleaner[C00].txt - [2024 octets] - [03/05/2019 09:42:15]
AdwCleaner_Debug.log - [28997 octets] - [16/09/2019 20:13:44]
AdwCleaner[S01].txt - [3511 octets] - [16/09/2019 20:17:35]
AdwCleaner[C01].txt - [3390 octets] - [16/09/2019 20:31:53]
AdwCleaner[S02].txt - [1633 octets] - [29/09/2019 12:31:08]
AdwCleaner[S03].txt - [2864 octets] - [14/09/2020 00:35:40]
AdwCleaner[S04].txt - [2925 octets] - [14/09/2020 10:17:32]
 
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C04].txt ##########

  • 0

#27
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 4,053 posts

Thanks, Sue. That is exactly what I wanted to see. :thumbsup:

 

And now is the time from the fresh FRST logs.

  • Double-click on the FRST icon to run it, as you did before. When the tool opens click Yes to disclaimer.
  • Press Scan button and wait for a while.
  • The scanner will produced two logs on your Desktop: FRST.txt and Addition.txt.
  • Please copy and paste the content of these two logs in your next reply.

  • 0

#28
sweetsuzee

sweetsuzee

    Member

  • Topic Starter
  • Member
  • PipPip
  • 55 posts

I'm glad I got up early to see what was waiting for e, if anything.  Here's what came in and wish me luck as I run out the door.  

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-09-2020
Ran by suesarkis (administrator) on SUESBABY (Hewlett-Packard HP Spectre XT TouchSmart PC) (17-09-2020 09:02:52)
Running from C:\Users\suesarkis\Desktop
Loaded Profiles: suesarkis
Platform: Windows 10 Home Version 1909 18363.1082 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe <2>
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(AOL, Inc -> AOL Inc.) C:\Users\suesarkis\AppData\Local\AOLDesktop\app-11.0.2811\AolDesktop.exe <2>
(AOL, Inc -> AOL) C:\Users\suesarkis\AppData\Local\AOLDesktop\app-11.0.2811\CefSharp.BrowserSubprocess.exe <10>
(Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Comfort Software Group -> Comfort Software Group) C:\Program Files (x86)\FreeCountdownTimer\FreeCountdownTimer.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_972058dc64815bf9\RstMwService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\MKCHelper.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2008.9-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2008.9-0\NisSrv.exe
(N. Harris Computer Corporation -> Copernic, a division of N. Harris Computer Corporation) C:\Program Files\Copernic\DesktopSearch\Copernic.DesktopSearch.exe
(N. Harris Computer Corporation -> Copernic, a division of N. Harris Computer Corporation) C:\Program Files\Copernic\DesktopSearch\Copernic.Plugins.PluginsService.exe
(N. Harris Computer Corporation -> Copernic, a division of N. Harris Computer Systems) C:\Program Files\Copernic\DesktopSearch\DesktopSearchOutlookConnector.exe
(PC Dynamics, Inc.) [File not signed] C:\Program Files (x86)\Corkboard\CORK.EXE
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [320056 2019-02-28] (Intel® Rapid Storage Technology -> Intel Corporation)
HKLM-x32\...\Run: [QuickFinder Scheduler] => c:\Program Files (x86)\Corel\WordPerfect Office X9\Programs\QFSCHD190.EXE [247512 2018-05-13] (Corel Corporation -> Corel Corporation)
HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\Run: [FreeCT] => C:\Program Files (x86)\FreeCountdownTimer\FreeCountdownTimer.exe [4126624 2016-01-22] (Comfort Software Group -> Comfort Software Group)
HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\Run: [AOLDesktop] => C:\Users\suesarkis\AppData\Local\AOLDesktop\AolDesktop.exe [563216 2020-09-08] (AOL, Inc -> AOL Inc.)
HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5482544 2020-08-17] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\Run: [Copernic Desktop Search] => C:\Program Files\Copernic\DesktopSearch\Copernic.DesktopSearch.exe [635104 2020-03-04] (N. Harris Computer Corporation -> Copernic, a division of N. Harris Computer Corporation)
HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\Policies\Explorer: [NoInstrumentation] 1
HKLM\...\Windows x64\Print Processors\HP1020PrintProc: C:\Windows\System32\spool\prtprocs\x64\pphp1020.dll [65024 2012-09-18] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\HP Standard TCP/IP Port: C:\WINDOWS\system32\HpTcpMon.dll [331264 2009-09-16] (Hewlett Packard) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\85.0.4183.102\Installer\chrmstp.exe [2020-09-09] (Google LLC -> Google LLC)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"
Startup: C:\Users\suesarkis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AOL Desktop Launcher.lnk [2020-09-17]
ShortcutTarget: AOL Desktop Launcher.lnk -> C:\Users\suesarkis\AppData\Local\AOLDesktop\AolTrayApp.exe (AOL, Inc -> AOL Inc.)
Startup: C:\Users\suesarkis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyCorkboard.lnk [2017-10-15]
ShortcutTarget: MyCorkboard.lnk -> C:\Program Files (x86)\Corkboard\CORK.EXE (PC Dynamics, Inc.) [File not signed]
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AOL Desktop Launcher.lnk [2019-11-15]
ShortcutTarget: AOL Desktop Launcher.lnk -> C:\Users\suesarkis\AppData\Local\AOLDesktop\AolTrayApp.exe (AOL, Inc -> AOL Inc.)
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {01AEFE23-8B51-4189-9C7B-9F6A3EE580CB} - System32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ceip.exe [39176 2017-10-11] (Microsoft Corporation -> Microsoft)
Task: {0405FE5E-2941-48AF-AE02-56CAE1594428} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_344_pepper.exe [1453624 2020-03-11] (Adobe Inc. -> Adobe)
Task: {1679F551-60AC-484D-A64D-79A079B5E144} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MpCmdRun.exe [525032 2020-09-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {185D8A69-4E7C-488D-AE93-83A8460CF2F1} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1283488 2020-09-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {2C455FCF-8A1C-4F05-BD47-24C5E0A0DFF9} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22764408 2020-09-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {2DCAC850-E0C4-43ED-9778-33873572DB4D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1336400 2020-07-08] (Adobe Inc. -> Adobe Inc.)
Task: {30515428-0D06-4844-BAC0-7FADFE6C79C3} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2497800 2017-10-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {366B36C9-EB22-4CCC-9BBD-BF52B3F13C11} - System32\Tasks\CorelUpdateHelperTaskCore => c:\Program Files (x86)\Corel\CUH\v2\CUH.exe [3583264 2020-06-03] (Corel Corporation -> Corel Corporation)
Task: {3A488821-1ABC-45C9-BC85-00E9BF0E7786} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\suesarkis\Downloads\esetonlinescanner_enu.exe [8149816 2019-09-29] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {48F582DD-B519-49AB-AFF7-1E812641931A} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-03-11] (Adobe Inc. -> Adobe)
Task: {559C1EE8-B918-4FF8-B901-40131935A0E1} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [855352 2016-02-19] (Intel® Trusted Connect Service -> Intel® Corporation)
Task: {57100AE3-B92D-4FC1-8D7F-8CFB19AA6707} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-06-01] (Google Inc -> Google Inc.)
Task: {75BF6DE9-4FCA-4BC3-827F-FE7528955A2E} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1844488 2017-10-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {7803EAFA-C860-4CA5-832E-A0EBB9CD14AF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MpCmdRun.exe [525032 2020-09-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {82B94AD8-29A8-40ED-A907-224D53D80DFA} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\suesarkis\Downloads\esetonlinescanner_enu.exe [8149816 2019-09-29] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {8FA0207E-0F04-4B48-BD37-B2136C28A95A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-06-01] (Google Inc -> Google Inc.)
Task: {926D5219-2D77-469E-99DB-3203D2EA83ED} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118120 2020-09-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {9B255169-60AD-44CA-9D0C-9EC3EE97AA0B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22764408 2020-09-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {A9A555E0-9B0D-4230-B577-05A5E76B8619} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [1967880 2017-10-11] (Microsoft Corporation -> Microsoft)
Task: {B4E4E23A-B57D-4458-9E53-2ED4C42667D6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MpCmdRun.exe [525032 2020-09-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BBF33665-2444-4F15-A3F4-F7AEC254031D} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2497800 2017-10-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {C752C1EA-34F5-4579-906B-C60F5065FA31} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118120 2020-09-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {C7AA6333-7B3F-4297-B701-B24279F83894} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MpCmdRun.exe [525032 2020-09-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DEC2E8AB-AF71-4069-837A-F83ADD0F36EC} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1844488 2017-10-11] (Microsoft Corporation -> Microsoft Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 209.18.47.63 209.18.47.61
Tcpip\..\Interfaces\{1b626343-04a6-45cd-b559-9a91b11fb27c}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{dace9ba1-7c81-4972-8e00-a728cdf2e3da}: [DhcpNameServer] 209.18.47.63 209.18.47.61
 
Edge: 
======
DownloadDir: C:\Users\suesarkis\Downloads
Edge Profile: C:\Users\suesarkis\AppData\Local\Microsoft\Edge\User Data\Default [2020-09-14]
Edge DownloadDir: C:\Users\suesarkis\Downloads
 
