Solved Slow computer and cannot open jpeg

DR.M

Malware Trainee
Joined
Sep 4, 2019
Messages
667
Hi, Freshbox.

I apologize for the delay.

As I already told you, it seems that there is a very limited space for disk C (around 10GB) and this is one reason for the computer to be slow.

As for the error 805305975, we will do some more tests, to ensure that there is no system corruption.

Let's start step by step.

1. Free some space

It seems that you have a very limited hard disk space. This can have a negative impact to your computer's functionality. You will not be able to update your operating system if you haven't got enough space. A good idea would be saving your files in D from now on (is it an external disk? ), especially those taking much space.

What you can do now:

1.1. Use another disk

For now, save files that may take disk space (e.g. photos and videos) in D or (if D is not an external) in an external drive

1.2. Disc cleanup

1.2.1. Press the Windows icon on your keyboard, together with the letter R.

1.2.2. Type in the blank area cleanmgr and then press OK.

1.2.3. Select Drive C and press OK.

1.2.4. Select everything you don't need in the list that will appear. Actually, you can select everything there, but be careful if you need some files in the Downloads folder.

1.2.5. Press the button Clean up system files and wait a bit.

1.2.6. Again, select everything you don't need, including old Windows installations, if any.

1.2.7. Select the tab More options.

1.2.8. Under the title System Restore and Shadow Copies, press Clean up.

1.2.9. Press Delete and OK if you are asked to.

1.2.10. Wait some time (depending of the items that are deleted).

1.2.11. Make a restart when the process is finished.


2. Uninstall outdated Java

Third Party software programs have long been targets for malware creators. It has been stated that "Adobe’s Reader and Flash and all versions of Java are together responsible for a total of 66 percent of the vulnerabilities in Windows systems exploited by malware. It's important to keep everything updated. Uninstall the outdated Java and if you need it, you can install the latest version from here later.
  • Press the Windows Key + R.
  • Type appwiz.cpl in the Run box and click OK.
  • The Add/Remove Programs list will open. Locate the following program on the list:
Code:
Java 8 Update 251
  • Select the above program and click Uninstall.
  • Restart the computer.

3. Did you intentionally enable notifications from this site?
Code:
hxxps://prismplus.sg

4. FRST fix

Please do the following to run a FRST fix.


NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system
  • Please select the entire contents of the code box below, from the "Start::" line to "End::", including both lines. Right-click and select "Copy ". No need to paste anything to anywhere.
Code:
Start::
CreateRestorePoint:
CloseProcesses:
FF Notifications: Mozilla\Firefox\Profiles\sjr7ekgg.default -> hxxps://prismplus.sg
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
FirewallRules: [TCP Query User{3F001C0F-695D-4F8F-A9FC-CC802AB888EC}E:\sdi_update\sdi_x64_r1760.exe] => (Allow) E:\sdi_update\sdi_x64_r1760.exe => No File
FirewallRules: [UDP Query User{3FD3E771-3453-4AC3-A8A8-FEE4818B8975}E:\sdi_update\sdi_x64_r1760.exe] => (Allow) E:\sdi_update\sdi_x64_r1760.exe => No File
FirewallRules: [{27F473C4-D376-4106-A61E-6447E421CBE0}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe => No File
FirewallRules: [{4DB945BF-CE5C-49A3-9C7D-2234277A5CFB}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe => No File
FirewallRules: [{34A3A0E4-6835-407A-991D-1E335258C7B6}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe => No File
FirewallRules: [{8F8104B6-99A0-4F07-8B68-4F2B39B95365}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe => No File
FirewallRules: [TCP Query User{2385E2BE-7307-4601-86FA-6FD81E25F72E}C:\program files (x86)\world of warcraft\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\utils\wowvoiceproxy.exe => No File
FirewallRules: [UDP Query User{61B03273-5B82-4999-954E-5E1BFA9EA3B5}C:\program files (x86)\world of warcraft\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\utils\wowvoiceproxy.exe => No File
FirewallRules: [{2C7A3B7D-9B8D-4AC3-847E-6724538F65A4}] => (Allow) C:\Users\Admin\AppData\Local\Temp\7zS007D\HP.EasyStart.exe => No File
CMD: DISM /Online /Cleanup-Image /RestoreHealth
CMD: type C:\Windows\Logs\DISM\dism.log
CMD: SFC /scannow
CMD: findstr /c:"[SR]" \windows\logs\cbs\cbs.log
EmptyTemp:
End::
  • Please right-click on FRST64 on your Desktop, to run it as administrator. When the tool opens, click "yes" to the disclaimer.
  • Press the Fix button once and wait.
  • FRST will process fixlist.txt
  • When finished, it will produce a log fixlog.txt on your Desktop.
  • Please post the log in your next reply.
 
Last edited:

freshbox

Thread Starter
Joined
Jan 14, 2006
Messages
81
Hi DR.M,

I only can find Java 8 Update 251 (64-bit) Add/Remove Programs list. So should I remove or keep?

3. Did you intentionally enable notifications from this site? hxxps://prismplus.sg
No :(
 

DR.M

Malware Trainee
Joined
Sep 4, 2019
Messages
667
Hi, freshbox.

Yes, uninstall Java 8 update 251 please.

Since you didn't intentionally enable notifications from that site, I added that line in the fix too.

Please, go on with FRST fix.
 

DR.M

Malware Trainee
Joined
Sep 4, 2019
Messages
667
Can you please provide fresh FRST logs now?
  • Double-click on the FRST icon to run it, as you did before. When the tool opens click Yes to disclaimer.
  • Press Scan button and wait for a while.
  • The scanner will produced two logs on your Desktop: FRST.txt and Addition.txt.
  • Please copy and paste the content of these two logs in your next reply (or attach).
 

