Slow computer and cannot open jpeg

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

freshbox

Thread Starter
Joined
Jan 14, 2006
Messages
81
Hi, my computer seems very slow and I also cannot open my jpeg files (File system error -805305975). Please help :cry:


Tech Support Guy System Info Utility version 1.0.0.9
OS Version: Microsoft Windows 10 Home, 64 bit, Build 18363, Installed 20200429225401.000000+480
Processor: Intel(R) Core(TM) i5-8400 CPU @ 2.80GHz, Intel64 Family 6 Model 158 Stepping 10, CPU Count: 6
Total Physical RAM: 8 GB
Graphics Card: NVIDIA GeForce GTX 1060 6GB
Hard Drives: C: 231 GB (11 GB Free); D: 931 GB (889 GB Free);
Motherboard: Micro-Star International Co., Ltd. Z370 GAMING PLUS (MS-7B61), ver 1.0, s/n I116034163
System: American Megatrends Inc., ver ALASKA - 1072009, s/n Default string
Antivirus: Emsisoft Anti-Malware, Disabled
 

flavallee

Frank
Trusted Advisor
Joined
May 12, 2002
Messages
82,440
Add another 8 GB of RAM.
Running your computer with 16 GB will provide the extra RAM when it's needed.

Get a larger capacity storage drive for C:
The 231 GB capacity storage drive you currently have is too full, so a larger capacity one is needed.
And if C: is a hard disk drive(HDD), switch to a solid state drive(SSD).
That will improve speed and snappiness.

Get rid of Emsisoft and stick with Windows 10's built-in antivirus app.
Windows 10 will run better and have less issues when using its own antivirus app.

-------------------------------------------------
 

freshbox

Thread Starter
Joined
Jan 14, 2006
Messages
81
Hmm feels like my computer is having some malware.. I cannot open the jpeg files too. :(
 

DR.M

Malware Trainee
Joined
Sep 4, 2019
Messages
696
Hi, freshbox.

What did you do to your computer again? :giggle:

Download Farbar Recovery Scan Tool and save it to your desktop. --> IMPORTANT

If your antivirus software detects the tool as malicious, it’s safe to allow FRST to run. It is a false-positive detection.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Double-click the FRST icon to run the tool. When the tool opens click Yes to disclaimer.
  • Press Scan button and wait for a while.
  • The scanner will produced two logs on your Desktop: FRST.txt and Addition.txt.
  • Please copy and paste the content of these two logs in your next reply (or attach/upload).
 