FireFox:
========
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-11] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-08-17] (Adobe Inc. -> Adobe Systems Inc.)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Default [2020-09-17]
CHR Notifications: Default -> hxxps://www.facebook.com
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxps://us.search.yahoo.com/yhs/web?hspart=omr&hsimp=yhs-001&type=86311457&param1=y6bdVFVIsvuYsgEClQfz8HyFH9tZCHsOZFHNP%2BYwJC2KzKng6DqDwLXGzQuImnSkuMRjGBMJKVXU9IRCVZHYmv03SMviyUpr2foFPnoYkJaB3zfa5tmymI5biZxxjmVTIbN5ffDfL8kCtQrGoxi2kMRzHbkFAtg5EnpK5Hu5iMnnZUYerfkfO61IRimZ47UAtI3vkxx%2FSpXj3joplwZyWJfCIZm2pmJkfO%2F12o7jo58hmN5FO46RpWqsGGdB92u35v50dGIfe8QyECGyKPI9WTZlPjMpXto87EcWfoMMx88%3D"
CHR DefaultSearchKeyword: Default -> google.com_
CHR Extension: (Slides) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
CHR Extension: (Entanglement Web App) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2017-10-08]
CHR Extension: (e-Player) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Default\Extensions\agilokibjakdcmghlogojfbjmhbkhgmc [2020-06-08]
CHR Extension: (Docs) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Google Drive) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-06-01]
CHR Extension: (YouTube) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-06-01]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-09-10]
CHR Extension: (Adobe Acrobat) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-09-16]
CHR Extension: (Sheets) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (Google Docs Offline) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-09-14]
CHR Extension: (Poppit!) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2017-10-08]
CHR Extension: (Chrome Web Store Payments) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-23]
CHR Extension: (Chrome Media Router) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-09-03]
CHR Profile: C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-09-26]
CHR Profile: C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Profile 1 [2020-09-11]
CHR Extension: (Slides) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-02-24]
CHR Extension: (Docs) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2019-02-24]
CHR Extension: (Google Drive) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-02-24]
CHR Extension: (YouTube) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-02-24]
CHR Extension: (Adobe Acrobat) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-02-24]
CHR Extension: (Sheets) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-02-24]
CHR Extension: (Google Docs Offline) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-02-29]
CHR Extension: (Chrome Web Store Payments) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-11-24]
CHR Extension: (Gmail) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-11-24]
CHR Extension: (Chrome Media Router) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-02-29]
CHR Profile: C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\System Profile [2019-09-26]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169544 2020-07-08] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-03-11] (Adobe Inc. -> Adobe)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8838528 2020-09-04] (Microsoft Corporation -> Microsoft Corporation)
R3 Intel® Security Assist; C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe [335360 2016-03-18] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe [8704 2016-03-18] (Intel Corporation) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7138296 2020-08-30] (Malwarebytes Inc -> Malwarebytes)
R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\NisSrv.exe [2343112 2020-09-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MsMpEng.exe [128360 2020-09-11] (Microsoft Windows Publisher -> Microsoft Corporation)
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-10-06] (Microsoft Corporation) [File not signed]
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2020-08-30] (Malwarebytes Corporation -> Malwarebytes)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [217592 2020-09-17] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-08-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [197280 2020-09-17] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73880 2020-09-17] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-09-17] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [131232 2020-09-17] (Malwarebytes Inc -> Malwarebytes)
S3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-05] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
S3 WacomPen; C:\WINDOWS\System32\drivers\wacompen.sys [31744 2019-03-18] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48520 2020-09-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [428256 2020-09-11] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [69856 2020-09-11] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [34944 2018-05-11] (HP Inc. -> HP)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ===================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-09-17 09:02 - 2020-09-17 09:04 - 000024102 _____ C:\Users\suesarkis\Desktop\FRST.txt
2020-09-17 09:02 - 2020-09-17 09:02 - 002298368 _____ (Farbar) C:\Users\suesarkis\Desktop\FRST64.exe
2020-09-17 08:35 - 2020-09-17 08:35 - 000002339 _____ C:\Users\suesarkis\Desktop\AOL Desktop Gold.lnk
2020-09-17 00:22 - 2020-09-17 00:22 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-09-17 00:22 - 2020-09-17 00:22 - 000197280 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2020-09-17 00:22 - 2020-09-17 00:22 - 000131232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2020-09-17 00:22 - 2020-09-17 00:22 - 000073880 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2020-09-17 00:21 - 2020-09-17 00:21 - 000217592 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-09-16 12:39 - 2020-09-16 18:08 - 000000132 _____ C:\Users\suesarkis\Desktop\for Josefa.txt
2020-09-14 22:20 - 2020-09-14 22:20 - 008414208 _____ C:\Users\suesarkis\Desktop\Engineer's Photo_album (1).pps
2020-09-14 17:07 - 2020-09-14 17:07 - 006026073 _____ C:\Users\suesarkis\Desktop\Permission to Come Aboard.mp4
2020-09-14 10:14 - 2020-09-14 10:14 - 000001907 _____ C:\Users\suesarkis\Desktop\Current steps.txt
2020-09-14 00:39 - 2020-09-14 00:39 - 000002864 _____ C:\Users\suesarkis\Desktop\AdwCleaner log.txt
2020-09-14 00:31 - 2020-09-14 00:31 - 008414384 _____ (Malwarebytes) C:\Users\suesarkis\Desktop\AdwCleaner.exe
2020-09-13 22:48 - 2020-09-13 22:48 - 002040904 _____ (Malwarebytes) C:\Users\suesarkis\Downloads\MBSetup (1).exe
2020-09-13 22:47 - 2020-09-13 22:47 - 002040904 _____ (Malwarebytes) C:\Users\suesarkis\Downloads\MBSetup.exe
2020-09-11 18:46 - 2020-09-11 18:46 - 005503488 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2020-09-11 18:46 - 2020-09-11 18:46 - 004470272 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2020-09-11 18:46 - 2020-09-11 18:46 - 004309504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2020-09-11 18:46 - 2020-09-11 18:46 - 003365376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2020-09-11 18:46 - 2020-09-11 18:46 - 000941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2020-09-11 18:46 - 2020-09-11 18:46 - 000928768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFS.exe
2020-09-11 18:46 - 2020-09-11 18:46 - 000724480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2020-09-11 18:46 - 2020-09-11 18:46 - 000709632 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2020-09-11 18:46 - 2020-09-11 18:46 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFSR.dll
2020-09-11 18:46 - 2020-09-11 18:46 - 000522752 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2020-09-11 18:46 - 2020-09-11 18:46 - 000415232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMPOSE.dll
2020-09-11 18:46 - 2020-09-11 18:46 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2020-09-11 18:46 - 2020-09-11 18:46 - 000338944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2020-09-11 18:46 - 2020-09-11 18:46 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOVER.exe
2020-09-11 18:46 - 2020-09-11 18:46 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSUTILITY.dll
2020-09-11 18:46 - 2020-09-11 18:46 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe
2020-09-11 18:46 - 2020-09-11 18:46 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMPOSERES.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 032928920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsRaw.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 031598936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsRaw.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 025444864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 019812864 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 018032128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 006304256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 005907456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 003822592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 003525608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 003501568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 002494752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 002422384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2020-09-11 18:45 - 2020-09-11 18:45 - 002315472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 002230240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 002138264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2020-09-11 18:45 - 2020-09-11 18:45 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 001491160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 001272160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 001247744 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2020-09-11 18:45 - 2020-09-11 18:45 - 001151808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 001108384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 001099600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 001039872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2020-09-11 18:45 - 2020-09-11 18:45 - 001012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 000952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 000748384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 000744240 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOE.DLL
2020-09-11 18:45 - 2020-09-11 18:45 - 000738072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2020-09-11 18:45 - 2020-09-11 18:45 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 000682752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOE.DLL
2020-09-11 18:45 - 2020-09-11 18:45 - 000666288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2020-09-11 18:45 - 2020-09-11 18:45 - 000609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfh264enc.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 000574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfh264enc.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 000537608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 000516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 000420168 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstext40.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NAPCRYPT.DLL
2020-09-11 18:45 - 2020-09-11 18:45 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 022642176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 019852288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 007761408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 007284736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 006526448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 005767744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 004859904 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 004605952 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 004538368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 002585032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 002259680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 001521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 001459200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 001421392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 001397560 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-09-11 18:44 - 2020-09-11 18:44 - 001326592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 001218424 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2020-09-11 18:44 - 2020-09-11 18:44 - 001138688 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 001077048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-09-11 18:44 - 2020-09-11 18:44 - 000894032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000864768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000783496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-09-11 18:44 - 2020-09-11 18:44 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000775480 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2020-09-11 18:44 - 2020-09-11 18:44 - 000706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000675032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2020-09-11 18:44 - 2020-09-11 18:44 - 000671560 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000632320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000593480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2020-09-11 18:44 - 2020-09-11 18:44 - 000528896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddraw.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000466352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000422008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000299072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2020-09-11 18:44 - 2020-09-11 18:44 - 000269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFMCP.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovs.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\FileHistory.exe
2020-09-11 18:44 - 2020-09-11 18:44 - 000245248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pdh.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000240128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ssdpsrv.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000224064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2P.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000211256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BitLockerCsp.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWSD.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnscmmc.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWSD.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000124416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnscmmc.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdSSDP.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000093496 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000090936 _____ (Microsoft Corporation) C:\WINDOWS\system32\vid.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdSSDP.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000084280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2020-09-11 18:44 - 2020-09-11 18:44 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2020-09-11 18:44 - 2020-09-11 18:44 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhuxgraphics.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ssdpapi.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\udhisapi.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndiscap.sys
2020-09-11 18:44 - 2020-09-11 18:44 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtutils.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\tar.exe
