Featured Post

Best places to buy Kaspersky Anti-Virus in 2020 - Android Central

Image
Best places to buy Kaspersky Anti-Virus in 2020 - Android CentralBest places to buy Kaspersky Anti-Virus in 2020 - Android CentralAntivirus Software Market Pin-Point Analyses of Industry Competition Dynamics to Offer You a Competitive Edge - 3rd Watch NewsAntivirus Software Market Research with Covid-19 after Effects - Apsters NewsAntivirus Software Market Scope by Trends, Opportunities to Expand Significantly by 2026 - Jewish Life NewsBest places to buy Kaspersky Anti-Virus in 2020 - Android CentralPosted: 28 Apr 2020 12:00 AM PDTKaspersky Anti-Virus is one of the best computer protection programs around, and has been thoroughly tested by several third-party labs and in our own in-house tests, too. The best place to purchase a copy of Kaspersky Anti-Virus is from Kaspersky itself. However, you can often find deals through other vendors. The trick is finding a trustworthy one, so you don't accidentally purchase and download malware instead of a legitimate copy of Kaspersky. Here a…

Update.exe with a Mozilla Firefox Logo keeps on appearing during startup - Virus, Trojan, Spyware, and Malware Removal Help - BleepingComputer

Update.exe with a Mozilla Firefox Logo keeps on appearing during startup - Virus, Trojan, Spyware, and Malware Removal Help - BleepingComputer


Update.exe with a Mozilla Firefox Logo keeps on appearing during startup - Virus, Trojan, Spyware, and Malware Removal Help - BleepingComputer

Posted: 13 Apr 2020 07:25 AM PDT

Good day!

Every time I start my computer, a minimized firefox window opens with a title consisting of a jumble of letters. A bunch of lewd pictures can be seen if I maximize the firefox window. I did come across a software named 2.1.2.3 in my installed programs and I removed the said software with no problem. However, the suspicious firefox window still appears upon startup. Opening the file location of the suspicious executable file leads me to C:\Program Files (x86)\Common Files\InfoWeb\update.exe.

Moreover, I just found out that I don't have a mozilla firefox installed upon checking all of the web browsers I have installed on my computer.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-04-2020
Ran by Joan D (administrator) on LAPTOP-7SIJ6CS4 (ASUSTeK COMPUTER INC. VivoBook S13 X330UN) (13-04-2020 21:56:17)
Running from D:\Downloads
Loaded Profiles: Joan D (Available Profiles: Joan D)
Platform: Windows 10 Home Single Language Version 1909 18363.720 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\ASUS Hello\ASUSHelloBG.exe
(ASUSTek Computer Inc. -> ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\asussci.inf_amd64_fce98c95330a5a6d\ASUSLiveUpdateAgent\AsusLiveUpdateAgent.exe
(ASUSTek Computer Inc. -> ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\asussci.inf_amd64_fce98c95330a5a6d\ASUSOptimization\ASUSOptimization.exe
(ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci.inf_amd64_fce98c95330a5a6d\ASUSSystemAnalysis\AsusSystemAnalysis.exe
(ASUSTek Computer Inc. -> ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\atkwmiacpiio.inf_amd64_30ffacb41f78f352\AsHidSrv64.exe
(ASUSTek Computer Inc. -> ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\atkwmiacpiio.inf_amd64_30ffacb41f78f352\AsLdrSrv64.exe
(ASUSTek Computer Inc. -> ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\atkwmiacpiio.inf_amd64_30ffacb41f78f352\AsMonStartupTask64.exe
(ASUSTek Computer Inc. -> ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\atkwmiacpiio.inf_amd64_30ffacb41f78f352\ATKOSD2.exe
(ASUSTeK COMPUTER INC.) C:\Program Files\WindowsApps\B9ECED6F.ASUSKeyboardHotkeys_1.0.6.0_x86__qmba6cd70vzyy\ATK Package\HControl.exe
(BitTorrent Inc -> BitTorrent, Inc.) C:\Program Files (x86)\uTorrent\uTorrent.exe
(Download Master -> WestByte) C:\Program Files (x86)\IDA\ida.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <14>
(Google LLC -> Google) C:\Users\Joan D\AppData\Local\Google\Chrome\User Data\SwReporter\80.231.200\software_reporter_tool.exe <4>
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(ICEpower a/s -> ICEpower) C:\Windows\System32\DriverStore\FileRepository\icesoundapo64.inf_amd64_88d48d83aea800d8\ICEsoundService64.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_e7523682cc7528cc\igfxCUIService.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_e7523682cc7528cc\igfxEM.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_9c1ab568b4fa57de\IntelCpHDCPSvc.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_9c1ab568b4fa57de\IntelCpHeciSvc.exe
(Intel® Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 20.0\avp.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 20.0\avpui.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 4.0\ksde.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 4.0\ksdeui.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation -> Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BBSvc.EXE
(Microsoft Corporation -> Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.EXE
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.19418.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1812.10048.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.18.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Windows Hardware Compatibility Publisher -> ASUSTek COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci.inf_amd64_fce98c95330a5a6d\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-811551876-702764072-789382278-1001\...\Run: [Internet Download Accelerator] => C:\Program Files (x86)\IDA\ida.exe [6106432 2019-09-30] (Download Master -> WestByte)
HKU\S-1-5-21-811551876-702764072-789382278-1001\...\Run: [firefox] => C:\Program Files (x86)\Common Files\InfoWeb\update.exe [910296 2010-03-31] (Mozilla Corporation -> Mozilla Corporation) <==== ATTENTION
HKU\S-1-5-21-811551876-702764072-789382278-1001\...\Run: [uTorrent] => C:\Program Files (x86)\uTorrent\uTorrent.exe [399224 2019-12-24] (BitTorrent Inc -> BitTorrent, Inc.)
HKU\S-1-5-21-811551876-702764072-789382278-1001\...\Run: [utweb] => "C:\Users\Joan D\AppData\Roaming\uTorrent Web\utweb.exe" /MINIMIZED
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.163\Installer\chrmstp.exe [2020-04-13] (Google LLC -> Google LLC)
Startup: C:\Users\Joan D\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet Ink Adv 2060 K110.lnk [2020-04-13]
ShortcutAndArgument: Monitor Ink Alerts - HP Deskjet Ink Adv 2060 K110.lnk -> C:\WINDOWS\system32\RunDll32.exe => "C:\Program Files\HP\HP Deskjet Ink Adv 2060 K110\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN19533KN805M9;CONNECTION=USB;MONITOR=1;
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {02EDE1BA-AD92-487B-B622-45C1B6683B76} - System32\Tasks\Opera scheduled Autoupdate 1573307936 => C:\Users\Joan D\AppData\Local\Programs\Opera\launcher.exe [1534488 2019-11-05] (Opera Software AS -> Opera Software)
Task: {0B3C7598-7F61-4EE3-B7BD-5999F18BB656} - System32\Tasks\HPCustParticipation HP Deskjet Ink Adv 2060 K110 => C:\Program Files\HP\HP Deskjet Ink Adv 2060 K110\Bin\HPCustPartic.exe [4119656 2012-10-02] (Hewlett Packard -> Hewlett-Packard Co.)
Task: {0C3B202A-C8ED-4B0E-A83A-8A547AA1DF7F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24600440 2020-03-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {14D5A1F3-DE21-482C-A713-237780312564} - System32\Tasks\Update Checker => C:\WINDOWS\System32\DriverStore\FileRepository\asussci.inf_amd64_fce98c95330a5a6d\ASUSLiveUpdateAgent\UpdateChecker.exe [182392 2019-11-13] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.)
Task: {391CD627-330F-4DDE-AE96-0957521A5F47} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115032 2020-03-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {4497A1F9-A7BE-47E4-AFDF-D27BD7D0511C} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24600440 2020-03-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {46346616-3CDA-4B8C-BB32-7AA62F21714A} - System32\Tasks\Opera scheduled assistant Autoupdate 1573307939 => C:\Users\Joan D\AppData\Local\Programs\Opera\launcher.exe [1534488 2019-11-05] (Opera Software AS -> Opera Software)
Task: {6084AAD3-495A-41AD-AFF8-962DAF056034} - System32\Tasks\CorelUpdateHelperTaskCore => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe [1677600 2019-09-06] (Corel Corporation -> Corel Corporation)
Task: {64A714A5-CDDC-4EA8-B026-45869B941D8C} - System32\Tasks\ASUS Hello => C:\Program Files (x86)\ASUS\ASUS Hello\ASUSHelloBG.exe [642448 2018-06-01] (ASUSTeK Computer Inc. -> )
Task: {65F2C169-FD11-4CC7-AFE0-3CE386D843B5} - System32\Tasks\CorelUpdateHelperTask-931902FED164BDC19D9E908F2365F471 => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe [1677600 2019-09-06] (Corel Corporation -> Corel Corporation)
Task: {7D86753F-D13D-4346-8C7E-E8FB457538A3} - System32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci.inf_amd64_fce98c95330a5a6d\ASUSSystemAnalysis\AsusSystemAnalysis.exe [1458296 2019-11-13] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
Task: {85963419-3C91-4326-BB8D-3BFA0FDF0BD0} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1724928 2019-11-16] () [File not signed]
Task: {8867F232-E858-49DE-92F1-3F2E458FCC54} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\WINDOWS\System32\DriverStore\FileRepository\atkwmiacpiio.inf_amd64_30ffacb41f78f352\AsHotkeyExec64.exe [176064 2019-03-04] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.)
