Solved Process hacker . detecting malware

T

Tony d

Posts: 10   +0
Hey after running process hacker and checking the running services tab . I believe there is malware after checking tabs marked red .

with the processes trying to use legimate ones like svchost

hiding behind processes
 
Please, complete all steps listed here: http://www.techspot.com/vb/topic58138.html
Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
Attached logs won't be reviewed.

==============================

Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.
 
Broni said:
Please, complete all steps listed here: http://www.techspot.com/vb/topic58138.html
Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
Attached logs won't be reviewed.

==============================

Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.
Click to expand...
hey bro thanks for reply . I cannot paste the details keeps saying 50000 exceeded
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-09-2020
Ran by wogki (administrator) on DESKTOP-AF61CGM (Micro-Star International Co., Ltd. MS-7C37) (27-09-2020 05:25:10)
Running from C:\Users\wogki\Desktop
Loaded Profiles: wogki
Platform: Windows 10 Pro Version 2004 19041.508 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ActMask Group Co., Ltd -> ActMask Co.,Ltd - hxxp://WWW.ALL2PDF.COM) C:\Windows\System32\PrintCtrl.exe
(ActMask Group Co., Ltd -> ActMask Co.,Ltd - hxxp://www.all2pdf.com) C:\Windows\System32\PrintDisp.exe <2>
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Appwork GmbH -> AppWork GmbH) C:\Users\wogki\AppData\Local\JDownloader 2.0\JDownloader2.exe
(Ascora GmbH -> ) C:\ProgramData\Abelssoft\YouTubeSongDownloader\Program\YouTubeSongDownloader.exe
(EnigmaSoft Limited -> EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe
(EnigmaSoft Limited -> EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe
(EnigmaSoft Limited -> EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\SpyHunter5.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <38>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\wogki\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\WirelessKB850NotificationService.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2009.2711.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13110.41006.0_x64__8wekyb3d8bbwe\commsapps.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13110.41006.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12009.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2008.9-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2008.9-0\NisSrv.exe
(MICRO-STAR INTERNATIONAL CO., LTD) C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.DragonCenter_2.0.75.0_x64__kzh8wxbdkxb8p\DCv2\DCv2.exe
(Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\Game_Summary\FoundationService\MSIAPService.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\Game_Summary\MSI_Companion_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\MSI.CentralServer.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LEDKeeper2.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LightKeeperService.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Mystic_Light_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\True Color\MSI.True Color.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControl_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControlEngine.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\One Dragon Center\CC_Engine_x64.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Windows\SysWOW64\muachost.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <13>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_b07091f1192d2582\Display.NvContainer\NVDisplay.Container.exe <2>
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\spool\drivers\x64\3\E_YATISNE.EXE <2>
(Spotify AB -> Spotify Ltd) C:\Users\wogki\AppData\Roaming\Spotify\Spotify.exe <5>
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TEFINCOM S.A. -> Iain Patterson) C:\Program Files\NordVPN\nssm.exe
(TEFINCOM S.A. -> TEFINCOM S.A.) C:\Program Files\NordVPN\NordVPN.exe
(TEFINCOM S.A. -> TEFINCOM S.A.) C:\Program Files\NordVPN\nordvpn-service.exe
(voidtools -> voidtools) C:\Program Files (x86)\Everything\Everything.exe <2>

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [PrintDisp] => C:\Windows\system32\PrintDisp.exe [595080 2019-03-21] (ActMask Group Co., Ltd -> ActMask Co.,Ltd - hxxp://www.all2pdf.com)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1093352 2020-03-12] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302392 2020-03-28] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1319208 2019-05-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKLM-x32\...\Run: [Everything] => C:\Program Files (x86)\Everything\Everything.exe [1706312 2020-03-13] (voidtools -> voidtools)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-3480283546-2191185484-2088037597-1001\...\Run: [Spotify] => C:\Users\wogki\AppData\Roaming\Spotify\Spotify.exe [23412456 2020-09-18] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-3480283546-2191185484-2088037597-1001\...\Run: [NordVPN] => C:\Program Files\NordVPN\NordVPN.exe [272128 2020-09-17] (TEFINCOM S.A. -> TEFINCOM S.A.)
HKU\S-1-5-21-3480283546-2191185484-2088037597-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATISNE.EXE [418000 2016-07-14] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-3480283546-2191185484-2088037597-1001\...\Run: [EPLTarget\P0000000000000001] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATISNE.EXE [418000 2016-07-14] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-3480283546-2191185484-2088037597-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [29072568 2020-05-22] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3480283546-2191185484-2088037597-1001\...\RunOnce: [Application Restart #2] => C:\Windows\SysWOW64\muachost.exe [1692840 2015-08-18] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
HKLM\...\Windows x64\Print Processors\ActMaskR: C:\Windows\System32\spool\prtprocs\x64\ActPrint.dll [51848 2018-09-14] (ActMask Group Co., Ltd -> ActMask Co.,Ltd)
HKLM\...\Windows x64\Print Processors\HP1020PrintProc: C:\Windows\System32\spool\prtprocs\x64\pphp1020.dll [65024 2012-09-18] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\EPSON ET-2700 Series 64MonitorBE: C:\WINDOWS\system32\E_YLMBSNE.DLL [184832 2017-07-14] (Microsoft Windows Hardware Compatibility Publisher -> Seiko Epson Corporation)
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\WINDOWS\system32\enppmon.dll [500736 2016-09-14] (SEIKO EPSON CORPORATION) [File not signed]
HKLM\...\Print\Monitors\HPLJ1020LM: C:\WINDOWS\system32\zlhp1020.dll [192512 2012-09-18] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\85.0.4183.121\Installer\chrmstp.exe [2020-09-25] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {13CB00FE-1A67-4D06-A78F-948417D42CC4} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [664784 2020-09-25] (Mozilla Corporation -> Mozilla Foundation)
Task: {22AF2D8A-0F99-4FB0-B5E9-07366F89701A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [24690360 2020-05-22] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {2A4091E6-21BF-4C3E-A58E-9125845EACEF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MpCmdRun.exe [525032 2020-09-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2C0C1F08-4BD4-49F9-B41C-B9C6A4B8D62D} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2208208 2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {34796BC4-B272-47A9-9AA9-FB1CE2D1F92A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MpCmdRun.exe [525032 2020-09-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {39DDB713-A8C1-4B50-B6E9-C9E4F7EDF40A} - System32\Tasks\EPSON ET-2700 Series Update {938957B1-1E2D-4E29-B92B-747D43FDB9AD} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSSNE.EXE [680440 2017-06-07] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Task: {3D520A63-9A16-44A5-A6E0-29367010D0A2} - System32\Tasks\MSI Task Host - Detect_Monitor => C:\Program Files (x86)\MSI\One Dragon Center\MSI.NotifyServer.exe [74384 2020-07-31] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {426426F5-CF17-4DD8-B1B7-209B26E5BF9E} - System32\Tasks\MSILEDKeeper2_Host => C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LEDKeeper2.exe [1461424 2020-04-09] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {44DDC09A-00F4-4C09-8F95-BA3EC0877F8C} - System32\Tasks\MSI Task Host - DisplayID => C:\Program Files (x86)\MSI\One Dragon Center\MSI.NotifyServer.exe [74384 2020-07-31] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {475A4CAD-BCA6-4B72-A780-04C10C8EC1D3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MpCmdRun.exe [525032 2020-09-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {62DC61F8-0BBF-4818-8769-4D28BB5C33DF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-19] (Google LLC -> Google LLC)
Task: {778D46B6-D589-46A0-80E2-4453EFE50E80} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-05-22] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {79AF420C-1BDA-4F66-AD42-E58157D256C4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MpCmdRun.exe [525032 2020-09-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8072689A-10C1-4D7F-A714-DA0007CA35C6} - System32\Tasks\MSI Task Host - MSI.True Color => C:\Program Files (x86)\MSI\One Dragon Center\True Color\MSI.True Color.exe [44688 2020-01-21] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {823951F9-A018-43C6-A953-E63CCDDD5858} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23549376 2020-08-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {83B64189-7923-4D00-B15E-06B160EA0711} - System32\Tasks\Agent Activation Runtime\S-1-5-21-3480283546-2191185484-2088037597-1001 => C:\WINDOWS\System32\AgentActivationRuntimeStarter.exe [13312 2020-06-10] (Microsoft Windows -> )
Task: {8D8A1930-B04D-4C3C-8F99-8F1E772FA777} - System32\Tasks\EPSON ET-2700 Series Update {1699AD83-32F6-4801-B9CD-F5108F5F0A91} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSSNE.EXE [680440 2017-06-07] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Task: {907677A9-DA11-4F24-9FBD-F642E83E3BF1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-19] (Google LLC -> Google LLC)
Task: {9E778055-8D37-46FF-BE33-2EEF56288FE6} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23549376 2020-08-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {B4200346-30D2-43A2-97F4-BEEA81D26F14} - System32\Tasks\MSISW_Host => C:\Windows\SysWOW64\muachost.exe [1692840 2015-08-18] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
Task: {BAB0EE81-082C-4EFF-88D9-9D82E23A8D51} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [3509664 2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {BCB3477A-E68E-4191-8E91-5E85D452B8AA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [3509664 2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {F4C03BFA-9B31-4EB8-B1A8-1720C058524A} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2208208 2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {FA1544D4-39D2-4D3C-82CE-5837E78AF889} - System32\Tasks\RegHunterStartup => C:\Program Files\Enigma Software Group\RegHunter\RegHunter.exe [8416008 2020-07-07] (Enigma Software Group USA, LLC -> Enigma Software Group USA, LLC.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\EPSON ET-2700 Series Update {1699AD83-32F6-4801-B9CD-F5108F5F0A91}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSSNE.EXE:/EXE:{1699AD83-32F6-4801-B9CD-F5108F5F0A91} /F:UpdateWORKGROUP\DESKTOP-AF61CGM$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON ET-2700 Series Update {938957B1-1E2D-4E29-B92B-747D43FDB9AD}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSSNE.EXE:/EXE:{938957B1-1E2D-4E29-B92B-747D43FDB9AD} /F:UpdateWORKGROUP\DESKTOP-AF61CGM$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\MSISW_Host.job => C:\WINDOWS\SysWOW64\muachost.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{bf5a4f42-8144-42dd-b275-f304b70fcae3}: [NameServer] 1.1.1.1,1.0.0.1
Tcpip\..\Interfaces\{bf5a4f42-8144-42dd-b275-f304b70fcae3}: [DhcpNameServer] 192.168.0.1

Edge:
======
Edge DefaultProfile: Default
Edge Profile: C:\Users\wogki\AppData\Local\Microsoft\Edge\User Data\Default [2020-09-27]