freshbox

Thread Starter
Joined
Jan 14, 2006
Messages
81
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-09-2020
Ran by Admin (administrator) on DESKTOP-J6JJCPD (Micro-Star International Co., Ltd. MS-7B61) (25-09-2020 21:52:37)
Running from C:\Users\Admin\Desktop
Loaded Profiles: Admin
Platform: Windows 10 Home Version 1909 18363.1082 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Discord Inc. -> Discord Inc.) C:\Users\Admin\AppData\Local\Discord\app-0.0.307\Discord.exe <6>
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Mega Limited -> Mega Limited) C:\Users\Admin\AppData\Local\MEGAsync\MEGAsync.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13110.41006.0_x64__8wekyb3d8bbwe\commsapps.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13110.41006.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe <9>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2008.9-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2008.9-0\NisSrv.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(Realtek Semiconductor Corp -> ) C:\Windows\runSW.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(Realtek Semiconductor Corp. -> Realtek) C:\Windows\SwUSB.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-03-24] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1027568 2019-11-28] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKU\S-1-5-21-1074230309-3786456183-1573165190-1001\...\Run: [Discord] => C:\Users\Admin\AppData\Local\Discord\app-0.0.307\Discord.exe [91023672 2020-08-04] (Discord Inc. -> Discord Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\85.0.4183.121\Installer\chrmstp.exe [2020-09-25] (Google LLC -> Google LLC)
Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2018-04-13]
ShortcutTarget: MEGAsync.lnk -> C:\Users\Admin\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0B7B5195-7303-4C01-8D6E-8061CC519AA3} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1008DEAB-99FC-45FD-9A36-66A2956D1A6F} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-1074230309-3786456183-1573165190-1001 => C:\Users\Admin\AppData\Local\MEGAsync\MEGAupdater.exe [615672 2020-07-03] (Mega Limited -> Mega Limited)
Task: {106F69CC-6396-4A99-B87A-9132DCC8B6D6} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {23C4363E-ECA0-410C-87F0-EA9F727E2ECA} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\Explorer.exe /NOUACCHECK
Task: {255AFE42-3FF6-40A0-8B16-1CDE3D7C46A1} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2CE0AE81-8305-4A66-B642-C0044C4ECB7E} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Admin\Desktop\esetonlinescanner.exe
Task: {2F3B62FB-2F79-41F0-866F-037FFE3B8EC6} - System32\Tasks\Microsoft\Windows\rempl\shell-usoscan => C:\Program Files\rempl\remsh.exe
Task: {34D7B3AA-2925-41E2-AF99-C221C4EBD1BC} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [653848 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3CFD2ECE-26C3-4EBF-B0DF-3B749558EA45} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_433_Plugin.exe [1502264 2020-09-09] (Adobe Inc. -> Adobe)
Task: {3F62236B-42DA-4C52-B3D1-36018FD0CF16} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MpCmdRun.exe [525032 2020-09-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4AA8B19B-6450-453D-80CB-8D94B24A56AC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1341008 2020-09-06] (Adobe Inc. -> Adobe Inc.)
Task: {51F6392E-B4BC-42E2-A8C2-2DF42C2B2606} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {53E3134C-0777-4D03-84E8-41611E80A326} - System32\Tasks\AdwCleaner_onReboot => C:\Users\Admin\Desktop\AdwCleaner.exe
Task: {55D28894-2210-4F1A-A1E5-7FF7A1714A21} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [660688 2020-09-06] (Mozilla Corporation -> Mozilla Foundation)
Task: {5B9638BA-C913-4679-B0CC-68CECF7A9A6B} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-09-09] (Adobe Inc. -> Adobe)
Task: {5C9373E3-E633-4065-B242-BF99F4A175D4} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {68A47AD2-952F-47E6-8F80-457828CB5A06} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-01] (Google LLC -> Google LLC)
Task: {7863A737-AAE8-44EA-995E-3166D96961D9} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Admin\Desktop\esetonlinescanner.exe
Task: {78F72396-F1DC-4296-83D7-18362AEB2E6A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-01] (Google LLC -> Google LLC)
Task: {7B8230CF-07B6-4C6C-BE42-C775F01EDD38} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302880 2019-12-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {979CEFD6-4406-4B3F-98CB-E6253915B81D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MpCmdRun.exe [525032 2020-09-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BE1FD4F3-9F9A-493F-A1FC-6D41A33EB0E3} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C590A939-D23C-48DC-A411-520308C5B993} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [145768 2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {CAB97F04-3CEC-4C8B-BF17-B791FE765A74} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MpCmdRun.exe [525032 2020-09-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D014A8C5-0AF1-476F-ABBD-D3D507CA91F9} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D23B2BBA-E496-4442-AA2C-E2948903F3B1} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [145768 2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {E38017B4-284F-4609-B1BD-7A1313F2C09D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22764408 2020-09-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {ED11F938-DCEE-4B71-A7A1-5138BDC71A47} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22764408 2020-09-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {F3FF29DE-B2D2-492A-9EE5-3855B560EF9D} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F650CFB5-B838-484B-B502-FFE632904DFE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MpCmdRun.exe [525032 2020-09-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {FC0AD260-A6D5-4DD1-AFC6-620F7D5B0E00} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1683344 2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0785ad18-d9d6-4a28-a66a-e392dc827946}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{369a8e86-368f-4a0f-b96b-e50994d1d837}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7baea84a-3201-426d-8985-ae2e2d0aa19d}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{de71bb04-a651-46c4-a05c-a6351999bfe7}: [DhcpNameServer] 192.168.1.1
Edge:
======
DownloadDir: C:\Users\Admin\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-1074230309-3786456183-1573165190-1001 -> hxxp://www.google.com/
Edge Extension: (Emsisoft Browser Security) -> EdgeExtension_24598EmsisoftEmsisoftBrowserSecurity_qx27tcjycwb5c => C:\Program Files\WindowsApps\24598Emsisoft.EmsisoftBrowserSecurity_2018.12.10.0_neutral__qx27tcjycwb5c [2020-05-08]
FireFox:
========
FF DefaultProfile: sjr7ekgg.default
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sjr7ekgg.default [2020-09-25]
FF Homepage: Mozilla\Firefox\Profiles\sjr7ekgg.default -> hxxp://www.google.com.sg/
FF Extension: (Emsisoft Browser Security) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sjr7ekgg.default\Extensions\{b21882eb-3211-44dc-964b-e6f35b33061f}.xpi [2020-05-08]
FF Extension: (Adblock Plus - free ad blocker) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sjr7ekgg.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-09-10]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_433.dll [2020-09-09] (Adobe Inc. -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-02-27] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_433.dll [2020-09-09] (Adobe Inc. -> )
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-09-12] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default [2020-09-25]
CHR Extension: (Slides) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-04-01]
CHR Extension: (Docs) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-04-01]
CHR Extension: (Google Drive) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-04-01]
CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-04-01]
CHR Extension: (Adobe Acrobat) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-04-01]
CHR Extension: (Sheets) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-04-01]
CHR Extension: (Google Docs Offline) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-05-18]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-04-01]
CHR Extension: (Gmail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-04-01]
CHR Extension: (Chrome Media Router) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-05-18]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169544 2020-09-06] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-09-09] (Adobe Inc. -> Adobe)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-03-08] (Apple Inc. -> Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8838528 2020-09-04] (Microsoft Corporation -> Microsoft Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7185288 2020-09-20] (Malwarebytes Inc -> Malwarebytes)
S4 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [439936 2018-01-10] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [943232 2018-01-10] (Razer USA Ltd. -> Razer Inc.)
R2 RunSwUSB; C:\Windows\runSW.exe [44760 2014-12-12] (Realtek Semiconductor Corp -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\NisSrv.exe [2343112 2020-09-02] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MsMpEng.exe [128360 2020-09-02] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2020-09-20] (Malwarebytes Corporation -> Malwarebytes)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [217592 2020-09-25] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-09-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [197280 2020-09-25] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73880 2020-09-25] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-09-20] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [131232 2020-09-25] (Malwarebytes Inc -> Malwarebytes)
S3 PcaSp60; C:\Windows\SysWOW64\DRIVERS\PcaSp60.sys [38912 2010-09-07] (PRINTING COMMUNICATIONS ASSOCIATES, INC -> Printing Communications Assoc., Inc. (PCAUSA))
S3 rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [50392 2015-10-26] (Razer Inc. -> Razer Inc)
S3 rzmpos; C:\WINDOWS\System32\drivers\rzmpos.sys [47312 2015-10-26] (Razer Inc. -> Razer Inc)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [40664 2013-08-22] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2018-04-17] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48520 2020-09-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [428256 2020-09-02] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [69856 2020-09-02] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-09-25 18:49 - 2020-09-25 18:49 - 000217592 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-09-25 18:49 - 2020-09-25 18:49 - 000197280 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2020-09-25 18:49 - 2020-09-25 18:49 - 000131232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2020-09-25 18:49 - 2020-09-25 18:49 - 000073880 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2020-09-25 18:47 - 2020-04-30 14:38 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthA2dp.sys
2020-09-25 18:44 - 2020-09-25 18:48 - 008494024 _____ C:\Users\Admin\Desktop\Fixlog.txt
2020-09-25 18:38 - 2020-09-25 18:38 - 000000000 ____D C:\Users\Admin\AppData\Local\EpicGamesLauncher