2020-09-11 18:44 - 2020-09-11 18:44 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NAPCRYPT.DLL
2020-09-11 18:44 - 2020-09-11 18:44 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edpnotify.exe
2020-09-11 18:44 - 2020-09-11 18:44 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tar.exe
2020-09-11 18:44 - 2020-09-11 18:44 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfctrs.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnpcont.exe
2020-09-11 18:44 - 2020-09-11 18:44 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfproc.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfdisk.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wslapi.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfos.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnpcont.exe
2020-09-11 18:44 - 2020-09-11 18:44 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfnet.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000021304 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDJPN.DLL
2020-09-11 18:44 - 2020-09-11 18:44 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDKOR.DLL
2020-09-11 18:44 - 2020-09-11 18:44 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbd106n.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbd106.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbd101.DLL
2020-09-11 18:44 - 2020-09-11 18:44 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3r.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-09-11 18:44 - 2020-09-11 18:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-09-11 18:44 - 2020-09-11 18:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-09-11 18:44 - 2020-09-11 18:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-09-11 18:44 - 2020-09-11 18:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-09-11 18:44 - 2020-09-11 18:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-09-11 18:44 - 2020-09-11 18:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-09-11 18:44 - 2020-09-11 18:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-09-11 18:44 - 2020-09-11 18:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-09-11 18:44 - 2020-09-11 18:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-09-11 18:44 - 2020-09-11 18:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-09-11 18:44 - 2020-09-11 18:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-09-11 18:43 - 2020-09-11 18:44 - 000553664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 006069360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 005848848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 005041152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 005003832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 003740456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 002799104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-09-11 18:43 - 2020-09-11 18:43 - 002774088 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 002576896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 002565120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 002306048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 001957552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 001750016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 001704960 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 001698816 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 001688064 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 001672544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 001664696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 001653792 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 001512960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdprt.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 001369088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 001307464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 001246208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 001141048 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 001124864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 001054160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 001009200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000892728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2020-09-11 18:43 - 2020-09-11 18:43 - 000867328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000844088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000777216 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000775768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000768504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-09-11 18:43 - 2020-09-11 18:43 - 000667312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000652800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000628400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000600064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000578048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddraw.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000572208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000564480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000544336 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000424448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Payments.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-09-11 18:43 - 2020-09-11 18:43 - 000332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2020-09-11 18:43 - 2020-09-11 18:43 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-09-11 18:43 - 2020-09-11 18:43 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000294728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000292864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Lights.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2020-09-11 18:43 - 2020-09-11 18:43 - 000285056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppLockerCSP.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2020-09-11 18:43 - 2020-09-11 18:43 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-09-11 18:43 - 2020-09-11 18:43 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000165184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000146640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000120832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mapistub.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000120832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mapi32.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2020-09-11 18:43 - 2020-09-11 18:43 - 000090944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000089344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000076800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtutils.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\edpnotify.exe
2020-09-11 18:43 - 2020-09-11 18:43 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfctrs.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfproc.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfdisk.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfos.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryCore.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmintegrator.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2020-09-11 18:43 - 2020-09-11 18:43 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys
2020-09-11 18:43 - 2020-09-11 18:43 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfnet.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidtel.exe
2020-09-11 18:43 - 2020-09-11 18:43 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fixmapi.exe
2020-09-11 18:43 - 2020-09-11 18:43 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDJPN.DLL
2020-09-11 18:43 - 2020-09-11 18:43 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbd106.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbd106n.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbd101.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6r.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3r.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 009926456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-09-11 18:42 - 2020-09-11 18:42 - 007910152 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 007604584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 007271232 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 006170624 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 005284328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 004565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-09-11 18:42 - 2020-09-11 18:42 - 004048384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 003805696 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 003727872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-09-11 18:42 - 2020-09-11 18:42 - 003547136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 003371176 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 003265024 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 002986808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-09-11 18:42 - 2020-09-11 18:42 - 002870784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 002772616 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 002697536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2020-09-11 18:42 - 2020-09-11 18:42 - 002483712 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 002260824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 002090280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 002073600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 001999968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 001930752 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 001918464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 001743680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 001726264 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 001670144 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 001522176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 001486848 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-09-11 18:42 - 2020-09-11 18:42 - 001485824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 001480520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2020-09-11 18:42 - 2020-09-11 18:42 - 001399216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 001393960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 001274128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 001260752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 001170960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 001092096 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000932256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2020-09-11 18:42 - 2020-09-11 18:42 - 000893104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000858928 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000851968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-09-11 18:42 - 2020-09-11 18:42 - 000842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000823752 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2020-09-11 18:42 - 2020-09-11 18:42 - 000822784 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000716304 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000675840 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000661832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2020-09-11 18:42 - 2020-09-11 18:42 - 000621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-09-11 18:42 - 2020-09-11 18:42 - 000602112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Payments.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2020-09-11 18:42 - 2020-09-11 18:42 - 000561464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2020-09-11 18:42 - 2020-09-11 18:42 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-09-11 18:42 - 2020-09-11 18:42 - 000544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2020-09-11 18:42 - 2020-09-11 18:42 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000510792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000492032 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-09-11 18:42 - 2020-09-11 18:42 - 000460192 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2020-09-11 18:42 - 2020-09-11 18:42 - 000457016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2020-09-11 18:42 - 2020-09-11 18:42 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-09-11 18:42 - 2020-09-11 18:42 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppLockerCSP.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000372536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2020-09-11 18:42 - 2020-09-11 18:42 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000363128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000356160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000260408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2020-09-11 18:42 - 2020-09-11 18:42 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnservice.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000254776 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-09-11 18:42 - 2020-09-11 18:42 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000213824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000209216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000205640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2020-09-11 18:42 - 2020-09-11 18:42 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000179512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2020-09-11 18:42 - 2020-09-11 18:42 - 000159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidpolicyconverter.exe
2020-09-11 18:42 - 2020-09-11 18:42 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000146248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2020-09-11 18:42 - 2020-09-11 18:42 - 000132408 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000131896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mup.sys
2020-09-11 18:42 - 2020-09-11 18:42 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000108856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000104248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000079576 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000066872 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.exe
2020-09-11 18:42 - 2020-09-11 18:42 - 000063296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
2020-09-11 18:42 - 2020-09-11 18:42 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000059392 _____ C:\WINDOWS\system32\runexehelper.exe
2020-09-11 18:42 - 2020-09-11 18:42 - 000057888 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2020-09-11 18:42 - 2020-09-11 18:42 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidtel.exe
2020-09-11 18:42 - 2020-09-11 18:42 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidcertstorecheck.exe
2020-09-11 18:42 - 2020-09-11 18:42 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\applockerfltr.sys
