yahoo hijack and redirect in Waterfox browser.
- Thread starter DonB
- Start date
- Status
- May 7, 2013
- 10,400
Please follow these posting instructions - Malware Removal Posting Instructions
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-16-2020
Ran by DonB (administrator) on DONB-WIN10 (Gigabyte Technology Co., Ltd. GA-990XA-UD3) (16-11-2020 18:45:20)
Running from C:\Users\DonB\Desktop
Loaded Profiles: DonB
Platform: Windows 10 Pro Version 2009 19042.630 (X64) Language: English (United States)
Default browser: "C:\Program Files\Waterfox Classic\waterfox.exe" -osint -url "%1"
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\DiscoverySrv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\bdagent.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\bdredline.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\vsserv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_983b03c2be43c272\Display.NvContainer\NVDisplay.Container.exe <2>
(O&O Software GmbH -> O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe
(O&O Software GmbH -> O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodcnt.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(VMware, Inc. -> ) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Waterfox Limited -> Waterfox) C:\Program Files\Waterfox Classic\waterfox.exe <4>
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [19570992 2020-09-02] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3618096 2020-09-02] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [vmware-tray.exe] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [125872 2019-05-04] (VMware, Inc. -> VMware, Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-719403391-2089901819-616789136-1001\...\Run: [SharewareOnSale Notifier] => C:\ProgramData\SharewareOnSale Notifier\SharewareOnSale Notifier.exe [1008816 2020-11-15] (Azadi Network LLC -> )
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\O&O Defrag Tray.lnk [2020-11-15]
ShortcutTarget: O&O Defrag Tray.lnk -> C:\Windows\Installer\{7C4D55AF-37B4-4D85-9106-CF473CEC9BE6}\app_icon.exe () [File not signed]
GroupPolicy: Restriction ? <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1B422D9C-2676-422A-8310-C89B282CF3FA} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [491320 2020-06-23] (Bitdefender SRL -> Bitdefender)
Task: {5B8E4790-7DA1-416C-9607-378F7DAF4EA4} - System32\Tasks\Uninstaller_SkipUac_DonB => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [6435088 2020-09-22] (IObit Information Technology -> IObit)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\..\Interfaces\{7593e03d-02a7-4e82-a12a-1e599533bdbf}: [DhcpNameServer] 192.168.2.1
Edge:
======
Edge DefaultProfile: Default
Edge Profile: C:\Users\DonB\AppData\Local\Microsoft\Edge\User Data\Default [2020-11-14]
FireFox:
========
FF DefaultProfile: f9adxtfi.default
FF DefaultProfile: yssi9i86.default
FF ProfilePath: C:\Users\DonB\AppData\Roaming\Waterfox\Profiles\kaq03n2p.68-edition-default [2020-04-11]
FF ProfilePath: C:\Users\DonB\AppData\Roaming\Waterfox\Profiles\f9adxtfi.default [2020-11-16]
FF DownloadDir: C:\Users\DonB\Downloads
FF Homepage: Waterfox\Profiles\f9adxtfi.default -> hxxps://www.whatfinger.com/
FF Notifications: Waterfox\Profiles\f9adxtfi.default -> hxxps://www.getmailbird.com; hxxp://www.msfn.org; hxxps://mspoweruser.com; hxxps://msfn.org; hxxps://www.moosoft.com; hxxps://licensekey.net; hxxps://luckyhour.auslogics.com; hxxp://support.immunet.com; hxxps://www.newsmax.com; hxxps://www.facebook.com
FF Extension: (PriceBlink Coupons and Price Comparison) - C:\Users\DonB\AppData\Roaming\Waterfox\Profiles\f9adxtfi.default\Extensions\info@priceblink.com.xpi [2020-11-06]
FF Extension: (Movie Suggest) - C:\Users\DonB\AppData\Roaming\Waterfox\Profiles\f9adxtfi.default\Extensions\movies-suggest@addon.xpi [2020-11-01] [UpdateUrl:hxxps://movies-suggest.com/update.json]
FF Extension: (uBlock Origin) - C:\Users\DonB\AppData\Roaming\Waterfox\Profiles\f9adxtfi.default\Extensions\uBlock0@raymondhill.net.xpi [2020-10-22]
FF Extension: (Country Flags & IP Whois) - C:\Users\DonB\AppData\Roaming\Waterfox\Profiles\f9adxtfi.default\Extensions\{802a552e-13d1-4683-a40a-1e5325fba4bb}.xpi [2020-09-11]
FF Extension: (Password Exporter) - C:\Users\DonB\AppData\Roaming\Waterfox\Profiles\f9adxtfi.default\Extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}.xpi [2017-12-04] [Legacy]
FF Extension: (Emsisoft Browser Security) - C:\Users\DonB\AppData\Roaming\Waterfox\Profiles\f9adxtfi.default\Extensions\{b21882eb-3211-44dc-964b-e6f35b33061f}.xpi [2019-01-06]
FF ProfilePath: C:\Users\DonB\AppData\Roaming\Binary Outcast\Interlink\Profiles\yssi9i86.default [2020-11-16]
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-30] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)
R2 bdredline; C:\Program Files\Bitdefender Antivirus Free\bdredline.exe [2500144 2019-03-27] (Bitdefender SRL -> Bitdefender)
S2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [158992 2020-07-31] (IObit Information Technology -> IObit)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7269976 2020-11-14] (Malwarebytes Inc -> Malwarebytes)
R2 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [1721632 2018-11-30] (O&O Software GmbH -> O&O Software GmbH)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1356792 2020-06-23] (Bitdefender SRL -> Bitdefender)
S4 PuranDefrag; C:\WINDOWS\SYSTEM32\PuranDefragS.exe [292736 2013-08-15] (Vishal Gupta -> Puran Software) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5101992 2020-11-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 updatesrv; C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe [242024 2020-03-17] (Bitdefender SRL -> Bitdefender)
R2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [15446448 2019-05-04] (VMware, Inc. -> )
R2 vsserv; C:\Program Files\Bitdefender Antivirus Free\vsserv.exe [582304 2020-10-01] (Bitdefender SRL -> Bitdefender)
R2 vsservppl; C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe [242024 2020-03-17] (Bitdefender SRL -> Bitdefender)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\NisSrv.exe [2372048 2020-10-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MsMpEng.exe [128376 2020-10-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_983b03c2be43c272\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_983b03c2be43c272\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 atc; C:\WINDOWS\System32\DRIVERS\atc.sys [2151624 2020-09-16] (Bitdefender SRL -> Bitdefender S.R.L. Bucharest, ROMANIA)
R2 BdDci; C:\WINDOWS\system32\DRIVERS\bddci.sys [796200 2020-05-26] (Bitdefender SRL -> Bitdefender)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [22960 2019-03-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Bitdefender)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 edrsensor; C:\WINDOWS\System32\DRIVERS\edrsensor.sys [309120 2020-02-03] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)
R1 Gemma; C:\WINDOWS\System32\DRIVERS\gemma.sys [473608 2020-09-14] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)
R3 IUFileFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUFileFilter.sys [43896 2020-07-31] (IObit Information Technology -> IObit)
R3 IUProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUProcessFilter.sys [37112 2020-07-31] (IObit Information Technology -> IObit)
R3 IURegistryFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IURegistryFilter.sys [51128 2020-07-31] (IObit Information Technology -> IObit)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-11-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-11-14] (Malwarebytes Inc -> Malwarebytes)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R2 trufos; C:\WINDOWS\System32\drivers\trufos.sys [640760 2020-06-09] (Bitdefender SRL -> Bitdefender)
R0 vlflt; C:\WINDOWS\System32\DRIVERS\vlflt.sys [385776 2020-07-07] (Bitdefender SRL -> Bitdefender)
R2 VMnetBridge; C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys [66576 2019-05-04] (VMware, Inc. -> VMware, Inc.)
R0 vsock; C:\WINDOWS\System32\DRIVERS\vsock.sys [92040 2019-04-27] (VMware, Inc. -> VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-x64.sys [52576 2018-02-28] (VMware, Inc. -> VMware, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2020-10-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [428264 2020-10-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [69864 2020-10-07] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-11-16 18:45 - 2020-11-16 18:47 - 000013272 _____ C:\Users\DonB\Desktop\FRST.txt
2020-11-16 18:45 - 2020-11-16 18:46 - 000000000 ____D C:\FRST
2020-11-16 18:44 - 2020-11-16 18:44 - 002294784 _____ (Farbar) C:\Users\DonB\Desktop\FRST64.exe
2020-11-16 18:09 - 2020-11-16 18:09 - 000000000 ____D C:\Users\DonB\AppData\Local\O&O
2020-11-15 21:46 - 2020-11-16 18:14 - 000000000 ____D C:\WINDOWS\system32\oodag
2020-11-15 21:46 - 2020-11-15 21:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\O&O Software
2020-11-15 21:46 - 2020-11-15 21:46 - 000000000 ____D C:\Program Files\OO Software
2020-11-15 21:44 - 2020-11-15 21:44 - 000000000 ____D C:\ProgramData\OO Software
2020-11-15 21:42 - 2020-11-15 21:43 - 029940888 _____ (O&O Software GmbH) C:\Users\DonB\Downloads\O&O Defrag 22 Pro.exe
2020-11-15 21:42 - 2020-11-15 21:42 - 002386848 _____ C:\Users\DonB\Downloads\SharewareOnSale_Giveaway_64-bit_OO_Defrag_22_Pro_hub.exe
2020-11-15 21:42 - 2020-11-15 21:42 - 000000000 ____D C:\ProgramData\SharewareOnSale Notifier
2020-11-14 22:21 - 2020-11-14 22:21 - 000000000 ____D C:\Users\DonB\AppData\Local\mbam
2020-11-14 22:20 - 2020-11-14 22:20 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-11-14 22:20 - 2020-11-14 22:20 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-11-14 22:20 - 2020-11-14 22:20 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-11-14 22:20 - 2020-11-14 22:20 - 000002083 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-11-14 22:20 - 2020-11-14 22:20 - 000002071 _____ C:\Users\Public\Desktop\Malware bytes.lnk
2020-11-14 22:20 - 2020-11-14 22:20 - 000002071 _____ C:\ProgramData\Desktop\Malware bytes.lnk
2020-11-14 22:20 - 2020-11-14 22:20 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-11-14 22:20 - 2020-11-14 22:20 - 000000000 ____D C:\Program Files\Malwarebytes
2020-11-14 22:19 - 2020-11-14 22:19 - 001965536 _____ (Malwarebytes) C:\Users\DonB\Downloads\MBSetup-80562.80562-consumer.exe
2020-11-14 22:10 - 2020-11-14 22:10 - 000000000 ____D C:\Users\DonB\Downloads\Victoria528
2020-11-14 21:35 - 2020-11-14 21:35 - 000000594 _____ C:\WINDOWS\system32\bddel.dat
2020-11-14 19:07 - 2020-11-14 19:07 - 000000000 ____D C:\ProgramData\Emsisoft
2020-11-14 18:46 - 2020-11-14 18:47 - 001473751 _____ C:\Users\DonB\Downloads\Victoria528.zip
2020-11-13 21:43 - 2020-11-13 21:43 - 000000000 ____D C:\ProgramData\Caphyon
2020-11-13 21:42 - 2020-11-13 21:42 - 000000000 ____D C:\Users\DonB\AppData\Roaming\SecurityXploded
2020-11-13 21:40 - 2020-11-13 21:40 - 000000000 ____D C:\Users\DonB\Downloads\SpyBHORemover
2020-11-13 21:36 - 2020-11-13 21:36 - 004526235 _____ C:\Users\DonB\Downloads\SpyBHORemover.zip
2020-11-12 22:04 - 2020-11-14 21:42 - 000000000 ____D C:\EEK
2020-11-12 21:36 - 2020-11-12 21:36 - 024265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-11-12 21:36 - 2020-11-12 21:36 - 008235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-11-12 21:36 - 2020-11-12 21:36 - 007107584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-11-12 21:36 - 2020-11-12 21:36 - 005833216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-11-12 21:36 - 2020-11-12 21:36 - 004783840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-11-12 21:36 - 2020-11-12 21:36 - 003869184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-11-12 21:36 - 2020-11-12 21:36 - 001352240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-11-12 21:36 - 2020-11-12 21:36 - 000787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Office2013CustomActions.dll
2020-11-12 21:36 - 2020-11-12 21:36 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-11-12 21:36 - 2020-11-12 21:36 - 000535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.Office2013CustomActions.dll
2020-11-12 21:36 - 2020-11-12 21:36 - 000441856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WalletService.dll
2020-11-12 21:36 - 2020-11-12 21:36 - 000423224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2020-11-12 21:36 - 2020-11-12 21:36 - 000413208 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2020-11-12 21:36 - 2020-11-12 21:36 - 000344000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2020-11-12 21:36 - 2020-11-12 21:36 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2020-11-12 21:36 - 2020-11-12 21:36 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2020-11-12 21:36 - 2020-11-12 21:36 - 000121344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-11-12 21:36 - 2020-11-12 21:36 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-11-12 21:36 - 2020-11-12 21:36 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdSSDP.dll
2020-11-12 21:36 - 2020-11-12 21:36 - 000071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-11-12 21:36 - 2020-11-12 21:36 - 000054784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 010840904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-11-12 21:35 - 2020-11-12 21:35 - 010336904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 008895680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 007783936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 004902400 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 004629328 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-11-12 21:35 - 2020-11-12 21:35 - 003893248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 003851776 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 003815936 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-11-12 21:35 - 2020-11-12 21:35 - 003811840 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 003779392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-11-12 21:35 - 2020-11-12 21:35 - 002942976 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-11-12 21:35 - 2020-11-12 21:35 - 002809776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 002749952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-11-12 21:35 - 2020-11-12 21:35 - 002648576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 002426168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 002268456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 002250240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 001827648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 001819640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 001751944 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 001711104 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 001590584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 001557816 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-11-12 21:35 - 2020-11-12 21:35 - 001523712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MoUsoCoreWorker.exe
2020-11-12 21:35 - 2020-11-12 21:35 - 001495040 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 001478464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2020-11-12 21:35 - 2020-11-12 21:35 - 001449984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 001414656 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-11-12 21:35 - 2020-11-12 21:35 - 001278464 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 001256448 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 001255736 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-11-12 21:35 - 2020-11-12 21:35 - 001210136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-11-12 21:35 - 2020-11-12 21:35 - 001192096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 001128520 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 001056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000980992 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000926720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000904008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-11-12 21:35 - 2020-11-12 21:35 - 000892416 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000885248 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000874496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000866304 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000860672 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000859400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000805168 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-11-12 21:35 - 2020-11-12 21:35 - 000802304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000763344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000732448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2020-11-12 21:35 - 2020-11-12 21:35 - 000713728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000700376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000628224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000616448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-11-12 21:35 - 2020-11-12 21:35 - 000568632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2020-11-12 21:35 - 2020-11-12 21:35 - 000567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000521088 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2020-11-12 21:35 - 2020-11-12 21:35 - 000520192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprdim.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000495104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000488056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000482120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2020-11-12 21:35 - 2020-11-12 21:35 - 000475136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000454968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-11-12 21:35 - 2020-11-12 21:35 - 000449024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2020-11-12 21:35 - 2020-11-12 21:35 - 000447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000429712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000410072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000409408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-11-12 21:35 - 2020-11-12 21:35 - 000403456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprdim.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000403456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2020-11-12 21:35 - 2020-11-12 21:35 - 000382712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000380728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2020-11-12 21:35 - 2020-11-12 21:35 - 000378880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysFxUI.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-11-12 21:35 - 2020-11-12 21:35 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000305472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2020-11-12 21:35 - 2020-11-12 21:35 - 000288680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiCloudStore.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000260920 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000253016 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000250176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2020-11-12 21:35 - 2020-11-12 21:35 - 000248320 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasplap.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2020-11-12 21:35 - 2020-11-12 21:35 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000228680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-11-12 21:35 - 2020-11-12 21:35 - 000218936 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000201536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-11-12 21:35 - 2020-11-12 21:35 - 000199680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasplap.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000195400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2020-11-12 21:35 - 2020-11-12 21:35 - 000195144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtm.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtm.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000158208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000153912 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupcl.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000133448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupcl.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000132744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdSSDP.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000104760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PktMon.sys
2020-11-12 21:35 - 2020-11-12 21:35 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\drmk.sys
2020-11-12 21:35 - 2020-11-12 21:35 - 000092960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2020-11-12 21:35 - 2020-11-12 21:35 - 000070968 _____ (Microsoft Corporation) C:\WINDOWS\system32\GameInput.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000061760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GameInput.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000042824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2020-11-12 21:35 - 2020-11-12 21:35 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys
2020-11-12 21:35 - 2020-11-12 21:35 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicPS.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000020280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
2020-11-12 21:35 - 2020-11-12 21:35 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000016136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\drmkaud.sys
2020-11-12 21:35 - 2020-11-12 21:35 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtprio.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000009265 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2020-11-12 21:35 - 2020-11-12 21:35 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtprio.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2020-11-12 21:18 - 2020-10-14 22:22 - 000495616 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-11-12 21:18 - 2020-10-14 22:14 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-11-12 21:07 - 2020-11-12 21:07 - 029995729 _____ C:\Users\DonB\Downloads\VisualCppRedist_AIO_x86_x64_39.zip
2020-11-12 20:57 - 2020-11-12 20:57 - 000000000 ___HD C:\$WinREAgent
2020-11-10 17:55 - 2020-11-10 17:59 - 000000000 ____D C:\AdwCleaner
2020-11-08 21:59 - 2020-11-08 22:01 - 001784726 _____ (pendrivelinux.com) C:\Users\DonB\Downloads\Universal-USB-Installer-1.9.9.7.exe
2020-11-08 21:41 - 2020-11-08 21:41 - 015918528 _____ (Auslogics ) C:\Users\DonB\Downloads\disk-defrag-setup.exe
2020-11-08 21:24 - 2020-11-08 21:26 - 2013147659 _____ (The FlightGear Team ) C:\Users\DonB\Downloads\FlightGear-2020.3.2.exe
2020-11-08 21:08 - 2020-11-08 21:08 - 000083536 _____ C:\ProgramData\agent.update.1604887723.bdinstall.v2.bin
2020-11-08 20:57 - 2020-11-08 20:57 - 000001242 _____ C:\Users\DonB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bitdefender Antivirus Free.lnk
2020-11-08 20:57 - 2020-11-08 20:57 - 000000000 ____D C:\ProgramData\48C4687D-9760-4F5B-BAB3-60351B0841E4
2020-11-08 20:56 - 2020-11-08 20:56 - 000003802 _____ C:\WINDOWS\system32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2020-11-08 20:56 - 2019-03-20 23:12 - 000022960 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bdelam.sys
2020-11-08 20:55 - 2020-11-16 18:48 - 000000000 ____D C:\Program Files\Bitdefender Antivirus Free
2020-11-08 20:55 - 2020-11-08 20:55 - 000001257 _____ C:\Users\Public\Desktop\Bitdefender Antivirus Free.lnk
2020-11-08 20:55 - 2020-11-08 20:55 - 000001257 _____ C:\ProgramData\Desktop\Bitdefender Antivirus Free.lnk
2020-11-08 20:55 - 2020-11-08 20:55 - 000000000 ____D C:\ProgramData\Bitdefender
2020-11-08 20:55 - 2020-09-16 12:26 - 002151624 _____ (Bitdefender S.R.L. Bucharest, ROMANIA) C:\WINDOWS\system32\Drivers\atc.sys
2020-11-08 20:55 - 2020-09-14 13:26 - 000473608 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\WINDOWS\system32\Drivers\gemma.sys
2020-11-08 20:55 - 2020-07-07 10:14 - 000385776 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\vlflt.sys
2020-11-08 20:55 - 2020-06-09 16:13 - 000640760 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\trufos.sys
2020-11-08 20:55 - 2020-05-26 12:23 - 000796200 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bddci.sys
2020-11-08 20:55 - 2020-02-03 15:53 - 000309120 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\WINDOWS\system32\Drivers\edrsensor.sys
2020-11-08 20:54 - 2020-11-08 21:08 - 000000000 ____D C:\Program Files\Bitdefender Agent
2020-11-08 20:54 - 2020-11-08 20:54 - 000115360 _____ C:\ProgramData\agent.1604886865.bdinstall.v2.bin
2020-11-08 20:54 - 2020-11-08 20:54 - 000000000 ____D C:\ProgramData\Bitdefender Agent
2020-11-07 21:32 - 2020-11-16 18:07 - 000000000 ____D C:\ProgramData\NVIDIA
2020-11-07 20:56 - 2020-11-07 20:56 - 000000000 ____L C:\WINDOWS\system32\nvcplui.exe
2020-11-06 21:44 - 2020-10-27 22:53 - 001769688 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2020-11-06 21:44 - 2020-10-27 22:53 - 001769688 _____ C:\WINDOWS\system32\vulkaninfo.exe
2020-11-06 21:44 - 2020-10-27 22:53 - 001370328 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-11-06 21:44 - 2020-10-27 22:53 - 001370328 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2020-11-06 21:44 - 2020-10-27 22:53 - 001054944 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2020-11-06 21:44 - 2020-10-27 22:53 - 001054944 _____ C:\WINDOWS\system32\vulkan-1.dll
2020-11-06 21:44 - 2020-10-27 22:53 - 000917720 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2020-11-06 21:44 - 2020-10-27 22:53 - 000917720 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2020-11-06 21:44 - 2020-10-27 22:53 - 000456600 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2020-11-06 21:44 - 2020-10-27 22:53 - 000349936 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2020-11-06 21:44 - 2020-10-27 22:51 - 001026968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2020-11-06 21:44 - 2020-10-27 22:51 - 000674712 _____ C:\WINDOWS\system32\nvofapi64.dll
2020-11-06 21:44 - 2020-10-27 22:51 - 000543128 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2020-11-06 21:44 - 2020-10-27 22:50 - 002098072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2020-11-06 21:44 - 2020-10-27 22:50 - 001584368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2020-11-06 21:44 - 2020-10-27 22:50 - 001507224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2020-11-06 21:44 - 2020-10-27 22:50 - 001161112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2020-11-06 21:44 - 2020-10-27 22:50 - 000813464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2020-11-06 21:44 - 2020-10-27 22:50 - 000670616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2020-11-06 21:44 - 2020-10-27 22:50 - 000657304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2020-11-06 21:44 - 2020-10-27 22:50 - 000590576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2020-11-06 21:44 - 2020-10-27 22:50 - 000556440 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2020-11-06 21:44 - 2020-10-27 22:49 - 007707544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2020-11-06 21:44 - 2020-10-27 22:49 - 006858992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2020-11-06 21:44 - 2020-10-27 22:49 - 004174064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2020-11-06 21:44 - 2020-10-27 22:49 - 002509720 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2020-11-06 21:44 - 2020-10-27 22:49 - 000444656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2020-11-06 21:44 - 2020-10-27 22:48 - 005976984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2020-11-06 21:44 - 2020-10-27 22:48 - 000849648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2020-11-06 21:44 - 2020-10-22 15:19 - 000080930 _____ C:\WINDOWS\system32\nvinfo.pb
2020-11-06 20:56 - 2020-11-06 20:56 - 000198440 _____ C:\WINDOWS\ntbtlog.txt
2020-11-04 20:46 - 2020-11-04 20:46 - 000000000 ____D C:\Users\DonB\AppData\Local\Faraons
2020-11-03 20:37 - 2020-09-02 18:32 - 072520616 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2020-11-03 20:37 - 2020-09-02 18:32 - 007178376 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 007101648 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 006270096 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64AF3.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 005346904 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv211.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 003676976 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2020-11-03 20:37 - 2020-09-02 18:32 - 003375928 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 003159680 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 002930056 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 001971256 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 001965064 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64AF3.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 001787864 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 001598304 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 001516176 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 001353224 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 001159088 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOProp.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 000964912 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 000751208 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 000734680 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 000715552 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 000692072 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 000541008 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 000511552 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 000453184 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 000452640 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 000448512 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 000392776 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 000378288 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2API.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 000367520 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64AF3.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 000343616 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 000332920 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 000327176 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 000327176 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 000315872 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64F3.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 000278160 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 000261144 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 000261104 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 000260120 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 000231808 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 000230592 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 000220296 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 000218160 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 000174832 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 000157248 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 000139664 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 000122224 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 000116448 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 000093808 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 000090808 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 000090080 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 000088208 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 000083512 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll
2020-11-03 20:37 - 2020-09-02 18:10 - 041758052 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2020-11-02 19:14 - 2020-11-02 19:15 - 000000000 ____D C:\Users\DonB\Documents\Take Ownership
2020-11-02 18:12 - 2020-11-02 18:29 - 000000000 ____D C:\Program Files\NTLite
2020-11-02 18:12 - 2020-11-02 18:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NTLite
2020-11-02 17:46 - 2020-11-02 17:50 - 000000000 ____D C:\Program Files\HWiNFO64
2020-11-02 17:46 - 2020-11-02 17:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64
2020-11-01 20:25 - 2020-11-01 20:25 - 000000000 ____D C:\WINDOWS\Tasks\ImCleanDisabled