2020-09-25 18:38 - 2020-09-25 18:38 - 000000000 ____D C:\Users\Admin\AppData\Local\CrashReportClient
2020-09-24 19:21 - 2020-09-24 19:21 - 000000000 ____D C:\WINDOWS\Panther
2020-09-21 22:24 - 2020-09-21 22:24 - 000197679 _____ C:\Users\Admin\Desktop\ListChkdskResult.exe
2020-09-21 22:24 - 2020-09-21 22:24 - 000005382 _____ C:\Users\Admin\Desktop\ListChkdskResult.txt
2020-09-20 23:21 - 2020-09-20 23:21 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-09-20 23:21 - 2020-09-20 23:20 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-09-20 21:31 - 2020-09-20 21:31 - 000000218 _____ C:\Users\Admin\AppData\Local\recently-used.xbel
2020-09-20 21:27 - 2020-09-20 21:27 - 000011401 _____ C:\Users\Admin\Desktop\TOSHIBA_DT01ACA100_Y7MEH5HFS_2020-09-20.txt
2020-09-20 18:40 - 2020-09-20 18:41 - 000013755 _____ C:\Users\Admin\Desktop\Samsung_SSD_860_EVO_250GB_S3Y9NF0JC02123V_2020-09-20.txt
2020-09-20 18:40 - 2020-09-20 18:40 - 000000000 ____D C:\Users\Admin\AppData\Local\gtk-3.0
2020-09-20 17:08 - 2020-09-20 21:54 - 000000000 ____D C:\Users\Admin\AppData\Roaming\gsmartcontrol
2020-09-20 17:07 - 2020-09-20 21:54 - 000000000 ____D C:\Program Files\GSmartControl
2020-09-20 17:07 - 2020-09-20 17:07 - 000001937 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GSmartControl.lnk
2020-09-20 17:06 - 2020-09-20 17:07 - 007798280 _____ C:\Users\Admin\Desktop\gsmartcontrol-1.1.3-win32.exe
2020-09-19 17:13 - 2020-09-19 17:13 - 002236120 _____ C:\Users\Admin\Desktop\openvpn-install-latest-winxp-x86_64.exe
2020-09-18 12:07 - 2020-09-18 12:07 - 000000000 ____D C:\Users\Admin\AppData\Local\Epic Games
2020-09-18 12:06 - 2020-09-18 12:06 - 000000000 ____D C:\Users\Public\Documents\Sports Interactive
2020-09-18 12:06 - 2020-09-18 12:06 - 000000000 ____D C:\Users\Admin\Documents\Sports Interactive
2020-09-18 12:06 - 2020-09-18 12:06 - 000000000 ____D C:\Users\Admin\AppData\Local\Sports Interactive
2020-09-18 12:06 - 2020-09-18 12:06 - 000000000 ____D C:\ProgramData\Documents\Sports Interactive
2020-09-18 11:51 - 2020-09-18 11:51 - 000000262 _____ C:\Users\Admin\Desktop\Football Manager 2020.url
2020-09-18 11:41 - 2010-06-02 04:55 - 000527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2020-09-18 11:41 - 2010-06-02 04:55 - 000518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2020-09-18 11:41 - 2010-06-02 04:55 - 000077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2020-09-18 11:41 - 2010-06-02 04:55 - 000074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2020-09-18 11:41 - 2010-05-26 11:41 - 002526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2020-09-18 11:41 - 2010-05-26 11:41 - 001907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
2020-09-18 11:41 - 2010-02-04 10:01 - 000024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
2020-09-18 11:41 - 2010-02-04 10:01 - 000022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
2020-09-18 11:41 - 2007-04-04 18:54 - 000107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2020-09-18 11:40 - 2020-09-18 11:40 - 000000000 ____D C:\Users\Admin\AppData\Local\UnrealEngine
2020-09-18 11:40 - 2010-05-26 11:41 - 002106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2020-09-18 11:40 - 2010-05-26 11:41 - 001868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
2020-09-18 11:40 - 2007-04-04 18:53 - 000081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2020-09-18 11:38 - 2020-09-18 11:38 - 044281856 _____ C:\Users\Admin\Desktop\EpicInstaller-10.18.8-unrealtournament-e040ea1495ff44d99d3626231ee75f11.msi
2020-09-16 22:21 - 2020-09-16 22:22 - 000039197 _____ C:\Users\Admin\Desktop\Addition.txt
2020-09-16 22:20 - 2020-09-25 21:53 - 000020649 _____ C:\Users\Admin\Desktop\FRST.txt
2020-09-16 22:20 - 2020-09-25 21:52 - 000000000 ____D C:\FRST
2020-09-16 22:19 - 2020-09-25 18:42 - 002299392 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe
2020-09-15 21:28 - 2020-09-20 23:21 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-09-09 20:09 - 2020-09-09 20:09 - 032928920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsRaw.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 031598936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsRaw.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 025444864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 022642176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 019852288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 019812864 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 018032128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 009926456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 007910152 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 007845080 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 007761408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 007604584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 007582768 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 007284736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 007271232 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 006526448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 006304256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 006233080 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 006170624 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 006069360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 005907456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 005848848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 005767744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 005503488 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 005284328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 005041152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 005003832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 004859904 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 004605952 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 004565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 004538368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 004470272 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 004309504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 004048384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 004005888 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 003822592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 003805696 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 003740456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 003727872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-09-09 20:09 - 2020-09-09 20:09 - 003714048 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 003581240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-09-09 20:09 - 2020-09-09 20:09 - 003547136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 003525608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 003501568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 003371176 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 003365376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 003265024 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 003136000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 003084800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 002986808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-09-09 20:09 - 2020-09-09 20:09 - 002870784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 002799104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-09-09 20:09 - 2020-09-09 20:09 - 002774088 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 002772616 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 002711552 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-09-09 20:09 - 2020-09-09 20:09 - 002697536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2020-09-09 20:09 - 2020-09-09 20:09 - 002585032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 002576896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 002565120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 002494752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 002483712 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 002454904 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 002422384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2020-09-09 20:09 - 2020-09-09 20:09 - 002315472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 002306048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 002291712 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 002260824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 002259680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 002230240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 002138264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2020-09-09 20:09 - 2020-09-09 20:09 - 002090280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 002073600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 002060288 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdprt.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001999968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001957552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001942016 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001930752 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001918464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001885184 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001784832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001767424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001750016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001746232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001743680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001726264 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001704960 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001698816 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001688064 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001672544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001670144 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001664696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001653792 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001522176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001512960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdprt.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001499136 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001491160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001486848 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 001485824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001480520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2020-09-09 20:09 - 2020-09-09 20:09 - 001459200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001421392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001399216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001397560 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 001393960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001369088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001326592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001307464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001274128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001272160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001260752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001247744 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2020-09-09 20:09 - 2020-09-09 20:09 - 001246208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001218424 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 001182720 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001182208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001170960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001151808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 001141048 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001138688 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001124864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001108384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001099600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001092096 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001077048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 001054160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001039872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2020-09-09 20:09 - 2020-09-09 20:09 - 001012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001009200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 001008952 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000981320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000978232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000944680 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000932256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000928768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFS.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000894032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000893104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000892728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-09-09 20:09 - 2020-09-09 20:09 - 000867328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000864768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000858928 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000851968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000844088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000823752 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000822784 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000817152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2020-09-09 20:09 - 2020-09-09 20:09 - 000783496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000777216 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000775768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000775480 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000768504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000748384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000744240 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOE.DLL
2020-09-09 20:09 - 2020-09-09 20:09 - 000738072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2020-09-09 20:09 - 2020-09-09 20:09 - 000724480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000722072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000716304 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000709632 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000682752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOE.DLL
2020-09-09 20:09 - 2020-09-09 20:09 - 000675840 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000675032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000671560 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFSR.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000667312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000666288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2020-09-09 20:09 - 2020-09-09 20:09 - 000661832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2020-09-09 20:09 - 2020-09-09 20:09 - 000652800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000632320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000628400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000602112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Payments.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000600064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000593480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfh264enc.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000578048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddraw.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfh264enc.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000572208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000564480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000561464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2020-09-09 20:09 - 2020-09-09 20:09 - 000555320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Vid.sys
2020-09-09 20:09 - 2020-09-09 20:09 - 000553664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-09-09 20:09 - 2020-09-09 20:09 - 000544336 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000537608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000528896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddraw.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000522752 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000510792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000492032 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-09-09 20:09 - 2020-09-09 20:09 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000466352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000460192 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000457016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2020-09-09 20:09 - 2020-09-09 20:09 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-09-09 20:09 - 2020-09-09 20:09 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountExtension.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000424448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000422008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000420168 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000415232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMPOSE.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Payments.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-09-09 20:09 - 2020-09-09 20:09 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppLockerCSP.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000375096 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000372536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2020-09-09 20:09 - 2020-09-09 20:09 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000363128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000356160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000338944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-09-09 20:09 - 2020-09-09 20:09 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000299072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000294728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000292864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Lights.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2020-09-09 20:09 - 2020-09-09 20:09 - 000285056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\smbwmiv2.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000273208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstext40.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppLockerCSP.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFMCP.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovs.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000260408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2020-09-09 20:09 - 2020-09-09 20:09 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnservice.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000254776 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000250680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2020-09-09 20:09 - 2020-09-09 20:09 - 000249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\FileHistory.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000245248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pdh.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2020-09-09 20:09 - 2020-09-09 20:09 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000240128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ssdpsrv.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOVER.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000224072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2020-09-09 20:09 - 2020-09-09 20:09 - 000224064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2P.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000213824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000211256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000209216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000208712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2020-09-09 20:09 - 2020-09-09 20:09 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000205640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2020-09-09 20:09 - 2020-09-09 20:09 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000201544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2020-09-09 20:09 - 2020-09-09 20:09 - 000200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000200008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2020-09-09 20:09 - 2020-09-09 20:09 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSUTILITY.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000179512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2020-09-09 20:09 - 2020-09-09 20:09 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000165184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BitLockerCsp.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidpolicyconverter.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWSD.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapistub.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapi32.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000146640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000146248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2020-09-09 20:09 - 2020-09-09 20:09 - 000142152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2020-09-09 20:09 - 2020-09-09 20:09 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnscmmc.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000132408 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000131896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mup.sys