Task: {92708928-9EC6-4E05-8C0A-A2766A81957F} - System32\Tasks\RtkAudUService64_BG => C:\Windows\system32\RtkAudUService64.exe [865568 2019-03-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {9C086B26-25BC-49CF-9226-1D2687D9AF55} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-11-08] (Google Inc -> Google LLC)
Task: {BE183268-3D7D-4C9C-BBE5-139EB3932A21} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115032 2020-03-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {D2E25247-A6E5-447F-8E69-2830D28BBEF9} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [791232 2019-11-10] (Kaspersky Lab -> AO Kaspersky Lab)
Task: {F1FEDCFD-A34B-44CB-808E-D5ED081A8DDD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-11-08] (Google Inc -> Google LLC)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2e47f0ff-4031-4e72-97c9-a51e7d7f7831}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{950b9190-51f7-4746-8d5e-38220745ff69}: [DhcpNameServer] 10.66.0.1
Internet Explorer:
==================
HKU\S-1-5-21-811551876-702764072-789382278-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus17win10.msn.com/?pc=ASTE
HKU\S-1-5-21-811551876-702764072-789382278-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus17win10.msn.com/?pc=ASTE
SearchScopes: HKU\S-1-5-21-811551876-702764072-789382278-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-811551876-702764072-789382278-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: IE 4.x-6.x BHO for Internet Download Accelerator -> {2A646672-9C3A-4C28-9A7A-1FB0F63F28B6} -> C:\Program Files (x86)\IDA\idaiehlp.dll [2018-10-12] (Download Master -> WestByte)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation -> Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation -> Microsoft Corporation.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-21] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-21] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-21] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-21] (Microsoft Corporation -> Microsoft Corporation)
FF ProfilePath: C:\Users\Joan D\AppData\Roaming\AMozilla\AFirefox\Profiles\9xwpvnt0.default [2020-04-13] <==== ATTENTION
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
CHR Profile: C:\Users\Joan D\AppData\Local\Google\Chrome\User Data\Default [2020-04-13]
CHR DownloadDir: D:\Downloads
CHR Notifications: Default -> hxxps://kissanime.eu.org
CHR Extension: (Slides) - C:\Users\Joan D\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-11-08]
CHR Extension: (Safe Torrent Scanner) - C:\Users\Joan D\AppData\Local\Google\Chrome\User Data\Default\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2019-12-25]
CHR Extension: (Docs) - C:\Users\Joan D\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-11-08]
CHR Extension: (Google Drive) - C:\Users\Joan D\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-11-08]
CHR Extension: (YouTube) - C:\Users\Joan D\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-11-08]
CHR Extension: (Kaspersky Protection) - C:\Users\Joan D\AppData\Local\Google\Chrome\User Data\Default\Extensions\elhpdacimkjpccooodognopfhbdgnpbk [2020-02-15]
CHR Extension: (Sheets) - C:\Users\Joan D\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-11-08]
CHR Extension: (Google Docs Offline) - C:\Users\Joan D\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-03-16]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\Joan D\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-03-19]
CHR Extension: (Sober dark green) - C:\Users\Joan D\AppData\Local\Google\Chrome\User Data\Default\Extensions\necamokhombbnmeppbamhpehidknemmn [2019-11-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Joan D\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-11-08]
CHR Extension: (Gmail) - C:\Users\Joan D\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-11-08]
CHR Extension: (Chrome Media Router) - C:\Users\Joan D\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-03]
CHR HKLM\...\Chrome\Extension: [elhpdacimkjpccooodognopfhbdgnpbk] - hxxps://chrome.google.com/webstore/detail/elhpdacimkjpccooodognopfhbdgnpbk
CHR HKLM-x32\...\Chrome\Extension: [elhpdacimkjpccooodognopfhbdgnpbk] - hxxps://chrome.google.com/webstore/detail/elhpdacimkjpccooodognopfhbdgnpbk
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AsHidService; C:\WINDOWS\System32\DriverStore\FileRepository\atkwmiacpiio.inf_amd64_30ffacb41f78f352\AsHidSrv64.exe [173504 2019-03-04] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.)
R2 ASLDRService; C:\WINDOWS\System32\DriverStore\FileRepository\atkwmiacpiio.inf_amd64_30ffacb41f78f352\AsLdrSrv64.exe [227776 2019-03-04] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.)
R2 ASUSLiveUpdateAgent; C:\WINDOWS\System32\DriverStore\FileRepository\asussci.inf_amd64_fce98c95330a5a6d\ASUSLiveUpdateAgent\AsusLiveUpdateAgent.exe [271480 2019-11-13] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.)
R2 ASUSOptimization; C:\WINDOWS\System32\DriverStore\FileRepository\asussci.inf_amd64_fce98c95330a5a6d\ASUSOptimization\ASUSOptimization.exe [203704 2019-11-13] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.)
R2 ASUSSystemAnalysis; C:\WINDOWS\System32\DriverStore\FileRepository\asussci.inf_amd64_fce98c95330a5a6d\ASUSSystemAnalysis\AsusSystemAnalysis.exe [1458296 2019-11-13] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemDiagnosis; C:\WINDOWS\System32\DriverStore\FileRepository\asussci.inf_amd64_fce98c95330a5a6d\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe [513128 2019-11-13] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek COMPUTER INC.)
R2 AVP20.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 20.0\avp.exe [357416 2019-03-21] (Kaspersky Lab -> AO Kaspersky Lab)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11091224 2020-03-05] (Microsoft Corporation -> Microsoft Corporation)
R2 esifsvc; C:\WINDOWS\System32\Intel\DPTF\esif_uf.exe [1892512 2018-12-14] (Intel Corporation -> Intel Corporation)
R2 ibtsiva; C:\WINDOWS\System32\ibtsiva.exe [538808 2019-10-06] (Intel® Wireless Connectivity Solutions -> Intel Corporation)
R2 ICEsoundService; C:\WINDOWS\System32\DriverStore\FileRepository\icesoundapo64.inf_amd64_88d48d83aea800d8\ICEsoundService64.exe [806376 2018-11-06] (ICEpower a/s -> ICEpower)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\Intel® Management Engine Components\iCLS\SocketHeciServer.exe [758552 2018-03-03] (Intel® Trust Services -> Intel® Corporation)
S2 Intel® TPM Provisioning Service; C:\Program Files\Intel\Intel® Management Engine Components\iCLS\TPMProvisioningService.exe [719640 2018-03-03] (Intel® Trust Services -> Intel® Corporation)
S2 IntelAudioService; C:\WINDOWS\system32\cAVS\Intel® Audio Service\IntelAudioService.exe [216096 2018-03-12] (Intel® Smart Sound Technology -> Intel)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [205968 2017-12-04] (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 klvssbridge64_20.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 20.0\x64\vssbridge64.exe [438928 2019-03-21] (Kaspersky Lab -> AO Kaspersky Lab)
R2 KSDE4.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 4.0\ksde.exe [619752 2019-03-21] (Kaspersky Lab -> AO Kaspersky Lab)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [265824 2018-04-17] (Intel Corporation -> )
R2 PSI_SVC_2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
R2 PSI_SVC_2_x64; C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
R2 RtkAudioUniversalService; C:\WINDOWS\System32\RtkAudUService64.exe [865568 2019-03-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2020-01-18] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2020-01-18] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3848288 2018-04-17] (Intel Corporation -> Intel® Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AsusPTPDrv; C:\WINDOWS\System32\drivers\AsusPTPFilter.sys [108504 2019-04-24] (ASUSTek Computer Inc. -> ASUSTek COMPUTER INC.)