2020-11-01 20:25 - 2019-09-12 09:59 - 000178960 _____ (IObit) C:\WINDOWS\system32\IObitSmartDefragExtension.dll
2020-11-01 20:25 - 2016-03-22 11:02 - 000036824 _____ (IObit) C:\WINDOWS\system32\SmartDefragBootTime.exe
2020-11-01 20:14 - 2020-11-01 20:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2020-11-01 20:14 - 2020-11-01 20:14 - 000000000 ____D C:\Program Files\7-Zip
2020-10-31 16:34 - 2020-10-31 16:34 - 026274304 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 023452160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 019870720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 018083840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 007621632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 006422016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 006001208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 004830720 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 004281856 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 004277248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 003157816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 002760704 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 002520056 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 002477384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 002384696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.AppAgent.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 002012672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 001683456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 001632056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.AppAgent.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 001272320 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe
2020-10-31 16:34 - 2020-10-31 16:34 - 001238528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 001117328 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 000947712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 000845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\system32\IESettingSync.exe
2020-10-31 16:34 - 2020-10-31 16:34 - 000534536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 000413696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 000286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloShellRuntime.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 000236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 000218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 000183296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\HoloShellRuntime.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 000153600 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdrsvc.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netid.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbnetlib.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 000117064 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 000109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbnetlib.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 000095048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2020-10-31 16:34 - 2020-10-31 16:34 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcXtrnal.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Office2010CustomActions.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.Office2010CustomActions.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 000021320 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcXtrnal.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 008009872 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 007990232 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 007636448 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 006368392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 006231040 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 006196736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 005430992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 004752896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 004732928 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 004651032 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2020-10-31 16:33 - 2020-10-31 16:33 - 004069992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2020-10-31 16:33 - 2020-10-31 16:33 - 004008448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 003933696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 003821064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 003750400 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 003388928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 003305984 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 003089920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 003070464 _____ (Microsoft Corporation) C:\WINDOWS\system32\FluencyDS.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 002983736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-10-31 16:33 - 2020-10-31 16:33 - 002979840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 002850616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2020-10-31 16:33 - 2020-10-31 16:33 - 002607104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 002318848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 002048000 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShell.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 002024248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 001953792 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 001828352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 001715200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 001702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 001695728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 001664160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 001649664 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 001590784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 001516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 001515520 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 001481216 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 001391616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 001361920 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsf3gip.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 001315328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 001255424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 001245280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 001239040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_IME.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 001228800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 001097216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 001094656 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskbarcpl.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 001070392 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 001036288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 001025768 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 001017472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000988000 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000983408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2020-10-31 16:33 - 2020-10-31 16:33 - 000941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-10-31 16:33 - 2020-10-31 16:33 - 000928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000894776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2020-10-31 16:33 - 2020-10-31 16:33 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntimewindows.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000877056 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000873272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000867328 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000857088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000849920 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntime.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000828432 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000820552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2020-10-31 16:33 - 2020-10-31 16:33 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000803840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000783360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2020-10-31 16:33 - 2020-10-31 16:33 - 000781312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.ConversationalAgent.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000763392 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000756680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000754176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000716288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-10-31 16:33 - 2020-10-31 16:33 - 000712296 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2020-10-31 16:33 - 2020-10-31 16:33 - 000705008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000702464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000689024 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000677888 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-10-31 16:33 - 2020-10-31 16:33 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationFrame.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000659456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000648712 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000645632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\agentactivationruntimewindows.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000635840 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2020-10-31 16:33 - 2020-10-31 16:33 - 000628736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\agentactivationruntime.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_9.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2020-10-31 16:33 - 2020-10-31 16:33 - 000614912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.ConversationalAgent.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000603448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2020-10-31 16:33 - 2020-10-31 16:33 - 000598016 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_9.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000546968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChxAPDS.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000538952 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChxHAPDS.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000509792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2020-10-31 16:33 - 2020-10-31 16:33 - 000502584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-10-31 16:33 - 2020-10-31 16:33 - 000501760 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000493056 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreCommonProxyStub.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000489128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChtCangjieDS.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChtBopomofoDS.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChtHkStrokeDS.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChsStrokeDS.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000459264 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadauthhelper.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChtQuickDS.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000453632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\AarSvc.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000442168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SDDS.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000423224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DataModel.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-10-31 16:33 - 2020-10-31 16:33 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000384512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SpeechPrivacy.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000381440 _____ (Microsoft Corporation) C:\WINDOWS\system32\jpndecoder.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChxDecoder.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000376120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\chxinputrouter.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000361984 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedynos.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000343040 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-10-31 16:33 - 2020-10-31 16:33 - 000339456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AarSvc.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2020-10-31 16:33 - 2020-10-31 16:33 - 000320512 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000319488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MtfDecoder.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2020-10-31 16:33 - 2020-10-31 16:33 - 000303104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000298808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2020-10-31 16:33 - 2020-10-31 16:33 - 000297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\jpnranker.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2020-10-31 16:33 - 2020-10-31 16:33 - 000286720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedynos.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000272384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-10-31 16:33 - 2020-10-31 16:33 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000265728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000260800 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoncli.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\XamlTileRender.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreCommonProxyStub.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000229376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-10-31 16:33 - 2020-10-31 16:33 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netplwiz.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000218112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfp.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\diskpart.exe
2020-10-31 16:33 - 2020-10-31 16:33 - 000205312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000197632 _____ C:\WINDOWS\system32\IHDS.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_InkingTypingPrivacy.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000190048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logoncli.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\diskpart.exe
2020-10-31 16:33 - 2020-10-31 16:33 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\netid.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000180040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2020-10-31 16:33 - 2020-10-31 16:33 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\trie.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MTFFuzzyDS.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertPolEng.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\AdvancedEmojiDS.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.SharedPC.CredentialProvider.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaudite.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaudite.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000152576 _____ C:\WINDOWS\system32\EoAExperiences.exe
2020-10-31 16:33 - 2020-10-31 16:33 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_BrowserDeclutter.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000142336 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000137216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertPolEng.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinAUG.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\VocabRoamingHandler.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerApi.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSAssessment.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\chxranker.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2020-10-31 16:33 - 2020-10-31 16:33 - 000118600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\MTFSpellcheckDS.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\HashtagDS.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChtAdvancedDS.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MTFAppServiceDS.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\RuleBasedDS.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManagerApi.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000098120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
2020-10-31 16:33 - 2020-10-31 16:33 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardDlg.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\jpninputrouter.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\amsi.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncobjapi.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2020-10-31 16:33 - 2020-10-31 16:33 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msobjs.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\msobjs.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransliterationRanker.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmojiDS.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\amsi.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncobjapi.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardBi.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2020-10-31 16:33 - 2020-10-31 16:33 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\devauthe.sys
2020-10-31 16:33 - 2020-10-31 16:33 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2020-10-31 16:33 - 2020-10-31 16:33 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scfilter.sys
2020-10-31 16:33 - 2020-10-31 16:33 - 000039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\gmsaclient.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2020-10-31 16:33 - 2020-10-31 16:33 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gmsaclient.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys
2020-10-31 16:33 - 2020-10-31 16:33 - 000024792 _____ (Microsoft Corporation) C:\WINDOWS\system32\nsi.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregtask.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000020144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nsi.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsregtask.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsilog.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\amsiproxy.dll
2020-10-29 20:38 - 2020-10-29 20:38 - 000000000 ____D C:\Users\DonB\Downloads\easeus_5f99eceb65ec9
2020-10-28 17:15 - 2020-10-28 17:15 - 000000336 ____R C:\Users\DonB\Downloads\PCTrans12 Lic..txt
2020-10-28 17:13 - 2020-10-28 17:13 - 001390142 _____ C:\Users\DonB\Downloads\easeus_be9f2c0be0a8cc058fd267c5195b28dc.zip
2020-10-28 17:03 - 2020-10-29 20:34 - 000000000 ____D C:\Program Files (x86)\EaseUS
2020-10-28 17:03 - 2020-10-28 17:03 - 000000000 ____D C:\ProgramData\SystemAcCrux
2020-10-28 16:24 - 2020-10-28 16:24 - 000001555 _____ C:\Users\DonB\Downloads\Reset_Notification_Area_Icons_Cache.bat
2020-10-27 20:25 - 2020-10-31 20:28 - 000000000 ____D C:\Program Files\Puran Defrag
2020-10-27 20:25 - 2020-10-27 20:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Puran Defrag
2020-10-27 20:25 - 2014-01-23 18:56 - 000287616 _____ (Puran Software) C:\WINDOWS\system32\PuranDC.exe
2020-10-27 20:25 - 2013-08-15 15:39 - 001367424 _____ (Puran Software) C:\WINDOWS\system32\PuranFD.exe
2020-10-27 20:25 - 2013-08-15 15:39 - 000292736 _____ (Puran Software) C:\WINDOWS\system32\PuranDefragS.exe
2020-10-27 20:25 - 2013-08-15 15:39 - 000256896 _____ (Puran Software) C:\WINDOWS\system32\PuranDefrag.dll
2020-10-27 20:25 - 2013-08-15 15:39 - 000132480 _____ (Puran Software) C:\WINDOWS\system32\PuranDefragBT.exe
2020-10-27 19:33 - 2020-10-27 19:33 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avira
2020-10-27 19:32 - 2020-10-27 19:35 - 000000000 ____D C:\Users\DonB\AppData\Local\Opera Software
2020-10-27 19:30 - 2020-10-27 19:30 - 000000000 ____D C:\Users\Public\Security Sessions
2020-10-27 19:29 - 2020-10-27 19:35 - 000000000 ____D C:\Users\DonB\AppData\Roaming\Opera Software
2020-10-27 19:28 - 2020-10-27 19:28 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_avusbflt_01011.Wdf
2020-10-27 19:26 - 2020-10-27 19:30 - 000000000 ____D C:\Users\DonB\AppData\Local\Avira
2020-10-27 19:25 - 2020-11-07 21:47 - 000000000 ____D C:\ProgramData\Avira
2020-10-26 20:18 - 2020-11-12 21:01 - 000000000 ____D C:\ProgramData\ProductData
2020-10-26 20:18 - 2020-11-08 20:53 - 000000000 ____D C:\Program Files (x86)\IObit
2020-10-26 20:18 - 2020-11-01 20:25 - 000000000 ____D C:\Users\DonB\AppData\LocalLow\IObit
2020-10-26 20:18 - 2020-10-26 20:18 - 000002940 _____ C:\WINDOWS\system32\Tasks\Uninstaller_SkipUac_DonB
2020-10-26 20:18 - 2020-10-26 20:18 - 000001474 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk
2020-10-26 20:18 - 2020-10-26 20:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2020-10-26 20:17 - 2020-11-10 17:59 - 000000000 ____D C:\Users\DonB\AppData\Roaming\IObit
2020-10-26 20:17 - 2020-11-10 17:59 - 000000000 ____D C:\ProgramData\IObit
2020-10-26 15:08 - 2020-10-29 19:46 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2020-10-26 15:04 - 2020-10-26 15:04 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2020-10-26 15:02 - 2020-10-01 02:14 - 000222112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2020-10-26 15:02 - 2020-10-01 02:14 - 000038632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2020-10-26 15:01 - 2020-10-27 22:48 - 007005176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2020-10-26 15:01 - 2020-10-01 18:44 - 005519600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2020-10-26 14:44 - 2020-11-06 20:56 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2020-10-26 14:42 - 2020-11-06 20:47 - 000000000 ____D C:\WINDOWS\pss
2020-10-23 00:51 - 2020-10-23 00:54 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2020-10-23 00:49 - 2020-10-23 00:49 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2020-10-23 00:36 - 2020-10-23 00:36 - 000000000 ____D C:\Program Files\Reference Assemblies
2020-10-23 00:36 - 2020-10-23 00:36 - 000000000 ____D C:\Program Files\MSBuild
2020-10-23 00:36 - 2020-10-23 00:36 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2020-10-23 00:36 - 2020-10-23 00:36 - 000000000 ____D C:\Program Files (x86)\MSBuild
2020-10-23 00:36 - 2019-12-03 17:04 - 000781384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2020-10-23 00:36 - 2019-12-03 17:04 - 000105544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2020-10-23 00:36 - 2019-12-03 17:04 - 000037864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2020-10-23 00:36 - 2019-11-08 17:44 - 001168968 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2020-10-23 00:36 - 2019-11-08 17:44 - 000127056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2020-10-23 00:36 - 2019-11-08 17:44 - 000038072 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2020-10-22 21:22 - 2020-10-22 21:22 - 000000020 ___SH C:\Users\DonB\ntuser.ini
2020-10-22 21:20 - 2020-10-28 16:15 - 000003364 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-719403391-2089901819-616789136-1001
2020-10-22 21:20 - 2020-10-22 21:20 - 000002850 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-719403391-2089901819-616789136-500
2020-10-22 21:19 - 2020-10-22 21:19 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2020-10-22 21:19 - 2020-10-22 21:19 - 000007623 _____ C:\WINDOWS\diagerr.xml
2020-10-22 21:11 - 2020-11-16 18:14 - 000844810 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-10-22 21:00 - 2020-10-28 16:15 - 000002412 _____ C:\Users\DonB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-10-22 21:00 - 2020-10-22 21:22 - 000000000 ____D C:\Users\DonB
2020-10-22 19:20 - 2020-10-22 19:20 - 040622244 _____ C:\Users\DonB\Downloads\tweaking.com_windows_repair_aio.zip
2020-10-22 19:19 - 2020-10-28 17:45 - 000000000 ___DC C:\WINDOWS\Panther
2020-10-22 19:18 - 2020-10-22 19:18 - 040923584 _____ (Tweaking.com) C:\Users\DonB\Downloads\tweaking.com_windows_repair_aio_setup.exe
2020-10-17 15:33 - 2020-10-17 15:36 - 000000000 ____D C:\Users\DonB\AppData\Local\Binary Outcast
2020-10-17 15:33 - 2020-10-17 15:33 - 000000000 ____D C:\Users\DonB\AppData\Roaming\Binary Outcast
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-11-16 18:14 - 2020-04-11 16:51 - 000000000 ____D C:\Program Files\Waterfox Classic
2020-11-16 18:14 - 2019-12-07 04:13 - 000000000 ____D C:\WINDOWS\INF
2020-11-16 18:09 - 2019-12-07 04:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-11-16 18:09 - 2019-09-08 11:16 - 000000000 ____D C:\Users\DonB\AppData\LocalLow\Mozilla
2020-11-16 18:07 - 2020-09-27 09:34 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-11-16 18:07 - 2020-07-18 14:43 - 000008192 ___SH C:\DumpStack.log.tmp
2020-11-16 18:07 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\ServiceState
2020-11-16 18:07 - 2019-09-07 18:58 - 000000000 ____D C:\ProgramData\VMware
2020-11-15 22:07 - 2019-12-07 04:03 - 000262144 _____ C:\WINDOWS\system32\config\BBI
2020-11-15 21:50 - 2019-09-21 19:18 - 000000000 ____D C:\Users\DonB\AppData\Local\CrashDumps
2020-11-14 22:32 - 2020-05-26 16:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Pitstop
2020-11-14 22:20 - 2019-12-07 04:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-11-14 21:26 - 2019-12-07 04:14 - 000000000 ___HD C:\Program Files\WindowsApps
2020-11-14 21:26 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-11-14 18:26 - 2020-09-27 09:36 - 000002488 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-11-14 18:26 - 2020-09-27 09:36 - 000002326 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-11-14 18:26 - 2020-09-27 09:36 - 000002326 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2020-11-12 22:03 - 2019-09-08 06:16 - 000000000 ____D C:\Users\DonB\AppData\Roaming\VMware
2020-11-12 22:03 - 2019-09-08 06:16 - 000000000 ____D C:\Users\DonB\AppData\Local\VMware
2020-11-12 21:50 - 2020-09-27 09:33 - 000257904 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-11-12 21:50 - 2020-04-03 16:57 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
2020-11-12 21:48 - 2019-12-07 04:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2020-11-12 21:48 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2020-11-12 21:48 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SystemResources
2020-11-12 21:48 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\setup
2020-11-12 21:48 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-11-12 21:48 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-11-12 21:48 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-11-12 21:39 - 2019-12-07 04:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-11-12 21:35 - 2020-09-27 09:36 - 002876928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2020-11-12 21:17 - 2019-09-08 06:14 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-11-12 21:11 - 2019-09-08 06:13 - 133736600 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-11-10 18:50 - 2019-09-07 18:36 - 000000000 ____D C:\Users\DonB\AppData\Local\VirtualStore
2020-11-10 17:59 - 2020-05-26 15:39 - 000000000 ____D C:\ProgramData\BSD
2020-11-08 21:05 - 2019-09-08 12:08 - 000000000 ____D C:\Users\DonB\Documents\Text Docs
2020-11-07 21:46 - 2019-09-07 18:57 - 000000000 ____D C:\ProgramData\Package Cache
2020-11-06 21:05 - 2019-09-07 18:37 - 000000000 ____D C:\Users\DonB\AppData\Local\PlaceholderTileLogoFolder
2020-11-06 21:05 - 2019-09-07 18:36 - 000000000 ____D C:\Users\DonB\AppData\Local\Packages
2020-11-04 21:06 - 2020-06-07 16:32 - 000000000 ____D C:\Users\DonB\AppData\Roaming\foobar2000
2020-11-04 21:05 - 2020-06-07 16:34 - 000001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\foobar2000.lnk
2020-11-04 21:05 - 2020-06-07 16:34 - 000000000 ____D C:\Program Files (x86)\foobar2000
2020-11-04 19:50 - 2020-09-27 09:36 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-11-04 19:50 - 2020-09-27 09:36 - 000003356 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-11-03 20:42 - 2019-09-17 17:07 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2020-11-03 20:42 - 2019-09-17 17:00 - 000000000 ____D C:\WINDOWS\system32\DAX2
2020-10-31 20:29 - 2020-08-30 19:33 - 003736832 _____ (KC Softwares ) C:\Users\DonB\Downloads\dumo_lite.exe
2020-10-31 16:40 - 2019-12-07 04:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-10-31 16:40 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2020-10-31 16:40 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-10-31 16:40 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2020-10-31 16:39 - 2019-12-07 04:03 - 000000000 ____D C:\WINDOWS\servicing
2020-10-30 17:33 - 2020-09-27 09:33 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-10-29 18:09 - 2020-08-17 18:35 - 000000000 ____D C:\Users\DonB\AppData\Roaming\KC Softwares
2020-10-29 18:08 - 2020-08-17 18:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KC Softwares
2020-10-29 18:08 - 2020-05-02 18:39 - 000000000 ____D C:\Program Files (x86)\KC Softwares
2020-10-29 17:58 - 2019-10-16 17:59 - 000001288 _____ C:\Users\Public\Desktop\VMware Workstation Pro.lnk
2020-10-29 17:58 - 2019-10-16 17:59 - 000001288 _____ C:\ProgramData\Desktop\VMware Workstation Pro.lnk
2020-10-28 17:45 - 2020-09-19 16:16 - 000000000 ____D C:\ESD
2020-10-28 16:50 - 2020-10-08 20:37 - 000000000 ____D C:\Program Files\Interlink
2020-10-28 16:15 - 2019-09-07 18:38 - 000000000 ___RD C:\Users\DonB\OneDrive
2020-10-27 19:51 - 2020-08-30 19:10 - 000000552 __RSH C:\ProgramData\ntuser.pol
2020-10-26 14:49 - 2019-09-07 18:33 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2020-10-26 14:49 - 2019-09-07 18:33 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2020-10-23 18:57 - 2020-09-27 09:38 - 000000000 ____D C:\ProgramData\Packages
2020-10-23 18:25 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2020-10-23 18:23 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\appcompat
2020-10-23 00:54 - 2020-09-27 09:34 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-10-23 00:54 - 2020-06-11 18:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hekasoft Backup & Restore
2020-10-23 00:54 - 2020-05-28 15:29 - 000000000 ____D C:\Program Files\UNP
2020-10-23 00:54 - 2020-04-03 16:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2020-10-23 00:54 - 2019-12-07 04:14 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2020-10-23 00:54 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-10-23 00:54 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2020-10-23 00:54 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2020-10-23 00:54 - 2019-12-07 04:14 - 000000000 ____D C:\ProgramData\USOPrivate
2020-10-23 00:54 - 2019-10-16 17:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
2020-10-23 00:54 - 2018-04-11 18:38 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2020-10-23 00:54 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2020-10-23 00:53 - 2019-12-07 04:14 - 000000000 __RHD C:\Users\Public\Libraries
2020-10-23 00:52 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\Resources
2020-10-23 00:52 - 2019-10-17 08:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital Corporation
2020-10-23 00:52 - 2019-09-17 17:07 - 000000000 ____D C:\Program Files\Realtek
2020-10-23 00:42 - 2019-12-07 04:18 - 000000000 ____D C:\WINDOWS\Setup
2020-10-22 21:23 - 2020-09-27 09:38 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-10-22 21:23 - 2019-09-07 18:36 - 000000000 ___RD C:\Users\DonB\3D Objects
2020-10-22 21:20 - 2019-12-07 04:14 - 000000000 ____D C:\Program Files\Windows Defender
2020-10-22 21:09 - 2019-12-07 04:14 - 000000000 __RSD C:\WINDOWS\Media
2020-10-22 21:03 - 2019-12-07 04:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2020-10-22 21:02 - 2020-10-16 16:37 - 000000000 ____D C:\Users\DonB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2020-10-22 20:03 - 2020-06-11 18:35 - 000000000 ____D C:\Program Files\Hekasoft Backup & Restore
2020-10-22 19:18 - 2019-09-07 19:08 - 000000036 _____ C:\WINDOWS\progress.ini
2020-10-22 16:15 - 2019-09-08 06:11 - 000795000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2020-10-20 11:34 - 2020-08-19 04:32 - 001171552 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys
==================== FCheck ================================
(If an entry is included in the fixlist, the file/folder will be moved.)