2020-09-09 20:09 - 2020-09-09 20:09 - 000129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcDecoderHost.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWSD.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000124416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnscmmc.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000120832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mapistub.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000120832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mapi32.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000108856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdSSDP.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000104248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000093496 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2020-09-09 20:09 - 2020-09-09 20:09 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000090944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000090936 _____ (Microsoft Corporation) C:\WINDOWS\system32\vid.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000089344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdSSDP.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000084280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2020-09-09 20:09 - 2020-09-09 20:09 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000079576 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhuxgraphics.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000076800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000066872 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ssdpapi.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtutils.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000063296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\edpnotify.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000059392 _____ C:\WINDOWS\system32\runexehelper.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000059192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2020-09-09 20:09 - 2020-09-09 20:09 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\udhisapi.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000057888 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndiscap.sys
2020-09-09 20:09 - 2020-09-09 20:09 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtutils.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\tar.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NAPCRYPT.DLL
2020-09-09 20:09 - 2020-09-09 20:09 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edpnotify.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfctrs.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000047008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfproc.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NAPCRYPT.DLL
2020-09-09 20:09 - 2020-09-09 20:09 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tar.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfctrs.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfdisk.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnpcont.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfos.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfproc.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfdisk.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wslapi.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfos.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys
2020-09-09 20:09 - 2020-09-09 20:09 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnpcont.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMPOSERES.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryCore.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys
2020-09-09 20:09 - 2020-09-09 20:09 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmintegrator.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys
2020-09-09 20:09 - 2020-09-09 20:09 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfnet.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidtel.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfnet.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdiagnostics.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\fixmapi.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000021304 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidtel.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidcertstorecheck.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\applockerfltr.sys
2020-09-09 20:09 - 2020-09-09 20:09 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fixmapi.exe
2020-09-09 20:09 - 2020-09-09 20:09 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDJPN.DLL
2020-09-09 20:09 - 2020-09-09 20:09 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDJPN.DLL
2020-09-09 20:09 - 2020-09-09 20:09 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDKOR.DLL
2020-09-09 20:09 - 2020-09-09 20:09 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbd106.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbd106n.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbd101.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbd106n.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbd106.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbd101.DLL
2020-09-09 20:09 - 2020-09-09 20:09 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6r.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3r.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tier2punctuations.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3r.dll
2020-09-09 20:09 - 2020-09-09 20:09 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-09-09 20:09 - 2020-09-09 20:09 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-09-09 20:09 - 2020-09-09 20:09 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-09-09 20:09 - 2020-09-09 20:09 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-09-09 20:09 - 2020-09-09 20:09 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-09-09 20:09 - 2020-09-09 20:09 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-09-09 20:09 - 2020-09-09 20:09 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-09-09 20:09 - 2020-09-09 20:09 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-09-09 20:09 - 2020-09-09 20:09 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-09-09 20:09 - 2020-09-09 20:09 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-09-09 20:09 - 2020-09-09 20:09 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-09-09 20:09 - 2020-09-09 20:09 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-09-09 20:05 - 2020-08-15 13:25 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-09-09 20:05 - 2020-08-15 13:15 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-09-06 16:43 - 2020-09-06 16:43 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-09-06 14:00 - 2020-09-25 21:03 - 000000000 ____D C:\Program Files\Mozilla Firefox
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-09-25 21:50 - 2018-02-25 10:06 - 000000000 ____D C:\Users\Admin\AppData\Roaming\discord
2020-09-25 21:38 - 2019-03-19 12:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-09-25 21:36 - 2018-01-27 20:05 - 000000000 ____D C:\Users\Admin\AppData\LocalLow\Mozilla
2020-09-25 19:25 - 2018-01-27 19:51 - 000000000 ____D C:\Users\Admin\AppData\Local\CrashDumps
2020-09-25 18:55 - 2020-04-29 22:56 - 000795992 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-09-25 18:55 - 2019-03-19 12:50 - 000000000 ____D C:\WINDOWS\INF
2020-09-25 18:51 - 2018-01-27 14:20 - 000000000 ____D C:\ProgramData\NVIDIA
2020-09-25 18:49 - 2020-04-29 22:53 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-09-25 18:49 - 2018-01-27 14:17 - 000000000 ___RD C:\Users\Admin\OneDrive
2020-09-25 18:48 - 2019-03-19 12:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-09-25 18:45 - 2019-03-19 12:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-09-25 18:36 - 2020-04-01 21:19 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-09-25 18:36 - 2020-04-01 21:19 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-09-25 18:36 - 2020-04-01 21:19 - 000002260 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-09-24 21:47 - 2020-04-29 22:44 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-09-24 21:01 - 2020-04-29 22:53 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-09-24 21:01 - 2018-08-29 18:18 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-09-24 19:29 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-09-24 19:22 - 2018-07-17 23:03 - 000000000 ____D C:\Users\Admin\AppData\Local\D3DSCache
2020-09-24 19:12 - 2019-03-19 12:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-09-21 23:48 - 2018-02-03 20:26 - 000000000 ____D C:\Users\Admin\AppData\Local\Packages
2020-09-20 23:21 - 2020-04-23 23:28 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-09-20 23:21 - 2020-04-23 23:28 - 000002021 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-09-20 23:21 - 2019-03-19 12:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-09-20 23:20 - 2020-04-23 23:27 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-09-20 17:03 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-09-20 16:54 - 2020-04-29 22:46 - 000000000 ____D C:\Users\Admin
2020-09-20 16:54 - 2019-03-16 20:50 - 000000000 ____D C:\Users\Admin\AppData\Local\Nox
2020-09-20 16:54 - 2019-02-25 21:09 - 000000000 ____D C:\Users\Admin\AppData\Local\Bluestacks
2020-09-18 18:55 - 2020-04-29 22:53 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1074230309-3786456183-1573165190-1001
2020-09-18 18:55 - 2020-04-29 22:46 - 000002367 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-09-18 11:41 - 2018-01-27 14:19 - 000000000 ____D C:\ProgramData\Package Cache
2020-09-15 21:21 - 2020-05-08 09:04 - 000000000 ____D C:\Program Files\Emsisoft Anti-Malware
2020-09-15 19:20 - 2018-07-03 13:25 - 000000000 ____D C:\Program Files\Microsoft Office
2020-09-11 20:05 - 2018-02-25 10:06 - 000002237 _____ C:\Users\Admin\Desktop\Discord.lnk
2020-09-11 20:05 - 2018-02-25 10:06 - 000000000 ____D C:\Users\Admin\AppData\Local\Discord
2020-09-10 18:01 - 2020-04-29 22:44 - 000433440 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-09-10 18:01 - 2018-02-03 20:34 - 000000000 ___RD C:\Users\Admin\3D Objects
2020-09-10 18:01 - 2018-01-27 14:16 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-09-10 00:17 - 2019-03-19 12:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2020-09-10 00:17 - 2019-03-19 12:52 - 000000000 ___RD C:\WINDOWS\PrintDialog
2020-09-10 00:17 - 2019-03-19 12:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-09-10 00:17 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-09-10 00:17 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-09-10 00:17 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-09-10 00:17 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-09-10 00:17 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\Provisioning
2020-09-10 00:17 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-09-09 20:13 - 2018-01-28 11:59 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-09-09 20:12 - 2018-01-28 11:59 - 129170736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-09-09 20:09 - 2020-04-29 22:44 - 002876416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2020-09-09 18:44 - 2020-04-29 22:53 - 000004588 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-09-09 18:44 - 2019-03-19 12:56 - 000842296 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-09-09 18:44 - 2019-03-19 12:56 - 000175160 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2020-09-09 18:44 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-09-09 18:44 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-09-06 23:21 - 2018-01-27 20:05 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-09-06 16:43 - 2018-01-27 20:05 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-09-02 15:06 - 2018-02-19 20:27 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
==================== Files in the root of some directories ========
2020-09-20 21:31 - 2020-09-20 21:31 - 000000218 _____ () C:\Users\Admin\AppData\Local\recently-used.xbel
2019-11-21 18:48 - 2019-11-21 18:49 - 000000069 _____ () C:\Users\Admin\AppData\Local\update_progress.txt
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
 