R1 ASUSSAIO; C:\WINDOWS\System32\DriverStore\FileRepository\asussci.inf_amd64_fce98c95330a5a6d\ASUSSystemAnalysis\ASUSSAIO.sys [30840 2019-11-13] (ASUSTek Computer Inc. -> )
R1 ATKWMIACPIIO; C:\WINDOWS\System32\DriverStore\FileRepository\atkwmiacpiio.inf_amd64_30ffacb41f78f352\atkwmiacpi64.sys [36368 2019-03-04] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [246912 2019-02-16] (Kaspersky Lab -> AO Kaspersky Lab)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [78832 2018-12-14] (Intel Corporation -> Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [75248 2018-12-14] (Intel Corporation -> Intel Corporation)
R3 esif_lf; C:\WINDOWS\System32\drivers\esif_lf.sys [403440 2018-12-14] (Intel Corporation -> Intel Corporation)
S3 iaLPSS2_GPIO2; C:\WINDOWS\System32\drivers\iaLPSS2_GPIO2.sys [98968 2017-10-16] (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R0 iaStorAC; C:\WINDOWS\System32\drivers\iaStorAC.sys [942128 2018-02-14] (Intel® Rapid Storage Technology -> Intel Corporation)
R3 ibtusb; C:\WINDOWS\System32\DriverStore\FileRepository\ibtusb.inf_amd64_4fdb1c67af4e1d78\ibtusb.sys [794400 2019-09-12] (Intel® Wireless Connectivity Solutions -> Intel Corporation)
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [79768 2020-04-13] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [145504 2020-02-13] (Kaspersky Lab -> AO Kaspersky Lab)
R1 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [93312 2019-03-12] (Kaspersky Lab -> AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [37816 2019-01-24] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [251800 2020-04-13] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klgse; C:\WINDOWS\System32\DRIVERS\klgse.sys [586496 2020-01-27] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\system32\DRIVERS\klhk.sys [1163216 2020-01-24] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP20.0\Bases\klids.sys [214592 2020-04-13] (Kaspersky Lab -> AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [998296 2020-04-13] (Kaspersky Lab -> AO Kaspersky Lab)
S1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [58192 2019-03-19] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [79760 2020-04-13] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [59512 2019-03-18] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [51328 2019-03-13] (Kaspersky Lab -> AO Kaspersky Lab)
S3 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [45904 2019-03-10] (Kaspersky Lab -> AO Kaspersky Lab)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [256752 2020-04-13] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [99152 2019-11-10] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [309968 2020-04-13] (Kaspersky Lab -> AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [117496 2020-04-13] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [206880 2020-04-13] (Kaspersky Lab -> AO Kaspersky Lab)
S4 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [105600 2019-03-05] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [211048 2019-12-22] (Kaspersky Lab -> AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [232344 2020-04-13] (Kaspersky Lab -> AO Kaspersky Lab)
R3 Netwtw06; C:\WINDOWS\System32\drivers\Netwtw06.sys [8810336 2018-05-13] (Intel® Wireless Connectivity Solutions -> Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvam.inf_amd64_0a3df7b38f899cd4\nvlddmkm.sys [17201128 2018-06-22] (NVIDIA Corporation -> NVIDIA Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2020-01-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2020-01-18] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2020-01-18] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-04-13 21:54 - 2020-04-13 21:56 - 000000000 ____D C:\FRST
2020-04-13 21:54 - 2020-04-13 21:54 - 000000000 _____ C:\WINDOWS\system32\Drivers\SET51CC.tmp
2020-04-13 21:24 - 2020-04-13 21:24 - 000309968 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klark.sys
2020-04-13 21:12 - 2020-04-13 21:12 - 000256752 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_arkmon.sys
2020-04-13 21:12 - 2020-04-13 21:12 - 000206880 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_mark.sys
2020-04-13 21:12 - 2020-04-13 21:12 - 000117496 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klbg.sys
2020-04-02 20:32 - 2020-04-02 20:32 - 000000000 ____D C:\Users\Joan D\AppData\Local\NVIDIA
2020-03-21 20:58 - 2020-03-21 20:58 - 992602562 _____ C:\WINDOWS\MEMORY.DMP
2020-03-21 20:58 - 2020-03-21 20:58 - 002400020 _____ C:\WINDOWS\Minidump\032120-12656-01.dmp
2020-03-21 20:58 - 2020-03-21 20:58 - 000000000 ____D C:\WINDOWS\Minidump
2020-03-19 19:31 - 2020-03-19 19:31 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-03-19 19:31 - 2020-03-19 19:31 - 019850240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-03-19 19:31 - 2020-03-19 19:31 - 019812352 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-03-19 19:31 - 2020-03-19 19:31 - 018027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-03-19 19:31 - 2020-03-19 19:31 - 011607552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2020-03-19 19:31 - 2020-03-19 19:31 - 009711616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2020-03-19 19:31 - 2020-03-19 19:31 - 006285312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-03-19 19:31 - 2020-03-19 19:31 - 005911040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-03-19 19:31 - 2020-03-19 19:31 - 004348408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll
2020-03-19 19:31 - 2020-03-19 19:31 - 004129648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-03-19 19:31 - 2020-03-19 19:31 - 003819520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-03-19 19:31 - 2020-03-19 19:31 - 003488768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-03-19 19:31 - 2020-03-19 19:31 - 003243296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2020-03-19 19:31 - 2020-03-19 19:31 - 002956688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2020-03-19 19:31 - 2020-03-19 19:31 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-03-19 19:31 - 2020-03-19 19:31 - 002494744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-03-19 19:31 - 2020-03-19 19:31 - 002315680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2020-03-19 19:31 - 2020-03-19 19:31 - 002180408 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2020-03-19 19:31 - 2020-03-19 19:31 - 002072664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2020-03-19 19:31 - 2020-03-19 19:31 - 002031104 _____ C:\WINDOWS\system32\rdpnano.dll
2020-03-19 19:31 - 2020-03-19 19:31 - 001867816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2020-03-19 19:31 - 2020-03-19 19:31 - 001835128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2020-03-19 19:31 - 2020-03-19 19:31 - 001770552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2020-03-19 19:31 - 2020-03-19 19:31 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-03-19 19:31 - 2020-03-19 19:31 - 001555904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2020-03-19 19:31 - 2020-03-19 19:31 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2020-03-19 19:31 - 2020-03-19 19:31 - 001490640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2020-03-19 19:31 - 2020-03-19 19:31 - 001417976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2020-03-19 19:31 - 2020-03-19 19:31 - 001282944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2020-03-19 19:31 - 2020-03-19 19:31 - 001273856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2020-03-19 19:31 - 2020-03-19 19:31 - 001108040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2020-03-19 19:31 - 2020-03-19 19:31 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-03-19 19:31 - 2020-03-19 19:31 - 001080832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2020-03-19 19:31 - 2020-03-19 19:31 - 001012792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-03-19 19:31 - 2020-03-19 19:31 - 001000960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2020-03-19 19:31 - 2020-03-19 19:31 - 000952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2020-03-19 19:31 - 2020-03-19 19:31 - 000883712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2020-03-19 19:31 - 2020-03-19 19:31 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2020-03-19 19:31 - 2020-03-19 19:31 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2020-03-19 19:31 - 2020-03-19 19:31 - 000757632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2020-03-19 19:31 - 2020-03-19 19:31 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-03-19 19:31 - 2020-03-19 19:31 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-03-19 19:31 - 2020-03-19 19:31 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2020-03-19 19:31 - 2020-03-19 19:31 - 000604160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbc32.dll
2020-03-19 19:31 - 2020-03-19 19:31 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-03-19 19:31 - 2020-03-19 19:31 - 000525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2020-03-19 19:31 - 2020-03-19 19:31 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2020-03-19 19:31 - 2020-03-19 19:31 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2020-03-19 19:31 - 2020-03-19 19:31 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll
2020-03-19 19:31 - 2020-03-19 19:31 - 000287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacEncoder.dll
2020-03-19 19:31 - 2020-03-19 19:31 - 000239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacEncoder.dll
2020-03-19 19:31 - 2020-03-19 19:31 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2020-03-19 19:31 - 2020-03-19 19:31 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-03-19 19:31 - 2020-03-19 19:31 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-03-19 19:31 - 2020-03-19 19:31 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-03-19 19:31 - 2020-03-19 19:31 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2020-03-19 19:31 - 2020-03-19 19:31 - 000097080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2020-03-19 19:31 - 2020-03-19 19:31 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
2020-03-19 19:31 - 2020-03-19 19:31 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-03-19 19:31 - 2020-03-19 19:31 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\udhisapi.dll
2020-03-19 19:31 - 2020-03-19 19:31 - 000042296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2020-03-19 19:31 - 2020-03-19 19:31 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnpcont.exe
2020-03-19 19:31 - 2020-03-19 19:31 - 000032056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2020-03-19 19:31 - 2020-03-19 19:31 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 025900544 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 022635008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 007755776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 007259648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 006520776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 005764664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 004855808 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 004580352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 004538880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-03-19 19:30 - 2020-03-19 19:30 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-03-19 19:30 - 2020-03-19 19:30 - 002740736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directml.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 002584008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 002259872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 002224952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 001985104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 001684992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 001665416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 001413632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 001398584 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-03-19 19:30 - 2020-03-19 19:30 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 001284096 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 001283600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2020-03-19 19:30 - 2020-03-19 19:30 - 001264128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 001218632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2020-03-19 19:30 - 2020-03-19 19:30 - 001214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 001190912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 001088000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 001077048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-03-19 19:30 - 2020-03-19 19:30 - 001031680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 001007672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 000980320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 000935040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2020-03-19 19:30 - 2020-03-19 19:30 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 000915296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 000892696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowsperformancerecordercontrol.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 000783480 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-03-19 19:30 - 2020-03-19 19:30 - 000769552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 000748032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 000732000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 000710144 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbc32.