1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

Solved Win32/VigorfA found on my laptop

Discussion in 'Malware and Virus Removal' started by psaulm119, 2019/07/14.

Page 1 of 3
  1. 2019/07/14
    psaulm119 Lifetime Subscription

    psaulm119 Geek Member Thread Starter

    Joined:
    2003/12/07
    Messages:
    1,424
    Likes Received:
    21
    I am thinking this is a false positive, but I thought I'd check here just in case.

    It was found by Windows Defender, which I have set for automatic updates & weekly scheduled scans. I don't think it has ever actually found anything. Today, I downloaded OpenShell (a windows 10 start menu substitute), and installed it. Within a few minutes, Windows Defender found the Win32/VigorfA trojan, which it immediately quarantined. Unfortunately, I cannot find within Windows Defender, the location of the quarantine section. I then updated & scanned with free Malwarebytes, which found nothing.

    I did run the Farbar recovery tool Below are the scans.

    I guess my question, before anyone has me jump through a million hoops, would be--is this a false positive? I'm pretty sure it was--but then again, I'm hesitant to download OpenShell again, just to reinfect myself.
     
    psaulm119,
    #1
  2. 2019/07/14
    psaulm119 Lifetime Subscription

    psaulm119 Geek Member Thread Starter

    Joined:
    2003/12/07
    Messages:
    1,424
    Likes Received:
    21
    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-07-2019
    Ran by Paul (administrator) on DESKTOP-GFO74CP (LENOVO 20DH002TUS) (14-07-2019 16:33:42)
    Running from C:\Users\Paul\Desktop
    Loaded Profiles: Paul (Available Profiles: Paul)
    Platform: Windows 10 Pro Version 1809 17763.615 (X64) Language: English (United States)
    Default browser: FF
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    () [File not signed] C:\Program Files (x86)\OpenDNS Updater\OpenDNSUpdater.exe
    () [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.48.51.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
    () [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19051.16210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
    () [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1905.28.0_x64__8wekyb3d8bbwe\Calculator.exe
    () [File not signed] C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19061.410.0_x64__8wekyb3d8bbwe\YourPhone.exe
    () [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
    (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
    (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
    (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
    (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
    (Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
    (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0344035.inf_amd64_2f25d95c250a5c18\B344048\atieclxx.exe
    (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0344035.inf_amd64_2f25d95c250a5c18\B344048\atiesrxx.exe
    (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
    (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
    (ALPS ELECTRIC CO., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
    (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\HidMonitorSvc.exe
    (Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe
    (Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe
    (Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe
    (Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe
    (Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe
    (Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe
    (Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe
    (Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe
    (Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe
    (Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe
    (Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe
    (Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe
    (Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe
    (Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe
    (Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe
    (Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe
    (Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe
    (Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe
    (Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe
    (Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe
    (Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe
    (Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe
    (Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe
    (Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe
    (Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe
    (Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe
    (Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe
    (Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe
    (Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe
    (Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe
    (Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
    (Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
    (Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
    (Copernic, a division of N. Harris Computer Systems) [File not signed] C:\Program Files (x86)\Copernic\DesktopSearch\x64\Copernic.DesktopSearch.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome Beta\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome Beta\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome Beta\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome Beta\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome Beta\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome Beta\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome Beta\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome Beta\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome Beta\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome Beta\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome Beta\Application\chrome.exe
    (Hewlett-Packard Company -> HP) C:\Windows\System32\HPSIsvc.exe
    (Lenovo (Beijing) Limited -> Lenovo Group Limited) C:\Users\Paul\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSB.exe
    (Lenovo -> Lenovo) C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe
    (LENOVO -> Lenovo.) C:\Windows\System32\ibmpmsvc.exe
    (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTE.EXE
    (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
    (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
    (Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.48.51.0_x64__kzf8qxf38zg5c\SkypeApp.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\schtasks.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
    (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1906.3-0\MsMpEng.exe
    (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1906.3-0\NisSrv.exe
    (Open-Shell) [File not signed] C:\Program Files\Open-Shell\StartMenu.exe
    (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.) C:\Windows\RtsCM64.exe
    (The Document Foundation -> The Document Foundation) C:\Program Files\LibreOffice\program\soffice.bin
    (The Document Foundation -> The Document Foundation) C:\Program Files\LibreOffice\program\soffice.exe
    (VideoLAN -> VideoLAN) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe

    ==================== Registry (Whitelisted) ===========================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [919768 2014-11-20] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
    HKLM\...\Run: [Eraser] => C:\Program Files\Eraser\Eraser.exe [1074600 2016-08-28] (Heidi Computers Ltd -> The Eraser Project)
    HKLM\...\Run: [Open-Shell Start Menu] => C:\Program Files\Open-Shell\StartMenu.exe [216576 2018-08-18] (Open-Shell) [File not signed]
    HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
    HKLM Group Policy restriction on software: C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy <==== ATTENTION
    HKU\S-1-5-21-3409797038-3744183562-1095253496-1001\...\Run: [OpenDNS Updater] => C:\Program Files (x86)\OpenDNS Updater\OpenDNSUpdater.exe [839680 2010-06-16] () [File not signed]
    HKU\S-1-5-21-3409797038-3744183562-1095253496-1001\...\Run: [Copernic Desktop Search] => C:\Program Files (x86)\Copernic\DesktopSearch\x64\Copernic.DesktopSearch.exe [787456 2017-10-06] (Copernic, a division of N. Harris Computer Systems) [File not signed]
    HKU\S-1-5-21-3409797038-3744183562-1095253496-1001\...\Run: [Amazon Photos] => C:\Users\Paul\AppData\Local\Amazon Drive\AmazonPhotos.exe [8489128 2019-05-16] (Amazon Services LLC -> Amazon.com Inc.)
    HKU\S-1-5-21-3409797038-3744183562-1095253496-1001\...\Run: [Vivaldi Update Notifier] => C:\Program Files\Vivaldi\Application\update_notifier.exe [1840200 2019-07-01] (Vivaldi Technologies AS -> Vivaldi Technologies AS)
    HKU\S-1-5-21-3409797038-3744183562-1095253496-1001\...\RunOnce: [Application Restart #4] => C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe [1916560 2019-06-27] (Brave Software, Inc. -> Brave Software, Inc.)
    HKU\S-1-5-21-3409797038-3744183562-1095253496-1001\...\MountPoints2: {96405994-8b7b-11e6-9d1c-68f728c826b5} - "F:\VZW_Software_upgrade_assistant.exe"
    HKLM\...\Drivers32: [VIDC.LAGS] => C:\WINDOWS\system32\lagarith.dll [148992 2011-12-07] ( ) [File not signed]
    HKLM\...\Drivers32: [VIDC.X264] => C:\WINDOWS\system32\x264vfw64.dll [3571200 2015-02-28] (x264vfw project) [File not signed]
    HKLM\...\Drivers32: [VIDC.XVID] => C:\WINDOWS\system32\xvidvfw.dll [309248 2015-12-18] () [File not signed]
    HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed]
    HKLM\...\Drivers32: [VIDC.LAGS] => C:\WINDOWS\SysWOW64\lagarith.dll [216064 2011-12-07] ( ) [File not signed]
    HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3591680 2015-02-28] (x264vfw project) [File not signed]
    HKLM\...\Drivers32: [VIDC.XVID] => C:\WINDOWS\SysWOW64\xvidvfw.dll [282112 2015-12-18] () [File not signed]
    HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112128 2015-10-24] () [File not signed]
    HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]
    HKLM\Software\Microsoft\Active Setup\Installed Components: [{8237E44A-0054-442C-B6B6-EA0509993955}] -> C:\Program Files (x86)\Google\Chrome Beta\Application\76.0.3809.62\Installer\chrmstp.exe [2019-07-10] (Google LLC -> Google LLC)
    HKLM\Software\Microsoft\Active Setup\Installed Components: [{9C142C0C-124C-4467-B117-EBCC62801D7B}] -> C:\Program Files\Vivaldi\Application\2.7.1594.4\Installer\chrmstp.exe [2019-07-02] (Vivaldi Technologies AS -> Vivaldi Technologies AS)
    HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\75.0.66.99\Installer\chrmstp.exe [2019-07-02] (Brave Software, Inc.) [File not signed]
    Startup: C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2019-07-14]
    ShortcutTarget: Send to OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
    GroupPolicy: Restriction ? <==== ATTENTION

    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {209BE161-188D-4B77-A49D-E4C3B2DCC700} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\MpCmdRun.exe [470176 2019-07-08] (Microsoft Windows Publisher -> Microsoft Corporation)
    Task: {20AAE787-3362-4E97-A961-93D5C63E2CE8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2420640 2019-01-11] (Microsoft Corporation -> Microsoft Corporation)
    Task: {28B3CCB5-64D9-4430-8C20-707458AB5B5B} - System32\Tasks\Lenovo\Power Manager\Background monitor => C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe [112312 2019-02-12] (Lenovo -> Lenovo)
    Task: {2AF44762-2A6C-4321-8391-6151A01375EF} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [159368 2019-06-03] (Brave Software, Inc. -> BraveSoftware Inc.)
    Task: {2C19EDF4-DECD-42E7-B9EC-FB02307FD92A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24257704 2019-01-02] (Microsoft Corporation -> Microsoft Corporation)
    Task: {3DE4A343-5F79-4921-9C54-8763CA36DDFB} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
    Task: {442C004F-FCA4-4AA1-A07D-408D3DF6EA27} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [468992 2019-06-26] (Advanced Micro Devices, Inc.) [File not signed]
    Task: {4B1F180F-63E8-4C73-B34E-BADBD15C4AB1} - System32\Tasks\AMD ThankingURL => C:\Program Files\AMD\CIM\Bin64\Setup.exe [891584 2019-06-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
    Task: {6A200B4E-222D-4B93-9FE3-72614EE336EC} - System32\Tasks\RtsCM => C:\WINDOWS\RtsCM64.exe [225560 2015-12-11] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
    Task: {6E25C621-3050-47AD-8E93-C55239670D97} - System32\Tasks\Lenovo\Power Manager\Uninstall task => C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgrInst.exe [58552 2019-02-12] (Lenovo -> )
    Task: {721D1668-7A9C-41DA-876D-7B9C94095FB9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2420640 2019-01-11] (Microsoft Corporation -> Microsoft Corporation)
    Task: {7C8096E5-BE50-4E67-9C23-CAC8EE6C4459} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-07-19] (Google Inc -> Google Inc.)
    Task: {87507061-B7D4-4CBC-BE64-89AF2C2FB5B0} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [159368 2019-06-03] (Brave Software, Inc. -> BraveSoftware Inc.)
    Task: {90B84335-5128-4612-93C5-7731E2FE2602} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-07-19] (Google Inc -> Google Inc.)
    Task: {973C74F1-6B23-48D1-889C-49181FEC5D9E} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe [468992 2019-06-26] (Advanced Micro Devices, Inc.) [File not signed]
    Task: {A4F13222-A356-4BC2-BE7A-B3F7C607CF61} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [68288 2019-06-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
    Task: {A6507AB3-0AF1-40C2-910D-A6792F29DB6B} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-3409797038-3744183562-1095253496-1001 => C:\Users\Paul\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [115496 2019-06-05] (Lenovo (Beijing) Limited -> Lenovo Group Limited)
    Task: {ACAB4A1B-C276-4FF3-9019-ED175E34C9D6} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
    Task: {B23BBB33-BEDD-45A9-ABD1-C8BCD5F1F1CE} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [91736 2019-01-11] (Microsoft Corporation -> Microsoft Corporation)
    Task: {B61BDD4B-3B8D-4C7D-924F-756E47DD2B56} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [91736 2019-01-11] (Microsoft Corporation -> Microsoft Corporation)
    Task: {C40A4FD6-483E-44E7-B1F0-C853C1E93FDF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\MpCmdRun.exe [470176 2019-07-08] (Microsoft Windows Publisher -> Microsoft Corporation)
    Task: {CF2121D9-7A91-4F6C-9091-1F239ECCEEEE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\MpCmdRun.exe [470176 2019-07-08] (Microsoft Windows Publisher -> Microsoft Corporation)
    Task: {D59CB59F-FB36-4807-A662-344F75F2263D} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24257704 2019-01-02] (Microsoft Corporation -> Microsoft Corporation)
    Task: {D8FCB8DC-7895-4612-99D4-95866B004024} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\MpCmdRun.exe [470176 2019-07-08] (Microsoft Windows Publisher -> Microsoft Corporation)
    Task: {DCA3246F-1A39-41D3-A961-DBAEA880C355} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61120 2019-06-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
    Task: {E3945EC4-4963-4F04-97A3-29A3DDB66969} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1395288 2019-01-11] (Microsoft Corporation -> Microsoft Corporation)
    Task: {F360BA94-0FBC-4F42-AB8D-E6A0359BCE03} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1395288 2019-01-11] (Microsoft Corporation -> Microsoft Corporation)

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Tcpip\Parameters: [DhcpNameServer] 208.67.222.222 208.67.220.220 208.67.222.220
    Tcpip\..\Interfaces\{0765e26f-e356-44a8-9b07-c2b210fc3913}: [DhcpNameServer] 71.10.216.1 71.10.216.2
    Tcpip\..\Interfaces\{e76819d1-c424-43e0-83c6-993b554207e3}: [DhcpNameServer] 208.67.222.222 208.67.220.220 71.10.216.1
    Tcpip\..\Interfaces\{f2b803a1-550e-48a9-9095-5d70018589a1}: [DhcpNameServer] 208.67.222.222 208.67.220.220 208.67.222.220

    Internet Explorer:
    ==================
    HKU\S-1-5-21-3409797038-3744183562-1095253496-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
    BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-01-11] (Microsoft Corporation -> Microsoft Corporation)
    BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-12-22] (Microsoft Corporation -> Microsoft Corporation)
    Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - No File
    Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-11] (Microsoft Corporation -> Microsoft Corporation)
    Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-11] (Microsoft Corporation -> Microsoft Corporation)
    Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-11] (Microsoft Corporation -> Microsoft Corporation)
    Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-11] (Microsoft Corporation -> Microsoft Corporation)
    Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - No File
    Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - No File
    Filter: lzdhtml - {8f6b0360-b80d-11d0-a9b3-006097942311} - No File

    Edge:
    ======
    Edge Extension: (Adblock Plus) -> 10_EyeoGmbHAdblockPlus_d55gg7py3s0m0 => C:\Program Files\WindowsApps\EyeoGmbH.AdblockPlus_0.9.15.0_neutral__d55gg7py3s0m0 [2019-04-30]