freshbox

Thread Starter
Joined
Jan 14, 2006
Messages
81
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-09-2020
Ran by Admin (administrator) on DESKTOP-J6JJCPD (Micro-Star International Co., Ltd. MS-7B61) (16-09-2020 22:20:32)
Running from C:\Users\Admin\Desktop
Loaded Profiles: Admin
Platform: Windows 10 Home Version 1909 18363.1082 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Discord Inc. -> Discord Inc.) C:\Users\Admin\AppData\Local\Discord\app-0.0.307\Discord.exe <7>
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Mega Limited -> Mega Limited) C:\Users\Admin\AppData\Local\MEGAsync\MEGAsync.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13110.41006.0_x64__8wekyb3d8bbwe\commsapps.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13110.41006.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe <7>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2008.9-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2008.9-0\NisSrv.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(Realtek Semiconductor Corp -> ) C:\Windows\runSW.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-03-24] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1027568 2019-11-28] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646776 2020-03-12] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-1074230309-3786456183-1573165190-1001\...\Run: [Discord] => C:\Users\Admin\AppData\Local\Discord\app-0.0.307\Discord.exe [91023672 2020-08-04] (Discord Inc. -> Discord Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\85.0.4183.102\Installer\chrmstp.exe [2020-09-14] (Google LLC -> Google LLC)
Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2018-04-13]
ShortcutTarget: MEGAsync.lnk -> C:\Users\Admin\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0B7B5195-7303-4C01-8D6E-8061CC519AA3} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1008DEAB-99FC-45FD-9A36-66A2956D1A6F} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-1074230309-3786456183-1573165190-1001 => C:\Users\Admin\AppData\Local\MEGAsync\MEGAupdater.exe [615672 2020-07-03] (Mega Limited -> Mega Limited)
Task: {106F69CC-6396-4A99-B87A-9132DCC8B6D6} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {23C4363E-ECA0-410C-87F0-EA9F727E2ECA} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\Explorer.exe /NOUACCHECK
Task: {255AFE42-3FF6-40A0-8B16-1CDE3D7C46A1} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2CE0AE81-8305-4A66-B642-C0044C4ECB7E} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Admin\Desktop\esetonlinescanner.exe
Task: {2F3B62FB-2F79-41F0-866F-037FFE3B8EC6} - System32\Tasks\Microsoft\Windows\rempl\shell-usoscan => C:\Program Files\rempl\remsh.exe
Task: {34D7B3AA-2925-41E2-AF99-C221C4EBD1BC} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [653848 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3CFD2ECE-26C3-4EBF-B0DF-3B749558EA45} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_433_Plugin.exe [1502264 2020-09-09] (Adobe Inc. -> Adobe)
Task: {3F62236B-42DA-4C52-B3D1-36018FD0CF16} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MpCmdRun.exe [525032 2020-09-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {496125FD-17AD-4868-95C7-9E41E829AD0F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1336400 2020-07-08] (Adobe Inc. -> Adobe Inc.)
Task: {51F6392E-B4BC-42E2-A8C2-2DF42C2B2606} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {53E3134C-0777-4D03-84E8-41611E80A326} - System32\Tasks\AdwCleaner_onReboot => C:\Users\Admin\Desktop\AdwCleaner.exe
Task: {55D28894-2210-4F1A-A1E5-7FF7A1714A21} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [660688 2020-09-06] (Mozilla Corporation -> Mozilla Foundation)
Task: {5726D278-8DB9-4BA9-ABCB-499F44465228} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [752136 2020-06-18] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
Task: {5B9638BA-C913-4679-B0CC-68CECF7A9A6B} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-09-09] (Adobe Inc. -> Adobe)
Task: {5C9373E3-E633-4065-B242-BF99F4A175D4} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {68A47AD2-952F-47E6-8F80-457828CB5A06} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-01] (Google LLC -> Google LLC)
Task: {7863A737-AAE8-44EA-995E-3166D96961D9} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Admin\Desktop\esetonlinescanner.exe
Task: {78F72396-F1DC-4296-83D7-18362AEB2E6A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-01] (Google LLC -> Google LLC)
Task: {7B8230CF-07B6-4C6C-BE42-C775F01EDD38} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302880 2019-12-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {979CEFD6-4406-4B3F-98CB-E6253915B81D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MpCmdRun.exe [525032 2020-09-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BE1FD4F3-9F9A-493F-A1FC-6D41A33EB0E3} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C590A939-D23C-48DC-A411-520308C5B993} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [145768 2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {CAB97F04-3CEC-4C8B-BF17-B791FE765A74} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MpCmdRun.exe [525032 2020-09-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D014A8C5-0AF1-476F-ABBD-D3D507CA91F9} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D23B2BBA-E496-4442-AA2C-E2948903F3B1} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [145768 2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {E38017B4-284F-4609-B1BD-7A1313F2C09D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22764408 2020-09-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {ED11F938-DCEE-4B71-A7A1-5138BDC71A47} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22764408 2020-09-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {F3FF29DE-B2D2-492A-9EE5-3855B560EF9D} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F650CFB5-B838-484B-B502-FFE632904DFE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MpCmdRun.exe [525032 2020-09-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {FC0AD260-A6D5-4DD1-AFC6-620F7D5B0E00} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1683344 2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0785ad18-d9d6-4a28-a66a-e392dc827946}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{369a8e86-368f-4a0f-b96b-e50994d1d837}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7baea84a-3201-426d-8985-ae2e2d0aa19d}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{de71bb04-a651-46c4-a05c-a6351999bfe7}: [DhcpNameServer] 192.168.1.1
Edge:
======
DownloadDir: C:\Users\Admin\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-1074230309-3786456183-1573165190-1001 -> hxxp://www.google.com/
Edge Extension: (Emsisoft Browser Security) -> EdgeExtension_24598EmsisoftEmsisoftBrowserSecurity_qx27tcjycwb5c => C:\Program Files\WindowsApps\24598Emsisoft.EmsisoftBrowserSecurity_2018.12.10.0_neutral__qx27tcjycwb5c [2020-05-08]
FireFox:
========
FF DefaultProfile: sjr7ekgg.default
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sjr7ekgg.default [2020-09-10]
FF Homepage: Mozilla\Firefox\Profiles\sjr7ekgg.default -> hxxp://www.google.com.sg/
FF Notifications: Mozilla\Firefox\Profiles\sjr7ekgg.default -> hxxps://prismplus.sg
FF Extension: (Emsisoft Browser Security) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sjr7ekgg.default\Extensions\{b21882eb-3211-44dc-964b-e6f35b33061f}.xpi [2020-05-08]
FF Extension: (Adblock Plus - free ad blocker) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sjr7ekgg.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-09-10]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_433.dll [2020-09-09] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.251.2 -> C:\Program Files\Java\jre1.8.0_251\bin\dtplugin\npDeployJava1.dll [2020-07-03] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.251.2 -> C:\Program Files\Java\jre1.8.0_251\bin\plugin2\npjp2.dll [2020-07-03] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-02-27] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_433.dll [2020-09-09] (Adobe Inc. -> )
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-08-18] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default [2020-05-18]
CHR Extension: (Slides) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-04-01]
CHR Extension: (Docs) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-04-01]
CHR Extension: (Google Drive) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-04-01]
CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-04-01]
CHR Extension: (Adobe Acrobat) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-04-01]
CHR Extension: (Sheets) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-04-01]
CHR Extension: (Google Docs Offline) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-05-18]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-04-01]
CHR Extension: (Gmail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-04-01]
CHR Extension: (Chrome Media Router) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-05-18]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169544 2020-07-08] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-09-09] (Adobe Inc. -> Adobe)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-03-08] (Apple Inc. -> Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8838528 2020-09-04] (Microsoft Corporation -> Microsoft Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7138296 2020-09-15] (Malwarebytes Inc -> Malwarebytes)
S4 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [439936 2018-01-10] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [943232 2018-01-10] (Razer USA Ltd. -> Razer Inc.)
R2 RunSwUSB; C:\Windows\runSW.exe [44760 2014-12-12] (Realtek Semiconductor Corp -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\NisSrv.exe [2343112 2020-09-02] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MsMpEng.exe [128360 2020-09-02] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv_bgp.sys [315976 2020-04-07] (Bluestack Systems, Inc -> Bluestack System Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-10-07] (Microsoft Corporation) [File not signed]
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2020-09-15] (Malwarebytes Corporation -> Malwarebytes)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [217608 2020-09-15] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-09-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [197280 2020-09-15] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73880 2020-09-15] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-09-15] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [131232 2020-09-15] (Malwarebytes Inc -> Malwarebytes)
S3 PcaSp60; C:\Windows\SysWOW64\DRIVERS\PcaSp60.sys [38912 2010-09-07] (PRINTING COMMUNICATIONS ASSOCIATES, INC -> Printing Communications Assoc., Inc. (PCAUSA))
S3 rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [50392 2015-10-26] (Razer Inc. -> Razer Inc)
S3 rzmpos; C:\WINDOWS\System32\drivers\rzmpos.sys [47312 2015-10-26] (Razer Inc. -> Razer Inc)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2018-04-17] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48520 2020-09-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [428256 2020-09-02] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [69856 2020-09-02] (Microsoft Windows -> Microsoft Corporation)
R1 YSDrv; C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [310536 2019-03-16] (Beijing Duodian Online Science and Technology Co.,Ltd -> BigNox Corporation)
R4 eppdisk; system32\drivers\eppdisk.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-09-16 22:20 - 2020-09-16 22:20 - 000021897 _____ C:\Users\Admin\Desktop\FRST.txt
2020-09-16 22:20 - 2020-09-16 22:20 - 000000000 ____D C:\FRST
2020-09-16 22:19 - 2020-09-16 22:19 - 002297856 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe
2020-09-16 22:18 - 2020-09-16 22:18 - 000070717 _____ C:\Users\Admin\Desktop\farbar-recovery-scan-tool.htm
2020-09-15 21:28 - 2020-09-15 21:28 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-09-15 21:28 - 2020-09-15 21:28 - 000197280 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2020-09-15 21:28 - 2020-09-15 21:28 - 000131232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2020-09-15 21:28 - 2020-09-15 21:28 - 000073880 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2020-09-15 21:28 - 2020-09-15 21:28 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-09-15 21:28 - 2020-09-15 21:27 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-09-09 20:09 - 2020-09-09 20:09 - 032928920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsRaw.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 031598936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsRaw.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 025444864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 022642176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 019852288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 019812864 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 018032128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 009926456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 007910152 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 007845080 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 007761408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 007604584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 007582768 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 007284736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 007271232 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 006526448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 006304256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 006233080 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 006170624 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 006069360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 005907456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 005848848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 005767744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 005503488 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 005284328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 005041152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 005003832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 004859904 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 004605952 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 004565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 004538368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 004470272 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 004309504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 004048384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 004005888 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 003822592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 003805696 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 003740456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 003727872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-09-09 20:09 - 2020-09-09 20:09 - 003714048 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 003581240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-09-09 20:09 - 2020-09-09 20:09 - 003547136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 003525608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 003501568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 003371176 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 003365376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 003265024 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 003136000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 003084800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 002986808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-09-09 20:09 - 2020-09-09 20:09 - 002870784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 002799104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-09-09 20:09 - 2020-09-09 20:09 - 002774088 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 002772616 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 002711552 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-09-09 20:09 - 2020-09-09 20:09 - 002697536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2020-09-09 20:09 - 2020-09-09 20:09 - 002585032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 002576896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 002565120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 002494752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 002483712 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 002454904 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 002422384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2020-09-09 20:09 - 2020-09-09 20:09 - 002315472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 002306048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 002291712 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 002260824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 002259680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 002230240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 002138264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2020-09-09 20:09 - 2020-09-09 20:09 - 002090280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 002073600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 002060288 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdprt.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001999968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001957552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001942016 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001930752 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001918464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001885184 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001784832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001767424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001750016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001746232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001743680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001726264 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001704960 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001698816 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001688064 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001672544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001670144 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001664696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001653792 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001522176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001512960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdprt.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001499136 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001491160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001486848 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 001485824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001480520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2020-09-09 20:09 - 2020-09-09 20:09 - 001459200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001421392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001399216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001397560 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 001393960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001369088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001326592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001307464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001274128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001272160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001260752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001247744 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2020-09-09 20:09 - 2020-09-09 20:09 - 001246208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001218424 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 001182720 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001182208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001170960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001151808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 001141048 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001138688 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001124864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001108384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001099600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001092096 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001077048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 001054160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001039872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2020-09-09 20:09 - 2020-09-09 20:09 - 001012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001009200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001008952 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000981320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000978232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000944680 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000932256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000928768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFS.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000894032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000893104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000892728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-09-09 20:09 - 2020-09-09 20:09 - 000867328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000864768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000858928 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000851968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000844088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000823752 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000822784 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000817152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2020-09-09 20:09 - 2020-09-09 20:09 - 000783496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000777216 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000775768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000775480 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000768504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000748384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000744240 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOE.DLL
2020-09-09 20:09 - 2020-09-09 20:09 - 000738072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2020-09-09 20:09 - 2020-09-09 20:09 - 000724480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000722072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000716304 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000709632 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000682752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOE.DLL
2020-09-09 20:09 - 2020-09-09 20:09 - 000675840 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000675032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000671560 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFSR.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000667312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000666288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2020-09-09 20:09 - 2020-09-09 20:09 - 000661832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2020-09-09 20:09 - 2020-09-09 20:09 - 000652800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000632320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000628400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000602112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Payments.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000600064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000593480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfh264enc.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000578048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddraw.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfh264enc.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000572208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000564480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000561464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2020-09-09 20:09 - 2020-09-09 20:09 - 000555320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Vid.sys
2020-09-09 20:09 - 2020-09-09 20:09 - 000553664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-09-09 20:09 - 2020-09-09 20:09 - 000544336 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000537608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000528896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddraw.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000522752 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000510792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000492032 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-09-09 20:09 - 2020-09-09 20:09 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000466352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000460192 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000457016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2020-09-09 20:09 - 2020-09-09 20:09 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-09-09 20:09 - 2020-09-09 20:09 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountExtension.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000424448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000422008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000420168 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000415232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMPOSE.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Payments.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-09-09 20:09 - 2020-09-09 20:09 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppLockerCSP.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000375096 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000372536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2020-09-09 20:09 - 2020-09-09 20:09 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000363128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000356160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000338944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-09-09 20:09 - 2020-09-09 20:09 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000299072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000294728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000292864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Lights.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2020-09-09 20:09 - 2020-09-09 20:09 - 000285056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\smbwmiv2.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000273208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstext40.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppLockerCSP.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFMCP.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovs.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000260408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2020-09-09 20:09 - 2020-09-09 20:09 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnservice.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000254776 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000250680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2020-09-09 20:09 - 2020-09-09 20:09 - 000249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\FileHistory.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000245248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pdh.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2020-09-09 20:09 - 2020-09-09 20:09 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000240128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ssdpsrv.