freshbox

Thread Starter
Joined
Jan 14, 2006
Messages
81
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-09-2020
Ran by Admin (25-09-2020 21:53:24)
Running from C:\Users\Admin\Desktop
Windows 10 Home Version 1909 18363.1082 (X64) (2020-04-29 14:54:01)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================
Admin (S-1-5-21-1074230309-3786456183-1573165190-1001 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-1074230309-3786456183-1573165190-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1074230309-3786456183-1573165190-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-1074230309-3786456183-1573165190-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-1074230309-3786456183-1573165190-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1074230309-3786456183-1573165190-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 20.012.20048 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.433 - Adobe)
Apple Application Support (32-bit) (HKLM-x32\...\{9F7041CB-8398-4691-B8CB-0D52273BB3D9}) (Version: 7.4 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{6E7DF4EE-1976-4215-9D81-755AFC95687D}) (Version: 7.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BA2A6DBB-B09A-43D8-84F3-21C1537B47D9}) (Version: 12.2.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
ASUS USB-AC68 WLAN Card Driver (HKLM-x32\...\{56A6C59A-E783-41CB-A5F9-9240CA3C6B87}) (Version: 2.1.4.7 - ASUS)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Discord (HKU\S-1-5-21-1074230309-3786456183-1573165190-1001\...\Discord) (Version: 0.0.308 - Discord Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 85.0.4183.121 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
GSmartControl (HKLM-x32\...\GSmartControl) (Version: 1.1.3 - Alexander Shaduri)
iTunes (HKLM\...\{DF90B2B3-5832-4E85-934D-8048B33A1D67}) (Version: 12.9.4.102 - Apple Inc.)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes version 4.2.1.89 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.2.1.89 - Malwarebytes)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.13127.20408 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1074230309-3786456183-1573165190-1001\...\OneDriveSetup.exe) (Version: 20.169.0823.0003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{406C9ADB-1325-4FD0-9D13-C119CFF64E0A}) (Version: 2.65.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Mozilla Firefox 80.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 80.0.1 (x64 en-US)) (Version: 80.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 58.0 - Mozilla)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.2.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.2.34 - NVIDIA Corporation)
NVIDIA Graphics Driver 442.59 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 442.59 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.21 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13127.20164 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13127.20378 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.13127.20164 - Microsoft Corporation) Hidden
Razer Chroma SDK Core Components (HKLM-x32\...\Razer Chroma SDK) (Version: 2.10.0 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8295 - Realtek Semiconductor Corp.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM-x32\...\{7C070E60-8769-4763-BBD8-7537A28A60D4}) (Version: 1.10.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.1 - VideoLAN)
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22925 - Microsoft Corporation)
WinRAR 5.60 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.60.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-07] (Autodesk Inc.)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_6.12.4.0_x86__kgqvnymyfvs32 [2020-08-14] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.177.700.0_x86__kgqvnymyfvs32 [2020-09-24] (king.com)
Disney Magic Kingdoms -> C:\Program Files\WindowsApps\A278AB0D.DisneyMagicKingdoms_5.3.0.0_x86__h6adky7gbf63m [2020-08-28] (Gameloft SE)
Emsisoft Browser Security -> C:\Program Files\WindowsApps\24598Emsisoft.EmsisoftBrowserSecurity_2018.12.10.0_neutral__qx27tcjycwb5c [2020-05-08] (Emsisoft)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_115.1.152.0_x64__v10z8vjag6ke6 [2020-05-30] (HP Inc.)
March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_5.1.0.6_x86__h6adky7gbf63m [2020-09-18] (Gameloft SE)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-19] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-19] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.8101.0_x64__8wekyb3d8bbwe [2020-08-20] (Microsoft Studios) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.16.4002.0_x64__8wekyb3d8bbwe [2020-09-04] (Microsoft Studios)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-01-01] (Microsoft Corporation)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.8.204.0_x64__dt26b99r8h8gj [2020-03-26] (Realtek Semiconductor Corp)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.142.622.0_x86__zpdnekdrzrea0 [2020-09-16] (Spotify AB) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Admin\AppData\Local\MEGAsync\ShellExtX64.dll [2020-07-03] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Admin\AppData\Local\MEGAsync\ShellExtX64.dll [2020-07-03] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Admin\AppData\Local\MEGAsync\ShellExtX64.dll [2020-07-03] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Admin\AppData\Local\MEGAsync\ShellExtX64.dll [2020-07-03] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Admin\AppData\Local\MEGAsync\ShellExtX64.dll [2020-07-03] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Admin\AppData\Local\MEGAsync\ShellExtX64.dll [2020-07-03] (Mega Limited -> )
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Admin\AppData\Local\MEGAsync\ShellExtX64.dll [2020-07-03] (Mega Limited -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Admin\AppData\Local\MEGAsync\ShellExtX64.dll [2020-07-03] (Mega Limited -> )
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-04-23] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Admin\AppData\Local\MEGAsync\ShellExtX64.dll [2020-07-03] (Mega Limited -> )
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Admin\AppData\Local\MEGAsync\ShellExtX64.dll [2020-07-03] (Mega Limited -> )
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-03-05] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-04-23] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2017-09-14 14:37 - 2017-09-14 14:37 - 000026112 _____ (The Qt Company Ltd) [File not signed] C:\Users\Admin\AppData\Local\MEGAsync\imageformats\qgif.dll
2017-09-14 14:42 - 2017-09-14 14:42 - 000033280 _____ (The Qt Company Ltd) [File not signed] C:\Users\Admin\AppData\Local\MEGAsync\imageformats\qicns.dll
2017-09-14 14:37 - 2017-09-14 14:37 - 000027648 _____ (The Qt Company Ltd) [File not signed] C:\Users\Admin\AppData\Local\MEGAsync\imageformats\qico.dll
2017-09-14 14:37 - 2017-09-14 14:37 - 000245760 _____ (The Qt Company Ltd) [File not signed] C:\Users\Admin\AppData\Local\MEGAsync\imageformats\qjpeg.dll
2017-09-14 14:42 - 2017-09-14 14:42 - 000021504 _____ (The Qt Company Ltd) [File not signed] C:\Users\Admin\AppData\Local\MEGAsync\imageformats\qsvg.dll
2017-09-14 14:42 - 2017-09-14 14:42 - 000020992 _____ (The Qt Company Ltd) [File not signed] C:\Users\Admin\AppData\Local\MEGAsync\imageformats\qtga.dll
2017-09-14 14:42 - 2017-09-14 14:42 - 000316416 _____ (The Qt Company Ltd) [File not signed] C:\Users\Admin\AppData\Local\MEGAsync\imageformats\qtiff.dll
2017-09-14 14:42 - 2017-09-14 14:42 - 000019968 _____ (The Qt Company Ltd) [File not signed] C:\Users\Admin\AppData\Local\MEGAsync\imageformats\qwbmp.dll
2017-09-14 14:42 - 2017-09-14 14:42 - 000322560 _____ (The Qt Company Ltd) [File not signed] C:\Users\Admin\AppData\Local\MEGAsync\imageformats\qwebp.dll
2017-09-14 14:37 - 2017-09-14 14:37 - 001010688 _____ (The Qt Company Ltd) [File not signed] C:\Users\Admin\AppData\Local\MEGAsync\platforms\qwindows.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-1074230309-3786456183-1573165190-1001\...\localhost -> localhost
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2016-07-16 19:47 - 2016-07-16 19:45 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
2018-05-09 19:34 - 2018-05-09 19:39 - 000000444 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Users\Admin\AppData\Local\Microsoft\WindowsApps;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1074230309-3786456183-1573165190-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
Network Binding:
=============
Wi-Fi: Rawether NDIS 6.X SPR Protocol Driver -> PCA_PCASP60 (enabled)
Ethernet: Rawether NDIS 6.X SPR Protocol Driver -> PCA_PCASP60 (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{24065CDD-A883-4567-90CF-C1C4A22186A8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C7222AC7-5FF5-4D2E-8946-327F76CEA6A8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BFE16174-EB33-4B74-BF4E-2660E5ACF4B5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A97D507E-6CE5-433C-8CA8-E213403A1AEE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{52CA91A9-3E69-437C-B77A-459CD2AD4DA7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E3BA66E0-2EC3-4A37-B6A2-9731A96FC71A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A93B830D-ED34-40D4-99F4-BC5930BC8199}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{04823DE0-8172-48B4-8A33-DC4E498098BD}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{576BB933-4363-4268-A723-F5F6BEB23D8C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{57EC55A4-0C9B-485C-AA0A-19AB68200356}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{922DD7CE-410C-4F18-A8FA-C4F4DDFA083E}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{C325E5BB-DC0E-413E-9F4B-AAC9DBCF05C2}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{84B49892-C897-468A-8F5E-FBDA6B164694}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7087B3D1-6A4B-411E-8A04-4AB34A427618}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7619DFD4-44C2-4E51-A6D2-23664BC30DD0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F4880193-BC9A-433B-9A8B-92210657EFDB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0BF551B4-FCD0-4027-A5D3-6721FF16C7AC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{9DDEDBD5-1FF5-4CFB-B0DC-726089F9607E}C:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{10B17BB1-0BC9-43F7-A569-68CBA855FB64}C:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{7DF0830A-B0E3-45FB-A784-A98CB1B48831}] => (Allow) D:\Program Files\Nox\bin\Nox.exe => No File
FirewallRules: [{97DC0E83-C2F4-4AC4-8C5F-565D42CE38A5}] => (Allow) C:\Program Files (x86)\\Bignox\\BigNoxVM\\RT\NoxVMHandle.exe => No File
FirewallRules: [{925A308C-0D43-4A0C-A92E-013319ED9E72}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1EBC01F0-1E38-43F5-BF71-02D5FAEBEBDD}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe => No File
FirewallRules: [{EEC14FDE-F79A-40D7-A822-F4EF9BCEBBE0}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DED9D04D-DE2A-49B0-9B0B-AEB674F653DB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.142.622.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{CEA9D4FA-F0C2-4D67-8373-8AFFBB77B16C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.142.622.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{10BD352F-3514-46A6-9F13-8EFD05803645}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.142.622.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2114C087-7CCE-4423-8F14-F48E746B51EB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.142.622.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{01D09545-4E4F-40F9-8057-F348B961A46E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.142.622.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B6029FAC-A9C1-4DBE-ACD4-B3534B42B4F5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.142.622.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FDF562DC-023F-44B8-93CB-9C4825F47C91}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.142.622.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C5D31A04-4A59-4712-8342-3485A007BE13}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.142.622.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F1355443-D85F-43C8-9712-573CDFDE96AC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E215B6AB-9AF3-4C09-A2C4-F7647359E9F0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3AB576A8-705F-4390-86E3-D40A0998CDAD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7150273B-BF72-4A99-804D-1DFEA2C3ACDB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{50D7C313-8DAB-45AA-B3D6-426860FC47F9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
22-09-2020 18:05:49 Scheduled Checkpoint
25-09-2020 18:37:45 Removed Java 8 Update 251 (64-bit)
==================== Faulty Device Manager Devices ============
Name: Microsoft PS/2 Mouse
Description: Microsoft PS/2 Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

==================== Event log errors: ========================
Application errors:
==================
Error: (09/25/2020 09:41:29 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (16020,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (09/25/2020 09:20:54 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (09/25/2020 09:11:08 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4036,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (09/25/2020 08:59:58 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (15792,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (09/25/2020 08:42:34 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (14108,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (09/25/2020 08:22:09 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2572,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (09/25/2020 08:04:37 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7432,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (09/25/2020 07:54:25 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7276,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

System errors:
=============
Error: (09/25/2020 06:49:25 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
Module Path: C:\WINDOWS\system32\Rtlihvs.dll
Error Code: 126
Error: (09/25/2020 06:44:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The iPod Service service terminated unexpectedly. It has done this 1 time(s).
Error: (09/25/2020 06:44:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
Error: (09/25/2020 06:44:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The NVIDIA LocalSystem Container service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 6000 milliseconds: Restart the service.
Error: (09/25/2020 06:44:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Realtek Audio Universal Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
Error: (09/25/2020 06:44:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Razer Chroma SDK Service service terminated unexpectedly. It has done this 1 time(s).
Error: (09/25/2020 06:44:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The RunSwUSB service terminated unexpectedly. It has done this 1 time(s).
Error: (09/25/2020 06:44:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Microsoft Office Click-to-Run Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.