    FireFox:
    ========
    FF DefaultProfile: 71ezmx5n.default
    FF DefaultProfile: l7pw15jy.default
    FF DefaultProfile: eymbiwfk.default
    FF DefaultProfile: 91drvwdf.default
    FF DefaultProfile: 5v2lbdhd.default
    FF DefaultProfile: mur4sejs.default
    FF ProfilePath: C:\Users\Paul\AppData\Roaming\Waterfox\Profiles\71ezmx5n.default [2019-04-30]
    FF Extension: (Classic Add-ons Archive) - C:\Users\Paul\AppData\Roaming\Waterfox\Profiles\71ezmx5n.default\Extensions\ca-archive@Off.JustOff.xpi [2019-03-14] [Legacy] [not signed]
    FF Extension: (Gecko Profiler) - C:\Users\Paul\AppData\Roaming\Waterfox\Profiles\71ezmx5n.default\Extensions\geckoprofiler@mozilla.com.xpi [2019-03-30] [UpdateUrl:hxxps://raw.githubusercontent.com/firefox-devtools/Gecko-Profiler-Addon/master/updates.json]
    FF Extension: (Privacy Badger) - C:\Users\Paul\AppData\Roaming\Waterfox\Profiles\71ezmx5n.default\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2019-02-23] [UpdateUrl:hxxps://clients2.google.com/service/update2/crx]
    FF Extension: (Panorama Tab Groups) - C:\Users\Paul\AppData\Roaming\Waterfox\Profiles\71ezmx5n.default\Extensions\panorama-tab-groups@example.com.xpi [2019-02-23]
    FF Extension: (Print Edit WE) - C:\Users\Paul\AppData\Roaming\Waterfox\Profiles\71ezmx5n.default\Extensions\printedit-we@DW-dev.xpi [2019-04-30]
    FF Extension: (Tree Style Tab) - C:\Users\Paul\AppData\Roaming\Waterfox\Profiles\71ezmx5n.default\Extensions\treestyletab@piro.sakura.ne.jp.xpi [2018-12-14] [Legacy]
    FF Extension: (Reader) - C:\Users\Paul\AppData\Roaming\Waterfox\Profiles\71ezmx5n.default\Extensions\{20068ab2-1901-4140-9f3c-81207d4dacc4}.xpi [2018-02-26]
    FF Extension: (Password Exporter) - C:\Users\Paul\AppData\Roaming\Waterfox\Profiles\71ezmx5n.default\Extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}.xpi [2018-12-14] [Legacy]
    FF Extension: (Adblock Plus - free ad blocker) - C:\Users\Paul\AppData\Roaming\Waterfox\Profiles\71ezmx5n.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-04-30]
    FF ProfilePath: C:\Users\Paul\AppData\Roaming\Mozilla\SeaMonkey\Profiles\l7pw15jy.default [2016-12-01]
    FF Extension: (DOM Inspector) - C:\Users\Paul\AppData\Roaming\Mozilla\SeaMonkey\Profiles\l7pw15jy.default\Extensions\inspector@mozilla.org.xpi [2016-12-01] [Legacy] [not signed]
    FF Extension: (ChatZilla) - C:\Users\Paul\AppData\Roaming\Mozilla\SeaMonkey\Profiles\l7pw15jy.default\Extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}.xpi [2016-12-01] [Legacy] [not signed]
    FF ProfilePath: C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\ilie146i.Nightly [2019-05-26]
    FF Homepage: Mozilla\Firefox\Profiles\ilie146i.Nightly -> about:blank
    FF Extension: (Enhancer for YouTubeâ„¢) - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\ilie146i.Nightly\Extensions\enhancerforyoutube@maximerf.addons.mozilla.org.xpi [2019-05-26]
    FF Extension: (Privacy Badger) - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\ilie146i.Nightly\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2019-04-21] [UpdateUrl:hxxps://clients2.google.com/service/update2/crx]
    FF Extension: (Tab Center Redux) - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\ilie146i.Nightly\Extensions\{0ad88674-2b41-4cfb-99e3-e206c74a0076}.xpi [2019-05-26]
    FF ProfilePath: C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\sjtre9cr.Testing [2019-02-06]
    FF ProfilePath: C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\eymbiwfk.default [2019-07-14]
    FF Homepage: Mozilla\Firefox\Profiles\eymbiwfk.default -> about:blank
    FF Extension: (Disable HTML5 Autoplay) - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\eymbiwfk.default\Extensions\disable-html5-autoplay@afnankhan.xpi [2018-12-20]
    FF Extension: (Enhancer for YouTubeâ„¢) - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\eymbiwfk.default\Extensions\enhancerforyoutube@maximerf.addons.mozilla.org.xpi [2019-07-11]
    FF Extension: (hotfix-update-xpi-intermediate) - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\eymbiwfk.default\Extensions\hotfix-update-xpi-intermediate@mozilla.com.xpi [2019-05-15]
    FF Extension: (Privacy Badger) - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\eymbiwfk.default\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2019-07-10]
    FF Extension: (Panorama Tab Groups) - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\eymbiwfk.default\Extensions\panorama-tab-groups@example.com.xpi [2019-05-28]
    FF Extension: (Print Edit WE) - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\eymbiwfk.default\Extensions\printedit-we@DW-dev.xpi [2019-07-08]
    FF Extension: (Tree Style Tab) - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\eymbiwfk.default\Extensions\treestyletab@piro.sakura.ne.jp.xpi [2019-07-09]
    FF Extension: (dark brush) - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\eymbiwfk.default\Extensions\{0384a87f-db7d-4843-b069-90179da2367d}.xpi [2019-05-13]
    FF Extension: (Tab Center Redux) - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\eymbiwfk.default\Extensions\{0ad88674-2b41-4cfb-99e3-e206c74a0076}.xpi [2018-12-23]
    FF Extension: (Reader) - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\eymbiwfk.default\Extensions\{20068ab2-1901-4140-9f3c-81207d4dacc4}.xpi [2018-02-26]
    FF Extension: (Black Marble - Rough) - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\eymbiwfk.default\Extensions\{42d24643-6ae7-4ac4-a39b-5f97916e553a}.xpi [2019-05-14]
    FF Extension: (Purple and Black) - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\eymbiwfk.default\Extensions\{4a4c7fc9-b564-407c-af79-2c77998417a3}.xpi [2019-05-14]
    FF Extension: (Disable Autoplay) - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\eymbiwfk.default\Extensions\{6674730a-e591-43c6-8680-d332ea121cc2}.xpi [2018-12-27]
    FF Extension: (Purple Damask) - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\eymbiwfk.default\Extensions\{708f9ab6-8bfa-457c-b4cf-7ef77dcd5e70}.xpi [2019-05-13]
    FF Extension: (Liquid Marble) - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\eymbiwfk.default\Extensions\{9ebf5874-03e8-4599-aca4-74a466aba79d}.xpi [2019-05-13]
    FF Extension: (Adblocker for YouTubeâ„¢) - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\eymbiwfk.default\Extensions\{ab2186b0-8c0b-4921-a2d4-95e6e05c0e3c}.xpi [2019-07-02]
    FF Extension: (Adblock Plus - free ad blocker) - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\eymbiwfk.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-04-19]
    FF ProfilePath: C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default [2019-07-06]
    FF Homepage: Moonchild Productions\Pale Moon\Profiles\91drvwdf.default -> about:blank
    FF Extension: (Page Zoom Button) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default\Extensions\54c7d9671b9eccd9e5686a73df34ab60@button.codefisher.org.xpi [2017-02-25] [Legacy]
    FF Extension: (Adblock Latitude) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default\Extensions\adblocklatitude@addons.palemoon.org.xpi [2018-04-12] [Legacy] [not signed]
    FF Extension: (Cookies Exterminator) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default\Extensions\CookiesExterminator@Off.JustOff.xpi [2018-12-05] [Legacy] [not signed]
    FF Extension: (Crush Those Cookies) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default\Extensions\crush-those-cookies@wsdfhjxc.xpi [2017-08-13] [Legacy] [not signed]
    FF Extension: (LavaFox V2-Blue) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default\Extensions\djziggy@gmail.com [2018-04-21] [Legacy]
    FF Extension: (Material Moon) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default\Extensions\materialmoon@franklindm.xpi [2018-12-05] [Legacy] [not signed]
    FF Extension: (Modoki Moon) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default\Extensions\modoki@lootyhoof-pm.xpi [2018-12-05] [Legacy] [not signed]
    FF Extension: (Moon PDF Viewer) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default\Extensions\MoonPDFViewer@Off.JustOff.xpi [2018-12-05] [Legacy] [not signed]
    FF Extension: (Password Backup Tool) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default\Extensions\password-backup-tool@Off.JustOff.xpi [2018-12-05] [Legacy] [not signed]
    FF Extension: (Past Modern Revisited) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default\Extensions\past-modern-revisited@lootyhoof-pm.xpi [2018-12-05] [Legacy] [not signed]
    FF Extension: (PDF Viewer) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default\Extensions\pdf.js-seamonkey@lakora.us.xpi [2018-12-06] [Legacy] [not signed]
    FF Extension: (Print Edit) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default\Extensions\printedit@DW-dev.xpi [2018-05-07] [Legacy]
    FF Extension: (Clearly) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default\Extensions\readable@evernote.com.xpi [2016-12-03] [Legacy]
    FF Extension: (Tree Style Tabs for Pale Moon) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default\Extensions\treestyletabforpm@oinkoink.xpi [2018-12-05] [Legacy] [not signed]
    FF Extension: (uBlock Origin Updater) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default\Extensions\ublock0-updater@Off.JustOff.xpi [2019-01-15] [Legacy] [not signed]
    FF Extension: (uBlock Origin) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default\Extensions\uBlock0@raymondhill.net.xpi [2018-12-06] [Legacy] [not signed]
    FF Extension: (Kempelton Reloaded) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default\Extensions\{03c2ba51-52c3-4cb1-9309-229eb4bc8948}.xpi [2018-12-05] [Legacy] [not signed]
    FF Extension: (RC Print) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default\Extensions\{0bb519bc-bca6-45af-82a6-c982f237acc7}.xpi [2016-12-04] [Legacy]
    FF Extension: (Qute 4 PM) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default\Extensions\{0c44653b-8ca4-4125-b98e-98e62085837f}.xpi [2018-12-05] [Legacy] [not signed]
    FF Extension: (Moonfox3) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default\Extensions\{0ed852bb-a216-42e9-b98e-98e62085837f}.xpi [2018-12-05] [Legacy] [not signed]
    FF Extension: (Reader View) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default\Extensions\{1111dd1e-dd02-4c30-956f-f23c44dfea8e}.xpi [2018-12-05] [Legacy] [not signed]
    FF Extension: (Reader) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default\Extensions\{20068ab2-1901-4140-9f3c-81207d4dacc4}.xpi [2017-08-23] [Legacy]
    FF Extension: (DarkPitch) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default\Extensions\{4b13c0da-55d5-44ce-b98e-98e62085837f}.xpi [2018-12-05] [Legacy] [not signed]
    FF Extension: (XMoon) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default\Extensions\{60e12e8a-8197-4391-b98e-98e62085837f}.xpi [2018-12-05] [Legacy] [not signed]
    FF Extension: (Tangerinemoon) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default\Extensions\{669920c8-3426-4071-b98e-98e62085837f}.xpi [2018-12-05] [Legacy] [not signed]
    FF Extension: (Australium) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default\Extensions\{6a2ffbbc-4f20-42f0-b98e-98e62085837f}.xpi [2018-12-05] [Legacy] [not signed]
    FF Extension: (Bluhell Firewall) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default\Extensions\{6BB5760D-F97E-421B-AF5B-8457A90C3CED}.xpi [2016-12-10] [Legacy]
    FF Extension: (Winstripe Moon) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default\Extensions\{77d97525-e813-48d0-9bba-9c43df19baf9}.xpi [2017-08-13] [Legacy] [not signed]
    FF Extension: (White Moon) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default\Extensions\{81c983b9-ebe4-4b2e-b98e-98e62085837f}.xpi [2018-12-05] [Legacy] [not signed]
    FF Extension: (PMChrome) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default\Extensions\{87a59598-d2b6-45ba-b98e-98e62085837f}.xpi [2018-12-05] [Legacy] [not signed]
    FF Extension: (Qute Legacy) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default\Extensions\{8a13d488-8657-4dab-b98e-98e62085837f}.xpi [2018-12-05] [Legacy] [not signed]
    FF Extension: (Password Exporter) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default\Extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}.xpi [2016-12-02] [Legacy]
    FF Extension: (User Agent Switcher) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default\Extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}.xpi [2016-12-04] [Legacy]
    FF Extension: (Aeromoon) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default\Extensions\{edbb972f-e557-4870-b98e-98e62085837f}.xpi [2018-12-05] [Legacy] [not signed]
    FF Extension: (Stratum) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default\Extensions\{ef547bbe-6237-45ed-b0d6-bc6ad58af954}.xpi [2018-12-05] [Legacy] [not signed]
    FF Extension: (BookmarkMenuHider) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default\Extensions\{f154a53f-654b-4e52-9544-fd51a0e82edd}.xpi [2017-11-14] [Legacy]
    FF Extension: (Zoom toolbar) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default\Extensions\{FBFB7597-9E32-46b4-A500-8B6B0412777F}.xpi [2016-12-05] [Legacy]
    FF SearchPlugin: C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default\searchplugins\google-books.xml [2019-07-05]
    FF SearchPlugin: C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default\searchplugins\google-images-2mp.xml [2019-07-05]
    FF SearchPlugin: C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default\searchplugins\google-images.xml [2019-07-05]
    FF ProfilePath: C:\Users\Paul\AppData\Roaming\Moonchild Productions\Basilisk\Profiles\5v2lbdhd.default [2019-06-24]
    FF Extension: (Adblock Latitude) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Basilisk\Profiles\5v2lbdhd.default\Extensions\adblocklatitude@addons.palemoon.org.xpi [2018-04-19] [Legacy] [not signed]
    FF Extension: (Classic Add-ons Archive) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Basilisk\Profiles\5v2lbdhd.default\Extensions\ca-archive@Off.JustOff.xpi [2019-06-23] [Legacy] [not signed]
    FF Extension: (Password Backup Tool) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Basilisk\Profiles\5v2lbdhd.default\Extensions\password-backup-tool@Off.JustOff.xpi [2019-06-23] [Legacy] [not signed]
    FF Extension: (Tree Style Tab) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Basilisk\Profiles\5v2lbdhd.default\Extensions\treestyletab@piro.sakura.ne.jp.xpi [2018-12-14] [Legacy]
    FF Extension: (Simple bookmarks menu) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Basilisk\Profiles\5v2lbdhd.default\Extensions\{8e1651be-1f0f-469e-baaa-003bf71d973c}.xpi [2018-04-19] [Legacy]
    FF ProfilePath: C:\Users\Paul\AppData\Roaming\kompozer.net\KompoZer\Profiles\0cb5bg8p.default [2017-07-24]
    FF ProfilePath: C:\Users\Paul\AppData\Roaming\KompoZer\Profiles\n9cqaobu.default [2019-06-15]
    FF ProfilePath: C:\Users\Paul\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\mur4sejs.default [2017-11-18]
    FF Extension: (Czech (CZ) Language Pack) - C:\Users\Paul\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\mur4sejs.default\Extensions\langpack-cs@bluegriffon.org.xpi [2017-07-23] [Legacy] [not signed]
    FF Extension: (Deutsch (DE) Language Pack) - C:\Users\Paul\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\mur4sejs.default\Extensions\langpack-de@bluegriffon.org.xpi [2017-07-23] [Legacy] [not signed]
    FF Extension: (English (US) Language Pack) - C:\Users\Paul\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\mur4sejs.default\Extensions\langpack-en-US@bluegriffon.org.xpi [2017-07-23] [Legacy] [not signed]
    FF Extension: (Español (España) Language Pack) - C:\Users\Paul\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\mur4sejs.default\Extensions\langpack-es-ES@bluegriffon.org.xpi [2017-07-23] [Legacy] [not signed]
    FF Extension: (Finnish Language Pack) - C:\Users\Paul\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\mur4sejs.default\Extensions\langpack-fi@bluegriffon.org.xpi [2017-07-23] [Legacy] [not signed]
    FF Extension: (Français Language Pack) - C:\Users\Paul\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\mur4sejs.default\Extensions\langpack-fr@bluegriffon.org.xpi [2017-07-23] [Legacy] [not signed]
    FF Extension: (Galego (España) Language Pack) - C:\Users\Paul\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\mur4sejs.default\Extensions\langpack-gl@bluegriffon.org.xpi [2017-07-23] [Legacy] [not signed]
    FF Extension: (Hebrew (IL) Language Pack) - C:\Users\Paul\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\mur4sejs.default\Extensions\langpack-he@bluegriffon.org.xpi [2017-07-23] [Legacy] [not signed]
    FF Extension: (Magyar (HU) Language Pack) - C:\Users\Paul\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\mur4sejs.default\Extensions\langpack-hu@bluegriffon.org.xpi [2017-07-23] [Legacy] [not signed]
    FF Extension: (Italiano (IT) Language Pack) - C:\Users\Paul\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\mur4sejs.default\Extensions\langpack-it@bluegriffon.org.xpi [2017-07-23] [Legacy] [not signed]
    FF Extension: (Japanese Language Pack) - C:\Users\Paul\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\mur4sejs.default\Extensions\langpack-ja@bluegriffon.org.xpi [2017-07-23] [Legacy] [not signed]
    FF Extension: (Korean (KR) Language Pack) - C:\Users\Paul\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\mur4sejs.default\Extensions\langpack-ko@bluegriffon.org.xpi [2017-07-23] [Legacy] [not signed]
    FF Extension: (Nederlands (NL) Language Pack) - C:\Users\Paul\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\mur4sejs.default\Extensions\langpack-nl@bluegriffon.org.xpi [2017-07-23] [Legacy] [not signed]
    FF Extension: (Polski Language Pack) - C:\Users\Paul\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\mur4sejs.default\Extensions\langpack-pl@bluegriffon.org.xpi [2017-07-23] [Legacy] [not signed]
    FF Extension: (Russian (RU) Language Pack) - C:\Users\Paul\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\mur4sejs.default\Extensions\langpack-ru@bluegriffon.org.xpi [2017-07-23] [Legacy] [not signed]
    FF Extension: (Slovenski jezik Language Pack) - C:\Users\Paul\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\mur4sejs.default\Extensions\langpack-sl@bluegriffon.org.xpi [2017-07-23] [Legacy] [not signed]
    FF Extension: (�рп�ки (sr) Language Pack) - C:\Users\Paul\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\mur4sejs.default\Extensions\langpack-sr@bluegriffon.org.xpi [2017-07-23] [Legacy] [not signed]
    FF Extension: (Svenska (SE) Language Pack) - C:\Users\Paul\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\mur4sejs.default\Extensions\langpack-sv-SE@bluegriffon.org.xpi [2017-07-23] [Legacy] [not signed]
    FF Extension: (Chinese Simplified (zh-CN) Language Pack) - C:\Users\Paul\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\mur4sejs.default\Extensions\langpack-zh-CN@bluegriffon.org.xpi [2017-07-23] [Legacy] [not signed]
    FF Extension: (Traditional Chinese (zh-TW) Language Pack) - C:\Users\Paul\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\mur4sejs.default\Extensions\langpack-zh-TW@bluegriffon.org.xpi [2017-07-23] [Legacy] [not signed]
    FF Extension: (FireFTP) - C:\Users\Paul\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\mur4sejs.default\Extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}.xpi [2017-07-23] [Legacy] [not signed]
    FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
    FF Extension: (SmartPrintButton) - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2011-01-26] [Legacy] [not signed]
    FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2018-01-24] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
    FF Plugin: @Tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2018-07-25] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
    FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2018-01-24] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
    FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2012-05-25] (Yahoo! Inc. -> Yahoo! Inc.)
    FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-01-11] (Microsoft Corporation -> Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-10-04] (Microsoft Corporation -> Microsoft Corporation)
    FF Plugin-x32: @mozilla.zeniko.ch/SumatraPDF_Browser_Plugin -> C:\Program Files (x86)\SumatraPDF\npPdfViewer.dll [2016-12-05] (Simon Bünzli) [File not signed]
    FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=3 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2019-06-03] (Brave Software, Inc. -> BraveSoftware Inc.)
    FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=9 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2019-06-03] (Brave Software, Inc. -> BraveSoftware Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-14] (Google Inc -> Google LLC)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-14] (Google Inc -> Google LLC)
    FF Plugin-x32: @Tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2018-07-25] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
    FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
    FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
    FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
    FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-02] (Adobe Inc. -> Adobe Systems Inc.)
    FF Plugin HKU\S-1-5-21-3409797038-3744183562-1095253496-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2018-01-24] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
    FF Plugin HKU\S-1-5-21-3409797038-3744183562-1095253496-1001: @mozilla.zeniko.ch/SumatraPDF_Browser_Plugin_x64 -> C:\Program Files (x86)\SumatraPDF\nppdfviewer.dll [2016-12-05] (Simon Bünzli) [File not signed]
    StartMenuInternet: Firefox-A3710B8EBB50CD3 - C:\Program Files\Nightly\firefox.exe
     
    psaulm119,
    #2


  3. to hide this advert.