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 000691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 000680184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 000669496 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 000668296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 000654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 000592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 000510768 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2020-03-19 19:30 - 2020-03-19 19:30 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 000455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 000403456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprdim.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-03-19 19:30 - 2020-03-19 19:30 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 000251392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 000214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 000210744 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 000199480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-03-19 19:30 - 2020-03-19 19:30 - 000193592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 000166400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtm.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2020-03-19 19:30 - 2020-03-19 19:30 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2020-03-19 19:30 - 2020-03-19 19:30 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 000136328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\omadmapi.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 000130112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 000120560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 000105832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2020-03-19 19:30 - 2020-03-19 19:30 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 000089568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 000074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 000055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmapi.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnpcont.exe
2020-03-19 19:30 - 2020-03-19 19:30 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmtask.exe
2020-03-19 19:30 - 2020-03-19 19:30 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Drivers\afunix.sys
2020-03-19 19:30 - 2020-03-19 19:30 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 000019768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
2020-03-19 19:30 - 2020-03-19 19:30 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msauserext.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchTM.exe
2020-03-19 19:30 - 2020-03-19 19:30 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtprio.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2020-03-19 19:30 - 2020-03-19 19:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-03-19 19:30 - 2020-03-19 19:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-03-19 19:30 - 2020-03-19 19:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-03-19 19:30 - 2020-03-19 19:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-03-19 19:30 - 2020-03-19 19:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-03-19 19:30 - 2020-03-19 19:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-03-19 19:30 - 2020-03-19 19:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-03-19 19:30 - 2020-03-19 19:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-03-19 19:30 - 2020-03-19 19:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-03-19 19:30 - 2020-03-19 19:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-03-19 19:30 - 2020-03-19 19:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-03-19 19:30 - 2020-03-19 19:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-03-19 19:29 - 2020-03-19 19:29 - 006084344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-03-19 19:29 - 2020-03-19 19:29 - 005112832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-03-19 19:29 - 2020-03-19 19:29 - 005040640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-03-19 19:29 - 2020-03-19 19:29 - 003971808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2020-03-19 19:29 - 2020-03-19 19:29 - 002875904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2020-03-19 19:29 - 2020-03-19 19:29 - 002773568 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2020-03-19 19:29 - 2020-03-19 19:29 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-03-19 19:29 - 2020-03-19 19:29 - 002307584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2020-03-19 19:29 - 2020-03-19 19:29 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-03-19 19:29 - 2020-03-19 19:29 - 002021888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2020-03-19 19:29 - 2020-03-19 19:29 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2020-03-19 19:29 - 2020-03-19 19:29 - 001729024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-03-19 19:29 - 2020-03-19 19:29 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-03-19 19:29 - 2020-03-19 19:29 - 001688064 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2020-03-19 19:29 - 2020-03-19 19:29 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-03-19 19:29 - 2020-03-19 19:29 - 001484600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2020-03-19 19:29 - 2020-03-19 19:29 - 001412096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2020-03-19 19:29 - 2020-03-19 19:29 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpsharercom.dll
2020-03-19 19:29 - 2020-03-19 19:29 - 001097728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-03-19 19:29 - 2020-03-19 19:29 - 001054376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2020-03-19 19:29 - 2020-03-19 19:29 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2020-03-19 19:29 - 2020-03-19 19:29 - 000814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2020-03-19 19:29 - 2020-03-19 19:29 - 000776488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2020-03-19 19:29 - 2020-03-19 19:29 - 000734720 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpksetup.exe
2020-03-19 19:29 - 2020-03-19 19:29 - 000680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2020-03-19 19:29 - 2020-03-19 19:29 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-03-19 19:29 - 2020-03-19 19:29 - 000627216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2020-03-19 19:29 - 2020-03-19 19:29 - 000613888 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2020-03-19 19:29 - 2020-03-19 19:29 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2020-03-19 19:29 - 2020-03-19 19:29 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-03-19 19:29 - 2020-03-19 19:29 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2020-03-19 19:29 - 2020-03-19 19:29 - 000551824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxs.dll
2020-03-19 19:29 - 2020-03-19 19:29 - 000526848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2020-03-19 19:29 - 2020-03-19 19:29 - 000518656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2020-03-19 19:29 - 2020-03-19 19:29 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprdim.dll
2020-03-19 19:29 - 2020-03-19 19:29 - 000478792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2020-03-19 19:29 - 2020-03-19 19:29 - 000443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2020-03-19 19:29 - 2020-03-19 19:29 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2020-03-19 19:29 - 2020-03-19 19:29 - 000382976 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2020-03-19 19:29 - 2020-03-19 19:29 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2020-03-19 19:29 - 2020-03-19 19:29 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-03-19 19:29 - 2020-03-19 19:29 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2020-03-19 19:29 - 2020-03-19 19:29 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-03-19 19:29 - 2020-03-19 19:29 - 000291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2020-03-19 19:29 - 2020-03-19 19:29 - 000287232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcomapi.dll
2020-03-19 19:29 - 2020-03-19 19:29 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-03-19 19:29 - 2020-03-19 19:29 - 000279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2020-03-19 19:29 - 2020-03-19 19:29 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2020-03-19 19:29 - 2020-03-19 19:29 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll
2020-03-19 19:29 - 2020-03-19 19:29 - 000226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2020-03-19 19:29 - 2020-03-19 19:29 - 000213984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2020-03-19 19:29 - 2020-03-19 19:29 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-03-19 19:29 - 2020-03-19 19:29 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndiswan.sys
2020-03-19 19:29 - 2020-03-19 19:29 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2020-03-19 19:29 - 2020-03-19 19:29 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2020-03-19 19:29 - 2020-03-19 19:29 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-03-19 19:29 - 2020-03-19 19:29 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2020-03-19 19:29 - 2020-03-19 19:29 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtm.dll
2020-03-19 19:29 - 2020-03-19 19:29 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeHelper.dll
2020-03-19 19:29 - 2020-03-19 19:29 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-03-19 19:29 - 2020-03-19 19:29 - 000146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceUpdateAgent.dll
2020-03-19 19:29 - 2020-03-19 19:29 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAuto.dll
2020-03-19 19:29 - 2020-03-19 19:29 - 000137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnpclean.dll
2020-03-19 19:29 - 2020-03-19 19:29 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NdisImPlatform.sys
2020-03-19 19:29 - 2020-03-19 19:29 - 000133944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2020-03-19 19:29 - 2020-03-19 19:29 - 000114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2020-03-19 19:29 - 2020-03-19 19:29 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-03-19 19:29 - 2020-03-19 19:29 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll
2020-03-19 19:29 - 2020-03-19 19:29 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GraphicsCapture.dll
2020-03-19 19:29 - 2020-03-19 19:29 - 000102760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profapi.dll
2020-03-19 19:29 - 2020-03-19 19:29 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2020-03-19 19:29 - 2020-03-19 19:29 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2020-03-19 19:29 - 2020-03-19 19:29 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3api.dll
2020-03-19 19:29 - 2020-03-19 19:29 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3msm.dll
2020-03-19 19:29 - 2020-03-19 19:29 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpremove.exe
2020-03-19 19:29 - 2020-03-19 19:29 - 000068408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceReactivation.dll
2020-03-19 19:29 - 2020-03-19 19:29 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManMigrationPlugin.dll
2020-03-19 19:29 - 2020-03-19 19:29 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmRes.dll
2020-03-19 19:29 - 2020-03-19 19:29 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-03-19 19:29 - 2020-03-19 19:29 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstUI.exe
2020-03-19 19:29 - 2020-03-19 19:29 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2020-03-19 19:29 - 2020-03-19 19:29 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-03-19 19:29 - 2020-03-19 19:29 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2020-03-19 19:29 - 2020-03-19 19:29 - 000042336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbs.dll
2020-03-19 19:29 - 2020-03-19 19:29 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afunix.sys
2020-03-19 19:29 - 2020-03-19 19:29 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmprovhost.exe
2020-03-19 19:29 - 2020-03-19 19:29 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2020-03-19 19:29 - 2020-03-19 19:29 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2020-03-19 19:29 - 2020-03-19 19:29 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxstrace.exe
2020-03-19 19:29 - 2020-03-19 19:29 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll
2020-03-19 19:29 - 2020-03-19 19:29 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAgent.dll
2020-03-19 19:29 - 2020-03-19 19:29 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msauserext.dll
2020-03-19 19:29 - 2020-03-19 19:29 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll
2020-03-19 19:29 - 2020-03-19 19:29 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\MUILanguageCleanup.dll
2020-03-19 19:29 - 2020-03-19 19:29 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\LangCleanupSysprepAction.dll
2020-03-19 19:29 - 2020-03-19 19:29 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmplpxy.dll
2020-03-19 19:29 - 2020-03-19 19:29 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtprio.dll
2020-03-19 19:29 - 2020-03-19 19:29 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpksetupproxyserv.dll
2020-03-19 19:29 - 2020-03-19 19:29 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCertResources.dll