FCheck: C:\WINDOWS\system32\nvcplui.exe [2020-11-07] <==== ATTENTION (zero byte File/Folder)
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-16-2020
Ran by DonB (16-11-2020 18:49:08)
Running from C:\Users\DonB\Desktop
Windows 10 Pro Version 2009 19042.630 (X64) (2020-10-23 02:22:20)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-719403391-2089901819-616789136-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-719403391-2089901819-616789136-503 - Limited - Disabled)
DonB (S-1-5-21-719403391-2089901819-616789136-1001 - Administrator - Enabled) => C:\Users\DonB
Guest (S-1-5-21-719403391-2089901819-616789136-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-719403391-2089901819-616789136-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Bitdefender Antivirus Free Antimalware (Enabled - Up to date) {EA21BCE8-A461-99C3-3A0D-4C964E75494E}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 19.00 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1900-000001000000}) (Version: 19.00.00.0 - Igor Pavlov)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 24.0.1.169 - Bitdefender)
Bitdefender Antivirus Free (HKLM\...\{1FCCF41D-5F00-4FE2-9653-162D0486C8B4}) (Version: 1.0.17.209 - Bitdefender)
Data Lifeguard Diagnostic version 1.36 (HKLM-x32\...\{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1) (Version: - Western Digital Corporation)
foobar2000 v1.6.2 (HKLM-x32\...\foobar2000) (Version: 1.6.2 - Peter Pawlowski)
Hekasoft Backup & Restore 0.94 (HKLM\...\{PBR27112011-M1447-7KS6-C3E2-1X8374W715U4}_is1) (Version: 0.94 - Hekasoft)
HWiNFO64 Version 6.32 (HKLM\...\HWiNFO64_is1) (Version: 6.32 - Martin Malik - REALiX)
Interlink 52.9.7606 (x64 en-US) (HKLM\...\Interlink 52.9.7606 (x64 en-US)) (Version: 52.9.7606 - Binary Outcast)
IObit Uninstaller 10 (HKLM-x32\...\IObitUninstall) (Version: 10.0.2.23 - IObit)
KC Softwares DUMo (HKLM-x32\...\KC Softwares DUMo_is1) (Version: 2.23.0.107 - KC Softwares)
KC Softwares SUMo (HKLM-x32\...\KC Softwares SUMo_is1) (Version: 5.11.5.464 - KC Softwares)
Malwarebytes version 4.2.3.96 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.2.3.96 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 86.0.622.69 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.137.99 - )
Microsoft OneDrive (HKU\S-1-5-21-719403391-2089901819-616789136-1001\...\OneDriveSetup.exe) (Version: 20.169.0823.0008 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.20.27508 (HKLM-x32\...\{7b178cda-9740-4701-a92a-f168d213b343}) (Version: 14.20.27508.1 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.20.27508 (HKLM-x32\...\{8c3f057e-d6a6-4338-ac6a-f1c795a6577b}) (Version: 14.20.27508.1 - Microsoft Corporation)
NTLite v1.8.0.7180 (HKLM\...\NTLite_is1) (Version: 1.8.0.7180 - Nlitesoft)
NVIDIA Graphics Driver 457.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 457.09 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.35 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
O&O Defrag Professional (HKLM\...\{7C4D55AF-37B4-4D85-9106-CF473CEC9BE6}) (Version: 22.1.2521 - O&O Software GmbH)
Puran Defrag 7.7.1 (HKLM\...\Puran Defrag_is1) (Version: - Puran Software)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.34.617.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9018.1 - Realtek Semiconductor Corp.)
SharewareOnSale Notifier (HKU\S-1-5-21-719403391-2089901819-616789136-1001\...\SharewareOnSale Notifier) (Version: 20 - SharewareOnSale)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 8.0.1052 - SUPERAntiSpyware.com)
Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 3.5.3 - Tweaking.com)
VMware Workstation (HKLM\...\{2B5DAA91-E0C9-4307-90B7-5688E910C894}) (Version: 15.1.0 - VMware, Inc.)
Waterfox Classic 56.3 (x64 en-US) (HKLM\...\Waterfox Classic 56.3 (x64 en-US)) (Version: 56.3 - Waterfox Ltd)
Packages:
=========
3D Boat Race -> C:\Program Files\WindowsApps\ATrillionGamesLtd.3DBoatRace_2.13.0.0_neutral__2cw2yhd8jafk0 [2019-10-06] (A Trillion Games Ltd)
3rd Floor Word Search -> C:\Program Files\WindowsApps\3rdFloorGames.3rdFloorWordSearch_1.6.0.16_neutral__6s8xxjhexmxkj [2019-10-06] (3rd Floor Games) [MS Ad]
8 Ball Pool Master 3D -> C:\Program Files\WindowsApps\AbsoLogixTechnologiesLimi.8BallPoolMaster3D_1.1.0.0_x86__bqy72ee6esnst [2019-10-06] (AbsoLogix Technologies Limited) [MS Ad]
AirHockey -> C:\Program Files\WindowsApps\35328Axadiw.AirHockey_3.0.0.8_x64__q0ek1vwtayzv0 [2019-10-06] (Michał Mizera) [MS Ad]
Archery!? -> C:\Program Files\WindowsApps\59091GameDesignStudio.151436C2BC703_1.0.0.1_neutral__hke3ffja2n6hy [2019-10-06] (Game Design Studio) [MS Ad]
Asphalt 8: Airborne -> C:\Program Files\WindowsApps\GAMELOFTSA.Asphalt8Airborne_5.4.0.14_x86__0pp20fcewvvtj [2020-10-31] (GAMELOFT SA)
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-08] (Autodesk Inc.)
Backgammon Pro -> C:\Program Files\WindowsApps\32988BernardoZamora.BackgammonPro_2.20.13.0_x64__1fgex2kbsn6g8 [2020-11-14] (Bernardo Zamora)
Billiards Pro -> C:\Program Files\WindowsApps\25730BumbleBeeInteractive.BilliardsPro_3.0.4.10_neutral__zkcgnbxb2zbe2 [2019-10-06] (Bumble Bee Interactive) [MS Ad]
Blackjack Master 3 -> C:\Program Files\WindowsApps\27345RickyWalker.BlackjackMaster3_4.0.4.0_x64__86btqqq57pmzr [2020-09-12] (Ricky Walker)
Blocked In -> C:\Program Files\WindowsApps\45641SourGreenPlums.BlockedIn_1.9.0.0_x64__azstdzfk4mfqj [2019-10-06] (Sour Green Plums) [MS Ad]
BrainGames -> C:\Program Files\WindowsApps\11737mpcreation.BrainGames_1.0.0.4_neutral__a5jtxryte0wc6 [2019-10-06] (mpcreation)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_6.13.6.0_x86__kgqvnymyfvs32 [2020-10-03] (king.com)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.45.4.0_x86__kgqvnymyfvs32 [2020-10-23] (king.com)
Candy Crush Jelly Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushJellySaga_2.53.9.0_x86__kgqvnymyfvs32 [2020-11-14] (king.com)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1890.2.0_x86__kgqvnymyfvs32 [2020-11-05] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.181.400.0_x86__kgqvnymyfvs32 [2020-11-14] (king.com)
Car Racing Adventure -> C:\Program Files\WindowsApps\AbsoLogixTechnologiesLimi.CarRacingAdventure-FPS_1.0.0.2_x86__bqy72ee6esnst [2019-10-06] (AbsoLogix Technologies Limited)
Card Games Chest -> C:\Program Files\WindowsApps\43248SummitDataCorp.CardGamesChest_10.5.5.0_x64__hmd3687kaknfw [2019-10-06] (Summit Data Corp) [MS Ad]
Checkers Deluxe -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.CheckersDeluxe_3.1.10.0_x64__kx24dqmazqk8j [2019-10-06] (Random Salad Games LLC) [MS Ad]
Church Organ -> C:\Program Files\WindowsApps\60708Glauco.ChurchOrgan_3.9.0.0_x64__7fjyrzpehcxhr [2019-10-06] (Glauco)
Complete Anatomy -> C:\Program Files\WindowsApps\3D4Medical.comLLC.CompleteAnatomy_6.3.0.0_x86__jp2a6tdsptebg [2020-10-22] (3D4Medical)
Cribbage Free -> C:\Program Files\WindowsApps\TrivialTechnology.CribbageFree_1.1.0.3_neutral__0ynvawc60ma20 [2019-10-06] (Trivial Technology)
Cut The Rope -> C:\Program Files\WindowsApps\ZeptoLabUKLimited.CutTheRope_1.2.0.43_x86__sq9zxnwrk84pj [2019-10-06] (ZeptoLab UK Limited)
Daily Workouts -> C:\Program Files\WindowsApps\DailyWorkoutAppsLLC.DailyWorkouts_1.1.0.81_neutral__veekfymw5c31t [2019-10-06] (Daily Workout Apps LLC)
Darts for Win8 -> C:\Program Files\WindowsApps\3501minigame365.DartsforWin8_1.0.0.4_x86__vcm56s8rs9jnt [2019-10-06] (minigame365)
Dominoes -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.Dominoes_4.1.16.0_x64__kx24dqmazqk8j [2020-05-13] (Random Salad Games LLC)
Dream League Soccer Football 3D -> C:\Program Files\WindowsApps\40976InstantBestGames.DreamLeagueSoccerFootball3D_9.7.0.0_x64__4gkhj8etzdkr2 [2020-09-13] (Instant Best Games) [MS Ad]
Earth from Above PREMIUM -> C:\Program Files\WindowsApps\Microsoft.EarthfromAbovePREMIUM_1.0.0.0_neutral__8wekyb3d8bbwe [2020-04-19] (Microsoft Corporation)
English Grammar Quiz -> C:\Program Files\WindowsApps\36660Plupp.EnglishGrammarQuiz_2.1.0.3_neutral__znsjg73n5jnh8 [2019-10-06] (Plupp)
Fishing Challenge! -> C:\Program Files\WindowsApps\26002GordianGames.FishingChallenge_1.0.0.1_neutral__be5189awrw43t [2019-10-06] (GordianGames)
Forest Smash -> C:\Program Files\WindowsApps\40224HexGames.ForestSmash_1.1.0.6_x64__0fm5bb4npcj2y [2019-10-06] (Hex Games) [MS Ad]
Free Books- 23,469 classics to go. -> C:\Program Files\WindowsApps\Spreadsong.4050D878_3.0.0.0_x64__9srdm8za4r460 [2019-10-06] (App Force One LLC)
FreeCell HD -> C:\Program Files\WindowsApps\32988BernardoZamora.Dummy2_1.21.57.0_x64__1fgex2kbsn6g8 [2020-07-29] (Bernardo Zamora) [MS Ad]
Fun Math FlashCards -> C:\Program Files\WindowsApps\AvarinSystemsInc.FunMathFlashCards_1.0.0.1_neutral__nn39ygkswkqn8 [2019-10-06] (Avarin Systems Inc)
General Knowledge Quiz -> C:\Program Files\WindowsApps\Ingenify.IngenifyTriviaQuiz_1.1.0.10_x64__ttw4g35v4x5tm [2019-10-06] (Martin Freitag)
Gin Rummy Pro -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.GinRummyPro_2.1.1.19_x64__kx24dqmazqk8j [2019-10-06] (Random Salad Games LLC) [MS Ad]
Hangman Pro -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.HangmanPro_2.0.0.18_x64__kx24dqmazqk8j [2019-10-06] (Random Salad Games LLC) [MS Ad]
HeavenWord Bible Study Toolbox -> C:\Program Files\WindowsApps\7BCBF0C9.HeavenWordBibleStudyToolbox_1.0.0.37_neutral__1ndvwgy7fd77t [2019-10-06] (HeavenWord, Inc.)
Hive Mind -> C:\Program Files\WindowsApps\ElectricScribbleLLC.HiveMind_1.0.0.75_neutral__g1d921m2atfvm [2019-10-06] (Electric Scribble LLC) [MS Ad]
Instant Anatomy Free -> C:\Program Files\WindowsApps\2180InstantAnatomy.InstantAnatomyFree_1.1.0.10_neutral__qvsjy2dtkfy9p [2019-10-06] (Instant Anatomy)
Jewel Fever -> C:\Program Files\WindowsApps\SprakelsoftUG.JewelFever_1.1.20.0_x64__ge3twpst8dtre [2020-10-13] (Sprakelsoft GmbH) [MS Ad]
Jewel³ -> C:\Program Files\WindowsApps\33047StormtekGames.Jewel_1.2.8.0_x64__2f2q84ddd4hgc [2020-04-30] (Stormtek Games)
Jigsaw Puzzles HD -> C:\Program Files\WindowsApps\60AC5286.JigsawPuzzlesHD_1.5.16.0_x64__ynqp2pc461sw0 [2019-10-06] (Enless Soft Ltd.) [MS Ad]
Knave Blackjack -> C:\Program Files\WindowsApps\52620JasonFollas.Knave21_1.1.3.2_neutral__apdeh372bg2wt [2019-10-06] (Jason Follas) [MS Ad]
Lucky Lanes Bowling -> C:\Program Files\WindowsApps\6F528AC0.LuckyLanesBowling_1.2.0.0_x86__wxrry56177qy2 [2019-10-06] (babaroga, llc.)
Mahjong Deluxe Free -> C:\Program Files\WindowsApps\664D3057.MahjongDeluxeFree_7.6.2.0_x86__wwtpmf9bcrwqj [2020-11-04] (EnsenaSoft S.A. de C.V.)
marblie: marbles reinvented! -> C:\Program Files\WindowsApps\8116MRG.marblie_1.5.2.7_neutral__qd3mcfaa81k8y [2019-10-06] (MRG)
Mega Poker Texas Holdem -> C:\Program Files\WindowsApps\6DFD4FD1.MegaPoker_1.2.3.12_neutral__9tr9adm8gg09m [2019-10-06] (Combay Inc.)
Memory Matches -> C:\Program Files\WindowsApps\IDCProjects.MemoryMatches_1.0.0.22_x64__yqxg8m436zy7j [2019-10-06] (IDC Projects)
Microsoft Advertising SDK for JavaScript -> C:\Program Files\WindowsApps\Microsoft.Advertising.JavaScript_10.1805.2.0_x64__8wekyb3d8bbwe [2019-10-06] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for JavaScript -> C:\Program Files\WindowsApps\Microsoft.Advertising.JavaScript_10.1805.2.0_x86__8wekyb3d8bbwe [2019-10-06] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-09-07] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-09-07] (Microsoft Corporation) [MS Ad]
Microsoft Jackpot -> C:\Program Files\WindowsApps\Microsoft.MicrosoftJackpot_1.9.1110.0_x86__8wekyb3d8bbwe [2019-10-06] (Microsoft Studios) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-10-22] (Microsoft Studios) [MS Ad]
Music Keyboard -> C:\Program Files\WindowsApps\39329SoundDesigner.MusicKeyboard_5.0.16.0_x64__24rsprxr004q6 [2020-10-17] (SoundDesigner) [MS Ad]
Music Quiz Game -> C:\Program Files\WindowsApps\47973borneomobile.MusicQuizGame_1.1.0.5_x86__hjdz3r29yebja [2019-10-06] (borneo mobile) [MS Ad]
mysms - Text from Computer, Messaging -> C:\Program Files\WindowsApps\UptoElevenDigitalSolution.mysms-Textanywhere_3.2.0.0_x64__c9d6r4qvva5x8 [2019-10-06] (Up to Eleven Digital Solutions GmbH)
Nine Men Morris -> C:\Program Files\WindowsApps\19363BlueskyStudio.NineMenMorris_1.0.0.2_neutral__ad90gx91p0mxj [2019-10-06] (Bluesky Studio) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.958.0_x64__56jybvy8sckqj [2020-10-26] (NVIDIA Corp.)
Offroad Racing -> C:\Program Files\WindowsApps\2724ZoltnGubics.OffroadRacing_1.1.8.0_x64__d5xggy273m32g [2019-10-06] (Zoltán Gubics)
PacPac -> C:\Program Files\WindowsApps\53543Nocodesoft.47065DEBBFD13_10.10.64.0_x64__z140ett1a786e [2020-11-14] (Nocodesoft) [MS Ad]
PDF Viewer Plus -> C:\Program Files\WindowsApps\29124GSnathan.PDFViewerPlus_1.2.9.0_x64__99e2r9s0h589p [2019-09-22] (GSnathan)
Pegs HD Free -> C:\Program Files\WindowsApps\ExpressiveAppsLLC.PegsHDFree_1.1.0.0_neutral__4wnhq1mjxr2se [2019-10-06] (Expressive Apps, LLC)
Perfect Workout -> C:\Program Files\WindowsApps\10301PerfectThumb.PerfectWorkout_1.2.8.0_x64__n9t97vrmwej7m [2019-10-06] (Perfect Thumb)
Piano 3D -> C:\Program Files\WindowsApps\57475MobileKingdom.Piano3D_3.1.0.1_x86__7hyyndwxma3vt [2019-10-06] (Mobile Kingdom)
Planner 5D - Home & Interior Design -> C:\Program Files\WindowsApps\UABPlanner5D.Planner5D-HomeInteriorDesign_1.8.102.0_x64__ab7xzjg59kkje [2020-09-22] (UAB Planner5D)
PopStar! -> C:\Program Files\WindowsApps\RuiLueSoftware.5333EC7C5889_1.3.81.0_neutral__kxcx7nefnns9a [2019-10-06] (杭州睿略软件科技有限公司)
PopStar.free -> C:\Program Files\WindowsApps\45515SkyLineGames.PopStar.free_1.2.3.0_x64__zrw4chdf0m07a [2019-10-06] (SkyLine Gamez) [MS Ad]
Q-Game (Free) -> C:\Program Files\WindowsApps\470AlexeiGarbuzenko.Q-GameFree_1.0.1.11_neutral__gd2qghq4jdjcm [2019-10-06] (Alexei Garbuzenko)
Quick and Easy German Lessons -> C:\Program Files\WindowsApps\18658Zeemish.QuickandEasyGermanLessons_2.0.0.0_x64__krx3ymyjn7t6t [2019-10-06] (Zeemish) [MS Ad]
QuizUp -> C:\Program Files\WindowsApps\QuizUp.QuizUp_2015.1215.824.3_x86__n36z36qeaxk8a [2019-10-06] (Plain Vanilla Corp.)