2020-09-11 18:42 - 2020-09-11 18:42 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tier2punctuations.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 007845080 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 007582768 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 006233080 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 004005888 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 003714048 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 003581240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-09-11 18:41 - 2020-09-11 18:41 - 003136000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 003084800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 002711552 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-09-11 18:41 - 2020-09-11 18:41 - 002454904 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 002291712 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 002060288 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdprt.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 001942016 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 001885184 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 001784832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 001767424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 001746232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 001499136 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 001182720 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 001182208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-09-11 18:41 - 2020-09-11 18:41 - 001008952 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000981320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2020-09-11 18:41 - 2020-09-11 18:41 - 000978232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000944680 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-09-11 18:41 - 2020-09-11 18:41 - 000841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000817152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2020-09-11 18:41 - 2020-09-11 18:41 - 000750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000722072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000555320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Vid.sys
2020-09-11 18:41 - 2020-09-11 18:41 - 000521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-09-11 18:41 - 2020-09-11 18:41 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountExtension.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-09-11 18:41 - 2020-09-11 18:41 - 000379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000375096 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\smbwmiv2.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000273208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000250680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2020-09-11 18:41 - 2020-09-11 18:41 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000224072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2020-09-11 18:41 - 2020-09-11 18:41 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000208712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2020-09-11 18:41 - 2020-09-11 18:41 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000201544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2020-09-11 18:41 - 2020-09-11 18:41 - 000200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000200008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2020-09-11 18:41 - 2020-09-11 18:41 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapistub.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapi32.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000142152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2020-09-11 18:41 - 2020-09-11 18:41 - 000129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcDecoderHost.exe
2020-09-11 18:41 - 2020-09-11 18:41 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2020-09-11 18:41 - 2020-09-11 18:41 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2020-09-11 18:41 - 2020-09-11 18:41 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000059192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2020-09-11 18:41 - 2020-09-11 18:41 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000047008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2020-09-11 18:41 - 2020-09-11 18:41 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2020-09-11 18:41 - 2020-09-11 18:41 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys
2020-09-11 18:41 - 2020-09-11 18:41 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys
2020-09-11 18:41 - 2020-09-11 18:41 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdiagnostics.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\fixmapi.exe
2020-09-11 18:41 - 2020-09-11 18:41 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll
2020-09-11 17:59 - 2020-09-11 17:59 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-09-11 17:59 - 2020-09-11 17:59 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-09-11 15:40 - 2020-09-10 16:40 - 000153723 _____ C:\Users\suesarkis\Documents\CDL.pdf
2020-09-11 15:23 - 2020-09-11 15:19 - 000744808 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2020-09-11 14:18 - 2020-09-11 14:22 - 011108576 _____ (McAfee, LLC) C:\Users\suesarkis\Desktop\MCPR.exe
2020-09-10 21:44 - 2020-09-10 21:44 - 000003372 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2069550446-780284186-1707450264-1001
2020-09-10 21:44 - 2020-09-10 21:44 - 000002375 _____ C:\Users\suesarkis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-09-09 13:51 - 2020-09-09 13:53 - 000002928 _____ C:\Users\suesarkis\Desktop\Geeks instructions.txt
2020-09-09 13:51 - 2020-09-09 13:51 - 000000085 _____ C:\WINDOWS\wininit.ini
2020-09-08 20:01 - 2020-09-08 20:01 - 005977466 _____ C:\Users\suesarkis\Desktop\Jon Voight Do or Die.mp4
2020-09-08 15:37 - 2020-09-08 16:03 - 001094172 _____ C:\WINDOWS\Minidump\090820-44484-01.dmp
2020-09-07 12:35 - 2020-09-07 12:48 - 000064068 _____ C:\Users\suesarkis\Downloads\Addition.txt
2020-09-07 12:11 - 2020-09-07 12:11 - 002297344 _____ (Farbar) C:\Users\suesarkis\Downloads\FRST64 (5).exe
2020-09-07 12:00 - 2020-09-07 12:00 - 002297344 _____ (Farbar) C:\Users\suesarkis\Downloads\FRST64 (4).exe
2020-09-07 12:00 - 2020-09-07 12:00 - 002297344 _____ (Farbar) C:\Users\suesarkis\Downloads\FRST64 (3).exe
2020-09-07 12:00 - 2020-09-07 12:00 - 002297344 _____ (Farbar) C:\Users\suesarkis\Downloads\FRST64 (2).exe
2020-09-07 09:46 - 2020-09-07 23:43 - 000001957 _____ C:\Users\suesarkis\Desktop\Geeks Leads.txt
2020-09-05 09:47 - 2020-09-05 09:47 - 000009346 _____ C:\Users\suesarkis\Documents\2020-9-5 Food Recipients.wpd
2020-09-04 22:30 - 2020-09-04 22:56 - 001124524 _____ C:\WINDOWS\Minidump\090420-41500-01.dmp
2020-09-04 08:35 - 2020-09-04 08:35 - 000000000 ____D C:\WINDOWS\%LOCALAPPDATA%
2020-09-03 01:07 - 2020-09-10 12:35 - 000000788 _____ C:\Users\suesarkis\Desktop\Walkenhorst.txt
2020-09-01 20:51 - 2020-09-01 20:51 - 000000160 _____ C:\Users\suesarkis\Desktop\Dr Lentz.txt
2020-08-31 21:09 - 2020-08-31 21:40 - 001284420 _____ C:\WINDOWS\Minidump\083120-40421-01.dmp
2020-08-31 15:02 - 2020-08-31 15:02 - 000000000 ____D C:\Users\suesarkis\db
2020-08-31 14:59 - 2020-08-31 15:00 - 093753336 _____ (Oath Inc.) C:\Users\suesarkis\Downloads\Install_AOL_Desktop (2).exe
2020-08-31 14:58 - 2020-08-31 15:00 - 000401025 _____ C:\Users\suesarkis\Desktop\AOL Desktop Backup 2020-08-31 14-58.AolSave
2020-08-30 19:32 - 2020-08-30 19:31 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-08-29 08:56 - 2020-08-29 09:19 - 000681148 _____ C:\WINDOWS\Minidump\082920-44640-01.dmp
2020-08-26 23:48 - 2020-08-26 23:48 - 011519037 _____ C:\Users\suesarkis\Desktop\Cal Mafia.mp4
2020-08-26 13:22 - 2020-09-12 07:29 - 000530360 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-08-26 13:22 - 2020-08-26 13:39 - 001154748 _____ C:\WINDOWS\Minidump\082620-46968-01.dmp
2020-08-26 11:02 - 2020-08-26 11:02 - 000000124 _____ C:\Users\suesarkis\Desktop\Voter Fraud cases.txt
2020-08-22 21:34 - 2020-08-22 21:34 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2020-08-22 21:34 - 2020-08-10 10:38 - 000436536 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2020-08-22 21:34 - 2020-08-10 10:37 - 000905528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2020-08-20 11:49 - 2020-08-20 11:49 - 000002144 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-08-20 08:02 - 2020-08-21 08:42 - 000000000 ____D C:\found.002
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-09-17 09:03 - 2013-11-20 14:44 - 000000000 ____D C:\FRST
2020-09-17 09:02 - 2019-09-26 10:33 - 000000000 ____D C:\Users\suesarkis\Desktop\FRST-OlderVersion
2020-09-17 09:00 - 2019-03-18 21:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-09-17 08:35 - 2017-06-01 08:00 - 000000000 ____D C:\Users\suesarkis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aol Inc
2020-09-17 08:34 - 2019-12-01 15:02 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-09-17 08:29 - 2020-04-04 13:04 - 000000000 ____D C:\Users\suesarkis\AppData\LocalLow\IGDump
2020-09-17 08:29 - 2019-03-18 21:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-09-17 08:29 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-09-17 08:17 - 2019-12-01 15:55 - 000004160 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{B2E84DCE-1944-445C-A875-3E8412E6C94E}
2020-09-17 08:14 - 2014-11-23 14:39 - 000000000 __SHD C:\Users\suesarkis\IntelGraphicsProfiles
2020-09-16 12:24 - 2018-07-06 11:29 - 000000000 ____D C:\Users\suesarkis\AppData\Local\CrashDumps
2020-09-16 08:16 - 2019-12-01 15:23 - 000842668 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-09-16 08:16 - 2019-03-18 21:50 - 000000000 ____D C:\WINDOWS\INF
2020-09-16 08:09 - 2019-12-01 15:55 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-09-15 23:59 - 2019-12-01 15:09 - 000000000 ____D C:\Users\suesarkis
2020-09-15 23:59 - 2019-03-18 21:37 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2020-09-15 14:39 - 2013-04-24 08:40 - 000000000 ____D C:\Users\suesarkis\Documents\POLITICAL
2020-09-14 00:46 - 2013-04-23 16:55 - 000000000 ____D C:\Users\suesarkis\Documents\COMPUTER
2020-09-13 22:22 - 2013-04-23 16:54 - 000000000 ____D C:\Users\suesarkis\Documents\ARTICLES
2020-09-12 10:36 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2020-09-12 07:31 - 2017-12-09 17:00 - 000000000 ___RD C:\Users\suesarkis\3D Objects
2020-09-12 07:31 - 2013-01-14 11:27 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-09-12 00:24 - 2019-03-18 21:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2020-09-12 00:24 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-09-12 00:24 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-09-12 00:24 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-09-12 00:23 - 2019-03-18 21:52 - 000000000 ___RD C:\WINDOWS\PrintDialog
2020-09-12 00:23 - 2019-03-18 21:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-09-12 00:23 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-09-12 00:23 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\Provisioning
2020-09-12 00:23 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-09-11 23:34 - 2018-05-18 10:21 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-09-11 23:33 - 2019-03-18 21:52 - 000000000 ____D C:\Program Files\Windows Defender
2020-09-11 19:09 - 2017-06-01 12:00 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-09-11 19:02 - 2019-03-18 21:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-09-11 19:02 - 2017-06-01 11:59 - 129170736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-09-11 18:41 - 2019-12-01 15:07 - 002876416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2020-09-11 15:26 - 2019-02-24 13:37 - 000002400 _____ C:\Users\suesarkis\Desktop\Sweetsuzee - Chrome.lnk
2020-09-11 15:11 - 2019-09-26 10:34 - 000025937 _____ C:\Users\suesarkis\Desktop\Fixlog.txt
2020-09-11 09:07 - 2017-06-02 16:27 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-09-10 21:44 - 2014-12-28 20:34 - 000000000 ___RD C:\Users\suesarkis\OneDrive
2020-09-10 08:05 - 2020-06-14 07:38 - 000002400 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-09-10 08:05 - 2020-06-14 07:38 - 000002238 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-09-10 08:05 - 2020-06-14 07:38 - 000002238 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2020-09-09 16:45 - 2017-06-01 07:49 - 000002261 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-09-09 16:45 - 2017-06-01 07:49 - 000002220 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-09-09 16:45 - 2017-06-01 07:49 - 000002220 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-09-08 15:37 - 2020-03-19 14:42 - 000000000 ____D C:\WINDOWS\Minidump
2020-09-08 14:32 - 2018-04-26 18:20 - 000000000 ____D C:\Users\suesarkis\AppData\Local\AOLDesktop
2020-09-08 14:30 - 2017-06-01 07:59 - 000000000 ____D C:\Users\suesarkis\AppData\Local\SquirrelTemp
2020-09-07 18:42 - 2013-05-23 10:22 - 000000000 ____D C:\Users\suesarkis\Documents\PHONE BOOK
2020-09-07 16:29 - 2013-05-15 11:30 - 000000000 ____D C:\Users\suesarkis\Documents\PASSWORDS
2020-09-07 12:48 - 2013-11-30 18:43 - 000098336 _____ C:\Users\suesarkis\Downloads\FRST.txt
2020-09-06 23:15 - 2017-09-14 23:52 - 000001829 _____ C:\Users\suesarkis\Desktop\GROCERIES.txt
2020-09-05 23:28 - 2017-07-27 16:07 - 000003391 _____ C:\Users\suesarkis\Desktop\email addresses.txt
2020-09-05 14:51 - 2020-01-12 14:45 - 000000118 _____ C:\Users\suesarkis\Desktop\Ernestine.txt
2020-09-04 10:24 - 2013-05-23 10:25 - 000000000 ____D C:\Users\suesarkis\Documents\STOCKS
2020-09-03 23:49 - 2019-12-01 15:09 - 000000000 ____D C:\Users\Administrator
2020-09-01 23:18 - 2020-08-11 06:31 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-09-01 23:18 - 2020-06-14 07:37 - 000003408 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-09-01 23:18 - 2020-06-14 07:37 - 000003184 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-09-01 23:18 - 2020-03-04 12:16 - 000002440 _____ C:\WINDOWS\system32\Tasks\CorelUpdateHelperTaskCore
2020-09-01 23:18 - 2019-12-01 15:55 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-09-01 23:18 - 2019-12-01 15:55 - 000003124 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-09-01 23:18 - 2019-12-01 15:55 - 000003118 _____ C:\WINDOWS\system32\Tasks\Intel PTT EK Recertification
2020-09-01 23:18 - 2019-12-01 15:55 - 000002982 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn
2020-09-01 23:18 - 2019-12-01 15:55 - 000002896 _____ C:\WINDOWS\system32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe
2020-09-01 23:18 - 2019-12-01 15:55 - 000002856 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2069550446-780284186-1707450264-1004
2020-09-01 23:18 - 2019-12-01 15:55 - 000002602 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime
2020-09-01 23:18 - 2019-12-01 15:55 - 000002444 _____ C:\WINDOWS\system32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2020-09-01 23:18 - 2019-12-01 15:55 - 000002392 _____ C:\WINDOWS\system32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2020-09-01 23:18 - 2019-12-01 15:55 - 000002388 _____ C:\WINDOWS\system32\Tasks\Microsoft_Hardware_Launch_itype_exe
2020-09-01 23:18 - 2019-12-01 15:55 - 000002374 _____ C:\WINDOWS\system32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2020-09-01 23:18 - 2019-12-01 15:55 - 000002370 _____ C:\WINDOWS\system32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2020-09-01 23:18 - 2019-12-01 15:55 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2020-09-01 20:58 - 2013-05-23 10:21 - 000000000 ____D C:\Users\suesarkis\Documents\MISC
2020-08-31 15:02 - 2020-06-18 14:09 - 000000000 ____D C:\Users\suesarkis\AppData\Local\AOLDesktopData
2020-08-31 15:01 - 2018-06-09 17:51 - 000000000 ____D C:\Users\suesarkis\AppData\Local\D3DSCache
2020-08-31 10:58 - 2013-05-23 10:15 - 000000000 ____D C:\Users\suesarkis\Documents\Complaints
2020-08-30 19:32 - 2020-08-03 08:49 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-08-30 19:32 - 2020-08-03 08:49 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-08-30 19:32 - 2020-08-03 08:49 - 000002021 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-08-30 19:32 - 2019-03-18 21:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-08-30 19:31 - 2020-08-03 08:37 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-08-30 17:10 - 2013-05-20 14:48 - 000000000 ____D C:\Users\suesarkis\Documents\JOKES
2020-08-29 21:42 - 2020-05-17 21:52 - 000002968 _____ C:\Users\suesarkis\Desktop\Tenants.txt
 