2020-03-19 19:28 - 2020-03-19 19:28 - 009930552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-03-19 19:28 - 2020-03-19 19:28 - 007604584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-03-19 19:28 - 2020-03-19 19:28 - 007263992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-03-19 19:28 - 2020-03-19 19:28 - 006436352 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-03-19 19:28 - 2020-03-19 19:28 - 006168064 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-03-19 19:28 - 2020-03-19 19:28 - 004898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2020-03-19 19:28 - 2020-03-19 19:28 - 004563416 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-03-19 19:28 - 2020-03-19 19:28 - 004140544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2020-03-19 19:28 - 2020-03-19 19:28 - 004048896 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2020-03-19 19:28 - 2020-03-19 19:28 - 003799552 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-03-19 19:28 - 2020-03-19 19:28 - 003728896 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-03-19 19:28 - 2020-03-19 19:28 - 003552768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2020-03-19 19:28 - 2020-03-19 19:28 - 003371720 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-03-19 19:28 - 2020-03-19 19:28 - 002986808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-03-19 19:28 - 2020-03-19 19:28 - 002768440 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-03-19 19:28 - 2020-03-19 19:28 - 002698040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2020-03-19 19:28 - 2020-03-19 19:28 - 002087376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-03-19 19:28 - 2020-03-19 19:28 - 001999952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-03-19 19:28 - 2020-03-19 19:28 - 001972536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2020-03-19 19:28 - 2020-03-19 19:28 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-03-19 19:28 - 2020-03-19 19:28 - 001823232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2020-03-19 19:28 - 2020-03-19 19:28 - 001757304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-03-19 19:28 - 2020-03-19 19:28 - 001743888 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-03-19 19:28 - 2020-03-19 19:28 - 001657120 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-03-19 19:28 - 2020-03-19 19:28 - 001647072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-03-19 19:28 - 2020-03-19 19:28 - 001609216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2020-03-19 19:28 - 2020-03-19 19:28 - 001513040 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2020-03-19 19:28 - 2020-03-19 19:28 - 001482040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2020-03-19 19:28 - 2020-03-19 19:28 - 001480192 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-03-19 19:28 - 2020-03-19 19:28 - 001396152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2020-03-19 19:28 - 2020-03-19 19:28 - 001394168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-03-19 19:28 - 2020-03-19 19:28 - 001366128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-03-19 19:28 - 2020-03-19 19:28 - 001354080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2020-03-19 19:28 - 2020-03-19 19:28 - 001260480 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-03-19 19:28 - 2020-03-19 19:28 - 001182448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2020-03-19 19:28 - 2020-03-19 19:28 - 001153024 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowsperformancerecordercontrol.dll
2020-03-19 19:28 - 2020-03-19 19:28 - 001091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2020-03-19 19:28 - 2020-03-19 19:28 - 001083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-03-19 19:28 - 2020-03-19 19:28 - 001071184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2020-03-19 19:28 - 2020-03-19 19:28 - 001032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2020-03-19 19:28 - 2020-03-19 19:28 - 000988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\refsutil.exe
2020-03-19 19:28 - 2020-03-19 19:28 - 000983896 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2020-03-19 19:28 - 2020-03-19 19:28 - 000974848 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2020-03-19 19:28 - 2020-03-19 19:28 - 000929144 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2020-03-19 19:28 - 2020-03-19 19:28 - 000921088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-03-19 19:28 - 2020-03-19 19:28 - 000898048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-03-19 19:28 - 2020-03-19 19:28 - 000877232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-03-19 19:28 - 2020-03-19 19:28 - 000845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2020-03-19 19:28 - 2020-03-19 19:28 - 000838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2020-03-19 19:28 - 2020-03-19 19:28 - 000796904 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2020-03-19 19:28 - 2020-03-19 19:28 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2020-03-19 19:28 - 2020-03-19 19:28 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2020-03-19 19:28 - 2020-03-19 19:28 - 000741392 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2020-03-19 19:28 - 2020-03-19 19:28 - 000678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2020-03-19 19:28 - 2020-03-19 19:28 - 000661816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2020-03-19 19:28 - 2020-03-19 19:28 - 000638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2020-03-19 19:28 - 2020-03-19 19:28 - 000636848 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxs.dll
2020-03-19 19:28 - 2020-03-19 19:28 - 000605896 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2020-03-19 19:28 - 2020-03-19 19:28 - 000605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-03-19 19:28 - 2020-03-19 19:28 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2020-03-19 19:28 - 2020-03-19 19:28 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2020-03-19 19:28 - 2020-03-19 19:28 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll
2020-03-19 19:28 - 2020-03-19 19:28 - 000561464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2020-03-19 19:28 - 2020-03-19 19:28 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-03-19 19:28 - 2020-03-19 19:28 - 000535552 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-03-19 19:28 - 2020-03-19 19:28 - 000522384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2020-03-19 19:28 - 2020-03-19 19:28 - 000489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2020-03-19 19:28 - 2020-03-19 19:28 - 000477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-03-19 19:28 - 2020-03-19 19:28 - 000460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe
2020-03-19 19:28 - 2020-03-19 19:28 - 000459688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2020-03-19 19:28 - 2020-03-19 19:28 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2020-03-19 19:28 - 2020-03-19 19:28 - 000457016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2020-03-19 19:28 - 2020-03-19 19:28 - 000448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2020-03-19 19:28 - 2020-03-19 19:28 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-03-19 19:28 - 2020-03-19 19:28 - 000353960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2020-03-19 19:28 - 2020-03-19 19:28 - 000330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2020-03-19 19:28 - 2020-03-19 19:28 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2020-03-19 19:28 - 2020-03-19 19:28 - 000320312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-03-19 19:28 - 2020-03-19 19:28 - 000309248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2020-03-19 19:28 - 2020-03-19 19:28 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2020-03-19 19:28 - 2020-03-19 19:28 - 000263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnservice.dll
2020-03-19 19:28 - 2020-03-19 19:28 - 000260920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2020-03-19 19:28 - 2020-03-19 19:28 - 000258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2020-03-19 19:28 - 2020-03-19 19:28 - 000248064 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-03-19 19:28 - 2020-03-19 19:28 - 000234984 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2020-03-19 19:28 - 2020-03-19 19:28 - 000221200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-03-19 19:28 - 2020-03-19 19:28 - 000201744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2020-03-19 19:28 - 2020-03-19 19:28 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2020-03-19 19:28 - 2020-03-19 19:28 - 000165504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-03-19 19:28 - 2020-03-19 19:28 - 000164776 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2020-03-19 19:28 - 2020-03-19 19:28 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceMetadataRetrievalClient.dll
2020-03-19 19:28 - 2020-03-19 19:28 - 000133256 _____ (Microsoft Corporation) C:\WINDOWS\system32\profapi.dll
2020-03-19 19:28 - 2020-03-19 19:28 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-03-19 19:28 - 2020-03-19 19:28 - 000120048 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2020-03-19 19:28 - 2020-03-19 19:28 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Taskbar.dll
2020-03-19 19:28 - 2020-03-19 19:28 - 000107832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-03-19 19:28 - 2020-03-19 19:28 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-03-19 19:28 - 2020-03-19 19:28 - 000098104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys
2020-03-19 19:28 - 2020-03-19 19:28 - 000089616 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll
2020-03-19 19:28 - 2020-03-19 19:28 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-03-19 19:28 - 2020-03-19 19:28 - 000063288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
2020-03-19 19:28 - 2020-03-19 19:28 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-03-19 19:28 - 2020-03-19 19:28 - 000056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2020-03-19 19:28 - 2020-03-19 19:28 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-03-19 19:28 - 2020-03-19 19:28 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2020-03-19 19:28 - 2020-03-19 19:28 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxstrace.exe
2020-03-19 19:28 - 2020-03-19 19:28 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wci.dll
2020-03-19 19:28 - 2020-03-19 19:28 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\pacjsworker.exe
2020-03-19 19:28 - 2020-03-19 19:28 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchTM.exe
2020-03-19 19:28 - 2020-03-19 19:28 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-03-19 19:28 - 2020-03-19 19:28 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2020-03-19 19:28 - 2020-03-19 19:28 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tier2punctuations.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 007905784 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 004622280 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2020-03-19 19:27 - 2020-03-19 19:27 - 004471296 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 003708928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 003587896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-03-19 19:27 - 2020-03-19 19:27 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 003260928 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 003143168 _____ (Microsoft Corporation) C:\WINDOWS\system32\directml.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 002870272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 002808832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 002715648 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-03-19 19:27 - 2020-03-19 19:27 - 002522112 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 002474496 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 002453504 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 002289152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 002157056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 001885184 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 001764336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 001581056 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 001481216 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpsharercom.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 001180160 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-03-19 19:27 - 2020-03-19 19:27 - 001092096 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 001027000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 000945384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 000914944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 000908504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-03-19 19:27 - 2020-03-19 19:27 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 000851968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-03-19 19:27 - 2020-03-19 19:27 - 000833616 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 000802304 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 000782848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 000749568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 000649728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 000642216 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 000637240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2020-03-19 19:27 - 2020-03-19 19:27 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2020-03-19 19:27 - 2020-03-19 19:27 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-03-19 19:27 - 2020-03-19 19:27 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountExtension.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 000429880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2020-03-19 19:27 - 2020-03-19 19:27 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-03-19 19:27 - 2020-03-19 19:27 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 000379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 000338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 000337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Acx01000.sys
