Inactive Gremlins?

glhglh · Aug 9, 2019

When I was looking to see if there were updates on the Windows/Updates section, a scan ran for several hours with no no answer, just dots going across the screen.

Frst.txt:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 07-08-2019 02
Ran by garyh (administrator) on GLH-LENOVO (LENOVO 81CA) (09-08-2019 16:40:10)
Running from C:\Users\garyh\Desktop\2019 Viarus
Loaded Profiles: garyh (Available Profiles: garyh)
Platform: Windows 10 Pro Version 1903 18362.239 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
(Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\79.3.136\QtWebEngineProcess.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\79.3.136\QtWebEngineProcess.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e4737ed001bad0d9\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e4737ed001bad0d9\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e4737ed001bad0d9\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e4737ed001bad0d9\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_5061a185bda56841\RstMwService.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(LENOVO -> Lenovo) C:\Windows\System32\ymc.exe
(LENOVO INC) C:\Program Files\WindowsApps\E0469640.LenovoUtility_3.0.52.0_x64__5grkq8ppsgwt4\VFS\ProgramFilesX64\Lenovo\LenovoUtility\utility.exe
(LENOVO INC.) C:\Program Files\WindowsApps\E046963F.LenovoCompanion_4.27.32.0_x86__k1h2ywk1493x8\Lenovo.Discovery.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19062.451.0_x64__8wekyb3d8bbwe\YourPhone.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1907.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1907.4-0\NisSrv.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Piriform Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Piriform Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(PostgreSQL Global Development Group) [File not signed] C:\Program Files\PostgreSQL\9.3\bin\pg_ctl.exe
(PostgreSQL Global Development Group) [File not signed] C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) [File not signed] C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) [File not signed] C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) [File not signed] C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) [File not signed] C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) [File not signed] C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) [File not signed] C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Siber Systems -> Siber Systems Inc.) C:\Program Files (x86)\Siber Systems\AI RoboForm\rf-chrome-nm-host.exe
(Siber Systems -> Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.50.38.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.50.38.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(SweetLabs Inc. -> SweetLabs, Inc) C:\Users\garyh\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe
(TiVo Inc. -> TiVo Inc.) E:\Program Files (x86)\TiVo\Desktop\TiVoNotify.exe
(TiVo Inc. -> TiVo Inc.) E:\Program Files (x86)\TiVo\Desktop\TiVoServer.exe
(TiVo Inc. -> TiVo Inc.) E:\Program Files (x86)\TiVo\Desktop\TiVoTransfer.exe
(Wacom Technology Corp. -> Wacom Technology) C:\Program Files\Tablet\ISD\WacomHost.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\ISD\ISD_Tablet.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\ISD\ISD_TabletUser.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\ISD\WTabletServiceISD.exe
(Xerox Corporation -> Xerox Corporation) C:\Program Files\Xerox\XeroxPrintExperience\CommonFiles\XeroxPrintJobEventManagerService.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18389952 2018-08-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1505728 2018-08-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1505728 2018-08-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2314120 2009-06-01] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [DAX2_APP] => C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe [876032 2017-10-12] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [5782336 2019-08-08] (Dropbox, Inc -> Dropbox, Inc.)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-18] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-18] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-537854646-3490681162-3732722280-1001\...\Run: [Google Update] => C:\Users\garyh\AppData\Local\Google\Update\1.3.34.11\GoogleUpdateCore.exe [410920 2019-05-21] (Google Inc -> Google LLC)
HKU\S-1-5-21-537854646-3490681162-3732722280-1001\...\Run: [TivoServer] => E:\Program Files (x86)\TiVo\Desktop\TiVoServer.exe [2264336 2010-08-24] (TiVo Inc. -> TiVo Inc.)
HKU\S-1-5-21-537854646-3490681162-3732722280-1001\...\Run: [TivoTransfer] => E:\Program Files (x86)\TiVo\Desktop\TiVoTransfer.exe [608528 2010-08-24] (TiVo Inc. -> TiVo Inc.)
HKU\S-1-5-21-537854646-3490681162-3732722280-1001\...\Run: [TivoNotify] => E:\Program Files (x86)\TiVo\Desktop\TiVoNotify.exe [437520 2010-08-24] (TiVo Inc. -> TiVo Inc.)
HKU\S-1-5-21-537854646-3490681162-3732722280-1001\...\Run: [TranscodingService] => E:\Program Files (x86)\TiVo\Desktop\Plus\\TranscodingService.exe [856336 2010-08-24] (TiVo Inc. -> TiVo Inc.)
HKU\S-1-5-21-537854646-3490681162-3732722280-1001\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [145704 2019-07-22] (Siber Systems -> Siber Systems)
HKU\S-1-5-21-537854646-3490681162-3732722280-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\garyh\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-537854646-3490681162-3732722280-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\garyh\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-537854646-3490681162-3732722280-1001\...\RunOnce: [Uninstall 19.103.0527.0003\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\garyh\AppData\Local\Microsoft\OneDrive\19.103.0527.0003\amd64"
HKU\S-1-5-21-537854646-3490681162-3732722280-1001\...\RunOnce: [Uninstall 19.103.0527.0003] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\garyh\AppData\Local\Microsoft\OneDrive\19.103.0527.0003"
HKU\S-1-5-18\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18385368 2018-06-24] (Piriform Ltd -> Piriform Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\76.0.3809.100\Installer\chrmstp.exe [2019-08-09] (Google LLC -> Google LLC)
GroupPolicy: Restriction ? <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0D29F376-CBD4-45DB-B6C8-9AE1C93C9B2C} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [840744 2019-01-31] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {139E9E6A-C769-491E-A71D-8F8E631A1B62} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\b8103339-e1dd-4fac-8d69-d1529e733c69 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [76968 2019-04-24] (Lenovo -> Lenovo Group Ltd.)
Task: {15FA6DE2-61F7-45C2-AF4D-7E0D1EF0CAB4} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877096 2019-01-31] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2B5C2AF9-88CE-46C1-9D20-9A3E70C58507} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [13594584 2018-06-24] (Piriform Ltd -> Piriform Ltd)
Task: {2FB7F216-611C-4BB8-A3EA-AC8EC501BF2D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-21] (Google Inc -> Google Inc.)
Task: {2FDC3575-A06D-483C-B3CC-0CE4CCBED37D} - System32\Tasks\LenovoUtility Task => C:\Windows\explorer.exe lenovo-utility://
Task: {32B00489-A579-4609-B0C5-27D0EAEC610E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [469960 2019-07-22] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {32BBCF25-F63F-4E70-A882-71C4153FB106} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877096 2019-01-31] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {39002260-36C8-4344-A435-B12FA6106E54} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [840744 2019-01-31] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3985589D-8D09-4F1F-AA4E-E4925B61214C} - System32\Tasks\Xerox XeroxPrintExperience Printer Configuration - New or Changed => c:\program files\xerox\xeroxprintexperience\xeroxprintexperience\XeroxPrinterConfiguration.exe [301424 2018-06-04] (Xerox Corporation -> Xerox Corporation)
Task: {3F2E05BD-C940-4946-A583-228080C2D051} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\8bb81e97-b5ff-408b-8638-14123abb098b => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [76968 2019-04-24] (Lenovo -> Lenovo Group Ltd.)
Task: {4D1EE331-FD2F-41E6-984C-17885818CB27} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe [2314120 2009-06-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {4FFF97FB-9108-47EC-BA9D-FA6A2E182ADB} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-537854646-3490681162-3732722280-1001 => C:\Users\garyh\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [122344 2019-04-04] (Lenovo (Beijing) Limited -> Lenovo Group Limited)
Task: {51FB1A19-6B34-427A-9CA5-BD375CB7AC9E} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877096 2019-01-31] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {617DE75C-5C51-44D7-8500-B441A55CE06B} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [790568 2019-01-31] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {65B58E11-0670-490A-B107-8A881F91BE40} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-06] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {6A816CF0-B93B-4DB6-BF83-1628A94B76EC} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-08-20] (Dropbox, Inc -> Dropbox, Inc.)
Task: {6B0B1E9F-AC50-4376-BE68-CF20EFF527B0} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2049928 2019-08-08] (AVAST Software s.r.o. -> AVAST Software)
Task: {6C267B77-7E68-4290-8598-B660E5B6680D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [469960 2019-07-22] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6EE262FD-2F23-483D-B58E-4739DF7EA262} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1236048 2019-07-24] (Adobe Inc. -> Adobe Systems)
Task: {7759977E-6FB8-46D9-B201-728A1233FD1B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.)
Task: {8BC955FA-109F-4130-B16F-944620109397} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3724328 2019-01-31] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8EEB3993-9DEA-4B61-92CD-73533F05484D} - System32\Tasks\Xerox XeroxPrintExperience Printer Configuration - Periodic Refresh => c:\program files\xerox\xeroxprintexperience\xeroxprintexperience\XeroxPrinterConfiguration.exe [301424 2018-06-04] (Xerox Corporation -> Xerox Corporation)
Task: {96A09B52-DC07-49B6-9273-4EAB117156F3} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [702504 2019-01-31] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9844DE04-18CF-454D-9C4F-26C5A2F152E9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4519576 2019-08-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {98D41A97-A6C6-4A73-9868-42731491C9D8} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-537854646-3490681162-3732722280-1001Core => C:\Users\garyh\AppData\Local\Google\Update\GoogleUpdate.exe [154440 2018-08-25] (Google Inc -> Google Inc.)
Task: {9CC25BBA-B589-4EFC-94E0-08CAEFA855E3} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1447064 2019-08-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {A15C3104-E532-4FB4-A728-B1C7D54C6CB3} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [114736 2019-08-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {A2845CB3-6015-478B-954B-382A540E992E} - System32\Tasks\Xerox XeroxPrintExperience Printer Configuration - User Logon => c:\program files\xerox\xeroxprintexperience\xeroxprintexperience\XeroxPrinterConfiguration.exe [301424 2018-06-04] (Xerox Corporation -> Xerox Corporation)
Task: {A300E17E-9896-49DF-8F99-70725B2ADF37} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [790568 2019-01-31] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A477DB85-5E05-4569-B520-6DCE523182B8} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1447064 2019-08-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {B0E463F3-23C2-4575-ABE0-AAB57E2B047A} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [114736 2019-08-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {B2797234-519B-4F06-B46C-3D11D284550E} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\e8c73bbb-68ab-4428-a160-8af986a6ddb7 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [76968 2019-04-24] (Lenovo -> Lenovo Group Ltd.)
Task: {B3652E1B-33C9-4A7F-B6F0-80131552A2F9} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => %windir%\system32\sc.exe START ImControllerService
Task: {B37B0506-54A6-45C1-ACD4-A92AD6377939} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [469960 2019-07-22] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B4EFD5DD-A545-40CE-AFC7-FDAFCE053530} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-08-20] (Dropbox, Inc -> Dropbox, Inc.)
Task: {B7B38BA6-1C45-4105-ADDB-61F2BA6007C4} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {BD057C97-51FC-44BD-890E-E96EC8C706DE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4519576 2019-08-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {C633E410-9EE6-4FD8-9143-EB6555EDF8EC} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [572456 2019-01-31] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C6C0D7DA-5D95-4FFC-8308-F6D215DFB183} - System32\Tasks\App Explorer => C:\Users\garyh\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [7399080 2019-06-03] (SweetLabs Inc. -> SweetLabs, Inc) <==== ATTENTION
Task: {CBF265DE-4723-49E8-B292-CCEEFA4BB6E6} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [145704 2019-07-22] (Siber Systems -> Siber Systems)
Task: {E09F334F-453C-471C-AB9A-2259CDE1FEF8} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877096 2019-01-31] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E5C78745-6F6E-4750-AF2D-1BB05F8FE3A7} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27351864 2019-07-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {E61A3CE2-DB5F-4C0A-8AA3-8CFA38C0512E} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [54440 2019-04-24] (Lenovo -> Lenovo Group Ltd.)
Task: {E72A21C9-5CF2-4FB8-8BB6-E408C1B7A791} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [469960 2019-07-22] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E780C4D8-33B7-4DAE-B934-FD7DAFF41532} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-21] (Google Inc -> Google Inc.)
Task: {F13EAFCD-7196-4E7E-84E8-D74A33E932E8} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1551488 2019-08-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {F1ACBB43-AAB9-41FB-A837-D8D00B4C1026} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27351864 2019-07-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {F41283A3-2E46-4553-B4E8-44D2DB8E7E50} - System32\Tasks\Open URL by RoboForm => C:\WINDOWS\system32\rundll32.exe url.dll,FileProtocolHandler "hxxps://www.roboform.com/test-pass.html?aaa=KICMPMLJKMMJPMJMOJMJCNJJMMLJJMCNLMIMNJPMCNGMOMKMHMCNKJJMMMKMHMOMNJNMLMKMIMKMJNJICMHMCNJMCNPMFMOMOMCNNMMMGMCNOMHMMMJMNMFMPMCNPMCNOMHMMMJMNMCNNMJNPICMOMFMEKMICNJJCKFMMMMMKMJNHICMEKMICNJJCKJNBJCMIJOJNIGIHJJNKJCMIJOJNIGIBNHJPLBJIII (the data entry has 84 more characters).
Task: {FB62F0D3-E3A1-4853-9520-C62AAE073DAD} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-537854646-3490681162-3732722280-1001UA => C:\Users\garyh\AppData\Local\Google\Update\GoogleUpdate.exe [154440 2018-08-25] (Google Inc -> Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{90fc3af7-4259-4ecd-8030-105fcf36942f}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{d32c5703-3c56-404d-9283-60998b816813}: [DhcpNameServer] 150.100.0.12

Internet Explorer:
==================
HKU\S-1-5-21-537854646-3490681162-3732722280-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.nytimes.com/?WT.z_jog=1&hF=f&vS=undefined
HKU\S-1-5-21-537854646-3490681162-3732722280-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-537854646-3490681162-3732722280-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
SearchScopes: HKU\S-1-5-21-537854646-3490681162-3732722280-1001 -> DefaultScope {3FC1CD64-83E9-4500-A920-817A7FE8F26A} URL =
SearchScopes: HKU\S-1-5-21-537854646-3490681162-3732722280-1001 -> {3FC1CD64-83E9-4500-A920-817A7FE8F26A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-07-03] (Microsoft Corporation -> Microsoft Corporation)
BHO: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2019-07-22] (Siber Systems -> Siber Systems Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-04-12] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2019-07-22] (Siber Systems -> Siber Systems Inc.)
Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2019-07-22] (Siber Systems -> Siber Systems Inc.)
Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2019-07-22] (Siber Systems -> Siber Systems Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-08-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-08-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-08-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-08-08] (Microsoft Corporation -> Microsoft Corporation)

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-537854646-3490681162-3732722280-1001 -> hxxp://www.nyt.com/
Edge Extension: (Grammarly for Microsoft Edge) -> EdgeExtension_GrammarlyGrammarlyforMicrosoftEdge_zee0y2571dhse => C:\Program Files\WindowsApps\Grammarly.GrammarlyforMicrosoftEdge_1.120.2309.0_neutral__zee0y2571dhse [2019-06-09]
Edge Extension: (RoboForm) -> EdgeExtension_SiberSystemsIncRoboFormEdge_7kk3kr9e0p1np => C:\Program Files\WindowsApps\SiberSystemsInc.RoboFormEdge_8.5.7.0_x86__7kk3kr9e0p1np [2019-06-22]

FireFox:
========
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-04-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-04-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-21] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-21] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-537854646-3490681162-3732722280-1001: @tools.google.com/Google Update;version=3 -> C:\Users\garyh\AppData\Local\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-21] (Google Inc -> Google LLC)
FF Plugin HKU\S-1-5-21-537854646-3490681162-3732722280-1001: @tools.google.com/Google Update;version=9 -> C:\Users\garyh\AppData\Local\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-21] (Google Inc -> Google LLC)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.nytimes.com/?action=click&region=TopBar&pgtype=&module=SectionsNav&version=BrowseTree&contentCollection=Home%20Page&t=qry762","hxxps://www.facebook.com/","hxxps://translate.google.com/?hl=en&tab=wT"
CHR Profile: C:\Users\garyh\AppData\Local\Google\Chrome\User Data\Default [2019-08-09]
CHR Extension: (Slides) - C:\Users\garyh\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-08-21]
CHR Extension: (Docs) - C:\Users\garyh\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-08-21]
CHR Extension: (Google Drive) - C:\Users\garyh\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-08-21]
CHR Extension: (WOT Web of Trust, Website Reputation Ratings) - C:\Users\garyh\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2019-06-09]
CHR Extension: (YouTube) - C:\Users\garyh\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-08-21]
CHR Extension: (Adobe Acrobat) - C:\Users\garyh\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-07-04]
CHR Extension: (Sheets) - C:\Users\garyh\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-08-21]
CHR Extension: (Google Docs Offline) - C:\Users\garyh\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-21]
CHR Extension: (Chrome Web Store Payments) - C:\Users\garyh\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-08-21]
CHR Extension: (Gmail) - C:\Users\garyh\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-07]
CHR Extension: (Chrome Media Router) - C:\Users\garyh\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-08-09]
CHR Extension: (RoboForm Password Manager) - C:\Users\garyh\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob [2019-08-09]
CHR HKLM\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2018-08-21]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2018-08-21]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [85304 2018-10-16] (Apple Inc. -> Apple Inc.)
R2 AtherosSvc; C:\WINDOWS\System32\drivers\AdminService.exe [406504 2018-08-01] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 becldr3Service; C:\Program Files\BCL Technologies\easyConverter SDK 3\Common\becldr.exe [263168 2013-07-03] () [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11469920 2019-07-26] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-08-20] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-08-20] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2019-08-08] (Dropbox, Inc -> Dropbox, Inc.)
R2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [197120 2018-07-20] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
S3 iaStorAfsService; C:\WINDOWS\System32\iaStorAfsService.exe [2789792 2018-08-28] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [76968 2019-04-24] (Lenovo -> Lenovo Group Ltd.)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe [775904 2018-09-14] (Intel(R) Trust Services -> Intel(R) Corporation)
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe [705760 2018-09-14] (Intel(R) Trust Services -> Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [218176 2018-11-16] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [790568 2019-01-31] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [790568 2019-01-31] (NVIDIA Corporation -> NVIDIA Corporation)
R2 postgresql-x64-9.3; C:\Program Files\PostgreSQL\9.3\bin\pg_ctl.exe [92672 2017-05-08] (PostgreSQL Global Development Group) [File not signed]
R2 RstMwService; C:\WINDOWS\System32\DriverStore\FileRepository\iastorac.inf_amd64_5061a185bda56841\RstMwService.exe [1970592 2018-08-28] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [268224 2018-08-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5773384 2019-07-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 TivoBeacon2; E:\Program Files (x86)\TiVo\Desktop\TiVoBeacon.exe [1104656 2010-08-24] (TiVo Inc. -> TiVo Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\NisSrv.exe [2552416 2019-07-22] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MsMpEng.exe [108832 2019-07-22] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WTabletServiceISD; C:\Program Files\Tablet\ISD\WTabletServiceISD.exe [1698896 2017-12-15] (Wacom Technology Corporation -> Wacom Technology, Corp.)
R2 XeroxPrintJobEventManagerService; C:\Program Files\Xerox\XeroxPrintExperience\CommonFiles\XeroxPrintJobEventManagerService.exe [325632 2018-06-04] (Xerox Corporation -> Xerox Corporation)
R2 YMC; C:\WINDOWS\system32\ymc.exe [75056 2017-10-15] (LENOVO -> Lenovo)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r

glhglh · Aug 9, 2019

FRST.txt 2.
===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 iaLPSS2_GPIO2; C:\WINDOWS\System32\drivers\iaLPSS2_GPIO2.sys [98864 2018-06-11] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R0 iaStorAC; C:\WINDOWS\System32\drivers\iaStorAC.sys [1094048 2018-08-28] (Intel(R) Rapid Storage Technology -> Intel Corporation)
S3 iaStorAfs; C:\WINDOWS\System32\drivers\iaStorAfs.sys [74656 2018-08-28] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvlt.inf_amd64_f842ce2b6d142e6c\nvlddmkm.sys [20489152 2019-03-26] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-01-16] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [70024 2018-10-02] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [66792 2018-10-04] (NVIDIA Corporation -> NVIDIA Corporation)
R1 RrNetCapFilterDriver; C:\WINDOWS\system32\DRIVERS\RrNetCapFilterDriver.sys [34608 2018-08-17] (Audials AG -> Audials AG)
R3 RSP2STOR; C:\WINDOWS\System32\drivers\RtsP2Stor.sys [338880 2018-07-04] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
S3 SPUVCbv; C:\WINDOWS\System32\Drivers\SPUVCbv64.sys [899672 2017-10-18] (SUNPLUS INNOVATION TECHNOLOGY INC. -> Sunplus Innovation Technology Inc.)
R3 tbhsd; C:\WINDOWS\system32\drivers\tbhsd.sys [57648 2018-08-17] (Audials AG -> RapidSolution Software AG)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2018-05-04] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
R3 WacHidRouterISD; C:\WINDOWS\system32\DRIVERS\wachidrouter_isd.sys [154704 2017-12-15] (Wacom Technology Corporation -> Wacom Technology, Corp.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [47496 2019-07-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [344288 2019-07-22] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54496 2019-07-22] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-08-09 16:40 - 2019-08-09 16:40 - 000000000 ____D C:\FRST
2019-08-09 16:34 - 2019-08-09 16:40 - 000000000 ____D C:\Users\garyh\Desktop\2019 Viarus
2019-08-09 16:25 - 2019-08-09 16:25 - 000000000 ____D C:\Users\garyh\AppData\LocalLow\Oracle
2019-08-09 16:17 - 2019-01-31 04:15 - 002741288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2019-08-09 16:17 - 2019-01-31 04:15 - 002124328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2019-08-09 16:17 - 2019-01-31 04:15 - 001323048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2019-08-09 16:17 - 2010-05-26 11:41 - 002401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
2019-08-09 16:17 - 2010-05-26 11:41 - 001998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2019-08-09 16:17 - 2010-05-26 11:41 - 000511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll
2019-08-09 16:17 - 2010-05-26 11:41 - 000470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
2019-08-09 16:17 - 2010-05-26 11:41 - 000276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2019-08-09 16:17 - 2010-05-26 11:41 - 000248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
2019-08-09 16:16 - 2018-12-19 18:03 - 000203576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2019-08-09 16:16 - 2018-12-19 18:03 - 000179512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2019-08-09 16:15 - 2019-03-26 22:41 - 000552136 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2019-08-09 16:15 - 2019-03-26 22:41 - 000457096 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2019-08-09 16:15 - 2019-03-26 22:40 - 004946520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2019-08-09 16:15 - 2019-03-26 22:40 - 004317264 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2019-08-09 16:15 - 2019-03-26 22:40 - 002017936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6441971.dll
2019-08-09 16:15 - 2019-03-26 22:40 - 002003872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2019-08-09 16:15 - 2019-03-26 22:40 - 001511896 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2019-08-09 16:15 - 2019-03-26 22:40 - 001468320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6441971.dll
2019-08-09 16:15 - 2019-03-26 22:40 - 001461144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2019-08-09 16:15 - 2019-03-26 22:40 - 001126544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2019-08-09 16:15 - 2019-03-26 22:40 - 000631688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2019-08-09 16:15 - 2019-03-26 22:40 - 000521872 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2019-08-09 16:15 - 2019-03-26 22:39 - 040263768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2019-08-09 16:15 - 2019-03-26 22:39 - 035158488 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2019-08-09 16:15 - 2019-03-26 19:40 - 015911776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2019-08-09 16:15 - 2019-03-26 19:39 - 013205976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2019-08-09 16:15 - 2019-03-26 19:39 - 001167400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2019-08-09 16:15 - 2019-03-26 19:39 - 000914584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2019-08-09 16:15 - 2019-03-26 19:38 - 019716816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2019-08-09 16:15 - 2019-03-26 19:38 - 016993032 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2019-08-09 16:15 - 2019-03-26 19:38 - 004261192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2019-08-09 16:15 - 2018-10-02 02:47 - 000070024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2019-08-09 16:12 - 2019-08-09 16:16 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2019-08-09 16:09 - 2019-02-22 22:38 - 001014800 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2019-08-09 16:09 - 2019-02-22 22:38 - 001014800 _____ C:\WINDOWS\system32\vulkan-1.dll
2019-08-09 16:09 - 2019-02-22 22:38 - 000878616 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2019-08-09 16:09 - 2019-02-22 22:38 - 000878616 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2019-08-09 16:09 - 2019-02-22 22:38 - 000274736 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2019-08-09 16:09 - 2019-02-22 22:38 - 000274736 _____ C:\WINDOWS\system32\vulkaninfo.exe
2019-08-09 16:09 - 2019-02-22 22:38 - 000249104 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2019-08-09 16:09 - 2019-02-22 22:38 - 000249104 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2019-08-09 16:09 - 2019-02-22 22:38 - 000208840 _____ (Intel Corporation) C:\WINDOWS\system32\intel_gfx_api-x64.dll
2019-08-09 16:09 - 2019-02-22 22:38 - 000180520 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\intel_gfx_api-x86.dll
2019-08-09 15:17 - 2019-08-09 15:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 도구
2019-08-09 15:16 - 2019-08-09 16:18 - 000212992 _____ C:\WINDOWS\system32\ClickToRun_Pipeline16
2019-08-09 02:00 - 2019-08-09 02:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2019-08-08 13:17 - 2019-08-08 13:17 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2019-08-08 13:17 - 2019-08-08 13:17 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2019-08-08 13:17 - 2019-08-08 13:17 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2019-08-08 13:17 - 2019-08-08 13:17 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2019-07-12 15:05 - 2019-07-12 15:05 - 000000000 ____D C:\Users\garyh\AppData\LocalLow\Sun
2019-07-10 22:00 - 2019-07-10 22:00 - 025444864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 019811328 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 018017792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 008011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 007008768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 006218752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 005919744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 005500416 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 004481536 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 004348408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 004306432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 003837440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 003525592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 003487232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 003243080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 002956984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2019-07-10 22:00 - 2019-07-10 22:00 - 002494232 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 002398208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 002235936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 002216448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 002190648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 002072152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 001866064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 001715000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 001611576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 001608192 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 001555688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 001539584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 001501496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 001383736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 001273344 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 001273176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 001214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 001080832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 001043768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPolicy.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 001012792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 001000960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 000986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2019-07-10 22:00 - 2019-07-10 22:00 - 000957240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVManifest.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 000912896 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 000827192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 000816440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 000806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 000801592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2019-07-10 22:00 - 2019-07-10 22:00 - 000743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 000741176 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 000700928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 000665912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 000649016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 000516752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 000510768 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2019-07-10 22:00 - 2019-07-10 22:00 - 000494904 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 000472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 000460288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2019-07-10 22:00 - 2019-07-10 22:00 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2019-07-10 22:00 - 2019-07-10 22:00 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 000394040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 000387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\provplatformdesktop.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 000382976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 000366184 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 000363008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 000357376 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 000307200 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscobj.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_AnalogShell.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 000267528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 000257848 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVFileSystemMetadata.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 000257536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\provplatformdesktop.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 000231432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVShNotify.exe
2019-07-10 22:00 - 2019-07-10 22:00 - 000228664 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVStreamMap.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 000202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscobj.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 000202552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVStreamingUX.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 000181560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVDllSurrogate.exe
2019-07-10 22:00 - 2019-07-10 22:00 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 000172856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVNice.exe
2019-07-10 22:00 - 2019-07-10 22:00 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\appvetwclientres.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 000129088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 000099712 _____ (Microsoft Corporation) C:\WINDOWS\system32\FsIso.exe
2019-07-10 22:00 - 2019-07-10 22:00 - 000093312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
2019-07-10 22:00 - 2019-07-10 22:00 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmlib.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 000058825 _____ C:\WINDOWS\system32\srms.dat
2019-07-10 22:00 - 2019-07-10 22:00 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeUISrv.exe
2019-07-10 22:00 - 2019-07-10 22:00 - 000042296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2019-07-10 22:00 - 2019-07-10 22:00 - 000037904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncAppvPublishingServer.exe
2019-07-10 22:00 - 2019-07-10 22:00 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 000022024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScriptRunner.exe
2019-07-10 22:00 - 2019-07-10 22:00 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\appvetwstreamingux.dll
2019-07-10 22:00 - 2019-07-10 22:00 - 000011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
2019-07-10 21:59 - 2019-07-10 21:59 - 025902080 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 022625280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 017786368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 014816256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 009917752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-07-10 21:59 - 2019-07-10 21:59 - 007887440 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 007758336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 007636616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 007242312 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 007175168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 006534712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 006224296 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 006068840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 005745504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 004863488 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 004578816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 004562920 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-07-10 21:59 - 2019-07-10 21:59 - 004552336 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-07-10 21:59 - 2019-07-10 21:59 - 004470784 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 004012032 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 004008960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 003914480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-07-10 21:59 - 2019-07-10 21:59 - 003748864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 003725312 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-07-10 21:59 - 2019-07-10 21:59 - 003698176 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 003654656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 003590968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-07-10 21:59 - 2019-07-10 21:59 - 003550720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 003372952 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 003327256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 003261440 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 003106304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 003084800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 002990608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-07-10 21:59 - 2019-07-10 21:59 - 002876416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 002871824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2019-07-10 21:59 - 2019-07-10 21:59 - 002870784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 002798592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-07-10 21:59 - 2019-07-10 21:59 - 002771008 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 002763552 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2019-07-10 21:59 - 2019-07-10 21:59 - 002725376 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-07-10 21:59 - 2019-07-10 21:59 - 002697728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 002656768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 002587328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 002576384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 002550584 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 002490712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 002449456 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 002443264 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 002306048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 002281984 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 002258336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 002232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 002117160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 002081976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 001999440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 001979392 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 001954960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 001945600 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 001918976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 001884672 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConstraintIndex.Search.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 001841152 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 001815040 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 001781248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 001761792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 001754232 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-07-10 21:59 - 2019-07-10 21:59 - 001745920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 001743672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 001721344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 001721144 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 001717560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 001690624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 001687552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 001651848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 001647280 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 001635328 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 001633648 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 001608704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 001535288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 001509936 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-07-10 21:59 - 2019-07-10 21:59 - 001480704 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpsharercom.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 001458176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 001437184 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2019-07-10 21:59 - 2019-07-10 21:59 - 001413704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 001413632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 001393960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 001391416 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-07-10 21:59 - 2019-07-10 21:59 - 001375232 _____ (Microsoft Corporation) C:\WINDOWS\system32\APMon.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 001366528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 001366128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-07-10 21:59 - 2019-07-10 21:59 - 001362432 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 001345024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 001337656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 001321472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 001304888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 001262864 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 001261568 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 001260032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpsharercom.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 001250432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2019-07-10 21:59 - 2019-07-10 21:59 - 001192096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2019-07-10 21:59 - 2019-07-10 21:59 - 001182232 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-07-10 21:59 - 2019-07-10 21:59 - 001149928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-07-10 21:59 - 2019-07-10 21:59 - 001146880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 001124864 _____ (Microsoft Corporation) C:\WINDOWS\system32\CBDHSvc.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 001101312 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 001092096 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 001071928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-07-10 21:59 - 2019-07-10 21:59 - 001067008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 001063944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 001062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 001062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 001042944 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2019-07-10 21:59 - 2019-07-10 21:59 - 001040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 001007104 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 001006592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000984376 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2019-07-10 21:59 - 2019-07-10 21:59 - 000947200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000928776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2019-07-10 21:59 - 2019-07-10 21:59 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000919040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000910272 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000892696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000889656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000879792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000878080 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2019-07-10 21:59 - 2019-07-10 21:59 - 000876856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-07-10 21:59 - 2019-07-10 21:59 - 000875008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000862720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll

glhglh · Aug 9, 2019

FRST.txt 3

2019-07-10 21:59 - 2019-07-10 21:59 - 000858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2019-07-10 21:59 - 2019-07-10 21:59 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000833536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000830976 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000829544 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioIso.exe
2019-07-10 21:59 - 2019-07-10 21:59 - 000821696 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-07-10 21:59 - 2019-07-10 21:59 - 000818656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000817152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2019-07-10 21:59 - 2019-07-10 21:59 - 000813568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000810512 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000782120 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-07-10 21:59 - 2019-07-10 21:59 - 000774152 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-07-10 21:59 - 2019-07-10 21:59 - 000772656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000771584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2019-07-10 21:59 - 2019-07-10 21:59 - 000769336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2019-07-10 21:59 - 2019-07-10 21:59 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2019-07-10 21:59 - 2019-07-10 21:59 - 000751256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-07-10 21:59 - 2019-07-10 21:59 - 000740664 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000739328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2019-07-10 21:59 - 2019-07-10 21:59 - 000735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000706544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscms.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntime.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2019-07-10 21:59 - 2019-07-10 21:59 - 000680760 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000679368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntimewindows.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000674816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2019-07-10 21:59 - 2019-07-10 21:59 - 000674072 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2019-07-10 21:59 - 2019-07-10 21:59 - 000673152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-07-10 21:59 - 2019-07-10 21:59 - 000673080 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000668160 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000667272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000645632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000644096 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000642008 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000637968 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000602432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscms.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-07-10 21:59 - 2019-07-10 21:59 - 000589592 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-07-10 21:59 - 2019-07-10 21:59 - 000588464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000586552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2019-07-10 21:59 - 2019-07-10 21:59 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2019-07-10 21:59 - 2019-07-10 21:59 - 000568336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-07-10 21:59 - 2019-07-10 21:59 - 000531976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2019-07-10 21:59 - 2019-07-10 21:59 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000531464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000523912 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000513336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000511288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000509440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2019-07-10 21:59 - 2019-07-10 21:59 - 000481592 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2019-07-10 21:59 - 2019-07-10 21:59 - 000477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2019-07-10 21:59 - 2019-07-10 21:59 - 000474112 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2019-07-10 21:59 - 2019-07-10 21:59 - 000464696 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.ConversationalAgent.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000455680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2019-07-10 21:59 - 2019-07-10 21:59 - 000443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-07-10 21:59 - 2019-07-10 21:59 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000435000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2019-07-10 21:59 - 2019-07-10 21:59 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000425264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000415800 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000415544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2019-07-10 21:59 - 2019-07-10 21:59 - 000400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\DispBroker.Desktop.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000390456 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000386016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000353960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000350208 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000344064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.BlueLightReduction.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000339520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000336928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000336752 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2019-07-10 21:59 - 2019-07-10 21:59 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000324624 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2019-07-10 21:59 - 2019-07-10 21:59 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000317952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000316216 _____ (Microsoft Corporation) C:\WINDOWS\system32\computestorage.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2019-07-10 21:59 - 2019-07-10 21:59 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000301568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000300184 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000296976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2019-07-10 21:59 - 2019-07-10 21:59 - 000296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000283152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mssecflt.sys
2019-07-10 21:59 - 2019-07-10 21:59 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000280576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000278528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2019-07-10 21:59 - 2019-07-10 21:59 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000268216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000257536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbaudio2.sys
2019-07-10 21:59 - 2019-07-10 21:59 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2019-07-10 21:59 - 2019-07-10 21:59 - 000248088 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000242688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2019-07-10 21:59 - 2019-07-10 21:59 - 000233984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000220680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-07-10 21:59 - 2019-07-10 21:59 - 000214032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ifsutil.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2019-07-10 21:59 - 2019-07-10 21:59 - 000210440 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000202040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2019-07-10 21:59 - 2019-07-10 21:59 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000199176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-07-10 21:59 - 2019-07-10 21:59 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000193848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2019-07-10 21:59 - 2019-07-10 21:59 - 000193800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000187920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ifsutil.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AarSvc.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000182072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2019-07-10 21:59 - 2019-07-10 21:59 - 000180536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2019-07-10 21:59 - 2019-07-10 21:59 - 000180024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ulib.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2019-07-10 21:59 - 2019-07-10 21:59 - 000164152 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2019-07-10 21:59 - 2019-07-10 21:59 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000159232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BitLockerCsp.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000149512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ulib.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000146920 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleprn.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000142544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingUI.exe
2019-07-10 21:59 - 2019-07-10 21:59 - 000142136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2019-07-10 21:59 - 2019-07-10 21:59 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2019-07-10 21:59 - 2019-07-10 21:59 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000129848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mup.sys
2019-07-10 21:59 - 2019-07-10 21:59 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000127296 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000123912 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinAUG.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000120352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000117048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2019-07-10 21:59 - 2019-07-10 21:59 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleprn.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000115120 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2019-07-10 21:59 - 2019-07-10 21:59 - 000114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2019-07-10 21:59 - 2019-07-10 21:59 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3msm.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000102216 _____ (Microsoft Corporation) C:\WINDOWS\system32\changepk.exe
2019-07-10 21:59 - 2019-07-10 21:59 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000093496 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3api.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000089544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000088560 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3api.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3msm.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000084280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-07-10 21:59 - 2019-07-10 21:59 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2019-07-10 21:59 - 2019-07-10 21:59 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\efsext.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000071720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\monitor.sys
2019-07-10 21:59 - 2019-07-10 21:59 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000065064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efsext.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2019-07-10 21:59 - 2019-07-10 21:59 - 000047000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2019-07-10 21:59 - 2019-07-10 21:59 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpgradeResultsUI.exe
2019-07-10 21:59 - 2019-07-10 21:59 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000036152 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2019-07-10 21:59 - 2019-07-10 21:59 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys
2019-07-10 21:59 - 2019-07-10 21:59 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys
2019-07-10 21:59 - 2019-07-10 21:59 - 000028936 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmbuspipe.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilotdiag.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000021304 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\bindflt.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\pacjsworker.exe
2019-07-10 21:59 - 2019-07-10 21:59 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCertResources.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCertResources.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6r.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3r.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll
2019-07-10 21:59 - 2019-07-10 21:59 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3r.dll
2019-07-10 21:51 - 2019-07-10 21:51 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_ldiagio_01009.Wdf
2019-07-10 21:37 - 2019-08-09 16:17 - 000003976 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-10 21:37 - 2019-08-09 16:17 - 000003940 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-10 21:37 - 2019-07-10 21:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2019-07-10 21:37 - 2018-08-28 12:16 - 002789792 _____ (Intel Corporation) C:\WINDOWS\system32\iaStorAfsService.exe
2019-07-10 21:37 - 2018-08-28 12:16 - 001094048 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaStorAC.sys
2019-07-10 21:37 - 2018-08-28 12:16 - 000221600 _____ (Intel Corporation) C:\WINDOWS\system32\iaStorAfsNative.exe
2019-07-10 21:37 - 2018-08-28 12:16 - 000114592 _____ (Intel Corporation) C:\WINDOWS\system32\Optane.dll
2019-07-10 21:37 - 2018-08-28 12:16 - 000074656 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaStorAfs.sys
2019-07-10 21:37 - 2018-06-26 01:37 - 002617888 _____ (Sunplus Innovation Technology Inc.) C:\WINDOWS\system32\SPITDevMft64.dll
2019-07-10 21:37 - 2018-06-11 04:23 - 000191024 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaLPSS2_I2C.sys
2019-07-10 21:37 - 2018-06-11 04:23 - 000098864 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaLPSS2_GPIO2.sys
2019-07-10 21:36 - 2019-08-09 16:16 - 000004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-10 21:36 - 2019-08-09 16:16 - 000004106 _____ C:\WINDOWS\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-10 21:36 - 2019-08-09 16:16 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-10 21:36 - 2019-08-09 16:16 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-10 21:36 - 2019-08-09 16:16 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-10 21:36 - 2019-08-09 16:16 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-10 21:36 - 2019-08-09 16:16 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-10 21:36 - 2019-08-09 16:16 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-10 21:36 - 2019-08-09 16:16 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-10 21:36 - 2019-03-20 13:41 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2019-07-10 21:36 - 2018-11-21 13:16 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2019-07-10 21:34 - 2018-06-25 01:27 - 002005120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6439836.dll
2019-07-10 21:34 - 2018-06-25 01:27 - 001459784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6439836.dll
2019-07-10 21:32 - 2018-08-01 16:48 - 000064168 _____ C:\WINDOWS\system32\Drivers\AthrBT_0x00000302.dfu
2019-07-10 21:32 - 2018-08-01 16:48 - 000062548 _____ C:\WINDOWS\system32\Drivers\AthrBT_TF_0x00000302.dfu
2019-07-10 21:32 - 2018-08-01 16:48 - 000057624 _____ C:\WINDOWS\system32\Drivers\AthrBT_0x00000300.dfu
2019-07-10 21:32 - 2018-08-01 16:48 - 000002020 _____ C:\WINDOWS\system32\Drivers\ramps_0x00000302_48_tx8.dfu
2019-07-10 21:32 - 2018-08-01 16:48 - 000001996 _____ C:\WINDOWS\system32\Drivers\ramps_TF_0x00000302_48_NFA435_10dbm.dfu
2019-07-10 21:32 - 2018-08-01 16:48 - 000001996 _____ C:\WINDOWS\system32\Drivers\ramps_TF_0x00000302_48.dfu
2019-07-10 21:32 - 2018-08-01 16:48 - 000001996 _____ C:\WINDOWS\system32\Drivers\ramps_0x00000302_48_NFA354A_10db.dfu
2019-07-10 21:32 - 2018-08-01 16:48 - 000001996 _____ C:\WINDOWS\system32\Drivers\ramps_0x00000302_48.dfu
2019-07-10 21:32 - 2018-07-05 19:37 - 002365296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WudfUpdate_01011.dll
2019-07-10 21:32 - 2018-07-04 08:59 - 009900032 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RsCRIcon.dll
2019-07-10 21:28 - 2019-02-22 22:38 - 000161512 _____ C:\WINDOWS\SysWOW64\libGLESv2.dll
2019-07-10 21:28 - 2019-02-22 22:38 - 000147688 _____ C:\WINDOWS\SysWOW64\libEGL.dll
2019-07-10 21:28 - 2019-02-22 22:38 - 000126208 _____ C:\WINDOWS\SysWOW64\libGLESv1_CM.dll

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-08-09 16:34 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-08-09 16:33 - 2019-03-18 21:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-08-09 16:26 - 2019-06-09 21:53 - 001464546 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-08-09 16:26 - 2019-06-09 21:12 - 000499874 _____ C:\WINDOWS\system32\perfh012.dat
2019-08-09 16:26 - 2019-06-09 21:12 - 000134064 _____ C:\WINDOWS\system32\perfc012.dat
2019-08-09 16:26 - 2019-03-18 21:50 - 000000000 ____D C:\WINDOWS\INF
2019-08-09 16:22 - 2019-06-09 21:52 - 000003368 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-537854646-3490681162-3732722280-1001
2019-08-09 16:22 - 2019-06-09 21:23 - 000002370 _____ C:\Users\garyh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-08-09 16:22 - 2018-08-20 18:33 - 000000000 ___RD C:\Users\garyh\OneDrive
2019-08-09 16:21 - 2018-06-13 16:40 - 000000000 ____D C:\ProgramData\NVIDIA
2019-08-09 16:19 - 2018-08-20 18:46 - 000000000 ____D C:\Users\garyh\AppData\Local\CrashDumps
2019-08-09 16:19 - 2018-08-20 18:31 - 000000000 __SHD C:\Users\garyh\IntelGraphicsProfiles
2019-08-09 16:19 - 2018-06-13 16:59 - 000019762 _____ C:\WINDOWS\system32\results.xml
2019-08-09 16:18 - 2019-06-09 21:52 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-08-09 16:18 - 2019-03-18 21:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-08-09 16:17 - 2018-06-13 16:40 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2019-08-09 16:17 - 2018-06-13 16:39 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2019-08-09 16:17 - 2018-06-13 16:38 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2019-08-09 16:04 - 2019-06-09 21:43 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-08-09 15:17 - 2019-07-04 20:25 - 000002431 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\비즈니스용 Skype.lnk
2019-08-09 15:17 - 2019-07-04 20:25 - 000002427 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-08-09 15:17 - 2019-07-04 20:25 - 000002425 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-08-09 15:17 - 2019-07-04 20:25 - 000002424 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-08-09 15:17 - 2019-07-04 20:25 - 000002414 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-08-09 15:17 - 2019-07-04 20:25 - 000002412 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-08-09 15:17 - 2019-07-04 20:25 - 000002410 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-08-09 15:17 - 2019-07-04 20:25 - 000002396 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-08-09 15:17 - 2019-06-09 21:52 - 000004274 _____ C:\WINDOWS\System32\Tasks\Xerox XeroxPrintExperience Printer Configuration - New or Changed
2019-08-09 15:16 - 2018-08-21 11:55 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-08-09 14:37 - 2019-06-09 21:52 - 000004156 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{9CD94BF0-89D8-42B5-A5B6-7CE1782CA507}
2019-08-09 06:00 - 2018-08-20 18:14 - 000000000 ____D C:\Users\garyh\AppData\Local\Host App Service
2019-08-09 02:00 - 2018-08-20 22:09 - 000000000 ____D C:\Program Files (x86)\Dropbox
2019-08-09 01:59 - 2018-08-21 17:37 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-08-08 13:11 - 2019-06-09 21:52 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2019-07-24 13:38 - 2018-08-20 18:31 - 000000000 ____D C:\Users\garyh\AppData\Local\Packages
2019-07-24 10:09 - 2019-03-18 21:52 - 000000000 ___HD C:\Program Files\WindowsApps
2019-07-22 20:07 - 2019-06-09 21:52 - 000004378 _____ C:\WINDOWS\System32\Tasks\Open URL by RoboForm
2019-07-22 20:07 - 2019-06-09 21:52 - 000003790 _____ C:\WINDOWS\System32\Tasks\Run RoboForm TaskBar Icon
2019-07-22 20:07 - 2018-08-21 18:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RoboForm
2019-07-22 11:34 - 2018-08-20 19:38 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-07-12 14:43 - 2018-08-20 18:31 - 000000000 ____D C:\Users\garyh\AppData\Local\NVIDIA Corporation
2019-07-10 22:48 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-07-10 22:48 - 2018-08-24 20:59 - 000000000 ____D C:\Users\garyh\AppData\Local\ElevatedDiagnostics
2019-07-10 22:40 - 2018-11-29 14:48 - 000000000 ____D C:\Xerox
2019-07-10 22:13 - 2019-03-18 21:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-07-10 22:05 - 2018-08-20 18:31 - 000000000 ___RD C:\Users\garyh\3D Objects
2019-07-10 22:05 - 2017-10-03 09:48 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-07-10 22:04 - 2019-06-09 21:43 - 000513408 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-07-10 22:04 - 2019-03-18 23:23 - 000000000 ___SD C:\WINDOWS\system32\AppV
2019-07-10 22:04 - 2019-03-18 23:23 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2019-07-10 22:04 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\SystemResources
2019-07-10 22:04 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-07-10 22:04 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2019-07-10 22:04 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\system32\appraiser
2019-07-10 22:04 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-07-10 22:04 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-07-10 22:03 - 2018-08-20 18:57 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-07-10 22:03 - 2018-08-20 18:56 - 136618864 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-07-10 21:37 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2019-07-10 21:36 - 2018-06-13 16:38 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2019-07-10 21:35 - 2018-06-13 16:35 - 000000000 ____D C:\ProgramData\Package Cache
2019-07-10 21:31 - 2018-06-13 16:36 - 000000000 ____D C:\ProgramData\Intel
2019-07-10 20:14 - 2018-08-20 18:50 - 000000000 ____D C:\Users\garyh\AppData\Local\PlaceholderTileLogoFolder
2019-07-10 20:13 - 2018-08-20 19:38 - 000741432 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

glhglh · Aug 9, 2019

Addition.txt 1

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-08-2019 02
Ran by garyh (09-08-2019 16:42:06)
Running from C:\Users\garyh\Desktop\2019 Viarus
Windows 10 Pro Version 1903 18362.239 (X64) (2019-06-10 04:52:22)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-537854646-3490681162-3732722280-500 - Administrator - Disabled)
betty (S-1-5-21-537854646-3490681162-3732722280-1002 - Limited - Disabled)
DefaultAccount (S-1-5-21-537854646-3490681162-3732722280-503 - Limited - Disabled)
garyh (S-1-5-21-537854646-3490681162-3732722280-1001 - Administrator - Enabled) => C:\Users\garyh
Guest (S-1-5-21-537854646-3490681162-3732722280-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-537854646-3490681162-3732722280-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.012.20035 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.7 64-bit (HKLM\...\{1B77B02E-17E4-4B6D-B8A1-74B29AF3D8DD}) (Version: 5.7.0 - Adobe Systems Incorporated)
AmericasCardroom (HKLM-x32\...\296836EA-EF3A-4C36-8C13-3A6C1DB2D4BE) (Version: 16.6 - IGSoft)
Apple Application Support (32-bit) (HKLM-x32\...\{5A659BE5-849B-484E-A83B-DCB78407F3A4}) (Version: 7.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{F8060941-C0AB-4BCE-88AC-F2FDA2E9F286}) (Version: 7.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5FA8C4BE-8C74-4B9C-9B49-EBF759230189}) (Version: 12.1.0.25 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Audials (HKLM-x32\...\{DDA88851-E3AD-41D8-BB2A-420D8CBF3DB9}) (Version: 18.1.49800.0 - Audials AG)
BCL easyConverter SDK 3 (Word Version) 64 (HKLM\...\{350CC85B-CA59-4F85-909D-8E4CDBF532FA}) (Version: 3.0.64 - BCL Technologies)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.44 - Piriform)
ChromecastApp (HKU\S-1-5-21-537854646-3490681162-3732722280-1001\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.1693.0 - Google Inc.)
Dolby Audio X2 Windows API SDK (HKLM\...\{3896A877-878A-4127-B240-1D7327D245A5}) (Version: 0.8.8.84 - Dolby Laboratories, Inc.)
Dolby Audio X2 Windows APP (HKLM\...\{4A02DCED-C2B0-4DD3-87BD-7D8E68D6AF3C}) (Version: 0.8.6.75 - Dolby Laboratories, Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 79.3.136 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.191.1 - Dropbox, Inc.) Hidden
Family Tree Maker 2014 (HKLM\...\{39EF38DF-2727-4C09-A165-FD3B87BA3AE9}) (Version: 22.0.207 - Ancestry.com, Inc.) Hidden
Family Tree Maker 2014 (HKLM-x32\...\Family Tree Maker 2014) (Version: 22.0.207 - Ancestry.com, Inc.)
GoldWave v5.70 (HKLM-x32\...\GoldWave v5.70) (Version: 5.70 - GoldWave Inc.)
GoldWave v6.35 (HKLM\...\GoldWave v6.35) (Version: 6.35 - GoldWave Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 76.0.3809.100 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Grammarly (HKU\S-1-5-21-537854646-3490681162-3732722280-1001\...\GrammarlyForWindows) (Version: 1.5.43 - Grammarly)
Grammarly for Microsoft® Office Suite (HKLM\...\{9EFDEB4A-1693-4E9D-A0A0-6BA8460AF9DD}) (Version: 6.7.159 - Grammarly) Hidden
Grammarly for Microsoft® Office Suite (HKU\S-1-5-21-537854646-3490681162-3732722280-1001\...\{37b8fff3-6293-46a5-909d-38da4d048468}) (Version: 6.7.159 - Grammarly)
Intel(R) Chipset Device Software (HKLM-x32\...\{a2167b7c-e567-4ae5-9c88-8e1349a01363}) (Version: 10.1.1.45 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1846.12.0.1177 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 25.20.100.6576 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.50.638.1 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{99ee3c29-c7cd-450f-8db9-d43cc49de1c7}) (Version: 1.50.638.1 - Intel Corporation) Hidden
Lenovo App Explorer (HKU\S-1-5-19\...\Host App Service) (Version: 0.273.2.343 - SweetLabs for Lenovo) <==== ATTENTION
Lenovo App Explorer (HKU\S-1-5-20\...\Host App Service) (Version: 0.273.2.343 - SweetLabs for Lenovo) <==== ATTENTION
Lenovo App Explorer (HKU\S-1-5-21-537854646-3490681162-3732722280-1001\...\Host App Service) (Version: 0.273.3.522 - SweetLabs for Lenovo) <==== ATTENTION
Lenovo Service Bridge (HKU\S-1-5-21-537854646-3490681162-3732722280-1001\...\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 4.0.6.7 - Lenovo)
Lenovo Yoga Mode Control (Inf Install) (HKLM\...\ACPIVPC) (Version: 15.11.28.179 - Lenovo)
Living Cookbook 2015 (HKLM-x32\...\{1DA632BA-F963-4B97-A2B6-50F9003A13B8}) (Version: 5.0.85 - Radium Technologies) Hidden
Living Cookbook 2015 (HKLM-x32\...\Living Cookbook 2015) (Version: 5.0.85 - Radium Technologies, Inc.)
Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation)
Microsoft IntelliPoint 7.0 (HKLM\...\{C74A84EC-7C5F-4C36-A4A6-381E516D643B}) (Version: 7.0.260.0 - Microsoft)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.11901.20176 - Microsoft Corporation)
Microsoft Office 365 ProPlus - ko-kr (HKLM\...\O365ProPlusRetail - ko-kr) (Version: 16.0.11901.20176 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-537854646-3490681162-3732722280-1001\...\OneDriveSetup.exe) (Version: 19.123.0624.0005 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.13 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.17.0.126 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.17.0.126 - NVIDIA Corporation)
NVIDIA Graphics Driver 419.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 419.71 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11901.20176 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11901.20176 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11901.20176 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.11901.20176 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0412-0000-0000000FF1CE}) (Version: 16.0.11901.20176 - Microsoft Corporation) Hidden
PDFill PDF Editor Professional (HKLM\...\{D1399216-81B2-457C-A0F7-73B9A2EF6902}) (Version: 14.0 - PlotSoft LLC)
PokerTracker 4 (remove only) (HKLM-x32\...\PokerTracker4) (Version: - )
PostgreSQL 9.3 (HKLM\...\PostgreSQL 9.3) (Version: 9.3 - PostgreSQL Global Development Group)
RoboForm 8-6-0-0 (All Users) (HKLM-x32\...\AI RoboForm) (Version: 8-6-0-0 - Siber Systems)
Spotify (HKU\S-1-5-21-537854646-3490681162-3732722280-1001\...\Spotify) (Version: 1.0.92.390.g2ce5ec7d - Spotify AB)
TiVo Desktop 2.8.3 (HKLM-x32\...\{4E839090-3B68-436A-B3CF-A2A08C38DD26}) (Version: 2.8.412.370 - TiVo Inc.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-2) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Wacom Pen (HKLM\...\ISD Tablet Driver) (Version: 7.3.4-51 - Wacom Technology Corp.)
Xerox Desktop Print Experience 4.0 (HKLM\...\{86BF0126-CB2F-D262-586C-4B9F7F60C5AF}) (Version: 7.48.9.0 - Xerox Corporation)

Packages:
=========
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.0.2002.0_x64__rz1tebttyb220 [2019-06-09] (Dolby Laboratories)
Grammarly for Microsoft Edge -> C:\Program Files\WindowsApps\Grammarly.GrammarlyforMicrosoftEdge_1.120.2309.0_neutral__zee0y2571dhse [2019-06-09] (Grammarly)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_100.1.581.0_x64__v10z8vjag6ke6 [2019-07-22] (HP Inc.)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_4.27.32.0_x86__k1h2ywk1493x8 [2019-04-12] (LENOVO INC.)
LenovoUtility -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_3.0.52.0_x64__5grkq8ppsgwt4 [2019-05-02] (LENOVO INC)
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2018-08-20] (LinkedIn)
Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe [2019-07-10] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-12] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-22] (Microsoft Corporation) [MS Ad]
MPEG-2 Video Extension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.12831.0_x64__8wekyb3d8bbwe [2018-10-13] (Microsoft Corporation)
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-22] (Microsoft Corporation) [MS Ad]
RoboForm Password Manager -> C:\Program Files\WindowsApps\SiberSystemsInc.RoboFormEdge_8.5.7.0_x86__7kk3kr9e0p1np [2019-06-22] (Siber Systems Inc)
Xerox Print Experience -> C:\Program Files\WindowsApps\XeroxCorp.PrintExperience_7.48.41.0_x64__f7egpvdyrs2a8 [2019-05-08] (Xerox Corp)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-537854646-3490681162-3732722280-1001_Classes\CLSID\{2AD206F1-152C-4F9D-A24E-6F93FE7A4AFC}\InprocServer32 -> C:\Users\garyh\AppData\Local\Grammarly\Grammarly for Microsoft Office Suite\6.7.159\15A32ADFA5\GrammarlyShim64.dll (Grammarly, Inc. -> CompanyName)
CustomCLSID: HKU\S-1-5-21-537854646-3490681162-3732722280-1001_Classes\CLSID\{4BE56754-B616-4998-B825-D16983AEE1B2}\InprocServer32 -> C:\Users\garyh\AppData\Local\Grammarly\Grammarly for Microsoft Office Suite\6.7.159\15A32ADFA5\Grammarly.AddIn.Connect.ActiveX.dll (Grammarly, Inc. -> Grammarly)
CustomCLSID: HKU\S-1-5-21-537854646-3490681162-3732722280-1001_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\garyh\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-537854646-3490681162-3732722280-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\garyh\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-537854646-3490681162-3732722280-1001_Classes\CLSID\{86508D42-E5D7-4D10-9C6F-D427AEEB85B5}\InprocServer32 -> C:\Users\garyh\AppData\Local\Google\Update\1.3.34.11\psuser_64.dll (Google Inc -> Google LLC)
CustomCLSID: HKU\S-1-5-21-537854646-3490681162-3732722280-1001_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> C:\Users\garyh\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-537854646-3490681162-3732722280-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => E:\Dropbox\Dropbox [2018-08-20 22:19]
CustomCLSID: HKU\S-1-5-21-537854646-3490681162-3732722280-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\garyh\AppData\Local\Google\Update\1.3.34.11\psuser_64.dll (Google Inc -> Google LLC)
CustomCLSID: HKU\S-1-5-21-537854646-3490681162-3732722280-1001_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\garyh\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll => No File
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-03] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-03] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-03] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-03] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e4737ed001bad0d9\igfxDTCM.dll [2019-02-22] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2018-08-23 22:46 - 2017-05-08 21:59 - 000178688 _____ () [File not signed] C:\Program Files\PostgreSQL\9.3\bin\LIBPQ.dll
2018-08-23 22:46 - 2016-08-02 03:40 - 002257408 _____ () [File not signed] C:\Program Files\PostgreSQL\9.3\bin\libxml2.dll
2019-04-12 16:47 - 2019-04-12 16:47 - 035952640 _____ () [File not signed] C:\Program Files\WindowsApps\E046963F.LenovoCompanion_4.27.32.0_x86__k1h2ywk1493x8\Lenovo.Discovery.dll
2019-04-12 16:47 - 2019-04-12 16:47 - 000024064 _____ () [File not signed] C:\Program Files\WindowsApps\E046963F.LenovoCompanion_4.27.32.0_x86__k1h2ywk1493x8\Lenovo.Discovery.exe
2010-08-24 17:34 - 2010-08-24 17:34 - 000259584 _____ () [File not signed] E:\Program Files (x86)\TiVo\Desktop\ID3LIB.DLL
2010-05-17 22:56 - 2010-05-17 22:56 - 000684032 _____ () [File not signed] E:\Program Files (x86)\TiVo\Desktop\libeay32.dll
2010-05-17 22:54 - 2010-05-17 22:54 - 000716800 _____ () [File not signed] E:\Program Files (x86)\TiVo\Desktop\LOUDMOUTH.DLL
2010-05-17 22:56 - 2010-05-17 22:56 - 000155648 _____ () [File not signed] E:\Program Files (x86)\TiVo\Desktop\ssleay32.dll
2003-01-30 07:04 - 2003-01-30 07:04 - 000618496 _____ () [File not signed] E:\Program Files (x86)\TiVo\Desktop\STLPMT45.DLL
2003-01-30 07:04 - 2003-01-30 07:04 - 001500160 _____ (Borland Corporation) [File not signed] E:\Program Files (x86)\TiVo\Desktop\CC3260MT.DLL
2010-05-17 22:55 - 2010-05-17 22:55 - 000029696 _____ (Borland Software Corporation) [File not signed] E:\Program Files (x86)\TiVo\Desktop\BORLNDMM.DLL
2003-01-30 07:04 - 2003-01-30 07:04 - 000685056 _____ (Borland Software Corporation) [File not signed] E:\Program Files (x86)\TiVo\Desktop\rtl60.bpl
2002-02-01 07:00 - 2002-02-01 07:00 - 001326080 _____ (Borland Software Corporation) [File not signed] E:\Program Files (x86)\TiVo\Desktop\vcl60.bpl
2018-08-23 22:46 - 2011-01-10 08:16 - 000240862 _____ (Free Software Foundation) [File not signed] C:\Program Files\PostgreSQL\9.3\bin\libintl-8.dll
2018-08-23 22:46 - 2017-05-08 21:59 - 000092672 _____ (PostgreSQL Global Development Group) [File not signed] C:\Program Files\PostgreSQL\9.3\bin\pg_ctl.exe
2018-08-23 22:46 - 2017-05-08 21:58 - 005498368 _____ (PostgreSQL Global Development Group) [File not signed] C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
2019-03-21 16:13 - 2018-08-12 20:29 - 001255424 _____ (Robert Simpson, et al.) [File not signed] C:\ProgramData\Lenovo\iMController\Plugins\GenericMessagingPlugin\x86\x86\SQLite.Interop.dll
2010-05-17 22:54 - 2010-05-17 22:54 - 001029372 _____ (The GLib developer community) [File not signed] E:\Program Files (x86)\TiVo\Desktop\LIBGLIB-2.0-0.DLL
2018-08-23 22:46 - 2017-01-30 23:35 - 001662976 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\PostgreSQL\9.3\bin\LIBEAY32.dll
2018-08-23 22:46 - 2017-01-30 23:35 - 000353280 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\PostgreSQL\9.3\bin\SSLEAY32.dll
2010-08-24 17:55 - 2010-08-24 17:55 - 000107568 _____ (TiVo Inc. -> TiVo Inc.) [File not signed] E:\Program Files (x86)\TiVo\Desktop\Photos.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-09-29 06:46 - 2017-09-29 06:44 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ============================

glhglh · Aug 9, 2019

Addition.txt 2
(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-537854646-3490681162-3732722280-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\garyh\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKU\S-1-5-21-537854646-3490681162-3732722280-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-537854646-3490681162-3732722280-1001\...\StartupApproved\Run: => "Dashlane"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{68AFDE77-33D1-4D55-B23B-3F5D5D2C6DBB}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EDE84E2D-88EE-453A-BFEC-6A29C5EAF35C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{895AA466-E575-4BB6-98A2-3A0D72BCD7A9}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D18CFAEB-63C1-4C3A-BA7F-1F6AA1BF5524}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4951B961-C4DB-45CC-9180-5F5A1FD754C6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16040.10325.20118.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{96E069FA-4FAD-46FF-BE23-856D4A31167E}] => (Allow) E:\Program Files (x86)\Audials\Audials 2018\Audials.exe (Audials AG -> Audials AG)
FirewallRules: [{E1B5F277-EEFF-4A40-9C0A-CC4394DE2113}] => (Allow) LPort=12972
FirewallRules: [{B2534BE1-D0DD-401A-A6F4-D85B85B64400}] => (Allow) LPort=14714
FirewallRules: [{F4C17F1C-5609-4760-BC6B-02EAE51F0A5A}] => (Allow) LPort=31931
FirewallRules: [{9AC11213-F09F-4F9A-B572-7191A04C47E8}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{0C6CA0F6-CC2F-4D91-B89E-76CCC0057864}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{3B19FD84-D7D3-4062-8709-6B733B7B0417}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe No File
FirewallRules: [{15F7A8B9-F1F9-4A1F-BE6C-48B8D96155E3}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe No File
FirewallRules: [{BD1FB641-7E54-45E2-ABEE-C75AF2AA27B2}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9D1B2279-F19F-43AB-A82C-603C43DDBE5F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{928D57A5-55E8-4F9F-9236-B8F86D3B91B2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6222003A-C3F3-47C6-B5D1-4DD69A31F278}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A49EADA8-254A-4F4B-A86F-8186072D4E77}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{AF3530AD-2ED9-41AA-B6AE-BD0E67709F3A}] => (Allow) E:\Program Files (x86)\TiVo\Desktop\TiVoTransfer.exe (TiVo Inc. -> TiVo Inc.)
FirewallRules: [{71B160D3-5A8A-4035-A753-A4B982B4260A}] => (Allow) E:\Program Files (x86)\TiVo\Desktop\TiVoTransfer.exe (TiVo Inc. -> TiVo Inc.)
FirewallRules: [{FA1DE66D-ADCB-4DA6-B662-D7AD10CF0600}] => (Allow) E:\Program Files (x86)\TiVo\Desktop\TiVoServer.exe (TiVo Inc. -> TiVo Inc.)
FirewallRules: [{1D4C6E4D-84F8-4888-8FD2-CB2D327A20CA}] => (Allow) E:\Program Files (x86)\TiVo\Desktop\TiVoServer.exe (TiVo Inc. -> TiVo Inc.)
FirewallRules: [{16D19A94-46CA-44C9-8ACF-EB9036103BB9}] => (Allow) E:\Program Files (x86)\TiVo\Desktop\TiVoDesktop.exe (TiVo Inc. -> TiVo Inc.)
FirewallRules: [{AA0812D9-1E9E-49B2-AECC-709B5C760025}] => (Allow) E:\Program Files (x86)\TiVo\Desktop\TiVoDesktop.exe (TiVo Inc. -> TiVo Inc.)
FirewallRules: [{50AFC075-B77A-45E8-98CC-FDDFC0E55AFA}] => (Allow) E:\Program Files (x86)\TiVo\Desktop\curl.exe () [File not signed]
FirewallRules: [{CA53B1EB-0DD1-4AA0-BF38-93855D827E66}] => (Allow) E:\Program Files (x86)\TiVo\Desktop\curl.exe () [File not signed]
FirewallRules: [{AC4B5A1D-0D9E-4CFF-B9FE-49418E3BA028}] => (Allow) E:\Program Files (x86)\TiVo\Desktop\TiVoBeacon.exe (TiVo Inc. -> TiVo Inc.)
FirewallRules: [{F75A441E-05C2-4519-9DBB-8F7307F02863}] => (Allow) E:\Program Files (x86)\TiVo\Desktop\TiVoBeacon.exe (TiVo Inc. -> TiVo Inc.)
FirewallRules: [{AFF4B1DC-D297-4159-9D8A-0AF4FE8827C7}] => (Allow) E:\Program Files (x86)\TiVo\Desktop\TiVoDiag.exe (TiVo Inc. -> TiVo Inc.)
FirewallRules: [{BC9D1CE8-1717-408B-939C-DF07E25B7F65}] => (Allow) E:\Program Files (x86)\TiVo\Desktop\TiVoDiag.exe (TiVo Inc. -> TiVo Inc.)
FirewallRules: [{F6BBAF66-1375-47CE-9824-DDF64DAF16A3}] => (Allow) LPort=5353
FirewallRules: [{BD959F5A-32E2-44C3-9831-A6223D2F27C3}] => (Allow) LPort=7288
FirewallRules: [TCP Query User{A717C1A9-05C1-427A-8748-EF1529C0450A}E:\program files (x86)\tivo\desktop\tivoserver.exe] => (Allow) E:\program files (x86)\tivo\desktop\tivoserver.exe (TiVo Inc. -> TiVo Inc.)
FirewallRules: [UDP Query User{733357A8-1357-4438-9E3A-FCBDB7599C15}E:\program files (x86)\tivo\desktop\tivoserver.exe] => (Allow) E:\program files (x86)\tivo\desktop\tivoserver.exe (TiVo Inc. -> TiVo Inc.)
FirewallRules: [TCP Query User{2B1C8CBE-CE04-487C-8F14-128395F3EFF6}C:\users\garyh\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\garyh\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{264D1DE1-622E-4356-B6FB-18F70AB8034B}C:\users\garyh\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\garyh\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{32DD0727-E94F-4330-A2B1-E3E6F404F65D}C:\users\garyh\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\garyh\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{C91E79D3-0348-445C-8867-A4FEA76379D5}C:\users\garyh\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\garyh\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{74541013-E9E9-4C89-BE21-FE374D150728}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C75E4EA4-EDFE-49AC-962B-FFA6FF64D121}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DD309D3D-A590-4FF8-B755-8C8BF25F91D9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{94BDCBEC-BEF5-4D52-8F88-7C0CEBA8FD37}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{5E86AAE8-7070-4F26-96D7-45D461852F20}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{445CB310-4F70-4A8F-8638-B3989316EE82}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1EAFD052-AEAD-41EB-9B38-F5CC6E299577}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DF44E10E-2E5A-44A4-9512-E9B5C9B3EC35}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{88A4ED81-3FC8-47AD-BCB3-CE08E28255AC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)

==================== Restore Points =========================

22-07-2019 11:49:47 Scheduled Checkpoint
01-08-2019 11:09:11 Scheduled Checkpoint
09-08-2019 16:17:20 Installed DirectX

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (08/09/2019 04:39:56 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (16140,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (08/09/2019 04:31:42 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2960,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (08/09/2019 04:25:01 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: GLH-LENOVO)
Description: Windows cannot load the extensible counter DLL "C:\WINDOWS\system32\sysmain.dll" (Win32 error code 126).

Error: (08/09/2019 04:25:01 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: GLH-LENOVO)
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.

Error: (08/09/2019 04:19:55 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.

Error: (08/09/2019 04:19:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Lenovo.Modern.ImController.PluginHost.CompanionApp.exe, version: 1.1.18.1, time stamp: 0x5cb9bd3c
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00007ff7c31f1150
Faulting process id: 0x3738
Faulting application start time: 0x01d54f08eda25bc5
Faulting application path: C:\Program Files\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe
Faulting module path: unknown
Report Id: 1f94c481-656e-47b8-8019-f500a63cdc8f
Faulting package full name:
Faulting package-relative application ID:

Error: (08/09/2019 04:19:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Lenovo.Modern.ImController.PluginHost.CompanionApp.exe, version: 1.1.18.1, time stamp: 0x5cb9bd3c
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00007ff7f9bc1150
Faulting process id: 0x2268
Faulting application start time: 0x01d54f08e5b4052d
Faulting application path: C:\Program Files\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe
Faulting module path: unknown
Report Id: 199b51d5-f15d-4127-8d9d-1966872416f2
Faulting package full name:
Faulting package-relative application ID:

Error: (08/09/2019 04:19:33 PM) (Source: TivoTransfer) (EventID: 0) (User: )
Description: Event-ID 0

System errors:
=============
Error: (08/09/2019 04:18:30 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: The Windows Update service did not shut down properly after receiving a preshutdown control.

Error: (08/09/2019 04:18:14 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: The Delivery Optimization service did not shut down properly after receiving a preshutdown control.

Error: (08/09/2019 04:17:53 PM) (Source: DCOM) (EventID: 10010) (User: GLH-LENOVO)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

Error: (08/09/2019 04:17:53 PM) (Source: DCOM) (EventID: 10010) (User: GLH-LENOVO)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

Error: (08/09/2019 04:17:53 PM) (Source: DCOM) (EventID: 10010) (User: GLH-LENOVO)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

Error: (08/09/2019 04:17:53 PM) (Source: DCOM) (EventID: 10010) (User: GLH-LENOVO)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

Error: (08/09/2019 04:17:53 PM) (Source: DCOM) (EventID: 10010) (User: GLH-LENOVO)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

Error: (08/09/2019 04:17:53 PM) (Source: DCOM) (EventID: 10010) (User: GLH-LENOVO)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

Windows Defender:
===================================
Date: 2019-07-22 11:44:33.173
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {070C906D-4365-40CE-B4D1-94F87E91E842}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-07-10 20:44:48.648
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {7AB2588D-5511-414E-9576-DAABAFAB37C1}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-06-22 22:24:18.632
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {3CA4AEF1-5843-4357-BC0D-5E60EF8C3D51}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-06-22 22:15:20.149
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {66877453-4BD4-43A2-BBD3-9AB79100F037}
Scan Type: Antimalware
Scan Parameters: Quick Scan

==================== Memory info ===========================

BIOS: LENOVO 4QCN50WW(V2.14) 05/14/2019
Motherboard: LENOVO LNVNB161216
Processor: Intel(R) Core(TM) i7-8550U CPU @ 1.80GHz
Percentage of memory in use: 40%
Total physical RAM: 16250.39 MB
Available physical RAM: 9722.34 MB
Total Virtual: 20218.39 MB
Available Virtual: 8505.76 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:450.69 GB) (Free:388.68 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.29 GB) NTFS
Drive e: (DATA) (Fixed) (Total:931.39 GB) (Free:446.86 GB) NTFS

\\?\Volume{b62d559c-f8f8-4f02-aaa7-ae8605c722e0}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.57 GB) NTFS
\\?\Volume{e5a8d7e8-2b8a-4600-b46a-a24a16d9269d}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: F57D9DA3)

Partition: GPT.

========================================================
Disk: 1 (Size: 476.9 GB) (Disk ID: 60EDF221)

Partition: GPT.

==================== End of Addition.txt ============================

Broni · Aug 10, 2019

I don't see anything malicious there.
I suggest new topic in Windows forum.
Good luck

glhglh · Aug 17, 2019

Thanks

Broni · Aug 18, 2019

Inactive Gremlins?

glhglh

Posts: 701 +0

glhglh

Posts: 701 +0

glhglh

Posts: 701 +0

glhglh

Posts: 701 +0

glhglh

Posts: 701 +0

Broni

Posts: 56,041 +516

glhglh

Posts: 701 +0

Broni

Posts: 56,041 +516

Similar threads

Latest posts