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOVER.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000224072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2020-09-09 20:09 - 2020-09-09 20:09 - 000224064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2P.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000213824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000211256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000209216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000208712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2020-09-09 20:09 - 2020-09-09 20:09 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000205640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2020-09-09 20:09 - 2020-09-09 20:09 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000201544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2020-09-09 20:09 - 2020-09-09 20:09 - 000200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000200008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2020-09-09 20:09 - 2020-09-09 20:09 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSUTILITY.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000179512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2020-09-09 20:09 - 2020-09-09 20:09 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000165184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BitLockerCsp.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidpolicyconverter.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWSD.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapistub.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapi32.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000146640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000146248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2020-09-09 20:09 - 2020-09-09 20:09 - 000142152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2020-09-09 20:09 - 2020-09-09 20:09 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnscmmc.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000132408 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000131896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mup.sys
2020-09-09 20:09 - 2020-09-09 20:09 - 000129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcDecoderHost.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWSD.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000124416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnscmmc.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000120832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mapistub.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000120832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mapi32.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000108856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdSSDP.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000104248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000093496 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2020-09-09 20:09 - 2020-09-09 20:09 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000090944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000090936 _____ (Microsoft Corporation) C:\WINDOWS\system32\vid.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000089344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdSSDP.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000084280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2020-09-09 20:09 - 2020-09-09 20:09 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000079576 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhuxgraphics.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000076800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000066872 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ssdpapi.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtutils.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000063296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\edpnotify.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000059392 _____ C:\WINDOWS\system32\runexehelper.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000059192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2020-09-09 20:09 - 2020-09-09 20:09 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\udhisapi.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000057888 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndiscap.sys
2020-09-09 20:09 - 2020-09-09 20:09 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtutils.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\tar.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NAPCRYPT.DLL
2020-09-09 20:09 - 2020-09-09 20:09 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edpnotify.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfctrs.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000047008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfproc.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NAPCRYPT.DLL
2020-09-09 20:09 - 2020-09-09 20:09 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tar.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfctrs.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfdisk.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnpcont.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfos.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfproc.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfdisk.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wslapi.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfos.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys
2020-09-09 20:09 - 2020-09-09 20:09 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnpcont.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMPOSERES.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryCore.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys
2020-09-09 20:09 - 2020-09-09 20:09 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmintegrator.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys
2020-09-09 20:09 - 2020-09-09 20:09 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfnet.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidtel.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfnet.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdiagnostics.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\fixmapi.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000021304 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidtel.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidcertstorecheck.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\applockerfltr.sys
2020-09-09 20:09 - 2020-09-09 20:09 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fixmapi.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDJPN.DLL
2020-09-09 20:09 - 2020-09-09 20:09 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDJPN.DLL
2020-09-09 20:09 - 2020-09-09 20:09 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDKOR.DLL
2020-09-09 20:09 - 2020-09-09 20:09 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbd106.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbd106n.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbd101.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbd106n.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbd106.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbd101.DLL
2020-09-09 20:09 - 2020-09-09 20:09 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6r.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3r.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tier2punctuations.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3r.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-09-09 20:09 - 2020-09-09 20:09 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-09-09 20:09 - 2020-09-09 20:09 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-09-09 20:09 - 2020-09-09 20:09 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-09-09 20:09 - 2020-09-09 20:09 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-09-09 20:09 - 2020-09-09 20:09 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-09-09 20:09 - 2020-09-09 20:09 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-09-09 20:09 - 2020-09-09 20:09 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-09-09 20:09 - 2020-09-09 20:09 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-09-09 20:09 - 2020-09-09 20:09 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-09-09 20:09 - 2020-09-09 20:09 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-09-09 20:09 - 2020-09-09 20:09 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-09-09 20:05 - 2020-08-15 13:25 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-09-09 20:05 - 2020-08-15 13:15 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-09-06 16:43 - 2020-09-06 16:43 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-09-06 14:00 - 2020-09-06 23:21 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-08-21 23:33 - 2020-08-21 23:33 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2020-08-21 23:33 - 2020-08-10 10:38 - 000436536 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2020-08-21 23:33 - 2020-08-10 10:37 - 000905528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-09-16 22:19 - 2018-02-25 10:06 - 000000000 ____D C:\Users\Admin\AppData\Roaming\discord
2020-09-16 22:17 - 2019-03-19 12:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-09-16 19:40 - 2020-04-29 22:44 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-09-16 17:57 - 2019-03-19 12:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-09-16 17:57 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-09-16 17:54 - 2018-01-27 14:20 - 000000000 ____D C:\ProgramData\NVIDIA
2020-09-16 17:52 - 2018-01-27 14:17 - 000000000 ___RD C:\Users\Admin\OneDrive
2020-09-15 21:28 - 2020-05-14 19:55 - 000217608 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-09-15 21:28 - 2020-04-23 23:28 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-09-15 21:28 - 2020-04-23 23:28 - 000002021 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-09-15 21:28 - 2019-03-19 12:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-09-15 21:27 - 2020-04-23 23:27 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-09-15 21:21 - 2020-05-08 09:04 - 000000000 ____D C:\Program Files\Emsisoft Anti-Malware
2020-09-15 19:20 - 2018-07-03 13:25 - 000000000 ____D C:\Program Files\Microsoft Office
2020-09-14 22:17 - 2020-04-29 22:56 - 000795992 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-09-14 22:17 - 2019-03-19 12:50 - 000000000 ____D C:\WINDOWS\INF
2020-09-14 22:11 - 2020-04-29 22:53 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-09-14 22:10 - 2020-04-29 22:46 - 000000000 ____D C:\Users\Admin
2020-09-14 22:10 - 2019-03-19 12:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-09-14 19:04 - 2018-07-17 23:03 - 000000000 ____D C:\Users\Admin\AppData\Local\D3DSCache
2020-09-14 19:01 - 2020-04-01 21:19 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-09-14 19:01 - 2020-04-01 21:19 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-09-14 19:01 - 2020-04-01 21:19 - 000002260 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-09-11 20:05 - 2018-02-25 10:06 - 000002237 _____ C:\Users\Admin\Desktop\Discord.lnk
2020-09-11 20:05 - 2018-02-25 10:06 - 000000000 ____D C:\Users\Admin\AppData\Local\Discord
2020-09-10 23:13 - 2018-01-27 20:05 - 000000000 ____D C:\Users\Admin\AppData\LocalLow\Mozilla
2020-09-10 18:01 - 2020-04-29 22:44 - 000433440 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-09-10 18:01 - 2018-02-03 20:34 - 000000000 ___RD C:\Users\Admin\3D Objects
2020-09-10 18:01 - 2018-01-27 14:16 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-09-10 00:17 - 2019-03-19 12:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2020-09-10 00:17 - 2019-03-19 12:52 - 000000000 ___RD C:\WINDOWS\PrintDialog
2020-09-10 00:17 - 2019-03-19 12:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-09-10 00:17 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-09-10 00:17 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-09-10 00:17 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-09-10 00:17 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-09-10 00:17 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\Provisioning
2020-09-10 00:17 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-09-09 20:13 - 2018-01-28 11:59 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-09-09 20:12 - 2019-03-19 12:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-09-09 20:12 - 2018-01-28 11:59 - 129170736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-09-09 20:09 - 2020-04-29 22:44 - 002876416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2020-09-09 18:44 - 2020-04-29 22:53 - 000004588 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-09-09 18:44 - 2019-03-19 12:56 - 000842296 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-09-09 18:44 - 2019-03-19 12:56 - 000175160 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2020-09-09 18:44 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-09-09 18:44 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-09-06 23:26 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-09-06 23:21 - 2018-01-27 20:05 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-09-06 16:43 - 2018-01-27 20:05 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-09-02 15:06 - 2018-02-19 20:27 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-08-23 23:49 - 2018-02-03 20:26 - 000000000 ____D C:\Users\Admin\AppData\Local\Packages
2020-08-22 20:12 - 2020-04-29 22:53 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1074230309-3786456183-1573165190-1001
2020-08-22 20:12 - 2020-04-29 22:46 - 000002367 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-08-21 18:19 - 2018-08-29 18:18 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
==================== Files in the root of some directories ========
2019-11-21 18:48 - 2019-11-21 18:49 - 000000069 _____ () C:\Users\Admin\AppData\Local\update_progress.txt
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
 