2020-03-19 19:27 - 2020-03-19 19:27 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 000291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 000282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountCloudAP.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\netman.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 000259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 000250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2020-03-19 19:27 - 2020-03-19 19:27 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-03-19 19:27 - 2020-03-19 19:27 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\TetheringMgr.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 000180232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2020-03-19 19:27 - 2020-03-19 19:27 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAuto.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 000146712 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\GraphicsCapture.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 000141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\TelephonyInteractiveUser.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 000131896 _____ (Microsoft Corporation) C:\WINDOWS\system32\DTUHandler.exe
2020-03-19 19:27 - 2020-03-19 19:27 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 000128312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2020-03-19 19:27 - 2020-03-19 19:27 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3msm.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3api.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2020-03-19 19:27 - 2020-03-19 19:27 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2020-03-19 19:27 - 2020-03-19 19:27 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 000067112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 000066336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlrmdr.exe
2020-03-19 19:27 - 2020-03-19 19:27 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmRes.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 000054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAProfileNotificationHandler.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 000048256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbs.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmprovhost.exe
2020-03-19 19:27 - 2020-03-19 19:27 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\cellulardatacapabilityhandler.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2020-03-19 19:27 - 2020-03-19 19:27 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAgent.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 000029712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tbs.sys
2020-03-19 19:27 - 2020-03-19 19:27 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilotdiag.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpnotify.exe
2020-03-19 19:27 - 2020-03-19 19:27 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmplpxy.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCertResources.dll
2020-03-19 19:27 - 2020-03-19 19:27 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\TelephonyInteractiveUserRes.dll
2020-03-19 19:26 - 2020-03-19 19:26 - 001762304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2020-03-19 19:26 - 2020-03-19 19:26 - 001428992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2020-03-19 19:26 - 2020-03-19 19:26 - 000878080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2020-03-19 19:26 - 2020-03-19 19:26 - 000531768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2020-03-19 19:26 - 2020-03-19 19:26 - 000355000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2020-03-19 19:26 - 2020-03-19 19:26 - 000250896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2020-03-19 19:26 - 2020-03-19 19:26 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthA2dp.sys
2020-03-19 19:26 - 2020-03-19 19:26 - 000224056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2020-03-19 19:26 - 2020-03-19 19:26 - 000222520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ataport.sys
2020-03-19 19:26 - 2020-03-19 19:26 - 000208696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2020-03-19 19:26 - 2020-03-19 19:26 - 000201528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2020-03-19 19:26 - 2020-03-19 19:26 - 000199992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2020-03-19 19:26 - 2020-03-19 19:26 - 000183608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2020-03-19 19:26 - 2020-03-19 19:26 - 000174392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2020-03-19 19:26 - 2020-03-19 19:26 - 000151568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2020-03-19 19:26 - 2020-03-19 19:26 - 000141840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2020-03-19 19:26 - 2020-03-19 19:26 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2020-03-19 19:26 - 2020-03-19 19:26 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2020-03-19 19:26 - 2020-03-19 19:26 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2020-03-19 19:26 - 2020-03-19 19:26 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2020-03-19 19:26 - 2020-03-19 19:26 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2020-03-19 19:26 - 2020-03-19 19:26 - 000069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\monitor.sys
2020-03-19 19:26 - 2020-03-19 19:26 - 000056632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pciidex.sys
2020-03-19 19:26 - 2020-03-19 19:26 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthMini.SYS
2020-03-19 19:26 - 2020-03-19 19:26 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys
2020-03-19 19:26 - 2020-03-19 19:26 - 000030008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\atapi.sys
2020-03-19 19:26 - 2020-03-19 19:26 - 000028936 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmbuspipe.dll
2020-03-19 19:26 - 2020-03-19 19:26 - 000019984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelide.sys
2020-03-19 19:26 - 2020-03-19 19:26 - 000016912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pciide.sys
2020-03-19 19:16 - 2020-02-11 12:48 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-03-19 19:16 - 2020-02-11 12:37 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-04-13 21:59 - 2019-11-10 17:46 - 000000000 ____D C:\Users\Joan D
2020-04-13 21:58 - 2019-12-24 19:52 - 000000000 ____D C:\Users\Joan D\AppData\Roaming\uTorrent
2020-04-13 21:54 - 2019-11-10 16:31 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2020-04-13 21:54 - 2019-03-19 12:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2020-04-13 21:50 - 2019-03-19 12:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-04-13 21:41 - 2019-11-10 17:51 - 000795992 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-04-13 21:41 - 2019-03-19 12:50 - 000000000 ____D C:\WINDOWS\INF
2020-04-13 21:37 - 2019-11-10 17:50 - 000003746 _____ C:\WINDOWS\system32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474
2020-04-13 21:37 - 2019-11-10 17:50 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-04-13 21:37 - 2018-10-16 05:11 - 000000000 __SHD C:\Users\Joan D\IntelGraphicsProfiles
2020-04-13 21:37 - 2018-10-16 04:34 - 000000000 ____D C:\ProgramData\NVIDIA
2020-04-13 21:36 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2020-04-13 21:36 - 2019-03-19 12:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-04-13 21:21 - 2019-12-14 20:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deluge
2020-04-13 21:11 - 2019-12-25 05:56 - 000004164 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{7E6C75A3-29F3-45F8-9425-2164002BF546}
2020-04-13 21:11 - 2019-11-10 16:31 - 000998296 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys
2020-04-13 21:11 - 2019-11-10 16:31 - 000251800 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klflt.sys
2020-04-13 21:11 - 2019-11-08 10:01 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-04-13 21:11 - 2019-11-08 10:01 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-04-13 21:11 - 2019-11-08 10:01 - 000002262 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-04-13 21:11 - 2019-03-19 02:31 - 000232344 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\kneps.sys
2020-04-13 21:11 - 2019-03-19 02:01 - 000079768 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klbackupdisk.sys
2020-04-13 21:11 - 2019-03-18 02:11 - 000079760 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klkbdflt.sys
2020-04-03 11:45 - 2019-11-10 17:50 - 000000000 ____D C:\Users\Joan D\AppData\Roaming\Adobe
2020-04-03 11:35 - 2019-11-10 17:45 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-03-22 21:27 - 2019-11-10 17:50 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-811551876-702764072-789382278-1001
2020-03-22 21:27 - 2019-11-10 17:46 - 000002364 _____ C:\Users\Joan D\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-03-22 21:27 - 2018-10-16 05:13 - 000000000 ___RD C:\Users\Joan D\OneDrive
2020-03-21 19:09 - 2019-11-10 17:45 - 000540376 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-03-21 19:09 - 2018-10-16 05:12 - 000000000 ___RD C:\Users\Joan D\3D Objects
2020-03-21 19:09 - 2018-10-16 04:21 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-03-21 19:08 - 2019-03-19 12:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2020-03-21 19:08 - 2019-03-19 12:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-03-21 19:08 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2020-03-21 19:08 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-03-21 19:08 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-03-21 19:08 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2020-03-21 19:08 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\system32\setup
2020-03-21 19:08 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-03-21 19:08 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-03-21 19:08 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-03-21 19:08 - 2019-03-19 12:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-03-21 19:08 - 2019-03-19 12:52 - 000000000 ____D C:\Program Files\Windows Defender
2020-03-21 19:08 - 2019-03-19 12:37 - 000000000 ____D C:\WINDOWS\servicing
2020-03-21 19:03 - 2019-11-10 18:59 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-03-21 18:54 - 2019-11-10 17:50 - 000003420 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-03-21 18:54 - 2019-11-10 17:50 - 000003296 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-03-21 18:53 - 2019-11-09 23:24 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-03-19 19:35 - 2019-11-09 23:23 - 121542864 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-03-19 19:35 - 2019-03-19 12:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-03-19 18:59 - 2018-10-16 05:12 - 000000000 ____D C:\Users\Joan D\AppData\Local\Packages
2020-03-16 07:54 - 2020-03-01 08:40 - 000000000 ____D C:\Users\Joan D\AppData\Roaming\HpUpdate
==================== Files in the root of some directories ========
2020-02-01 15:37 - 2020-02-01 15:37 - 000000132 _____ () C:\Users\Joan D\AppData\Roaming\Adobe PNG Format CS5 Prefs
2019-12-24 19:52 - 2018-08-07 01:30 - 000399224 _____ (BitTorrent, Inc.) C:\Users\Joan D\AppData\Roaming\utorrent_2.2.1.exe
2019-12-25 06:44 - 2019-12-25 06:44 - 000000697 _____ () C:\Users\Joan D\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-04-2020
Ran by Joan D (13-04-2020 21:59:06)
Running from D:\Downloads
Windows 10 Home Single Language Version 1909 18363.720 (X64) (2019-11-10 09:50:31)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-811551876-702764072-789382278-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-811551876-702764072-789382278-503 - Limited - Disabled)
Guest (S-1-5-21-811551876-702764072-789382278-501 - Limited - Disabled)
Joan D (S-1-5-21-811551876-702764072-789382278-1001 - Administrator - Enabled) => C:\Users\Joan D
WDAGUtilityAccount (S-1-5-21-811551876-702764072-789382278-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Anti-Virus (Enabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8}
AS: Kaspersky Anti-Virus (Enabled - Up to date) {B1D2E896-6D96-7460-F17A-838B9D00DD65}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ĀµTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1 - )
ASUS Hello (HKLM-x32\...\{D8CE1923-92A9-4036-817E-9E0D8AA2169B}) (Version: 1.1.4.0 - ASUSTeK COMPUTER INC.)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.8.11 - ICEpower a/s)
Big Fish: Game Manager (HKLM-x32\...\BFGC) (Version: 3.3.0.2 - )
Bing Bar (HKLM-x32\...\{3611CA6C-5FCA-4900-A329-6A118123CCFC}) (Version: 7.1.355.0 - Microsoft Corporation)
Boris Graffiti for Corel (HKLM-x32\...\{02E12A07-1BB9-44D6-A480-4EA42DB9E122}) (Version: 5.40.0700 - Boris FX, Inc.) Hidden
Boris Graffiti for Corel (HKLM-x32\...\{48A00644-2D97-43B5-A614-603DECF3E5F6}) (Version: 5.40.0700 - Boris FX, Inc.)