FireFox:
========
FF DefaultProfile: 91xkuwih.default
FF ProfilePath: C:\Users\wogki\AppData\Roaming\Mozilla\Firefox\Profiles\gjsu6r0d.default [2020-09-27]
FF NewTab: Mozilla\Firefox\Profiles\gjsu6r0d.default -> about:newtab
FF Notifications: Mozilla\Firefox\Profiles\gjsu6r0d.default -> hxxps://fossbytes.com
FF Extension: (Google Docs Viewer) - C:\Users\wogki\AppData\Roaming\Mozilla\Firefox\Profiles\gjsu6r0d.default\Extensions\adonis.cuhk@gmail.com.xpi [2017-02-07] [Legacy]
FF Extension: (DivHTTP) - C:\Users\wogki\AppData\Roaming\Mozilla\Firefox\Profiles\gjsu6r0d.default\Extensions\divhttp@divel.xpi [2016-12-21] [Legacy]
FF Extension: (search_avptube) - C:\Users\wogki\AppData\Roaming\Mozilla\Firefox\Profiles\gjsu6r0d.default\Extensions\djamolpatil@gmail.com.xpi [2016-12-21] [Legacy]
FF Extension: (Enhancer for YouTube™) - C:\Users\wogki\AppData\Roaming\Mozilla\Firefox\Profiles\gjsu6r0d.default\Extensions\enhancerforyoutube@maximerf.addons.mozilla.org.xpi [2020-04-21]
FF Extension: (Google Code Wiki Viewer) - C:\Users\wogki\AppData\Roaming\Mozilla\Firefox\Profiles\gjsu6r0d.default\Extensions\GoogleCodeWikiViewer@atte.kemppila.xpi [2016-12-21] [Legacy]
FF Extension: (Link Virus Check - Security Plus) - C:\Users\wogki\AppData\Roaming\Mozilla\Firefox\Profiles\gjsu6r0d.default\Extensions\jid0-DjsrWcAS3Wgq2xyyqqVL8Dqk1Lo@jetpack.xpi [2020-04-21]
FF Extension: (Panel View for Google™ Translate) - C:\Users\wogki\AppData\Roaming\Mozilla\Firefox\Profiles\gjsu6r0d.default\Extensions\jid0-fbHwsGfb6kJyq2hj65KnbGte3yT@jetpack.xpi [2020-04-21]
FF Extension: (IP Address and Domain Information) - C:\Users\wogki\AppData\Roaming\Mozilla\Firefox\Profiles\gjsu6r0d.default\Extensions\jid0-jJRRRBMgoShUhb07IvnxTBAl29w@jetpack.xpi [2020-09-15]
FF Extension: (YouTube HTML5-Video) - C:\Users\wogki\AppData\Roaming\Mozilla\Firefox\Profiles\gjsu6r0d.default\Extensions\jid0-MXvUXM1npF7yTcY3bpZVht72AR4@jetpack.xpi [2016-12-21] [Legacy]
FF Extension: (Just Disable Stuff) - C:\Users\wogki\AppData\Roaming\Mozilla\Firefox\Profiles\gjsu6r0d.default\Extensions\jid1-8J7ayxTha4KqKQ@jetpack.xpi [2016-12-21] [Legacy]
FF Extension: (HTML5 Player for YouTube™) - C:\Users\wogki\AppData\Roaming\Mozilla\Firefox\Profiles\gjsu6r0d.default\Extensions\jid1-e3wSQaH5t1HqKp@jetpack.xpi [2016-12-21] [Legacy]
FF Extension: (PDF Mage) - C:\Users\wogki\AppData\Roaming\Mozilla\Firefox\Profiles\gjsu6r0d.default\Extensions\jid1-GeRCnsiDhZiTvA@jetpack.xpi [2020-09-15]
FF Extension: (YouTube™ Flash® Player) - C:\Users\wogki\AppData\Roaming\Mozilla\Firefox\Profiles\gjsu6r0d.default\Extensions\jid1-HAV2inXAnQPIeA@jetpack.xpi [2020-04-21]
FF Extension: (Selected text to PDF) - C:\Users\wogki\AppData\Roaming\Mozilla\Firefox\Profiles\gjsu6r0d.default\Extensions\jid1-JobPqtvtwG9w0A@jetpack.xpi [2020-04-21]
FF Extension: (copy-code) - C:\Users\wogki\AppData\Roaming\Mozilla\Firefox\Profiles\gjsu6r0d.default\Extensions\jid1-OQHFznWHvjDIIg@jetpack.xpi [2016-12-21] [Legacy]
FF Extension: (Flash Control) - C:\Users\wogki\AppData\Roaming\Mozilla\Firefox\Profiles\gjsu6r0d.default\Extensions\jid1-sNL73VCI4UB0Fw@jetpack.xpi [2016-12-21] [Legacy]
FF Extension: (Mate Translate – translator, dictionary) - C:\Users\wogki\AppData\Roaming\Mozilla\Firefox\Profiles\gjsu6r0d.default\Extensions\jid1-TMndP6cdKgxLcQ@jetpack.xpi [2020-09-15]
FF Extension: (Reddit Enhancement Suite) - C:\Users\wogki\AppData\Roaming\Mozilla\Firefox\Profiles\gjsu6r0d.default\Extensions\jid1-xUfzOsOFlzSOXg@jetpack.xpi [2020-09-15]
FF Extension: (JavaScript Deobfuscator) - C:\Users\wogki\AppData\Roaming\Mozilla\Firefox\Profiles\gjsu6r0d.default\Extensions\jsdeobfuscator@adblockplus.org.xpi [2016-12-21] [Legacy]
FF Extension: (JSONView) - C:\Users\wogki\AppData\Roaming\Mozilla\Firefox\Profiles\gjsu6r0d.default\Extensions\jsonview@brh.numbera.com.xpi [2020-09-15]
FF Extension: (M3Uripiton) - C:\Users\wogki\AppData\Roaming\Mozilla\Firefox\Profiles\gjsu6r0d.default\Extensions\m3uripiton@logyattra.hu.xpi [2016-12-21] [Legacy]
FF Extension: (Magnetz) - C:\Users\wogki\AppData\Roaming\Mozilla\Firefox\Profiles\gjsu6r0d.default\Extensions\magnetz@apps.aalaap.com.xpi [2016-12-21] [Legacy]
FF Extension: (PHP Developer Toolbar) - C:\Users\wogki\AppData\Roaming\Mozilla\Firefox\Profiles\gjsu6r0d.default\Extensions\php_dev_bar@php_dev_bar.org.xpi [2016-12-21] [Legacy]
FF Extension: (Qwant) - C:\Users\wogki\AppData\Roaming\Mozilla\Firefox\Profiles\gjsu6r0d.default\Extensions\qwantcomforfirefox@jetpack.xpi [2020-04-21]
FF Extension: (Save as PDF) - C:\Users\wogki\AppData\Roaming\Mozilla\Firefox\Profiles\gjsu6r0d.default\Extensions\save-as-pdf-ff@pdfcrowd.com.xpi [2020-04-21]
FF Extension: (SimilarPages) - C:\Users\wogki\AppData\Roaming\Mozilla\Firefox\Profiles\gjsu6r0d.default\Extensions\similarpages@similarpages.com.xpi [2016-12-21] [Legacy]
FF Extension: (Smplayer context menu) - C:\Users\wogki\AppData\Roaming\Mozilla\Firefox\Profiles\gjsu6r0d.default\Extensions\smplayerplaylist@luperrouch.fr.xpi [2016-12-21] [Legacy]
FF Extension: (Tiny JavaScript Debugger) - C:\Users\wogki\AppData\Roaming\Mozilla\Firefox\Profiles\gjsu6r0d.default\Extensions\tinyjsdebugger@enigmail.net.xpi [2017-05-30] [Legacy]
FF Extension: (Vlc context menu) - C:\Users\wogki\AppData\Roaming\Mozilla\Firefox\Profiles\gjsu6r0d.default\Extensions\vlcplaylist@helgatauscher.de.xpi [2016-12-21] [Legacy]
FF Extension: (VLC Youtube Shortcut) - C:\Users\wogki\AppData\Roaming\Mozilla\Firefox\Profiles\gjsu6r0d.default\Extensions\vlc_shortcut@kosan.kosan.xpi [2017-06-25] [Legacy]
FF Extension: (PDF Download) - C:\Users\wogki\AppData\Roaming\Mozilla\Firefox\Profiles\gjsu6r0d.default\Extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}.xpi [2016-12-21] [Legacy]
FF Extension: (JavaScript on-off applet) - C:\Users\wogki\AppData\Roaming\Mozilla\Firefox\Profiles\gjsu6r0d.default\Extensions\{54e46280-0211-11e3-b778-0800200c9a66}.xpi [2017-08-16] [Legacy]
FF Extension: (FoxySpider) - C:\Users\wogki\AppData\Roaming\Mozilla\Firefox\Profiles\gjsu6r0d.default\Extensions\{75df891f-e299-4725-b14f-7d52f086dea2}.xpi [2016-12-21] [Legacy]
FF Extension: (Web Developer) - C:\Users\wogki\AppData\Roaming\Mozilla\Firefox\Profiles\gjsu6r0d.default\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2020-04-21]
FF Extension: (Adblock Plus - free ad blocker) - C:\Users\wogki\AppData\Roaming\Mozilla\Firefox\Profiles\gjsu6r0d.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-09-15]
FF Extension: (Greasemonkey) - C:\Users\wogki\AppData\Roaming\Mozilla\Firefox\Profiles\gjsu6r0d.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2020-04-21]
FF Extension: (QuickJava) - C:\Users\wogki\AppData\Roaming\Mozilla\Firefox\Profiles\gjsu6r0d.default\Extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi [2016-12-21] [Legacy]
FF SearchPlugin: C:\Users\wogki\AppData\Roaming\Mozilla\Firefox\Profiles\gjsu6r0d.default\searchplugins\bing-.xml [2017-04-11]
FF ProfilePath: C:\Users\wogki\AppData\Roaming\Mozilla\Firefox\Profiles\91xkuwih.default [2020-09-27]
FF Extension: (Enhancer for YouTube™) - C:\Users\wogki\AppData\Roaming\Mozilla\Firefox\Profiles\91xkuwih.default\Extensions\enhancerforyoutube@maximerf.addons.mozilla.org.xpi [2020-04-19]
FF Extension: (Link Virus Check - Security Plus) - C:\Users\wogki\AppData\Roaming\Mozilla\Firefox\Profiles\91xkuwih.default\Extensions\jid0-DjsrWcAS3Wgq2xyyqqVL8Dqk1Lo@jetpack.xpi [2020-04-19]
FF Extension: (Panel View for Google™ Translate) - C:\Users\wogki\AppData\Roaming\Mozilla\Firefox\Profiles\91xkuwih.default\Extensions\jid0-fbHwsGfb6kJyq2hj65KnbGte3yT@jetpack.xpi [2020-04-19]
FF Extension: (IP Address and Domain Information) - C:\Users\wogki\AppData\Roaming\Mozilla\Firefox\Profiles\91xkuwih.default\Extensions\jid0-jJRRRBMgoShUhb07IvnxTBAl29w@jetpack.xpi [2020-04-19]
FF Extension: (PDF Mage) - C:\Users\wogki\AppData\Roaming\Mozilla\Firefox\Profiles\91xkuwih.default\Extensions\jid1-GeRCnsiDhZiTvA@jetpack.xpi [2020-04-19]
FF Extension: (YouTube™ Flash® Player) - C:\Users\wogki\AppData\Roaming\Mozilla\Firefox\Profiles\91xkuwih.default\Extensions\jid1-HAV2inXAnQPIeA@jetpack.xpi [2020-04-19]
FF Extension: (Selected text to PDF) - C:\Users\wogki\AppData\Roaming\Mozilla\Firefox\Profiles\91xkuwih.default\Extensions\jid1-JobPqtvtwG9w0A@jetpack.xpi [2020-04-19]
FF Extension: (Reddit Enhancement Suite) - C:\Users\wogki\AppData\Roaming\Mozilla\Firefox\Profiles\91xkuwih.default\Extensions\jid1-xUfzOsOFlzSOXg@jetpack.xpi [2020-04-19]
FF ProfilePath: C:\Users\wogki\AppData\Roaming\Mozilla\Firefox\Profiles\s1fbz5km.default-release [2020-09-27]
FF Extension: (Enhancer for YouTube™) - C:\Users\wogki\AppData\Roaming\Mozilla\Firefox\Profiles\s1fbz5km.default-release\Extensions\enhancerforyoutube@maximerf.addons.mozilla.org.xpi [2020-04-19]
FF Extension: (Link Virus Check - Security Plus) - C:\Users\wogki\AppData\Roaming\Mozilla\Firefox\Profiles\s1fbz5km.default-release\Extensions\jid0-DjsrWcAS3Wgq2xyyqqVL8Dqk1Lo@jetpack.xpi [2020-04-19]
FF Extension: (Panel View for Google™ Translate) - C:\Users\wogki\AppData\Roaming\Mozilla\Firefox\Profiles\s1fbz5km.default-release\Extensions\jid0-fbHwsGfb6kJyq2hj65KnbGte3yT@jetpack.xpi [2020-04-19]
FF Extension: (IP Address and Domain Information) - C:\Users\wogki\AppData\Roaming\Mozilla\Firefox\Profiles\s1fbz5km.default-release\Extensions\jid0-jJRRRBMgoShUhb07IvnxTBAl29w@jetpack.xpi [2020-04-19]
FF Extension: (PDF Mage) - C:\Users\wogki\AppData\Roaming\Mozilla\Firefox\Profiles\s1fbz5km.default-release\Extensions\jid1-GeRCnsiDhZiTvA@jetpack.xpi [2020-04-19]
FF Extension: (YouTube™ Flash® Player) - C:\Users\wogki\AppData\Roaming\Mozilla\Firefox\Profiles\s1fbz5km.default-release\Extensions\jid1-HAV2inXAnQPIeA@jetpack.xpi [2020-04-19]
FF Extension: (Selected text to PDF) - C:\Users\wogki\AppData\Roaming\Mozilla\Firefox\Profiles\s1fbz5km.default-release\Extensions\jid1-JobPqtvtwG9w0A@jetpack.xpi [2020-04-19]
FF Extension: (Reddit Enhancement Suite) - C:\Users\wogki\AppData\Roaming\Mozilla\Firefox\Profiles\s1fbz5km.default-release\Extensions\jid1-xUfzOsOFlzSOXg@jetpack.xpi [2020-04-21]
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2020-07-18] [Legacy] [not signed]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-04-20] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-15] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-04-20] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-04-20] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\wogki\AppData\Local\Google\Chrome\User Data\Default [2020-09-27]
CHR Notifications: Default -> hxxps://www.facebook.com; hxxps://www.youtube.com
CHR DefaultSearchURL: Default -> hxxps://duckduckgo.com/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> duckduckgo.com
CHR DefaultNewTabURL: Default -> hxxps://duckduckgo.com/chrome_newtab
CHR DefaultSuggestURL: Default -> hxxps://duckduckgo.com/ac/?q={searchTerms}&type=list
CHR Extension: (Google Translate) - C:\Users\wogki\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2020-04-19]
CHR Extension: (Slides) - C:\Users\wogki\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-04-19]
CHR Extension: (Docs) - C:\Users\wogki\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-04-19]
CHR Extension: (Google Drive) - C:\Users\wogki\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-04-19]
CHR Extension: (Rumola - bypass CAPTCHA) - C:\Users\wogki\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjjgbdlbgjeoankjijbmheneoekbghcg [2020-04-19]
CHR Extension: (DuckDuckGo) - C:\Users\wogki\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkdgflcldnnnapblkhphbgpggdiikppg [2020-08-16]
CHR Extension: (YouTube) - C:\Users\wogki\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-04-19]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\wogki\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-09-10]
CHR Extension: (jdCaptcha) - C:\Users\wogki\AppData\Local\Google\Chrome\User Data\Default\Extensions\enlbmhdjeiioekgmgkllpacjpkfpmlpn [2020-04-19]
CHR Extension: (MyJDownloader Browser Extension) - C:\Users\wogki\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbcohnmimjicjdomonkcbcpbpnhggkip [2020-08-16]
CHR Extension: (Sheets) - C:\Users\wogki\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-04-19]
CHR Extension: (HTTPS Everywhere) - C:\Users\wogki\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2020-08-18]
CHR Extension: (Google Docs Offline) - C:\Users\wogki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-09-15]
CHR Extension: (Analyze-it) - C:\Users\wogki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghhobofceahbdeepjnkclgccbkcfnhfm [2020-04-19]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\wogki\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-09-25]
CHR Extension: (ReCaptcha Solver) - C:\Users\wogki\AppData\Local\Google\Chrome\User Data\Default\Extensions\hapgiopokcmcnjmakciaeaocceodcjdn [2020-08-01]
CHR Extension: (WebToolHub) - C:\Users\wogki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijohadapedgehnekkgimpineifjciacc [2020-04-19]
CHR Extension: (Chrome Web Store Payments) - C:\Users\wogki\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-04-19]
CHR Extension: (AIO Search) - C:\Users\wogki\AppData\Local\Google\Chrome\User Data\Default\Extensions\obhijjefkkokfaiffkcemldacdabpeei [2020-05-09]
CHR Extension: (Real-Debrid extension) - C:\Users\wogki\AppData\Local\Google\Chrome\User Data\Default\Extensions\oefkkgfcahbeccgckjgbnfclcmnjgidg [2020-07-19]
CHR Extension: (Gmail) - C:\Users\wogki\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-04-19]
CHR Extension: (Chrome Media Router) - C:\Users\wogki\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-09-04]
CHR Extension: (RSS Feed Reader) - C:\Users\wogki\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnjaodmkngahhkoihejjehlcdlnohgmp [2020-09-04]
CHR Profile: C:\Users\wogki\AppData\Local\Google\Chrome\User Data\Profile 1 [2020-09-27]
CHR Extension: (Slides) - C:\Users\wogki\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-06-02]
CHR Extension: (Docs) - C:\Users\wogki\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2020-06-02]
CHR Extension: (Google Drive) - C:\Users\wogki\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-06-02]
CHR Extension: (YouTube) - C:\Users\wogki\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-06-02]
CHR Extension: (Sheets) - C:\Users\wogki\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-06-02]
CHR Extension: (Google Docs Offline) - C:\Users\wogki\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-06-02]
CHR Extension: (Chrome Web Store Payments) - C:\Users\wogki\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-06-02]
CHR Extension: (Gmail) - C:\Users\wogki\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-06-02]
CHR Extension: (Chrome Media Router) - C:\Users\wogki\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-06-02]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2020-03-27] (Apple Inc. -> Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9482688 2020-08-28] (Microsoft Corporation -> Microsoft Corporation)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [145224 2019-09-18] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
R2 EsgShKernel; C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe [11963616 2020-04-19] (EnigmaSoft Limited -> EnigmaSoft Limited)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [82216 2020-04-22] (Mixbyte Inc -> Freemake)
R2 LightKeeperService; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LightKeeperService.exe [85136 2020-03-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI Foundation Service; C:\Program Files (x86)\MSI\One Dragon Center\Game_Summary\FoundationService\MSIAPService.exe [58832 2020-02-18] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.)
R2 MSI_Central_Service; C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe [147088 2020-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 MSI_Companion_Service; C:\Program Files (x86)\MSI\One Dragon Center\Game_Summary\MSI_Companion_Service.exe [101008 2020-04-23] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 Mystic_Light_Service; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Mystic_Light_Service.exe [35504 2020-02-13] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 nordvpn-service; C:\Program Files\NordVPN\nssm.exe [378616 2020-09-23] (TEFINCOM S.A. -> Iain Patterson)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5097896 2020-09-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ShMonitor; C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe [524512 2020-04-19] (EnigmaSoft Limited -> EnigmaSoft Limited)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13088784 2020-05-25] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 VoiceControlService; C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControl_Service.exe [32400 2020-07-06] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\NisSrv.exe [2343112 2020-09-02] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MsMpEng.exe [128360 2020-09-02] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WirelessKB850NotificationService; C:\WINDOWS\system32\WirelessKB850NotificationService.exe [176624 2018-05-14] (Microsoft Corporation -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_b07091f1192d2582\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_b07091f1192d2582\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2020-04-20] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2020-04-20] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R1 EneTechIo; C:\Windows\system32\drivers\ene.sys [19968 2019-10-17] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 EnigmaFileMonDriver; C:\WINDOWS\System32\drivers\EnigmaFileMonDriver.sys [68424 2020-09-27] (EnigmaSoft Limited -> EnigmaSoft Limited)
S3 I2cHkBurn; C:\WINDOWS\system32\drivers\I2cHkBurn.sys [38544 2018-12-13] (Feature Integration Technology Inc -> FINTEK Corp.)
R4 KProcessHacker3; C:\Program Files\Process Hacker 2\kprocesshacker.sys [45208 2016-03-29] (Wen Jia Liu -> wj32)
R1 MpKsl49296fdc; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{65497BDB-5F9E-4262-A835-5FC5274F458B}\MpKsl49296fdc.sys [78056 2020-09-27] (Microsoft Windows -> Microsoft Corporation)
R3 MSIO; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\msio64.sys [18448 2019-10-17] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R3 nlwt; C:\WINDOWS\System32\drivers\nlwt.sys [39360 2020-04-20] (TEFINCOM S.A. -> WireGuard LLC)
R1 nordlwf; C:\WINDOWS\system32\DRIVERS\nordlwf.sys [38608 2020-07-10] (TEFINCOM S.A. -> TEFINCOM S.A.)
S3 NTIOLib_CC_Clock; C:\Program Files (x86)\MSI\One Dragon Center\Lib\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_CC_COMM; C:\Program Files (x86)\MSI\One Dragon Center\Lib\SYS\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_MysticLight; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Lib\NTIOLib_X64.sys [14288 2017-07-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
U5 PROCMON24; C:\Windows\System32\Drivers\PROCMON24.sys [90168 2020-07-21] (Microsoft Windows Hardware Compatibility Publisher -> Sysinternals - www.sysinternals.com)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
R3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48520 2020-09-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [428256 2020-09-02] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [69856 2020-09-02] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-09-27 05:25 - 2020-09-27 05:25 - 000041436 _____ C:\Users\wogki\Desktop\FRST.txt
2020-09-27 05:09 - 2020-09-27 05:09 - 000000000 _____ C:\Users\wogki\Desktop\New Text Document (2).txt
2020-09-27 05:01 - 2020-09-27 05:01 - 000000000 ____D C:\Users\wogki\Desktop\FRST-OlderVersion
2020-09-27 05:00 - 2020-09-27 05:01 - 002299392 _____ (Farbar) C:\Users\wogki\Desktop\FRST64 (1).exe
2020-09-27 04:06 - 2020-09-27 04:09 - 000000000 ____D C:\Users\wogki\AppData\Roaming\Process Hacker 2
2020-09-27 04:02 - 2020-09-27 04:02 - 000001965 _____ C:\Users\wogki\Desktop\Process Hacker 2.lnk
2020-09-27 04:02 - 2020-09-27 04:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Process Hacker 2
2020-09-27 04:02 - 2020-09-27 04:02 - 000000000 ____D C:\Program Files\Process Hacker 2
2020-09-27 03:47 - 2020-09-27 03:47 - 002267848 _____ (wj32 ) C:\Users\wogki\Downloads\processhacker-2.39-setup.exe
2020-09-27 03:44 - 2020-09-27 03:44 - 000052532 _____ C:\Users\wogki\Downloads\Awesome-master.zip
2020-09-27 03:37 - 2020-09-27 03:37 - 000167069 _____ C:\Users\wogki\Downloads\awesome-main.zip
2020-09-27 03:32 - 2020-09-27 03:32 - 000068090 _____ C:\Users\wogki\Downloads\MyFreeCourses.com-Udemy-MongoDB-The-Complete-Developers-Guide-2020.zip
2020-09-27 03:32 - 2020-09-27 03:32 - 000068090 _____ C:\Users\wogki\Downloads\MyFreeCourses.com-Udemy-MongoDB-The-Complete-Developers-Guide-2020 (2).zip
2020-09-27 03:32 - 2020-09-27 03:32 - 000068090 _____ C:\Users\wogki\Downloads\MyFreeCourses.com-Udemy-MongoDB-The-Complete-Developers-Guide-2020 (1).zip
2020-09-27 02:20 - 2020-09-27 02:20 - 002299392 _____ (Farbar) C:\Users\wogki\Downloads\FRST64.exe
2020-09-27 01:48 - 2020-09-27 01:48 - 000039318 _____ C:\Users\wogki\Desktop\POWERSHELL-GET-COMMANDS.txt
2020-09-27 01:03 - 2020-09-27 01:03 - 000000000 ____D C:\WINDOWS\system32\appmgmt
2020-09-27 00:49 - 2020-09-27 01:38 - 000000128 _____ C:\Users\wogki\Desktop\New Text Document.txt
2020-09-26 17:56 - 2020-09-26 17:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NordSec
2020-09-26 09:56 - 2020-09-26 09:56 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-09-25 22:34 - 2020-09-27 03:11 - 000000000 ____D C:\Users\wogki\AppData\Local\Everything
2020-09-25 18:39 - 2020-09-26 17:57 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-09-25 18:19 - 2020-09-27 03:11 - 000000000 ____D C:\Users\wogki\AppData\Roaming\Everything
2020-09-25 18:19 - 2020-09-25 18:19 - 000001104 _____ C:\Users\wogki\Desktop\Search Everything.lnk
2020-09-25 18:19 - 2020-09-25 18:19 - 000000000 ____D C:\Users\wogki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Everything
2020-09-25 18:19 - 2020-09-25 18:19 - 000000000 ____D C:\Program Files (x86)\Everything
2020-09-15 20:10 - 2020-09-27 03:03 - 000000000 ____D C:\WINDOWS\Minidump
2020-09-15 19:07 - 2020-09-15 19:07 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2020-09-15 18:45 - 2020-09-15 18:45 - 000108544 _____ (Microsoft Corporation) C:\Users\wogki\Downloads\HxTsr.exe
2020-09-15 18:45 - 2020-09-15 18:45 - 000108544 _____ (Microsoft Corporation) C:\Users\wogki\Downloads\HxTsr (1).exe
2020-09-15 17:36 - 2020-09-15 17:36 - 000208852 _____ C:\Users\wogki\Downloads\ed16k (1).zip
2020-09-15 17:36 - 2020-09-15 17:36 - 000020919 _____ C:\Users\wogki\Downloads\RunWinDiff.zip
2020-09-15 17:35 - 2020-09-15 17:35 - 000208852 _____ C:\Users\wogki\Downloads\ed16k.zip
2020-09-15 01:33 - 2020-09-15 01:33 - 000925434 _____ C:\Users\wogki\Downloads\util_tc_plugman_2.2.8.zip
2020-09-15 01:33 - 2020-09-15 01:33 - 000621599 _____ C:\Users\wogki\Downloads\wcx_7zip_0.7.6.6.bin (1).zip
2020-09-15 01:32 - 2020-09-15 01:32 - 000925434 _____ C:\Users\wogki\Downloads\util_TCPlugman.zip
2020-09-15 01:19 - 2020-09-15 01:19 - 000925434 _____ C:\Users\wogki\Downloads\tc_plugman.zip
2020-09-15 00:45 - 2020-09-15 00:45 - 000613775 _____ C:\Users\wogki\Downloads\wcx_7zip.zip
2020-09-15 00:42 - 2020-09-15 00:42 - 000000000 ____D C:\Users\wogki\Downloads\wcx_7zip_0.7.6.6.bin
2020-09-15 00:36 - 2020-09-15 00:36 - 000621599 _____ C:\Users\wogki\Downloads\wcx_7zip_0.7.6.6.bin.zip
2020-09-14 23:25 - 2020-09-14 23:27 - 000000000 ____D C:\S04
2020-09-14 22:44 - 2020-09-14 22:45 - 000000000 ____D C:\Users\wogki\AppData\Local\GHISLER
2020-09-14 22:43 - 2020-09-15 01:38 - 000000000 ____D C:\Users\wogki\AppData\Roaming\GHISLER
2020-09-14 22:43 - 2020-09-14 22:44 - 000000000 ____D C:\totalcmd
2020-09-14 22:43 - 2020-09-14 22:43 - 000000683 _____ C:\Users\wogki\Desktop\Total Commander 64 bit.lnk
2020-09-14 22:43 - 2020-09-14 22:43 - 000000000 ____D C:\Users\wogki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
2020-09-14 00:18 - 2020-09-14 00:18 - 000809999 _____ C:\Users\wogki\Downloads\Homedale.zip
2020-09-14 00:02 - 2020-09-14 00:02 - 000709805 _____ C:\Users\wogki\Downloads\explorer++_1.3.5_x64.zip
2020-09-13 22:54 - 2020-09-13 22:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2020-09-13 22:54 - 2020-09-13 22:54 - 000000000 ____D C:\Program Files\7-Zip
2020-09-13 21:30 - 2020-09-13 21:30 - 000001544 _____ C:\Users\wogki\Downloads\ATT00004.htm
2020-09-13 19:24 - 2020-09-13 19:24 - 000000000 ____D C:\Users\wogki\Downloads\Telegram Desktop
2020-09-13 19:17 - 2020-09-13 19:21 - 000000000 ____D C:\Users\wogki\AppData\Roaming\Telegram Desktop
2020-09-13 19:17 - 2020-09-13 19:17 - 000001032 _____ C:\Users\wogki\Desktop\Telegram.lnk
2020-09-13 19:17 - 2020-09-13 19:17 - 000000000 ____D C:\Users\wogki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop
2020-09-13 10:19 - 2020-09-13 10:19 - 000000000 ___HD C:\$SysReset
2020-09-13 02:42 - 2020-09-13 02:42 - 000090044 _____ C:\Users\wogki\Downloads\networkopenedfiles-x64.zip
2020-09-13 01:18 - 2020-09-13 01:18 - 000322954 _____ C:\Users\wogki\Downloads\Goirate-0.15.3.zip
2020-09-13 00:08 - 2020-09-13 00:08 - 000408996 _____ C:\Users\wogki\Downloads\whoisconnectedsniffer-x64.zip
2020-09-13 00:05 - 2020-09-13 00:18 - 059432138 _____ C:\Users\wogki\Downloads\tixati-2.75-1.portable.zip
2020-09-12 22:16 - 2020-09-13 10:27 - 000000000 ____D C:\Program Files\EZ CD Audio Converter
2020-09-12 22:16 - 2020-09-12 22:16 - 000000928 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EZ CD Audio Converter.lnk
2020-09-12 22:16 - 2020-09-12 22:16 - 000000000 ____D C:\ProgramData\EZ CD Audio Converter
2020-09-12 22:11 - 2020-09-12 22:16 - 000000000 ____D C:\Users\wogki\AppData\Local\EZ CD Audio Converter
2020-09-10 23:17 - 2020-09-27 03:12 - 000068424 _____ (EnigmaSoft Limited) C:\WINDOWS\system32\Drivers\EnigmaFileMonDriver.sys
2020-09-10 20:51 - 2020-09-10 20:51 - 032610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsRaw.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 031598936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsRaw.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 026272768 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 024264704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 023441408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 019869696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 018766848 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 018075136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 014754304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 010847552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 010336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 009034752 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 008897200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 008006248 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 007979416 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 007755776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 007633360 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 007611904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 006417408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll










2020-09-10 20:51 - 2020-09-10 20:51 - 006357032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 006197760 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 006193664 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 005993968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 005870496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 005820416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 005776544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 005729280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AI.MachineLearning.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 005430480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 005056000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 004892672 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 004820992 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 004783344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 004747776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 004727296 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 004629328 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 004592136 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 004523008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 004362816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 004304384 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 004274688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 004009064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 003992576 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 003978240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AI.MachineLearning.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 003913728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 003875840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 003868672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 003847680 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 003819528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 003815424 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-09-10 20:51 - 2020-09-10 20:51 - 003806720 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 003779384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-09-10 20:51 - 2020-09-10 20:51 - 003749376 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 003659264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 003587584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 003547784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 003505952 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 003436544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 003384832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 003334656 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 003303936 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 003181056 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 003082240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 003062784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 002991416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-09-10 20:51 - 2020-09-10 20:51 - 002975744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 002951680 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-09-10 20:51 - 2020-09-10 20:51 - 002918736 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 002851128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2020-09-10 20:51 - 2020-09-10 20:51 - 002806152 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 002772992 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 002757120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 002749440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-09-10 20:51 - 2020-09-10 20:51 - 002687488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 002647040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 002635640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 002631168 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 002606592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 002587448 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 002541056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 002519512 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 002452856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2020-09-10 20:51 - 2020-09-10 20:51 - 002451456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 002433024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 002422784 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 002383672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.AppAgent.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 002338184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 002319216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 002317824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 002306048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 002265328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 002259968 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 002248192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 002206208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 002200576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ModernAppAgent.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 002178048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 002136744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2020-09-10 20:51 - 2020-09-10 20:51 - 002131032 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 002103704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 002102784 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowsudk.shellcommon.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 002023704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 002021192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001980728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001978656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001956032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001951232 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001924608 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001905664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001868672 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001866240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001856312 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001834496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001825280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll2020-09-10 20:51 - 2020-09-10 20:51 - 001812368 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001805192 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-09-10 20:51 - 2020-09-10 20:51 - 001777152 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001770040 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001766912 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdprt.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001765888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001751432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001720832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001719096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001711104 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001701368 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001700352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001695208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001693208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001681408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001659904 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001654824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001649664 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001640888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001632056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.AppAgent.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001617088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001588016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001557816 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 001548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2020-09-10 20:51 - 2020-09-10 20:51 - 001542752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001541224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001538656 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 001530880 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001514496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001506608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001504768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MoUsoCoreWorker.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 001502016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001498624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001494016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001492480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001488384 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001485824 _____ (Microsoft Corporation) C:\WINDOWS\system32\APMon.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001473024 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001472824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2020-09-10 20:51 - 2020-09-10 20:51 - 001449792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001449472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001438432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001438008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001430528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001426944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001414144 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 001411072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmc.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 001400208 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001393480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-09-10 20:51 - 2020-09-10 20:51 - 001388544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001378568 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputHost.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001375232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdprt.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001352232 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001337344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001337176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001333248 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001329664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001314608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001309504 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2020-09-10 20:51 - 2020-09-10 20:51 - 001301584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001296384 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001279288 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvstore.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001277440 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001261056 _____ (Microsoft Corporation) C:\WINDOWS\system32\directml.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001260200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001259320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001257984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001255744 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 001253376 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2020-09-10 20:51 - 2020-09-10 20:51 - 001239040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001209344 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001209096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 001201152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AgentService.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 001198592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CommonBridge.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001198288 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 001191592 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001183256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001181200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001145344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001140928 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001138176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplySettingsTemplateCatalog.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 001128544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 001126488 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001117344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001114112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001104384 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001094472 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001092392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001091584 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001089344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2020-09-10 20:51 - 2020-09-10 20:51 - 001081856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001068112 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001061376 _____ (Microsoft Corporation) C:\WINDOWS\system32\opengl32.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001059328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001056768 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001048064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2020-09-10 20:51 - 2020-09-10 20:51 - 001046528 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2020-09-10 20:51 - 2020-09-10 20:51 - 001044880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001030656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001028288 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001027344 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001021952 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001014864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001009664 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001008696 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 001003320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvstore.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000999744 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 000992768 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000978760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000976680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 000975872 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000969544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPolicy.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000969216 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000966144 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFS.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 000961192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000951808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2020-09-10 20:51 - 2020-09-10 20:51 - 000946712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000943408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000939448 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000935936 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 000934912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000929792 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000921088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\opengl32.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000920896 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 000914216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000913776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000912896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000908800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000907440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000903992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-09-10 20:51 - 2020-09-10 20:51 - 000894768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 000894264 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVManifest.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000890944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000887304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000887296 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2020-09-10 20:51 - 2020-09-10 20:51 - 000885760 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000882176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000881152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000877056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000869376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directml.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll2020-09-10 20:51 - 2020-09-10 20:51 - 000859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\assignedaccessmanagersvc.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000857344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000856064 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000844448 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000843376 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 000827912 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000822784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2020-09-10 20:51 - 2020-09-10 20:51 - 000819200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000809280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2020-09-10 20:51 - 2020-09-10 20:51 - 000803328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000801544 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 000799544 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.applicationmodel.datatransfer.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000797448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000795136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000794624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000782968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000777728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShellCommonCommonProxyStub.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000775776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000770560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.PrinterCustomActions.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000763840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000761280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000759792 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2020-09-10 20:51 - 2020-09-10 20:51 - 000757192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000755576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000755200 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000753664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Office2013CustomActions.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000753152 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000750976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FlightSettings.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000749056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000748360 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000747320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000744240 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOE.DLL
2020-09-10 20:51 - 2020-09-10 20:51 - 000739128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000736056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000733696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2020-09-10 20:51 - 2020-09-10 20:51 - 000733184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BTAGService.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000725608 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 000711680 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000707584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000705560 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 000705024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000702792 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000702776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2020-09-10 20:51 - 2020-09-10 20:51 - 000702464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000697344 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000688960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 000687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000687104 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000680664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOE.DLL
2020-09-10 20:51 - 2020-09-10 20:51 - 000677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvgogl32.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000677888 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 000676680 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000674304 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationFrame.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFSR.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000668472 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000665264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2020-09-10 20:51 - 2020-09-10 20:51 - 000657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000651776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000647480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2020-09-10 20:51 - 2020-09-10 20:51 - 000643584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000639928 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000637440 _____ (Microsoft Corporation) C:\WINDOWS\system32\UiaManager.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000636928 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000635824 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 000634680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000634240 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000629760 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000627712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000617472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000614912 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000614912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000611840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000609792 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll2020-09-10 20:51 - 2020-09-10 20:51 - 000604472 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000603464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2020-09-10 20:51 - 2020-09-10 20:51 - 000602440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2020-09-10 20:51 - 2020-09-10 20:51 - 000602184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-09-10 20:51 - 2020-09-10 20:51 - 000591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessManager.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WLanConn.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000586752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Payments.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 000585696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000583608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000583168 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000581632 _____ (Microsoft Corporation) C:\WINDOWS\system32\scesrv.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000575800 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000573752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2020-09-10 20:51 - 2020-09-10 20:51 - 000572928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
 