freshbox

Thread Starter
Joined
Jan 14, 2006
Messages
81
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-09-2020
Ran by Admin (16-09-2020 22:21:23)
Running from C:\Users\Admin\Desktop
Windows 10 Home Version 1909 18363.1082 (X64) (2020-04-29 14:54:01)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================
Admin (S-1-5-21-1074230309-3786456183-1573165190-1001 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-1074230309-3786456183-1573165190-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1074230309-3786456183-1573165190-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-1074230309-3786456183-1573165190-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-1074230309-3786456183-1573165190-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1074230309-3786456183-1573165190-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 20.012.20043 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.433 - Adobe)
Apple Application Support (32-bit) (HKLM-x32\...\{9F7041CB-8398-4691-B8CB-0D52273BB3D9}) (Version: 7.4 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{6E7DF4EE-1976-4215-9D81-755AFC95687D}) (Version: 7.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BA2A6DBB-B09A-43D8-84F3-21C1537B47D9}) (Version: 12.2.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
ASUS USB-AC68 WLAN Card Driver (HKLM-x32\...\{56A6C59A-E783-41CB-A5F9-9240CA3C6B87}) (Version: 2.1.4.7 - ASUS)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BlueStacks App Player (HKLM\...\BlueStacks) (Version: 4.200.0.5201 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Discord (HKU\S-1-5-21-1074230309-3786456183-1573165190-1001\...\Discord) (Version: 0.0.308 - Discord Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 85.0.4183.102 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
iTunes (HKLM\...\{DF90B2B3-5832-4E85-934D-8048B33A1D67}) (Version: 12.9.4.102 - Apple Inc.)
Java 8 Update 251 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180251F0}) (Version: 8.0.2510.8 - Oracle Corporation)
LifeAfter (HKU\S-1-5-21-1074230309-3786456183-1573165190-1001\...\LifeAfter) (Version: - Netease(Hangzhou) Network Co. Ltd)
Malwarebytes version 4.2.0.82 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.2.0.82 - Malwarebytes)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.13127.20408 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1074230309-3786456183-1573165190-1001\...\OneDriveSetup.exe) (Version: 20.143.0716.0003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{406C9ADB-1325-4FD0-9D13-C119CFF64E0A}) (Version: 2.65.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Mozilla Firefox 80.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 80.0.1 (x64 en-US)) (Version: 80.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 58.0 - Mozilla)
Nox APP Player (HKLM-x32\...\Nox) (Version: 6.2.7.1 - Duodian Technology Co. Ltd.)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.2.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.2.34 - NVIDIA Corporation)
NVIDIA Graphics Driver 442.59 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 442.59 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.21 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13127.20164 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13127.20378 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.13127.20164 - Microsoft Corporation) Hidden
Razer Chroma SDK Core Components (HKLM-x32\...\Razer Chroma SDK) (Version: 2.10.0 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8295 - Realtek Semiconductor Corp.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM-x32\...\{7C070E60-8769-4763-BBD8-7537A28A60D4}) (Version: 1.10.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.1 - VideoLAN)
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22925 - Microsoft Corporation)
WinRAR 5.60 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.60.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-07] (Autodesk Inc.)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_6.12.4.0_x86__kgqvnymyfvs32 [2020-08-14] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.176.200.0_x86__kgqvnymyfvs32 [2020-09-04] (king.com)
Disney Magic Kingdoms -> C:\Program Files\WindowsApps\A278AB0D.DisneyMagicKingdoms_5.3.0.0_x86__h6adky7gbf63m [2020-08-28] (Gameloft SE)
Emsisoft Browser Security -> C:\Program Files\WindowsApps\24598Emsisoft.EmsisoftBrowserSecurity_2018.12.10.0_neutral__qx27tcjycwb5c [2020-05-08] (Emsisoft)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_115.1.152.0_x64__v10z8vjag6ke6 [2020-05-30] (HP Inc.)
March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_5.0.1.1_x86__h6adky7gbf63m [2020-08-18] (Gameloft SE)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-19] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-19] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.8101.0_x64__8wekyb3d8bbwe [2020-08-20] (Microsoft Studios) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.16.4002.0_x64__8wekyb3d8bbwe [2020-09-04] (Microsoft Studios)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-01-01] (Microsoft Corporation)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.8.204.0_x64__dt26b99r8h8gj [2020-03-26] (Realtek Semiconductor Corp)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.142.622.0_x86__zpdnekdrzrea0 [2020-09-16] (Spotify AB) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Admin\AppData\Local\MEGAsync\ShellExtX64.dll [2020-07-03] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Admin\AppData\Local\MEGAsync\ShellExtX64.dll [2020-07-03] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Admin\AppData\Local\MEGAsync\ShellExtX64.dll [2020-07-03] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Admin\AppData\Local\MEGAsync\ShellExtX64.dll [2020-07-03] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Admin\AppData\Local\MEGAsync\ShellExtX64.dll [2020-07-03] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Admin\AppData\Local\MEGAsync\ShellExtX64.dll [2020-07-03] (Mega Limited -> )
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Admin\AppData\Local\MEGAsync\ShellExtX64.dll [2020-07-03] (Mega Limited -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Admin\AppData\Local\MEGAsync\ShellExtX64.dll [2020-07-03] (Mega Limited -> )
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-04-23] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Admin\AppData\Local\MEGAsync\ShellExtX64.dll [2020-07-03] (Mega Limited -> )
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Admin\AppData\Local\MEGAsync\ShellExtX64.dll [2020-07-03] (Mega Limited -> )
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-03-05] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-04-23] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2017-09-14 14:37 - 2017-09-14 14:37 - 000026112 _____ (The Qt Company Ltd) [File not signed] C:\Users\Admin\AppData\Local\MEGAsync\imageformats\qgif.dll
2017-09-14 14:42 - 2017-09-14 14:42 - 000033280 _____ (The Qt Company Ltd) [File not signed] C:\Users\Admin\AppData\Local\MEGAsync\imageformats\qicns.dll
2017-09-14 14:37 - 2017-09-14 14:37 - 000027648 _____ (The Qt Company Ltd) [File not signed] C:\Users\Admin\AppData\Local\MEGAsync\imageformats\qico.dll
2017-09-14 14:37 - 2017-09-14 14:37 - 000245760 _____ (The Qt Company Ltd) [File not signed] C:\Users\Admin\AppData\Local\MEGAsync\imageformats\qjpeg.dll
2017-09-14 14:42 - 2017-09-14 14:42 - 000021504 _____ (The Qt Company Ltd) [File not signed] C:\Users\Admin\AppData\Local\MEGAsync\imageformats\qsvg.dll
2017-09-14 14:42 - 2017-09-14 14:42 - 000020992 _____ (The Qt Company Ltd) [File not signed] C:\Users\Admin\AppData\Local\MEGAsync\imageformats\qtga.dll
2017-09-14 14:42 - 2017-09-14 14:42 - 000316416 _____ (The Qt Company Ltd) [File not signed] C:\Users\Admin\AppData\Local\MEGAsync\imageformats\qtiff.dll
2017-09-14 14:42 - 2017-09-14 14:42 - 000019968 _____ (The Qt Company Ltd) [File not signed] C:\Users\Admin\AppData\Local\MEGAsync\imageformats\qwbmp.dll
2017-09-14 14:42 - 2017-09-14 14:42 - 000322560 _____ (The Qt Company Ltd) [File not signed] C:\Users\Admin\AppData\Local\MEGAsync\imageformats\qwebp.dll
2017-09-14 14:37 - 2017-09-14 14:37 - 001010688 _____ (The Qt Company Ltd) [File not signed] C:\Users\Admin\AppData\Local\MEGAsync\platforms\qwindows.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_251\bin\ssv.dll [2020-07-03] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_251\bin\jp2ssv.dll [2020-07-03] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-1074230309-3786456183-1573165190-1001\...\localhost -> localhost
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2016-07-16 19:47 - 2016-07-16 19:45 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
2018-05-09 19:34 - 2018-05-09 19:39 - 000000444 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Users\Admin\AppData\Local\Microsoft\WindowsApps;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1074230309-3786456183-1573165190-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
Network Binding:
=============
Wi-Fi: Rawether NDIS 6.X SPR Protocol Driver -> PCA_PCASP60 (enabled)
Ethernet: Rawether NDIS 6.X SPR Protocol Driver -> PCA_PCASP60 (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{24065CDD-A883-4567-90CF-C1C4A22186A8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C7222AC7-5FF5-4D2E-8946-327F76CEA6A8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BFE16174-EB33-4B74-BF4E-2660E5ACF4B5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A97D507E-6CE5-433C-8CA8-E213403A1AEE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{52CA91A9-3E69-437C-B77A-459CD2AD4DA7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E3BA66E0-2EC3-4A37-B6A2-9731A96FC71A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A93B830D-ED34-40D4-99F4-BC5930BC8199}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{04823DE0-8172-48B4-8A33-DC4E498098BD}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{3F001C0F-695D-4F8F-A9FC-CC802AB888EC}E:\sdi_update\sdi_x64_r1760.exe] => (Allow) E:\sdi_update\sdi_x64_r1760.exe => No File
FirewallRules: [UDP Query User{3FD3E771-3453-4AC3-A8A8-FEE4818B8975}E:\sdi_update\sdi_x64_r1760.exe] => (Allow) E:\sdi_update\sdi_x64_r1760.exe => No File
FirewallRules: [{576BB933-4363-4268-A723-F5F6BEB23D8C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{57EC55A4-0C9B-485C-AA0A-19AB68200356}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{922DD7CE-410C-4F18-A8FA-C4F4DDFA083E}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{C325E5BB-DC0E-413E-9F4B-AAC9DBCF05C2}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{84B49892-C897-468A-8F5E-FBDA6B164694}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7087B3D1-6A4B-411E-8A04-4AB34A427618}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7619DFD4-44C2-4E51-A6D2-23664BC30DD0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F4880193-BC9A-433B-9A8B-92210657EFDB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0BF551B4-FCD0-4027-A5D3-6721FF16C7AC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{27F473C4-D376-4106-A61E-6447E421CBE0}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe => No File
FirewallRules: [{4DB945BF-CE5C-49A3-9C7D-2234277A5CFB}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe => No File
FirewallRules: [{34A3A0E4-6835-407A-991D-1E335258C7B6}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe => No File
FirewallRules: [{8F8104B6-99A0-4F07-8B68-4F2B39B95365}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe => No File
FirewallRules: [TCP Query User{2385E2BE-7307-4601-86FA-6FD81E25F72E}C:\program files (x86)\world of warcraft\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\utils\wowvoiceproxy.exe => No File
FirewallRules: [UDP Query User{61B03273-5B82-4999-954E-5E1BFA9EA3B5}C:\program files (x86)\world of warcraft\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\utils\wowvoiceproxy.exe => No File
FirewallRules: [TCP Query User{9DDEDBD5-1FF5-4CFB-B0DC-726089F9607E}C:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{10B17BB1-0BC9-43F7-A569-68CBA855FB64}C:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{7DF0830A-B0E3-45FB-A784-A98CB1B48831}] => (Allow) D:\Program Files\Nox\bin\Nox.exe (Nox Limited -> Duodian Technology Co. Ltd.)
FirewallRules: [{97DC0E83-C2F4-4AC4-8C5F-565D42CE38A5}] => (Allow) C:\Program Files (x86)\\Bignox\\BigNoxVM\\RT\NoxVMHandle.exe (Nox Limited -> BigNox Corporation)
FirewallRules: [{2C7A3B7D-9B8D-4AC3-847E-6724538F65A4}] => (Allow) C:\Users\Admin\AppData\Local\Temp\7zS007D\HP.EasyStart.exe => No File
FirewallRules: [{925A308C-0D43-4A0C-A92E-013319ED9E72}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1EBC01F0-1E38-43F5-BF71-02D5FAEBEBDD}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
FirewallRules: [{9CD0C1C8-35A4-42A7-9833-3259F0434B25}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{05702AB0-9AFF-484C-90EE-B92CD2919E0D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BB2D558C-1548-41F2-906E-684708CA9373}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2F49C00A-D6E5-4127-95FE-E6EFD1986B12}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4B5E96BB-0820-4A93-9525-03EF8917FC59}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{EEC14FDE-F79A-40D7-A822-F4EF9BCEBBE0}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DED9D04D-DE2A-49B0-9B0B-AEB674F653DB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.142.622.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{CEA9D4FA-F0C2-4D67-8373-8AFFBB77B16C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.142.622.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{10BD352F-3514-46A6-9F13-8EFD05803645}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.142.622.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2114C087-7CCE-4423-8F14-F48E746B51EB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.142.622.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{01D09545-4E4F-40F9-8057-F348B961A46E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.142.622.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B6029FAC-A9C1-4DBE-ACD4-B3534B42B4F5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.142.622.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FDF562DC-023F-44B8-93CB-9C4825F47C91}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.142.622.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C5D31A04-4A59-4712-8342-3485A007BE13}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.142.622.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F1355443-D85F-43C8-9712-573CDFDE96AC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E215B6AB-9AF3-4C09-A2C4-F7647359E9F0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3AB576A8-705F-4390-86E3-D40A0998CDAD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7150273B-BF72-4A99-804D-1DFEA2C3ACDB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
==================== Restore Points =========================
15-09-2020 21:21:04 Removed Emsisoft Anti-Malware
==================== Faulty Device Manager Devices ============
Name: Microsoft PS/2 Mouse
Description: Microsoft PS/2 Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