Chk-Back v2.0 (HKLM-x32\...\{916DBF3C-7AA5-4679-AA58-3D6C166BDAAF}) (Version: 2.1.2 - TRC Data Recovery Ltd)
Contents64 (HKLM\...\{8E703425-B2D6-4F89-8D1C-3F813A650512}) (Version:  - Corel Corporation) Hidden
Corel Update Manager (HKLM\...\{ACD6A26E-7577-4940-8314-AB194BEC2BE8}) (Version: 2.11.552 - Corel corporation) Hidden
Corel VideoStudio Ultimate 2019 (HKLM-x32\...\_{6977EA21-B247-44A1-94C8-9CCB6BDF87D2}) (Version: 22.3.0.433 - Corel Corporation)
eBIRForms version v7.5 (HKLM-x32\...\eBIRForms_is1) (Version: v7.5 - )
Fashion Fits! (HKLM-x32\...\BFG-Fashion Fits!) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.163 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
HP Deskjet Ink Adv 2060 K110 Basic Device Software (HKLM\...\{8A3C3FD1-25E6-45D5-B1A6-6A5174A2D012}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Deskjet Ink Adv 2060 K110 Help (HKLM-x32\...\{261A4762-744B-4C71-81D2-57FA5038DC7B}) (Version: 140.0.2.2 - Hewlett Packard)
HP Deskjet Ink Adv 2060 K110 Product Improvement Study (HKLM\...\{A1E09AC1-2DE6-4513-AD55-0A02D6BBEF8D}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
ICA (HKLM-x32\...\{6977EA21-B247-44A1-94C8-9CCB6BDF87D2}) (Version:  - Corel Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{55d73ea7-6354-42db-8831-02d048ae57f8}) (Version: 10.1.17541.8066 - Intel® Corporation) Hidden
Intel® Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.3.10208.5644 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1069 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 23.20.16.5017 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.0.2.1086 - Intel Corporation)
Intel® Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1725.1 - Intel Corporation)
Intel® Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.49.166.0 - Intel Corporation) Hidden
Intel® Trusted Connect Services Client (HKLM-x32\...\{df682aff-4294-4ad1-aaa7-276931d5781f}) (Version: 1.49.166.0 - Intel Corporation) Hidden
Intel® PROSet/Wireless Software (HKLM-x32\...\{d5c53162-d8b4-4547-8a40-917a25c0172e}) (Version: 20.60.0 - Intel Corporation)
Internet Download Accelerator version 6.19.4 (HKLM-x32\...\Internet Download Accelerator_is1) (Version: 6.19.4 - WestByte)
IPM_VS_Pro64 (HKLM\...\{F604BD6C-4ABD-4023-9917-555001D6CBC7}) (Version: 22.0 - Corel Corporation) Hidden
Kaspersky Anti-Virus (HKLM-x32\...\{D891550B-ACFE-4797-B368-BCFC434BBEB1}) (Version: 20.0.14.1085 - Kaspersky) Hidden
Kaspersky Anti-Virus (HKLM-x32\...\InstallWIX_{D891550B-ACFE-4797-B368-BCFC434BBEB1}) (Version: 20.0.14.1085 - Kaspersky)
Kaspersky Secure Connection (HKLM-x32\...\{145AE349-477A-45E5-A57C-5F5BF2BB5775}) (Version: 20.0.14.1085 - Kaspersky) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{145AE349-477A-45E5-A57C-5F5BF2BB5775}) (Version: 20.0.14.1085 - Kaspersky)
K-Lite Codec Pack 15.2.6 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 15.2.6 - KLCP)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.12527.20278 - Microsoft Corporation)
Microsoft Office Professional 2019 - en-us (HKLM\...\Professional2019Retail - en-us) (Version: 16.0.12527.20278 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-811551876-702764072-789382278-1001\...\OneDriveSetup.exe) (Version: 19.232.1124.0010 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
MultiCam Capture Lite (HKLM\...\{0E4CA68C-72C3-4B01-AE33-8854AC00D17B}) (Version: 1.1.4.10465 - Corel Corporation)
NVIDIA Graphics Driver 398.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 398.35 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12527.20278 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12527.20278 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12527.20278 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.12527.20278 - Microsoft Corporation) Hidden
Setup (HKLM-x32\...\{27016FDD-368B-4627-92EB-1EDC0FF3690C}) (Version:  - Corel Corporation) Hidden
Share64 (HKLM\...\{338B419B-0EB9-429B-B6EB-A39E4E47B2BB}) (Version:  - Corel Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{3BAE4496-6F6C-4330-A8AA-B93D3D346FA5}) (Version: 2.53.0.0 - Microsoft Corporation)
VSClassic64 (HKLM\...\{C51DBE68-FCB6-41C4-A679-E0DB2FB6974F}) (Version:  - Corel Corporation) Hidden
VSUltimate64 (HKLM\...\{16D33B9D-39AA-480C-B1D3-77E08C6917D4}) (Version:  - Corel Corporation) Hidden
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0-2) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
ASUS Keyboard Hotkeys -> C:\Program Files\WindowsApps\B9ECED6F.ASUSKeyboardHotkeys_1.0.6.0_x86__qmba6cd70vzyy [2018-10-16] (ASUSTeK COMPUTER INC.) [Startup Task]
AudioWizard -> C:\Program Files\WindowsApps\ICEpower.AudioWizard_1.2.23.0_x64__dxp88312j1fgj [2019-11-17] (ICEpower)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.23.7.0_x86__kgqvnymyfvs32 [2019-11-09] (king.com)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1630.7.0_x86__kgqvnymyfvs32 [2019-11-09] (king.com)
Dragon Mania Legends -> C:\Program Files\WindowsApps\A278AB0D.DragonManiaLegends_4.9.0.11_x86__h6adky7gbf63m [2019-11-09] (Gameloft.)
eManual -> C:\Program Files\WindowsApps\B9ECED6F.eManual_2.0.3.0_x86__qmba6cd70vzyy [2018-10-16] (ASUSTeK COMPUTER INC.)
Farm Heroes Saga -> C:\Program Files\WindowsApps\king.com.FarmHeroesSaga_5.27.9.0_x86__kgqvnymyfvs32 [2019-11-09] (king.com)
FarmVille 2: Country Escape -> C:\Program Files\WindowsApps\D52A8D61.FarmVille2CountryEscape_13.8.4823.0_x86__jwbwg6xx0377a [2019-11-09] (Zynga Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_105.1.623.0_x64__v10z8vjag6ke6 [2020-01-06] (HP Inc.)