2020-09-10 20:51 - 2020-09-10 20:51 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000566272 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000559616 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxdiagn.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000552960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountWAMExtension.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000547328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000547328 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 000546464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000540160 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\IESettingSync.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 000538120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000531448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000530440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000528352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000527880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResourceMapper.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000526848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000525312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000520192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000520192 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000517120 _____ (Microsoft Corporation) C:\WINDOWS\system32\glmf32.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UiaManager.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000512512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000511488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.Office2013CustomActions.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000509440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000507904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000502592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-09-10 20:51 - 2020-09-10 20:51 - 000501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000500968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2020-09-10 20:51 - 2020-09-10 20:51 - 000495848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp_win.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2020-09-10 20:51 - 2020-09-10 20:51 - 000491008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000488960 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000485888 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000482304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000481792 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000478208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000475136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000472376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2020-09-10 20:51 - 2020-09-10 20:51 - 000471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000457728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxdiagn.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000455680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000455480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2020-09-10 20:51 - 2020-09-10 20:51 - 000454960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-09-10 20:51 - 2020-09-10 20:51 - 000454144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000446464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WLanConn.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000446264 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000437760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountExtension.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 000434688 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 000432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMPOSE.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000429880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2020-09-10 20:51 - 2020-09-10 20:51 - 000428672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CscUnpinTool.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 000422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanui.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000420920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000420456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000418816 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 000418800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2020-09-10 20:51 - 2020-09-10 20:51 - 000417280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scesrv.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000412688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Payments.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000403768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-09-10 20:51 - 2020-09-10 20:51 - 000402944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000399872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000395264 _____ (Microsoft Corporation) C:\WINDOWS\system32\licensingdiag.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 000393728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlangpui.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glmf32.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000390144 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppLockerCSP.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000387072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShellCommonCommonProxyStub.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000382976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountWAMExtension.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000380728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2020-09-10 20:51 - 2020-09-10 20:51 - 000378368 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000377344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000374072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000373560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000371712 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000367616 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuickActionsDataModel.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000367416 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000366392 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanui.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000361984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000361472 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000360024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 000357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000342016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2020-09-10 20:51 - 2020-09-10 20:51 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 000339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_InputPersonalization.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000337768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000332288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-09-10 20:51 - 2020-09-10 20:51 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000328704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000322560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000322376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msquic.sys
2020-09-10 20:51 - 2020-09-10 20:51 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000321024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000321024 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFMCP.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000318464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinit.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlancfg.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000309248 _____ (Microsoft Corporation) C:\WINDOWS\system32\smbwmiv2.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000305472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2020-09-10 20:51 - 2020-09-10 20:51 - 000304640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\syncutil.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000303288 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000303168 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 000303104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnputil.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Lights.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000297984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlangpui.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000289280 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 000286720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000286024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\directxdatabaseupdater.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ConfigWrapper.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000283648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcomapi.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000282624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000278016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.FileExplorer.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovs.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstext40.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppLockerCSP.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000272384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 000269624 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000265728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000260920 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\DesktopSwitcherDataModel.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000259888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2020-09-10 20:51 - 2020-09-10 20:51 - 000259584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2020-09-10 20:51 - 2020-09-10 20:51 - 000255296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2020-09-10 20:51 - 2020-09-10 20:51 - 000253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000251192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVFileSystemMetadata.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000249664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlancfg.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000248320 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Gpu.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000248320 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOVER.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 000245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000245248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glu32.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000244736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pdh.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000242688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ssdpsrv.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000240136 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000239432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxApplicabilityEngine.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgiadaptercache.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 000235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000233984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000230392 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000230376 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPHLPAPI.DLL
2020-09-10 20:51 - 2020-09-10 20:51 - 000229376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.CapturePicker.Desktop.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipboardServer.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000223544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVStreamMap.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000223040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ataport.sys
2020-09-10 20:51 - 2020-09-10 20:51 - 000222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\VideoHandlers.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000219960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVShNotify.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 000219648 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2P.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000217920 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000214016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000213344 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000212760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000208696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2020-09-10 20:51 - 2020-09-10 20:51 - 000206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndiswan.sys
2020-09-10 20:51 - 2020-09-10 20:51 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSoftwareInstallationClient.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000196768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IPHLPAPI.DLL
2020-09-10 20:51 - 2020-09-10 20:51 - 000195896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2020-09-10 20:51 - 2020-09-10 20:51 - 000195384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVStreamingUX.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000190792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxApplicabilityEngine.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000186472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Clipc.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000185672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2020-09-10 20:51 - 2020-09-10 20:51 - 000185664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2020-09-10 20:51 - 2020-09-10 20:51 - 000185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSUTILITY.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000183296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvgocl32.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000183112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2020-09-10 20:51 - 2020-09-10 20:51 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvcext.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrahc.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000180040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2020-09-10 20:51 - 2020-09-10 20:51 - 000180024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2020-09-10 20:51 - 2020-09-10 20:51 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAuto.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000176440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000175928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVDllSurrogate.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dialclient.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000169456 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000167880 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000167224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVNice.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 000166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000166272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\omadmapi.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeHelper.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\glu32.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000164152 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvsievaluator.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 000163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000162616 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvsigpext.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BitLockerCsp.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidpolicyconverter.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 000160064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2020-09-10 20:51 - 2020-09-10 20:51 - 000159048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2020-09-10 20:51 - 2020-09-10 20:51 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWSD.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000155952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2020-09-10 20:51 - 2020-09-10 20:51 - 000153400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000152376 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadWamExtension.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000147256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2020-09-10 20:51 - 2020-09-10 20:51 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvgu1132.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAuto.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000143104 _____ (Microsoft Corporation) C:\WINDOWS\system32\profapi.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000142336 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000141008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Clipc.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000138936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000137016 _____ C:\WINDOWS\system32\HvsiManagementApi.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredDialogBroker.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GraphicsCapture.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000133736 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\appvetwclientres.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000132928 _____ (Microsoft Corporation) C:\WINDOWS\system32\oemlicense.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000132728 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcDecoderHost.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 000131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWSD.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Utilman.exe2020-09-10 20:51 - 2020-09-10 20:51 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000125016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlgpclnt.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000119608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadWamExtension.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 000118072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000117056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000117048 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000116024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2020-09-10 20:51 - 2020-09-10 20:51 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdSSDP.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsiCx.sys
2020-09-10 20:51 - 2020-09-10 20:51 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2020-09-10 20:51 - 2020-09-10 20:51 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2020-09-10 20:51 - 2020-09-10 20:51 - 000110504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2020-09-10 20:51 - 2020-09-10 20:51 - 000109992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profapi.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GraphicsCapture.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys
2020-09-10 20:51 - 2020-09-10 20:51 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3msm.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\raspptp.sys
2020-09-10 20:51 - 2020-09-10 20:51 - 000101688 _____ C:\WINDOWS\SysWOW64\HvsiManagementApi.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000099640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlgpclnt.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Utilman.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000097080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oemlicense.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvgumd32.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000095032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2020-09-10 20:51 - 2020-09-10 20:51 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwm.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3api.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000092952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 000091448 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000090400 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdSSDP.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3msm.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3api.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rassstp.sys
2020-09-10 20:51 - 2020-09-10 20:51 - 000085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\monitor.sys
2020-09-10 20:51 - 2020-09-10 20:51 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000078528 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntlanman.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000073728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000070976 _____ (Microsoft Corporation) C:\WINDOWS\system32\GameInput.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000069752 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000069728 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumcrypt.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000069432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceReactivation.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000068928 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtutils.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ssdpapi.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.PlatformExtension.DevicePickerExperience.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManMigrationPlugin.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000064824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000064008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\edpnotify.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmRes.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmRes.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000061752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GameInput.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntlanman.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Profile.SystemId.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 000060744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2020-09-10 20:51 - 2020-09-10 20:51 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessRuntime.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000059448 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\udhisapi.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000056648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pciidex.sys
2020-09-10 20:51 - 2020-09-10 20:51 - 000055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagnosticdataquery.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtutils.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringconfigsp.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCShellCommonProxyStub.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edpnotify.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 000047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfctrs.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Profile.SystemId.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AssignedAccessRuntime.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmprovhost.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfproc.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Office2010CustomActions.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthMini.SYS
2020-09-10 20:51 - 2020-09-10 20:51 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfdisk.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnpcont.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfos.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000042320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryCore.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
 