==================== Event log errors: ========================
Application errors:
==================
Error: (09/16/2020 09:48:39 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7280,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (09/16/2020 09:37:09 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (12848,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (09/16/2020 09:20:54 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (09/16/2020 09:17:21 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5260,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (09/16/2020 09:01:28 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (11948,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (09/16/2020 08:55:45 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9368,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (09/16/2020 08:47:21 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (12184,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (09/16/2020 08:36:57 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (15804,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

System errors:
=============
Error: (09/16/2020 05:57:30 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9WZDNCRFJ364-MICROSOFT.SKYPEAPP.
Error: (09/15/2020 07:13:01 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
Error: (09/15/2020 05:39:16 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
Module Path: C:\WINDOWS\system32\Rtlihvs.dll
Error Code: 126
Error: (09/14/2020 11:56:52 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-J6JJCPD)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Error: (09/14/2020 11:56:52 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-J6JJCPD)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Error: (09/14/2020 11:56:52 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-J6JJCPD)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Error: (09/14/2020 11:56:52 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-J6JJCPD)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Error: (09/14/2020 11:56:52 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-J6JJCPD)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

Windows Defender:
===================================
Date: 2020-09-16 18:46:06.992
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {77D5F9E0-7298-40A1-909C-1DE8C0EF9F70}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2020-09-15 17:52:29.096
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {C41DA24F-4F54-4B11-BA13-E0FA689F07FB}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2020-09-14 22:41:06.946
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {A7D61BAC-059E-4D92-BB7F-4BACB92E8FF1}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2020-09-14 22:31:49.324
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {EEF39280-DC87-4B78-88C6-2F975FDAB8AE}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2020-09-10 20:49:48.994
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {1CEE60F5-A3B2-45FD-BA86-2693AC0A1A2C}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2020-09-01 19:55:36.476
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.323.245.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17400.5
Error code: 0x8024402c
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
CodeIntegrity:
===================================
Date: 2020-09-15 21:21:43.847
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Emsisoft Anti-Malware\eppwsc.exe) attempted to load \Device\HarddiskVolume3\Program Files\Emsisoft Anti-Malware\eppcom64.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-09-15 21:21:43.843
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Emsisoft Anti-Malware\eppwsc.exe) attempted to load \Device\HarddiskVolume3\Program Files\Emsisoft Anti-Malware\eppcom64.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-09-15 21:21:37.835
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Emsisoft Anti-Malware\eppwsc.exe) attempted to load \Device\HarddiskVolume3\Program Files\Emsisoft Anti-Malware\eppcom64.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-09-15 21:21:37.830
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Emsisoft Anti-Malware\eppwsc.exe) attempted to load \Device\HarddiskVolume3\Program Files\Emsisoft Anti-Malware\eppcom64.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-09-15 21:21:37.700
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Emsisoft Anti-Malware\eppwsc.exe) attempted to load \Device\HarddiskVolume3\Program Files\Emsisoft Anti-Malware\eppcom64.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-09-15 21:21:37.682
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Emsisoft Anti-Malware\eppwsc.exe) attempted to load \Device\HarddiskVolume3\Program Files\Emsisoft Anti-Malware\eppcom64.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-09-15 20:25:03.095
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Emsisoft Anti-Malware\eppcom64.dll that did not meet the Windows signing level requirements.
Date: 2020-09-15 20:25:03.043
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Emsisoft Anti-Malware\eppcom64.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 1.10 10/27/2017
Motherboard: Micro-Star International Co., Ltd. Z370 GAMING PLUS (MS-7B61)
Processor: Intel(R) Core(TM) i5-8400 CPU @ 2.80GHz
Percentage of memory in use: 56%
Total physical RAM: 8152.66 MB
Available physical RAM: 3566.68 MB
Total Virtual: 11992.66 MB
Available Virtual: 4495.43 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:231.83 GB) (Free:10.77 GB) NTFS
Drive d: () (Fixed) (Total:931.51 GB) (Free:889.21 GB) NTFS
\\?\Volume{f29310f3-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.49 GB) (Free:0.46 GB) NTFS
\\?\Volume{f29310f3-0000-0000-0000-a0143a000000}\ () (Fixed) (Total:0.56 GB) (Free:0.08 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: F29310FB)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: F29310F3)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=231.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=575 MB) - (Type=27)
==================== End of Addition.txt =======================
 

DR.M

Malware Trainee
Joined
Sep 4, 2019
Messages
696
I am currently reviewing your logs and will be back to you as soon as I can.
 

DR.M

Malware Trainee
Joined
Sep 4, 2019
Messages
696
Hi, freshbox.

I apologize for the delay. I will be back to you later today.
 

DR.M

Malware Trainee
Joined
Sep 4, 2019
Messages
696
Hi, freshbox.

The error you reported indicate a possible hard disk issue. I recommend you to back up your documents. Have also in mind that you have a very limited hard disk space. Even the disk is fine, this can have a negative impact to your computer's functionality. You will not be able to update your operating system if you haven't got enough space. So it would be a good idea to save everything in an external drive, and then decide what you keep in the computer.