==================== Files in the root of some directories ========
 
2015-02-11 19:02 - 2015-02-11 19:02 - 000880208 _____ (Google Inc.) C:\Users\suesarkis\ChromeSetup.exe
2019-12-01 10:41 - 2019-12-01 10:41 - 000000538 _____ () C:\Program Files (x86)\LMIR0838B001.tmp_r.bat
2019-12-01 13:57 - 2019-12-01 13:57 - 000000738 _____ () C:\Program Files (x86)\LMIR0B414001.tmp.bat
2019-12-01 13:57 - 2019-12-01 13:57 - 000000538 _____ () C:\Program Files (x86)\LMIR0B414001.tmp_r.bat
2019-12-01 13:51 - 2019-12-01 13:51 - 000000556 _____ () C:\Users\suesarkis\AppData\Local\LMIR09622001.tmp_r.bat
2019-12-01 14:18 - 2019-12-01 14:18 - 000000756 _____ () C:\Users\suesarkis\AppData\Local\LMIR0B406001.tmp.bat
2019-12-01 14:18 - 2019-12-01 14:18 - 000000556 _____ () C:\Users\suesarkis\AppData\Local\LMIR0B406001.tmp_r.bat
2017-11-17 09:38 - 2017-11-17 09:38 - 000000017 _____ () C:\Users\suesarkis\AppData\Local\resmon.resmoncfg
2017-10-15 07:43 - 2017-07-28 14:57 - 000105744 _____ (Bomgar) C:\Users\suesarkis\AppData\Local\Z@H!-147561942927653119494-32.tmp
2017-10-15 07:43 - 2017-07-28 14:57 - 000123152 _____ (Bomgar) C:\Users\suesarkis\AppData\Local\Z@H!-147561942927653119494-64.tmp
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ========================
 