  4. 2019/07/14
    psaulm119 Lifetime Subscription

    psaulm119 Geek Member Thread Starter

    Joined:
    2003/12/07
    Messages:
    1,424
    Likes Received:
    21
    Chrome:
    =======
    StartMenuInternet: Google Chrome Beta - C:\Program Files (x86)\Google\Chrome Beta\Application\chrome.exe

    ==================== Services (Whitelisted) ====================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 AMD External Events Utility; C:\WINDOWS\System32\DriverStore\FileRepository\c0344035.inf_amd64_2f25d95c250a5c18\B344048\atiesrxx.exe [508632 2019-06-27] (Advanced Micro Devices, Inc. -> AMD)
    R2 ApHidMonitorService; C:\Program Files\Apoint2K\HidMonitorSvc.exe [105248 2016-08-08] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
    S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [159368 2019-06-03] (Brave Software, Inc. -> BraveSoftware Inc.)
    S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [159368 2019-06-03] (Brave Software, Inc. -> BraveSoftware Inc.)
    R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9619616 2019-01-02] (Microsoft Corporation -> Microsoft Corporation)
    S3 GoogleChromeBetaElevationService; C:\Program Files (x86)\Google\Chrome Beta\Application\76.0.3809.62\elevation_service.exe [1096176 2019-07-09] (Google LLC -> Google LLC)
    R2 HPSIService; C:\WINDOWS\system32\HPSIsvc.exe [126880 2012-08-31] (Hewlett-Packard Company -> HP)
    S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes Corporation -> Malwarebytes)
    S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5356848 2019-07-09] (Microsoft Windows Publisher -> Microsoft Corporation)
    R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\NisSrv.exe [2455544 2019-07-08] (Microsoft Windows Publisher -> Microsoft Corporation)
    R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\MsMpEng.exe [110104 2019-07-08] (Microsoft Windows Publisher -> Microsoft Corporation)

    ===================== Drivers (Whitelisted) ======================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    S3 aftap0901; C:\WINDOWS\System32\drivers\aftap0901.sys [48624 2018-03-06] (AnchorFree Inc -> The OpenVPN Project)
    S3 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
    R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0344035.inf_amd64_2f25d95c250a5c18\B344048\atikmdag.sys [55255256 2019-06-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
    R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0344035.inf_amd64_2f25d95c250a5c18\B344048\atikmpag.sys [595160 2019-06-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
    R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [103664 2019-06-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
    S3 amd_sata; C:\WINDOWS\System32\drivers\amd_sata.sys [83176 2013-11-05] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
    S3 amd_xata; C:\WINDOWS\System32\drivers\amd_xata.sys [43240 2013-11-05] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
    R2 APXACC; C:\WINDOWS\system32\DRIVERS\appexDrv.sys [229056 2015-04-03] (AppEx Networks Corporation -> AppEx Networks Corporation)
    R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [107936 2019-05-16] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
    S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
    R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [895256 2015-06-18] (Realtek Semiconductor Corp -> Realtek )
    R3 RtkBtFilter; C:\WINDOWS\System32\drivers\RtkBtfilter.sys [624456 2015-07-07] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
    R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [761600 2015-06-15] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
    R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3096856 2015-12-11] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
    R3 RTWlanE; C:\WINDOWS\System32\drivers\rtwlane.sys [8169472 2018-09-15] (Microsoft Windows -> Realtek Semiconductor Corporation )
    S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
    S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2017-08-30] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
    S3 tpflhlp; C:\Drivers\Flash\htuj46ww\tpflhlp.sys [18232 2014-04-04] (Lenovo(Japan)Ltd. -> Lenovo Group Limited)
    R3 usbfilter; C:\WINDOWS\system32\DRIVERS\usbfilter.sys [56352 2015-12-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc)
    S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [47704 2019-07-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
    R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [367032 2019-07-08] (Microsoft Windows -> Microsoft Corporation)
    R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54200 2019-07-08] (Microsoft Windows -> Microsoft Corporation)

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One month (created) ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2019-07-14 16:33 - 2019-07-14 16:36 - 000053699 _____ C:\Users\Paul\Desktop\FRST.txt
    2019-07-14 16:32 - 2019-07-14 16:32 - 002095104 _____ (Farbar) C:\Users\Paul\Desktop\FRST64.exe
    2019-07-14 16:12 - 2019-07-14 16:12 - 007086592 _____ (Open-Shell) C:\Users\Paul\Desktop\OpenShellSetup_4_4_131.exe
    2019-07-14 07:08 - 2019-07-14 07:08 - 000030160 _____ C:\Users\Paul\Desktop\payschedule for cehrly payroll annual 18_19 FINAL.pdf
    2019-07-12 09:35 - 2019-07-12 10:25 - 000009732 _____ C:\Users\Paul\Desktop\Thrift Shop.odt
    2019-07-12 06:41 - 2019-07-12 06:41 - 000000000 ____D C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TouchPad
    2019-07-10 19:13 - 2019-07-10 19:13 - 000071849 _____ C:\Users\Paul\Desktop\Jeff Okabayashi Event Flyer.pdf
    2019-07-09 14:10 - 2019-07-09 14:10 - 002438199 _____ C:\Users\Paul\Desktop\4951-15311-1-PB.pdf
    2019-07-09 14:10 - 2019-07-09 14:10 - 000798321 _____ C:\Users\Paul\Desktop\The decline and fall of the Western Roman Empire.pdf
    2019-07-09 14:09 - 2019-07-09 14:09 - 000433621 _____ C:\Users\Paul\Desktop\The-Anonymous-De-Rebus-Bellicis-and-the-Ethics-of-Empire-in-Late-Antiquity-C.-Grubaugh-2015.pdf
    2019-07-09 13:22 - 2019-07-09 13:22 - 026808320 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 023454208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 022115472 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 020816384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 019012096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 009683472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
    2019-07-09 13:22 - 2019-07-09 13:22 - 008900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 007921664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 007876096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 007687784 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 007645600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 006545304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 006308232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 006068224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 005587976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 004880896 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 004588752 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
    2019-07-09 13:22 - 2019-07-09 13:22 - 004056576 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 003738624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 003636224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
    2019-07-09 13:22 - 2019-07-09 13:22 - 003385856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 003335216 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 003081728 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 002706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
    2019-07-09 13:22 - 2019-07-09 13:22 - 002701000 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 002645504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 002633216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 002593336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 002469432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 002421760 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
    2019-07-09 13:22 - 2019-07-09 13:22 - 002323688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 002189312 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 002085376 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 002073472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 001929728 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 001903616 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 001715000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 001702088 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
    2019-07-09 13:22 - 2019-07-09 13:22 - 001701888 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 001676288 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 001674752 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 001668752 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 001662480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 001484800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 001477648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 001472808 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
    2019-07-09 13:22 - 2019-07-09 13:22 - 001465464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 001397048 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 001345168 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
    2019-07-09 13:22 - 2019-07-09 13:22 - 001321784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 001259520 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 001253688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
    2019-07-09 13:22 - 2019-07-09 13:22 - 001208320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 001182448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
    2019-07-09 13:22 - 2019-07-09 13:22 - 001160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 001145856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 001075712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 001054928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
    2019-07-09 13:22 - 2019-07-09 13:22 - 001052672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 001048592 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
    2019-07-09 13:22 - 2019-07-09 13:22 - 000998928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
    2019-07-09 13:22 - 2019-07-09 13:22 - 000988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000964608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000895552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000865272 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000850992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000833024 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000828728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
    2019-07-09 13:22 - 2019-07-09 13:22 - 000816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
    2019-07-09 13:22 - 2019-07-09 13:22 - 000807480 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
    2019-07-09 13:22 - 2019-07-09 13:22 - 000804744 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioIso.exe
    2019-07-09 13:22 - 2019-07-09 13:22 - 000799776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
    2019-07-09 13:22 - 2019-07-09 13:22 - 000758896 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
    2019-07-09 13:22 - 2019-07-09 13:22 - 000749568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000731104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
    2019-07-09 13:22 - 2019-07-09 13:22 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000680176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000660032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
    2019-07-09 13:22 - 2019-07-09 13:22 - 000652528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000651792 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
    2019-07-09 13:22 - 2019-07-09 13:22 - 000642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000580024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000514136 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000482104 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
    2019-07-09 13:22 - 2019-07-09 13:22 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
    2019-07-09 13:22 - 2019-07-09 13:22 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000423480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000397688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000351432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000346624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000333128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000317456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mssecflt.sys
    2019-07-09 13:22 - 2019-07-09 13:22 - 000310288 _____ (Microsoft Corporation) C:\WINDOWS\system32\computestorage.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000294000 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000292152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
    2019-07-09 13:22 - 2019-07-09 13:22 - 000281600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000279920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000241944 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPHLPAPI.DLL
    2019-07-09 13:22 - 2019-07-09 13:22 - 000240128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
    2019-07-09 13:22 - 2019-07-09 13:22 - 000212792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
    2019-07-09 13:22 - 2019-07-09 13:22 - 000203272 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000201528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
    2019-07-09 13:22 - 2019-07-09 13:22 - 000197832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IPHLPAPI.DLL
    2019-07-09 13:22 - 2019-07-09 13:22 - 000192824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
    2019-07-09 13:22 - 2019-07-09 13:22 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\NcaSvc.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
    2019-07-09 13:22 - 2019-07-09 13:22 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000121896 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000095544 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000092592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
    2019-07-09 13:22 - 2019-07-09 13:22 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
    2019-07-09 13:22 - 2019-07-09 13:22 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
    2019-07-09 13:22 - 2019-07-09 13:22 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
    2019-07-09 13:22 - 2019-07-09 13:22 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
    2019-07-09 13:22 - 2019-07-09 13:22 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
    2019-07-09 13:22 - 2019-07-09 13:22 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
    2019-07-09 13:22 - 2019-07-09 13:22 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
    2019-07-09 13:22 - 2019-07-09 13:22 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
    2019-07-09 01:22 - 2019-07-09 17:13 - 000030122 _____ C:\Users\Paul\Desktop\Huns & End of Roman Empire.odt
    2019-07-09 01:18 - 2019-07-09 01:18 - 005313441 _____ C:\Users\Paul\Desktop\Metropolis and hinterland.pdf
    2019-07-09 01:13 - 2019-07-09 01:13 - 001715815 _____ C:\Users\Paul\Desktop\Late Roman Economic Systems.pdf
    2019-07-08 19:19 - 2019-07-08 19:19 - 000080608 _____ C:\Users\Paul\Desktop\CausesFallWestNEW.odt
    2019-07-07 17:48 - 2019-07-07 17:48 - 006017050 _____ C:\Users\Paul\Desktop\811154.pdf
    2019-07-07 04:51 - 2019-07-07 04:51 - 000001183 _____ C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Yoga_Large.mp4 - Shortcut.lnk
    2019-07-06 15:04 - 2019-07-06 15:04 - 002767337 _____ C:\Users\Paul\Desktop\4.pdf
    2019-07-06 14:11 - 2019-07-08 09:41 - 000029585 _____ C:\Users\Paul\Desktop\Barbarian PDF.odt
    2019-07-05 21:19 - 2019-07-05 21:19 - 000502524 _____ C:\Users\Paul\Desktop\Tennis July.pdf
    2019-07-05 19:00 - 2019-07-05 19:00 - 005720690 _____ C:\Users\Paul\Desktop\catosletter_spring2019.pdf
    2019-07-04 08:01 - 2019-07-04 08:58 - 000028701 _____ C:\Users\Paul\Desktop\LRR BITOG.odt
    2019-07-03 08:35 - 2019-07-04 15:06 - 000026193 _____ C:\Users\Paul\Desktop\SilkRoadReadings.odt
    2019-07-01 22:32 - 2019-07-01 22:32 - 000626194 _____ C:\Users\Paul\Desktop\Lynn White Medieval Tech.pdf
    2019-07-01 16:45 - 2019-07-01 16:45 - 010750265 _____ C:\Users\Paul\Desktop\Noble (Ed.) - From Roman Provinces to Medieval Kingdoms, Rewriting Histories (2006).pdf
    2019-07-01 16:45 - 2019-07-01 16:45 - 008900623 _____ C:\Users\Paul\Desktop\MQ54153.pdf
    2019-07-01 16:43 - 2019-07-01 16:43 - 002513857 _____ C:\Users\Paul\Desktop\Carolingian Renaissance.pdf
    2019-07-01 15:00 - 2019-07-03 21:13 - 000022052 _____ C:\Users\Paul\Desktop\Cavalry Infantry.odt
    2019-07-01 14:01 - 2019-07-01 14:01 - 000241157 _____ C:\Users\Paul\Desktop\2.2._a6.pdf
    2019-07-01 14:01 - 2019-07-01 14:01 - 000139010 _____ C:\Users\Paul\Desktop\2464a915461a55cc32bba43a7770505f7709.pdf
    2019-07-01 14:01 - 2019-07-01 14:01 - 000097233 _____ C:\Users\Paul\Desktop\stirrup.pdf
    2019-07-01 10:41 - 2019-07-01 10:41 - 000168775 _____ C:\Users\Paul\Desktop\mk1-waxwork-frontal.jpg.webp
    2019-07-01 10:41 - 2019-07-01 10:41 - 000038675 _____ C:\Users\Paul\Desktop\philip-2_waxwork_frontal-hr.jpg.webp
    2019-06-30 20:10 - 2019-06-30 20:11 - 000000000 ____D C:\Users\Paul\Desktop\Assyria
    2019-06-30 20:06 - 2019-06-30 20:06 - 000000000 ____D C:\Users\Paul\AppData\LocalLow\AMD
    2019-06-30 19:56 - 2019-06-30 19:56 - 000003414 _____ C:\WINDOWS\System32\Tasks\AMD ThankingURL
    2019-06-30 19:51 - 2019-06-30 19:51 - 000003160 _____ C:\WINDOWS\System32\Tasks\StartCN
    2019-06-30 19:51 - 2019-06-30 19:51 - 000003080 _____ C:\WINDOWS\System32\Tasks\StartDVR
    2019-06-30 19:51 - 2019-06-30 19:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Settings
    2019-06-30 19:41 - 2019-06-30 19:41 - 028268472 _____ (AMD Inc.) C:\Users\Paul\Desktop\radeon-software-adrenalin-2019-19.6.3-minimalsetup-190627_web.exe
    2019-06-28 13:38 - 2019-06-28 13:38 - 000209490 _____ C:\Users\Paul\Desktop\Gromyko.pdf
    2019-06-28 11:36 - 2019-06-28 11:36 - 000000000 ____D C:\Users\Paul\AppData\Roaming\LibreOffice
    2019-06-28 11:35 - 2019-06-28 11:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 6.0
    2019-06-28 11:33 - 2019-06-28 11:34 - 000000000 ____D C:\Program Files\LibreOffice
    2019-06-28 07:28 - 2019-06-28 07:28 - 000010118 _____ C:\Users\Paul\Desktop\IdahoLocust.odt
    2019-06-28 06:48 - 2019-06-28 06:48 - 001993528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
    2019-06-27 06:35 - 2019-07-01 06:26 - 000000000 ____D C:\WINDOWS\Minidump
    2019-06-27 05:07 - 2019-06-27 05:07 - 003886000 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
    2019-06-27 05:07 - 2019-06-27 05:07 - 003485104 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
    2019-06-27 05:07 - 2019-06-27 05:07 - 001589976 _____ (AMD) C:\WINDOWS\system32\SET2457.tmp
    2019-06-27 05:07 - 2019-06-27 05:07 - 001589976 _____ (AMD) C:\WINDOWS\system32\SET1ADB.tmp
    2019-06-27 05:07 - 2019-06-27 05:07 - 001589976 _____ (AMD) C:\WINDOWS\system32\coinst_19.20.dll
    2019-06-27 05:07 - 2019-06-27 05:07 - 001237928 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
    2019-06-27 05:07 - 2019-06-27 05:07 - 001011320 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
    2019-06-27 05:07 - 2019-06-27 05:07 - 001011320 _____ C:\WINDOWS\system32\vulkan-1.dll
    2019-06-27 05:07 - 2019-06-27 05:07 - 000874264 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
    2019-06-27 05:07 - 2019-06-27 05:07 - 000874264 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
    2019-06-27 05:07 - 2019-06-27 05:07 - 000574680 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
    2019-06-27 05:07 - 2019-06-27 05:07 - 000493784 _____ C:\WINDOWS\system32\dgtrayicon.exe
    2019-06-27 05:07 - 2019-06-27 05:07 - 000485592 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
    2019-06-27 05:07 - 2019-06-27 05:07 - 000480984 _____ C:\WINDOWS\system32\GameManager64.dll
    2019-06-27 05:07 - 2019-06-27 05:07 - 000382168 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
    2019-06-27 05:07 - 2019-06-27 05:07 - 000304856 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
    2019-06-27 05:07 - 2019-06-27 05:07 - 000304856 _____ C:\WINDOWS\system32\vulkaninfo.exe
    2019-06-27 05:07 - 2019-06-27 05:07 - 000276696 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
    2019-06-27 05:07 - 2019-06-27 05:07 - 000276696 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
    2019-06-27 05:07 - 2019-06-27 05:07 - 000184536 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
    2019-06-27 05:07 - 2019-06-27 05:07 - 000163544 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
    2019-06-27 05:07 - 2019-06-27 05:07 - 000153304 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
    2019-06-27 05:07 - 2019-06-27 05:07 - 000138968 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
    2019-06-27 05:07 - 2019-06-27 05:07 - 000135592 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
    2019-06-27 05:07 - 2019-06-27 05:07 - 000122280 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
    2019-06-27 05:07 - 2019-06-27 05:07 - 000071104 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
    2019-06-27 05:07 - 2019-06-27 05:07 - 000047320 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
    2019-06-27 05:07 - 2019-06-27 05:07 - 000044248 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
    2019-06-27 05:07 - 2019-06-27 05:07 - 000020392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
    2019-06-27 05:07 - 2019-06-27 05:07 - 000020392 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
    2019-06-27 05:06 - 2019-06-27 05:06 - 000941992 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
    2019-06-27 05:06 - 2019-06-27 05:06 - 000769448 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
    2019-06-27 05:06 - 2019-06-27 05:06 - 000554408 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll
    2019-06-27 05:06 - 2019-06-27 05:06 - 000384424 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll
    2019-06-26 22:57 - 2019-06-26 23:13 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
    2019-06-26 22:55 - 2019-06-26 22:57 - 000000000 ____D C:\WINDOWS\ServiceProfiles
    2019-06-26 22:55 - 2019-06-26 22:55 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
    2019-06-26 22:49 - 2019-06-26 22:49 - 024616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 019284480 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 012243968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 011724288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 009941504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 007727336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 005436696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 005115384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 004920832 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 004488192 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
    2019-06-26 22:49 - 2019-06-26 22:49 - 003602944 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 003566080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 003550384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 003442176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
    2019-06-26 22:49 - 2019-06-26 22:49 - 003421696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
    2019-06-26 22:49 - 2019-06-26 22:49 - 002986352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 002752360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 002429752 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
    2019-06-26 22:49 - 2019-06-26 22:49 - 002393088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 002278240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 002205184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 002160160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
    2019-06-26 22:49 - 2019-06-26 22:49 - 002017280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
    2019-06-26 22:49 - 2019-06-26 22:49 - 001969152 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistSvc.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 001706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 001521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 001459080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 001297120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 001294520 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 001289192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 001282640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 001266192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
    2019-06-26 22:49 - 2019-06-26 22:49 - 001254400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
    2019-06-26 22:49 - 2019-06-26 22:49 - 001223168 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloSI.PCShell.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 001200920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 001166336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
    2019-06-26 22:49 - 2019-06-26 22:49 - 001077912 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 001072424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 001057976 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 001024920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 001022464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000927744 _____ (Microsoft Corporation) C:\WINDOWS\system32\assignedaccessmanagersvc.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000898048 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000870400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000866152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000854784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000833024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000829440 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000798736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
    2019-06-26 22:49 - 2019-06-26 22:49 - 000762272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000747568 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOE.DLL
    2019-06-26 22:49 - 2019-06-26 22:49 - 000743216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
    2019-06-26 22:49 - 2019-06-26 22:49 - 000740352 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscsvc.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000732160 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistCacheProvider.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000687896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOE.DLL
    2019-06-26 22:49 - 2019-06-26 22:49 - 000684032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000673520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
    2019-06-26 22:49 - 2019-06-26 22:49 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000662528 ____R (Microsoft Corporation) C:\WINDOWS\system32\MixedRealityCapture.Pipeline.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000654848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000618496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessManager.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfh264enc.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfh264enc.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000464384 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe
    2019-06-26 22:49 - 2019-06-26 22:49 - 000454144 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000453632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
    2019-06-26 22:49 - 2019-06-26 22:49 - 000429056 _____ (Microsoft Corporation) C:\WINDOWS\system32\MixedReality.Broker.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000427520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000421688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistSh.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000376320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdechangepin.exe
    2019-06-26 22:49 - 2019-06-26 22:49 - 000371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinit.exe
    2019-06-26 22:49 - 2019-06-26 22:49 - 000362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PeerDistSh.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000345600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\regedit.exe
    2019-06-26 22:49 - 2019-06-26 22:49 - 000311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000301096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpeffects.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscobj.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000263360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000241680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpeffects.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistCleaner.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDist.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpdxm.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000203264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscobj.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PeerDist.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistWSDDiscoProv.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpdxm.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000166400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscinterop.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpshell.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000109568 _____ C:\WINDOWS\system32\uwfcfgmgmt.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000101376 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncCsp.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000098816 ____R (Microsoft Corporation) C:\WINDOWS\system32\MixedRealityCapture.Broker.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpshell.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssecuser.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\EASPolicyManagerBrokerHost.exe
    2019-06-26 22:49 - 2019-06-26 22:49 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfts.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 015221248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 012938752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 007251456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 006925312 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 006441472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 005915936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 005764608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 005566464 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 005210904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 005086208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 004661760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 004627456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 004527624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 004019200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 003952952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 003906560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 003818416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
    2019-06-26 22:48 - 2019-06-26 22:48 - 003761664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 003690496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
    2019-06-26 22:48 - 2019-06-26 22:48 - 003656192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 003652656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 003504128 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 003496448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AI.MachineLearning.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 003427328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 003406848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 003344896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 003108864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 002982400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 002942464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 002926096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
    2019-06-26 22:48 - 2019-06-26 22:48 - 002893312 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 002871816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
    2019-06-26 22:48 - 2019-06-26 22:48 - 002832896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 002778760 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 002765312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 002714624 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 002693120 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 002626872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
    2019-06-26 22:48 - 2019-06-26 22:48 - 002447360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 002346496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 002298880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 002278784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 002127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 002096128 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
    2019-06-26 22:48 - 2019-06-26 22:48 - 002086400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 002013696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 002001408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001994760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001966904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
    2019-06-26 22:48 - 2019-06-26 22:48 - 001918464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001899160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001863168 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001837136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001819136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001782272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001763328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001721352 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001720936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001711104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001687552 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001675712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001674696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001622016 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001618944 ____R (The ICU Project) C:\WINDOWS\SysWOW64\icuin.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001590064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001572176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
    2019-06-26 22:48 - 2019-06-26 22:48 - 001506304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001483872 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001476096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001458056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001446400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42u.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001427592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001415680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001395264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001391096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
    2019-06-26 22:48 - 2019-06-26 22:48 - 001387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001382912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001370624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001360184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
    2019-06-26 22:48 - 2019-06-26 22:48 - 001332224 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpasvc.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001316352 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001294848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001290752 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001279024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
    2019-06-26 22:48 - 2019-06-26 22:48 - 001272552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ttdrecordcpu.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001271608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001257472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001249280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001223168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdprt.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001221944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001221528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
    2019-06-26 22:48 - 2019-06-26 22:48 - 001217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001182720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
    2019-06-26 22:48 - 2019-06-26 22:48 - 001180248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
     