Intel® Graphics Command Center -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.2285.0_x64__8j3eq9eme6ctt [2020-02-10] (INTEL CORP) [Startup Task]
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.2.0.0_x64__8j3eq9eme6ctt [2019-11-11] (INTEL CORP)
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.0.1.0_neutral__w1wdnht996qgy [2018-05-10] (LinkedIn)
Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11029.20108.0_x64__8wekyb3d8bbwe [2019-11-10] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1705.4.0_x86__8wekyb3d8bbwe [2018-05-10] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2019-11-10] (Microsoft Corporation) [MS Ad]
Microsoft Midi gm.dls -> C:\Program Files\WindowsApps\Microsoft.Midi.GmDls_1.0.1.0_neutral__8wekyb3d8bbwe [2019-11-08] (Microsoft Platform Extensions)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.2.11280.0_x86__8wekyb3d8bbwe [2019-11-10] (Microsoft Studios) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.25.20211.0_x64__8wekyb3d8bbwe [2019-11-10] (Microsoft Corporation) [MS Ad]
MyASUS -> C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_1.0.26.0_x64__qmba6cd70vzyy [2018-10-16] (ASUSTeK COMPUTER INC.) [Startup Task]
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.1.137.0_x64__dt26b99r8h8gj [2019-11-10] (Realtek Semiconductor Corp)
WPS Office 2019 -> C:\Program Files\WindowsApps\ZhuhaiKingsoftOfficeSoftw.WPSOffice2019_11.2.8335.0_x86__924xes6e8q1tw [2019-11-08] (Kingsoft Office Software Corporation Limited)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 20.0\x64\ShellEx.dll [2019-11-10] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-28] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-28] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 20.0\x64\ShellEx.dll [2019-11-10] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers4: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 20.0\x64\ShellEx.dll [2019-11-10] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-06-21] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 20.0\x64\ShellEx.dll [2019-11-10] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-28] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-28] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [msacm.dvacm_vspX11] => C:\Program Files\Corel\Corel VideoStudio 2019\DVACM.acm [23552 2019-01-31] (Corel TW Corp.) [File not signed]
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2019-11-10 18:16 - 2019-09-27 12:10 - 000225792 _____ () [File not signed] C:\Program Files (x86)\IDA\Plugins\videoserv.dll
2019-11-10 18:16 - 2016-03-16 16:58 - 000275456 _____ (WestByte) [File not signed] C:\Program Files (x86)\IDA\Plugins\advscheduler.dll
2019-11-10 18:16 - 2016-10-20 12:35 - 001070080 _____ (WestByte) [File not signed] C:\Program Files (x86)\IDA\Plugins\botmaster.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F [270]
AlternateDataStreams: C:\ProgramData\TEMP:31F2397C [195]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-04-12 07:38 - 2018-04-12 07:36 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\iCLS\;C:\Program Files\Intel\Intel® Management Engine Components\iCLS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT;C:\Program Files\Intel\Intel® Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-811551876-702764072-789382278-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Joan D\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKU\S-1-5-21-811551876-702764072-789382278-1001\...\StartupApproved\Run: => "firefox"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{955B6A1C-08B0-49D2-BA02-8892EA464632}] => (Block) %ProgramFiles%\Corel\Corel VideoStudio 2019\vstudio.exe No File
FirewallRules: [{9E27DA8E-934A-4699-863D-6D67917ED953}] => (Allow) C:\Users\Joan D\AppData\Local\Programs\Opera\64.0.3417.92\opera.exe No File
FirewallRules: [{88A08B48-EAF2-4ECA-8A75-6DA0A0DAFE34}] => (Allow) C:\Users\Joan D\AppData\Roaming\uTorrent\uTorrent.exe No File
FirewallRules: [{F9AEB169-EA1E-4FD5-B487-7AA3B232F377}] => (Allow) C:\Users\Joan D\AppData\Roaming\uTorrent\uTorrent.exe No File
FirewallRules: [{97647106-22FB-4B4F-828C-8838371300E6}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe No File
FirewallRules: [{0FFADFC6-A7A4-41AF-9D86-461C19E8B7B1}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe No File
FirewallRules: [{147145CF-9CF2-43BA-801D-1C5F35C838A7}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [{94090981-AD06-44A2-B850-F6BFBBC85E42}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{F45A1C1C-D239-413A-8A23-51F925045660}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe No File
FirewallRules: [UDP Query User{3FBA296D-5F89-440E-B889-A41865E7BAE1}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe No File
FirewallRules: [TCP Query User{C51881FC-C5D1-4893-A8BF-D29E8D06C98B}C:\program files (x86)\mirc\mirc.exe] => (Allow) C:\program files (x86)\mirc\mirc.exe No File
FirewallRules: [UDP Query User{9604D04C-F700-48EB-AE89-02E1D557512E}C:\program files (x86)\mirc\mirc.exe] => (Allow) C:\program files (x86)\mirc\mirc.exe No File
FirewallRules: [{68B1496A-BEEB-4EA7-A622-B993136B15D2}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [{583B606F-13DE-44DC-AC5A-9C9BB7A3768C}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [{F009FF51-C16F-455F-A4B8-E85D3286EFFC}] => (Allow) C:\Program Files\HP\HP Deskjet Ink Adv 2060 K110\Bin\USBSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{70EC8C6F-C334-419E-B801-B13E5ECBA84F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:120.32 GB) (Free:79.02 GB) (66%)
==================== Faulty Device Manager Devices ============
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: ========================
Application errors:
==================
Error: (04/13/2020 09:56:28 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (13664,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (04/13/2020 09:54:44 PM) (Source: MsiInstaller) (EventID: 11704) (User: NT AUTHORITY)
Description: Application: Kaspersky Secure Connection -- Error 1704. An installation for Kaspersky Anti-Virus is currently paused. Changes made by this installation will be canceled. Start the installation again after the process shutdown.<<1704>>
Error: (04/13/2020 09:47:25 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7860,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (04/13/2020 09:34:17 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7856,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (04/13/2020 09:21:02 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7628,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (04/13/2020 09:13:56 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress.
Error: (04/13/2020 09:13:56 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
Error: (04/03/2020 12:53:13 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7584,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
System errors:
=============
Error: (04/13/2020 09:54:45 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Type with the following error: 
Access is denied.
Error: (04/13/2020 09:12:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Kaspersky Anti-Virus NDIS 6 Filter service failed to start due to the following error: 
A device attached to the system is not functioning.
Error: (04/13/2020 09:12:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Kaspersky Anti-Virus NDIS 6 Filter service failed to start due to the following error: 
A device attached to the system is not functioning.
Error: (04/03/2020 11:13:51 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Kaspersky Anti-Virus NDIS 6 Filter service failed to start due to the following error: 
A device attached to the system is not functioning.
Error: (04/03/2020 11:13:46 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Kaspersky Anti-Virus NDIS 6 Filter service failed to start due to the following error: 
A device attached to the system is not functioning.
Error: (04/03/2020 11:13:41 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Kaspersky Anti-Virus NDIS 6 Filter service failed to start due to the following error: 
A device attached to the system is not functioning.
Error: (04/03/2020 11:13:36 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Kaspersky Anti-Virus NDIS 6 Filter service failed to start due to the following error: 
A device attached to the system is not functioning.
Error: (04/03/2020 11:13:31 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Kaspersky Anti-Virus NDIS 6 Filter service failed to start due to the following error: 
A device attached to the system is not functioning.
Windows Defender:
===================================
Date: 2020-01-17 19:43:01.464
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Behavior:Win32/Generic.ST!ml
ID: 2147739304
Severity: Severe
Category: Suspicious Behavior
Path: file:_C:\Users\Joan D\AppData\Local\Temp\Rar$EXa13524.29782\kg.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Windows\System32\svchost.exe
Security intelligence Version: AV: 1.307.2475.0, AS: 1.307.2475.0, NIS: 1.307.2475.0
Engine Version: AM: 1.1.16600.7, NIS: 1.1.16600.7
Date: 2020-01-17 06:51:34.506
Description: 
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.305.1783.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.16500.1
Error code: 0x80072ee7
Error description: The server name or address could not be resolved 
Date: 2020-01-17 06:51:34.505
Description: 
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.305.1783.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.16500.1
Error code: 0x80072ee7
Error description: The server name or address could not be resolved 
Date: 2020-01-17 06:51:34.505
Description: 
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.305.1783.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.16500.1
Error code: 0x80072ee7
Error description: The server name or address could not be resolved 
Date: 2020-01-17 06:51:34.492
Description: 
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.305.1783.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.16500.1
Error code: 0x80072ee7
Error description: The server name or address could not be resolved 
Date: 2020-01-17 06:51:34.491
Description: 
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.305.1783.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.16500.1
Error code: 0x80072ee7
Error description: The server name or address could not be resolved 
CodeIntegrity:
===================================
Date: 2020-04-13 21:39:13.858
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
Date: 2020-04-13 21:39:13.344
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
Date: 2020-04-13 21:39:13.289
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
Date: 2020-04-13 21:39:10.750
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
Date: 2020-04-13 21:39:10.721
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
Date: 2020-04-13 21:39:10.663
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
Date: 2020-04-13 21:29:20.423
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
Date: 2020-04-13 21:29:19.764
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
==================== Memory info =========================== 
BIOS: American Megatrends Inc. X330UN.300 09/07/2018
Motherboard: ASUSTeK COMPUTER INC. X330UN
Processor: Intel® Core™ i7-8550U CPU @ 1.80GHz
Percentage of memory in use: 54%
Total physical RAM: 8044.13 MB
Available physical RAM: 3637.93 MB
Total Virtual: 9324.13 MB
Available Virtual: 3930.4 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:120.32 GB) (Free:79.02 GB) NTFS
Drive d: (Backup) (Fixed) (Total:117.1 GB) (Free:20.53 GB) NTFS
\\?\Volume{36682966-1e80-4d27-bfd8-5eda2c478d0a}\ (RECOVERY) (Fixed) (Total:0.78 GB) (Free:0.33 GB) NTFS
\\?\Volume{300e2a0f-8863-4482-909f-6b97f5d83fcb}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 4285902D)
Partition: GPT.
==================== End of Addition.txt =======================

Comments

Popular Posts

System detected an overrun of a stack-based buffer in this application [FIX] - Windows Report

Valorant anti-cheat lead answers many questions on Reddit - Millenium US