Real Skee Ball -> C:\Program Files\WindowsApps\36528JOLTATECHNOLOGIES.RealSkeeBall_1.1.0.0_x86__kmkhcnz4kzjnw [2019-10-06] (JOLTA TECHNOLOGIES)
Rock Guitar! -> C:\Program Files\WindowsApps\7600Davilovick.RockGuitar_2.1.1.26_x64__jpyg02rqsdbsj [2019-10-06] (Davilovick)
Roulette Mania -> C:\Program Files\WindowsApps\25312MindsEdge.RouletteMania_1.0.0.3_x64__pe8ys0kc9pn6c [2019-10-06] (MindsEdge)
Skill Game -> C:\Program Files\WindowsApps\32988BernardoZamora.SkillGame_1.3.22.4_x64__1fgex2kbsn6g8 [2019-10-06] (Bernardo Zamora)
Sling TV -> C:\Program Files\WindowsApps\SlingTVLLC.SlingTV_7.0.8.0_x86__vgszm6stshdqy [2020-09-13] (Sling TV LLC)
SpeedWords Arena -> C:\Program Files\WindowsApps\HotChaiProductionsLLC.SpeedWords_2.16.18.0_x64__4526h58b9csx8 [2019-10-06] (Hot Chai Productions LLC)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.145.621.0_x86__zpdnekdrzrea0 [2020-11-03] (Spotify AB) [Startup Task]
Star Trek Timelines -> C:\Program Files\WindowsApps\TiltingPoint.StarTrekTimelines_1.0.412.0_x64__85kh3h6wfjavg [2020-10-17] (Tilting Point)
Sudoku by blugri -> C:\Program Files\WindowsApps\blugrisoftwareservicesBVB.Sudokubyblugri_1.0.0.5_neutral__phfv9b1xfqp1p [2019-10-06] (blugri softwareservices BVBA)
Tape Recorder -> C:\Program Files\WindowsApps\39320Senstic.TapeRecorder_2.2.0.6_x64__d8f7n113hmst6 [2019-10-06] (Senstic)
Tetra Blocks -> C:\Program Files\WindowsApps\53543Nocodesoft.MyTetris_10.0.50.0_x64__z140ett1a786e [2019-10-06] (Nocodesoft) [MS Ad]
The Backgammon -> C:\Program Files\WindowsApps\6918E89D.TheBackgammon_1.2.5.0_x64__66n08swfvvka0 [2020-07-22] (UNBALANCE corp.) [MS Ad]
The New York Times Crossword -> C:\Program Files\WindowsApps\TheNewYorkTimes.NYTCrossword_1.5.0.0_x86__3q5wqmazkcmtm [2019-10-06] (The New York Times)
Timer+ -> C:\Program Files\WindowsApps\MinimaSoftware.Timer_1.0.3.0_neutral__xbn939datne2w [2019-10-06] (Minima Software)
Total PC Cleaner - Free Disk Space Clean Up, Optimize Memory & Windows System -> C:\Program Files\WindowsApps\64404Softuna.TotalDiskCleaner_2.1.3.0_x64__r1b4jsc7ddp3p [2020-10-23] (Total PC Cleaner)
Tricky Shot Soccer -> C:\Program Files\WindowsApps\DreamAppsLab.TrickyShotSoccer_1.1.0.1_x86__nr0n5xv8q0v6t [2019-10-06] (Siena Solucoes Tecnologicas E Comercio Ltda)
Trivial Pursuit & Friends -> C:\Program Files\WindowsApps\A278AB0D.TrivialPursuit_1.1.1.0_x86__h6adky7gbf63m [2019-10-06] (Gameloft.)
UNO ™ & Friends - The Classic Card Game Goes Social! -> C:\Program Files\WindowsApps\GAMELOFTSA.UNOFriends_1.9.2.1_x86__0pp20fcewvvtj [2019-10-06] (GAMELOFT SA)
Virtual Fireplace -> C:\Program Files\WindowsApps\22062EdgeWaySoftware.VirtualFireplace_6.0.6010.0_x64__899325t744j9a [2019-10-06] (EdgeWay Software)
Windows File Recovery -> C:\Program Files\WindowsApps\Microsoft.WindowsFileRecovery_0.0.11761.0_x64__8wekyb3d8bbwe [2020-08-01] (Microsoft Corporation)
Word Search - Free -> C:\Program Files\WindowsApps\6317TinyGames.WordSearch-Free_1.1.14.0_x64__agdqmtxhayfww [2020-07-22] (Tiny Games)
Wordplay: Exercise your brain -> C:\Program Files\WindowsApps\828B5831.WordplayExerciseyourbrain_1.7.902.0_x86__ytsefhwckbdv6 [2020-09-12] (G5 Entertainment AB)
Words & Numbers 2 -> C:\Program Files\WindowsApps\57662AppsoluteZero.WordsNumbers2_3.4.0.6_x64__b50dz6rccnb4g [2019-10-06] (Appsolute Zero) [MS Ad]
Words With Friends -> C:\Program Files\WindowsApps\D52A8D61.WordsWithFriends_1.2.0.1_x64__jwbwg6xx0377a [2019-10-06] (Zynga, Inc.)
Yatzy Ultimate Free -> C:\Program Files\WindowsApps\Seavus.YatzyUltimateFree_5.10.0.147_x86__bwc13hzg5kga8 [2019-10-06] (Seavus) [MS Ad]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2020-07-31] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [OODefrag] -> {48EAD1E1-ECF2-4a85-AA09-1C44FBEED451} => C:\Program Files\OO Software\Defrag\oodsh.dll [2018-11-30] (O&O Software GmbH -> O&O Software GmbH)
ContextMenuHandlers1: [PuranDefrag] -> {E23C9C4A-0F55-40e2-A47F-93DCB54DF04D} => C:\WINDOWS\system32\PuranDefrag.dll [2013-08-15] (Vishal Gupta -> Puran Software) [File not signed]
ContextMenuHandlers2: [OODefrag] -> {48EAD1E1-ECF2-4a85-AA09-1C44FBEED451} => C:\Program Files\OO Software\Defrag\oodsh.dll [2018-11-30] (O&O Software GmbH -> O&O Software GmbH)
ContextMenuHandlers2: [PuranDefrag] -> {E23C9C4A-0F55-40e2-A47F-93DCB54DF04D} => C:\WINDOWS\system32\PuranDefrag.dll [2013-08-15] (Vishal Gupta -> Puran Software) [File not signed]
ContextMenuHandlers2-x32: [VMDiskMenuHandler] -> {271DC252-6FE1-4D59-9053-E4CF50AB99DE} => C:\Program Files (x86)\VMware\VMware Workstation\vmdkShellExt.dll [2019-05-04] (VMware, Inc. -> VMware, Inc.)
ContextMenuHandlers2: [VMDiskMenuHandler64] -> {E4D28EDC-8C0B-43EE-9E7D-C8A8682334DC} => C:\Program Files (x86)\VMware\VMware Workstation\x64\vmdkShellExt64.dll [2019-05-04] (VMware, Inc. -> VMware, Inc.)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2020-07-31] (IObit Information Technology -> IObit)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_983b03c2be43c272\nvshext.dll [2020-10-27] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2020-07-31] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [OODefrag] -> {48EAD1E1-ECF2-4a85-AA09-1C44FBEED451} => C:\Program Files\OO Software\Defrag\oodsh.dll [2018-11-30] (O&O Software GmbH -> O&O Software GmbH)
ContextMenuHandlers6: [PuranDefrag] -> {E23C9C4A-0F55-40e2-A47F-93DCB54DF04D} => C:\WINDOWS\system32\PuranDefrag.dll [2013-08-15] (Vishal Gupta -> Puran Software) [File not signed]
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2019-02-21 21:00 - 2019-02-21 21:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2020-10-27 20:25 - 2013-08-15 15:39 - 000256896 _____ (Vishal Gupta -> Puran Software) [File not signed] C:\WINDOWS\system32\PuranDefrag.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\DonB\Downloads\Zotero-4.0.20_setup.exe:BDU [0]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2020-01-31] (IObit Information Technology -> IObit)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-04-11 18:38 - 2018-04-11 18:36 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-719403391-2089901819-616789136-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
Network Binding:
=============
Ethernet: VMware Bridge Protocol -> vmware_bridge (enabled)
VMware Network Adapter VMnet8: VMware Bridge Protocol -> vmware_bridge (disabled)
VMware Network Adapter VMnet1: VMware Bridge Protocol -> vmware_bridge (disabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKU\S-1-5-21-719403391-2089901819-616789136-1001\...\StartupApproved\Run: => "OneDrive"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{8BAA4AF8-02BB-4F7C-80F3-F5A414C0D9A4}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{F31D8FF4-2F9F-4693-AFFC-C1881E8E1678}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{CCADF369-02E2-43AA-889B-350D7D364970}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe (VMware, Inc. -> )
FirewallRules: [{02FA4B14-B765-4047-BCBF-62A5526E1D04}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe (VMware, Inc. -> )
FirewallRules: [{56D0710A-BE88-42CB-9A61-9EB564C6BC09}] => (Allow) C:\Program Files\Waterfox Classic\waterfox.exe (Waterfox Limited -> Waterfox)
FirewallRules: [{6B8E37C9-4D08-4F87-BE67-3169D35E4AA9}] => (Allow) C:\Program Files\Waterfox Classic\waterfox.exe (Waterfox Limited -> Waterfox)
FirewallRules: [{AE491555-A815-43A0-A411-0CE170904F0F}] => (Allow) C:\Program Files\Waterfox Classic\waterfox.exe (Waterfox Limited -> Waterfox)
FirewallRules: [{E06125EB-050F-48BC-BCB3-690B8D3B6DDF}] => (Allow) C:\Program Files\Waterfox Classic\waterfox.exe (Waterfox Limited -> Waterfox)
FirewallRules: [{D22D19C6-9E73-4BC9-A7C3-38284171AC74}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3A57CA07-C876-4504-A325-CAB6C3BCB563}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6C35680C-341C-4F04-9821-FAA60A773A24}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9DC4D728-41B4-495D-A2D4-5863145E27D1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{446C5A11-29B1-41E8-83B4-2BB2DD85C50E}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => No File
FirewallRules: [{B54F00DA-F9FE-4A93-98F6-094AD80EAD3D}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => No File
FirewallRules: [{74864F8F-146C-4BF7-AFA0-28F74AF5B0F9}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => No File
FirewallRules: [{C50913E4-7C58-45A8-83A0-D464ADB47E80}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.145.621.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B050E032-2EB6-4863-AD7B-6E6EB784A1F0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.145.621.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BC30E784-35FC-46A9-B6ED-5F2F65DBC415}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.145.621.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E8666D33-1A68-493A-B0C2-B36FA0199F5B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.145.621.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BF9F55B6-5131-4EA3-8CD8-9B2F73860455}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.145.621.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C4616C8E-E662-4F47-80A8-C224B971414E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.145.621.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E22C052F-C644-4CB4-A501-4433E3572872}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.145.621.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E14C5DEC-1686-4FB5-BB68-FA5EB4716182}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.145.621.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
==================== Restore Points =========================
31-10-2020 16:17:02 Windows Modules Installer
01-11-2020 20:13:28 Installed 7-Zip 19.00 (x64 edition)
12-11-2020 21:17:49 Windows Modules Installer
15-11-2020 21:44:48 Installed O&O Defrag Professional
==================== Faulty Device Manager Devices ============
Name: Multimedia Audio Controller
Description: Multimedia Audio Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: ========================
Application errors:
==================
Error: (11/15/2020 10:06:36 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.
Error: (11/15/2020 10:06:36 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
Error: (11/15/2020 10:06:36 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.
Error: (11/15/2020 10:06:36 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
Error: (11/15/2020 09:49:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 10.0.19041.610, time stamp: 0xab30c679
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0000000006220fd8
Faulting process id: 0x18c4
Faulting application start time: 0x01d6bbc147220bb3
Faulting application path: C:\WINDOWS\Explorer.EXE
Faulting module path: unknown
Report Id: 7f33b47b-a7fd-4e31-a066-e33ff7908255
Faulting package full name:
Faulting package-relative application ID:
Error: (11/15/2020 09:46:51 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance(CLSID_VSSCoordinator). hr = 0x800401f0, CoInitialize has not been called.
.
Error: (11/15/2020 09:46:51 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} and name Coordinator cannot be started. [0x800401f0, CoInitialize has not been called.
]
Error: (11/14/2020 06:51:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: conhost.exe, version: 10.0.19041.546, time stamp: 0x66bd055c
Faulting module name: ucrtbase.dll, version: 10.0.19041.546, time stamp: 0x43cbc11d
Exception code: 0xc0000409
Fault offset: 0x000000000007287e
Faulting process id: 0x1340
Faulting application start time: 0x01d6bae11e18e50d
Faulting application path: C:\WINDOWS\system32\conhost.exe
Faulting module path: C:\WINDOWS\System32\ucrtbase.dll
Report Id: 1eacec4f-d770-4530-b3a8-8992b378a5e5
Faulting package full name:
Faulting package-relative application ID:
System errors:
=============
Error: (11/16/2020 06:06:48 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT AUTHORITY)
Description: Performance power management features on Hyper-V logical processor 7 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.
Error: (11/16/2020 06:06:48 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT AUTHORITY)
Description: Performance power management features on Hyper-V logical processor 6 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.
Error: (11/16/2020 06:06:48 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT AUTHORITY)
Description: Performance power management features on Hyper-V logical processor 5 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.
Error: (11/16/2020 06:06:48 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT AUTHORITY)
Description: Performance power management features on Hyper-V logical processor 4 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.
Error: (11/16/2020 06:06:48 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT AUTHORITY)
Description: Performance power management features on Hyper-V logical processor 3 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.
Error: (11/16/2020 06:06:48 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT AUTHORITY)
Description: Performance power management features on Hyper-V logical processor 2 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.
Error: (11/16/2020 06:06:48 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT AUTHORITY)
Description: Performance power management features on Hyper-V logical processor 1 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.
Error: (11/16/2020 06:06:48 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT AUTHORITY)
Description: Performance power management features on Hyper-V logical processor 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.
Windows Defender:
===================================
Date: 2020-10-26 16:06:31.2040000Z
Description:
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
Date: 2020-10-26 15:59:42.3120000Z
Description:
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
Date: 2020-10-26 15:50:10.7540000Z
Description:
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
Date: 2020-10-26 15:43:54.4880000Z
Description:
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
CodeIntegrity:
===================================
Date: 2020-11-16 18:10:26.7830000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender Antivirus Free\bdamsi\264917603565802704\antimalware_provider64.dll that did not meet the Microsoft signing level requirements.
Date: 2020-11-16 18:10:26.7680000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender Antivirus Free\bdamsi\264917603565802704\antimalware_provider64.dll that did not meet the Microsoft signing level requirements.
Date: 2020-11-16 18:10:26.7540000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender Antivirus Free\bdamsi\264917603565802704\antimalware_provider64.dll that did not meet the Microsoft signing level requirements.
Date: 2020-11-16 18:10:26.7380000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender Antivirus Free\bdamsi\264917603565802704\antimalware_provider64.dll that did not meet the Microsoft signing level requirements.
Date: 2020-11-16 18:10:26.7200000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender Antivirus Free\bdamsi\264917603565802704\antimalware_provider64.dll that did not meet the Microsoft signing level requirements.
Date: 2020-11-16 18:10:26.7060000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender Antivirus Free\bdamsi\264917603565802704\antimalware_provider64.dll that did not meet the Microsoft signing level requirements.
Date: 2020-11-16 18:10:26.6910000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender Antivirus Free\bdamsi\264917603565802704\antimalware_provider64.dll that did not meet the Microsoft signing level requirements.
Date: 2020-11-16 18:10:26.6730000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender Antivirus Free\bdamsi\264917603565802704\antimalware_provider64.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: Award Software International, Inc. F9 10/13/2011
Motherboard: Gigabyte Technology Co., Ltd. GA-990XA-UD3
Processor: AMD FX(tm)-8150 Eight-Core Processor
Percentage of memory in use: 24%
Total physical RAM: 16365.24 MB
Available physical RAM: 12351.18 MB
Total Virtual: 16381.24 MB
Available Virtual: 11741.45 MB
==================== Drives ================================
Drive c: (Win10x64Boot) (Fixed) (Total:930.47 GB) (Free:756.22 GB) NTFS
Drive d: (VM_Data) (Fixed) (Total:465.76 GB) (Free:60.95 GB) NTFS
Drive h: (CYA-space) (Fixed) (Total:931.51 GB) (Free:477.97 GB) NTFS
Drive p: (Jumbo) (Fixed) (Total:1863.01 GB) (Free:1416.6 GB) NTFS
\\?\Volume{000615d0-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.54 GB) (Free:0.5 GB) NTFS
\\?\Volume{000615d0-0000-0000-0000-70c0e8000000}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 000615D0)
Partition 1: (Active) - (Size=549 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=930.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=516 MB) - (Type=27)
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: B7A69F3A)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 0EE9835D)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
==========================================================
Disk: 3 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 7BF62720)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
Ran by DonB (administrator) on DONB-WIN10 (Gigabyte Technology Co., Ltd. GA-990XA-UD3) (16-11-2020 18:45:20)
Running from C:\Users\DonB\Desktop
Loaded Profiles: DonB
Platform: Windows 10 Pro Version 2009 19042.630 (X64) Language: English (United States)
Default browser: "C:\Program Files\Waterfox Classic\waterfox.exe" -osint -url "%1"
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\DiscoverySrv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\bdagent.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\bdredline.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\vsserv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_983b03c2be43c272\Display.NvContainer\NVDisplay.Container.exe <2>
(O&O Software GmbH -> O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe
(O&O Software GmbH -> O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodcnt.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(VMware, Inc. -> ) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Waterfox Limited -> Waterfox) C:\Program Files\Waterfox Classic\waterfox.exe <4>
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [19570992 2020-09-02] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3618096 2020-09-02] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [vmware-tray.exe] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [125872 2019-05-04] (VMware, Inc. -> VMware, Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-719403391-2089901819-616789136-1001\...\Run: [SharewareOnSale Notifier] => C:\ProgramData\SharewareOnSale Notifier\SharewareOnSale Notifier.exe [1008816 2020-11-15] (Azadi Network LLC -> )
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\O&O Defrag Tray.lnk [2020-11-15]
ShortcutTarget: O&O Defrag Tray.lnk -> C:\Windows\Installer\{7C4D55AF-37B4-4D85-9106-CF473CEC9BE6}\app_icon.exe () [File not signed]
GroupPolicy: Restriction ? <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1B422D9C-2676-422A-8310-C89B282CF3FA} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [491320 2020-06-23] (Bitdefender SRL -> Bitdefender)
Task: {5B8E4790-7DA1-416C-9607-378F7DAF4EA4} - System32\Tasks\Uninstaller_SkipUac_DonB => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [6435088 2020-09-22] (IObit Information Technology -> IObit)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\..\Interfaces\{7593e03d-02a7-4e82-a12a-1e599533bdbf}: [DhcpNameServer] 192.168.2.1
Edge:
======
Edge DefaultProfile: Default
Edge Profile: C:\Users\DonB\AppData\Local\Microsoft\Edge\User Data\Default [2020-11-14]
FireFox:
========
FF DefaultProfile: f9adxtfi.default
FF DefaultProfile: yssi9i86.default
FF ProfilePath: C:\Users\DonB\AppData\Roaming\Waterfox\Profiles\kaq03n2p.68-edition-default [2020-04-11]
FF ProfilePath: C:\Users\DonB\AppData\Roaming\Waterfox\Profiles\f9adxtfi.default [2020-11-16]
FF DownloadDir: C:\Users\DonB\Downloads
FF Homepage: Waterfox\Profiles\f9adxtfi.default -> hxxps://www.whatfinger.com/
FF Notifications: Waterfox\Profiles\f9adxtfi.default -> hxxps://www.getmailbird.com; hxxp://www.msfn.org; hxxps://mspoweruser.com; hxxps://msfn.org; hxxps://www.moosoft.com; hxxps://licensekey.net; hxxps://luckyhour.auslogics.com; hxxp://support.immunet.com; hxxps://www.newsmax.com; hxxps://www.facebook.com
FF Extension: (PriceBlink Coupons and Price Comparison) - C:\Users\DonB\AppData\Roaming\Waterfox\Profiles\f9adxtfi.default\Extensions\info@priceblink.com.xpi [2020-11-06]
FF Extension: (Movie Suggest) - C:\Users\DonB\AppData\Roaming\Waterfox\Profiles\f9adxtfi.default\Extensions\movies-suggest@addon.xpi [2020-11-01] [UpdateUrl:hxxps://movies-suggest.com/update.json]
FF Extension: (uBlock Origin) - C:\Users\DonB\AppData\Roaming\Waterfox\Profiles\f9adxtfi.default\Extensions\uBlock0@raymondhill.net.xpi [2020-10-22]
FF Extension: (Country Flags & IP Whois) - C:\Users\DonB\AppData\Roaming\Waterfox\Profiles\f9adxtfi.default\Extensions\{802a552e-13d1-4683-a40a-1e5325fba4bb}.xpi [2020-09-11]
FF Extension: (Password Exporter) - C:\Users\DonB\AppData\Roaming\Waterfox\Profiles\f9adxtfi.default\Extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}.xpi [2017-12-04] [Legacy]
FF Extension: (Emsisoft Browser Security) - C:\Users\DonB\AppData\Roaming\Waterfox\Profiles\f9adxtfi.default\Extensions\{b21882eb-3211-44dc-964b-e6f35b33061f}.xpi [2019-01-06]
FF ProfilePath: C:\Users\DonB\AppData\Roaming\Binary Outcast\Interlink\Profiles\yssi9i86.default [2020-11-16]
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-30] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)
R2 bdredline; C:\Program Files\Bitdefender Antivirus Free\bdredline.exe [2500144 2019-03-27] (Bitdefender SRL -> Bitdefender)
S2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [158992 2020-07-31] (IObit Information Technology -> IObit)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7269976 2020-11-14] (Malwarebytes Inc -> Malwarebytes)
R2 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [1721632 2018-11-30] (O&O Software GmbH -> O&O Software GmbH)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1356792 2020-06-23] (Bitdefender SRL -> Bitdefender)
S4 PuranDefrag; C:\WINDOWS\SYSTEM32\PuranDefragS.exe [292736 2013-08-15] (Vishal Gupta -> Puran Software) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5101992 2020-11-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 updatesrv; C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe [242024 2020-03-17] (Bitdefender SRL -> Bitdefender)
R2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [15446448 2019-05-04] (VMware, Inc. -> )
R2 vsserv; C:\Program Files\Bitdefender Antivirus Free\vsserv.exe [582304 2020-10-01] (Bitdefender SRL -> Bitdefender)
R2 vsservppl; C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe [242024 2020-03-17] (Bitdefender SRL -> Bitdefender)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\NisSrv.exe [2372048 2020-10-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MsMpEng.exe [128376 2020-10-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_983b03c2be43c272\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_983b03c2be43c272\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 atc; C:\WINDOWS\System32\DRIVERS\atc.sys [2151624 2020-09-16] (Bitdefender SRL -> Bitdefender S.R.L. Bucharest, ROMANIA)
R2 BdDci; C:\WINDOWS\system32\DRIVERS\bddci.sys [796200 2020-05-26] (Bitdefender SRL -> Bitdefender)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [22960 2019-03-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Bitdefender)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 edrsensor; C:\WINDOWS\System32\DRIVERS\edrsensor.sys [309120 2020-02-03] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)
R1 Gemma; C:\WINDOWS\System32\DRIVERS\gemma.sys [473608 2020-09-14] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)
R3 IUFileFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUFileFilter.sys [43896 2020-07-31] (IObit Information Technology -> IObit)
R3 IUProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUProcessFilter.sys [37112 2020-07-31] (IObit Information Technology -> IObit)
R3 IURegistryFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IURegistryFilter.sys [51128 2020-07-31] (IObit Information Technology -> IObit)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-11-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-11-14] (Malwarebytes Inc -> Malwarebytes)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R2 trufos; C:\WINDOWS\System32\drivers\trufos.sys [640760 2020-06-09] (Bitdefender SRL -> Bitdefender)
R0 vlflt; C:\WINDOWS\System32\DRIVERS\vlflt.sys [385776 2020-07-07] (Bitdefender SRL -> Bitdefender)
R2 VMnetBridge; C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys [66576 2019-05-04] (VMware, Inc. -> VMware, Inc.)