    psaulm119,
    #3
  5. 2019/07/14
    psaulm119 Lifetime Subscription

    psaulm119 Geek Member Thread Starter

    Joined:
    2003/12/07
    Messages:
    1,424
    Likes Received:
    21
    2019-06-26 22:48 - 2019-06-26 22:48 - 001168384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001162320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001159168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001155072 ____R (The ICU Project) C:\WINDOWS\SysWOW64\icuuc.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001132032 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001125416 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001110528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001098136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001062400 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001047552 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001026792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001019392 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001010688 _____ (Microsoft Corporation) C:\WINDOWS\system32\refsutil.exe
    2019-06-26 22:48 - 2019-06-26 22:48 - 001001472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
    2019-06-26 22:48 - 2019-06-26 22:48 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000982528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000981816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
    2019-06-26 22:48 - 2019-06-26 22:48 - 000976896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000964976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000949760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000948224 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000918032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000909840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
    2019-06-26 22:48 - 2019-06-26 22:48 - 000908800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
    2019-06-26 22:48 - 2019-06-26 22:48 - 000889344 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000884224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000883200 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
    2019-06-26 22:48 - 2019-06-26 22:48 - 000875008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000860160 _____ C:\WINDOWS\system32\MBR2GPT.EXE
    2019-06-26 22:48 - 2019-06-26 22:48 - 000845824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000833536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000823296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000821048 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000810504 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000803328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000791040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000791040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000782968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000780632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcrt.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000775168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000772408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Services.TargetedContent.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000771584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
    2019-06-26 22:48 - 2019-06-26 22:48 - 000764216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000762880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000742912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000740664 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000731648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000730936 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000730112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000725696 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000711168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000699392 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000695296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
    2019-06-26 22:48 - 2019-06-26 22:48 - 000682496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationFrame.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\system32\objsel.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000660480 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000655160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
    2019-06-26 22:48 - 2019-06-26 22:48 - 000649064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000638376 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcrt.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000637968 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000626176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000617784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000615936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000604248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.applicationmodel.datatransfer.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000599040 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000598544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000591832 _____ C:\WINDOWS\SysWOW64\InputHost.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000588304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
    2019-06-26 22:48 - 2019-06-26 22:48 - 000585728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
    2019-06-26 22:48 - 2019-06-26 22:48 - 000570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000555232 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000553992 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000553984 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000553664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000549376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000548864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuietHours.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000540720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000540448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000535048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
    2019-06-26 22:48 - 2019-06-26 22:48 - 000528384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
    2019-06-26 22:48 - 2019-06-26 22:48 - 000522312 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
    2019-06-26 22:48 - 2019-06-26 22:48 - 000519992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
    2019-06-26 22:48 - 2019-06-26 22:48 - 000515152 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_PCDisplay.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000497664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsound.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000496872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
    2019-06-26 22:48 - 2019-06-26 22:48 - 000495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000494080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Activities.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000492032 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResourceMapper.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000487936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000478720 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000474936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
    2019-06-26 22:48 - 2019-06-26 22:48 - 000465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe
    2019-06-26 22:48 - 2019-06-26 22:48 - 000464912 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000461824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000454160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
    2019-06-26 22:48 - 2019-06-26 22:48 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
    2019-06-26 22:48 - 2019-06-26 22:48 - 000451104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000449024 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
    2019-06-26 22:48 - 2019-06-26 22:48 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000431416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
    2019-06-26 22:48 - 2019-06-26 22:48 - 000429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000427688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000427520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
    2019-06-26 22:48 - 2019-06-26 22:48 - 000414208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000411136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000408528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000398848 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000383288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
    2019-06-26 22:48 - 2019-06-26 22:48 - 000375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\esentutl.exe
    2019-06-26 22:48 - 2019-06-26 22:48 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000373768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\coml2.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxdiag.exe
    2019-06-26 22:48 - 2019-06-26 22:48 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskcomp.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000361984 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageHandlers.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
    2019-06-26 22:48 - 2019-06-26 22:48 - 000359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\regedit.exe
    2019-06-26 22:48 - 2019-06-26 22:48 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
    2019-06-26 22:48 - 2019-06-26 22:48 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\RADCUI.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
    2019-06-26 22:48 - 2019-06-26 22:48 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esentutl.exe
    2019-06-26 22:48 - 2019-06-26 22:48 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000324624 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000320512 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
    2019-06-26 22:48 - 2019-06-26 22:48 - 000316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxdiag.exe
    2019-06-26 22:48 - 2019-06-26 22:48 - 000314368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000312632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000302080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000297984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Diagnostics.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000294912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RADCUI.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
    2019-06-26 22:48 - 2019-06-26 22:48 - 000291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\CXHProvisioningServer.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000290304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\MbbCx.sys
    2019-06-26 22:48 - 2019-06-26 22:48 - 000289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\discan.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000287912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
    2019-06-26 22:48 - 2019-06-26 22:48 - 000286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000284160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasppp.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000279376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000272648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ttdwriter.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\DesktopSwitcherDataModel.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000262160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
    2019-06-26 22:48 - 2019-06-26 22:48 - 000260096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000252536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedPCCSP.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
    2019-06-26 22:48 - 2019-06-26 22:48 - 000239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmd.exe
    2019-06-26 22:48 - 2019-06-26 22:48 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
    2019-06-26 22:48 - 2019-06-26 22:48 - 000226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000219448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdigest.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
    2019-06-26 22:48 - 2019-06-26 22:48 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincredui.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMPushRouterCore.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\fsutil.exe
    2019-06-26 22:48 - 2019-06-26 22:48 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.SharedPC.CredentialProvider.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
    2019-06-26 22:48 - 2019-06-26 22:48 - 000180736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumsvc.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngctasks.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000176440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
    2019-06-26 22:48 - 2019-06-26 22:48 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmvdsitf.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPTaskScheduler.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
    2019-06-26 22:48 - 2019-06-26 22:48 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000164368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
    2019-06-26 22:48 - 2019-06-26 22:48 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\spopk.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000159744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincredui.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
    2019-06-26 22:48 - 2019-06-26 22:48 - 000156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasman.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmvdsitf.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000149232 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingUI.exe
    2019-06-26 22:48 - 2019-06-26 22:48 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastingShellExt.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000148480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fsutil.exe
    2019-06-26 22:48 - 2019-06-26 22:48 - 000147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000146888 _____ (Microsoft Corporation) C:\WINDOWS\system32\smss.exe
    2019-06-26 22:48 - 2019-06-26 22:48 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatialAudioLicenseSrv.exe
    2019-06-26 22:48 - 2019-06-26 22:48 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000143880 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BitLockerCsp.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintWorkflowService.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000137864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe
    2019-06-26 22:48 - 2019-06-26 22:48 - 000134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CastingShellExt.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageLiveTileTask.exe
    2019-06-26 22:48 - 2019-06-26 22:48 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spopk.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-kernel-processor-power-events.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
    2019-06-26 22:48 - 2019-06-26 22:48 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000122680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupcln.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleprn.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000115120 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
    2019-06-26 22:48 - 2019-06-26 22:48 - 000114344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000107832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupcln.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000101376 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys
    2019-06-26 22:48 - 2019-06-26 22:48 - 000099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\EduPrintProv.exe
    2019-06-26 22:48 - 2019-06-26 22:48 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000094224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fileinfo.sys
    2019-06-26 22:48 - 2019-06-26 22:48 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlahc.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
    2019-06-26 22:48 - 2019-06-26 22:48 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\PktMon.exe
    2019-06-26 22:48 - 2019-06-26 22:48 - 000091424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CompPkgSup.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompMgmtLauncher.exe
    2019-06-26 22:48 - 2019-06-26 22:48 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvsetup.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000087864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000086960 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhostw.exe
    2019-06-26 22:48 - 2019-06-26 22:48 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\nslookup.exe
    2019-06-26 22:48 - 2019-06-26 22:48 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
    2019-06-26 22:48 - 2019-06-26 22:48 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nslookup.exe
    2019-06-26 22:48 - 2019-06-26 22:48 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsiwmi.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000071696 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdBth.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
    2019-06-26 22:48 - 2019-06-26 22:48 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntlanman.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe
    2019-06-26 22:48 - 2019-06-26 22:48 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDSPnf.exe
    2019-06-26 22:48 - 2019-06-26 22:48 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdBth.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntlanman.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000054272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\credui.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AssignedAccessRuntime.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\dataclen.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshhttp.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpgradeResultsUI.exe
    2019-06-26 22:48 - 2019-06-26 22:48 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscapi.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfproc.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfts.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfproc.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshhttp.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dataclen.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\spaceman.exe
    2019-06-26 22:48 - 2019-06-26 22:48 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credui.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxssrv.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecureBioSysprep.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryCore.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\RpcPing.exe
    2019-06-26 22:48 - 2019-06-26 22:48 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmintegrator.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RpcPing.exe
    2019-06-26 22:48 - 2019-06-26 22:48 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscdll.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 017484800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 009670656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 007884288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 007647256 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 007556392 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 006132736 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 005561312 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 005528064 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 005297664 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 005130752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 004997096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 004866560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AI.MachineLearning.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 004704272 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 004351448 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
    2019-06-26 22:47 - 2019-06-26 22:47 - 004303872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 003630592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 003557888 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 003399168 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 003363640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
    2019-06-26 22:47 - 2019-06-26 22:47 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 003270144 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 002999808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 002928640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 002879488 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 002842624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 002842112 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 002766136 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 002638336 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
    2019-06-26 22:47 - 2019-06-26 22:47 - 002618880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 002466304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 002438368 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 002406928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.AppAgent.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 002200080 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 002185728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 002149368 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 002141184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ModernAppAgent.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 002050048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 002022304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 002017792 _____ C:\WINDOWS\system32\rdpnano.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 001893376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 001860096 ____R (The ICU Project) C:\WINDOWS\system32\icuin.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 001844448 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 001830200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 001824768 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 001797128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 001794048 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdprt.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 001768960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 001742104 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 001715712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 001713976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.AppAgent.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 001700880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 001671680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 001671680 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 001664904 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 001644544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 001641616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 001612600 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 001567232 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 001563336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdrecordcpu.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 001533440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 001522488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 001520208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 001496576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 001478968 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 001466368 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 001387496 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 001331536 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 001315328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 001311232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 001308672 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 001298952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 001287776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 001267712 _____ (Microsoft Corporation) C:\WINDOWS\system32\APMon.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 001259320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
    2019-06-26 22:47 - 2019-06-26 22:47 - 001249792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 001225216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
    2019-06-26 22:47 - 2019-06-26 22:47 - 001219424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 001213752 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvstore.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 001199616 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 001191728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 001177088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CommonBridge.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 001176064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 001133568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 001121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplySettingsTemplateCatalog.exe
    2019-06-26 22:47 - 2019-06-26 22:47 - 001087800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 001078072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Services.TargetedContent.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
    2019-06-26 22:47 - 2019-06-26 22:47 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
    2019-06-26 22:47 - 2019-06-26 22:47 - 001056272 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 001052984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
    2019-06-26 22:47 - 2019-06-26 22:47 - 001043968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
    2019-06-26 22:47 - 2019-06-26 22:47 - 001038336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 001035776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 001022616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 001007616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 001005056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000998912 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000987736 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000984888 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
    2019-06-26 22:47 - 2019-06-26 22:47 - 000974352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvstore.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000955392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000927232 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000926208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000924160 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000918304 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000902144 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000890368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000888120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pidgenx.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000887808 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000882176 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
    2019-06-26 22:47 - 2019-06-26 22:47 - 000877056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000871784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000865792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
     