Windows Defender:
===================================
Date: 2020-09-23 18:28:12.035
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {F38FBAE0-B51D-4F0F-A178-60B479C0D1A2}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2020-09-22 18:03:46.793
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {E8FF74DA-C9E9-4AD2-81E1-99C63F0AA5A0}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2020-09-18 22:58:08.018
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {AB3E6443-191A-4CB7-8BF5-3D9CAABA11CE}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2020-09-17 20:14:33.604
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {C393F9FB-F497-4F83-BEC0-C70F105D456B}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2020-09-16 18:46:06.992
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {77D5F9E0-7298-40A1-909C-1DE8C0EF9F70}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2020-09-01 19:55:36.476
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.323.245.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17400.5
Error code: 0x8024402c
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
CodeIntegrity:
===================================
Date: 2020-09-15 21:21:43.847
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Emsisoft Anti-Malware\eppwsc.exe) attempted to load \Device\HarddiskVolume3\Program Files\Emsisoft Anti-Malware\eppcom64.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-09-15 21:21:43.843
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Emsisoft Anti-Malware\eppwsc.exe) attempted to load \Device\HarddiskVolume3\Program Files\Emsisoft Anti-Malware\eppcom64.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-09-15 21:21:37.835
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Emsisoft Anti-Malware\eppwsc.exe) attempted to load \Device\HarddiskVolume3\Program Files\Emsisoft Anti-Malware\eppcom64.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-09-15 21:21:37.830
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Emsisoft Anti-Malware\eppwsc.exe) attempted to load \Device\HarddiskVolume3\Program Files\Emsisoft Anti-Malware\eppcom64.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-09-15 21:21:37.700
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Emsisoft Anti-Malware\eppwsc.exe) attempted to load \Device\HarddiskVolume3\Program Files\Emsisoft Anti-Malware\eppcom64.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-09-15 21:21:37.682
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Emsisoft Anti-Malware\eppwsc.exe) attempted to load \Device\HarddiskVolume3\Program Files\Emsisoft Anti-Malware\eppcom64.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-09-15 20:25:03.095
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Emsisoft Anti-Malware\eppcom64.dll that did not meet the Windows signing level requirements.
Date: 2020-09-15 20:25:03.043
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Emsisoft Anti-Malware\eppcom64.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 1.10 10/27/2017
Motherboard: Micro-Star International Co., Ltd. Z370 GAMING PLUS (MS-7B61)
Processor: Intel(R) Core(TM) i5-8400 CPU @ 2.80GHz
Percentage of memory in use: 67%
Total physical RAM: 8152.66 MB
Available physical RAM: 2647.47 MB
Total Virtual: 12504.66 MB
Available Virtual: 3703.07 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:231.83 GB) (Free:105.96 GB) NTFS
Drive d: () (Fixed) (Total:931.51 GB) (Free:863.77 GB) NTFS
\\?\Volume{f29310f3-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.49 GB) (Free:0.46 GB) NTFS
\\?\Volume{f29310f3-0000-0000-0000-a0143a000000}\ () (Fixed) (Total:0.56 GB) (Free:0.08 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: F29310FB)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: F29310F3)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=231.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=575 MB) - (Type=27)
==================== End of Addition.txt =======================
 

DR.M

Malware Trainee
Joined
Sep 4, 2019
Messages
667
Hi, freshbox.

I'm reviewing your logs.

Is the problem with the jpeg images still present?

Is there any other issue regarding this computer now?
 

freshbox

Thread Starter
Joined
Jan 14, 2006
Messages
81
I can view my jpeg images without any issue at the moment.

I currently have the Windows Microsoft Defender installed and I have downloaded the Malwarebytes (trial version).

I'm thinking of uninstalling the Malwarebytes (trial version) and was thinking if the Microsoft Defender is enough to give my computer protection?
 

DR.M

Malware Trainee
Joined
Sep 4, 2019
Messages
667
Hi, freshbox.

Your computer is free of malware, the corrupted system files are repaired and you did a great job regarding the hard disk's space. 👍🏻

As for your question about Windows Defender and Malwarebytes:

Windows Security is built-in to Windows 10 and includes an antirvirus program called Microsoft Defender Antivirus. (In previous versions of Windows 10, Windows Security is called Windows Defender Security Center). Together with Malwarebytes, which provides also an antimalware solution, your computer is protected, assuming that you follow the safety computing rules. Have in mind that the free version has no real time protection, so you have to run the product by yourself once every now and then, depending how often you use the computer. If you decide to get the paid version of the product, you will have real time protection. It's up to you.

Any other issue regarding this computer?
 
Last edited:

DR.M

Malware Trainee
Joined
Sep 4, 2019
Messages
667
Assuming that your computer is running fine now, let's remove the tools we used and make a new restore point:

Download KpRm by kernel-panik and save it to your desktop.
  • Right-click kprm_(version).exe and select Run as Administrator.
  • Read and accept the disclaimer.
  • When the tool opens, ensure all boxes under Actions are checked.
  • Under Delete Quarantines select Delete Now, then click Run.
  • Once complete, click OK.
  • A log will open in Notepad titled kprm-(date).txt.
  • Please copy and paste its contents in your next reply.
As a last recommendation, I would ask you to back up your data regularly, not only because your hard disk and operating system appeared some issues that were fixed for now, but because this action is a must. You never know when you'll have to reformat and start from scratch. You can always reformat and reinstall programs, but you cannot replace your data if you haven't made backups.

And the final tips about your computer's security from now and always:

Some of the following, are from Klein's (2005) article, So how did I get infected in the first place. Since then, the article has been reproduced or linked to in dozens of locations. As a result, many malware experts have continued updating it, to include current operating systems and software program information. My source is Security Garden, and I marked for you the following:

1. Keep your Windows updated!
It is important always to keep current with the latest security fixes from Microsoft. This can patch many of the security holes through which attackers can infect your computer.

2. Update 3rd Party Software Programs
Third Party software programs have long been targets for malware creators. It has been stated that "Adobe’s Reader and Flash and all versions of Java are together responsible for a total of 66 percent of the vulnerabilities in Windows systems exploited by malware.'' It's important to keep everything updated.

3. Update the browsers you use
Many malware infections install themselves by exploiting security holes in the Internet browser that you use. So... Keep them updated.

4. Be careful about what you download and what you open!
  • Many "freeware" programs come with an enormous amount of bundled spyware that will slow down your system, spawn pop-up advertisements, or just plain crash your browser or even Windows itself. Watch for pre-checked options such as toolbars that are not essential to the operation of the installed software.
  • Peer-to-peer (P2P) programs like Kazaa, BearShare, Imesh, Warez P2P, and others, allow the creation of a network enabling people to connect with other users and upload or download material in a fast efficient manner. BUT even if the P2P software you are using is "clean", a large percentage of the files served on the P2P network are likely to be infected.
  • Cracked or pirated programs are not only illegal, but also can make your computer a malware target. Have this in mind. ;)
  • Do not open any files without being certain of what they are!
5. Avoid questionable web sites!
Visit web sites that are trustworthy and reputable. Many disreputable sites will attempt to install malware on your system through "drive-by" exploits just by visiting the site in your browser. Lyrics sites, free software sites (especially ones that target young children), cracked software sites, and pornography sites are some of the worst offenders. Also, never give out personal information of any sort online or click "OK" to a pop-up unless it is signed by a reputable company and you know what it is.

6. PC means personal computer!
Don't give access to your computer to friends or family who appear to be clueless about what they are doing.

7. Must-Have Software
An anti-virus and an anti-spyware program is a necessity for the security of your computer. Be sure that you keep them updated, and that real time protection is enabled.


If you have any questions or concerns please don't hesitate to ask!

I'm glad I was able to help you.
:)
 
Last edited:

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Members online

Top