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-09-2020
Ran by suesarkis (17-09-2020 09:08:01)
Running from C:\Users\suesarkis\Desktop
Windows 10 Home Version 1909 18363.1082 (X64) (2019-12-01 22:57:22)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2069550446-780284186-1707450264-500 - Administrator - Disabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-2069550446-780284186-1707450264-503 - Limited - Disabled)
Guest (S-1-5-21-2069550446-780284186-1707450264-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2069550446-780284186-1707450264-1003 - Limited - Enabled)
suesarkis (S-1-5-21-2069550446-780284186-1707450264-1001 - Administrator - Enabled) => C:\Users\suesarkis
User (S-1-5-21-2069550446-780284186-1707450264-1004 - Administrator - Enabled) => C:\Users\User
WDAGUtilityAccount (S-1-5-21-2069550446-780284186-1707450264-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 20.012.20043 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.344 - Adobe)
AOL Desktop Gold (HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\AOLDesktop) (Version: 11.0.2811 - Oath Inc.)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Copernic Desktop Search (HKLM\...\{CFC6FE00-2609-4D6D-8209-C232864B9861}) (Version: 7.1.2.13449 - Copernic) Hidden
Copernic Desktop Search (HKLM\...\CopernicDesktopSearch7) (Version: 7.1.2.13449 - Copernic)
Corel Update Manager (HKLM-x32\...\{970F0689-74EE-4847-82DD-37F33D62C6A5}) (Version: 2.13.594 - Corel corporation) Hidden
Digital Coupon Printer (HKLM-x32\...\{2CDD20A5-DFDE-4AC0-97DD-F60B1196BF98}) (Version: 3.50.0.0 - Hopster, Inc. an Inmar company)
Free Alarm Clock (HKLM-x32\...\{8ED5A2F1-338F-4608-8AF7-BCD1ADC1E1F7}_is1) (Version: 4.0.1.0 - Comfort Software Group)
Free Countdown Timer (HKLM-x32\...\{404245D0-E836-4737-9C12-D4D0034540F5}_is1) (Version: 4.0.1.0 - Comfort Software Group)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 85.0.4183.102 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
HP LaserJet Pro M402-M403 n-dne (HKLM-x32\...\{e2164336-c5d8-4ac9-a53b-125779c4c21b}) (Version: 16.0.17174.675 - Hewlett-Packard)
HPDXP (HKLM-x32\...\{2D0909B2-FA33-4C36-8845-BF930A5A945E}) (Version: 3.0.26.20 - HP) Hidden
HPLJPRoM402M403ndne (HKLM-x32\...\{58532038-B97D-4C9B-9B96-C70D5EA763F4}) (Version: 0.10.0000 - Hewlett-Packard) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{314d4c01-f54b-4125-a71f-1e2722c29050}) (Version: 10.1.1.40 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.11.1193 - Intel Corporation)
Intel® PRO/Wireless Driver (HKLM\...\{66afb482-3029-428f-8283-135d3c272132}) (Version: 19.00.0000.4496 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4885 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 17.0.3.1080 - Intel Corporation)
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{C81FD018-F151-460F-B4F9-0D58039503E2}) (Version: 17.2.4.9002 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{B294CE94-FE0F-4427-910C-180AF9FCFED1}) (Version: 1.0.1.620 - Intel Corporation)
LJDXPHelperUI (HKLM-x32\...\{DEB23FB1-04FF-44AC-98B5-EEB243D65A28}) (Version: 140.069.007 - HP) Hidden
Malwarebytes version 4.2.0.82 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.2.0.82 - Malwarebytes)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.13127.20408 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 85.0.564.51 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.135.29 - )
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 3.2.116.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\OneDriveSetup.exe) (Version: 20.143.0716.0003 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 x64 ENU (HKLM\...\{8424B163-D1E0-48B7-88A2-C7A61767B3D7}) (Version: 4.0.8482.1 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{406C9ADB-1325-4FD0-9D13-C119CFF64E0A}) (Version: 2.65.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
MyCorkboard Screen Saver (HKLM-x32\...\Corkboard) (Version:  - )
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13127.20164 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13127.20164 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13127.20378 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.13127.20164 - Microsoft Corporation) Hidden
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Speccy (HKLM\...\Speccy) (Version: 1.30 - Piriform)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22899 - Microsoft Corporation)
WordPerfect Office IFilter 32-bit (HKLM-x32\...\{1DF03ECE-6AF4-414E-B118-C316F151A9A2}) (Version: 1.6 - Corel Corporation)
WordPerfect Office IFilter 64-bit (HKLM\...\{1B45B85C-99E8-4523-8FB3-0248B3DECFC8}) (Version: 1.6 - Corel Corporation)
WordPerfect Office X7 - IPM Content HSE (HKLM-x32\...\{8E879C65-6BA7-4108-9A0D-C455A30ECAF6}) (Version: 17.0 - Corel Corporation) Hidden
WordPerfect Office X7 - IPM HSE (HKLM-x32\...\{D55537B5-123F-4CEE-A56C-557582FA285D}) (Version: 17.2 - Corel Corporation) Hidden
WordPerfect Office X9 - Common Files (HKLM-x32\...\{50567D26-6C7E-4A3E-9752-BE23977A6C8D}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - Common Files English (HKLM-x32\...\{97D165C7-7B4C-442D-9DC6-FE0240A1C98C}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - IPM Content HSE (HKLM-x32\...\{2C332DEE-CB1A-4C4C-A976-7F6FBBDA08F1}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - IPM HSE (HKLM-x32\...\{EF04AF62-9B04-470E-B2EB-D28EE053D991}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - Lightning Files (HKLM-x32\...\{5D00E927-0798-4F5D-83B2-A60AFA4C7B93}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - Lightning Files English (HKLM-x32\...\{0705BB45-E2C0-41AF-A24D-BB66FB78F574}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - Oxford (HKLM-x32\...\{9B32CB12-C951-417E-8490-EAD6E56D920D}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - Presentations Files (HKLM-x32\...\{6C2494D8-AA48-49E8-8449-BCDA8BB7F01C}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - Presentations Files English (HKLM-x32\...\{C55FBD71-ACA9-495F-9EBA-EB23A51206D0}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - Quattro Pro Files (HKLM-x32\...\{B085C003-6454-4512-A3CB-B873E4F8ABEF}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - Quattro Pro Files English (HKLM-x32\...\{941020B9-7483-4FA2-B40B-C56815361DAB}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - Redists (HKLM-x32\...\{8092CE83-3E55-499F-B746-06E6825C7381}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - Setup Files (HKLM-x32\...\{F5784FBC-42E2-429F-A7CF-34959D995957}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - WordPerfect Files (HKLM-x32\...\{55D49A6A-BCBE-40A4-8A9E-1AEC5F125CAC}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - WordPerfect Files English (HKLM-x32\...\{6052701D-0BA0-4AC9-9E7C-0209E0CB2873}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - WPD format Props x64 (HKLM\...\{32B843EE-A124-4DBE-84D0-BB2AE22FF5C1}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - Writing Tools Files (HKLM-x32\...\{116B261F-1198-4F52-B46A-D6C3A70171FA}) (Version: 19.0 -  Corel Corporation) Hidden
WordPerfect Office X9 (HKLM-x32\...\_{F5784FBC-42E2-429F-A7CF-34959D995957}) (Version: 19.0.0.325 - Corel Corporation)
WordPerfect Office X9 (HKLM-x32\...\{60338C41-EFE7-42C2-9442-46AE4FE90CC5}) (Version: 19.0 - Corel Corporation) Hidden
 
Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2020-01-21] (Autodesk Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_115.1.152.0_x64__v10z8vjag6ke6 [2020-05-27] (HP Inc.)
Keeper - Password Manager & Secure File Storage -> C:\Program Files\WindowsApps\KeeperSecurityInc.Keeper_14.0.33.0_x64__kejf07qmg0jnm [2020-01-21] (Keeper Security Inc)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.8101.0_x64__8wekyb3d8bbwe [2020-08-22] (Microsoft Studios) [MS Ad]
Microsoft Ultimate Word Games -> C:\Program Files\WindowsApps\Microsoft.Studios.Wordament_3.6.10070.0_x64__8wekyb3d8bbwe [2020-01-21] (Microsoft Studios) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad]
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-02-23] (Microsoft Corporation)
Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2020-06-11] (Adobe Systems Incorporated)
RICOH Driver Utility -> C:\Program Files\WindowsApps\3EA2211E.RICOHDriverUtility_4.6.0.0_x86__fxme7667cy4q4 [2020-02-14] (Ricoh Company, Ltd.)
Synaptics TouchPad -> C:\Program Files\WindowsApps\SynapticsIncorporated.SynHPConsumerDApp_19005.35054.0.0_x64__807d65c4rvak2 [2020-03-13] (Synaptics Incorporated)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2020-01-21] (Twitter Inc.)
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-2069550446-780284186-1707450264-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel® pGFX -> Intel Corporation)
ShellIconOverlayIdentifiers: [  OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-02-25] () [File not signed] [File is in use]
ContextMenuHandlers1: [CopernicFileShellContextMenuExtension] -> {fad66f81-4ada-3a28-a8d3-97f227e9abc4} => C:\Program Files\Copernic\DesktopSearch\Copernic.DesktopSearch.ShellContextMenu.dll [2020-03-04] (N. Harris Computer Corporation -> Copernic, a division of N. Harris Computer Corporation)
ContextMenuHandlers2: [CopernicFolderShellContextMenuExtension] -> {c29b51af-17b7-3bf8-a3c1-93920128ef65} => C:\Program Files\Copernic\DesktopSearch\Copernic.DesktopSearch.ShellContextMenu.dll [2020-03-04] (N. Harris Computer Corporation -> Copernic, a division of N. Harris Computer Corporation)
ContextMenuHandlers2-x32: [QuickFinderMenu] -> {0c5824b1-555e-4799-b8be-97b08362623b} => c:\Program Files (x86)\Corel\WordPerfect Office X9\Programs\PFSE190.DLL [2018-05-13] (Corel Corporation -> Corel Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-08-03] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-02-25] () [File not signed] [File is in use]
ContextMenuHandlers4: [CopernicFolderShellContextMenuExtension] -> {c29b51af-17b7-3bf8-a3c1-93920128ef65} => C:\Program Files\Copernic\DesktopSearch\Copernic.DesktopSearch.ShellContextMenu.dll [2020-03-04] (N. Harris Computer Corporation -> Copernic, a division of N. Harris Computer Corporation)
ContextMenuHandlers4-x32: [QuickFinderMenu] -> {0c5824b1-555e-4799-b8be-97b08362623b} => c:\Program Files (x86)\Corel\WordPerfect Office X9\Programs\PFSE190.DLL [2018-05-13] (Corel Corporation -> Corel Corporation)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-01] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers5: [CopernicFolderShellContextMenuExtension] -> {c29b51af-17b7-3bf8-a3c1-93920128ef65} => C:\Program Files\Copernic\DesktopSearch\Copernic.DesktopSearch.ShellContextMenu.dll [2020-03-04] (N. Harris Computer Corporation -> Copernic, a division of N. Harris Computer Corporation)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-12-27] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-08-03] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-01] (Piriform Ltd -> Piriform Ltd)
 
==================== Codecs (Whitelisted) ====================
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
Shortcut: C:\Users\suesarkis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyCorkboard Screen Saver\Special Offers.lnk -> hxxp://www.mycorkboard.com/SpecialOffers.as
Shortcut: C:\Users\suesarkis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyCorkboard Screen Saver\Visit MyCorkboard.com.lnk -> hxxp://www.mycorkboard.com
ShortcutWithArgument: C:\Users\suesarkis\Desktop\Sweetsuzee - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"
 