    psaulm119,
    #4
  6. 2019/07/14
    psaulm119 Lifetime Subscription

    psaulm119 Geek Member Thread Starter

    Joined:
    2003/12/07
    Messages:
    1,424
    Likes Received:
    21
    2019-06-26 22:47 - 2019-06-26 22:47 - 000865280 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000864056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
    2019-06-26 22:47 - 2019-06-26 22:47 - 000863544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
    2019-06-26 22:47 - 2019-06-26 22:47 - 000855040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000853504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000836096 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000833064 _____ C:\WINDOWS\system32\InputHost.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000831288 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
    2019-06-26 22:47 - 2019-06-26 22:47 - 000828936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\conhost.exe
    2019-06-26 22:47 - 2019-06-26 22:47 - 000820736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000818832 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.applicationmodel.datatransfer.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000817464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000807424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
    2019-06-26 22:47 - 2019-06-26 22:47 - 000806600 _____ C:\WINDOWS\SysWOW64\locale.nls
    2019-06-26 22:47 - 2019-06-26 22:47 - 000806600 _____ C:\WINDOWS\system32\locale.nls
    2019-06-26 22:47 - 2019-06-26 22:47 - 000801792 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000793832 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000790328 _____ (Microsoft Corporation) C:\WINDOWS\system32\upshared.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000782848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000773632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000770096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000768224 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000760832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.PrinterCustomActions.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyHrtfEnc.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000756224 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000752144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
    2019-06-26 22:47 - 2019-06-26 22:47 - 000745984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000743224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000738816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Office2013CustomActions.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000714240 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000676048 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000675096 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000667152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000661816 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000660992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000652296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
    2019-06-26 22:47 - 2019-06-26 22:47 - 000649528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32time.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000646632 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000645120 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000615440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
    2019-06-26 22:47 - 2019-06-26 22:47 - 000611840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000605496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000604344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
    2019-06-26 22:47 - 2019-06-26 22:47 - 000604008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsound.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000586040 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000582240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
    2019-06-26 22:47 - 2019-06-26 22:47 - 000572416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000566272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000556544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\objsel.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000552448 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
    2019-06-26 22:47 - 2019-06-26 22:47 - 000547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
    2019-06-26 22:47 - 2019-06-26 22:47 - 000541184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
    2019-06-26 22:47 - 2019-06-26 22:47 - 000531976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000527872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
    2019-06-26 22:47 - 2019-06-26 22:47 - 000525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.Office2013CustomActions.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000522752 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000519992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Vid.sys
    2019-06-26 22:47 - 2019-06-26 22:47 - 000519168 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000518656 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000511504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000508432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
    2019-06-26 22:47 - 2019-06-26 22:47 - 000508208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000506408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000495624 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000495616 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000494080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000485192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000470528 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\coml2.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000467984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
    2019-06-26 22:47 - 2019-06-26 22:47 - 000462136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000449376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000447488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
    2019-06-26 22:47 - 2019-06-26 22:47 - 000444944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
    2019-06-26 22:47 - 2019-06-26 22:47 - 000439096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
    2019-06-26 22:47 - 2019-06-26 22:47 - 000435712 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000425472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000424960 _____ (Microsoft Corporation) C:\WINDOWS\system32\SDDS.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000421392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
    2019-06-26 22:47 - 2019-06-26 22:47 - 000419368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmicmiplugin.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000419128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
    2019-06-26 22:47 - 2019-06-26 22:47 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\eeprov.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000415752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
    2019-06-26 22:47 - 2019-06-26 22:47 - 000408800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000407504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000404792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
    2019-06-26 22:47 - 2019-06-26 22:47 - 000402944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
    2019-06-26 22:47 - 2019-06-26 22:47 - 000402576 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000400384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000398848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000398416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000395064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000394752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000389120 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingASDS.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
    2019-06-26 22:47 - 2019-06-26 22:47 - 000387832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000386576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000386360 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000385024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000378368 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000375544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
    2019-06-26 22:47 - 2019-06-26 22:47 - 000371200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Diagnostics.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000355360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000351232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioCredProv.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000343984 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000330464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdwriter.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.internal.shellcommon.shareexperience.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000321024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvcext.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasppp.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000301568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
    2019-06-26 22:47 - 2019-06-26 22:47 - 000300024 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvc.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000298296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
    2019-06-26 22:47 - 2019-06-26 22:47 - 000294072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000283032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000282424 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmd.exe
    2019-06-26 22:47 - 2019-06-26 22:47 - 000276488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MTF.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BioCredProv.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000271360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000264704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiCloudStore.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000257696 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000256512 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000255128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmBroker.exe
    2019-06-26 22:47 - 2019-06-26 22:47 - 000254952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
    2019-06-26 22:47 - 2019-06-26 22:47 - 000254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
    2019-06-26 22:47 - 2019-06-26 22:47 - 000254464 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
    2019-06-26 22:47 - 2019-06-26 22:47 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32tm.exe
    2019-06-26 22:47 - 2019-06-26 22:47 - 000247608 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000246584 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000244224 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpnServiceDS.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
    2019-06-26 22:47 - 2019-06-26 22:47 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000234808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
    2019-06-26 22:47 - 2019-06-26 22:47 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\smbwmiv2.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ptpprov.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000223544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
    2019-06-26 22:47 - 2019-06-26 22:47 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000217600 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumsvc.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\w32tm.exe
    2019-06-26 22:47 - 2019-06-26 22:47 - 000202768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
    2019-06-26 22:47 - 2019-06-26 22:47 - 000202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecureTimeAggregator.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000202552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MTF.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000201016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
    2019-06-26 22:47 - 2019-06-26 22:47 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000198456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
    2019-06-26 22:47 - 2019-06-26 22:47 - 000198456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
    2019-06-26 22:47 - 2019-06-26 22:47 - 000198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiohlp.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
     
    psaulm119,
    #5
  7. 2019/07/14
    psaulm119 Lifetime Subscription

    psaulm119 Geek Member Thread Starter

    Joined:
    2003/12/07
    Messages:
    1,424
    Likes Received:
    21
    2019-06-26 22:47 - 2019-06-26 22:47 - 000196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000193032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
    2019-06-26 22:47 - 2019-06-26 22:47 - 000190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasman.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000179728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
    2019-06-26 22:47 - 2019-06-26 22:47 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbio.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\appsruprov.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000177976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
    2019-06-26 22:47 - 2019-06-26 22:47 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\energyprov.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000175096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
    2019-06-26 22:47 - 2019-06-26 22:47 - 000174392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\AppvVemgr.sys
    2019-06-26 22:47 - 2019-06-26 22:47 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
    2019-06-26 22:47 - 2019-06-26 22:47 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000169784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
    2019-06-26 22:47 - 2019-06-26 22:47 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
    2019-06-26 22:47 - 2019-06-26 22:47 - 000166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSrv.exe
    2019-06-26 22:47 - 2019-06-26 22:47 - 000164344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
    2019-06-26 22:47 - 2019-06-26 22:47 - 000164288 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000163240 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
    2019-06-26 22:47 - 2019-06-26 22:47 - 000161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000159272 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
    2019-06-26 22:47 - 2019-06-26 22:47 - 000159112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winquic.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000157496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
    2019-06-26 22:47 - 2019-06-26 22:47 - 000157024 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000156984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000156984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winquic.sys
    2019-06-26 22:47 - 2019-06-26 22:47 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiohlp.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000152896 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000152400 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000151872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000148480 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
    2019-06-26 22:47 - 2019-06-26 22:47 - 000147736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
    2019-06-26 22:47 - 2019-06-26 22:47 - 000146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleprn.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000141216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000140808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
    2019-06-26 22:47 - 2019-06-26 22:47 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
    2019-06-26 22:47 - 2019-06-26 22:47 - 000137056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000134456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000131384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
    2019-06-26 22:47 - 2019-06-26 22:47 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbio.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000125528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
    2019-06-26 22:47 - 2019-06-26 22:47 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyMATEnc.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000117720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\negoexts.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000114648 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
    2019-06-26 22:47 - 2019-06-26 22:47 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
    2019-06-26 22:47 - 2019-06-26 22:47 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvsetup.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000104248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
    2019-06-26 22:47 - 2019-06-26 22:47 - 000101176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\negoexts.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000098664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpr.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000097808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
    2019-06-26 22:47 - 2019-06-26 22:47 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingFilterDS.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000095544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storqosflt.sys
    2019-06-26 22:47 - 2019-06-26 22:47 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
    2019-06-26 22:47 - 2019-06-26 22:47 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
    2019-06-26 22:47 - 2019-06-26 22:47 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
    2019-06-26 22:47 - 2019-06-26 22:47 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys
    2019-06-26 22:47 - 2019-06-26 22:47 - 000090424 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
    2019-06-26 22:47 - 2019-06-26 22:47 - 000089336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpr.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcnfs.sys
    2019-06-26 22:47 - 2019-06-26 22:47 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\KdsCli.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000083472 _____ (Microsoft Corporation) C:\WINDOWS\system32\vid.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
    2019-06-26 22:47 - 2019-06-26 22:47 - 000080400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpci.sys
    2019-06-26 22:47 - 2019-06-26 22:47 - 000080400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
    2019-06-26 22:47 - 2019-06-26 22:47 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
    2019-06-26 22:47 - 2019-06-26 22:47 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mpsdrv.sys
    2019-06-26 22:47 - 2019-06-26 22:47 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\npfs.sys
    2019-06-26 22:47 - 2019-06-26 22:47 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
    2019-06-26 22:47 - 2019-06-26 22:47 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000074424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WindowsTrustedRT.sys
    2019-06-26 22:47 - 2019-06-26 22:47 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Common.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsiwmi.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000066688 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptdll.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManMigrationPlugin.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo-overrides.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessRuntime.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UevAppMonitor.exe
    2019-06-26 22:47 - 2019-06-26 22:47 - 000055792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptdll.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000055608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\iorate.sys
    2019-06-26 22:47 - 2019-06-26 22:47 - 000054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnosticsTool.exe
    2019-06-26 22:47 - 2019-06-26 22:47 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mmcss.sys
    2019-06-26 22:47 - 2019-06-26 22:47 - 000049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscapi.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
    2019-06-26 22:47 - 2019-06-26 22:47 - 000047136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
    2019-06-26 22:47 - 2019-06-26 22:47 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
    2019-06-26 22:47 - 2019-06-26 22:47 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys
    2019-06-26 22:47 - 2019-06-26 22:47 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpkinstall.exe
    2019-06-26 22:47 - 2019-06-26 22:47 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000039736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WppRecorder.sys
    2019-06-26 22:47 - 2019-06-26 22:47 - 000039304 _____ (Microsoft Corporation) C:\WINDOWS\system32\NtlmShared.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnsruprov.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000036360 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
    2019-06-26 22:47 - 2019-06-26 22:47 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msfs.sys
    2019-06-26 22:47 - 2019-06-26 22:47 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
    2019-06-26 22:47 - 2019-06-26 22:47 - 000033056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NtlmShared.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rfxvmt.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
    2019-06-26 22:47 - 2019-06-26 22:47 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscdll.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\npmproxy.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
    2019-06-26 22:47 - 2019-06-26 22:47 - 000000072 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
    2019-06-26 22:40 - 2019-06-26 22:40 - 000000000 ____D C:\Program Files\Reference Assemblies
    2019-06-26 22:40 - 2019-06-26 22:40 - 000000000 ____D C:\Program Files\MSBuild
    2019-06-26 22:40 - 2019-06-26 22:40 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
    2019-06-26 22:40 - 2019-06-26 22:40 - 000000000 ____D C:\Program Files (x86)\MSBuild
    2019-06-26 22:39 - 2019-06-26 22:39 - 001167960 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
    2019-06-26 22:39 - 2019-06-26 22:39 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsFilt.dll
    2019-06-26 22:39 - 2019-06-26 22:39 - 000780376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
    2019-06-26 22:39 - 2019-06-26 22:39 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsFilt.dll
    2019-06-26 22:39 - 2019-06-26 22:39 - 000126064 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
    2019-06-26 22:39 - 2019-06-26 22:39 - 000104560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
    2019-06-26 22:39 - 2019-06-26 22:39 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\XPSSHHDR.dll
    2019-06-26 22:39 - 2019-06-26 22:39 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XPSSHHDR.dll
    2019-06-26 22:39 - 2019-06-26 22:39 - 000076060 _____ C:\WINDOWS\SysWOW64\xpsrchvw.xml
    2019-06-26 22:39 - 2019-06-26 22:39 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml
    2019-06-26 22:39 - 2019-06-26 22:39 - 000036896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
    2019-06-26 22:39 - 2019-06-26 22:39 - 000035440 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
    2019-06-26 22:30 - 2019-07-12 06:41 - 000003110 _____ C:\WINDOWS\System32\Tasks\AMDLinkUpdate
    2019-06-26 22:30 - 2019-07-12 06:41 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
    2019-06-26 22:30 - 2019-06-30 19:52 - 000003198 _____ C:\WINDOWS\System32\Tasks\ModifyLinkUpdate
    2019-06-26 22:30 - 2019-06-26 22:30 - 000003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
    2019-06-26 22:30 - 2019-06-26 22:30 - 000003364 _____ C:\WINDOWS\System32\Tasks\BraveSoftwareUpdateTaskMachineUA
    2019-06-26 22:30 - 2019-06-26 22:30 - 000003346 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
    2019-06-26 22:30 - 2019-06-26 22:30 - 000003140 _____ C:\WINDOWS\System32\Tasks\BraveSoftwareUpdateTaskMachineCore
    2019-06-26 22:30 - 2019-06-26 22:30 - 000003122 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
    2019-06-26 22:30 - 2019-06-26 22:30 - 000002016 _____ C:\WINDOWS\System32\Tasks\RtsCM
    2019-06-26 22:30 - 2019-06-26 22:30 - 000000020 ___SH C:\Users\Paul\ntuser.ini
    2019-06-26 22:30 - 2019-06-26 22:30 - 000000000 ____D C:\WINDOWS\System32\Tasks\Lenovo
    2019-06-26 22:29 - 2019-07-12 06:47 - 000005768 _____ C:\WINDOWS\system32\PerfStringBackup.INI
    2019-06-26 22:29 - 2019-06-26 22:30 - 000007623 _____ C:\WINDOWS\diagwrn.xml
    2019-06-26 22:29 - 2019-06-26 22:30 - 000007623 _____ C:\WINDOWS\diagerr.xml
    2019-06-26 22:21 - 2019-06-26 22:21 - 000001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
    2019-06-26 22:19 - 2019-06-30 19:32 - 000000000 ____D C:\Users\Paul
    2019-06-26 22:19 - 2018-09-15 00:29 - 000001105 _____ C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
    2019-06-26 22:17 - 2019-06-26 22:47 - 002865152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
    2019-06-26 22:17 - 2019-06-26 22:17 - 000000000 ____D C:\ProgramData\USOShared
    2019-06-26 22:16 - 2019-06-26 22:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby
    2019-06-26 22:16 - 2019-06-26 22:16 - 000000000 ____D C:\Program Files\Dolby Digital Plus
    2019-06-26 22:14 - 2019-07-14 15:49 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
    2019-06-26 22:14 - 2019-07-12 06:41 - 000653296 _____ C:\WINDOWS\system32\FNTCACHE.DAT
    2019-06-26 20:07 - 2019-06-26 20:07 - 000406860 _____ C:\Users\Paul\Desktop\Fuel Economy & Viscosity.pdf
    2019-06-26 18:46 - 2019-06-26 18:46 - 000158208 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdihk64.dll
    2019-06-26 18:45 - 2019-06-26 18:45 - 000130048 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdihk32.dll
    2019-06-26 14:16 - 2019-06-26 22:30 - 000000000 ___DC C:\WINDOWS\Panther
    2019-06-21 17:40 - 2019-06-21 17:40 - 000000000 ____D C:\Users\Paul\Desktop\umbrellaquotes
    2019-06-20 13:49 - 2019-06-20 13:49 - 000170061 _____ C:\Users\Paul\Desktop\Charlemagne and the Vision of a Christian Empire.pdf
    2019-06-20 13:38 - 2019-06-20 13:38 - 001213997 _____ C:\Users\Paul\Desktop\Expansion of Roman Citizenship.pdf
    2019-06-18 17:55 - 2019-06-18 17:55 - 000361522 _____ C:\Users\Paul\Desktop\Abolition Feudalism August 1789 French Revolution.pdf
    2019-06-17 15:52 - 2019-06-30 20:10 - 000000000 ____D C:\Users\Paul\Desktop\Reagan on Fall of USSR