2020-09-10 20:51 - 2020-09-10 20:51 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afunix.sys
2020-09-10 20:51 - 2020-09-10 20:51 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfctrs.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfproc.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000038712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncAppvPublishingServer.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfdisk.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\IcsEntitlementHost.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmprovhost.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfos.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.Office2010CustomActions.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnpcont.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMPOSERES.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 000034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAgent.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys
2020-09-10 20:51 - 2020-09-10 20:51 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmintegrator.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.drv
2020-09-10 20:51 - 2020-09-10 20:51 - 000030024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\atapi.sys
2020-09-10 20:51 - 2020-09-10 20:51 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Drivers\afunix.sys
2020-09-10 20:51 - 2020-09-10 20:51 - 000029456 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmbuspipe.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000028160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCShellCommonProxyStub.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfnet.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\midimap.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootim.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAgent.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidtel.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfnet.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.drv
2020-09-10 20:51 - 2020-09-10 20:51 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdiagnostics.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000021816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScriptRunner.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 000021312 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidtel.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragproxy.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidcertstorecheck.exe
2020-09-10 20:51 - 2020-09-10 20:51 - 000019776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelide.sys
2020-09-10 20:51 - 2020-09-10 20:51 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\midimap.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\applockerfltr.sys
2020-09-10 20:51 - 2020-09-10 20:51 - 000017216 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000016704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pciide.sys
2020-09-10 20:51 - 2020-09-10 20:51 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmplpxy.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d8thk.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\appvetwstreamingux.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSErrRedir.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmplpxy.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000009277 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2020-09-10 20:51 - 2020-09-10 20:51 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragres.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2020-09-10 20:51 - 2020-09-10 20:51 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2020-09-10 20:48 - 2020-08-25 13:42 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-09-10 20:48 - 2020-08-25 13:36 - 000495616 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-09-02 23:33 - 2020-09-02 23:33 - 000000000 ____D C:\AdwCleaner
2020-09-01 01:16 - 2020-09-01 01:16 - 000007605 _____ C:\Users\wogki\AppData\Local\Resmon.ResmonCfg
2020-08-31 00:11 - 2020-08-31 00:11 - 000078275 _____ C:\Users\wogki\Downloads\11_Dept-Defence-Australia_WEB.pdf
2020-08-31 00:08 - 2020-08-31 00:08 - 000322802 _____ C:\Users\wogki\Downloads\Tait_NZP-IPICS_Solution-Overview.pdf
2020-08-30 22:52 - 2020-08-30 22:52 - 005868849 _____ C:\Users\wogki\Downloads\fftw-3.3.5.7z
2020-08-30 22:52 - 2020-08-30 22:52 - 002079403 _____ C:\Users\wogki\Downloads\gsl-1.16.7z
2020-08-30 22:52 - 2020-08-30 22:52 - 001504620 _____ C:\Users\wogki\Downloads\pa_stable_v19_20140130.tgz
2020-08-30 22:52 - 2020-08-30 22:52 - 000470169 _____ C:\Users\wogki\Downloads\cppunit-1.12.1.7z
2020-08-29 22:48 - 2020-09-12 16:32 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-08-29 22:48 - 2020-08-29 22:48 - 000002888 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2020-08-29 22:48 - 2020-08-29 22:48 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-08-29 22:48 - 2020-08-29 22:48 - 000000863 _____ C:\ProgramData\Desktop\CCleaner.lnk
2020-08-29 22:48 - 2020-08-29 22:48 - 000000000 ____D C:\Program Files\CCleaner

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-09-27 05:25 - 2020-07-21 21:27 - 000000000 ____D C:\FRST
2020-09-27 05:11 - 2019-12-07 19:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-09-27 05:09 - 2020-04-19 19:15 - 000000000 ____D C:\Users\wogki\AppData\Roaming\Spotify
2020-09-27 03:42 - 2019-12-07 19:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-09-27 03:21 - 2020-04-19 19:09 - 000000000 ____D C:\Users\wogki\AppData\Local\JDownloader 2.0
2020-09-27 03:19 - 2020-06-09 14:51 - 000840598 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-09-27 03:19 - 2019-12-07 19:13 - 000000000 ____D C:\WINDOWS\INF
2020-09-27 03:15 - 2020-04-19 18:53 - 000000000 ____D C:\Users\wogki\AppData\LocalLow\Mozilla
2020-09-27 03:13 - 2020-04-19 19:15 - 000000000 ____D C:\Users\wogki\AppData\Local\Spotify
2020-09-27 03:13 - 2020-04-19 18:29 - 000000000 ___RD C:\Users\wogki\OneDrive
2020-09-27 03:12 - 2020-06-09 14:49 - 000003372 _____ C:\WINDOWS\system32\Tasks\RegHunterStartup
2020-09-27 03:12 - 2020-06-09 14:49 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-09-27 03:12 - 2020-06-09 14:45 - 000008192 ___SH C:\DumpStack.log.tmp
2020-09-27 03:12 - 2020-04-21 20:17 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-09-27 03:11 - 2020-04-19 18:32 - 000012194 _____ C:\ProgramData\DisplaySessionContainer1.log_backup1
2020-09-27 03:11 - 2020-04-19 18:29 - 000021236 _____ C:\ProgramData\NVDisplayContainerWatchdog.log_backup1
2020-09-27 03:11 - 2020-04-19 18:29 - 000017156 _____ C:\ProgramData\NVDisplay.ContainerLocalSystem.log_backup1
2020-09-27 03:11 - 2019-12-07 19:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-09-27 03:07 - 2020-07-21 05:35 - 000036344 _____ (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCEXP152.SYS
2020-09-27 03:06 - 2020-04-19 18:28 - 000000000 ____D C:\Users\wogki\AppData\Local\Packages
2020-09-27 03:06 - 2019-12-07 19:14 - 000000000 ___HD C:\Program Files\WindowsApps
2020-09-27 03:06 - 2019-12-07 19:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-09-27 02:58 - 2020-04-19 18:29 - 000001209 _____ C:\ProgramData\NvcDispCorePlugin.log_backup1
2020-09-27 02:44 - 2019-12-07 19:14 - 000000000 ____D C:\WINDOWS\ServiceState
2020-09-27 02:43 - 2020-04-19 19:13 - 000000000 ____D C:\Users\wogki\AppData\Roaming\qBittorrent
2020-09-27 02:27 - 2020-04-19 19:14 - 000000000 ____D C:\Users\wogki\AppData\Roaming\vlc
2020-09-27 01:07 - 2020-06-09 07:01 - 000000000 ____D C:\Users\wogki\AppData\Roaming\Kodi
2020-09-27 00:11 - 2020-06-09 14:49 - 000004168 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{47742D7C-2B87-4E69-B0F7-95CE59632841}
2020-09-26 22:11 - 2020-04-20 23:16 - 000000000 ____D C:\Users\wogki\AppData\Roaming\mIRC
2020-09-26 22:08 - 2020-06-09 14:46 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-09-26 17:57 - 2020-04-19 18:53 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-09-26 17:56 - 2020-07-17 18:39 - 000001800 _____ C:\Users\wogki\Desktop\NordVPN.lnk
2020-09-26 17:56 - 2020-07-17 18:39 - 000000000 ____D C:\ProgramData\NordVPN
2020-09-26 17:56 - 2020-07-17 18:39 - 000000000 ____D C:\Program Files\NordVPN
2020-09-26 17:56 - 2020-04-19 19:12 - 000000000 ____D C:\Users\wogki\AppData\Local\NordVPN
2020-09-26 10:02 - 2020-04-19 18:53 - 000000000 ____D C:\ProgramData\Mozilla
2020-09-26 09:56 - 2020-04-19 18:53 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-09-25 22:36 - 2020-05-03 21:53 - 000011370 _____ C:\ProgramData\DisplaySessionContainer5.log_backup1
2020-09-25 18:09 - 2020-07-01 10:26 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-09-25 18:09 - 2020-07-01 10:26 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-09-25 18:09 - 2020-07-01 10:26 - 000002276 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2020-09-25 18:09 - 2020-04-19 18:49 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-09-25 18:09 - 2020-04-19 18:49 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-09-25 18:09 - 2020-04-19 18:49 - 000002260 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-09-23 21:37 - 2020-07-01 10:26 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-09-23 21:37 - 2020-07-01 10:26 - 000003356 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-09-22 21:49 - 2020-04-20 00:30 - 000013103 _____ C:\ProgramData\DisplaySessionContainer3.log_backup1
2020-09-21 00:05 - 2020-04-19 18:29 - 000012578 _____ C:\ProgramData\DisplaySessionContainer2.log_backup1
2020-09-18 23:14 - 2020-04-26 19:50 - 000012194 _____ C:\ProgramData\DisplaySessionContainer4.log_backup1
2020-09-18 16:58 - 2020-06-09 14:49 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3480283546-2191185484-2088037597-1001
2020-09-18 16:58 - 2020-06-09 14:37 - 000002367 _____ C:\Users\wogki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-09-18 13:57 - 2020-04-20 19:29 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-09-18 13:55 - 2020-04-20 19:29 - 129170736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-09-15 22:29 - 2020-04-28 22:32 - 000000000 ____D C:\Users\wogki\AppData\Roaming\DS4Windows
2020-09-15 20:24 - 2020-06-09 14:37 - 000000000 ____D C:\Users\wogki
2020-09-15 19:07 - 2019-12-07 19:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-09-15 19:06 - 2020-04-20 22:52 - 000000000 ____D C:\Program Files\Microsoft Office
2020-09-15 01:38 - 2020-06-09 13:35 - 000000000 ___HD C:\$WinREAgent
2020-09-14 20:42 - 2020-04-19 18:29 - 000000000 ____D C:\Users\wogki\AppData\Local\PlaceholderTileLogoFolder
2020-09-13 10:29 - 2019-12-07 19:54 - 000000000 __SHD C:\WINDOWS\BitLockerDiscoveryVolumeContents
2020-09-13 10:29 - 2019-12-07 19:54 - 000000000 ___SD C:\WINDOWS\system32\AppV
2020-09-13 10:29 - 2019-12-07 19:54 - 000000000 ____D C:\Program Files\Windows Portable Devices
2020-09-13 10:29 - 2019-12-07 19:54 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2020-09-13 10:29 - 2019-12-07 19:54 - 000000000 ____D C:\Program Files\Windows Multimedia Platform
2020-09-13 10:29 - 2019-12-07 19:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2020-09-13 10:29 - 2019-12-07 19:54 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices
2020-09-13 10:29 - 2019-12-07 19:54 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2020-09-13 10:29 - 2019-12-07 19:54 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2020-09-13 10:29 - 2019-12-07 19:52 - 000000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync
2020-09-13 10:29 - 2019-12-07 19:52 - 000000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync
2020-09-13 10:29 - 2019-12-07 19:51 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2020-09-13 10:29 - 2019-12-07 19:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2020-09-13 10:29 - 2019-12-07 19:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2020-09-13 10:29 - 2019-12-07 19:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2020-09-13 10:29 - 2019-12-07 19:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2020-09-13 10:29 - 2019-12-07 19:14 - 000000000 ___SD C:\WINDOWS\system32\dsc
2020-09-13 10:29 - 2019-12-07 19:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2020-09-13 10:29 - 2019-12-07 19:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2020-09-13 10:29 - 2019-12-07 19:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-09-13 10:29 - 2019-12-07 19:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-09-13 10:29 - 2019-12-07 19:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2020-09-13 10:29 - 2019-12-07 19:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2020-09-13 10:29 - 2019-12-07 19:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2020-09-13 10:29 - 2019-12-07 19:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2020-09-13 10:29 - 2019-12-07 19:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2020-09-13 10:29 - 2019-12-07 19:14 - 000000000 ____D C:\WINDOWS\SysWOW64\InstallShield
2020-09-13 10:29 - 2019-12-07 19:14 - 000000000 ____D C:\WINDOWS\SysWOW64\downlevel
2020-09-13 10:29 - 2019-12-07 19:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-09-13 10:29 - 2019-12-07 19:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2020-09-13 10:29 - 2019-12-07 19:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2020-09-13 10:29 - 2019-12-07 19:14 - 000000000 ____D C:\WINDOWS\SystemResources
2020-09-13 10:29 - 2019-12-07 19:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2020-09-13 10:29 - 2019-12-07 19:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2020-09-13 10:29 - 2019-12-07 19:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2020-09-13 10:29 - 2019-12-07 19:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2020-09-13 10:29 - 2019-12-07 19:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2020-09-13 10:29 - 2019-12-07 19:14 - 000000000 ____D C:\WINDOWS\system32\setup
2020-09-13 10:29 - 2019-12-07 19:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2020-09-13 10:29 - 2019-12-07 19:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-09-13 10:29 - 2019-12-07 19:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-09-13 10:29 - 2019-12-07 19:14 - 000000000 ____D C:\WINDOWS\system32\downlevel
2020-09-13 10:29 - 2019-12-07 19:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-09-13 10:29 - 2019-12-07 19:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2020-09-13 10:29 - 2019-12-07 19:14 - 000000000 ____D C:\WINDOWS\system32\Com
2020-09-13 10:29 - 2019-12-07 19:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2020-09-13 10:29 - 2019-12-07 19:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2020-09-13 10:29 - 2019-12-07 19:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-09-13 10:29 - 2019-12-07 19:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2020-09-13 10:29 - 2019-12-07 19:14 - 000000000 ____D C:\WINDOWS\Provisioning
2020-09-13 10:29 - 2019-12-07 19:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2020-09-13 10:29 - 2019-12-07 19:14 - 000000000 ____D C:\WINDOWS\L2Schemas
2020-09-13 10:29 - 2019-12-07 19:14 - 000000000 ____D C:\WINDOWS\IME
2020-09-13 10:29 - 2019-12-07 19:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2020-09-13 10:29 - 2019-12-07 19:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-09-13 10:29 - 2019-12-07 19:14 - 000000000 ____D C:\Program Files\Common Files\System
2020-09-13 10:29 - 2019-12-07 19:03 - 000000000 ____D C:\WINDOWS\servicing
2020-09-13 10:28 - 2019-12-07 19:14 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2020-09-13 10:28 - 2019-12-07 19:14 - 000000000 ____D C:\WINDOWS\SysWOW64\InputMethod
2020-09-13 10:28 - 2019-12-07 19:14 - 000000000 ____D C:\WINDOWS\SysWOW64\IME
2020-09-13 10:28 - 2019-12-07 19:14 - 000000000 ____D C:\WINDOWS\system32\MUI
2020-09-13 10:28 - 2019-12-07 19:14 - 000000000 ____D C:\WINDOWS\system32\InputMethod
2020-09-13 10:28 - 2019-12-07 19:14 - 000000000 ____D C:\WINDOWS\system32\IME
2020-09-13 10:27 - 2020-08-11 04:03 - 000000000 ____D C:\ProgramData\Licenses
2020-09-13 10:27 - 2020-04-21 16:37 - 000000000 ____D C:\Users\wogki\AppData\Roaming\Winamp
2020-09-13 10:27 - 2020-04-19 19:23 - 000000000 ____D C:\Users\wogki\AppData\Local\Abelssoft
2020-09-13 10:27 - 2019-12-07 19:14 - 000000000 ____D C:\WINDOWS\schemas
2020-09-13 10:27 - 2019-12-07 19:14 - 000000000 ____D C:\WINDOWS\Globalization
2020-09-13 10:27 - 2019-12-07 19:14 - 000000000 ____D C:\WINDOWS\Containers
2020-09-13 10:27 - 2019-12-07 19:14 - 000000000 ____D C:\WINDOWS\Branding
2020-09-13 10:24 - 2019-12-07 19:14 - 000000000 ____D C:\WINDOWS\registration
2020-09-13 10:21 - 2020-04-21 13:56 - 000000000 ____D C:\Users\wogki\AppData\Local\ElevatedDiagnostics
2020-09-13 10:12 - 2019-12-07 19:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-09-12 22:12 - 2020-04-20 23:19 - 000000000 ____D C:\ProgramData\Temp
2020-09-10 23:17 - 2020-06-09 14:46 - 000440728 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-09-10 20:51 - 2020-06-09 14:47 - 002876416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2020-09-05 23:08 - 2020-05-04 23:00 - 000013500 _____ C:\ProgramData\DisplaySessionContainer6.log_backup1
2020-09-02 16:43 - 2020-04-20 11:23 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-09-01 01:12 - 2019-03-19 14:52 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2020-08-31 21:41 - 2020-04-28 23:01 - 000000000 ____D C:\Users\wogki\AppData\Roaming\Anvsoft
2020-08-29 22:53 - 2020-04-20 23:21 - 000000000 ____D C:\Users\wogki\AppData\Roaming\DAEMON Tools Lite
2020-08-29 22:52 - 2020-06-09 13:37 - 000000000 ___DC C:\WINDOWS\Panther

==================== Files in the root of some directories ========

2020-09-01 01:16 - 2020-09-01 01:16 - 000007605 _____ () C:\Users\wogki\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-09-2020
Ran by wogki (27-09-2020 05:25:49)
Running from C:\Users\wogki\Desktop
Windows 10 Pro Version 2004 19041.508 (X64) (2020-06-09 04:49:58)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3480283546-2191185484-2088037597-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3480283546-2191185484-2088037597-503 - Limited - Disabled)
Guest (S-1-5-21-3480283546-2191185484-2088037597-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3480283546-2191185484-2088037597-504 - Limited - Disabled)
wogki (S-1-5-21-3480283546-2191185484-2088037597-1001 - Administrator - Enabled) => C:\Users\wogki

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
ActMask PDF Virtual Printer SDK (HKLM\...\ActMask PDF Virtual Printer SDK - Licensee: Asha~0729FCB9_is1) (Version: - )
AMD Ryzen Master SDK (HKLM\...\{DBD50508-5F75-416B-995D-C42433A00944}) (Version: 2.2.0.1506 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.10.36 - Advanced Micro Devices, Inc.)
Any Video Converter Ultimate 6.3.8 (HKLM-x32\...\Any Video Converter Ultimate_is1) (Version: - Any-Video-Converter.com)
Apple Application Support (32-bit) (HKLM-x32\...\{6CF0CAEE-54B6-4D84-A055-3AF110F189D3}) (Version: 8.4 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{8B127943-89E7-4691-A7A4-D05807920A84}) (Version: 8.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0A394C41-FBA7-4930-85FC-3A973B34E6C6}) (Version: 13.5.0.26 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
AppNHost 1.0.5.1 (HKLM-x32\...\{A8CB86C7-CD4C-4C4F-AF6A-33D1CAC63562}) (Version: 1.0.5.1 - Mixesoft Project)
Ashampoo Burning Studio 20 (HKLM-x32\...\{91B33C97-155F-C10C-D4D6-CABA03805EE4}_is1) (Version: 20.0.1 - Ashampoo GmbH & Co. KG)
Ashampoo PDF Pro 2 (HKLM-x32\...\{0A11EA01-0224-BF80-B342-BDA165B48491}_is1) (Version: 2.0.5 - Ashampoo GmbH & Co. KG)
Balanced (HKLM-x32\...\{24819F88-1B0B-4808-9982-5DC9C4AC7FA6}) (Version: 5.00.0000 - Advanced Micro Devices, Inc.) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
calibre 64bit (HKLM\...\{69BA0606-DA61-4747-BF34-00A6BE8E9B6B}) (Version: 4.13.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.67 - Piriform)
DiskGenius 5.2.0 (HKLM\...\{2661F2FA-56A7-415D-8196-C4CB3D3ACFFE}_is1) (Version: - Eassos Co., Ltd.)
ENE IO Driver (HKLM-x32\...\{D0512FFD-6194-4D2E-967E-25B82A3322FF}) (Version: 3.0.0 - ENE TECHNOLOGY INC.) Hidden
ENE RGB HAL (HKLM\...\{B380DBDE-BA95-481B-92E9-52F2E5E84F24}) (Version: 1.0.15.0 - Ene Tech.) Hidden
ENE RGB HAL (HKLM-x32\...\{775b33a8-e46a-49c1-aa80-5dd09dd15bc3}) (Version: 1.0.15.0 - Ene Tech.) Hidden
ENE_DRAM_RGB_AURA42 (HKLM\...\{BC5E0A82-C638-44CB-8129-20C8ED70DE7A}) (Version: 1.00.02 - Ene Tech.) Hidden
ENE_DRAM_RGB_AURA42 (HKLM-x32\...\{f3d7fb09-b93f-4c01-a765-0b0adc5bc746}) (Version: 1.00.02 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{1CD178C9-BB49-4E59-9DA6-3C152E2A9844}) (Version: 1.00.01 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{fe81cfd3-9db4-409d-b0f9-26707d1423c6}) (Version: 1.00.01 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_SSS_HAL (HKLM\...\{CF703694-01C6-4062-B797-84DB215662BC}) (Version: 1.0.1.0 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_SSS_HAL (HKLM-x32\...\{20610ecc-e094-423e-af0c-7d0bcfe117e9}) (Version: 1.0.1.0 - ENE TECHNOLOGY INC.) Hidden
Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.4.2 - Seiko Epson Corporation)
Epson Easy Photo Print 2 (HKLM-x32\...\{7E0261C4-8495-4365-BE48-647701D8B9BD}) (Version: 2.8.3.0 - Seiko Epson Corporation)
EPSON ET-2700 Series Printer Uninstall (HKLM\...\EPSON ET-2700 Series) (Version: - Seiko Epson Corporation)
Epson Event Manager (HKLM-x32\...\{49048EBF-3803-4AA4-8943-675E6E8D5B30}) (Version: 3.11.0030 - Seiko Epson Corporation)
Epson E-Web Print (HKLM-x32\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION)
EPSON Manuals (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.56.1.0 - Seiko Epson Corporation)
Epson Printer Connection Checker (HKLM-x32\...\{FFA5C174-DB3F-4AFE-B59D-C0FB1744CD76}) (Version: 3.1.0.0 - Seiko Epson Corporation)
Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version: - Seiko Epson Corporation)
EPSON Scan OCR Component (HKLM-x32\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 3.00.04 - SEIKO EPSON Corp.)
Epson ScanSmart (HKLM-x32\...\{BF35B9D9-C4A1-40DD-B13C-46F35BD35282}) (Version: 3.5.2 - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{7BAC3F7A-B963-468E-982E-B5608A87408D}) (Version: 4.4.4 - SEIKO EPSON CORPORATION)
EpsonNet Print (HKLM\...\{96ED1D58-440C-4345-8FEE-C4781366C67F}) (Version: 3.1.4.0 - SEIKO EPSON Corporation)
Everything 1.4.1.969 (x86) (HKLM-x32\...\Everything) (Version: 1.4.1.969 - David Carpenter)
EZ CD Audio Converter (HKLM-x32\...\EZ CD Audio Converter) (Version: 8.2.2 - Poikosoft)
FastStone Image Viewer 7.5 (HKLM-x32\...\FastStone Image Viewer) (Version: 7.5 - FastStone Soft)
FlashFXP 5 (HKLM-x32\...\FlashFXP 5) (Version: 5.4.0.3965 - OpenSight Software LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 85.0.4183.121 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
iPhone Transfer 2.0.16 (HKLM-x32\...\{CCE522EA-0EB0-40bb-9411-406AD0AC4A9B}_is1) (Version: 2.0.16 - Apeaksoft Studio)
iTunes (HKLM\...\{08D1AFCA-68FF-470F-9FFC-385EF325E55B}) (Version: 12.10.6.2 - Apple Inc.)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
LaserJet 1020 series (HKLM-x32\...\HP-LaserJet 1020 series) (Version: - )
Medieval CUE Splitter (HKLM-x32\...\{B96D2269-568B-4CBF-9332-12FAE8B158F7}) (Version: 1.2.0 - Medieval Software)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 85.0.564.63 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.135.33 - )
Microsoft Office Professional Plus 2019 - en-us (HKLM\...\ProPlus2019Volume - en-us) (Version: 16.0.10366.20016 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3480283546-2191185484-2088037597-1001\...\OneDriveSetup.exe) (Version: 20.169.0823.0003 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.21.27702 (HKLM-x32\...\{49697869-be8e-427d-81a0-c334d1d14950}) (Version: 14.21.27702.2 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27012 (HKLM-x32\...\{427ada59-85e7-4bc8-b8d5-ebf59db60423}) (Version: 14.16.27012.6 - Microsoft Corporation)
Microsoft_VC100_CRT_x86 (HKLM-x32\...\{6FDDB201-2CA0-42BD-973F-7B2C4A61EA3F}) (Version: 1.0.0 - Microsoft)
mIRC (HKLM-x32\...\mIRC) (Version: 7.57 - mIRC Co. Ltd.)
Mozilla Firefox 81.0 (x64 en-US) (HKLM\...\Mozilla Firefox 81.0 (x64 en-US)) (Version: 81.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 75.0 - Mozilla)
MSI SDK (HKLM-x32\...\{EE7D557C-3AE7-4348-8DCA-3A89790D0002}}_is1) (Version: 1.0.0.57 - MSI)
NordVPN (HKLM\...\{19465C24-3D5D-4327-B99F-3CC0A1D38151}_is1) (Version: 6.32.15.0 - TEFINCOM S.A.)
NordVPN network TAP (HKLM-x32\...\{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 - NordVPN)
NordVPN network TUN (HKLM\...\{77DA107A-7AE4-497D-A84A-B143C3A21676}) (Version: 1.0.0 - NordVPN)
NVIDIA Graphics Driver 441.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 441.20 - NVIDIA Corporation)
OEM Application Profile (HKLM-x32\...\{84AD2AF7-10C8-0395-66F9-FFAEB4C5DBF1}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.10366.20016 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.10366.20016 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.10366.20016 - Microsoft Corporation) Hidden
OrderReminder HP LaserJet 1020 (HKLM-x32\...\OrderReminder HP LaserJet 1020) (Version: 2.0 - )
PowerArchiver 2016 (HKLM-x32\...\{B06EB3F5-3AED-4C19-A181-6D0E2C0F3A97}) (Version: 16.10.24 - ConeXware, Inc.) Hidden
PowerArchiver 2016 (HKLM-x32\...\PowerArchiver 2016 16.10.24) (Version: 16.10.24 - ConeXware, Inc.)
Process Hacker 2.39 (r124) (HKLM\...\Process_Hacker2_is1) (Version: 2.39.0.124 - wj32)
qBittorrent 4.2.5 (HKLM-x32\...\qBittorrent) (Version: 4.2.5 - The qBittorrent project)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8911.1 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.38.1118.2019 - Realtek)
RegHunter (HKLM-x32\...\RegHunter) (Version: 2.9.11.2227 - Enigma Software Group, LLC)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Spotify (HKU\S-1-5-21-3480283546-2191185484-2088037597-1001\...\Spotify) (Version: 1.1.42.622.gbd112320 - Spotify AB)
SpyHunter 5 (HKLM-x32\...\SpyHunter5) (Version: 5.8.10.170 - EnigmaSoft Limited)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.6.7 - TeamViewer)
Telegram Desktop version 2.3.1 (HKU\S-1-5-21-3480283546-2191185484-2088037597-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 2.3.1 - Telegram FZ-LLC)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.21a - Ghisler Software GmbH)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
WhatsApp (HKU\S-1-5-21-3480283546-2191185484-2088037597-1001\...\WhatsApp) (Version: 2.2025.7 - WhatsApp)
Winamp (HKLM-x32\...\Winamp) (Version: 5.8 - Winamp SA)
YouTube Song Downloader 2020 (HKLM-x32\...\AbAppId-55_is1) (Version: 20.03 - Abelssoft)

Packages:
=========
DragonCenter -> C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.DragonCenter_2.0.75.0_x64__kzh8wxbdkxb8p [2020-09-19] (MICRO-STAR INTERNATIONAL CO., LTD) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-09-13] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-09-13] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.8101.0_x64__8wekyb3d8bbwe [2020-09-22] (Microsoft Studios) [MS Ad]
Nahimic -> C:\Program Files\WindowsApps\A-Volute.Nahimic_1.4.14.0_x64__w2gh52qy24etm [2020-09-16] (A-Volute)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.958.0_x64__56jybvy8sckqj [2020-09-13] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.9.215.0_x64__dt26b99r8h8gj [2020-09-13] (Realtek Semiconductor Corp)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-22] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [EzCd] -> {E46D6DC6-9707-43a9-BDBB-0BDBDD096F90} => C:\Program Files\EZ CD Audio Converter\ezcd64.dll [2018-11-28] (Poikosoft -> Poikosoft)
ContextMenuHandlers1-x32: [PowerArchiver] -> {d03d3e68-0c44-3d45-b15f-bcfd8a8b4c7e} => C:\Program Files (x86)\PowerArchiver\PASHLEXT.DLL [2016-04-11] (ConeXware, Inc -> ConeXware, Inc.)
ContextMenuHandlers1: [PowerArchiver64] -> {d03d3e78-0c44-3d45-b15f-bcfd8a8b4c7e} => C:\Program Files (x86)\PowerArchiver\PASHLEXT64.DLL [2016-04-11] (ConeXware, Inc -> ConeXware, Inc.)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-22] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [EzCd] -> {E46D6DC6-9707-43a9-BDBB-0BDBDD096F90} => C:\Program Files\EZ CD Audio Converter\ezcd64.dll [2018-11-28] (Poikosoft -> Poikosoft)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_b07091f1192d2582\nvshext.dll [2019-11-21] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-22] (Igor Pavlov) [File not signed]
ContextMenuHandlers6-x32: [PowerArchiver] -> {d03d3e68-0c44-3d45-b15f-bcfd8a8b4c7e} => C:\Program Files (x86)\PowerArchiver\PASHLEXT.DLL [2016-04-11] (ConeXware, Inc -> ConeXware, Inc.)
ContextMenuHandlers6: [PowerArchiver64] -> {d03d3e78-0c44-3d45-b15f-bcfd8a8b4c7e} => C:\Program Files (x86)\PowerArchiver\PASHLEXT64.DLL [2016-04-11] (ConeXware, Inc -> ConeXware, Inc.)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-04-21 20:48 - 2017-08-03 05:48 - 000237568 _____ () [File not signed] C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LEDControl.dll
2020-04-21 20:48 - 2019-09-27 14:08 - 000037376 _____ () [File not signed] C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Phison.dll
2019-10-22 02:16 - 2019-10-22 02:16 - 000264704 _____ () [File not signed] C:\Program Files\ENE\Aac_ENE RGB HAL\x86\SB_SMBUS_SDK.dll
2019-11-06 14:09 - 2019-11-06 14:09 - 000190976 _____ () [File not signed] C:\Program Files\ENE\Aac_ENE_DRAM_RGB_AURA42\x86\AacHal_x86.dll
2019-06-28 10:51 - 2019-06-28 10:51 - 000184832 _____ () [File not signed] C:\Program Files\ENE\Aac_ENE_EHD_M2_HAL\AacHal_x86.dll
2020-08-20 19:03 - 2019-11-06 11:08 - 000070675 _____ () [File not signed] C:\ProgramData\Abelssoft\YouTubeSongDownloader\Program\plugins\video_output\libdirectdraw_plugin.dll
2020-09-27 03:21 - 2020-09-27 03:21 - 005511927 _____ () [File not signed] C:\Users\wogki\AppData\Local\JDownloader 2.0\tmp\7zip\SevenZipJBinding-0EsPGE1ZKaCb\lib7-Zip-JBinding.dll
2020-02-24 17:38 - 2020-02-24 17:38 - 000176128 _____ (ENE Technology inc.) [File not signed] C:\Program Files\ENE\Aac_ENE_EHD_SSS_HAL\AacHal_x86.dll
2016-05-21 10:34 - 2016-05-21 10:34 - 001606656 _____ (Igor Pavlov) [File not signed] C:\Program Files (x86)\PowerArchiver\7z64.dll
2020-09-13 22:54 - 2019-02-22 02:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2020-09-27 03:21 - 2020-09-27 03:21 - 000198144 ____N (Java(TM) Native Access (JNA)) [File not signed] C:\Users\wogki\AppData\Local\JDownloader 2.0\tmp\jna\jna4845164919007309567.dll
2020-04-21 20:48 - 2018-04-04 06:22 - 000053248 _____ (MS) [File not signed] C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\MsIo32.dll
2020-04-21 20:48 - 2018-08-31 07:26 - 000053760 _____ (MS) [File not signed] C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\MsIo32_Galax.dll
2017-02-13 14:54 - 2017-02-13 14:54 - 000132096 _____ (Seiko Epson Corporation) [File not signed] C:\Program Files (x86)\EPSON Software\Event Manager\epnsm.dll
2018-03-05 16:41 - 2018-03-05 16:41 - 000057856 _____ (Seiko Epson Corporation) [File not signed] C:\Program Files (x86)\EPSON Software\Event Manager\EPNWPSHDevFinder.DLL
2009-10-21 17:39 - 2009-10-21 17:39 - 000291328 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\Event Manager\LcMgr.dll
2016-09-14 14:31 - 2016-09-14 14:31 - 000500736 ____S (SEIKO EPSON CORPORATION) [File not signed] C:\WINDOWS\System32\enppmon.dll
2020-01-22 10:47 - 2020-01-22 10:47 - 000211456 _____ (TODO: <Company name>) [File not signed] C:\Program Files\ENE\Aac_ENE RGB HAL\x86\AacHal_x86.dll
2020-04-29 23:29 - 2016-10-04 04:43 - 000399872 _____ (TODO: <公司名稱>) [File not signed] C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Lib\SDKDLL.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:D735933A [199]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2020-04-20] (Microsoft Corporation -> Microsoft Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-04-20] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-04-20] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-04-20] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-04-20] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-04-20] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 14:49 - 2019-03-19 14:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3480283546-2191185484-2088037597-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 1.1.1.1 - 1.0.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

Network Binding:
=============
Ethernet 2: NordVPN LightWeight Firewall -> NordLwf (enabled)
Ethernet: NordVPN LightWeight Firewall -> NordLwf (enabled)
 
The second log is incomplete. Last part is missing.
Also, do NOT create new topic with every new reply. Post everything right here in this topic.
 
==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{55376DF3-5DF1-425C-8D23-C448DAA9512E}C:\users\wogki\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\wogki\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{47130ADC-476F-4337-B844-68125EE1EADD}C:\users\wogki\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\wogki\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A0B5EE99-FA38-42BD-98F2-307907EC822B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{B1F801B3-6140-4A0B-B440-688B8BBD422B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{DB56FBA1-5963-4B50-861B-B6F58DE601E9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{7C9A43B5-7CF7-4FAF-BC0A-BF9E5321BA99}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{8F396213-C4B6-4952-83B5-4641752E70E3}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{6ADDBFA0-F42A-465C-A8CC-8C5156058AA4}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{0FB3B313-0172-4499-88DF-70DB20EA57DC}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3027BEF0-04B4-49AC-B749-CF72ED53D913}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A88D9D95-4376-4A4B-A6D8-971968815B83}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{AE738AD1-F09E-4FB3-BA12-40C89305F1EB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A0E95B80-4176-4322-A0C5-36D39E9CC168}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{238C38EE-FFFB-4F20-AD2F-3324E69FD098}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{E85600E0-BD82-4B16-96CF-810A948091F6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{97FA9D01-3342-4EA5-9A9E-874E47883992}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{EFDBAEF5-FA38-4362-BD50-EF690802D25F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{398AFF6F-82FE-459B-B61D-0D05ACB7C3DD}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA)
FirewallRules: [{88CCBD82-B60E-449A-9A7A-CD358108272D}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA)
FirewallRules: [UDP Query User{1568705C-9F83-430D-B330-85D5D668A704}C:\users\wogki\appdata\local\jdownloader 2.0\jdownloader2.exe] => (Allow) C:\users\wogki\appdata\local\jdownloader 2.0\jdownloader2.exe (Appwork GmbH -> AppWork GmbH)
FirewallRules: [TCP Query User{213A2C0B-BD40-4D86-A459-A8692B332BEF}C:\users\wogki\appdata\local\jdownloader 2.0\jdownloader2.exe] => (Allow) C:\users\wogki\appdata\local\jdownloader 2.0\jdownloader2.exe (Appwork GmbH -> AppWork GmbH)
FirewallRules: [UDP Query User{EECC4C0F-0556-4D3A-8907-BA872D55F9B4}C:\program files (x86)\qbittorrent\qbittorrent.exe] => (Block) C:\program files (x86)\qbittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [TCP Query User{1EB61CED-06D6-4A54-B93E-413B707DEDAF}C:\program files (x86)\qbittorrent\qbittorrent.exe] => (Block) C:\program files (x86)\qbittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{A2FCAA8E-E6BF-47C0-81D9-217C512E0262}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1CBAD118-8175-4CD4-A803-0AB722A66820}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B322BA7D-1418-4058-B45B-2F92AE226F52}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9ED94E11-5896-4199-9BF8-F253A0C41BE2}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EAB5DE48-FE7E-4D58-8E52-FF6C0F117E8B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E0518874-874D-4E1A-B9A3-CB3FE9229828}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E36F7A68-74D7-4B3D-A1D3-5590A35DBB8B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D5EA044B-AD58-4BE5-A2F6-2516D60BC6CE}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{805BA31E-50A8-4919-89DA-E91D48A362AC}C:\users\wogki\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\wogki\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{B6FECFFD-2F32-4F08-8535-CA2E8D339716}C:\users\wogki\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\wogki\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{064E45F9-AA77-46BE-BBCE-8F3992CFE2E6}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
FirewallRules: [{006E3CBA-B05B-472F-89D1-4E6434747997}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
FirewallRules: [{E8CC2A21-CE2D-4308-B265-E39F81AF7236}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe (Seiko Epson Corporation) [File not signed]
FirewallRules: [{9B1F08C4-4879-426B-98E4-364423AAA026}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe (Seiko Epson Corporation) [File not signed]
FirewallRules: [TCP Query User{9EFCC6FB-EAB5-452E-A735-25FD12F69FB4}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{0BB128C1-6DD2-4AB1-A44F-BE06524AB658}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{533C9053-FC6A-4AEA-800C-4013A34B5C0F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B937AAE8-7DCC-487D-981D-43DA7EC6DF78}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4BC7B410-0871-4054-BD60-5EBCA9F3C216}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{556D5374-0DFD-4536-AD99-8D1E4D543C2D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FCC846E0-B070-479D-AE98-92276344636E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{FFF6BF03-F672-425D-B10B-C5CBE07E8ABE}C:\program files (x86)\mirc\mirc.exe] => (Allow) C:\program files (x86)\mirc\mirc.exe (mIRC Co. Ltd. -> mIRC Co. Ltd.) [File not signed]
FirewallRules: [UDP Query User{760FB1F4-30FD-4FEE-83D8-22F760F69E8B}C:\program files (x86)\mirc\mirc.exe] => (Allow) C:\program files (x86)\mirc\mirc.exe (mIRC Co. Ltd. -> mIRC Co. Ltd.) [File not signed]
FirewallRules: [{365EEADA-2E24-407F-8153-7D023309D2C8}] => (Allow) LPort=32682

==================== Restore Points =========================

22-09-2020 09:46:26 Scheduled Checkpoint
27-09-2020 01:03:30 Removed Python Launcher

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (09/27/2020 05:23:54 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program FRST64 (1).exe version 23.9.2020.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 53e4

Start Time: 01d6943a894b2c88

Termination Time: 4

Application Path: C:\Users\wogki\Desktop\FRST64 (1).exe

Report Id: a61ba607-89f2-4651-b05b-fffecb567fd2

Faulting package full name:

Faulting package-relative application ID:

Hang type: Unknown

Error: (09/27/2020 03:12:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: FreemakeUtilsService.exe, version: 1.0.0.0, time stamp: 0x5e9fe263
Faulting module name: KERNELBASE.dll, version: 10.0.19041.488, time stamp: 0x42f14898
Exception code: 0xe0434352
Fault offset: 0x00129962
Faulting process id: 0xec0
Faulting application start time: 0x01d6942842524b21
Faulting application path: C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: f9590aca-d435-47d4-b870-503061dd96c0
Faulting package full name:
Faulting package-relative application ID:

Error: (09/27/2020 03:12:49 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: FreemakeUtilsService.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.FileNotFoundException
at FreemakeUtilsService.Program.Main(System.String[])

Error: (09/27/2020 02:59:15 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Users\wogki\Desktop\SYS\Autoruns.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.488_none_11b1e5df2ffd8627.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.488_none_ca04af081b815d21.manifest.