==================== Loaded Modules (Whitelisted) =============
 
2009-09-16 19:44 - 2009-09-16 19:44 - 000153088 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\hptcpmib.dll
2009-09-16 19:45 - 2009-09-16 19:45 - 000331264 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\HpTcpMon.dll
2009-09-16 12:44 - 2009-09-16 12:44 - 000132096 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\hpzjrd01.dll
2019-02-25 14:15 - 2019-02-25 14:15 - 000126976 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\OptaneShellExtensions\iaStorAfsServiceApi.dll
1998-06-08 12:06 - 1998-06-08 12:06 - 000914432 _____ (LEAD Technologies, Inc.) [File not signed] C:\Program Files (x86)\Corkboard\LEAD51N.dll
2009-09-16 19:45 - 2009-09-16 19:45 - 000317440 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\HPTcpMUI.dll
2020-04-09 07:31 - 2020-04-09 07:31 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\AppvIsvSubsystems32.dll
2020-04-09 07:31 - 2020-04-09 07:31 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\c2r32.dll
2002-10-10 21:47 - 2002-10-10 21:47 - 000081920 _____ (PC Dynamics, Inc.) [File not signed] C:\Program Files (x86)\Corkboard\Animate.dll
2002-10-10 21:45 - 2017-10-15 21:50 - 000139264 _____ (PC Dynamics, Inc.) [File not signed] C:\Program Files (x86)\Corkboard\cork.dll
2002-10-10 21:47 - 2002-10-10 21:47 - 000061440 _____ (PC Dynamics, Inc.) [File not signed] C:\Program Files (x86)\Corkboard\objects\CALENDAR.CBL
2002-10-10 21:47 - 2002-10-10 21:47 - 000065536 _____ (PC Dynamics, Inc.) [File not signed] C:\Program Files (x86)\Corkboard\objects\CLOCKS.CBL
2002-10-10 21:47 - 2002-10-10 21:47 - 000032768 _____ (PC Dynamics, Inc.) [File not signed] C:\Program Files (x86)\Corkboard\objects\DECOR.CBL
2002-10-10 21:47 - 2002-10-10 21:47 - 000032768 _____ (PC Dynamics, Inc.) [File not signed] C:\Program Files (x86)\Corkboard\objects\DIALER.CBL
2002-10-10 21:47 - 2002-10-10 21:47 - 000032768 _____ (PC Dynamics, Inc.) [File not signed] C:\Program Files (x86)\Corkboard\objects\GENGIZMO.CBL
2002-10-10 21:47 - 2002-10-10 21:47 - 000057344 _____ (PC Dynamics, Inc.) [File not signed] C:\Program Files (x86)\Corkboard\objects\GIZMOS.CBL
2002-10-10 21:47 - 2002-10-10 21:47 - 000036864 _____ (PC Dynamics, Inc.) [File not signed] C:\Program Files (x86)\Corkboard\objects\NAMEPLT.CBL
2002-10-10 21:47 - 2002-10-10 21:47 - 000036864 _____ (PC Dynamics, Inc.) [File not signed] C:\Program Files (x86)\Corkboard\objects\PICTURES.CBL
2002-10-10 21:47 - 2002-10-10 21:47 - 000049152 _____ (PC Dynamics, Inc.) [File not signed] C:\Program Files (x86)\Corkboard\objects\STKYNOTE.CBL
2002-10-10 21:47 - 2002-10-10 21:47 - 000057344 _____ (PC Dynamics, Inc.) [File not signed] C:\Program Files (x86)\Corkboard\objects\TODOLIST.CBL
2002-10-10 21:47 - 2002-10-10 21:47 - 000077824 _____ (PC Dynamics, Inc.) [File not signed] C:\Program Files (x86)\Corkboard\public.dll
2020-04-29 19:48 - 2014-12-22 14:54 - 000110207 _____ (Un4seen Developments) [File not signed] C:\Program Files (x86)\FreeCountdownTimer\bass.dll
2020-04-29 19:48 - 2014-11-28 15:54 - 000021772 _____ (Un4seen Developments) [File not signed] C:\Program Files (x86)\FreeCountdownTimer\bassflac.dll
2020-04-29 19:48 - 2014-10-20 15:08 - 000017733 _____ (Un4seen Developments) [File not signed] C:\Program Files (x86)\FreeCountdownTimer\basswma.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
==================== Safe Mode (Whitelisted) ==================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer (Whitelisted) ==========
 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-09-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-09-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-09-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-09-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-09-11] (Microsoft Corporation -> Microsoft Corporation)
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\123simsen.com -> www.123simsen.com
 
There are 7863 more sites.
 
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2017-06-01 07:47 - 2020-02-29 16:05 - 000450599 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com
 
There are 15459 more lines.
 
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;c:\Program Files\Intel\WiFi\bin\;c:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT;C:\Program Files\Intel\Intel® Management Engine Components\IPT
HKU\S-1-5-21-2069550446-780284186-1707450264-1001\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 209.18.47.63 - 209.18.47.61
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
HKLM\...\StartupApproved\StartupFolder: => "AOL OnePoint.lnk"
HKLM\...\StartupApproved\Run: => "SynTPEnh"
HKLM\...\StartupApproved\Run32: => "Digital Coupon Print Driver"
HKLM\...\StartupApproved\Run32: => "SDTray"
HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\StartupApproved\Run: => "Copernic Desktop Search - Home"
HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\StartupApproved\Run: => "Embedded Callback - remotesupport.aol.com"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{644E8E3F-A22B-438C-9991-E79FCE7AEE80}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6FA02D24-8C66-4400-9D74-DB957DF26456}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{26A6A246-CD82-4BA1-A8FA-DF8EFF017DAF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FD5CA861-AF5A-4745-B6CF-8C9972039858}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{691BB49A-75DB-48CB-AE42-979AB3D5E7A5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{171D7A6E-D088-4CC2-A349-679171E9DA0F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{362CD2AD-DD29-4461-B961-06AFF91EC639}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2849DD0E-4B2C-41D6-8F6C-270D8B695EA8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{351E634D-B39D-4303-89E9-108F28D4CFCA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{56DFA6EE-B223-48DA-AE2D-7B6FB7B42EA2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AFF96C6E-87ED-48B0-9140-E9FBF107C4DD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{20476A79-F171-41B9-8A9F-AC2AA3C5D0D3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BCAFC238-F073-46A9-989F-09EC7909000D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3121FCA4-0227-4705-83A9-FEA5E7D75193}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{835B0B78-5478-41AD-B336-95A81D30AFAD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9244B37B-4BD6-4502-A28A-566F4B89C988}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3CD4EA73-50E6-4ED3-821B-42EDFC036842}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8C95CD6D-AA8F-4418-9B6F-50058C112E3E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{88388D18-1D93-4892-BC4C-04008E4A7C45}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D6CD4C8C-7F69-4F51-988A-13EF795379E1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C7D888F4-5E25-419A-AA35-A65EF831CEFD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E35B656B-CE90-4FB8-8F13-EFED49EA09BE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A415169A-3696-4674-9C2A-69E130772B05}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FFB02FD5-DDE7-40E8-8139-2DF0883E6689}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D2BB0580-314A-47EE-B439-D281FA70A33C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5061C8D4-DBED-4796-8760-442AEF3C4F10}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8DDDB957-5175-421C-B86B-5F7B90E5A2AC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F0D862E8-9DE5-4B32-B102-2EF907BEC393}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AD31E2C6-F3EB-4453-BCFE-B9241D7770E2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4DA0C036-3986-4D21-BEC2-7E7A5866CB21}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1F967218-F25E-454F-89E0-D0A8A7E7A35B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{54C4B7BB-0E96-490E-8C45-FC7C2B7D7FB8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{18296F8A-B57F-48C7-95AB-0E1F218B7D43}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E3D6C282-FF9F-41BC-AAF3-43BC982D8687}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6B48C52A-F93C-4C86-BD6B-A080A06AC8FC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F09221EE-7648-42C5-B166-DBCE3A859307}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5E44700D-544F-421A-9275-0E13366A81B4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{CCF1E509-4E11-407A-912A-28D1EB193B88}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{54C20567-1CA6-4DCB-84E3-91E28531BC4A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{EC585C8D-30EA-49C5-994B-CDC871132BD3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0DE47B94-519F-42C0-8D1F-70FD43447FD1}] => (Allow) C:\Program Files\Copernic\DesktopSearch\Copernic.DesktopSearch.exe (N. Harris Computer Corporation -> Copernic, a division of N. Harris Computer Corporation)
FirewallRules: [TCP Query User{EFCDA0CA-A386-47D5-B29D-15CDAE4CCFE3}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2793\cefsharp.browsersubprocess.exe] => (Allow) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2793\cefsharp.browsersubprocess.exe (AOL, Inc -> AOL)
FirewallRules: [UDP Query User{C4F5DBC4-7E72-4E7E-8627-4258EB62D1AD}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2793\cefsharp.browsersubprocess.exe] => (Allow) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2793\cefsharp.browsersubprocess.exe (AOL, Inc -> AOL)
FirewallRules: [{301EA605-51E0-4F86-AA0C-18AC031A1205}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{51EE5A0C-9731-41CF-ACA7-5B026C36C348}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2811\cefsharp.browsersubprocess.exe] => (Allow) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2811\cefsharp.browsersubprocess.exe (AOL, Inc -> AOL)
FirewallRules: [UDP Query User{D0C7915A-5D29-42E9-868A-4C74099A400A}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2811\cefsharp.browsersubprocess.exe] => (Allow) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2811\cefsharp.browsersubprocess.exe (AOL, Inc -> AOL)
FirewallRules: [{0B29D4C1-F05F-48D6-9476-0A84C896EA60}] => (Block) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2811\cefsharp.browsersubprocess.exe (AOL, Inc -> AOL)
FirewallRules: [{75A80072-DFC0-4B3D-AAF2-B73AA24CE619}] => (Block) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2811\cefsharp.browsersubprocess.exe (AOL, Inc -> AOL)
FirewallRules: [{DD87381C-BFB7-48EE-B29C-992B77A970DD}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1680976F-30E9-4F69-B406-49EEE183B5E3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5B9086FA-2F70-4AAD-B776-17995E9FB380}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B76CD90B-46F2-4381-81CB-01E0CF788D65}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1E989EEF-F355-4248-8D67-25B781DC44E7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
 
==================== Restore Points =========================
 
 
==================== Faulty Device Manager Devices ============
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (09/17/2020 08:46:44 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (11916,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
 
Error: (09/17/2020 08:27:15 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2180,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
 
Error: (09/17/2020 08:18:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbamtray.exe, version: 4.0.0.794, time stamp: 0x5f52571b
Faulting module name: Qt5Core.dll, version: 5.14.1.0, time stamp: 0x5e8272e4
Exception code: 0xc0000005
Fault offset: 0x0000000000219d05
Faulting process id: 0x33d8
Faulting application start time: 0x01d68d05291600fd
Faulting application path: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
Faulting module path: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
Report Id: 325ea939-5e5f-494c-a913-5450d54113c2
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (09/17/2020 08:16:50 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: SUESBABY)
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.
 