    ==================== One month (modified) ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2019-07-14 16:33 - 2016-06-03 18:29 - 000000000 ____D C:\FRST
    2019-07-14 16:13 - 2018-10-09 21:30 - 000000000 ____D C:\Users\Paul\AppData\Local\OpenShell
    2019-07-14 16:10 - 2016-03-14 23:10 - 000000000 ____D C:\Users\Paul\AppData\Roaming\vlc
    2019-07-14 15:49 - 2016-05-24 21:02 - 000000000 ____D C:\Users\Paul\AppData\LocalLow\Mozilla
    2019-07-14 09:19 - 2018-09-15 00:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
    2019-07-13 07:15 - 2018-09-15 00:33 - 000000000 ___HD C:\Program Files\WindowsApps
    2019-07-13 07:15 - 2018-09-15 00:33 - 000000000 ____D C:\WINDOWS\AppReadiness
    2019-07-13 07:14 - 2018-09-15 00:31 - 000000000 ____D C:\WINDOWS\INF
    2019-07-12 06:41 - 2018-09-14 23:09 - 000524288 _____ C:\WINDOWS\system32\config\BBI
    2019-07-12 06:41 - 2017-11-18 23:20 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
    2019-07-12 06:41 - 2017-10-17 20:50 - 000000000 ___RD C:\Users\Paul\3D Objects
    2019-07-12 06:41 - 2017-05-29 20:31 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
    2019-07-12 06:41 - 2016-06-27 11:54 - 000000000 ____D C:\Program Files\Mozilla Firefox
    2019-07-12 06:41 - 2016-03-01 19:42 - 000000000 __RHD C:\Users\Public\AccountPictures
    2019-07-12 06:40 - 2018-09-15 02:11 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
    2019-07-12 06:40 - 2018-09-15 00:33 - 000000000 ____D C:\WINDOWS\system32\oobe
    2019-07-12 06:40 - 2018-09-15 00:33 - 000000000 ____D C:\WINDOWS\bcastdvr
    2019-07-10 14:16 - 2019-02-01 11:30 - 000002367 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome Beta.lnk
    2019-07-10 10:21 - 2016-03-01 21:46 - 000741432 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
    2019-07-09 17:51 - 2016-03-25 18:04 - 000000000 ____D C:\Users\Paul\AppData\Roaming\KeePass
    2019-07-09 13:31 - 2018-09-15 00:23 - 000000000 ____D C:\WINDOWS\CbsTemp
    2019-07-09 13:30 - 2016-03-01 21:57 - 000000000 ____D C:\WINDOWS\system32\MRT
    2019-07-09 13:24 - 2018-09-14 23:09 - 000000000 ____D C:\WINDOWS\servicing
    2019-07-09 13:24 - 2016-03-01 21:57 - 136618864 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
    2019-07-08 12:36 - 2018-02-17 08:12 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
    2019-07-05 18:00 - 2018-07-06 08:20 - 000000000 ____D C:\Users\Paul\AppData\Roaming\VERIZON
    2019-07-02 09:34 - 2019-06-03 06:27 - 000002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
    2019-07-02 09:10 - 2019-04-03 22:27 - 000002217 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vivaldi.lnk
    2019-07-02 09:10 - 2019-04-03 22:27 - 000000000 ____D C:\Program Files\Vivaldi
    2019-06-30 19:59 - 2016-03-23 15:05 - 000000000 ____D C:\Users\Paul\AppData\Local\AMD
    2019-06-30 19:51 - 2017-05-29 20:30 - 000000000 ____D C:\Program Files\AMD
    2019-06-30 19:51 - 2016-03-01 22:39 - 000000000 ____D C:\Program Files (x86)\AMD
    2019-06-30 19:50 - 2018-09-15 00:33 - 000000000 ____D C:\WINDOWS\LiveKernelReports
    2019-06-30 19:42 - 2016-03-01 19:46 - 000000000 ____D C:\ProgramData\AMD
    2019-06-30 19:41 - 2016-03-01 19:45 - 000000000 ____D C:\AMD
    2019-06-27 23:47 - 2018-11-15 19:54 - 000000000 ____D C:\Program Files\rempl
    2019-06-27 12:51 - 2016-03-02 07:39 - 000000000 ____D C:\Program Files (x86)\Pandora Recovery
    2019-06-27 10:53 - 2017-05-24 11:56 - 000000000 ____D C:\Program Files\UNP
    2019-06-27 06:40 - 2018-09-15 00:33 - 000000000 ____D C:\WINDOWS\appcompat
    2019-06-27 05:07 - 2015-10-20 11:17 - 000124840 _____ C:\WINDOWS\system32\atidxx64.dll
    2019-06-27 05:07 - 2015-10-20 11:16 - 000179584 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
    2019-06-27 05:07 - 2015-10-20 11:16 - 000158424 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
    2019-06-27 05:07 - 2015-10-20 11:16 - 000121792 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
    2019-06-27 05:07 - 2015-10-20 11:16 - 000107944 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
    2019-06-27 05:07 - 2015-10-20 11:15 - 000106408 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
    2019-06-27 05:07 - 2015-10-20 11:14 - 000349400 _____ C:\WINDOWS\system32\clinfo.exe
    2019-06-27 05:07 - 2015-10-20 11:14 - 000159448 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
    2019-06-27 05:07 - 2015-10-20 11:14 - 000136408 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
    2019-06-27 05:07 - 2015-10-20 11:13 - 000761776 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
    2019-06-27 05:07 - 2015-10-20 11:13 - 000469416 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
    2019-06-27 05:07 - 2015-10-20 11:13 - 000440744 _____ C:\WINDOWS\system32\atieah64.exe
    2019-06-27 05:07 - 2015-10-20 11:13 - 000353192 _____ C:\WINDOWS\SysWOW64\atieah32.exe
    2019-06-27 05:07 - 2015-10-20 11:13 - 000239832 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
    2019-06-27 05:07 - 2015-10-20 11:13 - 000212184 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
    2019-06-27 05:07 - 2015-10-20 11:13 - 000126168 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
    2019-06-27 05:07 - 2015-10-20 11:12 - 001706408 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
    2019-06-27 05:07 - 2015-10-20 11:12 - 001237928 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
    2019-06-27 05:06 - 2018-12-13 22:07 - 000103664 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdkmpfd.sys
    2019-06-27 05:06 - 2015-10-20 11:10 - 000473512 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
    2019-06-27 05:06 - 2015-10-20 11:10 - 000382376 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
    2019-06-27 02:06 - 2015-10-20 11:17 - 000128952 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
    2019-06-27 02:06 - 2015-10-20 11:17 - 000108560 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
    2019-06-27 02:06 - 2015-10-20 11:15 - 000554696 _____ C:\WINDOWS\system32\amdmiracast.dll
    2019-06-27 02:06 - 2015-10-20 11:15 - 000135456 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
    2019-06-27 02:06 - 2015-10-20 11:15 - 000128736 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
    2019-06-27 02:06 - 2015-10-20 11:15 - 000119856 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
    2019-06-27 02:06 - 2015-10-20 11:15 - 000108352 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
    2019-06-26 23:13 - 2019-01-17 20:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Image Viewer
    2019-06-26 23:13 - 2019-01-15 22:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
    2019-06-26 23:13 - 2018-12-24 10:41 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.6
    2019-06-26 23:13 - 2018-10-09 21:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Open-Shell
    2019-06-26 23:13 - 2018-09-15 00:36 - 000000000 ____D C:\WINDOWS\Setup
    2019-06-26 23:13 - 2018-09-15 00:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
    2019-06-26 23:13 - 2018-09-15 00:33 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
    2019-06-26 23:13 - 2018-09-15 00:33 - 000000000 ____D C:\WINDOWS\system32\spool
    2019-06-26 23:13 - 2018-09-15 00:33 - 000000000 ____D C:\WINDOWS\system32\NDF
    2019-06-26 23:13 - 2018-09-15 00:33 - 000000000 ____D C:\WINDOWS\system32\Macromed
    2019-06-26 23:13 - 2018-09-15 00:33 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
    2019-06-26 23:13 - 2018-09-15 00:33 - 000000000 ____D C:\WINDOWS\Registration
    2019-06-26 23:13 - 2018-09-15 00:33 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
    2019-06-26 23:13 - 2018-09-15 00:31 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
    2019-06-26 23:13 - 2018-04-11 16:38 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
    2019-06-26 23:13 - 2017-05-29 20:30 - 000000000 ____D C:\Program Files\CONEXANT
    2019-06-26 23:13 - 2016-03-23 14:58 - 000000000 ____D C:\WINDOWS\system32\appmgmt
    2019-06-26 23:13 - 2016-03-03 18:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bible Study
    2019-06-26 23:13 - 2016-03-03 11:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016
    2019-06-26 23:13 - 2015-10-30 00:24 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
    2019-06-26 23:05 - 2018-04-11 16:38 - 000000000 ____D C:\WINDOWS\InfusedApps
    2019-06-26 23:04 - 2018-09-15 00:33 - 000000000 __RHD C:\Users\Public\Libraries
    2019-06-26 22:58 - 2018-12-04 03:28 - 000000000 ____D C:\WINDOWS\SysWOW64\Lenovo
    2019-06-26 22:57 - 2019-05-09 18:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
    2019-06-26 22:57 - 2019-01-13 23:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SIL
    2019-06-26 22:57 - 2018-09-15 00:33 - 000000000 ____D C:\WINDOWS\Resources
    2019-06-26 22:57 - 2018-05-16 08:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Conexant
    2019-06-26 22:57 - 2017-05-29 20:30 - 000000000 ____D C:\Program Files\Common Files\ATI Technologies
    2019-06-26 22:57 - 2016-03-04 13:09 - 000000000 ____D C:\Program Files\HP
    2019-06-26 22:52 - 2018-09-15 02:11 - 000000000 ____D C:\Program Files\Windows Photo Viewer
    2019-06-26 22:52 - 2018-09-15 02:11 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
    2019-06-26 22:52 - 2018-09-15 00:33 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
    2019-06-26 22:52 - 2018-09-15 00:33 - 000000000 ____D C:\WINDOWS\TextInput
    2019-06-26 22:52 - 2018-09-15 00:33 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
    2019-06-26 22:52 - 2018-09-15 00:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
    2019-06-26 22:52 - 2018-09-15 00:33 - 000000000 ____D C:\WINDOWS\system32\migwiz
    2019-06-26 22:52 - 2018-09-15 00:33 - 000000000 ____D C:\WINDOWS\system32\appraiser
    2019-06-26 22:52 - 2018-09-15 00:33 - 000000000 ____D C:\WINDOWS\ShellExperiences
    2019-06-26 22:52 - 2018-09-15 00:33 - 000000000 ____D C:\WINDOWS\ShellComponents
    2019-06-26 22:52 - 2018-09-15 00:33 - 000000000 ____D C:\WINDOWS\Provisioning
    2019-06-26 22:52 - 2018-09-15 00:33 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
    2019-06-26 22:52 - 2018-09-14 23:09 - 000000000 ____D C:\WINDOWS\system32\Dism
    2019-06-26 22:49 - 2018-07-10 19:24 - 000000000 ____D C:\ProgramData\Packages
    2019-06-26 22:47 - 2017-10-17 20:33 - 000000000 ____D C:\Users\Paul\AppData\Local\Packages
    2019-06-26 22:39 - 2018-09-15 00:33 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
    2019-06-26 22:39 - 2018-09-15 00:33 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
    2019-06-26 22:39 - 2018-09-15 00:33 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
    2019-06-26 22:39 - 2018-09-15 00:33 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
    2019-06-26 22:39 - 2018-09-15 00:33 - 000000000 ____D C:\WINDOWS\system32\lv-LV
    2019-06-26 22:39 - 2018-09-15 00:33 - 000000000 ____D C:\WINDOWS\system32\lt-LT
    2019-06-26 22:39 - 2018-09-15 00:33 - 000000000 ____D C:\WINDOWS\system32\et-EE
    2019-06-26 22:39 - 2018-09-15 00:33 - 000000000 ____D C:\WINDOWS\system32\es-MX
    2019-06-26 22:32 - 2018-01-14 16:37 - 000000000 ____D C:\Users\Paul\AppData\Local\PlaceholderTileLogoFolder
    2019-06-26 22:30 - 2018-09-15 00:33 - 000000000 ___RD C:\Program Files\Windows Defender
    2019-06-26 22:30 - 2018-09-14 23:09 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
    2019-06-26 22:30 - 2016-08-06 05:53 - 000005710 __RSH C:\ProgramData\ntuser.pol
    2019-06-26 22:30 - 2016-08-06 05:08 - 000000000 ____D C:\Users\Paul\AppData\Local\ConnectedDevicesPlatform
    2019-06-26 22:26 - 2018-09-15 00:33 - 000000000 ___RD C:\WINDOWS\PrintDialog
    2019-06-26 22:25 - 2016-03-04 11:30 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SystemTools
    2019-06-26 22:21 - 2019-06-10 17:51 - 000000000 ____D C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
    2019-06-26 22:21 - 2019-01-16 08:33 - 000000000 ____D C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Beta Apps
    2019-06-26 22:21 - 2016-03-04 13:12 - 000000000 ____D C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP LaserJet Professional P1100 Series
    2019-06-26 22:21 - 2016-03-02 08:53 - 000000000 ___RD C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Media Viewers
    2019-06-26 22:21 - 2016-03-02 08:53 - 000000000 ____D C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browsers
    2019-06-26 22:20 - 2016-03-04 11:44 - 000000000 ___RD C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Recycle Bin
    2019-06-26 22:19 - 2018-11-04 16:59 - 000000000 ___RD C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Daily Yoga
    2019-06-26 22:19 - 2018-09-18 13:08 - 000000000 ___RD C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Fall
    2019-06-26 22:19 - 2016-03-04 11:53 - 000000000 ___RD C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Graphics
    2019-06-26 22:19 - 2016-03-03 22:06 - 000000000 ____D C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Britannica 11.0
    2019-06-26 22:18 - 2017-05-29 20:31 - 000000000 ____D C:\WINDOWS\SysWOW64\sda
    2019-06-26 22:17 - 2018-09-15 00:33 - 000000000 ____D C:\ProgramData\USOPrivate
    2019-06-26 22:16 - 2017-05-29 20:29 - 000000000 ____D C:\Program Files\Apoint2K
    2019-06-26 15:52 - 2015-10-20 10:48 - 003471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
    2019-06-26 15:52 - 2015-10-20 10:48 - 003437632 _____ C:\WINDOWS\system32\atiumd6a.cap
    2019-06-26 15:44 - 2015-10-20 10:48 - 000918088 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
    2019-06-26 15:44 - 2015-10-20 10:48 - 000918088 _____ C:\WINDOWS\system32\atiapfxx.blb
    2019-06-23 22:46 - 2018-12-12 22:59 - 000000000 ____D C:\Program Files\Basilisk
    2019-06-19 14:57 - 2019-02-12 18:42 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
    2019-06-19 14:27 - 2016-06-05 06:32 - 000000000 ____D C:\Program Files\Nightly
    2019-06-18 22:00 - 2018-08-10 09:33 - 000000000 ____D C:\Users\Paul\Desktop\New folder
    2019-06-17 18:37 - 2019-06-09 19:02 - 000012491 _____ C:\Users\Paul\Desktop\New Essays.odt

    ==================== Files in the root of some directories ================

    2016-04-11 22:10 - 2016-04-11 22:10 - 000001793 _____ () C:\Users\Paul\AppData\Local\recently-used.xbel

    ==================== SigCheck ===============================

    (There is no automatic fix for files that do not pass verification.)

    ==================== End of FRST.txt ============================
     
    psaulm119,
    #6
  8. 2019/07/14
    psaulm119 Lifetime Subscription

    psaulm119 Geek Member Thread Starter

    Joined:
    2003/12/07
    Messages:
    1,424
    Likes Received:
    21
    OK the above was the FIRST file. Below is the ADDITION file:
    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-07-2019
    Ran by Paul (14-07-2019 16:38:35)
    Running from C:\Users\Paul\Desktop
    Windows 10 Pro Version 1809 17763.615 (X64) (2019-06-27 05:30:16)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-3409797038-3744183562-1095253496-500 - Administrator - Disabled)
    DefaultAccount (S-1-5-21-3409797038-3744183562-1095253496-503 - Limited - Disabled)
    Guest (S-1-5-21-3409797038-3744183562-1095253496-501 - Limited - Disabled)
    Paul (S-1-5-21-3409797038-3744183562-1095253496-1001 - Administrator - Enabled) => C:\Users\Paul
    WDAGUtilityAccount (S-1-5-21-3409797038-3744183562-1095253496-504 - Limited - Disabled)