R0 vsock; C:\WINDOWS\System32\DRIVERS\vsock.sys [92040 2019-04-27] (VMware, Inc. -> VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-x64.sys [52576 2018-02-28] (VMware, Inc. -> VMware, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2020-10-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [428264 2020-10-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [69864 2020-10-07] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-11-16 18:45 - 2020-11-16 18:47 - 000013272 _____ C:\Users\DonB\Desktop\FRST.txt
2020-11-16 18:45 - 2020-11-16 18:46 - 000000000 ____D C:\FRST
2020-11-16 18:44 - 2020-11-16 18:44 - 002294784 _____ (Farbar) C:\Users\DonB\Desktop\FRST64.exe
2020-11-16 18:09 - 2020-11-16 18:09 - 000000000 ____D C:\Users\DonB\AppData\Local\O&O
2020-11-15 21:46 - 2020-11-16 18:14 - 000000000 ____D C:\WINDOWS\system32\oodag
2020-11-15 21:46 - 2020-11-15 21:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\O&O Software
2020-11-15 21:46 - 2020-11-15 21:46 - 000000000 ____D C:\Program Files\OO Software
2020-11-15 21:44 - 2020-11-15 21:44 - 000000000 ____D C:\ProgramData\OO Software
2020-11-15 21:42 - 2020-11-15 21:43 - 029940888 _____ (O&O Software GmbH) C:\Users\DonB\Downloads\O&O Defrag 22 Pro.exe
2020-11-15 21:42 - 2020-11-15 21:42 - 002386848 _____ C:\Users\DonB\Downloads\SharewareOnSale_Giveaway_64-bit_OO_Defrag_22_Pro_hub.exe
2020-11-15 21:42 - 2020-11-15 21:42 - 000000000 ____D C:\ProgramData\SharewareOnSale Notifier
2020-11-14 22:21 - 2020-11-14 22:21 - 000000000 ____D C:\Users\DonB\AppData\Local\mbam
2020-11-14 22:20 - 2020-11-14 22:20 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-11-14 22:20 - 2020-11-14 22:20 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-11-14 22:20 - 2020-11-14 22:20 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-11-14 22:20 - 2020-11-14 22:20 - 000002083 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-11-14 22:20 - 2020-11-14 22:20 - 000002071 _____ C:\Users\Public\Desktop\Malware bytes.lnk
2020-11-14 22:20 - 2020-11-14 22:20 - 000002071 _____ C:\ProgramData\Desktop\Malware bytes.lnk
2020-11-14 22:20 - 2020-11-14 22:20 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-11-14 22:20 - 2020-11-14 22:20 - 000000000 ____D C:\Program Files\Malwarebytes
2020-11-14 22:19 - 2020-11-14 22:19 - 001965536 _____ (Malwarebytes) C:\Users\DonB\Downloads\MBSetup-80562.80562-consumer.exe
2020-11-14 22:10 - 2020-11-14 22:10 - 000000000 ____D C:\Users\DonB\Downloads\Victoria528
2020-11-14 21:35 - 2020-11-14 21:35 - 000000594 _____ C:\WINDOWS\system32\bddel.dat
2020-11-14 19:07 - 2020-11-14 19:07 - 000000000 ____D C:\ProgramData\Emsisoft
2020-11-14 18:46 - 2020-11-14 18:47 - 001473751 _____ C:\Users\DonB\Downloads\Victoria528.zip
2020-11-13 21:43 - 2020-11-13 21:43 - 000000000 ____D C:\ProgramData\Caphyon
2020-11-13 21:42 - 2020-11-13 21:42 - 000000000 ____D C:\Users\DonB\AppData\Roaming\SecurityXploded
2020-11-13 21:40 - 2020-11-13 21:40 - 000000000 ____D C:\Users\DonB\Downloads\SpyBHORemover
2020-11-13 21:36 - 2020-11-13 21:36 - 004526235 _____ C:\Users\DonB\Downloads\SpyBHORemover.zip
2020-11-12 22:04 - 2020-11-14 21:42 - 000000000 ____D C:\EEK
2020-11-12 21:36 - 2020-11-12 21:36 - 024265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-11-12 21:36 - 2020-11-12 21:36 - 008235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-11-12 21:36 - 2020-11-12 21:36 - 007107584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-11-12 21:36 - 2020-11-12 21:36 - 005833216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-11-12 21:36 - 2020-11-12 21:36 - 004783840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-11-12 21:36 - 2020-11-12 21:36 - 003869184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-11-12 21:36 - 2020-11-12 21:36 - 001352240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-11-12 21:36 - 2020-11-12 21:36 - 000787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Office2013CustomActions.dll
2020-11-12 21:36 - 2020-11-12 21:36 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-11-12 21:36 - 2020-11-12 21:36 - 000535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.Office2013CustomActions.dll
2020-11-12 21:36 - 2020-11-12 21:36 - 000441856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WalletService.dll
2020-11-12 21:36 - 2020-11-12 21:36 - 000423224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2020-11-12 21:36 - 2020-11-12 21:36 - 000413208 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2020-11-12 21:36 - 2020-11-12 21:36 - 000344000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2020-11-12 21:36 - 2020-11-12 21:36 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2020-11-12 21:36 - 2020-11-12 21:36 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2020-11-12 21:36 - 2020-11-12 21:36 - 000121344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-11-12 21:36 - 2020-11-12 21:36 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-11-12 21:36 - 2020-11-12 21:36 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdSSDP.dll
2020-11-12 21:36 - 2020-11-12 21:36 - 000071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-11-12 21:36 - 2020-11-12 21:36 - 000054784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 010840904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-11-12 21:35 - 2020-11-12 21:35 - 010336904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 008895680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 007783936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 004902400 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 004629328 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-11-12 21:35 - 2020-11-12 21:35 - 003893248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 003851776 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 003815936 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-11-12 21:35 - 2020-11-12 21:35 - 003811840 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 003779392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-11-12 21:35 - 2020-11-12 21:35 - 002942976 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-11-12 21:35 - 2020-11-12 21:35 - 002809776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 002749952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-11-12 21:35 - 2020-11-12 21:35 - 002648576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 002426168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 002268456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 002250240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 001827648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 001819640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 001751944 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 001711104 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 001590584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 001557816 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-11-12 21:35 - 2020-11-12 21:35 - 001523712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MoUsoCoreWorker.exe
2020-11-12 21:35 - 2020-11-12 21:35 - 001495040 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 001478464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2020-11-12 21:35 - 2020-11-12 21:35 - 001449984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 001414656 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-11-12 21:35 - 2020-11-12 21:35 - 001278464 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 001256448 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 001255736 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-11-12 21:35 - 2020-11-12 21:35 - 001210136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-11-12 21:35 - 2020-11-12 21:35 - 001192096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 001128520 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 001056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000980992 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000926720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000904008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-11-12 21:35 - 2020-11-12 21:35 - 000892416 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000885248 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000874496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000866304 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000860672 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000859400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000805168 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-11-12 21:35 - 2020-11-12 21:35 - 000802304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000763344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000732448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2020-11-12 21:35 - 2020-11-12 21:35 - 000713728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000700376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000628224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000616448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-11-12 21:35 - 2020-11-12 21:35 - 000568632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2020-11-12 21:35 - 2020-11-12 21:35 - 000567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000521088 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2020-11-12 21:35 - 2020-11-12 21:35 - 000520192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprdim.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000495104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000488056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000482120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2020-11-12 21:35 - 2020-11-12 21:35 - 000475136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000454968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-11-12 21:35 - 2020-11-12 21:35 - 000449024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2020-11-12 21:35 - 2020-11-12 21:35 - 000447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000429712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000410072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000409408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-11-12 21:35 - 2020-11-12 21:35 - 000403456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprdim.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000403456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2020-11-12 21:35 - 2020-11-12 21:35 - 000382712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000380728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2020-11-12 21:35 - 2020-11-12 21:35 - 000378880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysFxUI.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-11-12 21:35 - 2020-11-12 21:35 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000305472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2020-11-12 21:35 - 2020-11-12 21:35 - 000288680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiCloudStore.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000260920 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000253016 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000250176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2020-11-12 21:35 - 2020-11-12 21:35 - 000248320 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasplap.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2020-11-12 21:35 - 2020-11-12 21:35 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000228680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-11-12 21:35 - 2020-11-12 21:35 - 000218936 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000201536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-11-12 21:35 - 2020-11-12 21:35 - 000199680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasplap.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000195400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2020-11-12 21:35 - 2020-11-12 21:35 - 000195144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtm.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtm.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000158208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000153912 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupcl.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000133448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupcl.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000132744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdSSDP.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000104760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PktMon.sys
2020-11-12 21:35 - 2020-11-12 21:35 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\drmk.sys
2020-11-12 21:35 - 2020-11-12 21:35 - 000092960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2020-11-12 21:35 - 2020-11-12 21:35 - 000070968 _____ (Microsoft Corporation) C:\WINDOWS\system32\GameInput.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000061760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GameInput.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000042824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2020-11-12 21:35 - 2020-11-12 21:35 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys
2020-11-12 21:35 - 2020-11-12 21:35 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicPS.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000020280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
2020-11-12 21:35 - 2020-11-12 21:35 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000016136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\drmkaud.sys
2020-11-12 21:35 - 2020-11-12 21:35 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtprio.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000009265 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2020-11-12 21:35 - 2020-11-12 21:35 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtprio.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2020-11-12 21:35 - 2020-11-12 21:35 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2020-11-12 21:18 - 2020-10-14 22:22 - 000495616 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-11-12 21:18 - 2020-10-14 22:14 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-11-12 21:07 - 2020-11-12 21:07 - 029995729 _____ C:\Users\DonB\Downloads\VisualCppRedist_AIO_x86_x64_39.zip
2020-11-12 20:57 - 2020-11-12 20:57 - 000000000 ___HD C:\$WinREAgent
2020-11-10 17:55 - 2020-11-10 17:59 - 000000000 ____D C:\AdwCleaner
2020-11-08 21:59 - 2020-11-08 22:01 - 001784726 _____ (pendrivelinux.com) C:\Users\DonB\Downloads\Universal-USB-Installer-1.9.9.7.exe
2020-11-08 21:41 - 2020-11-08 21:41 - 015918528 _____ (Auslogics ) C:\Users\DonB\Downloads\disk-defrag-setup.exe
2020-11-08 21:24 - 2020-11-08 21:26 - 2013147659 _____ (The FlightGear Team ) C:\Users\DonB\Downloads\FlightGear-2020.3.2.exe
2020-11-08 21:08 - 2020-11-08 21:08 - 000083536 _____ C:\ProgramData\agent.update.1604887723.bdinstall.v2.bin
2020-11-08 20:57 - 2020-11-08 20:57 - 000001242 _____ C:\Users\DonB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bitdefender Antivirus Free.lnk
2020-11-08 20:57 - 2020-11-08 20:57 - 000000000 ____D C:\ProgramData\48C4687D-9760-4F5B-BAB3-60351B0841E4
2020-11-08 20:56 - 2020-11-08 20:56 - 000003802 _____ C:\WINDOWS\system32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2020-11-08 20:56 - 2019-03-20 23:12 - 000022960 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bdelam.sys
2020-11-08 20:55 - 2020-11-16 18:48 - 000000000 ____D C:\Program Files\Bitdefender Antivirus Free
2020-11-08 20:55 - 2020-11-08 20:55 - 000001257 _____ C:\Users\Public\Desktop\Bitdefender Antivirus Free.lnk
2020-11-08 20:55 - 2020-11-08 20:55 - 000001257 _____ C:\ProgramData\Desktop\Bitdefender Antivirus Free.lnk
2020-11-08 20:55 - 2020-11-08 20:55 - 000000000 ____D C:\ProgramData\Bitdefender
2020-11-08 20:55 - 2020-09-16 12:26 - 002151624 _____ (Bitdefender S.R.L. Bucharest, ROMANIA) C:\WINDOWS\system32\Drivers\atc.sys
2020-11-08 20:55 - 2020-09-14 13:26 - 000473608 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\WINDOWS\system32\Drivers\gemma.sys
2020-11-08 20:55 - 2020-07-07 10:14 - 000385776 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\vlflt.sys
2020-11-08 20:55 - 2020-06-09 16:13 - 000640760 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\trufos.sys
2020-11-08 20:55 - 2020-05-26 12:23 - 000796200 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bddci.sys
2020-11-08 20:55 - 2020-02-03 15:53 - 000309120 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\WINDOWS\system32\Drivers\edrsensor.sys
2020-11-08 20:54 - 2020-11-08 21:08 - 000000000 ____D C:\Program Files\Bitdefender Agent
2020-11-08 20:54 - 2020-11-08 20:54 - 000115360 _____ C:\ProgramData\agent.1604886865.bdinstall.v2.bin
2020-11-08 20:54 - 2020-11-08 20:54 - 000000000 ____D C:\ProgramData\Bitdefender Agent
2020-11-07 21:32 - 2020-11-16 18:07 - 000000000 ____D C:\ProgramData\NVIDIA
2020-11-07 20:56 - 2020-11-07 20:56 - 000000000 ____L C:\WINDOWS\system32\nvcplui.exe
2020-11-06 21:44 - 2020-10-27 22:53 - 001769688 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2020-11-06 21:44 - 2020-10-27 22:53 - 001769688 _____ C:\WINDOWS\system32\vulkaninfo.exe
2020-11-06 21:44 - 2020-10-27 22:53 - 001370328 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-11-06 21:44 - 2020-10-27 22:53 - 001370328 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2020-11-06 21:44 - 2020-10-27 22:53 - 001054944 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2020-11-06 21:44 - 2020-10-27 22:53 - 001054944 _____ C:\WINDOWS\system32\vulkan-1.dll
2020-11-06 21:44 - 2020-10-27 22:53 - 000917720 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2020-11-06 21:44 - 2020-10-27 22:53 - 000917720 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2020-11-06 21:44 - 2020-10-27 22:53 - 000456600 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2020-11-06 21:44 - 2020-10-27 22:53 - 000349936 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2020-11-06 21:44 - 2020-10-27 22:51 - 001026968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2020-11-06 21:44 - 2020-10-27 22:51 - 000674712 _____ C:\WINDOWS\system32\nvofapi64.dll
2020-11-06 21:44 - 2020-10-27 22:51 - 000543128 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2020-11-06 21:44 - 2020-10-27 22:50 - 002098072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2020-11-06 21:44 - 2020-10-27 22:50 - 001584368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2020-11-06 21:44 - 2020-10-27 22:50 - 001507224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2020-11-06 21:44 - 2020-10-27 22:50 - 001161112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2020-11-06 21:44 - 2020-10-27 22:50 - 000813464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2020-11-06 21:44 - 2020-10-27 22:50 - 000670616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2020-11-06 21:44 - 2020-10-27 22:50 - 000657304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2020-11-06 21:44 - 2020-10-27 22:50 - 000590576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2020-11-06 21:44 - 2020-10-27 22:50 - 000556440 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2020-11-06 21:44 - 2020-10-27 22:49 - 007707544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2020-11-06 21:44 - 2020-10-27 22:49 - 006858992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2020-11-06 21:44 - 2020-10-27 22:49 - 004174064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2020-11-06 21:44 - 2020-10-27 22:49 - 002509720 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2020-11-06 21:44 - 2020-10-27 22:49 - 000444656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2020-11-06 21:44 - 2020-10-27 22:48 - 005976984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2020-11-06 21:44 - 2020-10-27 22:48 - 000849648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2020-11-06 21:44 - 2020-10-22 15:19 - 000080930 _____ C:\WINDOWS\system32\nvinfo.pb
2020-11-06 20:56 - 2020-11-06 20:56 - 000198440 _____ C:\WINDOWS\ntbtlog.txt
2020-11-04 20:46 - 2020-11-04 20:46 - 000000000 ____D C:\Users\DonB\AppData\Local\Faraons
2020-11-03 20:37 - 2020-09-02 18:32 - 072520616 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2020-11-03 20:37 - 2020-09-02 18:32 - 007178376 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 007101648 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 006270096 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64AF3.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 005346904 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv211.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 003676976 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2020-11-03 20:37 - 2020-09-02 18:32 - 003375928 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 003159680 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 002930056 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 001971256 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 001965064 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64AF3.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 001787864 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 001598304 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 001516176 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 001353224 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 001159088 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOProp.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 000964912 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 000751208 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 000734680 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 000715552 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 000692072 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 000541008 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 000511552 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 000453184 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 000452640 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 000448512 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 000392776 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 000378288 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2API.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 000367520 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64AF3.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 000343616 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 000332920 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 000327176 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 000327176 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 000315872 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64F3.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 000278160 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 000261144 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 000261104 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 000260120 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 000231808 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 000230592 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 000220296 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 000218160 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 000174832 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 000157248 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 000139664 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 000122224 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 000116448 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 000093808 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 000090808 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 000090080 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 000088208 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll
2020-11-03 20:37 - 2020-09-02 18:32 - 000083512 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll
2020-11-03 20:37 - 2020-09-02 18:10 - 041758052 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2020-11-02 19:14 - 2020-11-02 19:15 - 000000000 ____D C:\Users\DonB\Documents\Take Ownership
2020-11-02 18:12 - 2020-11-02 18:29 - 000000000 ____D C:\Program Files\NTLite
2020-11-02 18:12 - 2020-11-02 18:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NTLite
2020-11-02 17:46 - 2020-11-02 17:50 - 000000000 ____D C:\Program Files\HWiNFO64
2020-11-02 17:46 - 2020-11-02 17:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64
2020-11-01 20:25 - 2020-11-01 20:25 - 000000000 ____D C:\WINDOWS\Tasks\ImCleanDisabled
2020-11-01 20:25 - 2019-09-12 09:59 - 000178960 _____ (IObit) C:\WINDOWS\system32\IObitSmartDefragExtension.dll
2020-11-01 20:25 - 2016-03-22 11:02 - 000036824 _____ (IObit) C:\WINDOWS\system32\SmartDefragBootTime.exe
2020-11-01 20:14 - 2020-11-01 20:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2020-11-01 20:14 - 2020-11-01 20:14 - 000000000 ____D C:\Program Files\7-Zip
2020-10-31 16:34 - 2020-10-31 16:34 - 026274304 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 023452160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 019870720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 018083840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 007621632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 006422016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 006001208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 004830720 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 004281856 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 004277248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 003157816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 002760704 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 002520056 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 002477384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 002384696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.AppAgent.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 002012672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 001683456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 001632056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.AppAgent.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 001272320 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe
2020-10-31 16:34 - 2020-10-31 16:34 - 001238528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 001117328 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 000947712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 000845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\system32\IESettingSync.exe
2020-10-31 16:34 - 2020-10-31 16:34 - 000534536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 000413696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 000286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloShellRuntime.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 000236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 000218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 000183296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\HoloShellRuntime.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 000153600 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdrsvc.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netid.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbnetlib.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 000117064 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 000109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbnetlib.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 000095048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2020-10-31 16:34 - 2020-10-31 16:34 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcXtrnal.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Office2010CustomActions.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.Office2010CustomActions.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 000021320 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2020-10-31 16:34 - 2020-10-31 16:34 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcXtrnal.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 008009872 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 007990232 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 007636448 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 006368392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 006231040 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 006196736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 005430992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 004752896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 004732928 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 004651032 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2020-10-31 16:33 - 2020-10-31 16:33 - 004069992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2020-10-31 16:33 - 2020-10-31 16:33 - 004008448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 003933696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 003821064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 003750400 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 003388928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 003305984 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 003089920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 003070464 _____ (Microsoft Corporation) C:\WINDOWS\system32\FluencyDS.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 002983736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-10-31 16:33 - 2020-10-31 16:33 - 002979840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 002850616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2020-10-31 16:33 - 2020-10-31 16:33 - 002607104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 002318848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 002048000 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShell.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 002024248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 001953792 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 001828352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 001715200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 001702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 001695728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 001664160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 001649664 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 001590784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 001516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 001515520 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 001481216 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 001391616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 001361920 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsf3gip.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 001315328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 001255424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 001245280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 001239040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_IME.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 001228800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 001097216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 001094656 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskbarcpl.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 001070392 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 001036288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 001025768 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 001017472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000988000 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000983408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2020-10-31 16:33 - 2020-10-31 16:33 - 000941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-10-31 16:33 - 2020-10-31 16:33 - 000928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000894776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2020-10-31 16:33 - 2020-10-31 16:33 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntimewindows.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000877056 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000873272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000867328 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000857088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000849920 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntime.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000828432 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000820552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2020-10-31 16:33 - 2020-10-31 16:33 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000803840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000783360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2020-10-31 16:33 - 2020-10-31 16:33 - 000781312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.ConversationalAgent.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000763392 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000756680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000754176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000716288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-10-31 16:33 - 2020-10-31 16:33 - 000712296 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2020-10-31 16:33 - 2020-10-31 16:33 - 000705008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000702464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000689024 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000677888 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-10-31 16:33 - 2020-10-31 16:33 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationFrame.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000659456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000648712 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000645632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\agentactivationruntimewindows.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000635840 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2020-10-31 16:33 - 2020-10-31 16:33 - 000628736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\agentactivationruntime.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_9.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2020-10-31 16:33 - 2020-10-31 16:33 - 000614912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.ConversationalAgent.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000603448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2020-10-31 16:33 - 2020-10-31 16:33 - 000598016 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_9.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000546968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChxAPDS.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000538952 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChxHAPDS.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000509792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2020-10-31 16:33 - 2020-10-31 16:33 - 000502584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-10-31 16:33 - 2020-10-31 16:33 - 000501760 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000493056 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreCommonProxyStub.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000489128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChtCangjieDS.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChtBopomofoDS.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChtHkStrokeDS.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChsStrokeDS.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000459264 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadauthhelper.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChtQuickDS.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000453632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\AarSvc.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000442168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SDDS.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000423224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DataModel.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-10-31 16:33 - 2020-10-31 16:33 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000384512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SpeechPrivacy.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000381440 _____ (Microsoft Corporation) C:\WINDOWS\system32\jpndecoder.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChxDecoder.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000376120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\chxinputrouter.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000361984 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedynos.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000343040 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-10-31 16:33 - 2020-10-31 16:33 - 000339456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AarSvc.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2020-10-31 16:33 - 2020-10-31 16:33 - 000320512 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000319488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MtfDecoder.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2020-10-31 16:33 - 2020-10-31 16:33 - 000303104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000298808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2020-10-31 16:33 - 2020-10-31 16:33 - 000297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\jpnranker.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2020-10-31 16:33 - 2020-10-31 16:33 - 000286720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedynos.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000272384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-10-31 16:33 - 2020-10-31 16:33 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000265728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000260800 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoncli.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\XamlTileRender.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreCommonProxyStub.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000229376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-10-31 16:33 - 2020-10-31 16:33 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netplwiz.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000218112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfp.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\diskpart.exe
2020-10-31 16:33 - 2020-10-31 16:33 - 000205312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000197632 _____ C:\WINDOWS\system32\IHDS.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_InkingTypingPrivacy.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000190048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logoncli.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\diskpart.exe
2020-10-31 16:33 - 2020-10-31 16:33 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\netid.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000180040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2020-10-31 16:33 - 2020-10-31 16:33 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\trie.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MTFFuzzyDS.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertPolEng.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\AdvancedEmojiDS.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.SharedPC.CredentialProvider.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaudite.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaudite.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000152576 _____ C:\WINDOWS\system32\EoAExperiences.exe
2020-10-31 16:33 - 2020-10-31 16:33 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_BrowserDeclutter.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000142336 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000137216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertPolEng.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinAUG.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\VocabRoamingHandler.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerApi.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSAssessment.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\chxranker.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2020-10-31 16:33 - 2020-10-31 16:33 - 000118600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\MTFSpellcheckDS.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\HashtagDS.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChtAdvancedDS.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MTFAppServiceDS.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\RuleBasedDS.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManagerApi.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000098120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
2020-10-31 16:33 - 2020-10-31 16:33 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardDlg.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\jpninputrouter.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\amsi.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncobjapi.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2020-10-31 16:33 - 2020-10-31 16:33 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msobjs.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\msobjs.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransliterationRanker.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmojiDS.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\amsi.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncobjapi.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardBi.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2020-10-31 16:33 - 2020-10-31 16:33 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\devauthe.sys
2020-10-31 16:33 - 2020-10-31 16:33 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2020-10-31 16:33 - 2020-10-31 16:33 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scfilter.sys
2020-10-31 16:33 - 2020-10-31 16:33 - 000039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\gmsaclient.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2020-10-31 16:33 - 2020-10-31 16:33 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gmsaclient.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys
2020-10-31 16:33 - 2020-10-31 16:33 - 000024792 _____ (Microsoft Corporation) C:\WINDOWS\system32\nsi.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregtask.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000020144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nsi.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsregtask.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsilog.dll
2020-10-31 16:33 - 2020-10-31 16:33 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\amsiproxy.dll
2020-10-29 20:38 - 2020-10-29 20:38 - 000000000 ____D C:\Users\DonB\Downloads\easeus_5f99eceb65ec9
2020-10-28 17:15 - 2020-10-28 17:15 - 000000336 ____R C:\Users\DonB\Downloads\PCTrans12 Lic..txt
2020-10-28 17:13 - 2020-10-28 17:13 - 001390142 _____ C:\Users\DonB\Downloads\easeus_be9f2c0be0a8cc058fd267c5195b28dc.zip
2020-10-28 17:03 - 2020-10-29 20:34 - 000000000 ____D C:\Program Files (x86)\EaseUS
2020-10-28 17:03 - 2020-10-28 17:03 - 000000000 ____D C:\ProgramData\SystemAcCrux
2020-10-28 16:24 - 2020-10-28 16:24 - 000001555 _____ C:\Users\DonB\Downloads\Reset_Notification_Area_Icons_Cache.bat
2020-10-27 20:25 - 2020-10-31 20:28 - 000000000 ____D C:\Program Files\Puran Defrag
2020-10-27 20:25 - 2020-10-27 20:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Puran Defrag
2020-10-27 20:25 - 2014-01-23 18:56 - 000287616 _____ (Puran Software) C:\WINDOWS\system32\PuranDC.exe
2020-10-27 20:25 - 2013-08-15 15:39 - 001367424 _____ (Puran Software) C:\WINDOWS\system32\PuranFD.exe
2020-10-27 20:25 - 2013-08-15 15:39 - 000292736 _____ (Puran Software) C:\WINDOWS\system32\PuranDefragS.exe
2020-10-27 20:25 - 2013-08-15 15:39 - 000256896 _____ (Puran Software) C:\WINDOWS\system32\PuranDefrag.dll
2020-10-27 20:25 - 2013-08-15 15:39 - 000132480 _____ (Puran Software) C:\WINDOWS\system32\PuranDefragBT.exe
2020-10-27 19:33 - 2020-10-27 19:33 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avira
2020-10-27 19:32 - 2020-10-27 19:35 - 000000000 ____D C:\Users\DonB\AppData\Local\Opera Software
2020-10-27 19:30 - 2020-10-27 19:30 - 000000000 ____D C:\Users\Public\Security Sessions
2020-10-27 19:29 - 2020-10-27 19:35 - 000000000 ____D C:\Users\DonB\AppData\Roaming\Opera Software
2020-10-27 19:28 - 2020-10-27 19:28 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_avusbflt_01011.Wdf
2020-10-27 19:26 - 2020-10-27 19:30 - 000000000 ____D C:\Users\DonB\AppData\Local\Avira
2020-10-27 19:25 - 2020-11-07 21:47 - 000000000 ____D C:\ProgramData\Avira
2020-10-26 20:18 - 2020-11-12 21:01 - 000000000 ____D C:\ProgramData\ProductData
2020-10-26 20:18 - 2020-11-08 20:53 - 000000000 ____D C:\Program Files (x86)\IObit
2020-10-26 20:18 - 2020-11-01 20:25 - 000000000 ____D C:\Users\DonB\AppData\LocalLow\IObit
2020-10-26 20:18 - 2020-10-26 20:18 - 000002940 _____ C:\WINDOWS\system32\Tasks\Uninstaller_SkipUac_DonB
2020-10-26 20:18 - 2020-10-26 20:18 - 000001474 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk
2020-10-26 20:18 - 2020-10-26 20:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2020-10-26 20:17 - 2020-11-10 17:59 - 000000000 ____D C:\Users\DonB\AppData\Roaming\IObit
2020-10-26 20:17 - 2020-11-10 17:59 - 000000000 ____D C:\ProgramData\IObit
2020-10-26 15:08 - 2020-10-29 19:46 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2020-10-26 15:04 - 2020-10-26 15:04 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2020-10-26 15:02 - 2020-10-01 02:14 - 000222112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2020-10-26 15:02 - 2020-10-01 02:14 - 000038632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2020-10-26 15:01 - 2020-10-27 22:48 - 007005176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2020-10-26 15:01 - 2020-10-01 18:44 - 005519600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2020-10-26 14:44 - 2020-11-06 20:56 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2020-10-26 14:42 - 2020-11-06 20:47 - 000000000 ____D C:\WINDOWS\pss
2020-10-23 00:51 - 2020-10-23 00:54 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2020-10-23 00:49 - 2020-10-23 00:49 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2020-10-23 00:36 - 2020-10-23 00:36 - 000000000 ____D C:\Program Files\Reference Assemblies
2020-10-23 00:36 - 2020-10-23 00:36 - 000000000 ____D C:\Program Files\MSBuild
2020-10-23 00:36 - 2020-10-23 00:36 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2020-10-23 00:36 - 2020-10-23 00:36 - 000000000 ____D C:\Program Files (x86)\MSBuild
2020-10-23 00:36 - 2019-12-03 17:04 - 000781384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2020-10-23 00:36 - 2019-12-03 17:04 - 000105544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2020-10-23 00:36 - 2019-12-03 17:04 - 000037864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2020-10-23 00:36 - 2019-11-08 17:44 - 001168968 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2020-10-23 00:36 - 2019-11-08 17:44 - 000127056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2020-10-23 00:36 - 2019-11-08 17:44 - 000038072 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2020-10-22 21:22 - 2020-10-22 21:22 - 000000020 ___SH C:\Users\DonB\ntuser.ini
2020-10-22 21:20 - 2020-10-28 16:15 - 000003364 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-719403391-2089901819-616789136-1001
2020-10-22 21:20 - 2020-10-22 21:20 - 000002850 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-719403391-2089901819-616789136-500
2020-10-22 21:19 - 2020-10-22 21:19 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2020-10-22 21:19 - 2020-10-22 21:19 - 000007623 _____ C:\WINDOWS\diagerr.xml
2020-10-22 21:11 - 2020-11-16 18:14 - 000844810 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-10-22 21:00 - 2020-10-28 16:15 - 000002412 _____ C:\Users\DonB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-10-22 21:00 - 2020-10-22 21:22 - 000000000 ____D C:\Users\DonB
2020-10-22 19:20 - 2020-10-22 19:20 - 040622244 _____ C:\Users\DonB\Downloads\tweaking.com_windows_repair_aio.zip
2020-10-22 19:19 - 2020-10-28 17:45 - 000000000 ___DC C:\WINDOWS\Panther
2020-10-22 19:18 - 2020-10-22 19:18 - 040923584 _____ (Tweaking.com) C:\Users\DonB\Downloads\tweaking.com_windows_repair_aio_setup.exe
2020-10-17 15:33 - 2020-10-17 15:36 - 000000000 ____D C:\Users\DonB\AppData\Local\Binary Outcast
2020-10-17 15:33 - 2020-10-17 15:33 - 000000000 ____D C:\Users\DonB\AppData\Roaming\Binary Outcast
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-11-16 18:14 - 2020-04-11 16:51 - 000000000 ____D C:\Program Files\Waterfox Classic
2020-11-16 18:14 - 2019-12-07 04:13 - 000000000 ____D C:\WINDOWS\INF
2020-11-16 18:09 - 2019-12-07 04:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-11-16 18:09 - 2019-09-08 11:16 - 000000000 ____D C:\Users\DonB\AppData\LocalLow\Mozilla
2020-11-16 18:07 - 2020-09-27 09:34 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-11-16 18:07 - 2020-07-18 14:43 - 000008192 ___SH C:\DumpStack.log.tmp
2020-11-16 18:07 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\ServiceState
2020-11-16 18:07 - 2019-09-07 18:58 - 000000000 ____D C:\ProgramData\VMware
2020-11-15 22:07 - 2019-12-07 04:03 - 000262144 _____ C:\WINDOWS\system32\config\BBI
2020-11-15 21:50 - 2019-09-21 19:18 - 000000000 ____D C:\Users\DonB\AppData\Local\CrashDumps
2020-11-14 22:32 - 2020-05-26 16:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Pitstop
2020-11-14 22:20 - 2019-12-07 04:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-11-14 21:26 - 2019-12-07 04:14 - 000000000 ___HD C:\Program Files\WindowsApps
2020-11-14 21:26 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-11-14 18:26 - 2020-09-27 09:36 - 000002488 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-11-14 18:26 - 2020-09-27 09:36 - 000002326 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-11-14 18:26 - 2020-09-27 09:36 - 000002326 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2020-11-12 22:03 - 2019-09-08 06:16 - 000000000 ____D C:\Users\DonB\AppData\Roaming\VMware
2020-11-12 22:03 - 2019-09-08 06:16 - 000000000 ____D C:\Users\DonB\AppData\Local\VMware
2020-11-12 21:50 - 2020-09-27 09:33 - 000257904 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-11-12 21:50 - 2020-04-03 16:57 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
2020-11-12 21:48 - 2019-12-07 04:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2020-11-12 21:48 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2020-11-12 21:48 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SystemResources
2020-11-12 21:48 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\setup
2020-11-12 21:48 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-11-12 21:48 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-11-12 21:48 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-11-12 21:39 - 2019-12-07 04:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-11-12 21:35 - 2020-09-27 09:36 - 002876928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2020-11-12 21:17 - 2019-09-08 06:14 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-11-12 21:11 - 2019-09-08 06:13 - 133736600 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-11-10 18:50 - 2019-09-07 18:36 - 000000000 ____D C:\Users\DonB\AppData\Local\VirtualStore
2020-11-10 17:59 - 2020-05-26 15:39 - 000000000 ____D C:\ProgramData\BSD
2020-11-08 21:05 - 2019-09-08 12:08 - 000000000 ____D C:\Users\DonB\Documents\Text Docs
2020-11-07 21:46 - 2019-09-07 18:57 - 000000000 ____D C:\ProgramData\Package Cache
2020-11-06 21:05 - 2019-09-07 18:37 - 000000000 ____D C:\Users\DonB\AppData\Local\PlaceholderTileLogoFolder
2020-11-06 21:05 - 2019-09-07 18:36 - 000000000 ____D C:\Users\DonB\AppData\Local\Packages
2020-11-04 21:06 - 2020-06-07 16:32 - 000000000 ____D C:\Users\DonB\AppData\Roaming\foobar2000
2020-11-04 21:05 - 2020-06-07 16:34 - 000001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\foobar2000.lnk
2020-11-04 21:05 - 2020-06-07 16:34 - 000000000 ____D C:\Program Files (x86)\foobar2000
2020-11-04 19:50 - 2020-09-27 09:36 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-11-04 19:50 - 2020-09-27 09:36 - 000003356 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-11-03 20:42 - 2019-09-17 17:07 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2020-11-03 20:42 - 2019-09-17 17:00 - 000000000 ____D C:\WINDOWS\system32\DAX2
2020-10-31 20:29 - 2020-08-30 19:33 - 003736832 _____ (KC Softwares ) C:\Users\DonB\Downloads\dumo_lite.exe
2020-10-31 16:40 - 2019-12-07 04:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-10-31 16:40 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2020-10-31 16:40 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-10-31 16:40 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2020-10-31 16:39 - 2019-12-07 04:03 - 000000000 ____D C:\WINDOWS\servicing
2020-10-30 17:33 - 2020-09-27 09:33 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-10-29 18:09 - 2020-08-17 18:35 - 000000000 ____D C:\Users\DonB\AppData\Roaming\KC Softwares
2020-10-29 18:08 - 2020-08-17 18:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KC Softwares
2020-10-29 18:08 - 2020-05-02 18:39 - 000000000 ____D C:\Program Files (x86)\KC Softwares
2020-10-29 17:58 - 2019-10-16 17:59 - 000001288 _____ C:\Users\Public\Desktop\VMware Workstation Pro.lnk
2020-10-29 17:58 - 2019-10-16 17:59 - 000001288 _____ C:\ProgramData\Desktop\VMware Workstation Pro.lnk
2020-10-28 17:45 - 2020-09-19 16:16 - 000000000 ____D C:\ESD
2020-10-28 16:50 - 2020-10-08 20:37 - 000000000 ____D C:\Program Files\Interlink
2020-10-28 16:15 - 2019-09-07 18:38 - 000000000 ___RD C:\Users\DonB\OneDrive
2020-10-27 19:51 - 2020-08-30 19:10 - 000000552 __RSH C:\ProgramData\ntuser.pol
2020-10-26 14:49 - 2019-09-07 18:33 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2020-10-26 14:49 - 2019-09-07 18:33 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2020-10-23 18:57 - 2020-09-27 09:38 - 000000000 ____D C:\ProgramData\Packages
2020-10-23 18:25 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2020-10-23 18:23 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\appcompat
2020-10-23 00:54 - 2020-09-27 09:34 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-10-23 00:54 - 2020-06-11 18:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hekasoft Backup & Restore
2020-10-23 00:54 - 2020-05-28 15:29 - 000000000 ____D C:\Program Files\UNP
2020-10-23 00:54 - 2020-04-03 16:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2020-10-23 00:54 - 2019-12-07 04:14 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2020-10-23 00:54 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-10-23 00:54 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2020-10-23 00:54 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2020-10-23 00:54 - 2019-12-07 04:14 - 000000000 ____D C:\ProgramData\USOPrivate
2020-10-23 00:54 - 2019-10-16 17:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
2020-10-23 00:54 - 2018-04-11 18:38 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2020-10-23 00:54 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2020-10-23 00:53 - 2019-12-07 04:14 - 000000000 __RHD C:\Users\Public\Libraries
2020-10-23 00:52 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\Resources
2020-10-23 00:52 - 2019-10-17 08:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital Corporation
2020-10-23 00:52 - 2019-09-17 17:07 - 000000000 ____D C:\Program Files\Realtek
2020-10-23 00:42 - 2019-12-07 04:18 - 000000000 ____D C:\WINDOWS\Setup
2020-10-22 21:23 - 2020-09-27 09:38 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-10-22 21:23 - 2019-09-07 18:36 - 000000000 ___RD C:\Users\DonB\3D Objects
2020-10-22 21:20 - 2019-12-07 04:14 - 000000000 ____D C:\Program Files\Windows Defender
2020-10-22 21:09 - 2019-12-07 04:14 - 000000000 __RSD C:\WINDOWS\Media
2020-10-22 21:03 - 2019-12-07 04:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2020-10-22 21:02 - 2020-10-16 16:37 - 000000000 ____D C:\Users\DonB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2020-10-22 20:03 - 2020-06-11 18:35 - 000000000 ____D C:\Program Files\Hekasoft Backup & Restore
2020-10-22 19:18 - 2019-09-07 19:08 - 000000036 _____ C:\WINDOWS\progress.ini
2020-10-22 16:15 - 2019-09-08 06:11 - 000795000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2020-10-20 11:34 - 2020-08-19 04:32 - 001171552 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys
==================== FCheck ================================
(If an entry is included in the fixlist, the file/folder will be moved.)
FCheck: C:\WINDOWS\system32\nvcplui.exe [2020-11-07] <==== ATTENTION (zero byte File/Folder)
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-16-2020
Ran by DonB (16-11-2020 18:49:08)
Running from C:\Users\DonB\Desktop
Windows 10 Pro Version 2009 19042.630 (X64) (2020-10-23 02:22:20)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-719403391-2089901819-616789136-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-719403391-2089901819-616789136-503 - Limited - Disabled)
DonB (S-1-5-21-719403391-2089901819-616789136-1001 - Administrator - Enabled) => C:\Users\DonB
Guest (S-1-5-21-719403391-2089901819-616789136-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-719403391-2089901819-616789136-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Bitdefender Antivirus Free Antimalware (Enabled - Up to date) {EA21BCE8-A461-99C3-3A0D-4C964E75494E}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 19.00 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1900-000001000000}) (Version: 19.00.00.0 - Igor Pavlov)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 24.0.1.169 - Bitdefender)
Bitdefender Antivirus Free (HKLM\...\{1FCCF41D-5F00-4FE2-9653-162D0486C8B4}) (Version: 1.0.17.209 - Bitdefender)
Data Lifeguard Diagnostic version 1.36 (HKLM-x32\...\{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1) (Version: - Western Digital Corporation)
foobar2000 v1.6.2 (HKLM-x32\...\foobar2000) (Version: 1.6.2 - Peter Pawlowski)
Hekasoft Backup & Restore 0.94 (HKLM\...\{PBR27112011-M1447-7KS6-C3E2-1X8374W715U4}_is1) (Version: 0.94 - Hekasoft)
HWiNFO64 Version 6.32 (HKLM\...\HWiNFO64_is1) (Version: 6.32 - Martin Malik - REALiX)
Interlink 52.9.7606 (x64 en-US) (HKLM\...\Interlink 52.9.7606 (x64 en-US)) (Version: 52.9.7606 - Binary Outcast)
IObit Uninstaller 10 (HKLM-x32\...\IObitUninstall) (Version: 10.0.2.23 - IObit)
KC Softwares DUMo (HKLM-x32\...\KC Softwares DUMo_is1) (Version: 2.23.0.107 - KC Softwares)
KC Softwares SUMo (HKLM-x32\...\KC Softwares SUMo_is1) (Version: 5.11.5.464 - KC Softwares)
Malwarebytes version 4.2.3.96 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.2.3.96 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 86.0.622.69 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.137.99 - )
Microsoft OneDrive (HKU\S-1-5-21-719403391-2089901819-616789136-1001\...\OneDriveSetup.exe) (Version: 20.169.0823.0008 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.20.27508 (HKLM-x32\...\{7b178cda-9740-4701-a92a-f168d213b343}) (Version: 14.20.27508.1 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.20.27508 (HKLM-x32\...\{8c3f057e-d6a6-4338-ac6a-f1c795a6577b}) (Version: 14.20.27508.1 - Microsoft Corporation)
NTLite v1.8.0.7180 (HKLM\...\NTLite_is1) (Version: 1.8.0.7180 - Nlitesoft)
NVIDIA Graphics Driver 457.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 457.09 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.35 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
O&O Defrag Professional (HKLM\...\{7C4D55AF-37B4-4D85-9106-CF473CEC9BE6}) (Version: 22.1.2521 - O&O Software GmbH)
Puran Defrag 7.7.1 (HKLM\...\Puran Defrag_is1) (Version: - Puran Software)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.34.617.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9018.1 - Realtek Semiconductor Corp.)
SharewareOnSale Notifier (HKU\S-1-5-21-719403391-2089901819-616789136-1001\...\SharewareOnSale Notifier) (Version: 20 - SharewareOnSale)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 8.0.1052 - SUPERAntiSpyware.com)
Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 3.5.3 - Tweaking.com)
VMware Workstation (HKLM\...\{2B5DAA91-E0C9-4307-90B7-5688E910C894}) (Version: 15.1.0 - VMware, Inc.)
Waterfox Classic 56.3 (x64 en-US) (HKLM\...\Waterfox Classic 56.3 (x64 en-US)) (Version: 56.3 - Waterfox Ltd)
Packages:
=========
3D Boat Race -> C:\Program Files\WindowsApps\ATrillionGamesLtd.3DBoatRace_2.13.0.0_neutral__2cw2yhd8jafk0 [2019-10-06] (A Trillion Games Ltd)
3rd Floor Word Search -> C:\Program Files\WindowsApps\3rdFloorGames.3rdFloorWordSearch_1.6.0.16_neutral__6s8xxjhexmxkj [2019-10-06] (3rd Floor Games) [MS Ad]
8 Ball Pool Master 3D -> C:\Program Files\WindowsApps\AbsoLogixTechnologiesLimi.8BallPoolMaster3D_1.1.0.0_x86__bqy72ee6esnst [2019-10-06] (AbsoLogix Technologies Limited) [MS Ad]
AirHockey -> C:\Program Files\WindowsApps\35328Axadiw.AirHockey_3.0.0.8_x64__q0ek1vwtayzv0 [2019-10-06] (Michał Mizera) [MS Ad]
Archery!? -> C:\Program Files\WindowsApps\59091GameDesignStudio.151436C2BC703_1.0.0.1_neutral__hke3ffja2n6hy [2019-10-06] (Game Design Studio) [MS Ad]
Asphalt 8: Airborne -> C:\Program Files\WindowsApps\GAMELOFTSA.Asphalt8Airborne_5.4.0.14_x86__0pp20fcewvvtj [2020-10-31] (GAMELOFT SA)
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-08] (Autodesk Inc.)
Backgammon Pro -> C:\Program Files\WindowsApps\32988BernardoZamora.BackgammonPro_2.20.13.0_x64__1fgex2kbsn6g8 [2020-11-14] (Bernardo Zamora)
Billiards Pro -> C:\Program Files\WindowsApps\25730BumbleBeeInteractive.BilliardsPro_3.0.4.10_neutral__zkcgnbxb2zbe2 [2019-10-06] (Bumble Bee Interactive) [MS Ad]
Blackjack Master 3 -> C:\Program Files\WindowsApps\27345RickyWalker.BlackjackMaster3_4.0.4.0_x64__86btqqq57pmzr [2020-09-12] (Ricky Walker)
Blocked In -> C:\Program Files\WindowsApps\45641SourGreenPlums.BlockedIn_1.9.0.0_x64__azstdzfk4mfqj [2019-10-06] (Sour Green Plums) [MS Ad]
BrainGames -> C:\Program Files\WindowsApps\11737mpcreation.BrainGames_1.0.0.4_neutral__a5jtxryte0wc6 [2019-10-06] (mpcreation)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_6.13.6.0_x86__kgqvnymyfvs32 [2020-10-03] (king.com)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.45.4.0_x86__kgqvnymyfvs32 [2020-10-23] (king.com)
Candy Crush Jelly Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushJellySaga_2.53.9.0_x86__kgqvnymyfvs32 [2020-11-14] (king.com)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1890.2.0_x86__kgqvnymyfvs32 [2020-11-05] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.181.400.0_x86__kgqvnymyfvs32 [2020-11-14] (king.com)
Car Racing Adventure -> C:\Program Files\WindowsApps\AbsoLogixTechnologiesLimi.CarRacingAdventure-FPS_1.0.0.2_x86__bqy72ee6esnst [2019-10-06] (AbsoLogix Technologies Limited)
Card Games Chest -> C:\Program Files\WindowsApps\43248SummitDataCorp.CardGamesChest_10.5.5.0_x64__hmd3687kaknfw [2019-10-06] (Summit Data Corp) [MS Ad]
Checkers Deluxe -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.CheckersDeluxe_3.1.10.0_x64__kx24dqmazqk8j [2019-10-06] (Random Salad Games LLC) [MS Ad]
Church Organ -> C:\Program Files\WindowsApps\60708Glauco.ChurchOrgan_3.9.0.0_x64__7fjyrzpehcxhr [2019-10-06] (Glauco)
Complete Anatomy -> C:\Program Files\WindowsApps\3D4Medical.comLLC.CompleteAnatomy_6.3.0.0_x86__jp2a6tdsptebg [2020-10-22] (3D4Medical)
Cribbage Free -> C:\Program Files\WindowsApps\TrivialTechnology.CribbageFree_1.1.0.3_neutral__0ynvawc60ma20 [2019-10-06] (Trivial Technology)
Cut The Rope -> C:\Program Files\WindowsApps\ZeptoLabUKLimited.CutTheRope_1.2.0.43_x86__sq9zxnwrk84pj [2019-10-06] (ZeptoLab UK Limited)
Daily Workouts -> C:\Program Files\WindowsApps\DailyWorkoutAppsLLC.DailyWorkouts_1.1.0.81_neutral__veekfymw5c31t [2019-10-06] (Daily Workout Apps LLC)
Darts for Win8 -> C:\Program Files\WindowsApps\3501minigame365.DartsforWin8_1.0.0.4_x86__vcm56s8rs9jnt [2019-10-06] (minigame365)
Dominoes -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.Dominoes_4.1.16.0_x64__kx24dqmazqk8j [2020-05-13] (Random Salad Games LLC)
Dream League Soccer Football 3D -> C:\Program Files\WindowsApps\40976InstantBestGames.DreamLeagueSoccerFootball3D_9.7.0.0_x64__4gkhj8etzdkr2 [2020-09-13] (Instant Best Games) [MS Ad]
Earth from Above PREMIUM -> C:\Program Files\WindowsApps\Microsoft.EarthfromAbovePREMIUM_1.0.0.0_neutral__8wekyb3d8bbwe [2020-04-19] (Microsoft Corporation)
English Grammar Quiz -> C:\Program Files\WindowsApps\36660Plupp.EnglishGrammarQuiz_2.1.0.3_neutral__znsjg73n5jnh8 [2019-10-06] (Plupp)
Fishing Challenge! -> C:\Program Files\WindowsApps\26002GordianGames.FishingChallenge_1.0.0.1_neutral__be5189awrw43t [2019-10-06] (GordianGames)
Forest Smash -> C:\Program Files\WindowsApps\40224HexGames.ForestSmash_1.1.0.6_x64__0fm5bb4npcj2y [2019-10-06] (Hex Games) [MS Ad]
Free Books- 23,469 classics to go. -> C:\Program Files\WindowsApps\Spreadsong.4050D878_3.0.0.0_x64__9srdm8za4r460 [2019-10-06] (App Force One LLC)
FreeCell HD -> C:\Program Files\WindowsApps\32988BernardoZamora.Dummy2_1.21.57.0_x64__1fgex2kbsn6g8 [2020-07-29] (Bernardo Zamora) [MS Ad]
Fun Math FlashCards -> C:\Program Files\WindowsApps\AvarinSystemsInc.FunMathFlashCards_1.0.0.1_neutral__nn39ygkswkqn8 [2019-10-06] (Avarin Systems Inc)
General Knowledge Quiz -> C:\Program Files\WindowsApps\Ingenify.IngenifyTriviaQuiz_1.1.0.10_x64__ttw4g35v4x5tm [2019-10-06] (Martin Freitag)
Gin Rummy Pro -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.GinRummyPro_2.1.1.19_x64__kx24dqmazqk8j [2019-10-06] (Random Salad Games LLC) [MS Ad]
Hangman Pro -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.HangmanPro_2.0.0.18_x64__kx24dqmazqk8j [2019-10-06] (Random Salad Games LLC) [MS Ad]
HeavenWord Bible Study Toolbox -> C:\Program Files\WindowsApps\7BCBF0C9.HeavenWordBibleStudyToolbox_1.0.0.37_neutral__1ndvwgy7fd77t [2019-10-06] (HeavenWord, Inc.)
Hive Mind -> C:\Program Files\WindowsApps\ElectricScribbleLLC.HiveMind_1.0.0.75_neutral__g1d921m2atfvm [2019-10-06] (Electric Scribble LLC) [MS Ad]
Instant Anatomy Free -> C:\Program Files\WindowsApps\2180InstantAnatomy.InstantAnatomyFree_1.1.0.10_neutral__qvsjy2dtkfy9p [2019-10-06] (Instant Anatomy)
Jewel Fever -> C:\Program Files\WindowsApps\SprakelsoftUG.JewelFever_1.1.20.0_x64__ge3twpst8dtre [2020-10-13] (Sprakelsoft GmbH) [MS Ad]
Jewel³ -> C:\Program Files\WindowsApps\33047StormtekGames.Jewel_1.2.8.0_x64__2f2q84ddd4hgc [2020-04-30] (Stormtek Games)
Jigsaw Puzzles HD -> C:\Program Files\WindowsApps\60AC5286.JigsawPuzzlesHD_1.5.16.0_x64__ynqp2pc461sw0 [2019-10-06] (Enless Soft Ltd.) [MS Ad]
Knave Blackjack -> C:\Program Files\WindowsApps\52620JasonFollas.Knave21_1.1.3.2_neutral__apdeh372bg2wt [2019-10-06] (Jason Follas) [MS Ad]
Lucky Lanes Bowling -> C:\Program Files\WindowsApps\6F528AC0.LuckyLanesBowling_1.2.0.0_x86__wxrry56177qy2 [2019-10-06] (babaroga, llc.)
Mahjong Deluxe Free -> C:\Program Files\WindowsApps\664D3057.MahjongDeluxeFree_7.6.2.0_x86__wwtpmf9bcrwqj [2020-11-04] (EnsenaSoft S.A. de C.V.)
marblie: marbles reinvented! -> C:\Program Files\WindowsApps\8116MRG.marblie_1.5.2.7_neutral__qd3mcfaa81k8y [2019-10-06] (MRG)
Mega Poker Texas Holdem -> C:\Program Files\WindowsApps\6DFD4FD1.MegaPoker_1.2.3.12_neutral__9tr9adm8gg09m [2019-10-06] (Combay Inc.)
Memory Matches -> C:\Program Files\WindowsApps\IDCProjects.MemoryMatches_1.0.0.22_x64__yqxg8m436zy7j [2019-10-06] (IDC Projects)
Microsoft Advertising SDK for JavaScript -> C:\Program Files\WindowsApps\Microsoft.Advertising.JavaScript_10.1805.2.0_x64__8wekyb3d8bbwe [2019-10-06] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for JavaScript -> C:\Program Files\WindowsApps\Microsoft.Advertising.JavaScript_10.1805.2.0_x86__8wekyb3d8bbwe [2019-10-06] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-09-07] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-09-07] (Microsoft Corporation) [MS Ad]
Microsoft Jackpot -> C:\Program Files\WindowsApps\Microsoft.MicrosoftJackpot_1.9.1110.0_x86__8wekyb3d8bbwe [2019-10-06] (Microsoft Studios) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-10-22] (Microsoft Studios) [MS Ad]
Music Keyboard -> C:\Program Files\WindowsApps\39329SoundDesigner.MusicKeyboard_5.0.16.0_x64__24rsprxr004q6 [2020-10-17] (SoundDesigner) [MS Ad]
Music Quiz Game -> C:\Program Files\WindowsApps\47973borneomobile.MusicQuizGame_1.1.0.5_x86__hjdz3r29yebja [2019-10-06] (borneo mobile) [MS Ad]
mysms - Text from Computer, Messaging -> C:\Program Files\WindowsApps\UptoElevenDigitalSolution.mysms-Textanywhere_3.2.0.0_x64__c9d6r4qvva5x8 [2019-10-06] (Up to Eleven Digital Solutions GmbH)
Nine Men Morris -> C:\Program Files\WindowsApps\19363BlueskyStudio.NineMenMorris_1.0.0.2_neutral__ad90gx91p0mxj [2019-10-06] (Bluesky Studio) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.958.0_x64__56jybvy8sckqj [2020-10-26] (NVIDIA Corp.)
Offroad Racing -> C:\Program Files\WindowsApps\2724ZoltnGubics.OffroadRacing_1.1.8.0_x64__d5xggy273m32g [2019-10-06] (Zoltán Gubics)
PacPac -> C:\Program Files\WindowsApps\53543Nocodesoft.47065DEBBFD13_10.10.64.0_x64__z140ett1a786e [2020-11-14] (Nocodesoft) [MS Ad]
PDF Viewer Plus -> C:\Program Files\WindowsApps\29124GSnathan.PDFViewerPlus_1.2.9.0_x64__99e2r9s0h589p [2019-09-22] (GSnathan)
Pegs HD Free -> C:\Program Files\WindowsApps\ExpressiveAppsLLC.PegsHDFree_1.1.0.0_neutral__4wnhq1mjxr2se [2019-10-06] (Expressive Apps, LLC)
Perfect Workout -> C:\Program Files\WindowsApps\10301PerfectThumb.PerfectWorkout_1.2.8.0_x64__n9t97vrmwej7m [2019-10-06] (Perfect Thumb)
Piano 3D -> C:\Program Files\WindowsApps\57475MobileKingdom.Piano3D_3.1.0.1_x86__7hyyndwxma3vt [2019-10-06] (Mobile Kingdom)
Planner 5D - Home & Interior Design -> C:\Program Files\WindowsApps\UABPlanner5D.Planner5D-HomeInteriorDesign_1.8.102.0_x64__ab7xzjg59kkje [2020-09-22] (UAB Planner5D)
PopStar! -> C:\Program Files\WindowsApps\RuiLueSoftware.5333EC7C5889_1.3.81.0_neutral__kxcx7nefnns9a [2019-10-06] (杭州睿略软件科技有限公司)
PopStar.free -> C:\Program Files\WindowsApps\45515SkyLineGames.PopStar.free_1.2.3.0_x64__zrw4chdf0m07a [2019-10-06] (SkyLine Gamez) [MS Ad]
Q-Game (Free) -> C:\Program Files\WindowsApps\470AlexeiGarbuzenko.Q-GameFree_1.0.1.11_neutral__gd2qghq4jdjcm [2019-10-06] (Alexei Garbuzenko)
Quick and Easy German Lessons -> C:\Program Files\WindowsApps\18658Zeemish.QuickandEasyGermanLessons_2.0.0.0_x64__krx3ymyjn7t6t [2019-10-06] (Zeemish) [MS Ad]
QuizUp -> C:\Program Files\WindowsApps\QuizUp.QuizUp_2015.1215.824.3_x86__n36z36qeaxk8a [2019-10-06] (Plain Vanilla Corp.)
Real Skee Ball -> C:\Program Files\WindowsApps\36528JOLTATECHNOLOGIES.RealSkeeBall_1.1.0.0_x86__kmkhcnz4kzjnw [2019-10-06] (JOLTA TECHNOLOGIES)
Rock Guitar! -> C:\Program Files\WindowsApps\7600Davilovick.RockGuitar_2.1.1.26_x64__jpyg02rqsdbsj [2019-10-06] (Davilovick)
Roulette Mania -> C:\Program Files\WindowsApps\25312MindsEdge.RouletteMania_1.0.0.3_x64__pe8ys0kc9pn6c [2019-10-06] (MindsEdge)
Skill Game -> C:\Program Files\WindowsApps\32988BernardoZamora.SkillGame_1.3.22.4_x64__1fgex2kbsn6g8 [2019-10-06] (Bernardo Zamora)
Sling TV -> C:\Program Files\WindowsApps\SlingTVLLC.SlingTV_7.0.8.0_x86__vgszm6stshdqy [2020-09-13] (Sling TV LLC)
SpeedWords Arena -> C:\Program Files\WindowsApps\HotChaiProductionsLLC.SpeedWords_2.16.18.0_x64__4526h58b9csx8 [2019-10-06] (Hot Chai Productions LLC)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.145.621.0_x86__zpdnekdrzrea0 [2020-11-03] (Spotify AB) [Startup Task]
Star Trek Timelines -> C:\Program Files\WindowsApps\TiltingPoint.StarTrekTimelines_1.0.412.0_x64__85kh3h6wfjavg [2020-10-17] (Tilting Point)
Sudoku by blugri -> C:\Program Files\WindowsApps\blugrisoftwareservicesBVB.Sudokubyblugri_1.0.0.5_neutral__phfv9b1xfqp1p [2019-10-06] (blugri softwareservices BVBA)
Tape Recorder -> C:\Program Files\WindowsApps\39320Senstic.TapeRecorder_2.2.0.6_x64__d8f7n113hmst6 [2019-10-06] (Senstic)
Tetra Blocks -> C:\Program Files\WindowsApps\53543Nocodesoft.MyTetris_10.0.50.0_x64__z140ett1a786e [2019-10-06] (Nocodesoft) [MS Ad]
The Backgammon -> C:\Program Files\WindowsApps\6918E89D.TheBackgammon_1.2.5.0_x64__66n08swfvvka0 [2020-07-22] (UNBALANCE corp.) [MS Ad]
The New York Times Crossword -> C:\Program Files\WindowsApps\TheNewYorkTimes.NYTCrossword_1.5.0.0_x86__3q5wqmazkcmtm [2019-10-06] (The New York Times)
Timer+ -> C:\Program Files\WindowsApps\MinimaSoftware.Timer_1.0.3.0_neutral__xbn939datne2w [2019-10-06] (Minima Software)
Total PC Cleaner - Free Disk Space Clean Up, Optimize Memory & Windows System -> C:\Program Files\WindowsApps\64404Softuna.TotalDiskCleaner_2.1.3.0_x64__r1b4jsc7ddp3p [2020-10-23] (Total PC Cleaner)
Tricky Shot Soccer -> C:\Program Files\WindowsApps\DreamAppsLab.TrickyShotSoccer_1.1.0.1_x86__nr0n5xv8q0v6t [2019-10-06] (Siena Solucoes Tecnologicas E Comercio Ltda)
Trivial Pursuit & Friends -> C:\Program Files\WindowsApps\A278AB0D.TrivialPursuit_1.1.1.0_x86__h6adky7gbf63m [2019-10-06] (Gameloft.)
UNO ™ & Friends - The Classic Card Game Goes Social! -> C:\Program Files\WindowsApps\GAMELOFTSA.UNOFriends_1.9.2.1_x86__0pp20fcewvvtj [2019-10-06] (GAMELOFT SA)
Virtual Fireplace -> C:\Program Files\WindowsApps\22062EdgeWaySoftware.VirtualFireplace_6.0.6010.0_x64__899325t744j9a [2019-10-06] (EdgeWay Software)
Windows File Recovery -> C:\Program Files\WindowsApps\Microsoft.WindowsFileRecovery_0.0.11761.0_x64__8wekyb3d8bbwe [2020-08-01] (Microsoft Corporation)
Word Search - Free -> C:\Program Files\WindowsApps\6317TinyGames.WordSearch-Free_1.1.14.0_x64__agdqmtxhayfww [2020-07-22] (Tiny Games)
Wordplay: Exercise your brain -> C:\Program Files\WindowsApps\828B5831.WordplayExerciseyourbrain_1.7.902.0_x86__ytsefhwckbdv6 [2020-09-12] (G5 Entertainment AB)
Words & Numbers 2 -> C:\Program Files\WindowsApps\57662AppsoluteZero.WordsNumbers2_3.4.0.6_x64__b50dz6rccnb4g [2019-10-06] (Appsolute Zero) [MS Ad]
Words With Friends -> C:\Program Files\WindowsApps\D52A8D61.WordsWithFriends_1.2.0.1_x64__jwbwg6xx0377a [2019-10-06] (Zynga, Inc.)
Yatzy Ultimate Free -> C:\Program Files\WindowsApps\Seavus.YatzyUltimateFree_5.10.0.147_x86__bwc13hzg5kga8 [2019-10-06] (Seavus) [MS Ad]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2020-07-31] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [OODefrag] -> {48EAD1E1-ECF2-4a85-AA09-1C44FBEED451} => C:\Program Files\OO Software\Defrag\oodsh.dll [2018-11-30] (O&O Software GmbH -> O&O Software GmbH)
ContextMenuHandlers1: [PuranDefrag] -> {E23C9C4A-0F55-40e2-A47F-93DCB54DF04D} => C:\WINDOWS\system32\PuranDefrag.dll [2013-08-15] (Vishal Gupta -> Puran Software) [File not signed]
ContextMenuHandlers2: [OODefrag] -> {48EAD1E1-ECF2-4a85-AA09-1C44FBEED451} => C:\Program Files\OO Software\Defrag\oodsh.dll [2018-11-30] (O&O Software GmbH -> O&O Software GmbH)
ContextMenuHandlers2: [PuranDefrag] -> {E23C9C4A-0F55-40e2-A47F-93DCB54DF04D} => C:\WINDOWS\system32\PuranDefrag.dll [2013-08-15] (Vishal Gupta -> Puran Software) [File not signed]
ContextMenuHandlers2-x32: [VMDiskMenuHandler] -> {271DC252-6FE1-4D59-9053-E4CF50AB99DE} => C:\Program Files (x86)\VMware\VMware Workstation\vmdkShellExt.dll [2019-05-04] (VMware, Inc. -> VMware, Inc.)
ContextMenuHandlers2: [VMDiskMenuHandler64] -> {E4D28EDC-8C0B-43EE-9E7D-C8A8682334DC} => C:\Program Files (x86)\VMware\VMware Workstation\x64\vmdkShellExt64.dll [2019-05-04] (VMware, Inc. -> VMware, Inc.)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2020-07-31] (IObit Information Technology -> IObit)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_983b03c2be43c272\nvshext.dll [2020-10-27] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2020-07-31] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [OODefrag] -> {48EAD1E1-ECF2-4a85-AA09-1C44FBEED451} => C:\Program Files\OO Software\Defrag\oodsh.dll [2018-11-30] (O&O Software GmbH -> O&O Software GmbH)
ContextMenuHandlers6: [PuranDefrag] -> {E23C9C4A-0F55-40e2-A47F-93DCB54DF04D} => C:\WINDOWS\system32\PuranDefrag.dll [2013-08-15] (Vishal Gupta -> Puran Software) [File not signed]
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2019-02-21 21:00 - 2019-02-21 21:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2020-10-27 20:25 - 2013-08-15 15:39 - 000256896 _____ (Vishal Gupta -> Puran Software) [File not signed] C:\WINDOWS\system32\PuranDefrag.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\DonB\Downloads\Zotero-4.0.20_setup.exe:BDU [0]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2020-01-31] (IObit Information Technology -> IObit)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-04-11 18:38 - 2018-04-11 18:36 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-719403391-2089901819-616789136-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
Network Binding:
=============
Ethernet: VMware Bridge Protocol -> vmware_bridge (enabled)
VMware Network Adapter VMnet8: VMware Bridge Protocol -> vmware_bridge (disabled)
VMware Network Adapter VMnet1: VMware Bridge Protocol -> vmware_bridge (disabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKU\S-1-5-21-719403391-2089901819-616789136-1001\...\StartupApproved\Run: => "OneDrive"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{8BAA4AF8-02BB-4F7C-80F3-F5A414C0D9A4}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{F31D8FF4-2F9F-4693-AFFC-C1881E8E1678}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{CCADF369-02E2-43AA-889B-350D7D364970}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe (VMware, Inc. -> )
FirewallRules: [{02FA4B14-B765-4047-BCBF-62A5526E1D04}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe (VMware, Inc. -> )
FirewallRules: [{56D0710A-BE88-42CB-9A61-9EB564C6BC09}] => (Allow) C:\Program Files\Waterfox Classic\waterfox.exe (Waterfox Limited -> Waterfox)
FirewallRules: [{6B8E37C9-4D08-4F87-BE67-3169D35E4AA9}] => (Allow) C:\Program Files\Waterfox Classic\waterfox.exe (Waterfox Limited -> Waterfox)
FirewallRules: [{AE491555-A815-43A0-A411-0CE170904F0F}] => (Allow) C:\Program Files\Waterfox Classic\waterfox.exe (Waterfox Limited -> Waterfox)
FirewallRules: [{E06125EB-050F-48BC-BCB3-690B8D3B6DDF}] => (Allow) C:\Program Files\Waterfox Classic\waterfox.exe (Waterfox Limited -> Waterfox)
FirewallRules: [{D22D19C6-9E73-4BC9-A7C3-38284171AC74}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3A57CA07-C876-4504-A325-CAB6C3BCB563}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6C35680C-341C-4F04-9821-FAA60A773A24}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9DC4D728-41B4-495D-A2D4-5863145E27D1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{446C5A11-29B1-41E8-83B4-2BB2DD85C50E}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => No File
FirewallRules: [{B54F00DA-F9FE-4A93-98F6-094AD80EAD3D}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => No File
FirewallRules: [{74864F8F-146C-4BF7-AFA0-28F74AF5B0F9}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe => No File
FirewallRules: [{C50913E4-7C58-45A8-83A0-D464ADB47E80}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.145.621.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B050E032-2EB6-4863-AD7B-6E6EB784A1F0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.145.621.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BC30E784-35FC-46A9-B6ED-5F2F65DBC415}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.145.621.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E8666D33-1A68-493A-B0C2-B36FA0199F5B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.145.621.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BF9F55B6-5131-4EA3-8CD8-9B2F73860455}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.145.621.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C4616C8E-E662-4F47-80A8-C224B971414E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.145.621.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E22C052F-C644-4CB4-A501-4433E3572872}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.145.621.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E14C5DEC-1686-4FB5-BB68-FA5EB4716182}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.145.621.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
==================== Restore Points =========================
31-10-2020 16:17:02 Windows Modules Installer
01-11-2020 20:13:28 Installed 7-Zip 19.00 (x64 edition)
12-11-2020 21:17:49 Windows Modules Installer
15-11-2020 21:44:48 Installed O&O Defrag Professional
==================== Faulty Device Manager Devices ============
Name: Multimedia Audio Controller
Description: Multimedia Audio Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: ========================
Application errors:
==================
Error: (11/15/2020 10:06:36 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.
Error: (11/15/2020 10:06:36 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
Error: (11/15/2020 10:06:36 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.
Error: (11/15/2020 10:06:36 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
Error: (11/15/2020 09:49:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 10.0.19041.610, time stamp: 0xab30c679
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0000000006220fd8
Faulting process id: 0x18c4
Faulting application start time: 0x01d6bbc147220bb3
Faulting application path: C:\WINDOWS\Explorer.EXE
Faulting module path: unknown
Report Id: 7f33b47b-a7fd-4e31-a066-e33ff7908255
Faulting package full name:
Faulting package-relative application ID:
Error: (11/15/2020 09:46:51 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance(CLSID_VSSCoordinator). hr = 0x800401f0, CoInitialize has not been called.
.
Error: (11/15/2020 09:46:51 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} and name Coordinator cannot be started. [0x800401f0, CoInitialize has not been called.
]
Error: (11/14/2020 06:51:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: conhost.exe, version: 10.0.19041.546, time stamp: 0x66bd055c
Faulting module name: ucrtbase.dll, version: 10.0.19041.546, time stamp: 0x43cbc11d
Exception code: 0xc0000409
Fault offset: 0x000000000007287e
Faulting process id: 0x1340
Faulting application start time: 0x01d6bae11e18e50d
Faulting application path: C:\WINDOWS\system32\conhost.exe
Faulting module path: C:\WINDOWS\System32\ucrtbase.dll
Report Id: 1eacec4f-d770-4530-b3a8-8992b378a5e5
Faulting package full name:
Faulting package-relative application ID:
System errors:
=============
Error: (11/16/2020 06:06:48 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT AUTHORITY)
Description: Performance power management features on Hyper-V logical processor 7 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.
Error: (11/16/2020 06:06:48 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT AUTHORITY)
Description: Performance power management features on Hyper-V logical processor 6 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.
Error: (11/16/2020 06:06:48 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT AUTHORITY)
Description: Performance power management features on Hyper-V logical processor 5 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.
Error: (11/16/2020 06:06:48 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT AUTHORITY)
Description: Performance power management features on Hyper-V logical processor 4 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.
Error: (11/16/2020 06:06:48 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT AUTHORITY)
Description: Performance power management features on Hyper-V logical processor 3 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.
Error: (11/16/2020 06:06:48 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT AUTHORITY)
Description: Performance power management features on Hyper-V logical processor 2 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.
Error: (11/16/2020 06:06:48 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT AUTHORITY)
Description: Performance power management features on Hyper-V logical processor 1 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.
Error: (11/16/2020 06:06:48 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT AUTHORITY)
Description: Performance power management features on Hyper-V logical processor 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.
Windows Defender:
===================================
Date: 2020-10-26 16:06:31.2040000Z
Description:
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
Date: 2020-10-26 15:59:42.3120000Z
Description:
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
Date: 2020-10-26 15:50:10.7540000Z
Description:
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
Date: 2020-10-26 15:43:54.4880000Z
Description:
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
CodeIntegrity:
===================================
Date: 2020-11-16 18:10:26.7830000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender Antivirus Free\bdamsi\264917603565802704\antimalware_provider64.dll that did not meet the Microsoft signing level requirements.
Date: 2020-11-16 18:10:26.7680000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender Antivirus Free\bdamsi\264917603565802704\antimalware_provider64.dll that did not meet the Microsoft signing level requirements.
Date: 2020-11-16 18:10:26.7540000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender Antivirus Free\bdamsi\264917603565802704\antimalware_provider64.dll that did not meet the Microsoft signing level requirements.
Date: 2020-11-16 18:10:26.7380000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender Antivirus Free\bdamsi\264917603565802704\antimalware_provider64.dll that did not meet the Microsoft signing level requirements.
Date: 2020-11-16 18:10:26.7200000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender Antivirus Free\bdamsi\264917603565802704\antimalware_provider64.dll that did not meet the Microsoft signing level requirements.
Date: 2020-11-16 18:10:26.7060000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender Antivirus Free\bdamsi\264917603565802704\antimalware_provider64.dll that did not meet the Microsoft signing level requirements.
Date: 2020-11-16 18:10:26.6910000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender Antivirus Free\bdamsi\264917603565802704\antimalware_provider64.dll that did not meet the Microsoft signing level requirements.
Date: 2020-11-16 18:10:26.6730000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender Antivirus Free\bdamsi\264917603565802704\antimalware_provider64.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: Award Software International, Inc. F9 10/13/2011
Motherboard: Gigabyte Technology Co., Ltd. GA-990XA-UD3
Processor: AMD FX(tm)-8150 Eight-Core Processor
Percentage of memory in use: 24%
Total physical RAM: 16365.24 MB
Available physical RAM: 12351.18 MB
Total Virtual: 16381.24 MB
Available Virtual: 11741.45 MB
==================== Drives ================================
Drive c: (Win10x64Boot) (Fixed) (Total:930.47 GB) (Free:756.22 GB) NTFS
Drive d: (VM_Data) (Fixed) (Total:465.76 GB) (Free:60.95 GB) NTFS
Drive h: (CYA-space) (Fixed) (Total:931.51 GB) (Free:477.97 GB) NTFS
Drive p: (Jumbo) (Fixed) (Total:1863.01 GB) (Free:1416.6 GB) NTFS
\\?\Volume{000615d0-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.54 GB) (Free:0.5 GB) NTFS
\\?\Volume{000615d0-0000-0000-0000-70c0e8000000}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 000615D0)
Partition 1: (Active) - (Size=549 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=930.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=516 MB) - (Type=27)
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: B7A69F3A)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 0EE9835D)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
==========================================================
Disk: 3 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 7BF62720)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
- Feb 12, 2015
- 1,884
Hi, DonB.
I will be assisting you with your computer's issues. I am still in training and my fixes have to be approved by my instructor, so there may be a slight delay in my replies. Look at it as a good thing though, since you will have two people looking at your problem.
Please, adhere to the guidelines below, and then carefully follow, with the same order, all the instructions after:
1. Always ask before acting! Do not continue if you are not sure, or if something unexpected happens!
2. Do not run any tools unless instructed to do so. Also, do not uninstall or install any software during the procedure, unless I ask you to do so.
3. Please, copy all the content of the required logs and paste it inside your post. Do not attach any log or other file, unless directed otherwise.
4. If your computer seems to start working normally, please don't abandon the topic. Even if your system is behaving normally, there may still be some malware remnants left over. Additionally, malware can re-infect the computer if some remnants are left. Therefore, please complete all requested steps to make sure any malware is successfully eradicated from your PC.
5. You have to reply to my posts within four days. If you need some additional time, just let me know. Otherwise, I will leave the topic due to lack of feedback.
6. Logs from malware diagnostic or removal programs can take some time to get analyzed. Also, have in mind that all the experts here are volunteers and may not be available to assist when you post. Please, be patient, while I analyze your logs.
========================================================
I am currently reviewing your logs and will be back to you as soon as I can.
I will be assisting you with your computer's issues. I am still in training and my fixes have to be approved by my instructor, so there may be a slight delay in my replies. Look at it as a good thing though, since you will have two people looking at your problem.
Please, adhere to the guidelines below, and then carefully follow, with the same order, all the instructions after:
1. Always ask before acting! Do not continue if you are not sure, or if something unexpected happens!
2. Do not run any tools unless instructed to do so. Also, do not uninstall or install any software during the procedure, unless I ask you to do so.
3. Please, copy all the content of the required logs and paste it inside your post. Do not attach any log or other file, unless directed otherwise.
4. If your computer seems to start working normally, please don't abandon the topic. Even if your system is behaving normally, there may still be some malware remnants left over. Additionally, malware can re-infect the computer if some remnants are left. Therefore, please complete all requested steps to make sure any malware is successfully eradicated from your PC.
5. You have to reply to my posts within four days. If you need some additional time, just let me know. Otherwise, I will leave the topic due to lack of feedback.
6. Logs from malware diagnostic or removal programs can take some time to get analyzed. Also, have in mind that all the experts here are volunteers and may not be available to assist when you post. Please, be patient, while I analyze your logs.
========================================================
I am currently reviewing your logs and will be back to you as soon as I can.
- Feb 12, 2015
- 1,884
Hi, DonB.
Can you please be more specific about your issue? What do you mean "Yahoo hijack and redirect in Waterfox"?
Please go through the instructions carefully, to do the following:
1. Uninstall unnecessary programs
You have some unnecessary programs installed in your computer. Their activity can rather harm computer's performance rather than do any good. In Windows 10, there is no need for updating drivers or the operating system software. Also, there is no need for defragment the disk, as this is done automatically, usually once a week. My recommendation is to uninstall these programs, but it's your computer, so your choice.
If you decide to uninstall the specific programs:
2. Notifications in Waterfox
Did you intentionally enable notifications from the following sites?
hxxps://www.getmailbird.com;
hxxp://www.msfn.org;
hxxps://mspoweruser.com;
hxxps://msfn.org;
hxxps://www.moosoft.com;
hxxps://licensekey.net;
hxxps://luckyhour.auslogics.com;
hxxp://support.immunet.com;
hxxps://www.newsmax.com;
hxxps://www.facebook.com
3. Run AdwCleaner
Download AdwCleaner and save it to your desktop.
4. Run Malwarebytes
If threats are found, make sure that all threats are not selected, close the program and proceed to the next steps below:
In your next reply, please post:
Can you please be more specific about your issue? What do you mean "Yahoo hijack and redirect in Waterfox"?
Please go through the instructions carefully, to do the following:
1. Uninstall unnecessary programs
You have some unnecessary programs installed in your computer. Their activity can rather harm computer's performance rather than do any good. In Windows 10, there is no need for updating drivers or the operating system software. Also, there is no need for defragment the disk, as this is done automatically, usually once a week. My recommendation is to uninstall these programs, but it's your computer, so your choice.
If you decide to uninstall the specific programs:
- Press the Windows Key + R.
- Type appwiz.cpl in the Run box and click OK.
- The Add/Remove Programs list will open. Locate the following programs in the list:
Code:
KC Softwares DUMo
KC Softwares SUMo
NTLite v1.8.0.7180
O&O Defrag Professional
Puran Defrag 7.7.1- Select the above programs, one at a time, and click Uninstall.
- Restart the computer.
2. Notifications in Waterfox
Did you intentionally enable notifications from the following sites?
hxxps://www.getmailbird.com;
hxxp://www.msfn.org;
hxxps://mspoweruser.com;
hxxps://msfn.org;
hxxps://www.moosoft.com;
hxxps://licensekey.net;
hxxps://luckyhour.auslogics.com;
hxxp://support.immunet.com;
hxxps://www.newsmax.com;
hxxps://www.facebook.com
3. Run AdwCleaner
Download AdwCleaner and save it to your desktop.
- Double click AdwCleaner.exe to run it.
- Click Scan Now.
- When the scan has finished, a Scan Results window will open.
- Click Cancel (at this point do not attempt to Quarantine anything that is found)
- Now click the Log Filestab.
- Double click on the latest scan log (Scan logs have a [S0*] suffix, where * is replaced by a number. The latest scan will have the largest number)[/*]
- A Notepad file will open containing the results of the scan.
- Please post the contents of the file in your next reply.
4. Run Malwarebytes
- Open Malwarebytes you have already installed in your computer.
- Click the little gear on the top right (Settings) and when it opens, click the Security tab and make sure about the following:
Code:Under the title Scan Options, all the options are checked. Under the title Windows Security Center (Premium only) is unchecked. Under the title Potentially unwanted items are set to Always. - Click on the little gear to return to the main menu and select Scan. The program will start scanning your computer. This may take about 10 minutes, but in some cases it may be take longer.
- When finished, you will see the Thread Scan Summary window open.
If threats are found, make sure that all threats are not selected, close the program and proceed to the next steps below:
- Open Malwarebytes again, click on the Scanner, and then on the Reports tab.
- Find the report with the most recent date and double click on it.
- Click on Export and then Copy to Clipboard.
- Paste its content here, in your next reply.
In your next reply, please post:
- Your reply about the notifications
- The AdwCleaner[S0*].txt
- The Malwarebytes report
DonB, due to lack of response, this thread is closed. If you wish to continue, please send me a message and I will reopen the thread.
- Status
Has Sysnative Forums helped you? Please consider donating to help us support the site!