Then, just to be sure, make a hard disk check with the GSmartControl:

Download GSmartControl and save it to your desktop.
  • Double-click gsmartcontrol-(version).exe to run the tool.
  • A list of hard drives will appear. Single-click each disk to see Drive Information and identify your drive
    Note: most machines will only have one or two entries, but an easy way to identify your drive is by its size.
  • Double-click on the hard drive to see detailed Device Information
  • Click on the Attributes tab. Do you see any red or pink entries like the ones in the image below? Please list the names in your next reply if there are any, or take a screenshot and attach it.
  • Click on the Perform Tests tab
  • Select Extended Self-Test and click Execute
    Note: this test can take several hours to run
  • Allow the test to complete. The results will be displayed at the bottom
  • Please post the scan results in your next reply
 

freshbox

Thread Starter
Joined
Jan 14, 2006
Messages
81
smartctl 6.6 2017-11-05 r4594 [i686-w64-mingw32-w10(64)-b18363] (sf-6.6-1)
Copyright (C) 2002-17, Bruce Allen, Christian Franke, www.smartmontools.org
=== START OF INFORMATION SECTION ===
Device Model: Samsung SSD 860 EVO 250GB
Serial Number: S3Y9NF0JC02123V
LU WWN Device Id: 5 002538 e40002cc6
Firmware Version: RVT01B6Q
User Capacity: 250,059,350,016 bytes [250 GB]
Sector Size: 512 bytes logical/physical
Rotation Rate: Solid State Device
Form Factor: 2.5 inches
Device is: Not in smartctl database [for details use: -P showall]
ATA Version is: ACS-4 T13/BSR INCITS 529 revision 5
SATA Version is: SATA 3.1, 6.0 Gb/s (current: 6.0 Gb/s)
Local Time is: Sun Sep 20 18:36:05 2020 MPST
SMART support is: Available - device has SMART capability.
SMART support is: Enabled
AAM feature is: Unavailable
APM feature is: Unavailable
Rd look-ahead is: Enabled
Write cache is: Enabled
DSN feature is: Unavailable
ATA Security is: Disabled, frozen [SEC2]
=== START OF READ SMART DATA SECTION ===
SMART overall-health self-assessment test result: PASSED
General SMART Values:
Offline data collection status: (0x00) Offline data collection activity
was never started.
Auto Offline Data Collection: Disabled.
Self-test execution status: ( 0) The previous self-test routine completed
without error or no self-test has ever
been run.
Total time to complete Offline
data collection: ( 0) seconds.
Offline data collection
capabilities: (0x53) SMART execute Offline immediate.
Auto Offline data collection on/off support.
Suspend Offline collection upon new
command.
No Offline surface scan supported.
Self-test supported.
No Conveyance Self-test supported.
Selective Self-test supported.
SMART capabilities: (0x0003) Saves SMART data before entering
power-saving mode.
Supports SMART auto save timer.
Error logging capability: (0x01) Error logging supported.
General Purpose Logging supported.
Short self-test routine
recommended polling time: ( 2) minutes.
Extended self-test routine
recommended polling time: ( 85) minutes.
SCT capabilities: (0x003d) SCT Status supported.
SCT Error Recovery Control supported.
SCT Feature Control supported.
SCT Data Table supported.
SMART Attributes Data Structure revision number: 1
Vendor Specific SMART Attributes with Thresholds:
ID# ATTRIBUTE_NAME FLAGS VALUE WORST THRESH FAIL RAW_VALUE
5 Reallocated_Sector_Ct PO--CK 100 100 010 - 0
9 Power_On_Hours -O--CK 098 098 000 - 6692
12 Power_Cycle_Count -O--CK 098 098 000 - 1266
177 Wear_Leveling_Count PO--C- 094 094 000 - 108
179 Used_Rsvd_Blk_Cnt_Tot PO--C- 100 100 010 - 0
181 Program_Fail_Cnt_Total -O--CK 100 100 010 - 0
182 Erase_Fail_Count_Total -O--CK 100 100 010 - 0
183 Runtime_Bad_Block PO--C- 100 100 010 - 0
187 Reported_Uncorrect -O--CK 100 100 000 - 0
190 Airflow_Temperature_Cel -O--CK 056 049 000 - 44
195 Hardware_ECC_Recovered -O-RC- 200 200 000 - 0
199 UDMA_CRC_Error_Count -OSRCK 100 100 000 - 0
235 Unknown_Attribute -O--C- 099 099 000 - 149
241 Total_LBAs_Written -O--CK 099 099 000 - 34260820473
||||||_ K auto-keep
|||||__ C event count
||||___ R error rate
|||____ S speed/performance
||_____ O updated online
|______ P prefailure warning
General Purpose Log Directory Version 1
SMART Log Directory Version 1 [multi-sector log support]
Address Access R/W Size Description
0x00 GPL,SL R/O 1 Log Directory
0x01 SL R/O 1 Summary SMART error log
0x02 SL R/O 1 Comprehensive SMART error log
0x03 GPL R/O 1 Ext. Comprehensive SMART error log
0x04 GPL,SL R/O 8 Device Statistics log
0x06 SL R/O 1 SMART self-test log
0x07 GPL R/O 1 Extended self-test log
0x09 SL R/W 1 Selective self-test log
0x10 GPL R/O 1 NCQ Command Error log
0x11 GPL R/O 1 SATA Phy Event Counters log
0x13 GPL R/O 1 SATA NCQ Send and Receive log
0x30 GPL,SL R/O 9 IDENTIFY DEVICE data log
0x80-0x9f GPL,SL R/W 16 Host vendor specific log
0xa1 SL VS 16 Device vendor specific log
0xa5 SL VS 16 Device vendor specific log
0xce-0xcf SL VS 16 Device vendor specific log
0xe0 GPL,SL R/W 1 SCT Command/Status
0xe1 GPL,SL R/W 1 SCT Data Transfer
SMART Extended Comprehensive Error Log Version: 1 (1 sectors)
No Errors Logged
SMART Extended Self-test Log Version: 1 (1 sectors)
Num Test_Description Status Remaining LifeTime(hours) LBA_of_first_error
# 1 Extended offline Completed without error 00% 6692 -
SMART Selective self-test log data structure revision number 1
SPAN MIN_LBA MAX_LBA CURRENT_TEST_STATUS
1 0 0 Not_testing
2 0 0 Not_testing
3 0 0 Not_testing
4 0 0 Not_testing
5 0 0 Not_testing
Selective self-test flags (0x0):
After scanning selected spans, do NOT read-scan remainder of disk.
If Selective self-test is pending on power-up, resume after 0 minute delay.
SCT Status Version: 3
SCT Version (vendor specific): 256 (0x0100)
SCT Support Level: 1
Device State: Active (0)
Current Temperature: 44 Celsius
Power Cycle Min/Max Temperature: 40/51 Celsius
Lifetime Min/Max Temperature: 29/51 Celsius
Under/Over Temperature Limit Count: 0/0
SCT Temperature History Version: 2
Temperature Sampling Period: 1 minute
Temperature Logging Interval: 10 minutes
Min/Max recommended Temperature: 0/70 Celsius
Min/Max Temperature Limit: 0/70 Celsius
Temperature History Size (Index): 128 (19)
Index Estimated Time Temperature Celsius
20 2020-09-19 21:20 45 **************************
... ..( 19 skipped). .. **************************
40 2020-09-20 00:40 45 **************************
41 2020-09-20 00:50 46 ***************************
42 2020-09-20 01:00 46 ***************************
43 2020-09-20 01:10 46 ***************************
44 2020-09-20 01:20 45 **************************
45 2020-09-20 01:30 46 ***************************
... ..( 2 skipped). .. ***************************
48 2020-09-20 02:00 46 ***************************
49 2020-09-20 02:10 45 **************************
50 2020-09-20 02:20 42 ***********************
51 2020-09-20 02:30 40 *********************
52 2020-09-20 02:40 40 *********************
53 2020-09-20 02:50 45 **************************
54 2020-09-20 03:00 42 ***********************
55 2020-09-20 03:10 41 **********************
56 2020-09-20 03:20 43 ************************
57 2020-09-20 03:30 44 *************************
58 2020-09-20 03:40 41 **********************
59 2020-09-20 03:50 42 ***********************
60 2020-09-20 04:00 44 *************************
61 2020-09-20 04:10 45 **************************
... ..( 4 skipped). .. **************************
66 2020-09-20 05:00 45 **************************
67 2020-09-20 05:10 44 *************************
68 2020-09-20 05:20 45 **************************
... ..( 5 skipped). .. **************************
74 2020-09-20 06:20 45 **************************
75 2020-09-20 06:30 44 *************************
76 2020-09-20 06:40 45 **************************
77 2020-09-20 06:50 44 *************************
78 2020-09-20 07:00 43 ************************
79 2020-09-20 07:10 40 *********************
80 2020-09-20 07:20 38 *******************
81 2020-09-20 07:30 35 ****************
82 2020-09-20 07:40 38 *******************
83 2020-09-20 07:50 35 ****************
84 2020-09-20 08:00 37 ******************
85 2020-09-20 08:10 32 *************
86 2020-09-20 08:20 31 ************
87 2020-09-20 08:30 34 ***************
88 2020-09-20 08:40 37 ******************
89 2020-09-20 08:50 34 ***************
90 2020-09-20 09:00 37 ******************
91 2020-09-20 09:10 36 *****************
92 2020-09-20 09:20 41 **********************
93 2020-09-20 09:30 42 ***********************
94 2020-09-20 09:40 43 ************************
95 2020-09-20 09:50 ? -
96 2020-09-20 10:00 43 ************************
97 2020-09-20 10:10 44 *************************
98 2020-09-20 10:20 45 **************************
... ..( 12 skipped). .. **************************
111 2020-09-20 12:30 45 **************************
112 2020-09-20 12:40 44 *************************
... ..( 5 skipped). .. *************************
118 2020-09-20 13:40 44 *************************
119 2020-09-20 13:50 45 **************************
... ..( 4 skipped). .. **************************
124 2020-09-20 14:40 45 **************************
125 2020-09-20 14:50 46 ***************************
126 2020-09-20 15:00 45 **************************
... ..( 2 skipped). .. **************************
1 2020-09-20 15:30 45 **************************
2 2020-09-20 15:40 41 **********************
3 2020-09-20 15:50 45 **************************
... ..( 2 skipped). .. **************************
6 2020-09-20 16:20 45 **************************
7 2020-09-20 16:30 47 ****************************
8 2020-09-20 16:40 45 **************************
9 2020-09-20 16:50 ? -
10 2020-09-20 17:00 45 **************************
11 2020-09-20 17:10 49 ******************************
12 2020-09-20 17:20 51 ********************************
13 2020-09-20 17:30 45 **************************
14 2020-09-20 17:40 44 *************************
... ..( 4 skipped). .. *************************
19 2020-09-20 18:30 44 *************************
SCT Error Recovery Control:
Read: Disabled
Write: Disabled
Device Statistics (GP Log 0x04)
Page Offset Size Value Flags Description
0x01 ===== = = === == General Statistics (rev 1) ==
0x01 0x008 4 1266 --- Lifetime Power-On Resets
0x01 0x010 4 6692 --- Power-on Hours
0x01 0x018 6 34260820473 --- Logical Sectors Written
0x01 0x020 6 368183474 --- Number of Write Commands
0x01 0x028 6 43615164248 --- Logical Sectors Read
0x01 0x030 6 653551503 --- Number of Read Commands
0x01 0x038 6 3142000 --- Date and Time TimeStamp
0x04 ===== = = === == General Errors Statistics (rev 1) ==
0x04 0x008 4 0 --- Number of Reported Uncorrectable Errors
0x04 0x010 4 3 --- Resets Between Cmd Acceptance and Completion
0x05 ===== = = === == Temperature Statistics (rev 1) ==
0x05 0x008 1 44 --- Current Temperature
0x05 0x020 1 51 --- Highest Temperature
0x05 0x028 1 29 --- Lowest Temperature
0x05 0x058 1 55 --- Specified Maximum Operating Temperature
0x06 ===== = = === == Transport Statistics (rev 1) ==
0x06 0x008 4 4600 --- Number of Hardware Resets
0x06 0x010 4 0 --- Number of ASR Events
0x06 0x018 4 0 --- Number of Interface CRC Errors
0x07 ===== = = === == Solid State Device Statistics (rev 1) ==
0x07 0x008 1 6 N-- Percentage Used Endurance Indicator
|||_ C monitored condition met
||__ D supports DSN
|___ N normalized value
SATA Phy Event Counters (GP Log 0x11)
ID Size Value Description
0x0001 2 0 Command failed due to ICRC error
0x0002 2 0 R_ERR response for data FIS
0x0003 2 0 R_ERR response for device-to-host data FIS
0x0004 2 0 R_ERR response for host-to-device data FIS
0x0005 2 0 R_ERR response for non-data FIS
0x0006 2 0 R_ERR response for device-to-host non-data FIS
0x0007 2 0 R_ERR response for host-to-device non-data FIS
0x0008 2 0 Device-to-host non-data FIS retries
0x0009 2 4 Transition from drive PhyRdy to drive PhyNRdy
0x000a 2 4 Device-to-host register FISes sent due to a COMRESET
0x000b 2 0 CRC errors within host-to-device FIS
0x000d 2 0 Non-CRC errors within host-to-device FIS
0x000f 2 0 R_ERR response for host-to-device data FIS, CRC
0x0010 2 0 R_ERR response for host-to-device data FIS, non-CRC
0x0012 2 0 R_ERR response for host-to-device non-data FIS, CRC
0x0013 2 0 R_ERR response for host-to-device non-data FIS, non-CRC
 