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    7+ Taskbar Tweaker v5.1 (HKU\S-1-5-21-3409797038-3744183562-1095253496-1001\...\7 Taskbar Tweaker) (Version: 5.1 - RaMMicHaeL)
    7-Zip 15.14 (x64) (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov)
    Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.012.20035 - Adobe Systems Incorporated)
    Amazon Photos (HKU\S-1-5-21-3409797038-3744183562-1095253496-1001\...\Amazon Photos) (Version: 5.9.1 - Amazon.com, Inc.)
    AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 4.0.0.0 - AppEx Networks)
    AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.6.3 - Advanced Micro Devices, Inc.)
    ANT Drivers Installer x64 (HKLM\...\{1545D39F-D296-42D3-9E3A-D3DDC83FF45C}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
    Auslogics Duplicate File Finder (HKLM-x32\...\{6845255F-15CC-4DD1-94D5-D38F370118B3}_is1) (Version: 7.0.24.0 - Auslogics Labs Pty Ltd)
    Basilisk 52.9.2019.06.08 (x64 en-US) (HKLM\...\Basilisk 52.9.2019.06.08 (x64 en-US)) (Version: 52.9.2019.06.08 - Mozilla)
    BatteryMon V2.1 (HKLM-x32\...\BatteryMon_is1) (Version: - PassMark Software)
    BlueGriffon version 2.3.1 (HKLM-x32\...\{A9015334-10BE-4D64-A776-203336EFE806}_is1) (Version: 2.3.1 - Disruptive Innovations SAS)
    Branding64 (HKLM\...\{EE2AFCE4-0238-4DE0-A140-1647021627C1}) (Version: 1.00.0001 - Advanced Micro Devices, Inc.) Hidden
    Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 75.0.66.99 - Brave Software Inc)
    Catalyst Control Center Next Localization BR (HKLM\...\{55A4D3AB-C8DF-26B2-89A8-7E16E1E40700}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization CHS (HKLM\...\{365AEAB2-4CF3-7CBB-0DAC-E9E14B688E65}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization CHT (HKLM\...\{7ABC6D83-816E-6D48-E65D-B0CEDD294E4E}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization CS (HKLM\...\{C3EE628C-7394-FE2C-0C90-C05284EB528D}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization DA (HKLM\...\{2F544F46-5F6E-97BB-3550-A0242A3C5754}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization DE (HKLM\...\{FC4086D6-E345-5F43-08BB-280FB57DAF49}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization EL (HKLM\...\{F8EBE530-A4D5-BF51-F623-3787E6B8A878}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization ES (HKLM\...\{42FBD43F-DE53-6D4D-5134-E3C93B45CBEF}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization FI (HKLM\...\{AC85CF50-9A55-0103-ADBF-365C37603AA4}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization FR (HKLM\...\{B349892D-B015-033C-4CA8-3635E6B655D7}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization HU (HKLM\...\{BE8D6AB1-3049-2F0C-67FA-00C0A5D321A3}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization IT (HKLM\...\{26567561-DFB2-2B63-9BA8-6A490ED37016}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization JA (HKLM\...\{0809FEC1-EF86-51E9-8210-DC1B1BDB6745}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization KO (HKLM\...\{5FD706FF-6AD8-E372-A35A-879409982655}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization NL (HKLM\...\{A4E7CA0C-84EB-5E29-2F04-06C4E4790C2F}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization NO (HKLM\...\{59D2664C-949B-7FA7-9880-ECB993B6616A}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization PL (HKLM\...\{970A40CA-46AB-986C-1798-976ED0EA00FA}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization RU (HKLM\...\{4707CBFC-8ED4-463E-0FF9-DE86F4A743E9}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization SV (HKLM\...\{C14A3A5B-8A86-C239-37D7-158211778C54}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization TH (HKLM\...\{A50C89BC-8D8E-8828-824A-7171F6D583D5}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization TR (HKLM\...\{0B5633F0-C415-2F08-671E-4C9E2FAACD45}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.4.51 - Conexant)
    Copernic Desktop Search 6 (HKLM-x32\...\{39A49E6C-9E03-4DAD-98DA-90F73812A8C0}) (Version: 6.0.2.11080 - Copernic) Hidden
    Copernic Desktop Search 6 (HKLM-x32\...\CopernicDesktopSearch6) (Version: 6.0.2.11080 - Copernic)
    Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
    Elevated Installer (HKLM-x32\...\{22234FFC-C2DA-4662-8295-119232148609}) (Version: 6.12.0.0 - Garmin Ltd or its subsidiaries) Hidden
    Eraser 6.2.0.2979 (HKLM\...\{C5900DE9-D199-4C27-B692-354C9A6A6C8B}) (Version: 6.2.2979 - The Eraser Project)
    e-Sword (HKLM-x32\...\{0BF38804-B6AE-4C32-9564-B0C0E7188D62}) (Version: 11.00.0006 - Rick Meyers)
    FastStone Image Viewer 7.3 (HKLM-x32\...\FastStone Image Viewer) (Version: 7.3 - FastStone Soft)
    Firefox Developer Edition 67.0 (x64 en-US) (HKLM\...\Firefox Developer Edition 67.0 (x64 en-US)) (Version: 67.0 - Mozilla)
    Garmin Express (HKLM-x32\...\{e51e84de-2206-4ef2-91fb-8ae3f9cb68e2}) (Version: 6.12.0.0 - Garmin Ltd or its subsidiaries)
    GentiumPlus 5.000 (HKLM-x32\...\GentiumPlus) (Version: - )
    Google Chrome Beta (HKLM-x32\...\Google Chrome Beta) (Version: 76.0.3809.62 - Google LLC)
    Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
    Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden
    HP LaserJet Professional P1100-P1560-P1600 Series (HKLM\...\HP LaserJet Professional P1100-P1560-P1600 Series) (Version: - )
    Integrated Camera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 10.0.10240.11138 - Realtek Semiconductor Corp.)
    KeePass Password Safe 2.36 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.36 - Dominik Reichl)
    K-Lite Mega Codec Pack 11.9.6 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.9.6 - KLCP)
    KompoZer 0.8b3 (HKLM-x32\...\{20aa4150-b5f4-11de-8a39-0800200c9a66}_is1) (Version: - KompoZer)
    Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.11.08 - Lenovo)
    Lenovo Service Bridge (HKU\S-1-5-21-3409797038-3744183562-1095253496-1001\...\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 4.1.0.1 - Lenovo)
    LibreOffice 6.0.6.2 (HKLM\...\{982E3D14-3F50-412B-A1C2-BC9262E8810F}) (Version: 6.0.6.2 - The Document Foundation)
    Linksys Connect (HKLM-x32\...\Linksys Connect) (Version: 1.5.14350.0 - Linksys LLC)
    Malwarebytes version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
    Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 16.0.11126.20196 - Microsoft Corporation)
    Microsoft Office SharePoint Designer 2007 (HKLM-x32\...\SharePointDesigner) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0017-0000-0000-0000000FF1CE}_SharePointDesigner_{4B4DF6E2-5E40-422B-82DD-205FD7E79226}) (Version: - Microsoft)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
    Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
    Mozilla Firefox 68.0 (x64 en-US) (HKLM\...\Mozilla Firefox 68.0 (x64 en-US)) (Version: 68.0 - Mozilla)
    Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 66.0 - Mozilla)
    Mozilla Thunderbird 60.0 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 60.0 (x86 en-US)) (Version: 60.0 - Mozilla)
    Nightly 69.0a1 (x64 en-US) (HKLM\...\Nightly 69.0a1 (x64 en-US)) (Version: 69.0a1 - Mozilla)
    OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
    Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11126.20196 - Microsoft Corporation) Hidden
    Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11126.20196 - Microsoft Corporation) Hidden
    Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11126.20196 - Microsoft Corporation) Hidden
    Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.11126.20196 - Microsoft Corporation) Hidden
    OpenDNS Updater 2.2.1 (HKLM-x32\...\OpenDNS Updater) (Version: 2.2.1 - )
    OpenOffice 4.1.6 (HKLM-x32\...\{16E4FF6B-31E8-4037-B627-D87CF872E32B}) (Version: 4.16.9790 - Apache Software Foundation)
    Open-Shell (HKLM\...\{FD722BB1-4960-455F-89C6-EFAEB79527EF}) (Version: 4.4.131 - The Open-Shell Team)
    Pale Moon 28.5.0 (x64 en-US) (HKLM\...\Pale Moon 28.5.0 (x64 en-US)) (Version: 28.5.0 - Moonchild Productions)
    PandoraRecovery (Remove Only) (HKLM-x32\...\PandoraRecovery) (Version: - )
    Paragon Partition Managerâ„¢ 14 Free (HKLM\...\{47E5588F-C3A0-11DE-9857-005056C00008}) (Version: 90.00.0003 - Paragon Software)
    PDFill PDF Editor with FREE Writer and FREE Tools (HKLM\...\{D1399216-81B2-457C-A0F7-73B9A2EF6902}) (Version: 13.0 - PlotSoft LLC)
    PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.322.8 - Tracker Software Products Ltd)
    PDF-XChange Editor (HKLM\...\{F035709A-033D-480D-A75C-38F89A7309FC}) (Version: 7.0.326.1 - Tracker Software Products (Canada) Ltd.)
    PDF-XChange Editor (HKLM-x32\...\{d9c93a99-d9e9-4978-8bb5-f3ea9cf1c2fd}) (Version: 7.0.323.2 - Tracker Software Products (Canada) Ltd.)
    Speccy (HKLM\...\Speccy) (Version: 1.29 - Piriform)
    SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.1.2 - Krzysztof Kowalczyk)
    SumatraPDF (HKLM-x32\...\SumatraPDF) (Version: 2.5.2 - Krzysztof Kowalczyk)
    SyncBackFree (HKLM-x32\...\SyncBackFree_is1) (Version: 8.5.5.0 - 2BrightSparks)
    TeraCopy 2.3 (HKLM\...\TeraCopy_is1) (Version: - Code Sector)
    ThinkPad UltraNav Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.216.1616.137 - ALPS ELECTRIC CO., LTD.)
    TouchpadPal 1.4 (HKLM-x32\...\TouchpadPal) (Version: 1.4 - DeSofto)
    Ultimate Reference Suite (HKLM-x32\...\Ultimate Reference Suite) (Version: 2011.0.0.0 - Encyclopaedia Britannica, Inc.)
    Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0017-0000-0000-0000000FF1CE}_SharePointDesigner_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
    Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
    Virtual Account Numbers (HKLM-x32\...\{0134662F-5B97-4D60-9A24-B81B6A56DEF7}) (Version: 1.0.6.0 - Citi) Hidden
    Vivaldi (HKLM-x32\...\Vivaldi) (Version: 2.7.1594.4 - Vivaldi Technologies AS.)
    VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.4 - VideoLAN)
    Vulkan Run Time Libraries 1.0.37.0 (HKLM\...\VulkanRT1.0.37.0) (Version: 1.0.37.0 - LunarG, Inc.)
    Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.) Hidden
    Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1-2) (Version: 1.0.39.1 - LunarG, Inc.)
    Vulkan Run Time Libraries 1.0.51.0 (HKLM\...\VulkanRT1.0.51.0) (Version: 1.0.51.0 - LunarG, Inc.)
    Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
    Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
    Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
    Waterfox 56.2.8 (x64 en-US) (HKLM\...\Waterfox 56.2.8 (x64 en-US)) (Version: 56.2.8 - Waterfox Ltd)
    Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22256 - Microsoft Corporation)
    Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
    Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
    Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)

    Packages:
    =========
    Adblock Plus -> C:\Program Files\WindowsApps\EyeoGmbH.AdblockPlus_0.9.15.0_neutral__d55gg7py3s0m0 [2019-04-30] (eyeo GmbH)
    Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.143.600.0_x86__kgqvnymyfvs32 [2019-07-11] (king.com)
    Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe [2019-07-09] (Microsoft Corporation) [MS Ad]
    Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-16] (Microsoft Corporation) [MS Ad]
    Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-16] (Microsoft Corporation) [MS Ad]
    Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.31.11723.0_x64__8wekyb3d8bbwe [2019-06-26] (Microsoft Corporation) [MS Ad]
    Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-06-16] (Microsoft Studios) [MS Ad]
    MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.29.10701.0_x64__8wekyb3d8bbwe [2019-03-23] (Microsoft Corporation) [MS Ad]
    MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.28.3242.0_x64__8wekyb3d8bbwe [2018-12-14] (Microsoft Corporation) [MS Ad]
    MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.28.10351.0_x64__8wekyb3d8bbwe [2019-02-13] (Microsoft Corporation) [MS Ad]
    Photos Add-on -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2019-05-07] (Microsoft Corporation)
    PhotoScape X -> C:\Program Files\WindowsApps\MooiiTech.PhotoScapeX_3.0.3.0_x64__f5eddttrpssna [2019-05-22] (Mooii Tech)
    Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-08] (Twitter Inc.)
     
    psaulm119,
    #7
  9. 2019/07/14
    psaulm119 Lifetime Subscription

    psaulm119 Geek Member Thread Starter

    Joined:
    2003/12/07
    Messages:
    1,424
    Likes Received:
    21
    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    CustomCLSID: HKU\S-1-5-21-3409797038-3744183562-1095253496-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Paul\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\amd64\FileSyncShell64.dll => No File
    CustomCLSID: HKU\S-1-5-21-3409797038-3744183562-1095253496-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Paul\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\amd64\FileSyncShell64.dll => No File
    CustomCLSID: HKU\S-1-5-21-3409797038-3744183562-1095253496-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Paul\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\amd64\FileSyncShell64.dll => No File
    CustomCLSID: HKU\S-1-5-21-3409797038-3744183562-1095253496-1001_Classes\CLSID\{9B57F475-CCB0-4C85-88A9-2AA9A6C0809A} -> [Amazon Drive] => C:\Users\Paul\Amazon Drive [2017-07-19 12:56]
    ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
    ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
    ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
    ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
    ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
    ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
    ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
    ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-12-31] (Igor Pavlov) [File not signed]
    ContextMenuHandlers1: [PDFXChange Editor Context menu] -> {2ACD35AB-F74A-4C20-AA9B-2DE80081626D} => C:\Program Files\Tracker Software\Shell Extensions\XCShellMenu.x64.dll [2018-07-25] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
    ContextMenuHandlers1: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt64.dll [2012-01-20] () [File not signed]
    ContextMenuHandlers2: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt64.dll [2012-01-20] () [File not signed]
    ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes Corporation -> Malwarebytes)
    ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-12-31] (Igor Pavlov) [File not signed]
    ContextMenuHandlers4: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt64.dll [2012-01-20] () [File not signed]
    ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2019-06-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
    ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-12-31] (Igor Pavlov) [File not signed]
    ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes Corporation -> Malwarebytes)
    ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\WINDOWS\system32\StartMenuHelper64.dll [2018-08-18] (Open-Shell) [File not signed]
    ContextMenuHandlers6: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt64.dll [2012-01-20] () [File not signed]

    ==================== Shortcuts & WMI ========================

    (The entries could be listed to be restored or removed.)


    Shortcut: C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\ClearPrintJobs.lnk -> D:\Stuff\ClearPrintJobs.bat ()
    Shortcut: C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browsers\Firefox Developer Edition.lnk -> C:\Program Files\Firefox Developer Edition\firefox.exe (Mozilla Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox Developer Edition.lnk -> C:\Program Files\Firefox Developer Edition\firefox.exe (Mozilla Corporation)

    ShortcutWithArgument: C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Beta Apps\Gmail (1).lnk -> C:\Program Files (x86)\Google\Chrome Beta\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=kmhopmchchfpfdcdjodmpfaaphdclmlj
    ShortcutWithArgument: C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Beta Apps\Gmail (2).lnk -> C:\Program Files (x86)\Google\Chrome Beta\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=hkpeeeoimoedkcoenbnppmfkpjdebibo
    ShortcutWithArgument: C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Beta Apps\Gmail.lnk -> C:\Program Files (x86)\Google\Chrome Beta\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=kmhopmchchfpfdcdjodmpfaaphdclmlj
    ShortcutWithArgument: C:\Users\Paul\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Gmail (1).lnk -> C:\Program Files (x86)\Google\Chrome Beta\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=kmhopmchchfpfdcdjodmpfaaphdclmlj

    ==================== Loaded Modules (Whitelisted) ==============

    2010-06-16 14:42 - 2010-06-16 14:42 - 000839680 _____ () [File not signed] C:\Program Files (x86)\OpenDNS Updater\OpenDNSUpdater.exe
    2019-01-08 13:00 - 2019-01-08 13:00 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.DLL
    2019-01-08 13:00 - 2019-01-08 13:00 - 003598336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
    2017-09-10 14:42 - 2012-01-29 16:55 - 000657920 _____ () [File not signed] C:\Program Files\TeraCopy\TeraCopy64.dll
    2017-09-10 14:42 - 2012-01-20 14:55 - 000678400 _____ () [File not signed] C:\Program Files\TeraCopy\TeraCopyExt64.dll
    2019-05-02 19:33 - 2019-05-02 19:33 - 007862371 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\Annots.api
    2019-05-02 19:33 - 2019-05-02 19:33 - 002802787 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\EScript.api
    2019-05-02 19:33 - 2019-05-02 19:33 - 000135779 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\IA32.api
    2019-05-02 19:33 - 2019-05-02 19:33 - 000495203 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\SaveAsRTF.api
    2019-05-02 19:33 - 2019-05-02 19:33 - 000168547 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\Updater.api
    2019-05-02 19:33 - 2019-05-02 19:33 - 000335971 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\weblink.api
    2019-06-26 18:46 - 2019-06-26 18:46 - 000158208 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\SYSTEM32\amdihk64.dll
    2017-10-06 11:21 - 2017-10-06 11:21 - 000008704 _____ (Copernic, a division of N. Harris Computer Systems) [File not signed] C:\Program Files (x86)\Copernic\DesktopSearch\x64\Copernic.Data.Index.IndexExport.dll
    2017-10-06 11:22 - 2017-10-06 11:22 - 000787456 _____ (Copernic, a division of N. Harris Computer Systems) [File not signed] C:\Program Files (x86)\Copernic\DesktopSearch\x64\Copernic.DesktopSearch.exe
    2016-03-02 07:24 - 2015-12-31 07:15 - 000077312 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
    2009-06-25 10:27 - 2009-06-25 10:27 - 000541184 _____ (Marvell Semiconductor, Inc.) [File not signed] C:\WINDOWS\System32\mvtcpmon.dll
    2016-06-09 19:17 - 2016-06-09 19:17 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\AppVIsvSubsystems32.dll
    2016-06-09 19:17 - 2016-06-09 19:17 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\c2r32.dll
    2018-08-18 23:58 - 2018-08-18 23:58 - 000216576 _____ (Open-Shell) [File not signed] C:\Program Files\Open-Shell\StartMenu.exe
    2018-08-18 23:57 - 2018-08-18 23:57 - 003447808 _____ (Open-Shell) [File not signed] C:\Program Files\Open-Shell\StartMenuDLL.dll
    2018-08-18 23:57 - 2018-08-18 23:57 - 000301568 _____ (Open-Shell) [File not signed] C:\WINDOWS\system32\StartMenuHelper64.dll
    2009-06-25 10:25 - 2009-06-25 10:25 - 000144896 _____ (OpenSLP) [File not signed] C:\WINDOWS\System32\slp64.dll
    2018-07-28 08:29 - 2018-07-28 08:29 - 000066048 _____ (Python Software Foundation) [File not signed] C:\Program Files\LibreOffice\program\python-core-3.5.5\lib\_socket.pyd
    2018-07-28 08:29 - 2018-07-28 08:29 - 000019968 _____ (Python Software Foundation) [File not signed] C:\Program Files\LibreOffice\program\python-core-3.5.5\lib\select.pyd
    2018-07-28 08:52 - 2018-07-28 08:52 - 000443392 _____ (The Document Foundation) [File not signed] C:\Program Files\LibreOffice\program\pyuno.pyd
    2019-01-08 13:00 - 2019-01-08 13:00 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
    2019-01-08 13:00 - 2019-01-08 13:00 - 000040960 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
    2019-01-08 13:00 - 2019-01-08 13:00 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
    2019-01-08 13:00 - 2019-01-08 13:00 - 000414208 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
    2019-01-08 13:00 - 2019-01-08 13:00 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
    2019-01-08 13:00 - 2019-01-08 13:00 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
    2019-01-08 13:00 - 2019-01-08 13:00 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
    2019-01-08 13:00 - 2019-01-08 13:00 - 000516608 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
    2019-01-08 13:00 - 2019-01-08 13:00 - 001441280 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
    2019-06-26 19:03 - 2019-06-26 19:03 - 005999104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
    2019-01-08 12:59 - 2019-01-08 12:59 - 006413824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
    2019-01-08 12:59 - 2019-01-08 12:59 - 001141760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
    2019-01-08 12:59 - 2019-01-08 12:59 - 000339968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
    2019-01-08 12:59 - 2019-01-08 12:59 - 004143104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
    2019-01-08 12:59 - 2019-01-08 12:59 - 003840000 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
    2019-01-08 12:59 - 2019-01-08 12:59 - 000332800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
    2019-01-08 12:59 - 2019-01-08 12:59 - 000113152 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
    2019-01-08 12:59 - 2019-01-08 12:59 - 000349184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
    2019-01-08 12:59 - 2019-01-08 12:59 - 080959488 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
    2019-01-08 13:00 - 2019-01-08 13:00 - 005622272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
    2019-01-08 13:00 - 2019-01-08 13:00 - 000463360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
    2019-01-08 13:00 - 2019-01-08 13:00 - 000190464 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
    2019-01-08 13:00 - 2019-01-08 13:00 - 002825216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
    2019-01-08 13:00 - 2019-01-08 13:00 - 000053760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
    2019-01-08 13:00 - 2019-01-08 13:00 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
    2019-01-08 13:00 - 2019-01-08 13:00 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
    2019-01-08 13:00 - 2019-01-08 13:00 - 000330752 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
    2019-01-08 13:00 - 2019-01-08 13:00 - 000137216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
    2019-01-08 13:00 - 2019-01-08 13:00 - 000090112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
    2019-01-08 13:00 - 2019-01-08 13:00 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
    2019-01-08 13:00 - 2019-01-08 13:00 - 000136192 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\styles\qwindowsvistastyle.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)

    AlternateDataStreams: C:\Users\Paul\Amazon Drive:com.amazon.drive.sync [179]
    AlternateDataStreams: C:\Users\Paul\Amazon Drive:com.amazon.drive.sync.root [42]

    ==================== Safe Mode (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


    ==================== Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)


    ==================== Hosts content: ===============================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2015-10-30 00:24 - 2018-06-15 07:28 - 000000828 _____ C:\WINDOWS\system32\drivers\etc\hosts


    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-3409797038-3744183562-1095253496-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Paul\AppData\Roaming\FastStone\FSIV\FSViewerWallPaper.bmp
    DNS Servers: 208.67.222.222 - 208.67.220.220
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
    Windows Firewall is enabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    If an entry is included in the fixlist, it will be removed.