Error: (09/27/2020 02:59:15 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Users\wogki\Desktop\SYS\autorunsc.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.488_none_11b1e5df2ffd8627.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.488_none_ca04af081b815d21.manifest.

Error: (09/27/2020 02:58:50 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: FreemakeUtilsService.exe, version: 1.0.0.0, time stamp: 0x5e9fe263
Faulting module name: KERNELBASE.dll, version: 10.0.19041.488, time stamp: 0x42f14898
Exception code: 0xe0434352
Fault offset: 0x00129962
Faulting process id: 0xebc
Faulting application start time: 0x01d694264e899230
Faulting application path: C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: 025a5de1-ac72-4bfe-92a3-9fef015515ad
Faulting package full name:
Faulting package-relative application ID:

Error: (09/27/2020 02:58:50 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: FreemakeUtilsService.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.FileNotFoundException
at FreemakeUtilsService.Program.Main(System.String[])

Error: (09/27/2020 02:44:52 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: FreemakeUtilsService.exe, version: 1.0.0.0, time stamp: 0x5e9fe263
Faulting module name: KERNELBASE.dll, version: 10.0.19041.488, time stamp: 0x42f14898
Exception code: 0xe0434352
Fault offset: 0x00129962
Faulting process id: 0xedc
Faulting application start time: 0x01d694245b25c47a
Faulting application path: C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: 4256adb3-471f-47a8-94bf-b2199b6fa6dc
Faulting package full name:
Faulting package-relative application ID:


System errors:
=============
Error: (09/27/2020 03:12:50 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Freemake Improver service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (09/27/2020 03:12:50 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (45000 milliseconds) while waiting for the Freemake Improver service to connect.

Error: (09/27/2020 03:10:29 AM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-AF61CGM)
Description: Unable to start a DCOM Server: {0358B920-0AC7-461F-98F4-58E32CD89148}. The error:
"2147942767"
Happened while starting this command:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (09/27/2020 03:04:59 AM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-AF61CGM)
Description: Unable to start a DCOM Server: {0358B920-0AC7-461F-98F4-58E32CD89148}. The error:
"2147942767"
Happened while starting this command:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (09/27/2020 03:03:19 AM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-AF61CGM)
Description: Unable to start a DCOM Server: {0358B920-0AC7-461F-98F4-58E32CD89148}. The error:
"2147942767"
Happened while starting this command:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (09/27/2020 02:58:52 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Freemake Improver service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (09/27/2020 02:58:52 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (45000 milliseconds) while waiting for the Freemake Improver service to connect.

Error: (09/27/2020 02:44:55 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Freemake Improver service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.


Windows Defender:
===================================
Date: 2020-09-27 00:02:37.9120000Z
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Trojan:Win32/Tiggre!rfn
ID: 2147723625
Severity: Severe
Category: Trojan
Path: file:_Q:\2017-LATEST-TORRENT-DOWNLOADS\[FTUApps.com] - CCleaner Professional + Business + Technician + Slim 5.72.7994 Multilingual + Keymaker\CCleanerSlim5.72\Keymaker-CORE.rar; file:_Q:\2017-LATEST-TORRENT-DOWNLOADS\[FTUApps.com] - CCleaner Professional + Business + Technician + Slim 5.72.7994 Multilingual + Keymaker\CCleanerTech5.72\Keymaker-CORE.rar
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Program Files (x86)\qBittorrent\qbittorrent.exe
Security intelligence Version: AV: 1.323.1920.0, AS: 1.323.1920.0, NIS: 1.323.1920.0
Engine Version: AM: 1.1.17400.5, NIS: 1.1.17400.5

Date: 2020-09-27 00:02:37.4780000Z
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Trojan:Win32/Tiggre!rfn
ID: 2147723625
Severity: Severe
Category: Trojan
Path: file:_Q:\2017-LATEST-TORRENT-DOWNLOADS\[FTUApps.com] - CCleaner Professional + Business + Technician + Slim 5.72.7994 Multilingual + Keymaker\CCleanerSlim5.72\Keymaker-CORE.rar
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Program Files (x86)\qBittorrent\qbittorrent.exe
Security intelligence Version: AV: 1.323.1920.0, AS: 1.323.1920.0, NIS: 1.323.1920.0
Engine Version: AM: 1.1.17400.5, NIS: 1.1.17400.5

Date: 2020-09-26 23:46:09.0780000Z
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Trojan:Win32/Tiggre!rfn
ID: 2147723625
Severity: Severe
Category: Trojan
Path: file:_Q:\2017-LATEST-TORRENT-DOWNLOADS\[FTUApps.com] - CCleaner Professional + Business + Technician + Slim 5.72.7994 Multilingual + Keymaker\CCleaner.5.72.Pro\Keymaker-CORE.rar; file:_Q:\2017-LATEST-TORRENT-DOWNLOADS\[FTUApps.com] - CCleaner Professional + Business + Technician + Slim 5.72.7994 Multilingual + Keymaker\CCleanerBusiness5.72\Keymaker-CORE.rar
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Program Files (x86)\qBittorrent\qbittorrent.exe
Security intelligence Version: AV: 1.323.1920.0, AS: 1.323.1920.0, NIS: 1.323.1920.0
Engine Version: AM: 1.1.17400.5, NIS: 1.1.17400.5

Date: 2020-09-26 23:46:09.0590000Z
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Trojan:Win32/Tiggre!rfn
ID: 2147723625
Severity: Severe
Category: Trojan
Path: file:_Q:\2017-LATEST-TORRENT-DOWNLOADS\[FTUApps.com] - CCleaner Professional + Business + Technician + Slim 5.72.7994 Multilingual + Keymaker\CCleaner.5.72.Pro\Keymaker-CORE.rar
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Program Files (x86)\qBittorrent\qbittorrent.exe
Security intelligence Version: AV: 1.323.1920.0, AS: 1.323.1920.0, NIS: 1.323.1920.0
Engine Version: AM: 1.1.17400.5, NIS: 1.1.17400.5

Date: 2020-09-25 18:42:21.1560000Z
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan ID: {9973F595-0A9A-45AF-BEA2-7C0F372DC254}
Scan Type: Antimalware
Scan Parameters: Quick Scan

CodeIntegrity:
===================================

Date: 2020-09-13 10:10:35.9770000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\afunix.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-08-05 23:21:01.7500000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\wogki\AppData\Local\Temp\_PA430\PORTMSYS.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: American Megatrends Inc. A.20 06/28/2019
Motherboard: Micro-Star International Co., Ltd. MPG X570 GAMING PLUS (MS-7C37)
Processor: AMD Ryzen 7 3800X 8-Core Processor
Percentage of memory in use: 15%
Total physical RAM: 65485.17 MB
Available physical RAM: 55045.13 MB
Total Virtual: 75213.17 MB
Available Virtual: 60582.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.25 GB) (Free:107.13 GB) NTFS
Drive d: (Lexar) (Removable) (Total:28.89 GB) (Free:0.1 GB) FAT32
Drive f: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.04 GB) NTFS
Drive g: (RAP-ALBUMS-MIXED-DATA-) (Fixed) (Total:1862.92 GB) (Free:155.88 GB) NTFS
Drive h: (TONYS_DATA_2) (Fixed) (Total:3726.02 GB) (Free:2294.57 GB) NTFS
Drive I: (UEFI_NTFS) (Fixed) (Total:0 GB) (Free:0 GB) FAT
Drive j: (NEW 8TB :E) (Fixed) (Total:7451.91 GB) (Free:5492.69 GB) NTFS
Drive k: (Tony 3 8TB) (Fixed) (Total:7451.91 GB) (Free:2179.32 GB) NTFS
Drive l: (TONYS_DATA) (Fixed) (Total:1863.01 GB) (Free:71.7 GB) NTFS
Drive m: (TONYS_DATA_XVID) (Fixed) (Total:1863.01 GB) (Free:356.86 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive p: (Tony 1 8TB) (Fixed) (Total:7451.91 GB) (Free:2888.9 GB) NTFS
Drive q: (NEW 4TB STORAGE) (Fixed) (Total:3725.9 GB) (Free:1197.35 GB) NTFS

\\?\Volume{8709dda5-6b9a-40b5-acc9-5f6954ec3f5f}\ (Recovery) (Fixed) (Total:0.52 GB) (Free:0.1 GB) NTFS
\\?\Volume{1dd9b835-aea5-45a2-991d-694f25a71b06}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==================== End of Addition.txt =======================
 
redtarget.gif
Download RogueKiller from one of the following links and save it to your Desktop:

Link 1
Link 2
  • Close all the running programs
  • Double click on downloaded setup.exe file to install the program.
  • Click on Start Scan button.
  • Click on another Start Scan button.
  • Wait until the Status box shows Scan Finished
  • Click on Remove Selected.
  • Wait until the Status box shows Deleting Finished.
  • Click on Report and copy/paste the content of the Notepad into your next reply.
  • RKreport.txt could also be found on your desktop.
  • If more than one log is produced post all logs.
redtarget.gif
Please download Malwarebytes to your desktop.
  • Double-click mb3-setup-consumer-{version}.exe and follow the prompts to install the program.
  • Then click Finish.
  • Once the program has fully updated, select Scan Now on the Dashboard. Or select the Threat Scan from the Scan menu.
  • If another update of the definitions is available, it will be implemented before the rest of the scanning procedure.
  • When the scan is complete, make sure that all Threats are selected, and click Remove Selected.
  • Restart your computer when prompted to do so.
  • The Scan log is available throughout History ->Application logs. Please post it contents in your next reply.
redtarget.gif
Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8/10 users right-click and select Run As Administrator
  • The tool will start to update the database if one is required.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Logfile button.
  • A window will open which lists the logs of your scans.
  • Click on the Scan tab.
  • Double-click the most recent scan which will be at the top of the list....the log will appear.
  • Review the results...see note below
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[CX].txt) will open automatically (where the largest value of X represents the most recent report).
  • To open a Cleaning log, launch AdwareClearer, click on the Logfile button, click on the Cleaning tab and double-click the log at the top of the list.
  • Copy and paste the contents of AdwCleaner[CX].txt in your next reply.
  • A copy of all logfiles are saved to C:\AdwCleaner.
-- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name or entry that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on and uncheck any items you want to keep.
 
Broni said:
redtarget.gif
Download RogueKiller from one of the following links and save it to your Desktop:

Link 1
Link 2
  • Close all the running programs
  • Double click on downloaded setup.exe file to install the program.
  • Click on Start Scan button.
  • Click on another Start Scan button.
  • Wait until the Status box shows Scan Finished
  • Click on Remove Selected.
  • Wait until the Status box shows Deleting Finished.
  • Click on Report and copy/paste the content of the Notepad into your next reply.
  • RKreport.txt could also be found on your desktop.
  • If more than one log is produced post all logs.
redtarget.gif
Please download Malwarebytes to your desktop.
  • Double-click mb3-setup-consumer-{version}.exe and follow the prompts to install the program.
  • Then click Finish.
  • Once the program has fully updated, select Scan Now on the Dashboard. Or select the Threat Scan from the Scan menu.
  • If another update of the definitions is available, it will be implemented before the rest of the scanning procedure.
  • When the scan is complete, make sure that all Threats are selected, and click Remove Selected.
  • Restart your computer when prompted to do so.
  • The Scan log is available throughout History ->Application logs. Please post it contents in your next reply.
redtarget.gif
Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8/10 users right-click and select Run As Administrator
  • The tool will start to update the database if one is required.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Logfile button.
  • A window will open which lists the logs of your scans.
  • Click on the Scan tab.
  • Double-click the most recent scan which will be at the top of the list....the log will appear.
  • Review the results...see note below
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[CX].txt) will open automatically (where the largest value of X represents the most recent report).
  • To open a Cleaning log, launch AdwareClearer, click on the Logfile button, click on the Cleaning tab and double-click the log at the top of the list.
  • Copy and paste the contents of AdwCleaner[CX].txt in your next reply.
  • A copy of all logfiles are saved to C:\AdwCleaner.
-- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name or entry that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on and uncheck any items you want to keep.
Click to expand...

hey just seen your reply now . I will proceed with your instructions

just wanted to ask if u think im infected with what I first asked you in regards to processes being exploited with legitimate "fake" processes eg svchost
and winit

??
 
Hey sorry for late reply . I was able to find and fix the problem .

thanks for your help much appreciated
 
You must log in or register to reply here.

Similar threads

A
New variant of "TheMoon" malware enslaves thousands of insecure Asus routers into a malicious proxy
Replies
2
Views
141
Snazz
S
A
The latest macOS update breaks Java Virtual Machine, among other things
Replies
8
Views
186
daffy duck
D
A
Pirated Windows installer found to contain crypto-hijacker, exploit EFI partition
Replies
11
Views
703
AndreV
A

Latest posts

Back