freshbox

Thread Starter
Joined
Jan 14, 2006
Messages
81
smartctl 6.6 2017-11-05 r4594 [i686-w64-mingw32-w10(64)-b18363] (sf-6.6-1)
Copyright (C) 2002-17, Bruce Allen, Christian Franke, www.smartmontools.org
=== START OF INFORMATION SECTION ===
Model Family: Toshiba 3.5" DT01ACA... Desktop HDD
Device Model: TOSHIBA DT01ACA100
Serial Number: Y7MEH5HFS
LU WWN Device Id: 5 000039 fd3e250ce
Firmware Version: MS2OA750
User Capacity: 1,000,204,886,016 bytes [1.00 TB]
Sector Sizes: 512 bytes logical, 4096 bytes physical
Rotation Rate: 7200 rpm
Form Factor: 3.5 inches
Device is: In smartctl database [for details use: -P show]
ATA Version is: ATA8-ACS T13/1699-D revision 4
SATA Version is: SATA 3.0, 6.0 Gb/s (current: 6.0 Gb/s)
Local Time is: Sun Sep 20 21:23:35 2020 MPST
SMART support is: Available - device has SMART capability.
SMART support is: Enabled
AAM feature is: Unavailable
APM feature is: Disabled
Rd look-ahead is: Enabled
Write cache is: Enabled
DSN feature is: Unavailable
ATA Security is: Disabled, frozen [SEC2]
=== START OF READ SMART DATA SECTION ===
SMART overall-health self-assessment test result: PASSED
General SMART Values:
Offline data collection status: (0x85) Offline data collection activity
was aborted by an interrupting command from host.
Auto Offline Data Collection: Enabled.
Self-test execution status: ( 0) The previous self-test routine completed
without error or no self-test has ever
been run.
Total time to complete Offline
data collection: ( 7022) seconds.
Offline data collection
capabilities: (0x5b) SMART execute Offline immediate.
Auto Offline data collection on/off support.
Suspend Offline collection upon new
command.
Offline surface scan supported.
Self-test supported.
No Conveyance Self-test supported.
Selective Self-test supported.
SMART capabilities: (0x0003) Saves SMART data before entering
power-saving mode.
Supports SMART auto save timer.
Error logging capability: (0x01) Error logging supported.
General Purpose Logging supported.
Short self-test routine
recommended polling time: ( 1) minutes.
Extended self-test routine
recommended polling time: ( 117) minutes.
SCT capabilities: (0x003d) SCT Status supported.
SCT Error Recovery Control supported.
SCT Feature Control supported.
SCT Data Table supported.
SMART Attributes Data Structure revision number: 16
Vendor Specific SMART Attributes with Thresholds:
ID# ATTRIBUTE_NAME FLAGS VALUE WORST THRESH FAIL RAW_VALUE
1 Raw_Read_Error_Rate PO-R-- 100 100 016 - 0
2 Throughput_Performance P-S--- 142 142 054 - 68
3 Spin_Up_Time POS--- 112 112 024 - 204 (Average 204)
4 Start_Stop_Count -O--C- 099 099 000 - 6295
5 Reallocated_Sector_Ct PO--CK 100 100 005 - 0
7 Seek_Error_Rate PO-R-- 100 100 067 - 0
8 Seek_Time_Performance P-S--- 118 118 020 - 33
9 Power_On_Hours -O--C- 100 100 000 - 6676
10 Spin_Retry_Count PO--C- 100 100 060 - 0
12 Power_Cycle_Count -O--CK 100 100 000 - 1265
192 Power-Off_Retract_Count -O--CK 095 095 000 - 6297
193 Load_Cycle_Count -O--C- 095 095 000 - 6297
194 Temperature_Celsius -O---- 181 181 000 - 33 (Min/Max 23/39)
196 Reallocated_Event_Count -O--CK 100 100 000 - 0
197 Current_Pending_Sector -O---K 100 100 000 - 0
198 Offline_Uncorrectable ---R-- 100 100 000 - 0
199 UDMA_CRC_Error_Count -O-R-- 200 200 000 - 0
||||||_ K auto-keep
|||||__ C event count
||||___ R error rate
|||____ S speed/performance
||_____ O updated online
|______ P prefailure warning
General Purpose Log Directory Version 1
SMART Log Directory Version 1 [multi-sector log support]
Address Access R/W Size Description
0x00 GPL,SL R/O 1 Log Directory
0x01 SL R/O 1 Summary SMART error log
0x03 GPL R/O 1 Ext. Comprehensive SMART error log
0x04 GPL R/O 7 Device Statistics log
0x06 SL R/O 1 SMART self-test log
0x07 GPL R/O 1 Extended self-test log
0x08 GPL R/O 2 Power Conditions log
0x09 SL R/W 1 Selective self-test log
0x10 GPL R/O 1 NCQ Command Error log
0x11 GPL R/O 1 SATA Phy Event Counters log
0x20 GPL R/O 1 Streaming performance log [OBS-8]
0x21 GPL R/O 1 Write stream error log
0x22 GPL R/O 1 Read stream error log
0x80-0x9f GPL,SL R/W 16 Host vendor specific log
0xe0 GPL,SL R/W 1 SCT Command/Status
0xe1 GPL,SL R/W 1 SCT Data Transfer
SMART Extended Comprehensive Error Log Version: 1 (1 sectors)
No Errors Logged
SMART Extended Self-test Log Version: 1 (1 sectors)
Num Test_Description Status Remaining LifeTime(hours) LBA_of_first_error
# 1 Extended offline Completed without error 00% 6676 -
SMART Selective self-test log data structure revision number 1
SPAN MIN_LBA MAX_LBA CURRENT_TEST_STATUS
1 0 0 Not_testing
2 0 0 Not_testing
3 0 0 Not_testing
4 0 0 Not_testing
5 0 0 Not_testing
Selective self-test flags (0x0):
After scanning selected spans, do NOT read-scan remainder of disk.
If Selective self-test is pending on power-up, resume after 0 minute delay.
SCT Status Version: 3
SCT Version (vendor specific): 256 (0x0100)
SCT Support Level: 1
Device State: Active (0)
Current Temperature: 33 Celsius
Power Cycle Min/Max Temperature: 29/37 Celsius
Lifetime Min/Max Temperature: 23/39 Celsius
Under/Over Temperature Limit Count: 0/0
SCT Temperature History Version: 2
Temperature Sampling Period: 1 minute
Temperature Logging Interval: 1 minute
Min/Max recommended Temperature: 0/60 Celsius
Min/Max Temperature Limit: -40/70 Celsius
Temperature History Size (Index): 128 (28)
Index Estimated Time Temperature Celsius
29 2020-09-20 19:16 35 ****************
... ..( 6 skipped). .. ****************
36 2020-09-20 19:23 35 ****************
37 2020-09-20 19:24 36 *****************
... ..( 2 skipped). .. *****************
40 2020-09-20 19:27 36 *****************
41 2020-09-20 19:28 37 ******************
... ..( 20 skipped). .. ******************
62 2020-09-20 19:49 37 ******************
63 2020-09-20 19:50 36 *****************
64 2020-09-20 19:51 36 *****************
65 2020-09-20 19:52 35 ****************
66 2020-09-20 19:53 35 ****************
67 2020-09-20 19:54 36 *****************
... ..( 5 skipped). .. *****************
73 2020-09-20 20:00 36 *****************
74 2020-09-20 20:01 37 ******************
75 2020-09-20 20:02 36 *****************
... ..( 11 skipped). .. *****************
87 2020-09-20 20:14 36 *****************
88 2020-09-20 20:15 35 ****************
... ..( 7 skipped). .. ****************
96 2020-09-20 20:23 35 ****************
97 2020-09-20 20:24 34 ***************
... ..( 47 skipped). .. ***************
17 2020-09-20 21:12 34 ***************
18 2020-09-20 21:13 33 **************
... ..( 9 skipped). .. **************
28 2020-09-20 21:23 33 **************
SCT Error Recovery Control:
Read: Disabled
Write: Disabled
Device Statistics (GP Log 0x04)
Page Offset Size Value Flags Description
0x01 ===== = = === == General Statistics (rev 1) ==
0x01 0x008 4 1265 --- Lifetime Power-On Resets
0x01 0x010 4 6676 --- Power-on Hours
0x01 0x018 6 4564759035 --- Logical Sectors Written
0x01 0x020 6 10343258 --- Number of Write Commands
0x01 0x028 6 540307163752 --- Logical Sectors Read
0x01 0x030 6 28384126 --- Number of Read Commands
0x03 ===== = = === == Rotating Media Statistics (rev 1) ==
0x03 0x008 4 5228 --- Spindle Motor Power-on Hours
0x03 0x010 4 5227 --- Head Flying Hours
0x03 0x018 4 6297 --- Head Load Events
0x03 0x020 4 0 --- Number of Reallocated Logical Sectors
0x03 0x028 4 10 --- Read Recovery Attempts
0x03 0x030 4 9 --- Number of Mechanical Start Failures
0x04 ===== = = === == General Errors Statistics (rev 1) ==
0x04 0x008 4 0 --- Number of Reported Uncorrectable Errors
0x04 0x010 4 0 --- Resets Between Cmd Acceptance and Completion
0x05 ===== = = === == Temperature Statistics (rev 1) ==
0x05 0x008 1 34 --- Current Temperature
0x05 0x010 1 35 N-- Average Short Term Temperature
0x05 0x018 1 33 N-- Average Long Term Temperature
0x05 0x020 1 39 --- Highest Temperature
0x05 0x028 1 23 --- Lowest Temperature
0x05 0x030 1 37 N-- Highest Average Short Term Temperature
0x05 0x038 1 24 N-- Lowest Average Short Term Temperature
0x05 0x040 1 35 N-- Highest Average Long Term Temperature
0x05 0x048 1 25 N-- Lowest Average Long Term Temperature
0x05 0x050 4 0 --- Time in Over-Temperature
0x05 0x058 1 60 --- Specified Maximum Operating Temperature
0x05 0x060 4 0 --- Time in Under-Temperature
0x05 0x068 1 0 --- Specified Minimum Operating Temperature
0x06 ===== = = === == Transport Statistics (rev 1) ==
0x06 0x008 4 4720 --- Number of Hardware Resets
0x06 0x010 4 3455 --- Number of ASR Events
0x06 0x018 4 0 --- Number of Interface CRC Errors
|||_ C monitored condition met
||__ D supports DSN
|___ N normalized value
SATA Phy Event Counters (GP Log 0x11)
ID Size Value Description
0x0001 2 0 Command failed due to ICRC error
0x0002 2 0 R_ERR response for data FIS
0x0003 2 0 R_ERR response for device-to-host data FIS
0x0004 2 0 R_ERR response for host-to-device data FIS
0x0005 2 0 R_ERR response for non-data FIS
0x0006 2 0 R_ERR response for device-to-host non-data FIS
0x0007 2 0 R_ERR response for host-to-device non-data FIS
0x0009 2 4 Transition from drive PhyRdy to drive PhyNRdy
0x000a 2 4 Device-to-host register FISes sent due to a COMRESET
0x000b 2 0 CRC errors within host-to-device FIS
0x000d 2 0 Non-CRC errors within host-to-device FIS
 

DR.M

Malware Trainee
Joined
Sep 4, 2019
Messages
696
Ηi, Freshbox.

Check disk
  • Click on the Start button and in the search box, type Command Prompt.
  • When you see Command Prompt on the list, right-click on it and select Run as administrator.
  • Enter the command below and press on Enter and wait for it to finish (~15 minutes).
    Code:
       chkdsk C: /r
  • You will receive a message that the operation cannot be performed while the system is in use and ask if you want to check when you restart your computer. Choose Yes, and then restart the computer, allowing disk check to run at startup.
  • The process will take some time, depending on the disk condition.
  • Download ListChkdskResult by SleepyDude and save it on your Desktop.
  • Double click on the created icon.
  • A notepad file will open. Copy its content and paste it in your next reply.
 

freshbox

Thread Starter
Joined
Jan 14, 2006
Messages
81
ListChkdskResult by SleepyDude v0.1.7 Beta | 21-09-2013
------< Log generate on 9/21/2020 10:24:41 PM >------
Category: 0
Computer Name: DESKTOP-J6JJCPD
Event Code: 1001
Record Number: 1030
Source Name: Microsoft-Windows-Wininit
Time Written: 05-02-2020 @ 00:30:15
Event Type: Information
User:
Message:
Checking file system on C:
The type of the file system is NTFS.

One of your disks needs to be checked for consistency. You
may cancel the disk check, but it is strongly recommended
that you continue.
Windows will now check the disk.
Stage 1: Examining basic file system structure ...
521984 file records processed.

File verification completed.
11880 large file records processed.

0 bad file records processed.

Stage 2: Examining file name linkage ...
2566 reparse records processed.

709362 index entries processed.

Index verification completed.
0 unindexed files scanned.

0 unindexed files recovered to lost and found.

2566 reparse records processed.

Stage 3: Examining security descriptors ...
Cleaning up 4202 unused index entries from index $SII of file 0x9.
Cleaning up 4202 unused index entries from index $SDH of file 0x9.
Cleaning up 4202 unused security descriptors.
Security descriptor verification completed.
93690 data files processed.

CHKDSK is verifying Usn Journal...
39242280 USN bytes processed.

Usn Journal verification completed.
Windows has scanned the file system and found no problems.
No further action is required.
243093779 KB total disk space.
241716892 KB in 238927 files.
227692 KB in 93691 indexes.
0 KB in bad sectors.
641919 KB in use by the system.
65536 KB occupied by the log file.
507276 KB available on disk.
4096 bytes in each allocation unit.
60773444 total allocation units on disk.
126819 allocation units available on disk.
Internal Info:
00 f7 07 00 45 13 05 00 e3 26 09 00 00 00 00 00 ....E....&......
d5 08 00 00 31 01 00 00 00 00 00 00 00 00 00 00 ....1...........
Windows has finished checking your disk.
Please wait while your computer restarts.
-----------------------------------------------------------------------
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Top