Error: (09/17/2020 08:16:50 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: SUESBABY)
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.
 
Error: (09/17/2020 12:15:29 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (11980,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
 
Error: (09/16/2020 11:46:24 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (11864,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
 
Error: (09/16/2020 10:46:25 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10552,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
 
 
System errors:
=============
Error: (09/17/2020 08:48:44 AM) (Source: DCOM) (EventID: 10010) (User: SUESBABY)
Description: The server Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.
 
Error: (09/17/2020 08:14:48 AM) (Source: DCOM) (EventID: 10010) (User: SUESBABY)
Description: The server Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.
 
Error: (09/16/2020 09:34:23 PM) (Source: DCOM) (EventID: 10010) (User: SUESBABY)
Description: The server Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.
 
Error: (09/16/2020 08:49:23 PM) (Source: DCOM) (EventID: 10010) (User: SUESBABY)
Description: The server Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.
 
Error: (09/16/2020 08:48:51 AM) (Source: DCOM) (EventID: 10010) (User: SUESBABY)
Description: The server Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.
 
Error: (09/16/2020 08:41:08 AM) (Source: DCOM) (EventID: 10010) (User: SUESBABY)
Description: The server Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.
 
Error: (09/16/2020 08:15:39 AM) (Source: DCOM) (EventID: 10010) (User: SUESBABY)
Description: The server Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.
 
Error: (09/16/2020 08:13:06 AM) (Source: DCOM) (EventID: 10010) (User: SUESBABY)
Description: The server Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.
 
 
Windows Defender:
===================================
Date: 2020-09-16 08:41:05.356
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {6517FC06-FC07-4A5E-A308-8C81F2B44D8B}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2020-09-14 09:17:14.574
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {FDB1AEDA-28BA-4D15-9835-62CC38CEFCC8}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2020-08-26 13:53:04.539
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {A83EF79B-1C54-40BA-8CEC-30976EF5DDC7}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2020-08-22 15:03:15.285
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {699C7A99-8BB5-4F93-BB2C-194CDBCAA81D}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2020-08-22 08:39:53.027
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {C7992FFE-4358-42A9-A902-0DF9369F879A}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2020-09-11 15:11:24.446
Description: 
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: Behavior Monitoring
Error Code: 0x80004005
Error description: Unspecified error 
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
 
Date: 2020-09-11 15:11:24.446
Description: 
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: Behavior Monitoring
Error Code: 0x80004005
Error description: Unspecified error 
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
 
Date: 2020-08-26 13:59:15.172
Description: 
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.253.717.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.15500.2
Error code: 0x80070645
Error description: This action is only valid for products that are currently installed. 
 
Date: 2020-08-26 13:59:15.172
Description: 
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.253.717.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.15500.2
Error code: 0x80070645
Error description: This action is only valid for products that are currently installed. 
 
Date: 2020-08-26 13:59:15.171
Description: 
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.253.717.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.15500.2
Error code: 0x80070645
Error description: This action is only valid for products that are currently installed. 
 
CodeIntegrity:
===================================
 
Date: 2020-09-14 00:18:47.378
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-09-14 00:18:45.766
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-09-14 00:18:23.875
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-09-14 00:18:23.873
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-09-09 13:38:16.128
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Antivirus\snxhk.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-09-09 13:38:10.228
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Antivirus\snxhk.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-09-09 13:33:57.053
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Antivirus\snxhk.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-09-09 13:18:28.263
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Antivirus\snxhk.dll that did not meet the Microsoft signing level requirements.
 
==================== Memory info =========================== 
 
BIOS: Insyde F.04 11/10/2012
Motherboard: Hewlett-Packard 1886
Processor: Intel® Core™ i7-3517U CPU @ 1.90GHz
Percentage of memory in use: 57%
Total physical RAM: 8088.28 MB
Available physical RAM: 3472.68 MB
Total Virtual: 16280.28 MB
Available Virtual: 10648.21 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:444.93 GB) (Free:343.43 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (RECOVERY) (Fixed) (Total:19.19 GB) (Free:2.34 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (OD3.0 SSD) (Removable) (Total:117.53 GB) (Free:46.67 GB) FAT32
 
\\?\Volume{a4e7abf3-f886-47bb-96ff-bc698ba7c3ae}\ (WINRE) (Fixed) (Total:0.39 GB) (Free:0.14 GB) NTFS
\\?\Volume{6f3b996f-1ccc-4000-95d7-0bd109594337}\ () (Fixed) (Total:0.87 GB) (Free:0.24 GB) NTFS
\\?\Volume{01376181-7b57-4385-8f74-5719a12592e7}\ () (Fixed) (Total:0.25 GB) (Free:0.15 GB) FAT32
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: F893BEDB)
 
Partition: GPT.
 
==========================================================
Disk: 1 (Size: 8 GB) (Disk ID: 65103047)
 
Partition: GPT.
 
==========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 117.6 GB) (Disk ID: C3072E18)
Partition 1: (Not Active) - (Size=117.6 GB) - (Type=0C)
 
==================== End of Addition.txt =======================

  • 0

#29
sweetsuzee

sweetsuzee

    Member

  • Topic Starter
  • Member
  • PipPip
  • 55 posts

PS - How do I delete files like 100sexlinks.com and other pieces of dung like that. Don't have a clue as to how they got in my computer but I do not know how to individually delete them.  Where do you go to find them?  


  • 0

#30
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 4,053 posts

Hi, Sue.

 

I hope you are doing fine.  :)

 

PS - How do I delete files like 100sexlinks.com and other pieces of dung like that. Don't have a clue as to how they got in my computer but I do not know how to individually delete them. Where do you go to find them?


Can you described in more detail what do you mean? I can't see signs of such files or pop ups in your logs. If you saw those links in the logs, it is because because they are blocked as unsafe sites by an A/V software, specifically Spybot - Search & Destroy you had previously installed. There is nothing to worry about those.

What I would like you to do now:

1. Check Windows Defender

  • Press the Windows key on the keyboard, together with the letter i to go to Settings.
  • Choose Update and Security.
  • Choose Windows Security from the menu at the left.
  • Choose Open Windows Security.
  • Can you please take a screenshot of what you see? Here is a useful article about how we can take screenshots. Use method 2.
  • Save the screenshot on your Desktop and attach it in your next reply.

 

2. Please do the following to run a FRST fix.

NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system

  • Please select the entire contents of the code box below, from the "Start::" line to "End::", including both lines. Right-click and select "Copy ". No need to paste anything to anywhere.
Start::
CreateRestorePoint:
CloseProcesses:
CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxps://us.search.yahoo.com/yhs/web?hspart=omr&hsimp=yhs-001&type=86311457&param1=y6bdVFVIsvuYsgEClQfz8HyFH9tZCHsOZFHNP%2BYwJC2KzKng6DqDwLXGzQuImnSkuMRjGBMJKVXU9IRCVZHYmv03SMviyUpr2foFPnoYkJaB3zfa5tmymI5biZxxjmVTIbN5ffDfL8kCtQrGoxi2kMRzHbkFAtg5EnpK5Hu5iMnnZUYerfkfO61IRimZ47UAtI3vkxx%2FSpXj3joplwZyWJfCIZm2pmJkfO%2F12o7jo58hmN5FO46RpWqsGGdB92u35v50dGIfe8QyECGyKPI9WTZlPjMpXto87EcWfoMMx88%3D"
C:\Program Files (x86)\LMIR0838B001.tmp_r.bat
C:\Program Files (x86)\LMIR0B414001.tmp.bat
C:\Program Files (x86)\LMIR0B414001.tmp_r.bat
C:\Users\suesarkis\AppData\Local\LMIR09622001.tmp_r.bat
C:\Users\suesarkis\AppData\Local\LMIR0B406001.tmp.bat
C:\Users\suesarkis\AppData\Local\LMIR0B406001.tmp_r.bat
C:\Users\suesarkis\AppData\Local\Z@H!-147561942927653119494-32.tmp
C:\Users\suesarkis\AppData\Local\Z@H!-147561942927653119494-64.tmp
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"
C:\Program Files\TrueKey
EmptyTemp:
End::
  • Please right-click on FRST64 on your Desktop, to run it as administrator. When the tool opens, click "yes" to the disclaimer.
  • Press the Fix button once and wait.
  • FRST will process fixlist.txt
  • When finished, it will produce a log fixlog.txt on your Desktop.
  • Please post the log in your next reply.

 

How is the computer running now? Any specifically issues?


  • 0






Similar Topics


Also tagged with one or more of these keywords: Infected, antivirus software

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP