Solved Norton blocked attack by: System Infected: Miner.Bitcoinminer Activity 7

B

Bluemowgli

Posts: 23   +0
Hey guys new forum member here. I keep getting the above message^ popping up every couple of seconds on my laptop (i7 Dell Running Windows 10), I click on the message and it says no action needed but message keeps popping up and I want to make sure it's been fully removed. I've ran the norton scans and they haven't come up with much so I downloaded and ran malwarebytes (which picked up and quarantined about 16 threats including a couple of trojans) as I heard about this program on other forums. I also downloaded FRST64.exe and have run the scans and generated some txt files but still need a fixlist.txt file to run a fix... Can anyone help me with this ??I was also gonna download AdwCleaner afterwards? I mean I'm not really sure what I'm doing but would love some help in stopping this message from appearing every 2 seconds in my norton and making sure the problem (and any others there may be on my computer are sorted)
Any help on this would be much appreciated, Thanks in advance!
 
Please, complete all steps listed here: http://www.techspot.com/vb/topic58138.html
Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
Attached logs won't be reviewed.

Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.
 
  • Like
Reactions: Bluemowgli
Thank you for your swift reply, I've read the link and have attempted to post the logs below but it says they are too long even when I try and split them up into 2 seperate messages. I know the rules say not to attach but I'm not sure how else to provide you with the info so please if you could make an exception that would be great :)

Thanks
 

Attachments

  • FRST.txt
    118.2 KB · Views: 3
  • Addition.txt
    53.4 KB · Views: 3
You have split the into more parts then. One post will take about 50KB, so the first log will take about 3 posts.
 
Ok. Part 1


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-03-2020
Ran by cempa (administrator) on DESKTOP-GRI8B81 (Dell Inc. XPS 15 9570) (21-03-2020 12:42:16)
Running from C:\Users\cempa\Downloads
Loaded Profiles: cempa (Available Profiles: cempa)
Platform: Windows 10 Home Version 1903 18362.720 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\SoulseekQt\SoulseekQt.exe
(Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(Acronis International GmbH -> Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis International GmbH -> Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Acronis International GmbH -> Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Acronis International GmbH -> Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis International GmbH -> Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Audacity Team) [File not signed] C:\Program Files (x86)\Audacity\audacity.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\cempa\AppData\Roaming\uTorrent\helper\helper.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\cempa\AppData\Roaming\uTorrent\updates\3.5.5_45608\utorrentie.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\cempa\AppData\Roaming\uTorrent\updates\3.5.5_45608\utorrentie.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\cempa\AppData\Roaming\uTorrent\updates\3.5.5_45608\utorrentie.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\cempa\AppData\Roaming\uTorrent\uTorrent.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Dell Inc -> Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe
(Dell Inc -> Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe
(Dell Inc -> Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_31a8dbbf39dcdc3b\jhi_service.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127034.inf_amd64_67158b9e3d4a0df5\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Software Development Products -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_fd0b4b97d35097fa\aesm_service.exe
(Intel(R) Trust Services -> Intel(R) Corporation) C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_7e148e9c120d86df\lib\SocketHeciServer.exe
(KORG INC. -> KORG Inc.) C:\Program Files (x86)\KORG\KORG USB-MIDI Driver\EsHelper2.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20012.133.0_x64__8wekyb3d8bbwe\YourPhoneServer\YourPhoneServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows Hardware Compatibility Publisher -> Intel) C:\Windows\System32\cAVS\Intel(R) Audio Service\IntelAudioService.exe
(Microsoft Windows Hardware Compatibility Publisher -> Rivet Networks) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe
(Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(PACE Anti-Piracy, Inc. -> PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
(Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Stefan Weil -> hxxps://www.qemu.org) [File not signed] C:\Program Files\qemu\qemu-system-x86_64.exe
(Symantec Corporation -> PC Tools) C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\StartManSvc.exe
(Symantec Corporation -> Symantec Corporation) C:\Program Files\Norton Security\Engine\22.20.1.69\NortonSecurity.exe
(Symantec Corporation -> Symantec Corporation) C:\Program Files\Norton Security\Engine\22.20.1.69\NortonSecurity.exe
(Symantec Corporation -> Symantec Corporation) C:\Program Files\Norton Security\Engine\22.20.1.69\nsWscSvc.exe
(Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_c1bcca647735e1d9\WavesSysSvc64.exe
(Windscribe Limited -> Windscribe Limited) C:\Program Files (x86)\Windscribe\WindscribeService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [838648 2019-03-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\WINDOWS\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_c1bcca647735e1d9\WavesSvc64.exe [1222928 2018-03-29] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320584 2018-02-13] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [DellMobileConnectWelcome] => C:\Program Files\Dell\DellMobileConnectDrivers\DellMobileConnectWelcome.exe [127480 2017-11-06] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3022416 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [518424 2013-07-18] (Acronis International GmbH -> Acronis)
HKLM-x32\...\Run: [SSDMonitor] => C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\SSDMonitor.exe [106784 2019-03-03] (Symantec Corporation -> Symantec Corporation)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [7805824 2013-10-24] (Acronis International GmbH -> Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1102192 2013-10-10] (Acronis International GmbH -> Acronis International GmbH)
HKLM-x32\...\Run: [KORG USB-MIDI Driver] => C:\Program Files (x86)\KORG\KORG USB-MIDI Driver\EsHelper2.exe [391416 2019-07-17] (KORG INC. -> KORG Inc.)
HKU\S-1-5-21-1033751270-1591875615-2768219290-1002\...\Run: [Windscribe] => C:\Program Files (x86)\Windscribe\Windscribe.exe [10106544 2019-01-19] (Windscribe Limited -> Windscribe Limited)
HKU\S-1-5-21-1033751270-1591875615-2768219290-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03212020123016029\...\Run: [Windscribe] => C:\Program Files (x86)\Windscribe\Windscribe.exe [10106544 2019-01-19] (Windscribe Limited -> Windscribe Limited)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.149\Installer\chrmstp.exe [2020-03-19] (Google LLC -> Google LLC)
GroupPolicy: Restriction ? <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0AD8A701-DB83-44E4-89B2-D4145FB209B1} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24600440 2020-03-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {17B7C9D3-D3C3-492D-9708-07912089DDBD} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => sc.exe start ThunderboltService
Task: {1CD1BD68-9693-461A-8AC2-AFDF4E8492A5} - System32\Tasks\Norton Security\Norton Security Error Processor => C:\Program Files\Norton Security\Engine\22.20.1.69\SymErr.exe [116392 2020-01-21] (Symantec Corporation -> Symantec Corporation)
Task: {22C1783D-015E-4D56-A507-C9B11AB3023A} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3022416 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {25053183-809B-40CE-98F7-5F9AD04C0EB1} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\tbtsvc.exe [2302184 2018-01-26] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {27D5C85C-2A04-4DBF-AE57-1249D463BF38} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2E13A8E4-D603-4E14-B31D-A37B44676D74} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158544 2020-03-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {3F5F08BB-4A2F-4516-92D2-162B2FACB759} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158544 2020-03-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {3F92BA7A-4506-402F-A920-031FF87BD305} - System32\Tasks\NUAutoUpdate => C:\Program Files (x86)\Symantec\Norton Utilities 16\SULauncher.exe [988504 2019-03-03] (Symantec Corporation -> PC Tools)
Task: {526AD0D8-0535-4EF4-919F-0EA0424512CB} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24600440 2020-03-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {6C28B394-C338-4B3A-8DA3-656E2DE970D4} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913448 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {74C3333E-A450-4269-B8A9-8EDECC458643} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3310688 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7E817EB2-7E94-43AD-BA92-68559EB80F28} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7E906E6D-2037-4D34-95DA-272A3D9D0FE7} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1660520 2020-02-27] (Avast Software s.r.o. -> Avast Software)
Task: {8C418A23-D299-457F-9263-6C95C3A7B31B} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A672DBA8-21B5-4009-8240-3B35AF6DA00D} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226024 2018-01-26] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {A8E1D9B7-1D75-408B-9D01-D238AB2964E2} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe [1926304 2020-01-21] (Symantec Corporation -> Symantec Corporation)
Task: {B3CF1FC6-19F7-46CE-B5E9-66814E86D2D1} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226024 2018-01-26] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {B8AF3E7C-7401-4071-A15B-5CBDAF9335C9} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on switch user if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226024 2018-01-26] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {BB65D647-DF0E-4313-B286-72F4DCE8E5CB} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BFE9923E-B35F-4BB5-BEF4-3E419F1346A6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-05] (Google Inc -> Google Inc.)
Task: {C0F8C3AB-F354-4301-BC95-953463FCFC86} - System32\Tasks\Norton Security\Norton Security Autofix => C:\Program Files\Norton Security\Engine\22.20.1.69\SymErr.exe [116392 2020-01-21] (Symantec Corporation -> Symantec Corporation)
Task: {C31A47D9-8A6B-41AC-B2FB-F01892425946} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D26C8A18-DE6A-4251-A26F-2B329BB6F473} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security\Engine\22.20.1.69\WSCStub.exe [570824 2020-01-21] (Symantec Corporation -> Symantec Corporation)
Task: {DBD6943A-75CD-4ED7-8E25-15C6B96A9B22} - System32\Tasks\Norton Security\Norton Security Error Analyzer => C:\Program Files\Norton Security\Engine\22.20.1.69\SymErr.exe [116392 2020-01-21] (Symantec Corporation -> Symantec Corporation)
Task: {DD6FD3A7-0D0C-4C1E-86A9-355F7B05366F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-05] (Google Inc -> Google Inc.)
Task: {F7D92C0E-2A58-4E56-9BFA-79C5450E9FFA} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F8C01A07-4903-4B73-AF0E-14A90EB2BA30} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913448 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F95A18A2-4B6C-4A14-8F20-49D599557CDC} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [653864 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\NUAutoUpdate.job => C:\Program Files (x86)\Symantec\Norton Utilities 16\SULauncher.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 194.168.4.100 194.168.8.100
Tcpip\..\Interfaces\{3DA59414-4D8D-4650-A05E-ADAFBEAAF718}: [NameServer] 10.255.255.2
Tcpip\..\Interfaces\{65e16946-e6a9-46c9-907d-aa0331cc1021}: [DhcpNameServer] 194.168.4.100 194.168.8.100
Tcpip\..\Interfaces\{f8067ce3-814e-4b1e-a656-96f34bbba11a}: [DhcpNameServer] 194.168.4.100 194.168.8.100

Internet Explorer:
==================
HKU\S-1-5-21-1033751270-1591875615-2768219290-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell17win10.msn.com/?pc=DCTE
HKU\S-1-5-21-1033751270-1591875615-2768219290-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
HKU\S-1-5-21-1033751270-1591875615-2768219290-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03212020123016029\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell17win10.msn.com/?pc=DCTE
HKU\S-1-5-21-1033751270-1591875615-2768219290-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03212020123016029\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
BHO: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine\22.20.1.69\coIEPlg.dll [2020-01-21] (Symantec Corporation -> Symantec Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-02-14] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine32\22.20.1.69\coIEPlg.dll [2020-01-21] (Symantec Corporation -> Symantec Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine\22.20.1.69\coIEPlg.dll [2020-01-21] (Symantec Corporation -> Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine32\22.20.1.69\coIEPlg.dll [2020-01-21] (Symantec Corporation -> Symantec Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-03-07] (Microsoft Corporation -> Microsoft Corporation)

Edge:
======
Edge Notifications: HKU\S-1-5-21-1033751270-1591875615-2768219290-1002 -> hxxps://www.facebook.com

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-02-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-02-14] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR Profile: C:\Users\cempa\AppData\Local\Google\Chrome\User Data\Default [2020-03-21]
CHR Notifications: Default -> hxxps://mail.google.com; hxxps://www.cv-library.co.uk; hxxps://www.musicradar.com; hxxps://www.reddit.com; hxxps://www.techradar.com; hxxps://www.tuifly.be; hxxps://www.whats-on-netflix.com; hxxps://www.wordans.co.uk
CHR DefaultSearchURL: Default -> hxxps://nortonsafe.search.ask.com/web?omnisearch=yes&q={searchTerms}
CHR DefaultSearchKeyword: Default -> nortonsafe
CHR Extension: (Slides) - C:\Users\cempa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-03-05]
CHR Extension: (Docs) - C:\Users\cempa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-03-05]
CHR Extension: (Google Drive) - C:\Users\cempa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-03-05]
CHR Extension: (YouTube) - C:\Users\cempa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-03-05]
CHR Extension: (Norton Security Toolbar) - C:\Users\cempa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2019-04-11]
CHR Extension: (Norton Safe Search) - C:\Users\cempa\AppData\Local\Google\Chrome\User Data\Default\Extensions\eogpedgkejfmehnklhahflpmplhiceal [2020-03-17]
CHR Extension: (Sheets) - C:\Users\cempa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-03-05]
CHR Extension: (Google Docs Offline) - C:\Users\cempa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-03-17]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\cempa\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-03-21]
CHR Extension: (Windscribe - Free Proxy and Ad Blocker) - C:\Users\cempa\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnmpcagpplmpfojmgmnngilcnanddlhb [2020-02-01]
CHR Extension: (Chrome Web Store Payments) - C:\Users\cempa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\cempa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-01]
CHR Extension: (Chrome Media Router) - C:\Users\cempa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-03-20]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AESMService; C:\WINDOWS\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_fd0b4b97d35097fa\aesm_service.exe [716824 2019-09-22] (Intel(R) Software Development Products -> Intel Corporation)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3374160 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3103824 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AtherosSvc; C:\WINDOWS\System32\drivers\AdminService.exe [386976 2019-08-08] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11091224 2020-03-05] (Microsoft Corporation -> Microsoft Corporation)
S3 dcpm-notify; C:\Program Files\Dell\CommandPowerManager\NotifyService.exe [312864 2017-07-20] (Dell Inc -> Dell Inc.)
R2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [308424 2019-11-25] (Dell Inc -> Dell Inc.)
S3 Dell.CommandPowerManager.Service; C:\Windows\system32\dllhost.exe /Processid:{C465CFF0-2621-4FD3-A47D-A291A9A67523} [21304 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 Dell.CommandPowerManager.Service; C:\Windows\system32\dllhost.exe /Processid:{C465CFF0-2621-4FD3-A47D-A291A9A67523} [21304 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [36024 2020-02-14] (Dell Inc -> )
R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [237016 2018-03-27] (Dell Inc -> Dell Inc.)
S3 DiskDoctorService; C:\Program Files (x86)\Symantec\Norton Utilities 16\Tools\Disk Doctor\DiskDoctorSrv.exe [1168720 2019-03-03] (Symantec Corporation -> Symantec Corporation)
R2 esifsvc; C:\WINDOWS\System32\Intel\DPTF\esif_uf.exe [1646120 2018-02-08] (Intel(R) pGFX -> Intel Corporation)
S3 iaStorAfsService; C:\WINDOWS\IAStorAfsService\iaStorAfsService.exe [2593848 2018-02-22] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R3 Intel(R) Capability Licensing Service TCP IP Interface; C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_7e148e9c120d86df\lib\SocketHeciServer.exe [872416 2019-04-23] (Intel(R) Trust Services -> Intel(R) Corporation)
S2 Intel(R) TPM Provisioning Service; C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_7e148e9c120d86df\lib\TPMProvisioningService.exe [800224 2019-04-23] (Intel(R) Trust Services -> Intel(R) Corporation)
R2 IntelAudioService; C:\WINDOWS\system32\cAVS\Intel(R) Audio Service\IntelAudioService.exe [364256 2019-03-22] (Microsoft Windows Hardware Compatibility Publisher -> Intel)
R2 jhi_service; C:\WINDOWS\System32\DriverStore\FileRepository\dal.inf_amd64_31a8dbbf39dcdc3b\jhi_service.exe [647568 2019-04-30] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 Killer Network Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe [2318800 2018-02-09] (Microsoft Windows Hardware Compatibility Publisher -> Rivet Networks)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-03-21] (Malwarebytes Inc -> Malwarebytes)
R2 NortonSecurity; C:\Program Files\Norton Security\Engine\22.20.1.69\NortonSecurity.exe [227352 2020-01-21] (Symantec Corporation -> Symantec Corporation)
R2 nsWscSvc; C:\Program Files\Norton Security\Engine\22.20.1.69\nsWscSvc.exe [937528 2020-01-21] (Symantec Corporation -> Symantec Corporation)
R2 NU16StartManagerSvc; C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\StartManSvc.exe [799992 2019-03-03] (Symantec Corporation -> PC Tools)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
R2 QcomWlanSrv; C:\WINDOWS\System32\drivers\QcomWlanSrvx64.exe [191256 2019-01-28] (Qualcomm Atheros -> Qualcomm Technologies Inc.)
R2 RtkAudioUniversalService; C:\WINDOWS\System32\RtkAudUService64.exe [838648 2019-03-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
S3 SpeedDiskService; C:\Program Files (x86)\Symantec\Norton Utilities 16\Tools\SpeedDisk\SpeedDiskSrv.exe [1182640 2019-03-03] (Symantec Corporation -> Symantec Corporation)
S3 ThunderboltService; C:\Program Files (x86)\Intel\Thunderbolt Software\tbtsvc.exe [2302184 2018-01-26] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
R2 WavesSysSvc; C:\WINDOWS\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_c1bcca647735e1d9\WavesSysSvc64.exe [885008 2018-03-29] (Waves Inc -> Waves Audio Ltd.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-25] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-25] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WindscribeService; C:\Program Files (x86)\Windscribe\WindscribeService.exe [493232 2019-01-19] (Windscribe Limited -> Windscribe Limited)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 PaceLicenseDServices; "C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe" -u https://activation.paceap.com/InitiateActivation [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R1 BHDrvx64; C:\Program Files\Norton Security\NortonData\22.16.4.15\Definitions\BASHDefs\20200316.001\BHDrvx64.sys [1952136 2019-10-02] (Symantec Corporation -> Symantec Corporation)
R1 ccSet_NGC; C:\WINDOWS\System32\drivers\NGCx64\1614010.045\ccSetx64.sys [192376 2020-01-21] (Symantec Corporation -> Symantec Corporation)
R4 DBUtil_2_3; C:\WINDOWS\TEMP\DBUtil_2_3.Sys [14840 2020-03-20] (Dell Inc. -> )
S3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [36728 2019-05-21] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
S3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [41208 2017-12-14] (Techporch Incorporated -> Dell Computer Corporation)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [76696 2018-02-08] (Intel Corporation -> Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [70040 2018-02-08] (Intel Corporation -> Intel Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [516784 2019-10-09] (Symantec Corporation -> Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [154288 2019-10-10] (Symantec Corporation -> Symantec Corporation)
R3 esif_lf; C:\WINDOWS\System32\drivers\esif_lf.sys [399264 2018-02-08] (Intel Corporation -> Intel Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2020-03-21] (Malwarebytes Corporation -> Malwarebytes)
S3 ffusb2audio; C:\WINDOWS\system32\DRIVERS\ffusb2audio.sys [127280 2014-03-17] (Focusrite Audio Engineering Limited -> Focusrite Audio Engineering Limited.)
S3 FocusriteUSB; C:\WINDOWS\System32\drivers\FocusriteUSB.sys [122928 2019-05-09] (WDKTestCert builds,131886954661028733 -> Focusrite Audio Engineering Ltd.)
R3 FocusriteUSBSwRoot; C:\WINDOWS\System32\drivers\FocusriteUSBSwRoot.sys [100792 2019-05-09] (WDKTestCert builds,131886954661028733 -> Focusrite Audio Engineering Ltd.)
S3 FocusriteUSB_AUDIO; C:\WINDOWS\system32\drivers\FocusriteUSBAudio.sys [63200 2019-05-09] (WDKTestCert builds,131886954661028733 -> Focusrite Audio Engineering Ltd.)
S3 FocusriteUSB_MIDI; C:\WINDOWS\system32\drivers\FocusriteUSBMidi.sys [49792 2019-05-09] (WDKTestCert builds,131886954661028733 -> Focusrite Audio Engineering Ltd.)
S3 HfAudio; C:\WINDOWS\System32\drivers\HfAudio.sys [65008 2018-06-26] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
R3 HidEventFilter; C:\WINDOWS\System32\drivers\HidEventFilter.sys [85032 2017-12-13] (Intel(R) Software -> Intel Corporation)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [218336 2017-10-10] (McAfee, Inc. -> McAfee, Inc.)
S3 iaLPSS2_GPIO2; C:\WINDOWS\System32\drivers\iaLPSS2_GPIO2.sys [123544 2017-10-16] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R0 iaStorAC; C:\WINDOWS\System32\drivers\iaStorAC.sys [942128 2018-02-22] (Intel(R) Rapid Storage Technology -> Intel Corporation)
S3 iaStorAfs; C:\WINDOWS\System32\drivers\iaStorAfs.sys [72248 2018-02-22] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R1 IDSVia64; C:\Program Files\Norton Security\NortonData\22.16.4.15\Definitions\IPSDefs\20200320.061\IDSvia64.sys [1451016 2019-08-06] (Symantec Corporation -> Symantec Corporation)
R3 IntcAudioBus; C:\WINDOWS\System32\drivers\IntcAudioBus.sys [299176 2019-03-22] (Smart Sound Technology -> Intel(R) Corporation)
R3 IntcOED; C:\WINDOWS\System32\drivers\IntcOED.sys [1168040 2019-03-22] (Smart Sound Technology -> Intel(R) Corporation)
S3 KORGUMDS; C:\WINDOWS\System32\Drivers\KORGUM64.SYS [43440 2019-07-17] (KORG INC. -> KORG INC.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [214496 2020-03-21] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2020-03-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [195432 2020-03-21] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73584 2020-03-21] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-03-21] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [119960 2020-03-21] (Malwarebytes Inc -> Malwarebytes)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvdmi.inf_amd64_78debb6bbbccbb36\nvlddmkm.sys [22377352 2019-09-27] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-07-23] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [75600 2019-08-23] (NVIDIA Corporation -> NVIDIA Corporation)
R3 Qcamain10x64; C:\WINDOWS\System32\drivers\Qcamain10x64.sys [2369816 2019-01-28] (Qualcomm Atheros -> Qualcomm Atheros, Inc.)
R2 RfeCoSvc; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\RfeCo10X64.sys [132808 2018-02-09] (Rivet Networks LLC -> Rivet Networks, LLC.)
R3 RTSPER; C:\WINDOWS\System32\drivers\RtsPer.sys [864704 2017-10-31] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
S3 ScrHIDDriver; C:\WINDOWS\System32\drivers\ScrHIDDriver.sys [58864 2018-06-26] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
R1 SRTSP; C:\WINDOWS\System32\drivers\NGCx64\1614010.045\SRTSP64.SYS [889520 2020-01-21] (Symantec Corporation -> Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\System32\drivers\NGCx64\1614010.045\SRTSPX64.SYS [50864 2020-01-21] (Symantec Corporation -> Symantec Corporation)
R3 ST_Accel; C:\WINDOWS\System32\drivers\ST_Accel.sys [134264 2017-11-22] ("STMicroelectronics Srl" -> STMicroelectronics)
R0 SymEFASI; C:\WINDOWS\System32\drivers\NGCx64\1614010.045\SYMEFASI64.SYS [1964200 2020-01-21] (Symantec Corporation -> Symantec Corporation)
S0 SymELAM; C:\WINDOWS\System32\drivers\NGCx64\1614010.045\SymELAM.sys [25744 2020-01-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [100064 2019-03-21] (Symantec Corporation -> Symantec Corporation)
R3 SymEvnt; C:\Program Files\Norton Security\NortonData\22.16.4.15\SymPlatform\SymEvnt.sys [712368 2020-01-14] (Symantec Corporation -> Symantec Corporation)
R1 SymIRON; C:\WINDOWS\System32\drivers\NGCx64\1614010.045\Ironx64.SYS [316656 2020-01-21] (Symantec Corporation -> Symantec Corporation)
R1 SymNetS; C:\WINDOWS\System32\drivers\NGCx64\1614010.045\symnets.sys [573448 2020-01-21] (Symantec Corporation -> Symantec Corporation)
R3 tapwindscribe0901; C:\WINDOWS\System32\drivers\tapwindscribe0901.sys [54896 2018-07-06] (Windscribe Limited -> The OpenVPN Project)
R0 tib; C:\WINDOWS\System32\DRIVERS\tib.sys [1120032 2019-10-25] (Acronis International GmbH -> Acronis International GmbH)
R0 tib_mounter; C:\WINDOWS\System32\DRIVERS\tib_mounter.sys [198432 2019-10-25] (Acronis International GmbH -> Acronis International GmbH)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2019-12-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2019-12-25] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-25] (Microsoft Windows -> Microsoft Corporation)
S3 wpCtrlDrv_NGC; C:\WINDOWS\System32\drivers\NGCx64\1614010.045\wpCtrlDrv.sys [1012120 2020-01-21] (Symantec Corporation -> Symantec Corporation)
 
==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-03-21 12:42 - 2020-03-21 12:42 - 000047707 _____ C:\Users\cempa\Downloads\FRST.txt
2020-03-21 12:37 - 2020-03-21 12:42 - 000000000 ____D C:\FRST
2020-03-21 12:37 - 2020-03-21 12:37 - 002279936 _____ (Farbar) C:\Users\cempa\Downloads\FRST64.exe
2020-03-21 12:37 - 2020-03-21 12:37 - 000000000 ____D C:\Users\cempa\Downloads\FRST-OlderVersion
2020-03-21 12:24 - 2020-03-21 12:32 - 000000000 ____D C:\Users\cempa\AppData\LocalLow\IGDump
2020-03-21 12:24 - 2020-03-21 12:24 - 000195432 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2020-03-21 12:24 - 2020-03-21 12:24 - 000119960 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2020-03-21 12:24 - 2020-03-21 12:24 - 000073584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2020-03-21 12:21 - 2020-03-21 12:21 - 000000000 ____D C:\Users\cempa\AppData\Local\mbam
2020-03-21 12:20 - 2020-03-21 12:20 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-03-21 12:20 - 2020-03-21 12:20 - 000214496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-03-21 12:20 - 2020-03-21 12:20 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-03-21 12:20 - 2020-03-21 12:20 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-03-21 12:20 - 2020-03-21 12:20 - 000002031 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-03-21 12:20 - 2020-03-21 12:20 - 000002031 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-03-21 12:20 - 2020-03-21 12:20 - 000000000 ____D C:\Users\cempa\AppData\Local\mbamtray
2020-03-21 12:20 - 2020-03-21 12:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2020-03-21 12:20 - 2020-03-21 12:20 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-03-21 12:20 - 2020-03-21 12:20 - 000000000 ____D C:\Program Files\Malwarebytes
2020-03-21 12:19 - 2020-03-21 12:19 - 001957784 _____ (Malwarebytes) C:\Users\cempa\Downloads\MBSetup.exe
2020-03-21 11:02 - 2020-03-21 11:04 - 000000000 ____D C:\Users\cempa\AppData\Local\NPE
2020-03-20 22:26 - 2020-03-21 11:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\u-he
2020-03-20 22:21 - 2020-03-20 22:21 - 000000000 ___RD C:\ProgramData\u-he
2020-03-20 22:19 - 2020-03-21 12:35 - 000000000 ___HD C:\Program Files\qemu
2020-03-20 22:19 - 2020-03-21 00:09 - 000000000 ____D C:\Program Files (x86)\App Deploy
2020-03-20 22:19 - 2019-09-25 21:23 - 000187392 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\IntelHaxm.sys
2020-03-20 18:49 - 2020-03-20 18:49 - 000000000 ____D C:\WINDOWS\system32\Tasks\Remediation
2020-03-20 17:35 - 2020-03-20 17:35 - 000000000 ____D C:\WINDOWS\Panther
2020-03-16 15:43 - 2020-03-16 15:43 - 000003518 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2020-03-14 12:49 - 2020-03-14 12:49 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 019812352 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 018027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 011607552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 009711616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 006285312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 005911040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 004129648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 003819520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 003488768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 003243296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 002956688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-03-14 12:49 - 2020-03-14 12:49 - 002494744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 002315680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 002072664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 001867816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 001835128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 001770552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 001555904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 001490640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 001417976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 001282944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 001108040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 001080832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 001012792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 000952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 000757632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 000604160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbc32.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 000287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacEncoder.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 000239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacEncoder.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 025900544 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 022635008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 019850240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 009930552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 007905784 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 007755776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 007604584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 007263992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 007259648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 006520776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 006436352 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 006168064 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 006084344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 005764664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 005112832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 005040640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 004898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 004855808 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 004622280 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 004580352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 004563416 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 004538880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 004471296 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 004348408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 004140544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 004048896 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 003971808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 003799552 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 003728896 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 003708928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 003587896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 003552768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 003371720 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 003260928 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 003143168 _____ (Microsoft Corporation) C:\WINDOWS\system32\directml.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 002986808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 002875904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 002870272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 002808832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 002773568 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 002768440 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-03-14 12:48 - 2020-03-14 12:48 - 002740736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directml.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 002715648 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 002698040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 002584008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 002522112 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 002474496 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 002453504 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 002307584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 002289152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 002259872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 002224952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 002180408 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 002157056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 002087376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 002031104 _____ C:\WINDOWS\system32\rdpnano.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 002021888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001999952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001985104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001972536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 001885184 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001823232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001764336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001762304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001757304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-03-14 12:48 - 2020-03-14 12:48 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001743888 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001729024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001688064 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001684992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001665416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001657120 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001647072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001609216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001581056 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001513040 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 001484600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001482040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 001481216 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpsharercom.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001480192 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001428992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 001413632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001412096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001398584 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 001396152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001394168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001366128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-03-14 12:48 - 2020-03-14 12:48 - 001354080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001284096 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001283600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2020-03-14 12:48 - 2020-03-14 12:48 - 001273856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001264128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpsharercom.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001260480 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001218632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 001214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001190912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001182448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 001180160 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001153024 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowsperformancerecordercontrol.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 001097728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001092096 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001088000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001077048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 001071184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001054376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001031680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001027000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001007672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001000960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\refsutil.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000983896 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000980320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000974848 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000945384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000935040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000929144 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000921088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000915296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000914944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000908504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000898048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000892696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000883712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000878080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000877232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowsperformancerecordercontrol.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000851968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000833616 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000802304 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000796904 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000783480 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000782848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000776488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000769552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000749568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000748032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000741392 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000734720 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpksetup.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000732000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000710144 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbc32.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000680184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000669496 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000668296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000661816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000649728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000642216 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000637240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000636848 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxs.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000627216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000613888 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000605896 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000561464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000551824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxs.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2020-03-14 12:48 - 2020-03-14 12:48 - 000535552 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000531768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2020-03-14 12:48 - 2020-03-14 12:48 - 000526848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000522384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000518656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000510768 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprdim.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000478792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-03-14 12:48 - 2020-03-14 12:48 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000459688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000457016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountExtension.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000429880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2020-03-14 12:48 - 2020-03-14 12:48 - 000403456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprdim.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000382976 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000355000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000353960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Acx01000.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000320312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000309248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000306696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000287232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcomapi.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountCloudAP.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnservice.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\netman.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000260920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000251392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000250896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000248064 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000234984 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\TetheringMgr.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthA2dp.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000224056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000222520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ataport.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000221200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000213984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000210744 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000208696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndiswan.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000201744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000201528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000199992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000199480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000193592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000183608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000180232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtm.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAuto.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000174392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeHelper.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000166400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000165504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000164776 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtm.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000151568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000146712 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceUpdateAgent.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\GraphicsCapture.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAuto.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000141840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceMetadataRetrievalClient.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\TelephonyInteractiveUser.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnpclean.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000136328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\omadmapi.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NdisImPlatform.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000133944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000133256 _____ (Microsoft Corporation) C:\WINDOWS\system32\profapi.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000131896 _____ (Microsoft Corporation) C:\WINDOWS\system32\DTUHandler.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000130112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000128312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000120560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000120048 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
 
2020-03-14 12:48 - 2020-03-14 12:48 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Taskbar.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000107832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GraphicsCapture.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000105832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3msm.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000102760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profapi.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2020-03-14 12:48 - 2020-03-14 12:48 - 000098104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000097080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3api.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000089616 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000089568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3api.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3msm.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpremove.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\monitor.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000068408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceReactivation.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000067112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000066336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlrmdr.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManMigrationPlugin.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000063288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmRes.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmRes.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstUI.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\udhisapi.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000056632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pciidex.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAProfileNotificationHandler.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmapi.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000048256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbs.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmprovhost.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\cellulardatacapabilityhandler.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000042336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbs.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000042296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnpcont.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afunix.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmtask.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmprovhost.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthMini.SYS
2020-03-14 12:48 - 2020-03-14 12:48 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxstrace.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnpcont.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAgent.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000032056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000030008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\atapi.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000029712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tbs.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxstrace.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Drivers\afunix.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000028936 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmbuspipe.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAgent.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilotdiag.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wci.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msauserext.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000019984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelide.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000019768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpnotify.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msauserext.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000016912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pciide.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\MUILanguageCleanup.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmplpxy.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\LangCleanupSysprepAction.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\pacjsworker.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmplpxy.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchTM.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtprio.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchTM.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpksetupproxyserv.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtprio.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCertResources.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCertResources.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tier2punctuations.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\TelephonyInteractiveUserRes.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-03-14 12:48 - 2020-03-14 12:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-03-14 12:48 - 2020-03-14 12:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-03-14 12:48 - 2020-03-14 12:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-03-14 12:48 - 2020-03-14 12:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-03-14 12:48 - 2020-03-14 12:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-03-14 12:48 - 2020-03-14 12:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-03-14 12:48 - 2020-03-14 12:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-03-14 12:48 - 2020-03-14 12:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-03-14 12:48 - 2020-03-14 12:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-03-14 12:48 - 2020-03-14 12:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-03-14 12:48 - 2020-03-14 12:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-03-14 12:36 - 2020-02-11 04:48 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-03-14 12:36 - 2020-02-11 04:37 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-03-04 10:20 - 2020-03-04 10:20 - 001795592 _____ C:\Users\cempa\Downloads\video-1583154651.mp4
2020-03-03 15:14 - 2020-03-03 15:14 - 000000000 ____D C:\WINDOWS\{6567E9E7-5D48-4B5D-BEFF-1F8AD76846E1}
2020-03-03 11:19 - 2020-03-03 11:19 - 000000737 _____ C:\Users\cempa\Desktop\rekordbox 5.lnk
2020-02-27 02:03 - 2020-02-27 02:03 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1033751270-1591875615-2768219290-1002
2020-02-27 02:03 - 2020-02-27 02:03 - 000002369 _____ C:\Users\cempa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-02-23 14:40 - 2020-02-23 14:40 - 001842570 _____ C:\Users\cempa\Downloads\video-1582401736.mp4
2020-02-23 14:40 - 2020-02-23 14:40 - 001366493 _____ C:\Users\cempa\Downloads\video-1582401774.mp4
2020-02-21 05:56 - 2020-02-21 05:56 - 000171008 _____ (Pioneer DJ Corporation.) C:\WINDOWS\system32\Pioneer_MIX_ASIO_x64.dll

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-03-21 12:42 - 2019-05-09 17:42 - 000000000 ____D C:\Users\cempa\AppData\Roaming\uTorrent
2020-03-21 12:25 - 2018-06-26 00:11 - 000000000 ____D C:\ProgramData\NVIDIA
2020-03-21 12:23 - 2019-05-15 11:16 - 000000000 ____D C:\Users\cempa\AppData\Roaming\audacity
2020-03-21 12:21 - 2019-10-17 10:35 - 000000000 ____D C:\Users\cempa\AppData\Local\cache
2020-03-21 12:20 - 2019-03-19 04:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-03-21 11:59 - 2019-03-19 04:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-03-21 11:14 - 2019-03-03 11:21 - 000000000 ____D C:\ProgramData\TEMP
2020-03-21 11:13 - 2019-03-02 21:12 - 000000000 ____D C:\Program Files (x86)\Dell Update
2020-03-21 11:13 - 2018-06-26 00:13 - 000000000 ____D C:\Program Files (x86)\Dell Digital Delivery
2020-03-21 10:56 - 2019-10-01 13:59 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-03-21 00:08 - 2019-03-15 17:36 - 000000000 ____D C:\Users\cempa\AppData\Roaming\PioneerLog
2020-03-20 22:21 - 2019-03-07 16:51 - 000000000 ____D C:\Program Files\Common Files\VST3
2020-03-20 22:19 - 2018-06-26 00:07 - 000000000 ____D C:\Program Files\Intel
2020-03-20 21:48 - 2019-07-03 22:29 - 000000000 ____D C:\Users\cempa\AppData\Roaming\vlc
2020-03-20 21:07 - 2019-10-01 14:13 - 000003420 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-03-20 21:06 - 2019-10-01 14:13 - 000003296 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-03-20 19:02 - 2019-10-01 14:16 - 000842668 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-03-20 19:02 - 2019-03-19 04:50 - 000000000 ____D C:\WINDOWS\INF
2020-03-20 18:04 - 2020-02-17 12:46 - 000000000 ____D C:\WINDOWS\system32\Tasks\Norton Security
2020-03-20 17:37 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\Registration
2020-03-20 17:35 - 2019-10-01 14:13 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-03-20 17:35 - 2019-10-01 14:02 - 000000000 ____D C:\Users\cempa
2020-03-20 17:35 - 2019-06-23 23:44 - 000000000 ____D C:\Users\cempa\AppData\Local\BitTorrentHelper
2020-03-20 17:35 - 2019-05-09 17:43 - 000000000 ____D C:\Users\cempa\AppData\LocalLow\uTorrent
2020-03-20 17:35 - 2018-06-26 00:09 - 000000000 ____D C:\ProgramData\Goodix
2020-03-20 15:23 - 2019-03-02 21:12 - 000000000 ____D C:\Users\cempa\AppData\Local\CrashDumps
2020-03-20 14:42 - 2019-06-23 23:44 - 000000000 ___RD C:\Users\cempa\Documents\FILMS
2020-03-20 14:33 - 2019-05-13 17:28 - 000000000 ____D C:\ProgramData\Adobe
2020-03-20 14:33 - 2019-03-02 20:57 - 000000000 ____D C:\Users\cempa\AppData\Roaming\Adobe
2020-03-20 13:40 - 2019-03-18 13:11 - 000000000 ____D C:\Users\cempa\AppData\Local\D3DSCache
2020-03-20 13:01 - 2019-10-03 09:41 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-03-20 13:01 - 2019-10-03 09:41 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2020-03-19 20:02 - 2019-03-05 11:15 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-03-19 20:02 - 2019-03-05 11:15 - 000002264 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-03-19 20:02 - 2019-03-05 11:15 - 000002264 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-03-19 13:05 - 2019-03-19 04:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-03-19 13:05 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-03-18 18:14 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-03-17 12:28 - 2019-10-01 13:59 - 000440104 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-03-17 12:28 - 2019-03-19 04:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2020-03-17 12:28 - 2019-03-07 11:38 - 000000000 ____D C:\ProgramData\PACE
2020-03-17 12:28 - 2019-03-02 20:57 - 000000000 ___RD C:\Users\cempa\3D Objects
2020-03-17 12:28 - 2018-06-26 00:13 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-03-17 12:27 - 2019-03-19 04:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2020-03-17 12:27 - 2019-03-19 04:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-03-17 12:27 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2020-03-17 12:27 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-03-17 12:27 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-03-17 12:27 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2020-03-17 12:27 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\system32\setup
2020-03-17 12:27 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-03-17 12:27 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-03-17 12:27 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-03-17 12:27 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-03-17 12:27 - 2019-03-19 04:52 - 000000000 ____D C:\Program Files\Windows Defender
2020-03-17 12:27 - 2019-03-19 04:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-03-17 12:27 - 2019-03-19 04:37 - 000000000 ____D C:\WINDOWS\servicing
2020-03-16 23:02 - 2019-03-19 04:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-03-16 23:01 - 2020-02-04 14:10 - 000000000 ____D C:\Program Files\Microsoft Office
2020-03-16 15:11 - 2019-10-02 13:52 - 000000000 ____D C:\WINDOWS\Minidump
2020-03-16 15:05 - 2019-03-05 12:20 - 000000000 ____D C:\Users\cempa\Documents\Max 8
2020-03-14 12:56 - 2019-03-02 14:12 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-03-14 12:53 - 2019-03-19 04:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-03-14 12:53 - 2019-03-02 14:12 - 121542864 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-03-08 15:27 - 2019-04-25 13:07 - 000000000 ____D C:\Users\cempa\Documents\Tickets
2020-03-06 17:48 - 2019-03-15 17:36 - 000000000 ____D C:\Users\cempa\Documents\rekordbox
2020-03-03 11:19 - 2019-03-15 17:36 - 000000000 ____D C:\Users\cempa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pioneer
2020-03-03 11:18 - 2019-03-15 17:35 - 000000000 ____D C:\Program Files\Pioneer
2020-03-02 17:42 - 2019-03-02 20:57 - 000000000 ____D C:\Users\cempa\AppData\Local\Packages
2020-02-28 14:30 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-02-27 02:03 - 2019-03-02 20:59 - 000000000 ___RD C:\Users\cempa\OneDrive
2020-02-26 14:26 - 2019-03-02 15:29 - 000000000 ____D C:\Users\cempa\AppData\Roaming\Ableton
2020-02-26 13:47 - 2019-03-07 09:39 - 000000000 ____D C:\Users\cempa\AppData\Local\ElevatedDiagnostics
2020-02-26 13:35 - 2019-03-02 15:26 - 000000000 ____D C:\ProgramData\Ableton
2020-02-22 12:29 - 2020-02-17 12:41 - 000002410 _____ C:\Users\Public\Desktop\Norton Security.lnk
2020-02-22 12:29 - 2020-02-17 12:41 - 000002410 _____ C:\ProgramData\Desktop\Norton Security.lnk
2020-02-22 12:29 - 2020-02-17 12:41 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2020-02-21 21:20 - 2019-03-02 21:12 - 000000000 ____D C:\Users\cempa\AppData\Local\Comms

==================== Files in the root of some directories ========

2019-05-15 00:07 - 2019-05-15 00:07 - 000000000 _____ () C:\Users\cempa\AppData\Local\oobelibMkey.log

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-03-2020
Ran by cempa (21-03-2020 12:43:14)
Running from C:\Users\cempa\Downloads
Windows 10 Home Version 1903 18362.720 (X64) (2019-10-01 14:13:35)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1033751270-1591875615-2768219290-500 - Administrator - Disabled)
cempa (S-1-5-21-1033751270-1591875615-2768219290-1002 - Administrator - Enabled) => C:\Users\cempa
DefaultAccount (S-1-5-21-1033751270-1591875615-2768219290-503 - Limited - Disabled)
Guest (S-1-5-21-1033751270-1591875615-2768219290-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1033751270-1591875615-2768219290-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton Security (Enabled - Up to date) {1122B19A-E671-38EC-8EAC-87048FD4528D}
AV: Norton Security (Enabled - Up to date) {A2708B76-6835-6565-CB96-694212954A75}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
FW: Norton Security (Enabled) {9A4B0A53-225A-643D-E0C9-C077EC460D0E}
FW: Norton Security (Enabled) {291930BF-AC1E-39B4-A5F3-2E31710715F6}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1033751270-1591875615-2768219290-1002\...\uTorrent) (Version: 3.5.5.45608 - BitTorrent Inc.)
µTorrent (HKU\S-1-5-21-1033751270-1591875615-2768219290-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03212020123016029\...\uTorrent) (Version: 3.5.5.45608 - BitTorrent Inc.)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Ableton Live 10 Suite (HKLM\...\{BF5B0440-80C4-4F3B-B0FD-AB43B2CC106D}) (Version: 10.0.0.0 - Ableton)
Acronis True Image 2014 (HKLM-x32\...\{4A79A394-835A-49D7-8662-60643872DFF6}) (Version: 17.0.6614 - Acronis) Hidden
Acronis True Image 2014 (HKLM-x32\...\{4A79A394-835A-49D7-8662-60643872DFF6}Visible) (Version: 17.0.6614 - Acronis)
Arturia Piano V2 (HKLM\...\Piano V2_is1) (Version: 2.4.1.2810 - Arturia & Team V.R)
Arturia Synths Collection (HKLM\...\Arturia Synths Collection_is1) (Version: 2019.5 - Arturia & Team V.R)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.51.1 - Asmedia Technology)
Audacity 2.3.2 (HKLM-x32\...\Audacity_is1) (Version: 2.3.2 - Audacity Team)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Camel Audio CamelCrusher64 (HKLM-x32\...\Camel Audio CamelCrusher64) (Version: 1.01.0 - Camel Audio)
Dell Command | Power Manager (HKLM\...\{DDDAF4A7-8B7D-4088-AECC-6F50E594B4F5}) (Version: 2.2.0 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{A9758B6E-19FC-4DB4-A031-AFE6C2327A35}) (Version: 3.5.1004.0 - Dell Products, LP)
Dell Mobile Connect Drivers (HKLM\...\{AAB336F0-6FC6-4BFE-AD7E-315FCDF20156}) (Version: 1.1.3750 - Screenovate Technologies Ltd.)
Dell Power Manager Service (HKLM\...\{18469ED8-8C36-4CF7-BD43-0FC9B1931AF8}) (Version: 3.0.0 - Dell Inc.)
Dell SupportAssist Remediation (HKLM\...\{52564BB9-17C5-425E-ABEC-1DC2736AA775}) (Version: 5.0.1.10874 - Dell Inc.) Hidden
Dell SupportAssist Remediation (HKLM-x32\...\{cd039b79-e779-4a8e-b9cd-25fac5b640cc}) (Version: 5.0.1.10874 - Dell Inc.)
Dell Update - SupportAssist Update Plugin (HKLM\...\{6DE68941-66DE-48DE-9C80-FE60C9DE0AD4}) (Version: 4.0.1.5857 - Dell Inc.) Hidden
Dell Update - SupportAssist Update Plugin (HKLM-x32\...\{1dbe752f-b00e-4567-9276-141812b20d28}) (Version: 4.0.1.5857 - Dell Inc.)
Dell Update (HKLM-x32\...\{5EBBC1DA-975F-44A0-B438-F325BCD45577}) (Version: 3.1.1 - Dell Inc.)
DSC/AA Factory Installer (HKLM\...\{F7A70D00-F283-45C8-B163-49EC365D7E27}) (Version: 2.0.6875.402 - PC-Doctor, Inc.) Hidden
Focusrite USB 4.62.1.504 (HKLM\...\Focusrite USB_is1) (Version: 4.62.1.504 - Focusrite Audio Engineering, Ltd.)
Goodix Fingerprint Driver (HKLM\...\{60FAB781-18F2-4D2B-A8E7-B3AADD327955}_is1) (Version: 2.1.32.200 - Goodix, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.149 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Intel(R) C++ Redistributables on IA-32 (HKLM-x32\...\{317059CB-7642-4F2E-89C0-62E69D4074B7}) (Version: 15.0.148 - Intel Corporation)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{2DD3C090-2986-4970-B3CB-87BB4C8AC4A5}) (Version: 15.0.148 - Intel Corporation)
Intel(R) Chipset Device Software (HKLM-x32\...\{55d73ea7-6354-42db-8831-02d048ae57f8}) (Version: 10.1.17541.8066 - Intel(R) Corporation) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.4.10500.5526 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1813.12.0.1121 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 23.20.16.4973 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.0.2.1086 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.48.197.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{66129f84-d3f0-4884-ac54-369ae6fc2cf6}) (Version: 1.48.197.0 - Intel Corporation) Hidden
Intel® Hardware Accelerated Execution Manager (HKLM\...\{754CC9DC-3DB4-4FB2-B71E-87331DB9EA17}) (Version: 7.5.4 - Intel Corporation)
JBridge (HKLM-x32\...\JBridge) (Version: - JBridge)
Killer Performance Driver Suite (HKLM\...\{BEE96141-B024-4540-B476-E6FDE243538C}) (Version: 1.6.1851 - Rivet Networks)
KORG USB-MIDI Driver Tools for Windows 10 (HKLM-x32\...\{C7B06DB0-64A6-436E-B473-0E0EECC5E174}) (Version: 1.15.3102 - Korg Inc.)
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
Max 8 (64-bit) (HKLM\...\{28016622-B906-4DC3-A0DF-855543105284}) (Version: 8.1.2 - Cycling '74)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.12527.20278 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1033751270-1591875615-2768219290-1002\...\OneDriveSetup.exe) (Version: 19.232.1124.0008 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1033751270-1591875615-2768219290-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03212020123016029\...\OneDriveSetup.exe) (Version: 19.232.1124.0008 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27027 (HKLM-x32\...\{fd9b6070-d13e-45dc-819b-41806bf45b6b}) (Version: 14.16.27027.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27027 (HKLM-x32\...\{39e28474-b67b-4209-af1b-e9ad0a83d8ca}) (Version: 14.16.27027.1 - Microsoft Corporation)
Native Instruments Native Access (HKLM-x32\...\Native Instruments Native Access) (Version: 1.12.1.129 - Native Instruments)
Native Instruments Reaktor 6 (HKLM-x32\...\Native Instruments Reaktor 6) (Version: 6.1.1.35 - Native Instruments)
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: 2.6.0.137 - Native Instruments)
Norton Security (HKLM-x32\...\NGC) (Version: 22.20.1.69 - Symantec Corporation)
Norton Utilities 16 (HKLM-x32\...\Norton Utilities 16_is1) (Version: 16.0 - Symantec Corporation)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.0.118 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.0.118 - NVIDIA Corporation)
NVIDIA Graphics Driver 436.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 436.48 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.12527.20278 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.12527.20242 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.12527.20278 - Microsoft Corporation) Hidden
PACE License Support Win64 (HKLM\...\{52F54766-2321-4841-A523-CA0C8261E26D}) (Version: 5.0.3.2569 - PACE Anti-Piracy, Inc.) Hidden
PACE License Support Win64 (HKLM-x32\...\InstallShield_{52F54766-2321-4841-A523-CA0C8261E26D}) (Version: 5.0.3.2569 - PACE Anti-Piracy, Inc.)
Pioneer DJ DDJ_SB2 Driver (HKLM-x32\...\Pioneer DJ DDJ_SB2 ASIO) (Version: 1.100.000.002 - Pioneer DJ Corporation.)
Pioneer MIX 64bit Driver (HKLM\...\Pioneer MIX) (Version: 5.8.4.0006 - Pioneer DJ Corporation.)
Plugin Boutique Scaler (HKLM\...\Scaler_is1) (Version: 1.8.1 - Plugin Boutique)
Qualcomm Atheros Bluetooth Installer (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.448 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8428 - Realtek Semiconductor Corp.)
rekordbox 5.6.0 64bit (HKLM\...\Pioneer rekordbox 5.6.0) (Version: 5.6.0.0017 - Pioneer DJ)
rekordbox 5.6.1 64bit (HKLM\...\Pioneer rekordbox 5.6.1) (Version: 5.6.1.0026 - Pioneer DJ)
rekordbox 5.7.0 64bit (HKLM\...\Pioneer rekordbox 5.7.0) (Version: 5.7.0.0014 - Pioneer DJ)
rekordbox 5.8.4 64bit (HKLM\...\Pioneer rekordbox 5.8.4) (Version: 5.8.4.0006 - Pioneer DJ)
Roland VS JV-1080 (HKLM\...\JV-1080_is1) (Version: 1.0.5 - Roland VS)
Serato DJ Lite (HKLM\...\{25923430-DC2B-4837-9CCA-009915F4A679}) (Version: 1.1.2.2266 - Serato Limited) Hidden
Serato DJ Lite (HKLM-x32\...\{2f4c8b3f-67a9-45a7-800e-976eeb84969c}) (Version: 1.1.2.2266 - Serato Limited)
SoulseekQt version 2017.2.20 (HKLM-x32\...\{8A4E1646-488C-4E5B-AC31-F784400E8D2D}_is1) (Version: 2017.2.20 - Soulseek LLC)
Soundtoys Sie-Q 5 64 bit (HKLM\...\Sie-Q 5 64 bit_is1) (Version: - Soundtoys Inc)
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.10.0091 - ST Microelectronics)
Thunderbolt™ Software (HKLM-x32\...\{6ECDE40C-4023-419A-8A4E-50FB71275876}) (Version: 17.3.73.350 - Intel Corporation)
u-he synth bundle (HKLM\...\u-he synth bundle_is1) (Version: 2020.01 - Urs Heckmann & Team V.R)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{344F3227-F502-4219-9DC4-1967E586FAFA}) (Version: 2.51.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.7.1 - VideoLAN)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-2) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-3) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-4) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-5) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Waves Central 10.0.1.3 (HKLM-x32\...\{94000200-C561-4E32-99EB-3C5AD3683A70}_is1) (Version: 10.0.1 - Waves, Inc.)
Windscribe (HKLM-x32\...\{fa690e90-ddb0-4f0c-b3f1-136c084e5fc7}_is1) (Version: 1.83 Build 20 - Windscribe Limited)

Packages:
=========
Dell Customer Connect -> C:\Program Files\WindowsApps\DellInc.DellCustomerConnect_5.2.25.0_x64__htrsf667h5kn2 [2020-03-04] (Dell Inc)
Dell Free Fall Data Protection -> C:\Program Files\WindowsApps\STMicroelectronicsMEMS.DellFreeFallDataProtection_1.0.10.0_x64__rp6h1c31mfy1y [2019-07-09] (STMICROELECTRONICS S.R.L.)
Dell Help & Support -> C:\Program Files\WindowsApps\DellInc.DellHelpSupport_3.2.1.0_x64__htrsf667h5kn2 [2018-06-26] (Dell Inc)
Dell Mobile Connect -> C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_2.0.8168.0_x64__0vhbc3ng4wbp0 [2019-04-30] (Screenovate Technologies) [Startup Task]
Dell Power Manager -> C:\Program Files\WindowsApps\DellInc.DellPowerManager_3.6.12.0_x64__htrsf667h5kn2 [2020-02-05] (Dell Inc)
Dell PremierColor -> C:\Program Files\WindowsApps\PortraitDisplays.DellPremierColor_5.1.2.0_x64__2dgmkzkw4h30c [2020-02-09] (Portrait Displays) [Startup Task]
Dell Product Registration -> C:\Program Files\WindowsApps\DellInc.DellProductRegistration_3.4.6.0_x64__htrsf667h5kn2 [2018-06-26] (Dell Inc)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.1.4081.0_x64__rz1tebttyb220 [2020-01-30] (Dolby Laboratories)
Dropbox promotion -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_20.4.3.0_x64__xbfy0k16fey96 [2020-01-22] (Dropbox Inc.)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa [2020-01-30] (Apple Inc.) [Startup Task]
Killer Control Center -> C:\Program Files\WindowsApps\RivetNetworks.KillerControlCenter_1.6.1858.0_x64__rh07ty8m5nkag [2019-03-02] (Rivet Networks LLC)
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2019-03-02] (LinkedIn)
McAfee® Personal Security -> C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.27.0_x64__wafk5atnkzcwy [2020-02-29] (McAfee LLC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-03-02] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-03-02] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.36.20583.0_x64__8wekyb3d8bbwe [2020-03-06] (Microsoft Corporation) [MS Ad]
Microsoft Remote Desktop -> C:\Program Files\WindowsApps\Microsoft.RemoteDesktop_10.1.1195.0_x86__8wekyb3d8bbwe [2020-03-10] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-11] (Microsoft Studios) [MS Ad]
MPEG-2 Video Extension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2019-09-24] (Microsoft Corporation)
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20503.0_x64__8wekyb3d8bbwe [2020-03-06] (Microsoft Corporation) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.95.602.0_x64__mcm4njqhnhss8 [2019-11-01] (Netflix, Inc.)
Photos Add-on -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2019-05-15] (Microsoft Corporation)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-12-22] (Microsoft Corporation)
Waves MaxxAudio Pro for Dell -> C:\Program Files\WindowsApps\WavesAudio.WavesMaxxAudioProforDell_1.1.131.0_x64__fh4rh281wavaa [2019-03-02] (Waves Audio)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.20.1.69\buShell.dll [2020-01-21] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.20.1.69\buShell.dll [2020-01-21] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.20.1.69\buShell.dll [2020-01-21] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-10-01] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-10-01] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-10-01] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.20.1.69\buShell.dll [2020-01-21] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.20.1.69\buShell.dll [2020-01-21] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.20.1.69\buShell.dll [2020-01-21] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.20.1.69\buShell.dll [2020-01-21] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers1: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.20.1.69\NavShExt.dll [2020-01-21] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers1: [VersionsPageShellExt] -> {9E42900A-85F9-4E67-9778-575FBBA0A81C} => C:\Program Files (x86)\Acronis\TrueImageHome\x64\versions_page.dll [2013-10-01] (Acronis International GmbH -> Acronis)
ContextMenuHandlers2: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.20.1.69\NavShExt.dll [2020-01-21] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-03-21] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki127034.inf_amd64_67158b9e3d4a0df5\igfxDTCM.dll [2018-03-12] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-09-26] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.20.1.69\buShell.dll [2020-01-21] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-03-21] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.20.1.69\NavShExt.dll [2020-01-21] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers6: [VersionsPageShellExt] -> {9E42900A-85F9-4E67-9778-575FBBA0A81C} => C:\Program Files (x86)\Acronis\TrueImageHome\x64\versions_page.dll [2013-10-01] (Acronis International GmbH -> Acronis)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [midi2] => C:\Windows\system32\KORGUM64.DRV [327088 2019-07-17] (KORG INC. -> KORG INC.)
HKLM\...\Drivers32: [midi1] => C:\Windows\system32\KORGUM64.DRV [327088 2019-07-17] (KORG INC. -> KORG INC.)
HKLM\...\Drivers32: [midi2] => C:\Windows\SysWOW64\KORGUM64.DRV [314800 2019-07-17] (KORG INC. -> KORG INC.)
HKLM\...\Drivers32: [midi1] => C:\Windows\SysWOW64\KORGUM64.DRV [314800 2019-07-17] (KORG INC. -> KORG INC.)

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2013-12-01 17:33 - 2013-12-01 17:33 - 000033792 _____ () [File not signed] c:\program files\qemu\iconv.dll
2013-12-02 20:15 - 2013-12-02 20:15 - 000071168 _____ () [File not signed] c:\program files\qemu\libbz2-1.dll
2018-02-19 20:33 - 2018-02-19 20:33 - 000891392 _____ () [File not signed] c:\program files\qemu\libcairo-2.dll
2018-02-19 20:33 - 2018-02-19 20:33 - 000033792 _____ () [File not signed] c:\program files\qemu\libcairo-gobject-2.dll
2018-03-15 07:51 - 2018-03-15 07:51 - 000528384 _____ () [File not signed] c:\program files\qemu\libcurl-4.dll
2017-09-06 13:01 - 2017-09-06 13:01 - 001472000 _____ () [File not signed] c:\program files\qemu\libepoxy-0.dll
2017-07-18 17:22 - 2017-07-18 17:22 - 000159232 _____ () [File not signed] c:\program files\qemu\libexpat-1.dll
2015-11-22 23:01 - 2015-11-22 23:01 - 000031744 _____ () [File not signed] c:\program files\qemu\libffi-6.dll
2018-02-19 20:22 - 2018-02-19 20:22 - 000276480 _____ () [File not signed] c:\program files\qemu\libfontconfig-1.dll
2018-03-19 19:06 - 2018-03-19 19:06 - 000642048 _____ () [File not signed] c:\program files\qemu\libfreetype-6.dll
2019-06-20 08:07 - 2019-06-20 08:07 - 001271779 _____ () [File not signed] c:\program files\qemu\libgcc_s_seh-1.dll
2017-02-08 13:42 - 2017-02-08 13:42 - 000553984 _____ () [File not signed] c:\program files\qemu\libgmp-10.dll
2018-03-15 15:13 - 2018-03-15 15:13 - 001287168 _____ () [File not signed] c:\program files\qemu\libgnutls-30.dll
2018-04-10 23:35 - 2018-04-10 23:35 - 000702976 _____ () [File not signed] c:\program files\qemu\libharfbuzz-0.dll
2018-03-15 16:40 - 2018-03-15 16:40 - 000170496 _____ () [File not signed] c:\program files\qemu\libhogweed-4.dll
2017-09-24 18:19 - 2017-09-24 18:19 - 000148992 _____ () [File not signed] c:\program files\qemu\libidn2-0.dll
2017-12-17 18:49 - 2017-12-17 18:49 - 000414720 _____ () [File not signed] c:\program files\qemu\libjpeg-8.dll
2014-06-30 18:01 - 2014-06-30 18:01 - 000136192 _____ () [File not signed] c:\program files\qemu\liblzo2-2.dll
2018-03-15 16:40 - 2018-03-15 16:40 - 000216576 _____ () [File not signed] c:\program files\qemu\libnettle-6.dll
2018-03-15 17:10 - 2018-03-15 17:10 - 000140800 _____ () [File not signed] c:\program files\qemu\libnghttp2-14.dll
2018-04-08 17:29 - 2018-04-08 17:29 - 001059840 _____ () [File not signed] c:\program files\qemu\libp11-kit-0.dll
2017-04-23 18:36 - 2017-04-23 18:36 - 000296960 _____ () [File not signed] c:\program files\qemu\libpcre-1.dll
2016-08-07 17:59 - 2016-08-07 17:59 - 000662016 _____ () [File not signed] c:\program files\qemu\libpixman-1-0.dll
2017-12-17 18:38 - 2017-12-17 18:38 - 000219648 _____ () [File not signed] c:\program files\qemu\libpng16-16.dll
2016-04-08 09:48 - 2016-04-08 09:48 - 000175104 _____ () [File not signed] c:\program files\qemu\libssh2-1.dll
2018-03-19 12:50 - 2018-03-19 12:50 - 000098304 _____ () [File not signed] c:\program files\qemu\libtasn1-6.dll
2015-01-29 09:48 - 2015-01-29 09:48 - 000035328 _____ () [File not signed] c:\program files\qemu\libusbredirparser-1.dll
2017-12-07 22:21 - 2017-12-07 22:21 - 000921600 _____ () [File not signed] c:\program files\qemu\SDL2.dll
2017-03-03 13:48 - 2017-03-03 13:48 - 000091136 _____ () [File not signed] c:\program files\qemu\zlib1.dll
2016-10-23 12:54 - 2016-10-23 12:54 - 000132608 _____ (Free Software Foundation) [File not signed] c:\program files\qemu\libintl-8.dll
2015-11-22 22:04 - 2015-11-22 22:04 - 001829888 _____ (Free Software Foundation) [File not signed] c:\program files\qemu\libunistring-2.dll
2019-10-15 13:14 - 2019-02-21 16:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2017-06-19 05:41 - 2017-06-19 05:41 - 000137728 _____ (libusb.info) [File not signed] c:\program files\qemu\libusb-1.0.dll
2018-11-11 11:47 - 2018-11-11 11:47 - 000592104 _____ (MingW-W64 Project. All rights reserved.) [File not signed] c:\program files\qemu\libwinpthread-1.dll
2018-02-19 21:27 - 2018-02-19 21:27 - 000284672 _____ (Red Hat Software) [File not signed] c:\program files\qemu\libpango-1.0-0.dll
2018-02-19 21:27 - 2018-02-19 21:27 - 000058880 _____ (Red Hat Software) [File not signed] c:\program files\qemu\libpangocairo-1.0-0.dll
2018-02-19 21:27 - 2018-02-19 21:27 - 000079872 _____ (Red Hat Software) [File not signed] c:\program files\qemu\libpangoft2-1.0-0.dll
2018-02-19 21:27 - 2018-02-19 21:27 - 000067072 _____ (Red Hat Software) [File not signed] c:\program files\qemu\libpangowin32-1.0-0.dll
2018-02-19 20:14 - 2018-02-19 20:14 - 000128000 _____ (Sun Microsystems Inc.) [File not signed] c:\program files\qemu\libatk-1.0-0.dll
2018-02-19 19:19 - 2018-02-19 19:19 - 001358848 _____ (The GLib developer community) [File not signed] c:\program files\qemu\libgio-2.0-0.dll
2018-02-19 19:19 - 2018-02-19 19:19 - 001105920 _____ (The GLib developer community) [File not signed] c:\program files\qemu\libglib-2.0-0.dll
2018-02-19 19:19 - 2018-02-19 19:19 - 000023040 _____ (The GLib developer community) [File not signed] c:\program files\qemu\libgmodule-2.0-0.dll
2018-02-19 19:19 - 2018-02-19 19:19 - 000304128 _____ (The GLib developer community) [File not signed] c:\program files\qemu\libgobject-2.0-0.dll
2018-02-19 20:43 - 2018-02-19 20:43 - 000152576 _____ (The GTK developer community) [File not signed] c:\program files\qemu\libgdk_pixbuf-2.0-0.dll
2018-02-19 22:37 - 2018-02-19 22:37 - 001186304 _____ (The GTK developer community) [File not signed] c:\program files\qemu\libgdk-3-0.dll
2018-02-19 22:38 - 2018-02-19 22:38 - 006704128 _____ (The GTK developer community) [File not signed] c:\program files\qemu\libgtk-3-0.dll
2018-03-27 16:13 - 2018-03-27 16:13 - 002249728 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] c:\program files\qemu\libeay32.dll
2018-03-27 16:13 - 2018-03-27 16:13 - 000400384 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] c:\program files\qemu\ssleay32.dll
2019-05-26 19:37 - 2018-06-26 09:09 - 002266112 _____ (wxWidgets development team) [File not signed] C:\Program Files (x86)\Audacity\wxbase311u_vc_custom.dll
2019-05-26 19:37 - 2018-06-26 09:09 - 000147456 _____ (wxWidgets development team) [File not signed] C:\Program Files (x86)\Audacity\wxbase311u_xml_vc_custom.dll
2019-05-26 19:37 - 2018-06-26 09:10 - 001372672 _____ (wxWidgets development team) [File not signed] C:\Program Files (x86)\Audacity\wxmsw311u_adv_vc_custom.dll
2019-05-26 19:37 - 2018-06-26 09:10 - 005403136 _____ (wxWidgets development team) [File not signed] C:\Program Files (x86)\Audacity\wxmsw311u_core_vc_custom.dll
2019-05-26 19:37 - 2018-06-26 09:10 - 000612864 _____ (wxWidgets development team) [File not signed] C:\Program Files (x86)\Audacity\wxmsw311u_html_vc_custom.dll
2019-05-26 19:37 - 2018-06-26 09:10 - 000141824 _____ (wxWidgets development team) [File not signed] C:\Program Files (x86)\Audacity\wxmsw311u_qa_vc_custom.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData:482EE99B1E21CE8C [217]
AlternateDataStreams: C:\Users\All Users:482EE99B1E21CE8C [217]
AlternateDataStreams: C:\ProgramData\Application Data:482EE99B1E21CE8C [217]
AlternateDataStreams: C:\ProgramData\PACE:B35846008F9FFA2B [217]
AlternateDataStreams: C:\ProgramData\TEMP:792D4CF1 [370]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2020-03-20 15:03 - 2020-03-20 15:03 - 000000000 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\ia32\compiler;C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\intel64\compiler;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Common Files\Acronis\SnapAPI\
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03212020123015903\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03212020123015979\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-1033751270-1591875615-2768219290-1002\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
HKU\S-1-5-21-1033751270-1591875615-2768219290-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03212020123016029\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 194.168.4.100 - 194.168.8.100
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run: => "DellMobileConnectWelcome"
HKLM\...\StartupApproved\Run: => "RtkAudUService"
HKLM\...\StartupApproved\Run: => "WavesSvc"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "SSDMonitor"
HKU\S-1-5-21-1033751270-1591875615-2768219290-1002\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1033751270-1591875615-2768219290-1002\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_3AF4DF0AFEF7E24FC4373A9A55A7B217"
HKU\S-1-5-21-1033751270-1591875615-2768219290-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03212020123016029\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1033751270-1591875615-2768219290-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03212020123016029\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_3AF4DF0AFEF7E24FC4373A9A55A7B217"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{D528A8A7-9437-4309-85B5-6F3780036431}] => (Allow) C:\Program Files\Pioneer\rekordbox 5.6.1\rbHttpServer.exe (Pioneer DJ Corporation -> )
FirewallRules: [{190CC808-CD7D-4592-8782-8580E001B69E}] => (Allow) C:\Program Files\Pioneer\rekordbox 5.6.1\ls-unity-rekordbox-win-64bit.exe (Pioneer DJ Corporation -> )
FirewallRules: [{58B0EAC2-E207-481B-A292-24CF5464B3CB}] => (Allow) C:\Program Files\Pioneer\rekordbox 5.6.1\edb_streamd.exe (Pioneer DJ Corporation -> )
FirewallRules: [{B54969FA-37B4-42E0-B01A-0C72722D7C2B}] => (Allow) C:\Program Files\Pioneer\rekordbox 5.6.1\psvlinksysmgr.exe (Pioneer DJ Corporation -> Pioneer DJ Corporation.)
FirewallRules: [{6EB61B18-A327-4E40-B212-3696F4D18A40}] => (Allow) C:\Program Files\Pioneer\rekordbox 5.6.1\psvnfsd.exe (Pioneer DJ Corporation -> Pioneer DJ Corporation.)
FirewallRules: [{F582F688-B827-4BC3-B2A5-25EDBD4D0FD3}] => (Allow) C:\Program Files\Pioneer\rekordbox 5.6.1\rekordbox.exe (Pioneer DJ Corporation -> Pioneer DJ Corporation)
FirewallRules: [{8B93A4C8-1737-4B8A-B7B5-D6445F71BCAB}] => (Allow) C:\Program Files\Pioneer\rekordbox 5.6.0\rbHttpServer.exe (Pioneer DJ Corporation -> )
FirewallRules: [{906C5638-BC4D-448A-8F85-73D0E76F4E5E}] => (Allow) C:\Program Files\Pioneer\rekordbox 5.6.0\ls-unity-rekordbox-win-64bit.exe (Pioneer DJ Corporation -> )
FirewallRules: [{F55736CD-F637-449C-AA3B-FB39F76EB89B}] => (Allow) C:\Program Files\Pioneer\rekordbox 5.6.0\edb_streamd.exe (Pioneer DJ Corporation -> )
FirewallRules: [{AA660D99-031C-48F4-AF85-48B18AC35834}] => (Allow) C:\Program Files\Pioneer\rekordbox 5.6.0\psvlinksysmgr.exe (Pioneer DJ Corporation -> Pioneer DJ Corporation.)
FirewallRules: [{2D8BC834-48EF-4F09-B871-2C3B6BAFCC17}] => (Allow) C:\Program Files\Pioneer\rekordbox 5.6.0\psvnfsd.exe (Pioneer DJ Corporation -> Pioneer DJ Corporation.)
FirewallRules: [{0A8D9021-627C-4551-A609-E2301F454657}] => (Allow) C:\Program Files\Pioneer\rekordbox 5.6.0\rekordbox.exe (Pioneer DJ Corporation -> Pioneer DJ Corporation)
FirewallRules: [{4A987E41-1488-4977-A3F4-01B829921445}] => (Allow) C:\Users\cempa\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{13BEA70D-86B9-42E6-B4AE-26D0C761CD79}] => (Allow) C:\Users\cempa\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{EF98BA83-647A-4B36-8918-AF347DF96E1D}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_2.0.8168.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.) [File not signed]
FirewallRules: [{36CA0590-A6E6-4357-9067-CC6B040EC85C}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_2.0.8168.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.) [File not signed]
FirewallRules: [{639F28B5-E6E3-41AD-8D59-09022B2BE86C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9AFFD25F-80C0-4F4C-879E-FB6A2BD3E475}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D714F658-3824-44E4-8E37-84D1A7A5CFE9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9346B0E1-75E5-40A1-B116-5183FCD60A56}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{EB3E87D4-89B3-4F19-ABDF-633C8881F13D}C:\program files (x86)\windscribe\wsappcontrol.exe] => (Block) C:\program files (x86)\windscribe\wsappcontrol.exe (Windscribe Limited -> Windscribe Limited)
FirewallRules: [UDP Query User{F5A53D24-2EC3-497C-A502-0701282F427D}C:\program files (x86)\windscribe\wsappcontrol.exe] => (Block) C:\program files (x86)\windscribe\wsappcontrol.exe (Windscribe Limited -> Windscribe Limited)
FirewallRules: [{CF7C2D49-C582-4169-9831-08E0CD70CF77}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3478DA9A-B1BF-4A35-A37C-0C41CE7E9837}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A0280CB8-C0C0-4A9E-83D3-FBA5034B0295}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{86C09D98-2CBD-4452-96B2-C320D9B94470}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{FA9515EA-D9AB-417F-B405-59808B507CD4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{80627400-4CDF-4A16-818A-A1BCF1B8EC41}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D00180B4-5C25-4CF1-B618-8888DB81EA04}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Acronis International GmbH -> Acronis)
FirewallRules: [{52BC4F74-81F5-4623-B4B0-E621EBEC51C1}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Acronis International GmbH -> Acronis)
FirewallRules: [{FE7D35D3-17E3-42DE-9BFB-0A8E1F558636}] => (Allow) C:\Program Files\Pioneer\rekordbox 5.7.0\rekordbox.exe (Pioneer DJ Corporation -> Pioneer DJ Corporation)
FirewallRules: [{26CBAFF7-F03F-42ED-8D71-8CBBA295BE18}] => (Allow) C:\Program Files\Pioneer\rekordbox 5.7.0\psvnfsd.exe (Pioneer DJ Corporation -> Pioneer DJ Corporation.)
FirewallRules: [{C0A5C7F6-013F-41F1-9D50-12F09524B422}] => (Allow) C:\Program Files\Pioneer\rekordbox 5.7.0\psvlinksysmgr.exe (Pioneer DJ Corporation -> Pioneer DJ Corporation.)
FirewallRules: [{55E6D0E0-5001-40CC-B8C9-9E14C40AF9F7}] => (Allow) C:\Program Files\Pioneer\rekordbox 5.7.0\edb_streamd.exe (Pioneer DJ Corporation -> )
FirewallRules: [{036DD405-D1E7-44A3-905D-CA6BA32EBF69}] => (Allow) C:\Program Files\Pioneer\rekordbox 5.7.0\ls-unity-rekordbox-win-64bit.exe (Pioneer DJ Corporation -> )
FirewallRules: [{D14CE703-23E9-45FE-86D6-449726A96F3C}] => (Allow) C:\Program Files\Pioneer\rekordbox 5.7.0\rbHttpServer.exe (Pioneer DJ Corporation -> )
FirewallRules: [{5F409100-07CB-47B4-984F-DCDCBA7CDBF1}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{387EE512-D4D8-4A99-A61F-C4E7607A91B4}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4345B726-8FFE-458B-94AA-ED37E1F7B414}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B0AE86CA-8C4C-40D0-88AD-30B7DD94C16D}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0005B560-E3B0-4506-A22D-9ECA964F9537}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{54A20AFA-91FC-4AEE-B736-2FBC081076E5}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0D183109-D6E3-40C9-8E3F-83FCCD1B9F11}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{804DE1A1-7783-4636-A2CB-F88D23F03E53}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{14D2FAC0-24AD-4684-B4CC-001F4D0EDFD4}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3A26C45D-D3E9-4BC8-88D1-56F999722896}] => (Allow) C:\Program Files\Pioneer\rekordbox 5.8.4\rekordbox.exe (Pioneer DJ Corporation -> Pioneer DJ Corporation)
FirewallRules: [{59630821-E479-4640-93CC-8041DF7CBE8A}] => (Allow) C:\Program Files\Pioneer\rekordbox 5.8.4\psvnfsd.exe (Pioneer DJ Corporation -> Pioneer DJ Corporation.)
FirewallRules: [{5F084A64-9D3F-4364-A181-0BC477A5876A}] => (Allow) C:\Program Files\Pioneer\rekordbox 5.8.4\psvlinksysmgr.exe (Pioneer DJ Corporation -> Pioneer DJ Corporation.)
FirewallRules: [{BDAA2A3E-A22F-4A63-93C7-B6E16E0AB24F}] => (Allow) C:\Program Files\Pioneer\rekordbox 5.8.4\edb_streamd.exe (Pioneer DJ Corporation -> )
FirewallRules: [{B465C0EE-2483-4D62-89A1-C2B83D1E783A}] => (Allow) C:\Program Files\Pioneer\rekordbox 5.8.4\ls-unity-rekordbox-win-64bit.exe (Pioneer DJ Corporation -> )
FirewallRules: [{B66C2D1D-A6B6-49E4-9E62-9DA50AB3DF20}] => (Allow) C:\Program Files\Pioneer\rekordbox 5.8.4\rbHttpServer.exe (Pioneer DJ Corporation -> )
FirewallRules: [{439DA47B-6660-40B4-AAA6-17284792D7B2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
 
==================== Restore Points =========================


==================== Faulty Device Manager Devices ============

Name: Intel(R) UHD Graphics 630
Description: Intel(R) UHD Graphics 630
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: igfx
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.


==================== Event log errors: ========================

Application errors:
==================
Error: (03/21/2020 12:04:01 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (18200,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (03/21/2020 11:09:13 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (20352,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (03/21/2020 11:04:02 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10532,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (03/21/2020 10:59:02 AM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: DESKTOP-GRI8B81)
Description: Microsoft.XboxIdentityProvider_8wekyb3d8bbwe-2147024891

Error: (03/21/2020 10:57:57 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Music.UI.exe version 10.20022.1101.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 4d04

Start Time: 01d5ff6f8b14b185

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.20022.11011.0_x64__8wekyb3d8bbwe\Music.UI.exe

Report Id: 503ed1b1-c360-4f08-acff-7d21f5a602cc

Faulting package full name: Microsoft.ZuneMusic_10.20022.11011.0_x64__8wekyb3d8bbwe

Faulting package-relative application ID: Microsoft.ZuneMusic

Hang type: Quiesce

Error: (03/21/2020 10:57:46 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AUDIODG.EXE, version: 10.0.18362.628, time stamp: 0xd42474b6
Faulting module name: maxxaudiorender64.dll, version: 7.5.29.0, time stamp: 0x5a97147a
Exception code: 0xc0000005
Fault offset: 0x00000000000b3a29
Faulting process id: 0x4964
Faulting application start time: 0x01d5ff14acb12ffc
Faulting application path: C:\WINDOWS\system32\AUDIODG.EXE
Faulting module path: C:\WINDOWS\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_c1bcca647735e1d9\maxxaudiorender64.dll
Report Id: 9fe3a5e1-e65e-41ef-adac-f747f4b62bf9
Faulting package full name:
Faulting package-relative application ID:

Error: (03/21/2020 10:57:41 AM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: DESKTOP-GRI8B81)
Description: Microsoft.ZuneMusic_8wekyb3d8bbwe-2147024891

Error: (03/21/2020 12:10:59 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5422


System errors:
=============
Error: (03/21/2020 12:09:22 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The System Services x64 service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (03/21/2020 12:09:22 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the System Services x64 service to connect.

Error: (03/20/2020 05:35:20 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 4:20:59 PM on ‎3/‎20/‎2020 was unexpected.

Error: (03/20/2020 05:35:09 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
Description: 3221225684A fatal error occurred processing the restoration data.

Error: (03/19/2020 09:13:49 PM) (Source: volsnap) (EventID: 25) (User: )
Description: The shadow copies of volume C: were deleted because the shadow copy storage could not grow in time. Consider reducing the IO load on the system or choose a shadow copy storage volume that is not being shadow copied.

Error: (03/19/2020 01:04:25 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9NMPJ99VJBWV-Microsoft.YourPhone.

Error: (03/17/2020 12:27:54 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Server service terminated with the following error:
A system shutdown is in progress.

Error: (03/17/2020 12:27:51 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The AppX Deployment Service (AppXSVC) service depends on the State Repository Service service which failed to start because of the following error:
The operation completed successfully.


Windows Defender:
===================================
Date: 2019-12-28 17:38:31.088
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {11872555-3E98-47DA-AA09-E62E0930B13C}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-12-27 13:40:29.118
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {28234F30-BDB7-47A2-8B83-4222CEBB6E33}
Scan Type: Antimalware
Scan Parameters: Quick Scan

CodeIntegrity:
===================================

Date: 2020-03-21 12:30:09.324
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Norton Security\Engine\22.20.1.69\symamsi.dll that did not meet the Windows signing level requirements.

Date: 2020-03-21 12:24:27.149
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Norton Security\Engine\22.20.1.69\symamsi.dll that did not meet the Windows signing level requirements.

Date: 2020-03-21 12:24:27.112
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Norton Security\Engine\22.20.1.69\symamsi.dll that did not meet the Windows signing level requirements.

Date: 2020-03-21 11:35:51.175
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\Norton Security\Engine\22.20.1.69\symamsi.dll that did not meet the Windows signing level requirements.

Date: 2020-03-21 11:35:51.152
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\Norton Security\Engine\22.20.1.69\symamsi.dll that did not meet the Windows signing level requirements.

Date: 2020-03-21 11:35:51.111
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\Norton Security\Engine\22.20.1.69\symamsi.dll that did not meet the Windows signing level requirements.

Date: 2020-03-21 11:35:51.081
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\Norton Security\Engine\22.20.1.69\symamsi.dll that did not meet the Windows signing level requirements.

Date: 2020-03-21 11:35:50.883
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\Norton Security\Engine\22.20.1.69\symamsi.dll that did not meet the Windows signing level requirements.

==================== Memory info ===========================

BIOS: Dell Inc. 1.8.1 02/01/2019
Motherboard: Dell Inc. 02MJVY
Processor: Intel(R) Core(TM) i7-8750H CPU @ 2.20GHz
Percentage of memory in use: 66%
Total physical RAM: 16116.32 MB
Available physical RAM: 5440.57 MB
Total Virtual: 21116.32 MB
Available Virtual: 3289.48 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:462.1 GB) (Free:8.64 GB) NTFS
Drive f: (H5_SD) (Removable) (Total:3.63 GB) (Free:1.33 GB) FAT32

\\?\Volume{64bac19f-467c-436d-aae1-e0cd4cd15ba5}\ (WINRETOOLS) (Fixed) (Total:0.78 GB) (Free:0.37 GB) NTFS
\\?\Volume{c87a995b-a7d3-4d8b-a755-c3ac0add4ec6}\ (Image) (Fixed) (Total:12.22 GB) (Free:0.21 GB) NTFS
\\?\Volume{40a55952-b861-4bbd-8667-dc0c40b8cce0}\ (DELLSUPPORT) (Fixed) (Total:1.08 GB) (Free:0.35 GB) NTFS
\\?\Volume{e0ad6780-8b55-4f92-baa7-09beafe5ab58}\ (ESP) (Fixed) (Total:0.63 GB) (Free:0.55 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 5D2BD05F)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 3.6 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================
 
redtarget.gif
Download RogueKiller from one of the following links and save it to your Desktop:

Link 1
Link 2
  • Close all the running programs
  • Double click on downloaded setup.exe file to install the program.
  • Click on Start Scan button.
  • Click on another Start Scan button.
  • Wait until the Status box shows Scan Finished
  • Click on Remove Selected.
  • Wait until the Status box shows Deleting Finished.
  • Click on Report and copy/paste the content of the Notepad into your next reply.
  • RKreport.txt could also be found on your desktop.
  • If more than one log is produced post all logs.
redtarget.gif
Please download Malwarebytes to your desktop.
  • Double-click mb3-setup-consumer-{version}.exe and follow the prompts to install the program.
  • Then click Finish.
  • Once the program has fully updated, select Scan Now on the Dashboard. Or select the Threat Scan from the Scan menu.
  • If another update of the definitions is available, it will be implemented before the rest of the scanning procedure.
  • When the scan is complete, make sure that all Threats are selected, and click Remove Selected.
  • Restart your computer when prompted to do so.
  • The Scan log is available throughout History ->Application logs. Please post it contents in your next reply.
redtarget.gif
Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8/10 users right-click and select Run As Administrator
  • The tool will start to update the database if one is required.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Logfile button.
  • A window will open which lists the logs of your scans.
  • Click on the Scan tab.
  • Double-click the most recent scan which will be at the top of the list....the log will appear.
  • Review the results...see note below
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[CX].txt) will open automatically (where the largest value of X represents the most recent report).
  • To open a Cleaning log, launch AdwareClearer, click on the Logfile button, click on the Cleaning tab and double-click the log at the top of the list.
  • Copy and paste the contents of AdwCleaner[CX].txt in your next reply.
  • A copy of all logfiles are saved to C:\AdwCleaner.
-- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name or entry that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on and uncheck any items you want to keep.
 
RogueKiller Anti-Malware V14.2.1.0 (x64) [Feb 24 2020] (Free) by Adlice Software
mail : https://adlice.com/contact/
Website : https://adlice.com/download/roguekiller/
Operating System : Windows 10 (10.0.18362) 64 bits
Started in : Normal mode
User : cempa [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Signatures : 20200320_132050, Driver : Loaded
Mode : Standard Scan, Scan -- Date : 2020/03/21 15:22:31 (Duration : 00:10:48)
Switches : -minimize

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Process Modules ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Services ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Tasks ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Registry ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ WMI ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Hosts File ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Files ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Web browsers ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
 
Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 3/21/20
Scan Time: 12:30 PM
Log File: b3e43228-6b6f-11ea-84f1-00ff54b623fc.json

-Software Information-
Version: 4.1.0.56
Components Version: 1.0.854
Update Package Version: 1.0.21122
License: Trial

-System Information-
OS: Windows 10 (Build 18362.720)
CPU: x64
File System: NTFS
User: DESKTOP-GRI8B81\cempa

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 336878
Threats Detected: 15
Threats Quarantined: 15
Time Elapsed: 3 min, 4 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 8
PUP.Optional.Restoro, HKU\S-1-5-21-1033751270-1591875615-2768219290-1002\SOFTWARE\Restoro, Quarantined, 758, 551610, 1.0.21122, , ame,
PUP.Optional.Restoro, HKLM\SOFTWARE\CLASSES\CLSID\{BA827421-E282-479E-AE60-34796877B8AE}, Quarantined, 758, 551619, , , ,
PUP.Optional.Restoro, HKLM\SOFTWARE\CLASSES\Restoro.Engine.1, Quarantined, 758, 551619, , , ,
PUP.Optional.Restoro, HKLM\SOFTWARE\CLASSES\Restoro.Engine, Quarantined, 758, 551619, 1.0.21122, , ame,
PUP.Optional.Restoro, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Restoro, Quarantined, 758, 551615, 1.0.21122, , ame,
PUP.Optional.Restoro, HKU\S-1-5-21-1033751270-1591875615-2768219290-1002\SOFTWARE\Local AppWizard-Generated Applications\Restoro, Quarantined, 758, 551612, 1.0.21122, , ame,
PUP.Optional.Restoro, HKLM\SOFTWARE\Restoro, Quarantined, 758, 551614, 1.0.21122, , ame,
Trojan.Agent, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SystemServices, Quarantined, 489, 596488, , , ,

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 7
PUP.Optional.Restoro, C:\WINDOWS\RESTORO.INI, Quarantined, 758, 551609, 1.0.21122, , ame,
Trojan.Agent, C:\PROGRAM FILES\QEMU\SYSTEMSERVICES.EXE, Quarantined, 489, 596488, 1.0.21122, , ame,
PUP.Optional.Reimage, C:\USERS\CEMPA\DOWNLOADS\REIMAGEREPAIR.EXE, Quarantined, 383, 331559, 1.0.21122, , ame,
PUP.Optional.Restoro, C:\USERS\CEMPA\DOWNLOADS\RESTORO (1).EXE, Quarantined, 758, 551611, 1.0.21122, 4CAF08818FDB5C5FD38552B8, dds, 00641478
PUP.Optional.BundleInstaller, C:\USERS\CEMPA\DOWNLOADS\UTORRENT.EXE, Quarantined, 503, 790622, 1.0.21122, , ame,
PUP.Optional.Restoro, C:\USERS\CEMPA\DOWNLOADS\RESTORO.EXE, Quarantined, 758, 551611, 1.0.21122, 4CAF08818FDB5C5FD38552B8, dds, 00641478
Generic.Malware/Suspicious, C:\USERS\CEMPA\DESKTOP\NEW FOLDER\NATIVE.INSTRUMENTS.REAKTOR.6.V6.0.1.INCL.PATCHED.AND.KEYGEN-R2R\R2R-3980.RAR, Quarantined, 0, 392686, 1.0.21122, , shuriken,

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)
 
# -------------------------------
# Malwarebytes AdwCleaner 8.0.3.0
# -------------------------------
# Build: 03-03-2020
# Database: 2020-03-13.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-21-2020
# Duration: 00:00:04
# OS: Windows 10 Home
# Cleaned: 17
# Failed: 4


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKLM\Software\Classes\CLSID\{AE198C69-7358-4856-9029-F4C0FAD524C1}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.DellCommand|PowerManager Folder C:\Program Files\DELL\COMMANDPOWERMANAGER
Deleted Preinstalled.DellCommand|PowerManager Folder C:\ProgramData\DELL\COMMANDPOWERMANAGER
Deleted Preinstalled.DellCommand|PowerManager Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{18469ED8-8C36-4CF7-BD43-0FC9B1931AF8}
Deleted Preinstalled.DellCommand|PowerManager Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{DDDAF4A7-8B7D-4088-AECC-6F50E594B4F5}
Deleted Preinstalled.DellDigitalDelivery Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{A9758B6E-19FC-4DB4-A031-AFE6C2327A35}
Deleted Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SAREMEDIATION\AGENT
Deleted Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SAREMEDIATION\AUDIT
Deleted Preinstalled.DellSupportAssistAgent Folder C:\ProgramData\DELL\SAREMEDIATION\AGENT
Deleted Preinstalled.DellSupportAssistAgent Folder C:\ProgramData\DELL\SAREMEDIATION\PLUGIN
Deleted Preinstalled.DellSupportAssistAgent Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DELL\SUPPORTASSIST
Deleted Preinstalled.DellSupportAssistAgent Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{6DE68941-66DE-48DE-9C80-FE60C9DE0AD4}
Deleted Preinstalled.DellUpdateforWindows10 Folder C:\Program Files (x86)\DELL UPDATE
Deleted Preinstalled.DellUpdateforWindows10 Folder C:\Program Files (x86)\DELL\UPDATE
Deleted Preinstalled.DellUpdateforWindows10 Folder C:\ProgramData\DELL\UPDATE
Deleted Preinstalled.DellUpdateforWindows10 Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DELL\UPDATE
Deleted Preinstalled.DellUpdateforWindows10 Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{5EBBC1DA-975F-44A0-B438-F325BCD45577}
Not Deleted Preinstalled.DellDigitalDelivery Folder C:\Program Files (x86)\DELL DIGITAL DELIVERY
Not Deleted Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SAREMEDIATION\PLUGIN
Not Deleted Preinstalled.DellUpdateforWindows10 Folder C:\Program Files (x86)\DELL\UPDATESERVICE
Not Deleted Preinstalled.DellUpdateforWindows10 Folder C:\ProgramData\DELL\UPDATESERVICE


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [3579 octets] - [21/03/2020 15:49:48]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
 
Re-run Farbar Recovery Scan Tool (FRST/FRST64) you ran at the very beginning of this topic.

  • Double click to run it.
  • Press Scan button.
  • Scan will create two logs, FRST.txt and Addition.txt in the same directory the tool is run. Please copy and paste them to your reply.
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-03-2020
Ran by cempa (administrator) on DESKTOP-GRI8B81 (Dell Inc. XPS 15 9570) (21-03-2020 19:24:02)
Running from C:\Users\cempa\Downloads
Loaded Profiles: cempa (Available Profiles: cempa)
Platform: Windows 10 Home Version 1903 18362.720 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\JBridge\auxhost.exe
() [File not signed] C:\Program Files\JBridge\auxhost.exe
() [File not signed] C:\Program Files\JBridge\auxhost.exe
() [File not signed] C:\Program Files\JBridge\auxhost.exe
() [File not signed] C:\Program Files\JBridge\auxhost.exe
() [File not signed] C:\Program Files\JBridge\auxhost.exe
() [File not signed] C:\Program Files\JBridge\auxhost.exe
() [File not signed] C:\Program Files\JBridge\auxhost.exe
() [File not signed] C:\Program Files\JBridge\auxhost.exe
() [File not signed] C:\Program Files\JBridge\auxhost.exe
() [File not signed] C:\Program Files\JBridge\auxhost.exe
(Ableton AG -> ) C:\ProgramData\Ableton\Live 10 Suite\Resources\Extensions\Index\Ableton Index.exe
(Ableton AG -> Ableton) C:\ProgramData\Ableton\Live 10 Suite\Program\Ableton Live 10 Suite.exe
(Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(Acronis International GmbH -> Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis International GmbH -> Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Acronis International GmbH -> Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Acronis International GmbH -> Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis International GmbH -> Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Adlice -> ) C:\Program Files\RogueKiller\RogueKiller64.exe
(Adlice -> ) C:\Program Files\RogueKiller\RogueKillerSvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Dell Inc -> Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_31a8dbbf39dcdc3b\jhi_service.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127034.inf_amd64_67158b9e3d4a0df5\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Software Development Products -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_fd0b4b97d35097fa\aesm_service.exe
(Intel(R) Trust Services -> Intel(R) Corporation) C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_7e148e9c120d86df\lib\SocketHeciServer.exe
(KORG INC. -> KORG Inc.) C:\Program Files (x86)\KORG\KORG USB-MIDI Driver\EsHelper2.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Malwarebytes Inc -> Malwarebytes) C:\Users\cempa\Downloads\adwcleaner_8.0.3.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20012.135.0_x64__8wekyb3d8bbwe\YourPhoneServer\YourPhoneServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Windows Hardware Compatibility Publisher -> Intel) C:\Windows\System32\cAVS\Intel(R) Audio Service\IntelAudioService.exe
(Microsoft Windows Hardware Compatibility Publisher -> Rivet Networks) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe
(Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(PACE Anti-Piracy, Inc. -> PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
(Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Symantec Corporation -> PC Tools) C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\StartManSvc.exe
(Symantec Corporation -> Symantec Corporation) C:\Program Files\Norton Security\Engine\22.20.1.69\NortonSecurity.exe
(Symantec Corporation -> Symantec Corporation) C:\Program Files\Norton Security\Engine\22.20.1.69\NortonSecurity.exe
(Symantec Corporation -> Symantec Corporation) C:\Program Files\Norton Security\Engine\22.20.1.69\nsWscSvc.exe
(Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_c1bcca647735e1d9\WavesSysSvc64.exe
(Windscribe Limited -> Windscribe Limited) C:\Program Files (x86)\Windscribe\Windscribe.exe
(Windscribe Limited -> Windscribe Limited) C:\Program Files (x86)\Windscribe\WindscribeService.exe
(Windscribe Limited -> Windscribe Limited) C:\Program Files (x86)\Windscribe\wsappcontrol.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [838648 2019-03-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\WINDOWS\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_c1bcca647735e1d9\WavesSvc64.exe [1222928 2018-03-29] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320584 2018-02-13] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [DellMobileConnectWelcome] => C:\Program Files\Dell\DellMobileConnectDrivers\DellMobileConnectWelcome.exe [127480 2017-11-06] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3022416 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [518424 2013-07-18] (Acronis International GmbH -> Acronis)
HKLM-x32\...\Run: [SSDMonitor] => C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\SSDMonitor.exe [106784 2019-03-03] (Symantec Corporation -> Symantec Corporation)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [7805824 2013-10-24] (Acronis International GmbH -> Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1102192 2013-10-10] (Acronis International GmbH -> Acronis International GmbH)
HKLM-x32\...\Run: [KORG USB-MIDI Driver] => C:\Program Files (x86)\KORG\KORG USB-MIDI Driver\EsHelper2.exe [391416 2019-07-17] (KORG INC. -> KORG Inc.)
HKU\S-1-5-21-1033751270-1591875615-2768219290-1002\...\Run: [Windscribe] => C:\Program Files (x86)\Windscribe\Windscribe.exe [10106544 2019-01-19] (Windscribe Limited -> Windscribe Limited)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.149\Installer\chrmstp.exe [2020-03-19] (Google LLC -> Google LLC)
GroupPolicy: Restriction ? <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0AD8A701-DB83-44E4-89B2-D4145FB209B1} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24600440 2020-03-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {17B7C9D3-D3C3-492D-9708-07912089DDBD} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => sc.exe start ThunderboltService
Task: {1CD1BD68-9693-461A-8AC2-AFDF4E8492A5} - System32\Tasks\Norton Security\Norton Security Error Processor => C:\Program Files\Norton Security\Engine\22.20.1.69\SymErr.exe [116392 2020-01-21] (Symantec Corporation -> Symantec Corporation)
Task: {22C1783D-015E-4D56-A507-C9B11AB3023A} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3022416 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {25053183-809B-40CE-98F7-5F9AD04C0EB1} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\tbtsvc.exe [2302184 2018-01-26] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {27D5C85C-2A04-4DBF-AE57-1249D463BF38} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2E13A8E4-D603-4E14-B31D-A37B44676D74} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158544 2020-03-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {3F5F08BB-4A2F-4516-92D2-162B2FACB759} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158544 2020-03-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {3F92BA7A-4506-402F-A920-031FF87BD305} - System32\Tasks\NUAutoUpdate => C:\Program Files (x86)\Symantec\Norton Utilities 16\SULauncher.exe [988504 2019-03-03] (Symantec Corporation -> PC Tools)
Task: {526AD0D8-0535-4EF4-919F-0EA0424512CB} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24600440 2020-03-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {6C28B394-C338-4B3A-8DA3-656E2DE970D4} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913448 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {74C3333E-A450-4269-B8A9-8EDECC458643} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3310688 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7BF82798-A85F-40D7-8099-16AE58F7CBDD} - System32\Tasks\Norton Security\Norton Security Autofix => C:\Program Files\Norton Security\Engine\22.20.1.69\SymErr.exe [116392 2020-01-21] (Symantec Corporation -> Symantec Corporation)
Task: {7E817EB2-7E94-43AD-BA92-68559EB80F28} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7E906E6D-2037-4D34-95DA-272A3D9D0FE7} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1660520 2020-02-27] (Avast Software s.r.o. -> Avast Software)
Task: {84F3AC78-4B9D-45FD-909C-25D3DEB8828F} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe [1926304 2020-01-21] (Symantec Corporation -> Symantec Corporation)
Task: {8C418A23-D299-457F-9263-6C95C3A7B31B} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A672DBA8-21B5-4009-8240-3B35AF6DA00D} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226024 2018-01-26] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {B3CF1FC6-19F7-46CE-B5E9-66814E86D2D1} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226024 2018-01-26] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {B8AF3E7C-7401-4071-A15B-5CBDAF9335C9} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on switch user if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226024 2018-01-26] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {BB65D647-DF0E-4313-B286-72F4DCE8E5CB} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BFE9923E-B35F-4BB5-BEF4-3E419F1346A6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-05] (Google Inc -> Google Inc.)
Task: {C31A47D9-8A6B-41AC-B2FB-F01892425946} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D26C8A18-DE6A-4251-A26F-2B329BB6F473} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security\Engine\22.20.1.69\WSCStub.exe [570824 2020-01-21] (Symantec Corporation -> Symantec Corporation)
Task: {DBD6943A-75CD-4ED7-8E25-15C6B96A9B22} - System32\Tasks\Norton Security\Norton Security Error Analyzer => C:\Program Files\Norton Security\Engine\22.20.1.69\SymErr.exe [116392 2020-01-21] (Symantec Corporation -> Symantec Corporation)
Task: {DD6FD3A7-0D0C-4C1E-86A9-355F7B05366F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-05] (Google Inc -> Google Inc.)
Task: {F7D92C0E-2A58-4E56-9BFA-79C5450E9FFA} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F8C01A07-4903-4B73-AF0E-14A90EB2BA30} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913448 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F95A18A2-4B6C-4A14-8F20-49D599557CDC} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [653864 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\NUAutoUpdate.job => C:\Program Files (x86)\Symantec\Norton Utilities 16\SULauncher.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 194.168.4.100 194.168.8.100
Tcpip\..\Interfaces\{3DA59414-4D8D-4650-A05E-ADAFBEAAF718}: [NameServer] 10.255.255.2
Tcpip\..\Interfaces\{65e16946-e6a9-46c9-907d-aa0331cc1021}: [DhcpNameServer] 194.168.4.100 194.168.8.100
Tcpip\..\Interfaces\{f8067ce3-814e-4b1e-a656-96f34bbba11a}: [DhcpNameServer] 194.168.4.100 194.168.8.100

Internet Explorer:
==================
HKU\S-1-5-21-1033751270-1591875615-2768219290-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell17win10.msn.com/?pc=DCTE
HKU\S-1-5-21-1033751270-1591875615-2768219290-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
BHO: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine\22.20.1.69\coIEPlg.dll [2020-01-21] (Symantec Corporation -> Symantec Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-02-14] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine32\22.20.1.69\coIEPlg.dll [2020-01-21] (Symantec Corporation -> Symantec Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine\22.20.1.69\coIEPlg.dll [2020-01-21] (Symantec Corporation -> Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine32\22.20.1.69\coIEPlg.dll [2020-01-21] (Symantec Corporation -> Symantec Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-03-07] (Microsoft Corporation -> Microsoft Corporation)

Edge:
======
Edge Notifications: HKU\S-1-5-21-1033751270-1591875615-2768219290-1002 -> hxxps://www.facebook.com

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-02-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-02-14] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR Profile: C:\Users\cempa\AppData\Local\Google\Chrome\User Data\Default [2020-03-21]
CHR Notifications: Default -> hxxps://mail.google.com; hxxps://www.cv-library.co.uk; hxxps://www.musicradar.com; hxxps://www.reddit.com; hxxps://www.techradar.com; hxxps://www.tuifly.be; hxxps://www.whats-on-netflix.com; hxxps://www.wordans.co.uk
CHR DefaultSearchURL: Default -> hxxps://nortonsafe.search.ask.com/web?omnisearch=yes&q={searchTerms}
CHR DefaultSearchKeyword: Default -> nortonsafe
CHR Extension: (Slides) - C:\Users\cempa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-03-05]
CHR Extension: (Docs) - C:\Users\cempa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-03-05]
CHR Extension: (Google Drive) - C:\Users\cempa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-03-05]
CHR Extension: (YouTube) - C:\Users\cempa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-03-05]
CHR Extension: (Norton Security Toolbar) - C:\Users\cempa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2019-04-11]
CHR Extension: (Norton Safe Search) - C:\Users\cempa\AppData\Local\Google\Chrome\User Data\Default\Extensions\eogpedgkejfmehnklhahflpmplhiceal [2020-03-17]
CHR Extension: (Sheets) - C:\Users\cempa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-03-05]
CHR Extension: (Google Docs Offline) - C:\Users\cempa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-03-17]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\cempa\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-03-21]
CHR Extension: (Windscribe - Free Proxy and Ad Blocker) - C:\Users\cempa\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnmpcagpplmpfojmgmnngilcnanddlhb [2020-02-01]
CHR Extension: (Chrome Web Store Payments) - C:\Users\cempa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\cempa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-01]
CHR Extension: (Chrome Media Router) - C:\Users\cempa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-03-20]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AESMService; C:\WINDOWS\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_fd0b4b97d35097fa\aesm_service.exe [716824 2019-09-22] (Intel(R) Software Development Products -> Intel Corporation)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3374160 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3103824 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AtherosSvc; C:\WINDOWS\System32\drivers\AdminService.exe [386976 2019-08-08] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11091224 2020-03-05] (Microsoft Corporation -> Microsoft Corporation)
S3 Dell.CommandPowerManager.Service; C:\Windows\system32\dllhost.exe /Processid:{C465CFF0-2621-4FD3-A47D-A291A9A67523} [21304 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 Dell.CommandPowerManager.Service; C:\Windows\system32\dllhost.exe /Processid:{C465CFF0-2621-4FD3-A47D-A291A9A67523} [21304 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [36024 2020-02-14] (Dell Inc -> )
S3 DiskDoctorService; C:\Program Files (x86)\Symantec\Norton Utilities 16\Tools\Disk Doctor\DiskDoctorSrv.exe [1168720 2019-03-03] (Symantec Corporation -> Symantec Corporation)
R2 esifsvc; C:\WINDOWS\System32\Intel\DPTF\esif_uf.exe [1646120 2018-02-08] (Intel(R) pGFX -> Intel Corporation)
S3 iaStorAfsService; C:\WINDOWS\IAStorAfsService\iaStorAfsService.exe [2593848 2018-02-22] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R3 Intel(R) Capability Licensing Service TCP IP Interface; C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_7e148e9c120d86df\lib\SocketHeciServer.exe [872416 2019-04-23] (Intel(R) Trust Services -> Intel(R) Corporation)
S2 Intel(R) TPM Provisioning Service; C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_7e148e9c120d86df\lib\TPMProvisioningService.exe [800224 2019-04-23] (Intel(R) Trust Services -> Intel(R) Corporation)
R2 IntelAudioService; C:\WINDOWS\system32\cAVS\Intel(R) Audio Service\IntelAudioService.exe [364256 2019-03-22] (Microsoft Windows Hardware Compatibility Publisher -> Intel)
R2 jhi_service; C:\WINDOWS\System32\DriverStore\FileRepository\dal.inf_amd64_31a8dbbf39dcdc3b\jhi_service.exe [647568 2019-04-30] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 Killer Network Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe [2318800 2018-02-09] (Microsoft Windows Hardware Compatibility Publisher -> Rivet Networks)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-03-21] (Malwarebytes Inc -> Malwarebytes)
R2 NortonSecurity; C:\Program Files\Norton Security\Engine\22.20.1.69\NortonSecurity.exe [227352 2020-01-21] (Symantec Corporation -> Symantec Corporation)
R2 nsWscSvc; C:\Program Files\Norton Security\Engine\22.20.1.69\nsWscSvc.exe [937528 2020-01-21] (Symantec Corporation -> Symantec Corporation)
R2 NU16StartManagerSvc; C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\StartManSvc.exe [799992 2019-03-03] (Symantec Corporation -> PC Tools)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
R2 QcomWlanSrv; C:\WINDOWS\System32\drivers\QcomWlanSrvx64.exe [191256 2019-01-28] (Qualcomm Atheros -> Qualcomm Technologies Inc.)
R2 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [16647736 2020-02-24] (Adlice -> )
R2 RtkAudioUniversalService; C:\WINDOWS\System32\RtkAudUService64.exe [838648 2019-03-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
S3 SpeedDiskService; C:\Program Files (x86)\Symantec\Norton Utilities 16\Tools\SpeedDisk\SpeedDiskSrv.exe [1182640 2019-03-03] (Symantec Corporation -> Symantec Corporation)
S3 ThunderboltService; C:\Program Files (x86)\Intel\Thunderbolt Software\tbtsvc.exe [2302184 2018-01-26] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
R2 WavesSysSvc; C:\WINDOWS\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_c1bcca647735e1d9\WavesSysSvc64.exe [885008 2018-03-29] (Waves Inc -> Waves Audio Ltd.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-25] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-25] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WindscribeService; C:\Program Files (x86)\Windscribe\WindscribeService.exe [493232 2019-01-19] (Windscribe Limited -> Windscribe Limited)
S3 dcpm-notify; "C:\Program Files\Dell\CommandPowerManager\NotifyService.exe" [X]
S2 Dell SupportAssist Remediation; "C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe" [X]
S2 DellUpdate; "C:\Program Files (x86)\Dell Update\DellUpService.exe" [X]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 PaceLicenseDServices; "C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe" -u https://activation.paceap.com/InitiateActivation [X]
 
===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R1 BHDrvx64; C:\Program Files\Norton Security\NortonData\22.16.4.15\Definitions\BASHDefs\20200316.001\BHDrvx64.sys [1952136 2019-10-02] (Symantec Corporation -> Symantec Corporation)
R1 ccSet_NGC; C:\WINDOWS\System32\drivers\NGCx64\1614010.045\ccSetx64.sys [192376 2020-01-21] (Symantec Corporation -> Symantec Corporation)
S3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [36728 2019-05-21] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
S3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [41208 2017-12-14] (Techporch Incorporated -> Dell Computer Corporation)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [76696 2018-02-08] (Intel Corporation -> Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [70040 2018-02-08] (Intel Corporation -> Intel Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [516784 2019-10-09] (Symantec Corporation -> Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [154288 2019-10-10] (Symantec Corporation -> Symantec Corporation)
R3 esif_lf; C:\WINDOWS\System32\drivers\esif_lf.sys [399264 2018-02-08] (Intel Corporation -> Intel Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2020-03-21] (Malwarebytes Corporation -> Malwarebytes)
S3 ffusb2audio; C:\WINDOWS\system32\DRIVERS\ffusb2audio.sys [127280 2014-03-17] (Focusrite Audio Engineering Limited -> Focusrite Audio Engineering Limited.)
R3 FocusriteUSB; C:\WINDOWS\System32\drivers\FocusriteUSB.sys [122928 2019-05-09] (WDKTestCert builds,131886954661028733 -> Focusrite Audio Engineering Ltd.)
R3 FocusriteUSBSwRoot; C:\WINDOWS\System32\drivers\FocusriteUSBSwRoot.sys [100792 2019-05-09] (WDKTestCert builds,131886954661028733 -> Focusrite Audio Engineering Ltd.)
R3 FocusriteUSB_AUDIO; C:\WINDOWS\system32\drivers\FocusriteUSBAudio.sys [63200 2019-05-09] (WDKTestCert builds,131886954661028733 -> Focusrite Audio Engineering Ltd.)
R3 FocusriteUSB_MIDI; C:\WINDOWS\system32\drivers\FocusriteUSBMidi.sys [49792 2019-05-09] (WDKTestCert builds,131886954661028733 -> Focusrite Audio Engineering Ltd.)
S3 HfAudio; C:\WINDOWS\System32\drivers\HfAudio.sys [65008 2018-06-26] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
R3 HidEventFilter; C:\WINDOWS\System32\drivers\HidEventFilter.sys [85032 2017-12-13] (Intel(R) Software -> Intel Corporation)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [218336 2017-10-10] (McAfee, Inc. -> McAfee, Inc.)
S3 iaLPSS2_GPIO2; C:\WINDOWS\System32\drivers\iaLPSS2_GPIO2.sys [123544 2017-10-16] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R0 iaStorAC; C:\WINDOWS\System32\drivers\iaStorAC.sys [942128 2018-02-22] (Intel(R) Rapid Storage Technology -> Intel Corporation)
S3 iaStorAfs; C:\WINDOWS\System32\drivers\iaStorAfs.sys [72248 2018-02-22] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R1 IDSVia64; C:\Program Files\Norton Security\NortonData\22.16.4.15\Definitions\IPSDefs\20200320.061\IDSvia64.sys [1451016 2019-08-06] (Symantec Corporation -> Symantec Corporation)
R3 IntcAudioBus; C:\WINDOWS\System32\drivers\IntcAudioBus.sys [299176 2019-03-22] (Smart Sound Technology -> Intel(R) Corporation)
R3 IntcOED; C:\WINDOWS\System32\drivers\IntcOED.sys [1168040 2019-03-22] (Smart Sound Technology -> Intel(R) Corporation)
S3 KORGUMDS; C:\WINDOWS\System32\Drivers\KORGUM64.SYS [43440 2019-07-17] (KORG INC. -> KORG INC.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [214496 2020-03-21] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2020-03-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [195432 2020-03-21] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73584 2020-03-21] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-03-21] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [119960 2020-03-21] (Malwarebytes Inc -> Malwarebytes)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvdmi.inf_amd64_78debb6bbbccbb36\nvlddmkm.sys [22377352 2019-09-27] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-07-23] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [75600 2019-08-23] (NVIDIA Corporation -> NVIDIA Corporation)
R3 Qcamain10x64; C:\WINDOWS\System32\drivers\Qcamain10x64.sys [2369816 2019-01-28] (Qualcomm Atheros -> Qualcomm Atheros, Inc.)
R2 RfeCoSvc; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\RfeCo10X64.sys [132808 2018-02-09] (Rivet Networks LLC -> Rivet Networks, LLC.)
R3 RTSPER; C:\WINDOWS\System32\drivers\RtsPer.sys [864704 2017-10-31] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
S3 ScrHIDDriver; C:\WINDOWS\System32\drivers\ScrHIDDriver.sys [58864 2018-06-26] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
R1 SRTSP; C:\WINDOWS\System32\drivers\NGCx64\1614010.045\SRTSP64.SYS [889520 2020-01-21] (Symantec Corporation -> Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\System32\drivers\NGCx64\1614010.045\SRTSPX64.SYS [50864 2020-01-21] (Symantec Corporation -> Symantec Corporation)
R3 ST_Accel; C:\WINDOWS\System32\drivers\ST_Accel.sys [134264 2017-11-22] ("STMicroelectronics Srl" -> STMicroelectronics)
R0 SymEFASI; C:\WINDOWS\System32\drivers\NGCx64\1614010.045\SYMEFASI64.SYS [1964200 2020-01-21] (Symantec Corporation -> Symantec Corporation)
S0 SymELAM; C:\WINDOWS\System32\drivers\NGCx64\1614010.045\SymELAM.sys [25744 2020-01-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [100064 2019-03-21] (Symantec Corporation -> Symantec Corporation)
R3 SymEvnt; C:\Program Files\Norton Security\NortonData\22.16.4.15\SymPlatform\SymEvnt.sys [712368 2020-01-14] (Symantec Corporation -> Symantec Corporation)
R1 SymIRON; C:\WINDOWS\System32\drivers\NGCx64\1614010.045\Ironx64.SYS [316656 2020-01-21] (Symantec Corporation -> Symantec Corporation)
R1 SymNetS; C:\WINDOWS\System32\drivers\NGCx64\1614010.045\symnets.sys [573448 2020-01-21] (Symantec Corporation -> Symantec Corporation)
R3 tapwindscribe0901; C:\WINDOWS\System32\drivers\tapwindscribe0901.sys [54896 2018-07-06] (Windscribe Limited -> The OpenVPN Project)
R0 tib; C:\WINDOWS\System32\DRIVERS\tib.sys [1120032 2019-10-25] (Acronis International GmbH -> Acronis International GmbH)
R0 tib_mounter; C:\WINDOWS\System32\DRIVERS\tib_mounter.sys [198432 2019-10-25] (Acronis International GmbH -> Acronis International GmbH)
U3 TrueSight; C:\Windows\System32\drivers\truesight.sys [28272 2020-03-21] (Adlice -> )
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2019-12-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2019-12-25] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-25] (Microsoft Windows -> Microsoft Corporation)
S3 wpCtrlDrv_NGC; C:\WINDOWS\System32\drivers\NGCx64\1614010.045\wpCtrlDrv.sys [1012120 2020-01-21] (Symantec Corporation -> Symantec Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-03-21 19:23 - 2020-03-21 19:23 - 002279936 _____ (Farbar) C:\Users\cempa\Downloads\FRST64.exe
2020-03-21 16:01 - 2020-03-21 16:01 - 047658504 _____ (Adlice Software ) C:\Users\cempa\Downloads\RogueKiller_setup_ref3 (1).exe
2020-03-21 16:00 - 2020-03-21 16:00 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-03-21 16:00 - 2020-03-21 16:00 - 000195432 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2020-03-21 16:00 - 2020-03-21 16:00 - 000119960 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2020-03-21 16:00 - 2020-03-21 16:00 - 000073584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2020-03-21 16:00 - 2020-03-21 16:00 - 000028272 _____ C:\WINDOWS\system32\Drivers\truesight.sys
2020-03-21 15:44 - 2020-03-21 15:59 - 000000000 ____D C:\AdwCleaner
2020-03-21 15:43 - 2020-03-21 15:43 - 008199856 _____ (Malwarebytes) C:\Users\cempa\Downloads\adwcleaner_8.0.3.exe
2020-03-21 15:43 - 2020-03-21 15:43 - 000003027 _____ C:\Users\cempa\Downloads\Malwarebytes report.txt
2020-03-21 15:35 - 2020-03-21 15:35 - 000002102 _____ C:\Users\cempa\Downloads\RogueKiller report.txt
2020-03-21 14:47 - 2020-03-21 15:18 - 000000000 ____D C:\ProgramData\RogueKiller
2020-03-21 14:47 - 2020-03-21 14:47 - 000000907 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2020-03-21 14:47 - 2020-03-21 14:47 - 000000907 _____ C:\ProgramData\Desktop\RogueKiller.lnk
2020-03-21 14:47 - 2020-03-21 14:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2020-03-21 14:47 - 2020-03-21 14:47 - 000000000 ____D C:\Program Files\RogueKiller
2020-03-21 14:46 - 2020-03-21 14:47 - 047658504 _____ (Adlice Software ) C:\Users\cempa\Downloads\RogueKiller_setup_ref3.exe
2020-03-21 13:04 - 2020-03-21 13:04 - 000000000 ____D C:\WINDOWS\system32\Tasks\Remediation
2020-03-21 12:43 - 2020-03-21 12:44 - 000054720 _____ C:\Users\cempa\Downloads\Addition.txt
2020-03-21 12:42 - 2020-03-21 19:25 - 000042295 _____ C:\Users\cempa\Downloads\FRST.txt
2020-03-21 12:37 - 2020-03-21 19:24 - 000000000 ____D C:\FRST
2020-03-21 12:37 - 2020-03-21 19:23 - 000000000 ____D C:\Users\cempa\Downloads\FRST-OlderVersion
2020-03-21 12:21 - 2020-03-21 12:21 - 000000000 ____D C:\Users\cempa\AppData\Local\mbam
2020-03-21 12:20 - 2020-03-21 12:20 - 000214496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-03-21 12:20 - 2020-03-21 12:20 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-03-21 12:20 - 2020-03-21 12:20 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-03-21 12:20 - 2020-03-21 12:20 - 000002031 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-03-21 12:20 - 2020-03-21 12:20 - 000002031 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-03-21 12:20 - 2020-03-21 12:20 - 000000000 ____D C:\Users\cempa\AppData\Local\mbamtray
2020-03-21 12:20 - 2020-03-21 12:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2020-03-21 12:20 - 2020-03-21 12:20 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-03-21 12:20 - 2020-03-21 12:20 - 000000000 ____D C:\Program Files\Malwarebytes
2020-03-21 12:19 - 2020-03-21 12:19 - 001957784 _____ (Malwarebytes) C:\Users\cempa\Downloads\MBSetup.exe
2020-03-21 11:02 - 2020-03-21 11:04 - 000000000 ____D C:\Users\cempa\AppData\Local\NPE
2020-03-20 22:26 - 2020-03-21 11:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\u-he
2020-03-20 22:21 - 2020-03-20 22:21 - 000000000 ___RD C:\ProgramData\u-he
2020-03-20 22:19 - 2020-03-21 12:35 - 000000000 ___HD C:\Program Files\qemu
2020-03-20 22:19 - 2020-03-21 00:09 - 000000000 ____D C:\Program Files (x86)\App Deploy
2020-03-20 22:19 - 2019-09-25 21:23 - 000187392 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\IntelHaxm.sys
2020-03-20 17:35 - 2020-03-20 17:35 - 000000000 ____D C:\WINDOWS\Panther
2020-03-16 15:43 - 2020-03-16 15:43 - 000003518 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2020-03-14 12:49 - 2020-03-14 12:49 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 019812352 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 018027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 011607552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 009711616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 006285312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 005911040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 004129648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 003819520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 003488768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 003243296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 002956688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-03-14 12:49 - 2020-03-14 12:49 - 002494744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 002315680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 002072664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 001867816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 001835128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 001770552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 001555904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 001490640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 001417976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 001282944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 001108040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 001080832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 001012792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 000952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 000757632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 000604160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbc32.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 000287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacEncoder.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 000239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacEncoder.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-03-14 12:49 - 2020-03-14 12:49 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 025900544 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 022635008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 019850240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 009930552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 007905784 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 007755776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 007604584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 007263992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 007259648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 006520776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 006436352 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 006168064 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 006084344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 005764664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 005112832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 005040640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 004898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 004855808 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 004622280 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 004580352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 004563416 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 004538880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 004471296 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 004348408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 004140544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 004048896 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 003971808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 003799552 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 003728896 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 003708928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 003587896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 003552768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 003371720 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 003260928 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 003143168 _____ (Microsoft Corporation) C:\WINDOWS\system32\directml.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 002986808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 002875904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 002870272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 002808832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 002773568 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 002768440 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-03-14 12:48 - 2020-03-14 12:48 - 002740736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directml.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 002715648 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 002698040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 002584008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 002522112 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 002474496 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 002453504 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 002307584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 002289152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 002259872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 002224952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 002180408 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 002157056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 002087376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 002031104 _____ C:\WINDOWS\system32\rdpnano.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 002021888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001999952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001985104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001972536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 001885184 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001823232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001764336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001762304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001757304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-03-14 12:48 - 2020-03-14 12:48 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001743888 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001729024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001688064 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001684992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001665416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001657120 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001647072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001609216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001581056 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001513040 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 001484600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001482040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 001481216 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpsharercom.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001480192 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001428992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 001413632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001412096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001398584 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 001396152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001394168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001366128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-03-14 12:48 - 2020-03-14 12:48 - 001354080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001284096 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001283600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2020-03-14 12:48 - 2020-03-14 12:48 - 001273856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001264128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpsharercom.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001260480 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001218632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 001214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001190912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001182448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 001180160 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001153024 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowsperformancerecordercontrol.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 001097728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001092096 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001088000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001077048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 001071184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001054376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001031680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001027000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001007672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 001000960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\refsutil.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000983896 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000980320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000974848 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000945384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000935040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000929144 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000921088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000915296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000914944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000908504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000898048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000892696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000883712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000878080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000877232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowsperformancerecordercontrol.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000851968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000833616 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000802304 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000796904 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000783480 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000782848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000776488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000769552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000749568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000748032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000741392 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000734720 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpksetup.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000732000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000710144 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbc32.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000680184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000669496 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000668296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000661816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000649728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000642216 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000637240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000636848 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxs.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000627216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000613888 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000605896 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000561464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000551824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxs.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2020-03-14 12:48 - 2020-03-14 12:48 - 000535552 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000531768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2020-03-14 12:48 - 2020-03-14 12:48 - 000526848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000522384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000518656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000510768 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprdim.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000478792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-03-14 12:48 - 2020-03-14 12:48 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000459688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000457016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountExtension.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000429880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2020-03-14 12:48 - 2020-03-14 12:48 - 000403456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprdim.dll
 
2020-03-14 12:48 - 2020-03-14 12:48 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000382976 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000355000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000353960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Acx01000.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000320312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000309248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000306696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000287232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcomapi.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountCloudAP.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnservice.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\netman.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000260920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000251392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000250896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000248064 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000234984 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\TetheringMgr.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthA2dp.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000224056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000222520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ataport.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000221200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000213984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000210744 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000208696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndiswan.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000201744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000201528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000199992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000199480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000193592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000183608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000180232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtm.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAuto.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000174392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeHelper.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000166400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000165504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000164776 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtm.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000151568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000146712 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceUpdateAgent.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\GraphicsCapture.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAuto.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000141840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceMetadataRetrievalClient.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\TelephonyInteractiveUser.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnpclean.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000136328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\omadmapi.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NdisImPlatform.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000133944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000133256 _____ (Microsoft Corporation) C:\WINDOWS\system32\profapi.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000131896 _____ (Microsoft Corporation) C:\WINDOWS\system32\DTUHandler.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000130112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000128312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000120560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000120048 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Taskbar.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000107832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GraphicsCapture.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000105832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3msm.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000102760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profapi.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2020-03-14 12:48 - 2020-03-14 12:48 - 000098104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000097080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3api.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000089616 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000089568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3api.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3msm.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpremove.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\monitor.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000068408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceReactivation.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000067112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000066336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlrmdr.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManMigrationPlugin.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000063288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmRes.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmRes.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstUI.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\udhisapi.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000056632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pciidex.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAProfileNotificationHandler.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmapi.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000048256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbs.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmprovhost.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\cellulardatacapabilityhandler.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000042336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbs.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000042296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnpcont.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afunix.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmtask.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmprovhost.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthMini.SYS
2020-03-14 12:48 - 2020-03-14 12:48 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxstrace.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnpcont.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAgent.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000032056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000030008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\atapi.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000029712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tbs.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxstrace.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Drivers\afunix.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000028936 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmbuspipe.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAgent.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilotdiag.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wci.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msauserext.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000019984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelide.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000019768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpnotify.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msauserext.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000016912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pciide.sys
2020-03-14 12:48 - 2020-03-14 12:48 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\MUILanguageCleanup.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmplpxy.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\LangCleanupSysprepAction.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\pacjsworker.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmplpxy.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchTM.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtprio.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchTM.exe
2020-03-14 12:48 - 2020-03-14 12:48 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpksetupproxyserv.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtprio.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCertResources.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCertResources.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tier2punctuations.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\TelephonyInteractiveUserRes.dll
2020-03-14 12:48 - 2020-03-14 12:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-03-14 12:48 - 2020-03-14 12:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-03-14 12:48 - 2020-03-14 12:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-03-14 12:48 - 2020-03-14 12:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-03-14 12:48 - 2020-03-14 12:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-03-14 12:48 - 2020-03-14 12:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-03-14 12:48 - 2020-03-14 12:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-03-14 12:48 - 2020-03-14 12:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-03-14 12:48 - 2020-03-14 12:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-03-14 12:48 - 2020-03-14 12:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-03-14 12:48 - 2020-03-14 12:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-03-14 12:48 - 2020-03-14 12:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-03-14 12:36 - 2020-02-11 04:48 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-03-14 12:36 - 2020-02-11 04:37 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-03-04 10:20 - 2020-03-04 10:20 - 001795592 _____ C:\Users\cempa\Downloads\video-1583154651.mp4
2020-03-03 15:14 - 2020-03-03 15:14 - 000000000 ____D C:\WINDOWS\{6567E9E7-5D48-4B5D-BEFF-1F8AD76846E1}
2020-03-03 11:19 - 2020-03-03 11:19 - 000000737 _____ C:\Users\cempa\Desktop\rekordbox 5.lnk
2020-02-27 02:03 - 2020-02-27 02:03 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1033751270-1591875615-2768219290-1002
2020-02-27 02:03 - 2020-02-27 02:03 - 000002369 _____ C:\Users\cempa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-02-23 14:40 - 2020-02-23 14:40 - 001842570 _____ C:\Users\cempa\Downloads\video-1582401736.mp4
2020-02-23 14:40 - 2020-02-23 14:40 - 001366493 _____ C:\Users\cempa\Downloads\video-1582401774.mp4
2020-02-21 05:56 - 2020-02-21 05:56 - 000171008 _____ (Pioneer DJ Corporation.) C:\WINDOWS\system32\Pioneer_MIX_ASIO_x64.dll

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-03-21 19:10 - 2019-10-01 13:59 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-03-21 19:10 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-03-21 19:10 - 2019-03-19 04:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-03-21 19:01 - 2019-03-03 11:21 - 000000000 ____D C:\ProgramData\TEMP
2020-03-21 16:06 - 2019-10-01 14:16 - 000842668 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-03-21 16:06 - 2019-03-19 04:50 - 000000000 ____D C:\WINDOWS\INF
2020-03-21 16:05 - 2020-02-17 12:46 - 000000000 ____D C:\WINDOWS\system32\Tasks\Norton Security
2020-03-21 16:02 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\Registration
2020-03-21 16:02 - 2018-06-26 00:11 - 000000000 ____D C:\ProgramData\NVIDIA
2020-03-21 16:00 - 2019-10-01 14:13 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-03-21 16:00 - 2019-03-19 04:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-03-21 16:00 - 2019-03-19 04:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2020-03-21 16:00 - 2018-06-26 00:09 - 000000000 ____D C:\ProgramData\Goodix
2020-03-21 15:59 - 2019-03-19 04:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-03-21 15:59 - 2019-03-05 15:12 - 000000000 ____D C:\Program Files (x86)\Dell
2020-03-21 15:59 - 2018-06-26 00:08 - 000000000 ____D C:\ProgramData\Dell
2020-03-21 15:59 - 2018-06-26 00:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2020-03-21 15:59 - 2018-06-26 00:07 - 000000000 ____D C:\Program Files\Dell
2020-03-21 15:58 - 2019-05-09 17:42 - 000000000 ____D C:\Users\cempa\AppData\Roaming\uTorrent
2020-03-21 15:46 - 2019-06-23 23:44 - 000000000 ____D C:\Users\cempa\AppData\Local\BitTorrentHelper
2020-03-21 15:46 - 2019-05-09 17:43 - 000000000 ____D C:\Users\cempa\AppData\LocalLow\uTorrent
2020-03-21 15:45 - 2019-10-01 14:02 - 000000000 ____D C:\Users\cempa
2020-03-21 13:15 - 2019-05-15 11:16 - 000000000 ____D C:\Users\cempa\AppData\Roaming\audacity
2020-03-21 12:21 - 2019-10-17 10:35 - 000000000 ____D C:\Users\cempa\AppData\Local\cache
2020-03-21 12:20 - 2019-03-19 04:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-03-21 11:13 - 2018-06-26 00:13 - 000000000 ____D C:\Program Files (x86)\Dell Digital Delivery
2020-03-21 00:08 - 2019-03-15 17:36 - 000000000 ____D C:\Users\cempa\AppData\Roaming\PioneerLog
2020-03-20 22:21 - 2019-03-07 16:51 - 000000000 ____D C:\Program Files\Common Files\VST3
2020-03-20 22:19 - 2018-06-26 00:07 - 000000000 ____D C:\Program Files\Intel
2020-03-20 21:48 - 2019-07-03 22:29 - 000000000 ____D C:\Users\cempa\AppData\Roaming\vlc
2020-03-20 21:07 - 2019-10-01 14:13 - 000003420 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-03-20 21:06 - 2019-10-01 14:13 - 000003296 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-03-20 15:23 - 2019-03-02 21:12 - 000000000 ____D C:\Users\cempa\AppData\Local\CrashDumps
2020-03-20 14:42 - 2019-06-23 23:44 - 000000000 ___RD C:\Users\cempa\Documents\FILMS
2020-03-20 14:33 - 2019-05-13 17:28 - 000000000 ____D C:\ProgramData\Adobe
2020-03-20 14:33 - 2019-03-02 20:57 - 000000000 ____D C:\Users\cempa\AppData\Roaming\Adobe
2020-03-20 13:40 - 2019-03-18 13:11 - 000000000 ____D C:\Users\cempa\AppData\Local\D3DSCache
2020-03-20 13:01 - 2019-10-03 09:41 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-03-20 13:01 - 2019-10-03 09:41 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2020-03-19 20:02 - 2019-03-05 11:15 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-03-19 20:02 - 2019-03-05 11:15 - 000002264 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-03-19 20:02 - 2019-03-05 11:15 - 000002264 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-03-18 18:14 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-03-17 12:28 - 2019-10-01 13:59 - 000440104 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-03-17 12:28 - 2019-03-07 11:38 - 000000000 ____D C:\ProgramData\PACE
2020-03-17 12:28 - 2019-03-02 20:57 - 000000000 ___RD C:\Users\cempa\3D Objects
2020-03-17 12:28 - 2018-06-26 00:13 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-03-17 12:27 - 2019-03-19 04:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2020-03-17 12:27 - 2019-03-19 04:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-03-17 12:27 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2020-03-17 12:27 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-03-17 12:27 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-03-17 12:27 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2020-03-17 12:27 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\system32\setup
2020-03-17 12:27 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-03-17 12:27 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-03-17 12:27 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-03-17 12:27 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-03-17 12:27 - 2019-03-19 04:52 - 000000000 ____D C:\Program Files\Windows Defender
2020-03-17 12:27 - 2019-03-19 04:37 - 000000000 ____D C:\WINDOWS\servicing
2020-03-16 23:02 - 2019-03-19 04:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-03-16 23:01 - 2020-02-04 14:10 - 000000000 ____D C:\Program Files\Microsoft Office
2020-03-16 15:11 - 2019-10-02 13:52 - 000000000 ____D C:\WINDOWS\Minidump
2020-03-16 15:05 - 2019-03-05 12:20 - 000000000 ____D C:\Users\cempa\Documents\Max 8
2020-03-14 12:56 - 2019-03-02 14:12 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-03-14 12:53 - 2019-03-19 04:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-03-14 12:53 - 2019-03-02 14:12 - 121542864 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-03-08 15:27 - 2019-04-25 13:07 - 000000000 ____D C:\Users\cempa\Documents\Tickets
2020-03-06 17:48 - 2019-03-15 17:36 - 000000000 ____D C:\Users\cempa\Documents\rekordbox
2020-03-03 11:19 - 2019-03-15 17:36 - 000000000 ____D C:\Users\cempa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pioneer
2020-03-03 11:18 - 2019-03-15 17:35 - 000000000 ____D C:\Program Files\Pioneer
2020-03-02 17:42 - 2019-03-02 20:57 - 000000000 ____D C:\Users\cempa\AppData\Local\Packages
2020-02-28 14:30 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-02-27 02:03 - 2019-03-02 20:59 - 000000000 ___RD C:\Users\cempa\OneDrive
2020-02-26 14:26 - 2019-03-02 15:29 - 000000000 ____D C:\Users\cempa\AppData\Roaming\Ableton
2020-02-26 13:47 - 2019-03-07 09:39 - 000000000 ____D C:\Users\cempa\AppData\Local\ElevatedDiagnostics
2020-02-26 13:35 - 2019-03-02 15:26 - 000000000 ____D C:\ProgramData\Ableton
2020-02-22 12:29 - 2020-02-17 12:41 - 000002410 _____ C:\Users\Public\Desktop\Norton Security.lnk
2020-02-22 12:29 - 2020-02-17 12:41 - 000002410 _____ C:\ProgramData\Desktop\Norton Security.lnk
2020-02-22 12:29 - 2020-02-17 12:41 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2020-02-21 21:20 - 2019-03-02 21:12 - 000000000 ____D C:\Users\cempa\AppData\Local\Comms

==================== Files in the root of some directories ========

2019-05-15 00:07 - 2019-05-15 00:07 - 000000000 _____ () C:\Users\cempa\AppData\Local\oobelibMkey.log

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-03-2020
Ran by cempa (21-03-2020 19:25:43)
Running from C:\Users\cempa\Downloads
Windows 10 Home Version 1903 18362.720 (X64) (2019-10-01 14:13:35)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1033751270-1591875615-2768219290-500 - Administrator - Disabled)
cempa (S-1-5-21-1033751270-1591875615-2768219290-1002 - Administrator - Enabled) => C:\Users\cempa
DefaultAccount (S-1-5-21-1033751270-1591875615-2768219290-503 - Limited - Disabled)
Guest (S-1-5-21-1033751270-1591875615-2768219290-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1033751270-1591875615-2768219290-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton Security (Enabled - Up to date) {1122B19A-E671-38EC-8EAC-87048FD4528D}
AV: Norton Security (Enabled - Up to date) {A2708B76-6835-6565-CB96-694212954A75}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
FW: Norton Security (Enabled) {9A4B0A53-225A-643D-E0C9-C077EC460D0E}
FW: Norton Security (Enabled) {291930BF-AC1E-39B4-A5F3-2E31710715F6}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1033751270-1591875615-2768219290-1002\...\uTorrent) (Version: 3.5.5.45608 - BitTorrent Inc.)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Ableton Live 10 Suite (HKLM\...\{BF5B0440-80C4-4F3B-B0FD-AB43B2CC106D}) (Version: 10.0.0.0 - Ableton)
Acronis True Image 2014 (HKLM-x32\...\{4A79A394-835A-49D7-8662-60643872DFF6}) (Version: 17.0.6614 - Acronis) Hidden
Acronis True Image 2014 (HKLM-x32\...\{4A79A394-835A-49D7-8662-60643872DFF6}Visible) (Version: 17.0.6614 - Acronis)
Arturia Piano V2 (HKLM\...\Piano V2_is1) (Version: 2.4.1.2810 - Arturia & Team V.R)
Arturia Synths Collection (HKLM\...\Arturia Synths Collection_is1) (Version: 2019.5 - Arturia & Team V.R)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.51.1 - Asmedia Technology)
Audacity 2.3.2 (HKLM-x32\...\Audacity_is1) (Version: 2.3.2 - Audacity Team)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Camel Audio CamelCrusher64 (HKLM-x32\...\Camel Audio CamelCrusher64) (Version: 1.01.0 - Camel Audio)
Dell Mobile Connect Drivers (HKLM\...\{AAB336F0-6FC6-4BFE-AD7E-315FCDF20156}) (Version: 1.1.3750 - Screenovate Technologies Ltd.)
Dell SupportAssist Remediation (HKLM\...\{52564BB9-17C5-425E-ABEC-1DC2736AA775}) (Version: 5.0.1.10874 - Dell Inc.) Hidden
Dell SupportAssist Remediation (HKLM-x32\...\{cd039b79-e779-4a8e-b9cd-25fac5b640cc}) (Version: 5.0.1.10874 - Dell Inc.)
Dell Update - SupportAssist Update Plugin (HKLM-x32\...\{1dbe752f-b00e-4567-9276-141812b20d28}) (Version: 4.0.1.5857 - Dell Inc.)
DSC/AA Factory Installer (HKLM\...\{F7A70D00-F283-45C8-B163-49EC365D7E27}) (Version: 2.0.6875.402 - PC-Doctor, Inc.) Hidden
Focusrite USB 4.62.1.504 (HKLM\...\Focusrite USB_is1) (Version: 4.62.1.504 - Focusrite Audio Engineering, Ltd.)
Goodix Fingerprint Driver (HKLM\...\{60FAB781-18F2-4D2B-A8E7-B3AADD327955}_is1) (Version: 2.1.32.200 - Goodix, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.149 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Intel(R) C++ Redistributables on IA-32 (HKLM-x32\...\{317059CB-7642-4F2E-89C0-62E69D4074B7}) (Version: 15.0.148 - Intel Corporation)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{2DD3C090-2986-4970-B3CB-87BB4C8AC4A5}) (Version: 15.0.148 - Intel Corporation)
Intel(R) Chipset Device Software (HKLM-x32\...\{55d73ea7-6354-42db-8831-02d048ae57f8}) (Version: 10.1.17541.8066 - Intel(R) Corporation) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.4.10500.5526 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1813.12.0.1121 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 23.20.16.4973 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.0.2.1086 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.48.197.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{66129f84-d3f0-4884-ac54-369ae6fc2cf6}) (Version: 1.48.197.0 - Intel Corporation) Hidden
Intel® Hardware Accelerated Execution Manager (HKLM\...\{754CC9DC-3DB4-4FB2-B71E-87331DB9EA17}) (Version: 7.5.4 - Intel Corporation)
JBridge (HKLM-x32\...\JBridge) (Version: - JBridge)
Killer Performance Driver Suite (HKLM\...\{BEE96141-B024-4540-B476-E6FDE243538C}) (Version: 1.6.1851 - Rivet Networks)
KORG USB-MIDI Driver Tools for Windows 10 (HKLM-x32\...\{C7B06DB0-64A6-436E-B473-0E0EECC5E174}) (Version: 1.15.3102 - Korg Inc.)
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
Max 8 (64-bit) (HKLM\...\{28016622-B906-4DC3-A0DF-855543105284}) (Version: 8.1.2 - Cycling '74)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.12527.20278 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1033751270-1591875615-2768219290-1002\...\OneDriveSetup.exe) (Version: 19.232.1124.0008 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27027 (HKLM-x32\...\{fd9b6070-d13e-45dc-819b-41806bf45b6b}) (Version: 14.16.27027.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27027 (HKLM-x32\...\{39e28474-b67b-4209-af1b-e9ad0a83d8ca}) (Version: 14.16.27027.1 - Microsoft Corporation)
Native Instruments Native Access (HKLM-x32\...\Native Instruments Native Access) (Version: 1.12.1.129 - Native Instruments)
Native Instruments Reaktor 6 (HKLM-x32\...\Native Instruments Reaktor 6) (Version: 6.1.1.35 - Native Instruments)
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: 2.6.0.137 - Native Instruments)
Norton Security (HKLM-x32\...\NGC) (Version: 22.20.1.69 - Symantec Corporation)
Norton Utilities 16 (HKLM-x32\...\Norton Utilities 16_is1) (Version: 16.0 - Symantec Corporation)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.0.118 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.0.118 - NVIDIA Corporation)
NVIDIA Graphics Driver 436.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 436.48 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.12527.20278 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.12527.20242 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.12527.20278 - Microsoft Corporation) Hidden
PACE License Support Win64 (HKLM\...\{52F54766-2321-4841-A523-CA0C8261E26D}) (Version: 5.0.3.2569 - PACE Anti-Piracy, Inc.) Hidden
PACE License Support Win64 (HKLM-x32\...\InstallShield_{52F54766-2321-4841-A523-CA0C8261E26D}) (Version: 5.0.3.2569 - PACE Anti-Piracy, Inc.)
Pioneer DJ DDJ_SB2 Driver (HKLM-x32\...\Pioneer DJ DDJ_SB2 ASIO) (Version: 1.100.000.002 - Pioneer DJ Corporation.)
Pioneer MIX 64bit Driver (HKLM\...\Pioneer MIX) (Version: 5.8.4.0006 - Pioneer DJ Corporation.)
Plugin Boutique Scaler (HKLM\...\Scaler_is1) (Version: 1.8.1 - Plugin Boutique)
Qualcomm Atheros Bluetooth Installer (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.448 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8428 - Realtek Semiconductor Corp.)
rekordbox 5.6.0 64bit (HKLM\...\Pioneer rekordbox 5.6.0) (Version: 5.6.0.0017 - Pioneer DJ)
rekordbox 5.6.1 64bit (HKLM\...\Pioneer rekordbox 5.6.1) (Version: 5.6.1.0026 - Pioneer DJ)
rekordbox 5.7.0 64bit (HKLM\...\Pioneer rekordbox 5.7.0) (Version: 5.7.0.0014 - Pioneer DJ)
rekordbox 5.8.4 64bit (HKLM\...\Pioneer rekordbox 5.8.4) (Version: 5.8.4.0006 - Pioneer DJ)
RogueKiller version 14.2.1.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 14.2.1.0 - Adlice Software)
Roland VS JV-1080 (HKLM\...\JV-1080_is1) (Version: 1.0.5 - Roland VS)
Serato DJ Lite (HKLM\...\{25923430-DC2B-4837-9CCA-009915F4A679}) (Version: 1.1.2.2266 - Serato Limited) Hidden
Serato DJ Lite (HKLM-x32\...\{2f4c8b3f-67a9-45a7-800e-976eeb84969c}) (Version: 1.1.2.2266 - Serato Limited)
SoulseekQt version 2017.2.20 (HKLM-x32\...\{8A4E1646-488C-4E5B-AC31-F784400E8D2D}_is1) (Version: 2017.2.20 - Soulseek LLC)
Soundtoys Sie-Q 5 64 bit (HKLM\...\Sie-Q 5 64 bit_is1) (Version: - Soundtoys Inc)
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.10.0091 - ST Microelectronics)
Thunderbolt™ Software (HKLM-x32\...\{6ECDE40C-4023-419A-8A4E-50FB71275876}) (Version: 17.3.73.350 - Intel Corporation)
u-he synth bundle (HKLM\...\u-he synth bundle_is1) (Version: 2020.01 - Urs Heckmann & Team V.R)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{344F3227-F502-4219-9DC4-1967E586FAFA}) (Version: 2.51.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.7.1 - VideoLAN)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-2) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-3) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-4) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-5) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Waves Central 10.0.1.3 (HKLM-x32\...\{94000200-C561-4E32-99EB-3C5AD3683A70}_is1) (Version: 10.0.1 - Waves, Inc.)
Windscribe (HKLM-x32\...\{fa690e90-ddb0-4f0c-b3f1-136c084e5fc7}_is1) (Version: 1.83 Build 20 - Windscribe Limited)

Packages:
=========
Dell Customer Connect -> C:\Program Files\WindowsApps\DellInc.DellCustomerConnect_5.2.25.0_x64__htrsf667h5kn2 [2020-03-04] (Dell Inc)
Dell Free Fall Data Protection -> C:\Program Files\WindowsApps\STMicroelectronicsMEMS.DellFreeFallDataProtection_1.0.10.0_x64__rp6h1c31mfy1y [2019-07-09] (STMICROELECTRONICS S.R.L.)
Dell Help & Support -> C:\Program Files\WindowsApps\DellInc.DellHelpSupport_3.2.1.0_x64__htrsf667h5kn2 [2018-06-26] (Dell Inc)
Dell Mobile Connect -> C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_2.0.8168.0_x64__0vhbc3ng4wbp0 [2019-04-30] (Screenovate Technologies) [Startup Task]
Dell Power Manager -> C:\Program Files\WindowsApps\DellInc.DellPowerManager_3.6.12.0_x64__htrsf667h5kn2 [2020-02-05] (Dell Inc)
Dell PremierColor -> C:\Program Files\WindowsApps\PortraitDisplays.DellPremierColor_5.1.2.0_x64__2dgmkzkw4h30c [2020-02-09] (Portrait Displays) [Startup Task]
Dell Product Registration -> C:\Program Files\WindowsApps\DellInc.DellProductRegistration_3.4.6.0_x64__htrsf667h5kn2 [2018-06-26] (Dell Inc)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.1.4081.0_x64__rz1tebttyb220 [2020-01-30] (Dolby Laboratories)
Dropbox promotion -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_20.4.3.0_x64__xbfy0k16fey96 [2020-01-22] (Dropbox Inc.)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa [2020-01-30] (Apple Inc.) [Startup Task]
Killer Control Center -> C:\Program Files\WindowsApps\RivetNetworks.KillerControlCenter_1.6.1858.0_x64__rh07ty8m5nkag [2019-03-02] (Rivet Networks LLC)
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2019-03-02] (LinkedIn)
McAfee® Personal Security -> C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.27.0_x64__wafk5atnkzcwy [2020-02-29] (McAfee LLC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-03-02] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-03-02] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.36.20583.0_x64__8wekyb3d8bbwe [2020-03-06] (Microsoft Corporation) [MS Ad]
Microsoft Remote Desktop -> C:\Program Files\WindowsApps\Microsoft.RemoteDesktop_10.1.1195.0_x86__8wekyb3d8bbwe [2020-03-10] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-11] (Microsoft Studios) [MS Ad]
MPEG-2 Video Extension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2019-09-24] (Microsoft Corporation)
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20503.0_x64__8wekyb3d8bbwe [2020-03-06] (Microsoft Corporation) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.95.602.0_x64__mcm4njqhnhss8 [2019-11-01] (Netflix, Inc.)
Photos Add-on -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2019-05-15] (Microsoft Corporation)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-12-22] (Microsoft Corporation)
Waves MaxxAudio Pro for Dell -> C:\Program Files\WindowsApps\WavesAudio.WavesMaxxAudioProforDell_1.1.131.0_x64__fh4rh281wavaa [2019-03-02] (Waves Audio)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.20.1.69\buShell.dll [2020-01-21] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.20.1.69\buShell.dll [2020-01-21] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.20.1.69\buShell.dll [2020-01-21] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-10-01] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-10-01] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-10-01] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.20.1.69\buShell.dll [2020-01-21] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.20.1.69\buShell.dll [2020-01-21] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.20.1.69\buShell.dll [2020-01-21] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.20.1.69\buShell.dll [2020-01-21] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers1: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.20.1.69\NavShExt.dll [2020-01-21] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers1: [VersionsPageShellExt] -> {9E42900A-85F9-4E67-9778-575FBBA0A81C} => C:\Program Files (x86)\Acronis\TrueImageHome\x64\versions_page.dll [2013-10-01] (Acronis International GmbH -> Acronis)
ContextMenuHandlers2: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.20.1.69\NavShExt.dll [2020-01-21] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-03-21] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki127034.inf_amd64_67158b9e3d4a0df5\igfxDTCM.dll [2018-03-12] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-09-26] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.20.1.69\buShell.dll [2020-01-21] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-03-21] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.20.1.69\NavShExt.dll [2020-01-21] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers6: [VersionsPageShellExt] -> {9E42900A-85F9-4E67-9778-575FBBA0A81C} => C:\Program Files (x86)\Acronis\TrueImageHome\x64\versions_page.dll [2013-10-01] (Acronis International GmbH -> Acronis)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [midi2] => C:\Windows\system32\KORGUM64.DRV [327088 2019-07-17] (KORG INC. -> KORG INC.)
HKLM\...\Drivers32: [midi1] => C:\Windows\system32\KORGUM64.DRV [327088 2019-07-17] (KORG INC. -> KORG INC.)
HKLM\...\Drivers32: [midi2] => C:\Windows\SysWOW64\KORGUM64.DRV [314800 2019-07-17] (KORG INC. -> KORG INC.)
HKLM\...\Drivers32: [midi1] => C:\Windows\SysWOW64\KORGUM64.DRV [314800 2019-07-17] (KORG INC. -> KORG INC.)

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2019-04-11 23:37 - 2019-04-11 23:37 - 007691264 _____ () [File not signed] C:\Program Files (x86)\Common Files\PACE\Proxy\WrapPersist64.dll
2019-03-07 15:55 - 2018-07-06 17:22 - 001603072 _____ () [File not signed] C:\Program Files (x86)\Windscribe\libGLESv2.dll
2019-03-07 15:55 - 2018-07-06 17:22 - 000071168 _____ () [File not signed] C:\Program Files (x86)\Windscribe\zlib1.dll
2020-02-10 13:28 - 2020-02-10 13:28 - 000683008 _____ () [File not signed] C:\Program Files\Cycling '74\Max 8\resources\extensions\jitter\sketch.mxe64
2020-02-10 13:34 - 2020-02-10 13:34 - 011339264 _____ () [File not signed] C:\Program Files\Cycling '74\Max 8\resources\packages\VIDDLL\support\pc_x64\avcodec-57.dll
2020-02-10 13:34 - 2020-02-10 13:34 - 002078720 _____ () [File not signed] C:\Program Files\Cycling '74\Max 8\resources\packages\VIDDLL\support\pc_x64\avfilter-6.dll
2020-02-10 13:34 - 2020-02-10 13:34 - 002129408 _____ () [File not signed] C:\Program Files\Cycling '74\Max 8\resources\packages\VIDDLL\support\pc_x64\avformat-57.dll
2020-02-10 13:34 - 2020-02-10 13:34 - 000258560 _____ () [File not signed] C:\Program Files\Cycling '74\Max 8\resources\packages\VIDDLL\support\pc_x64\avresample-3.dll
2020-02-10 13:34 - 2020-02-10 13:34 - 000594944 _____ () [File not signed] C:\Program Files\Cycling '74\Max 8\resources\packages\VIDDLL\support\pc_x64\avutil-55.dll
2020-02-10 13:34 - 2020-02-10 13:34 - 000207872 _____ () [File not signed] C:\Program Files\Cycling '74\Max 8\resources\packages\VIDDLL\support\pc_x64\swresample-2.dll
2020-02-10 13:34 - 2020-02-10 13:34 - 000591872 _____ () [File not signed] C:\Program Files\Cycling '74\Max 8\resources\packages\VIDDLL\support\pc_x64\swscale-4.dll
2020-02-10 13:34 - 2020-02-10 13:34 - 005682688 _____ () [File not signed] C:\Program Files\Cycling '74\Max 8\resources\packages\VIDDLL\support\pc_x64\viddll.dll
2020-02-10 13:09 - 2020-02-10 13:09 - 000679936 _____ () [File not signed] C:\Program Files\Cycling '74\Max 8\resources\support\MaxLua.dll
2016-12-08 15:14 - 2016-12-08 15:14 - 000413184 _____ () [File not signed] C:\Program Files\JBridge\Bridger64.dll
2018-12-05 12:29 - 2018-12-05 12:29 - 000088576 _____ () [File not signed] C:\Program Files\JBridge\Proxy64.dll
2020-02-25 10:08 - 2019-01-14 10:51 - 000325120 _____ () [File not signed] C:\ProgramData\Ableton\Live 10 Suite\Program\USFLIB.dll
2019-03-05 12:32 - 2019-03-05 12:32 - 003218432 _____ () [File not signed] C:\Users\cempa\Documents\MUSIC\VST Plugins + Instruments\VST Plugins\32bit\Valhalla\ValhallaVintageVerb.dll
2019-03-06 14:08 - 2019-03-06 14:08 - 000003584 _____ () [File not signed] C:\Users\cempa\Documents\MUSIC\VST Plugins + Instruments\VST Plugins\64bit new\Bridge\Fab Filter\FabFilter Pro-C 2.64.dll
2019-03-06 14:09 - 2019-03-06 14:09 - 000003584 _____ () [File not signed] C:\Users\cempa\Documents\MUSIC\VST Plugins + Instruments\VST Plugins\64bit new\Bridge\Fab Filter\FabFilter Pro-L.64.dll
2019-03-07 12:06 - 2019-03-07 12:06 - 000003584 _____ () [File not signed] C:\Users\cempa\Documents\MUSIC\VST Plugins + Instruments\VST Plugins\64bit new\Bridge\Soundtoys\Decapitator.64.dll
2019-03-07 12:06 - 2019-03-07 12:06 - 000003584 _____ () [File not signed] C:\Users\cempa\Documents\MUSIC\VST Plugins + Instruments\VST Plugins\64bit new\Bridge\Soundtoys\EchoBoy.64.dll
2019-03-06 14:16 - 2019-03-06 14:16 - 000003584 _____ () [File not signed] C:\Users\cempa\Documents\MUSIC\VST Plugins + Instruments\VST Plugins\64bit new\Bridge\Valhalla\ValhallaVintageVerb.64.dll
2011-10-18 14:50 - 2011-10-18 14:50 - 000692736 _____ () [File not signed] C:\Users\cempa\Documents\MUSIC\VST Plugins + Instruments\VST Plugins\64bit new\CamelCrusher.dll
2019-03-06 11:40 - 2018-09-02 12:52 - 009239040 ____R () [File not signed] C:\Users\cempa\Documents\MUSIC\VST Plugins + Instruments\VST Plugins\64bit new\U-He\Diva(x64).dll
2020-02-10 13:27 - 2020-02-10 13:27 - 001470464 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\extensions\jitter\gl2.mxe64
2020-02-10 13:28 - 2020-02-10 13:28 - 000399872 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\extensions\m4l\live.guilib.mxe64
2020-02-10 13:26 - 2020-02-10 13:26 - 000039424 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\extensions\max\autohelp.mxe64
2020-02-10 13:26 - 2020-02-10 13:26 - 011084288 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\extensions\max\clang.mxe64
2020-02-10 13:26 - 2020-02-10 13:26 - 000019968 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\extensions\max\debugwindow.mxe64
2020-02-10 13:26 - 2020-02-10 13:26 - 001516032 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\extensions\max\genpatcher.mxe64
2020-02-10 13:27 - 2020-02-10 13:27 - 000492032 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\extensions\max\maxurl.mxe64
2020-02-10 13:27 - 2020-02-10 13:27 - 002581504 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\extensions\max\maxxslt.mxe64
2020-02-10 13:27 - 2020-02-10 13:27 - 000102912 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\extensions\max\maxzlib.mxe64
2020-02-10 13:27 - 2020-02-10 13:27 - 000022528 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\extensions\max\objectview.mxe64
2020-02-10 13:27 - 2020-02-10 13:27 - 000041472 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\extensions\max\palblocks.mxe64
2020-02-10 13:27 - 2020-02-10 13:27 - 000054272 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\extensions\max\pianoroll.mxe64
2020-02-10 13:27 - 2020-02-10 13:27 - 000029184 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\extensions\max\querylib.mxe64
2020-02-10 13:27 - 2020-02-10 13:27 - 000032768 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\extensions\max\setplugpath.mxe64
2020-02-10 13:27 - 2020-02-10 13:27 - 000900096 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\extensions\max\sqlite.mxe64
2020-02-10 13:27 - 2020-02-10 13:27 - 000216576 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\extensions\max\synophrys.mxe64
2020-02-10 13:28 - 2020-02-10 13:28 - 000258560 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\extensions\max\yaml.mxe64
2020-02-10 13:27 - 2020-02-10 13:27 - 000024576 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\extensions\max\zoomer.mxe64
2020-02-10 13:27 - 2020-02-10 13:27 - 000057344 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\extensions\msp\max~.mxe64
2020-02-10 13:27 - 2020-02-10 13:27 - 000046592 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\extensions\msp\polybuffer.mxe64
2020-02-10 13:27 - 2020-02-10 13:27 - 000017920 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\extensions\msp\probe.history~.mxe64
2020-02-10 13:27 - 2020-02-10 13:27 - 000015360 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\extensions\msp\probe.meter~.mxe64
2020-02-10 13:27 - 2020-02-10 13:27 - 000024064 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\extensions\msp\probe.scope~.mxe64
2020-02-10 13:22 - 2020-02-10 13:22 - 000028672 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\externals\ad\MSPReWireDevice.dll
2020-02-10 13:39 - 2020-02-10 13:39 - 000023040 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\externals\jitter\jit.catch~.mxe64
2020-02-10 13:39 - 2020-02-10 13:39 - 000026112 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\externals\jitter\jit.gl.graph.mxe64
2020-02-10 13:40 - 2020-02-10 13:40 - 000014336 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\externals\jitter\jit.gl.render.mxe64
2020-02-10 13:40 - 2020-02-10 13:40 - 000160256 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\externals\jitter\jit.gl.sketch.mxe64
2020-02-10 13:42 - 2020-02-10 13:42 - 000037376 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\externals\jitter\jit.pwindow.mxe64
2020-02-10 13:42 - 2020-02-10 13:42 - 000249344 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\externals\jitter\jit.qt.engine.mxe64
2020-02-10 13:28 - 2020-02-10 13:28 - 000015872 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\externals\m4l\live.banks.mxe64
2020-02-10 13:28 - 2020-02-10 13:28 - 000012800 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\externals\m4l\live.colors.mxe64
2020-02-10 13:28 - 2020-02-10 13:28 - 000024576 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\externals\m4l\live.object.mxe64
2020-02-10 13:28 - 2020-02-10 13:28 - 000022016 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\externals\m4l\live.observer.mxe64
2020-02-10 13:28 - 2020-02-10 13:28 - 000016896 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\externals\m4l\live.path.mxe64
2020-02-10 13:28 - 2020-02-10 13:28 - 000021504 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\externals\m4l\live.remote~.mxe64
2020-02-10 13:29 - 2020-02-10 13:29 - 000020992 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\externals\m4l\live.thisdevice.mxe64
2020-02-10 13:18 - 2020-02-10 13:18 - 000013824 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\externals\max\append.mxe64
2020-02-10 13:18 - 2020-02-10 13:18 - 000015872 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\externals\max\atoi.mxe64
2020-02-10 13:18 - 2020-02-10 13:18 - 000046080 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\externals\max\autopattr.mxe64
2020-02-10 13:19 - 2020-02-10 13:19 - 000027648 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\externals\max\button.mxe64
2020-02-10 13:18 - 2020-02-10 13:18 - 000049664 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\externals\max\coll.mxe64
2020-02-10 13:19 - 2020-02-10 13:19 - 000040960 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\externals\max\comment.mxe64
2020-02-10 13:19 - 2020-02-10 13:19 - 000012288 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\externals\max\defer.mxe64
2020-02-10 13:19 - 2020-02-10 13:19 - 000012288 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\externals\max\deferlow.mxe64
2020-02-10 13:19 - 2020-02-10 13:19 - 000014848 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\externals\max\itoa.mxe64
2020-02-10 13:20 - 2020-02-10 13:20 - 000014336 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\externals\max\loadmess.mxe64
2020-02-10 13:19 - 2020-02-10 13:19 - 000043008 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\externals\max\message.mxe64
2020-02-10 13:20 - 2020-02-10 13:20 - 000018432 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\externals\max\metro.mxe64
2020-02-10 13:19 - 2020-02-10 13:19 - 000054784 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\externals\max\number.mxe64
2020-02-10 13:20 - 2020-02-10 13:20 - 000014336 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\externals\max\pak.mxe64
2020-02-10 13:20 - 2020-02-10 13:20 - 000044032 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\externals\max\panel.mxe64
2020-02-10 13:20 - 2020-02-10 13:20 - 000014336 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\externals\max\prepend.mxe64
2020-02-10 13:20 - 2020-02-10 13:20 - 000012288 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\externals\max\rdiv.mxe64
2020-02-10 13:21 - 2020-02-10 13:21 - 000012288 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\externals\max\rminus.mxe64
2020-02-10 13:21 - 2020-02-10 13:21 - 000017920 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\externals\max\scale.mxe64
2020-02-10 13:21 - 2020-02-10 13:21 - 000014848 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\externals\max\substitute.mxe64
2020-02-10 13:20 - 2020-02-10 13:20 - 000027648 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\externals\max\toggle.mxe64
2020-02-10 13:21 - 2020-02-10 13:21 - 000017920 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\externals\max\translate.mxe64
2020-02-10 13:21 - 2020-02-10 13:21 - 000044032 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\externals\max\zl.mxe64
2020-02-10 13:22 - 2020-02-10 13:22 - 000011776 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\externals\msp\change~.mxe64
2020-02-10 13:22 - 2020-02-10 13:22 - 000014336 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\externals\msp\click~.mxe64
2020-02-10 13:22 - 2020-02-10 13:22 - 000012800 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\externals\msp\clip~.mxe64
2020-02-10 13:22 - 2020-02-10 13:22 - 000013824 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\externals\msp\cos~.mxe64
2020-02-10 13:22 - 2020-02-10 13:22 - 000012288 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\externals\msp\downsamp~.mxe64
2020-02-10 13:22 - 2020-02-10 13:22 - 000012800 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\externals\msp\dspstate~.mxe64
2020-02-10 13:22 - 2020-02-10 13:22 - 000012288 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\externals\msp\equals~.mxe64
2020-02-10 13:23 - 2020-02-10 13:23 - 000014336 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\externals\msp\gate~.mxe64
2020-02-10 13:23 - 2020-02-10 13:23 - 000012288 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\externals\msp\greaterthan~.mxe64
2020-02-10 13:24 - 2020-02-10 13:24 - 000012800 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\externals\msp\modulo~.mxe64
2020-02-10 13:24 - 2020-02-10 13:24 - 000012288 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\externals\msp\mstosamps~.mxe64
2020-02-10 13:24 - 2020-02-10 13:24 - 000012288 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\externals\msp\mute~.mxe64
2020-02-10 13:24 - 2020-02-10 13:24 - 000012288 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\externals\msp\noise~.mxe64
2020-02-10 13:24 - 2020-02-10 13:24 - 000012288 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\externals\msp\notequals~.mxe64
2020-02-10 13:24 - 2020-02-10 13:24 - 000011776 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\externals\msp\pass~.mxe64
2020-02-10 13:24 - 2020-02-10 13:24 - 000017408 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\externals\msp\phasor~.mxe64
2020-02-10 13:24 - 2020-02-10 13:24 - 000015872 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\externals\msp\plugin~.mxe64
2020-02-10 13:25 - 2020-02-10 13:25 - 000016384 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\externals\msp\plugout~.mxe64
2020-02-10 13:25 - 2020-02-10 13:25 - 000012288 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\externals\msp\plus~.mxe64
2020-02-10 13:25 - 2020-02-10 13:25 - 000014848 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\externals\msp\rand~.mxe64
2020-02-10 13:25 - 2020-02-10 13:25 - 000012288 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\externals\msp\rminus~.mxe64
2020-02-10 13:25 - 2020-02-10 13:25 - 000012288 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\externals\msp\sah~.mxe64
2020-02-10 13:25 - 2020-02-10 13:25 - 000013312 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\externals\msp\selector~.mxe64
2020-02-10 13:25 - 2020-02-10 13:25 - 000013824 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\externals\msp\sig~.mxe64
2020-02-10 13:25 - 2020-02-10 13:25 - 000012800 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\externals\msp\slide~.mxe64
2020-02-10 13:25 - 2020-02-10 13:25 - 000017408 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\externals\msp\snapshot~.mxe64
2020-02-10 13:25 - 2020-02-10 13:25 - 000012288 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\externals\msp\times~.mxe64
2020-02-10 13:25 - 2020-02-10 13:25 - 000013824 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\externals\msp\triangle~.mxe64
2020-02-10 13:34 - 2020-02-10 13:34 - 000143872 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\packages\VIDDLL\extensions\sysaudio.mxe64
2020-02-10 13:34 - 2020-02-10 13:34 - 000060416 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\packages\VIDDLL\externals\jit.viddll.engine.mxe64
2020-02-10 13:10 - 2020-02-10 13:10 - 001806336 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\support\jitlib.dll
2020-02-10 13:09 - 2020-02-10 13:09 - 000239616 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\support\MaxAPI.dll
2020-02-10 13:09 - 2020-02-10 13:09 - 000722432 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\support\MaxAudio.dll
2020-02-10 13:18 - 2020-02-10 13:18 - 017150976 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\support\MaxPlug.DLL
2020-02-10 13:18 - 2020-02-10 13:18 - 000214528 _____ (Cycling '74) [File not signed] C:\Program Files\Cycling '74\Max 8\resources\support\patcher.dll
2019-03-05 12:32 - 2019-03-05 12:32 - 001967616 _____ (FabFilter) [File not signed] C:\Users\cempa\Documents\MUSIC\VST Plugins + Instruments\VST Plugins\32bit\Fab Filter\FabFilter Pro-C 2.dll
2019-03-05 12:32 - 2019-03-05 12:32 - 001809920 _____ (FabFilter) [File not signed] C:\Users\cempa\Documents\MUSIC\VST Plugins + Instruments\VST Plugins\32bit\Fab Filter\FabFilter Pro-L.dll
2017-05-22 21:27 - 2017-05-22 21:27 - 000145408 _____ (Michael Tippach) [File not signed] C:\Program Files (x86)\ASIO4ALL v2\asio4all64.dll
2019-03-02 15:28 - 2019-01-14 10:54 - 002081280 _____ (Propellerhead Software AB) [File not signed] C:\Program Files\Common Files\Propellerhead Software\ReWire\ReWire.dll
2019-03-07 11:53 - 2019-03-07 11:53 - 015560704 _____ (SoundToys) [File not signed] C:\Users\cempa\Documents\MUSIC\VST Plugins + Instruments\VST Plugins\32bit\Soundtoys\Decapitator.dll
2019-03-07 11:53 - 2019-03-07 11:53 - 010928128 _____ (SoundToys) [File not signed] C:\Users\cempa\Documents\MUSIC\VST Plugins + Instruments\VST Plugins\32bit\Soundtoys\EchoBoy.dll
2019-03-07 15:55 - 2018-07-06 17:22 - 000058368 _____ (The c-ares library, hxxps://c-ares.haxx.se/) [File not signed] C:\Program Files (x86)\Windscribe\cares.dll
2019-03-07 15:55 - 2018-09-13 23:56 - 000350208 _____ (The curl library, hxxps://curl.haxx.se/) [File not signed] C:\Program Files (x86)\Windscribe\libcurl.dll
2019-03-07 15:55 - 2018-07-06 17:22 - 001212928 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Windscribe\LIBEAY32.dll
2019-03-07 15:55 - 2018-07-06 17:22 - 000276480 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Windscribe\SSLEAY32.dll
2019-03-07 15:55 - 2018-07-06 17:22 - 000024576 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Windscribe\imageformats\qgif.dll
2019-03-07 15:55 - 2018-07-06 17:22 - 000025088 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Windscribe\imageformats\qico.dll
2019-03-07 15:55 - 2018-07-06 17:22 - 000986624 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Windscribe\platforms\qwindows.dll
2019-03-07 15:55 - 2018-07-06 17:22 - 004694016 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Windscribe\Qt5Core.dll
2019-03-07 15:55 - 2018-07-06 17:22 - 003677184 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Windscribe\Qt5Gui.dll
2019-03-07 15:55 - 2018-07-06 17:22 - 000856064 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Windscribe\Qt5Network.dll
2019-03-07 15:55 - 2018-07-06 17:22 - 004483072 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Windscribe\Qt5Widgets.dll
2020-02-25 10:08 - 2019-01-14 10:51 - 000394752 _____ (TODO: <Company name>) [File not signed] C:\ProgramData\Ableton\Live 10 Suite\Program\VideoExportMMF.dll
 
==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData:482EE99B1E21CE8C [217]
AlternateDataStreams: C:\Users\All Users:482EE99B1E21CE8C [217]
AlternateDataStreams: C:\ProgramData\Application Data:482EE99B1E21CE8C [217]
AlternateDataStreams: C:\ProgramData\PACE:B35846008F9FFA2B [217]
AlternateDataStreams: C:\ProgramData\TEMP:792D4CF1 [360]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2020-03-20 15:03 - 2020-03-20 15:03 - 000000000 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\ia32\compiler;C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\intel64\compiler;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Common Files\Acronis\SnapAPI\
HKU\S-1-5-21-1033751270-1591875615-2768219290-1002\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 194.168.4.100 - 194.168.8.100
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run: => "DellMobileConnectWelcome"
HKLM\...\StartupApproved\Run: => "RtkAudUService"
HKLM\...\StartupApproved\Run: => "WavesSvc"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "SSDMonitor"
HKU\S-1-5-21-1033751270-1591875615-2768219290-1002\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1033751270-1591875615-2768219290-1002\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_3AF4DF0AFEF7E24FC4373A9A55A7B217"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{D528A8A7-9437-4309-85B5-6F3780036431}] => (Allow) C:\Program Files\Pioneer\rekordbox 5.6.1\rbHttpServer.exe (Pioneer DJ Corporation -> )
FirewallRules: [{190CC808-CD7D-4592-8782-8580E001B69E}] => (Allow) C:\Program Files\Pioneer\rekordbox 5.6.1\ls-unity-rekordbox-win-64bit.exe (Pioneer DJ Corporation -> )
FirewallRules: [{58B0EAC2-E207-481B-A292-24CF5464B3CB}] => (Allow) C:\Program Files\Pioneer\rekordbox 5.6.1\edb_streamd.exe (Pioneer DJ Corporation -> )
FirewallRules: [{B54969FA-37B4-42E0-B01A-0C72722D7C2B}] => (Allow) C:\Program Files\Pioneer\rekordbox 5.6.1\psvlinksysmgr.exe (Pioneer DJ Corporation -> Pioneer DJ Corporation.)
FirewallRules: [{6EB61B18-A327-4E40-B212-3696F4D18A40}] => (Allow) C:\Program Files\Pioneer\rekordbox 5.6.1\psvnfsd.exe (Pioneer DJ Corporation -> Pioneer DJ Corporation.)
FirewallRules: [{F582F688-B827-4BC3-B2A5-25EDBD4D0FD3}] => (Allow) C:\Program Files\Pioneer\rekordbox 5.6.1\rekordbox.exe (Pioneer DJ Corporation -> Pioneer DJ Corporation)
FirewallRules: [{8B93A4C8-1737-4B8A-B7B5-D6445F71BCAB}] => (Allow) C:\Program Files\Pioneer\rekordbox 5.6.0\rbHttpServer.exe (Pioneer DJ Corporation -> )
FirewallRules: [{906C5638-BC4D-448A-8F85-73D0E76F4E5E}] => (Allow) C:\Program Files\Pioneer\rekordbox 5.6.0\ls-unity-rekordbox-win-64bit.exe (Pioneer DJ Corporation -> )
FirewallRules: [{F55736CD-F637-449C-AA3B-FB39F76EB89B}] => (Allow) C:\Program Files\Pioneer\rekordbox 5.6.0\edb_streamd.exe (Pioneer DJ Corporation -> )
FirewallRules: [{AA660D99-031C-48F4-AF85-48B18AC35834}] => (Allow) C:\Program Files\Pioneer\rekordbox 5.6.0\psvlinksysmgr.exe (Pioneer DJ Corporation -> Pioneer DJ Corporation.)
FirewallRules: [{2D8BC834-48EF-4F09-B871-2C3B6BAFCC17}] => (Allow) C:\Program Files\Pioneer\rekordbox 5.6.0\psvnfsd.exe (Pioneer DJ Corporation -> Pioneer DJ Corporation.)
FirewallRules: [{0A8D9021-627C-4551-A609-E2301F454657}] => (Allow) C:\Program Files\Pioneer\rekordbox 5.6.0\rekordbox.exe (Pioneer DJ Corporation -> Pioneer DJ Corporation)
FirewallRules: [{4A987E41-1488-4977-A3F4-01B829921445}] => (Allow) C:\Users\cempa\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{13BEA70D-86B9-42E6-B4AE-26D0C761CD79}] => (Allow) C:\Users\cempa\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{EF98BA83-647A-4B36-8918-AF347DF96E1D}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_2.0.8168.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.) [File not signed]
FirewallRules: [{36CA0590-A6E6-4357-9067-CC6B040EC85C}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_2.0.8168.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.) [File not signed]
FirewallRules: [{639F28B5-E6E3-41AD-8D59-09022B2BE86C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9AFFD25F-80C0-4F4C-879E-FB6A2BD3E475}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D714F658-3824-44E4-8E37-84D1A7A5CFE9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9346B0E1-75E5-40A1-B116-5183FCD60A56}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{EB3E87D4-89B3-4F19-ABDF-633C8881F13D}C:\program files (x86)\windscribe\wsappcontrol.exe] => (Block) C:\program files (x86)\windscribe\wsappcontrol.exe (Windscribe Limited -> Windscribe Limited)
FirewallRules: [UDP Query User{F5A53D24-2EC3-497C-A502-0701282F427D}C:\program files (x86)\windscribe\wsappcontrol.exe] => (Block) C:\program files (x86)\windscribe\wsappcontrol.exe (Windscribe Limited -> Windscribe Limited)
FirewallRules: [{CF7C2D49-C582-4169-9831-08E0CD70CF77}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3478DA9A-B1BF-4A35-A37C-0C41CE7E9837}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A0280CB8-C0C0-4A9E-83D3-FBA5034B0295}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{86C09D98-2CBD-4452-96B2-C320D9B94470}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{FA9515EA-D9AB-417F-B405-59808B507CD4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{80627400-4CDF-4A16-818A-A1BCF1B8EC41}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D00180B4-5C25-4CF1-B618-8888DB81EA04}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Acronis International GmbH -> Acronis)
FirewallRules: [{52BC4F74-81F5-4623-B4B0-E621EBEC51C1}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Acronis International GmbH -> Acronis)
FirewallRules: [{FE7D35D3-17E3-42DE-9BFB-0A8E1F558636}] => (Allow) C:\Program Files\Pioneer\rekordbox 5.7.0\rekordbox.exe (Pioneer DJ Corporation -> Pioneer DJ Corporation)
FirewallRules: [{26CBAFF7-F03F-42ED-8D71-8CBBA295BE18}] => (Allow) C:\Program Files\Pioneer\rekordbox 5.7.0\psvnfsd.exe (Pioneer DJ Corporation -> Pioneer DJ Corporation.)
FirewallRules: [{C0A5C7F6-013F-41F1-9D50-12F09524B422}] => (Allow) C:\Program Files\Pioneer\rekordbox 5.7.0\psvlinksysmgr.exe (Pioneer DJ Corporation -> Pioneer DJ Corporation.)
FirewallRules: [{55E6D0E0-5001-40CC-B8C9-9E14C40AF9F7}] => (Allow) C:\Program Files\Pioneer\rekordbox 5.7.0\edb_streamd.exe (Pioneer DJ Corporation -> )
FirewallRules: [{036DD405-D1E7-44A3-905D-CA6BA32EBF69}] => (Allow) C:\Program Files\Pioneer\rekordbox 5.7.0\ls-unity-rekordbox-win-64bit.exe (Pioneer DJ Corporation -> )
FirewallRules: [{D14CE703-23E9-45FE-86D6-449726A96F3C}] => (Allow) C:\Program Files\Pioneer\rekordbox 5.7.0\rbHttpServer.exe (Pioneer DJ Corporation -> )
FirewallRules: [{5F409100-07CB-47B4-984F-DCDCBA7CDBF1}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{387EE512-D4D8-4A99-A61F-C4E7607A91B4}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4345B726-8FFE-458B-94AA-ED37E1F7B414}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B0AE86CA-8C4C-40D0-88AD-30B7DD94C16D}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0005B560-E3B0-4506-A22D-9ECA964F9537}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{54A20AFA-91FC-4AEE-B736-2FBC081076E5}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0D183109-D6E3-40C9-8E3F-83FCCD1B9F11}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{804DE1A1-7783-4636-A2CB-F88D23F03E53}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{14D2FAC0-24AD-4684-B4CC-001F4D0EDFD4}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3A26C45D-D3E9-4BC8-88D1-56F999722896}] => (Allow) C:\Program Files\Pioneer\rekordbox 5.8.4\rekordbox.exe (Pioneer DJ Corporation -> Pioneer DJ Corporation)
FirewallRules: [{59630821-E479-4640-93CC-8041DF7CBE8A}] => (Allow) C:\Program Files\Pioneer\rekordbox 5.8.4\psvnfsd.exe (Pioneer DJ Corporation -> Pioneer DJ Corporation.)
FirewallRules: [{5F084A64-9D3F-4364-A181-0BC477A5876A}] => (Allow) C:\Program Files\Pioneer\rekordbox 5.8.4\psvlinksysmgr.exe (Pioneer DJ Corporation -> Pioneer DJ Corporation.)
FirewallRules: [{BDAA2A3E-A22F-4A63-93C7-B6E16E0AB24F}] => (Allow) C:\Program Files\Pioneer\rekordbox 5.8.4\edb_streamd.exe (Pioneer DJ Corporation -> )
FirewallRules: [{B465C0EE-2483-4D62-89A1-C2B83D1E783A}] => (Allow) C:\Program Files\Pioneer\rekordbox 5.8.4\ls-unity-rekordbox-win-64bit.exe (Pioneer DJ Corporation -> )
FirewallRules: [{B66C2D1D-A6B6-49E4-9E62-9DA50AB3DF20}] => (Allow) C:\Program Files\Pioneer\rekordbox 5.8.4\rbHttpServer.exe (Pioneer DJ Corporation -> )
FirewallRules: [{439DA47B-6660-40B4-AAA6-17284792D7B2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================


==================== Faulty Device Manager Devices ============

Name: Intel(R) UHD Graphics 630
Description: Intel(R) UHD Graphics 630
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: igfx
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.


==================== Event log errors: ========================

Application errors:
==================
Error: (03/21/2020 07:28:35 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7960,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (03/21/2020 07:22:04 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9192,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (03/21/2020 07:15:36 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1336,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (03/21/2020 07:05:36 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4660,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (03/21/2020 04:29:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 19000

Error: (03/21/2020 04:29:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 19000

Error: (03/21/2020 04:29:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/21/2020 04:29:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 17110


System errors:
=============
Error: (03/21/2020 04:29:07 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (03/21/2020 04:02:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Dell Update Service service failed to start due to the following error:
The system cannot find the file specified.

Error: (03/21/2020 04:02:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Dell SupportAssist Remediation service failed to start due to the following error:
The system cannot find the file specified.

Error: (03/21/2020 03:59:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel(R) Capability Licensing Service TCP IP Interface service terminated unexpectedly. It has done this 1 time(s).

Error: (03/21/2020 03:59:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Acronis Sync Agent Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (03/21/2020 03:59:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Intel® SGX AESM service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.

Error: (03/21/2020 03:59:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Dell SupportAssist Remediation service terminated unexpectedly. It has done this 1 time(s).

Error: (03/21/2020 03:59:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Dell Update Service service terminated unexpectedly. It has done this 1 time(s).


Windows Defender:
===================================
Date: 2019-12-28 17:38:31.088
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {11872555-3E98-47DA-AA09-E62E0930B13C}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-12-27 13:40:29.118
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {28234F30-BDB7-47A2-8B83-4222CEBB6E33}
Scan Type: Antimalware
Scan Parameters: Quick Scan

CodeIntegrity:
===================================

Date: 2020-03-21 19:02:23.325
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Norton Security\Engine\22.20.1.69\symamsi.dll that did not meet the Windows signing level requirements.

Date: 2020-03-21 19:02:23.319
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Norton Security\Engine\22.20.1.69\symamsi.dll that did not meet the Windows signing level requirements.

Date: 2020-03-21 19:02:23.291
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Norton Security\Engine\22.20.1.69\symamsi.dll that did not meet the Windows signing level requirements.

Date: 2020-03-21 19:01:53.338
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Norton Security\Engine\22.20.1.69\symamsi.dll that did not meet the Windows signing level requirements.

Date: 2020-03-21 19:01:53.321
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Norton Security\Engine\22.20.1.69\symamsi.dll that did not meet the Windows signing level requirements.

Date: 2020-03-21 19:01:53.277
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Norton Security\Engine\22.20.1.69\symamsi.dll that did not meet the Windows signing level requirements.

Date: 2020-03-21 19:01:52.902
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Norton Security\Engine\22.20.1.69\symamsi.dll that did not meet the Windows signing level requirements.

Date: 2020-03-21 16:04:36.145
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Norton Security\Engine\22.20.1.69\symamsi.dll that did not meet the Windows signing level requirements.

==================== Memory info ===========================

BIOS: Dell Inc. 1.8.1 02/01/2019
Motherboard: Dell Inc. 02MJVY
Processor: Intel(R) Core(TM) i7-8750H CPU @ 2.20GHz
Percentage of memory in use: 86%
Total physical RAM: 16116.32 MB
Available physical RAM: 2160.31 MB
Total Virtual: 21116.32 MB
Available Virtual: 4388.98 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:462.1 GB) (Free:9.33 GB) NTFS
Drive f: (H5_SD) (Removable) (Total:3.63 GB) (Free:1.33 GB) FAT32

\\?\Volume{64bac19f-467c-436d-aae1-e0cd4cd15ba5}\ (WINRETOOLS) (Fixed) (Total:0.78 GB) (Free:0.37 GB) NTFS
\\?\Volume{c87a995b-a7d3-4d8b-a755-c3ac0add4ec6}\ (Image) (Fixed) (Total:12.22 GB) (Free:0.21 GB) NTFS
\\?\Volume{40a55952-b861-4bbd-8667-dc0c40b8cce0}\ (DELLSUPPORT) (Fixed) (Total:1.08 GB) (Free:0.35 GB) NTFS
\\?\Volume{e0ad6780-8b55-4f92-baa7-09beafe5ab58}\ (ESP) (Fixed) (Total:0.63 GB) (Free:0.55 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 5D2BD05F)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 3.6 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================
 
Download attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST(FRST64) and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.
 

Attachments

  • fixlist.txt
    1.1 KB · Views: 6
Fix result of Farbar Recovery Scan Tool (x64) Version: 21-03-2020
Ran by cempa (21-03-2020 20:51:12) Run:1
Running from C:\Users\cempa\Downloads
Loaded Profiles: cempa (Available Profiles: cempa)
Boot Mode: Normal
==============================================

fixlist content:
*****************
GroupPolicy: Restriction ? <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
S3 dcpm-notify; "C:\Program Files\Dell\CommandPowerManager\NotifyService.exe" [X]
S2 Dell SupportAssist Remediation; "C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe" [X]
S2 DellUpdate; "C:\Program Files (x86)\Dell Update\DellUpService.exe" [X]
R2 PaceLicenseDServices; "C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe" -u https://activation.paceap.com/InitiateActivation [X]
2019-05-15 00:07 - 2019-05-15 00:07 - 000000000 _____ () C:\Users\cempa\AppData\Local\oobelibMkey.log
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
AlternateDataStreams: C:\ProgramData:482EE99B1E21CE8C [217]
AlternateDataStreams: C:\Users\All Users:482EE99B1E21CE8C [217]
AlternateDataStreams: C:\ProgramData\Application Data:482EE99B1E21CE8C [217]
AlternateDataStreams: C:\ProgramData\PACE:B35846008F9FFA2B [217]
AlternateDataStreams: C:\ProgramData\TEMP:792D4CF1 [360]

*****************

C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\System\CurrentControlSet\Services\dcpm-notify => removed successfully
dcpm-notify => service removed successfully
HKLM\System\CurrentControlSet\Services\Dell SupportAssist Remediation => removed successfully
Dell SupportAssist Remediation => service removed successfully
HKLM\System\CurrentControlSet\Services\DellUpdate => removed successfully
DellUpdate => service removed successfully
PaceLicenseDServices => Unable to stop service.
HKLM\System\CurrentControlSet\Services\PaceLicenseDServices => removed successfully
PaceLicenseDServices => service removed successfully
C:\Users\cempa\AppData\Local\oobelibMkey.log => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
C:\ProgramData => ":482EE99B1E21CE8C" ADS removed successfully
"C:\Users\All Users" => ":482EE99B1E21CE8C" ADS not found.
"C:\ProgramData\Application Data" => ":482EE99B1E21CE8C" ADS not found.
C:\ProgramData\PACE => ":B35846008F9FFA2B" ADS removed successfully
C:\ProgramData\TEMP => ":792D4CF1" ADS removed successfully


The system needed a reboot.

==== End of Fixlog 20:51:18 ====
 
Last scans...

redtarget.gif
Download Security Check from here or here and save it to your Desktop.
  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.
NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run


redtarget.gif
Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
Make sure the following options are checked:
  • Internet Services
  • Windows Firewall
  • System Restore
  • Security Center
  • Windows Update
  • Windows Defender
  • Other Services

Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.
Please copy and paste the log to your reply.


redtarget.gif
Download Temp File Cleaner (TFC)
Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe
  • Double click on TFC.exe to run the program.
  • Click on Start button to begin cleaning process.
  • TFC will close all running programs, and it may ask you to restart computer.


redtarget.gif
Download Sophos Free Virus Removal Tool and save it to your desktop.
  • Double click the icon and select Run
  • Click Next
  • Select I accept the terms in this license agreement, then click Next twice
  • Click Install
  • Click Finish to launch the program
  • Once the virus database has been updated click Start Scanning
  • If any threats are found click Details, then View log file... (bottom left hand corner)
  • Copy and paste the results in your reply
  • Close the Notepad document, close the Threat Details screen, then click Start cleanup
  • Click Exit to close the program
 
Results of screen317's Security Check version 1.014 --- 12/23/15
x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Norton Security
Windows Defender
Malwarebytes
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Google Chrome (80.0.3987.132)
Google Chrome (80.0.3987.149)
Google Chrome (SetupMetrics...)
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbamtray.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````
 
Farbar Service Scanner Version: 14-12-2019
Ran by cempa (administrator) on 22-03-2020 at 18:36:21
Running from "C:\Users\cempa\Downloads"
Microsoft Windows 10 Home (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Policy:
========================


Security Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend: ""C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe"".


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed


**** End of log ****
 
You must log in or register to reply here.

Similar threads

R
Solved Norton blocked attack by: System Infected: Miner.Bitcoinminer Activity #
2
Replies
32
Views
3K
Broni
Broni
A
Norton blocked an attack by Miner.BitcoinMiner Activity 9 repeatedly
Replies
0
Views
2K
Abishkar
A
B
Solved Infected ddos attack?
2
Replies
26
Views
6K
Broni
Broni

Latest posts

Back