    MSCONFIG\Services: AdobeARMservice => 2
    MSCONFIG\Services: AMD External Events Utility => 2
    HKLM\...\StartupApproved\Run: => "Eraser"
    HKLM\...\StartupApproved\Run: => "Open-Shell Start Menu"
    HKU\S-1-5-21-3409797038-3744183562-1095253496-1001\...\StartupApproved\Run: => "Messenger (Yahoo!)"
    HKU\S-1-5-21-3409797038-3744183562-1095253496-1001\...\StartupApproved\Run: => "Backblaze"
    HKU\S-1-5-21-3409797038-3744183562-1095253496-1001\...\StartupApproved\Run: => "OneDriveSetup"
    HKU\S-1-5-21-3409797038-3744183562-1095253496-1001\...\StartupApproved\Run: => "Amazon Photos"
    HKU\S-1-5-21-3409797038-3744183562-1095253496-1001\...\StartupApproved\Run: => "Vivaldi Update Notifier"

    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [{1414C050-9FE0-4465-97DA-6EE9E6DBCA15}] => (Allow) C:\Program Files\Waterfox\waterfox.exe (Waterfox Limited -> Mozilla Corporation)
    FirewallRules: [{68DC3ABB-6231-4A4A-BA59-FC7A0D569CE9}] => (Allow) C:\Program Files\Waterfox\waterfox.exe (Waterfox Limited -> Mozilla Corporation)
    FirewallRules: [{422ECF17-B1A7-4030-B6C5-2F641DEA7EDF}] => (Allow) C:\Program Files\Basilisk\basilisk.exe (Mark Straver -> Moonchild Productions)
    FirewallRules: [{9B873889-E760-4AF1-B9EF-DD390698A617}] => (Allow) C:\Program Files\Basilisk\basilisk.exe (Mark Straver -> Moonchild Productions)
    FirewallRules: [{7E7B9327-14D1-426D-BB0B-655DC537ADEE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
    FirewallRules: [{08689C6B-4462-4B0A-B20C-2225DD1E15DD}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
    FirewallRules: [{7F97DD6F-FC41-47A7-B4FF-A4343954E0EB}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
    FirewallRules: [{5768FC07-4D13-4E3A-B01E-D52D961FC5D5}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
    FirewallRules: [{106E91EC-01A5-4DEF-BA60-8D8A4B2CAC73}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
    FirewallRules: [UDP Query User{78289495-3E25-4241-B043-E6376F98F39B}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
    FirewallRules: [TCP Query User{3F90E47E-DC87-4B3A-A17F-3207584CD573}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
    FirewallRules: [{AB22C455-A5A9-4957-AFBE-7B4114254F60}] => (Allow) C:\Program Files\Pale Moon\palemoon.exe (Mark Straver -> Moonchild Productions)
    FirewallRules: [{F3785824-6A1D-4429-A455-6867F591D991}] => (Allow) C:\Program Files\Pale Moon\palemoon.exe (Mark Straver -> Moonchild Productions)
    FirewallRules: [{00A80428-293A-42B4-9154-A16740F1CE08}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe No File
    FirewallRules: [{9E38A258-48DC-48C9-89FC-6790F25A65D6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe No File
    FirewallRules: [{507B5207-C36B-4BE0-AF63-309A7B9AE04C}] => (Allow) C:\Program Files\Nightly\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
    FirewallRules: [{F848B36C-F33B-43BF-A4DC-31A86C32889C}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc. -> Yahoo! Inc.)
    FirewallRules: [{8439E295-53F4-4713-8158-B7DE37C32AA7}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc. -> Yahoo! Inc.)
    FirewallRules: [{FE336A9E-5CD1-4FC4-A6E4-DE178FFB01F7}] => (Allow) LPort=161
    FirewallRules: [{87F6E02F-0215-40F2-9C56-31C7E6B8ED37}] => (Allow) LPort=427
    FirewallRules: [{6DEC58A2-0616-414D-B911-1EEF9372F55C}] => (Allow) LPort=9100
    FirewallRules: [{8FD25335-5571-462D-A35D-57EF68E3B2E7}] => (Allow) E:\ProductInst64.exe No File
    FirewallRules: [{A6411B83-8BB9-4782-A0E9-D0C72D66DF7C}] => (Allow) E:\ProductInst64.exe No File
    FirewallRules: [{DD981F19-84AB-4C0D-A202-B3F522B987D1}] => (Allow) C:\Program Files\Firefox Developer Edition\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
    FirewallRules: [TCP Query User{81B143B0-8515-470E-8A56-C58CAB15739E}C:\users\paul\appdata\local\vivaldi\application\vivaldi.exe] => (Allow) C:\users\paul\appdata\local\vivaldi\application\vivaldi.exe No File
    FirewallRules: [UDP Query User{2577D21E-6837-4516-8860-6816806AB5A3}C:\users\paul\appdata\local\vivaldi\application\vivaldi.exe] => (Allow) C:\users\paul\appdata\local\vivaldi\application\vivaldi.exe No File
    FirewallRules: [TCP Query User{D2B131D6-9021-4130-A0AD-284C1E510896}C:\program files (x86)\copernic\desktopsearch\x64\copernic.desktopsearch.exe] => (Allow) C:\program files (x86)\copernic\desktopsearch\x64\copernic.desktopsearch.exe (Copernic, a division of N. Harris Computer Systems) [File not signed]
    FirewallRules: [UDP Query User{B12184B1-7DD0-4170-85AE-D805649B7D98}C:\program files (x86)\copernic\desktopsearch\x64\copernic.desktopsearch.exe] => (Allow) C:\program files (x86)\copernic\desktopsearch\x64\copernic.desktopsearch.exe (Copernic, a division of N. Harris Computer Systems) [File not signed]
    FirewallRules: [TCP Query User{BE7EE53A-5C11-45E4-ADC7-B4EC29C8211F}C:\users\paul\appdata\local\programs\crashplan\crashplanservice.exe] => (Allow) C:\users\paul\appdata\local\programs\crashplan\crashplanservice.exe No File
    FirewallRules: [UDP Query User{B871C9DA-0421-4818-9F7F-EB9BE2AC45DF}C:\users\paul\appdata\local\programs\crashplan\crashplanservice.exe] => (Allow) C:\users\paul\appdata\local\programs\crashplan\crashplanservice.exe No File
    FirewallRules: [{DA6CA7C7-0665-47CB-87E7-96204F1BBD8C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
    FirewallRules: [{63D85140-40F2-40D9-BAE8-4389AEE24410}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
    FirewallRules: [TCP Query User{F220693D-7F17-4E40-A995-7EC243DA2A3D}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
    FirewallRules: [UDP Query User{EB799D68-E6FC-43AC-A467-112C01324783}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
    FirewallRules: [TCP Query User{A76E0241-9FDC-46A7-8487-8A763CDABA33}C:\program files\nightly\firefox.exe] => (Block) C:\program files\nightly\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
    FirewallRules: [UDP Query User{1535F920-2CBC-48DA-A81D-AD836BB4B115}C:\program files\nightly\firefox.exe] => (Block) C:\program files\nightly\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
    FirewallRules: [{6672BE75-027D-40AB-A63B-18D24693E403}] => (Allow) C:\Program Files\Nightly\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
    FirewallRules: [{61447BB7-FEAE-41FA-B6BC-FC367883305B}] => (Allow) C:\Program Files\Nightly\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
    FirewallRules: [{C5F784F6-BADC-44C9-843C-2BE1C12411D2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
    FirewallRules: [{8026D76D-21EE-4A69-A461-06A26E24928F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
    FirewallRules: [{98DB0759-CE99-460B-AE45-04862FB8B5CC}] => (Allow) C:\Program Files (x86)\Copernic\DesktopSearch\Copernic.DesktopSearch.exe (N. Harris Computer Corporation -> Copernic, a division of N. Harris Computer Systems)
    FirewallRules: [{01CDD2DE-A232-4EDA-8257-84514B504F9B}] => (Allow) C:\Program Files (x86)\Copernic\DesktopSearch\x64\Copernic.DesktopSearch.exe (Copernic, a division of N. Harris Computer Systems) [File not signed]
    FirewallRules: [{89B8C427-EEDC-4E5D-B702-F45DD369AF5F}] => (Allow) C:\Program Files\Vivaldi\Application\vivaldi.exe (Vivaldi Technologies AS -> Vivaldi Technologies AS)
    FirewallRules: [{3355AF50-0822-459B-9EA6-9E77F9172A92}] => (Allow) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
    FirewallRules: [{DC0DE22D-9D7E-4531-8E82-D0CA183CF6AB}] => (Allow) C:\Program Files (x86)\Google\Chrome Beta\Application\chrome.exe (Google LLC -> Google LLC)

    ==================== Restore Points =========================

    09-07-2019 13:07:25 Windows Update

    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (07/12/2019 06:47:24 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
    Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

    Error: (07/12/2019 06:47:24 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
    Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

    Error: (07/12/2019 06:47:02 AM) (Source: SideBySide) (EventID: 35) (User: )
    Description: Activation context generation failed for "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest".Error in manifest or policy file "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" on line 1.
    Component identity found in manifest does not match the identity of the component requested.
    Reference is UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
    Definition is UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
    Please use sxstrace.exe for detailed diagnosis.

    Error: (06/30/2019 08:07:19 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
    Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

    Error: (06/30/2019 08:07:19 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
    Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

    Error: (06/30/2019 07:43:36 PM) (Source: VSS) (EventID: 8193) (User: )
    Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW. hr = 0x80070006, The handle is invalid.
    .


    Operation:
    Executing Asynchronous Operation

    Context:
    Current State: DoSnapshotSet

    Error: (06/30/2019 07:38:03 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
    Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

    Error: (06/30/2019 07:38:03 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
    Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.


    System errors:
    =============
    Error: (07/14/2019 09:12:48 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-GFO74CP)
    Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
    {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
    and APPID
    {15C20B67-12E7-4BB6-92BB-7AFF07997402}
    to the user DESKTOP-GFO74CP\Paul SID (S-1-5-21-3409797038-3744183562-1095253496-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

    Error: (07/14/2019 09:12:48 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-GFO74CP)
    Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
    {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
    and APPID
    {15C20B67-12E7-4BB6-92BB-7AFF07997402}
    to the user DESKTOP-GFO74CP\Paul SID (S-1-5-21-3409797038-3744183562-1095253496-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

    Error: (07/12/2019 11:46:29 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-GFO74CP)
    Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
    {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
    and APPID
    {15C20B67-12E7-4BB6-92BB-7AFF07997402}
    to the user DESKTOP-GFO74CP\Paul SID (S-1-5-21-3409797038-3744183562-1095253496-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

    Error: (07/12/2019 11:46:29 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-GFO74CP)
    Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
    {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
    and APPID
    {15C20B67-12E7-4BB6-92BB-7AFF07997402}
    to the user DESKTOP-GFO74CP\Paul SID (S-1-5-21-3409797038-3744183562-1095253496-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

    Error: (07/12/2019 10:03:51 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-GFO74CP)
    Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
    {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
    and APPID
    {15C20B67-12E7-4BB6-92BB-7AFF07997402}
    to the user DESKTOP-GFO74CP\Paul SID (S-1-5-21-3409797038-3744183562-1095253496-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

    Error: (07/12/2019 10:03:51 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-GFO74CP)
    Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
    {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
    and APPID
    {15C20B67-12E7-4BB6-92BB-7AFF07997402}
    to the user DESKTOP-GFO74CP\Paul SID (S-1-5-21-3409797038-3744183562-1095253496-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

    Error: (07/12/2019 09:58:52 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-GFO74CP)
    Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
    {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
    and APPID
    {15C20B67-12E7-4BB6-92BB-7AFF07997402}
    to the user DESKTOP-GFO74CP\Paul SID (S-1-5-21-3409797038-3744183562-1095253496-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

    Error: (07/12/2019 09:58:52 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-GFO74CP)
    Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
    {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
    and APPID
    {15C20B67-12E7-4BB6-92BB-7AFF07997402}
    to the user DESKTOP-GFO74CP\Paul SID (S-1-5-21-3409797038-3744183562-1095253496-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.


    Windows Defender:
    ===================================
    Date: 2019-07-14 16:31:08.056
    Description:
    Windows Defender Antivirus scan has been stopped before completion.
    Scan ID: {DB687D2E-65D1-4B7C-BB56-183D8424DD1A}
    Scan Type: Antimalware
    Scan Parameters: Full Scan

    Date: 2019-07-14 16:14:10.117
    Description:
    Windows Defender Antivirus has detected malware or other potentially unwanted software.
    For more information please see the following:
    https://go.microsoft.com/fwlink/?li...n32/Vigorf.A&threatid=2147714384&enterprise=0
    Name: Trojan:Win32/Vigorf.A
    ID: 2147714384
    Severity: Severe
    Category: Trojan
    Path: file:_D:\Stuff\EraserSetup32.exe
    Detection Origin: Local machine
    Detection Type: FastPath
    Detection Source: Real-Time Protection
    Process Name: C:\Windows\explorer.exe
    Signature Version: AV: 1.297.1066.0, AS: 1.297.1066.0, NIS: 1.297.1066.0
    Engine Version: AM: 1.1.16100.4, NIS: 1.1.16100.4

    Date: 2019-07-13 07:54:06.325
    Description:
    Windows Defender Antivirus scan has been stopped before completion.
    Scan ID: {15E341FF-7F01-4B86-97E8-7ADF7B7FA85F}
    Scan Type: Antimalware
    Scan Parameters: Quick Scan

    Date: 2019-07-13 07:03:32.248
    Description:
    Windows Defender Antivirus scan has been stopped before completion.
    Scan ID: {2BF8B3F0-CFE5-475F-80F6-2EDD3BB87ADE}
    Scan Type: Antimalware
    Scan Parameters: Quick Scan

    Date: 2019-07-13 00:26:55.136
    Description:
    Windows Defender Antivirus scan has been stopped before completion.
    Scan ID: {266A98E7-3DD4-46C7-B4AA-61026DF092B1}
    Scan Type: Antimalware
    Scan Parameters: Quick Scan

    Date: 2019-07-13 07:00:02.037
    Description:
    Windows Defender Antivirus has encountered an error trying to update signatures.
    New Signature Version:
    Previous Signature Version: 1.297.944.0
    Update Source: Microsoft Update Server
    Signature Type: AntiVirus
    Update Type: Full
    Current Engine Version:
    Previous Engine Version: 1.1.16100.4
    Error code: 0x8024402c
    Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

    CodeIntegrity:
    ===================================

    Date: 2019-07-09 21:33:57.857
    Description:
    Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\WINDOWS\WinSxS\wow64_microsoft-windows-security-spp-clientext_31bf3856ad364e35_10.0.17134.1_none_bc9c2c7e4eaa1d22\sppcext.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2019-07-09 21:33:57.849
    Description:
    Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\WINDOWS\WinSxS\wow64_microsoft-windows-security-spp-clientext_31bf3856ad364e35_10.0.17134.1_none_bc9c2c7e4eaa1d22\sppcext.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2019-07-09 21:33:57.841
    Description:
    Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\WINDOWS\WinSxS\wow64_microsoft-windows-security-spp-clientext_31bf3856ad364e35_10.0.17134.1_none_bc9c2c7e4eaa1d22\sppcext.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2019-07-09 21:33:57.832
    Description:
    Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\WINDOWS\WinSxS\wow64_microsoft-windows-security-spp-clientext_31bf3856ad364e35_10.0.17134.1_none_bc9c2c7e4eaa1d22\sppcext.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2019-07-09 21:33:41.234
    Description:
    Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\WINDOWS\WinSxS\wow64_microsoft-windows-utilman_31bf3856ad364e35_10.0.17134.1_none_f27ee698cec876b7\Utilman.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2019-07-09 21:33:41.206
    Description:
    Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\WINDOWS\WinSxS\wow64_microsoft-windows-utilman_31bf3856ad364e35_10.0.17134.1_none_f27ee698cec876b7\Utilman.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2019-07-09 21:33:41.199
    Description:
    Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\WINDOWS\WinSxS\wow64_microsoft-windows-utilman_31bf3856ad364e35_10.0.17134.1_none_f27ee698cec876b7\Utilman.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2019-07-09 21:33:41.195
    Description:
    Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\WINDOWS\WinSxS\wow64_microsoft-windows-utilman_31bf3856ad364e35_10.0.17134.1_none_f27ee698cec876b7\Utilman.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    ==================== Memory info ===========================

    BIOS: LENOVO HTET46WW (1.18 ) 09/30/2015
    Motherboard: LENOVO 20DH002TUS
    Processor: AMD A10-7300 Radeon R6, 10 Compute Cores 4C+6G
    Percentage of memory in use: 60%
    Total physical RAM: 6989.48 MB
    Available physical RAM: 2734.01 MB
    Total Virtual: 12365.48 MB
    Available Virtual: 6193.24 MB

    ==================== Drives ================================

    Drive c: (Windows7_OS) (Fixed) (Total:229.19 GB) (Free:84.96 GB) NTFS ==>[system with boot components (obtained from drive)]
    Drive d: (New Volume) (Fixed) (Total:245.84 GB) (Free:138.92 GB) NTFS

    \\?\Volume{56cde85b-0000-0000-0000-100000000000}\ (SYSTEM_DRV) (Fixed) (Total:1.46 GB) (Free:1.01 GB) NTFS
    \\?\Volume{56cde85b-0000-0000-0000-40aa39000000}\ () (Fixed) (Total:0.44 GB) (Free:0.11 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (Size: 476.9 GB) (Disk ID: 56CDE85B)
    Partition 1: (Active) - (Size=1.5 GB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=229.2 GB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
    Partition 4: (Not Active) - (Size=245.8 GB) - (Type=07 NTFS)

    ==================== End of Addition.txt ============================
     
    psaulm119,
    #8
  10. 2019/07/15
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    Please, observe following rules:
    • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
    • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
    • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
    • Never run more than one scan at a time.
    • Keep updating me regarding your computer behavior, good, or bad.
    • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
    • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
    • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

    =====================================

    OpenShell is a known, legit program so I suspect false positive but we can run some checks.

    [​IMG] Download RogueKiller from one of the following links and save it to your Desktop:

    Link 1
    Link 2
    • Close all the running programs
    • Double click on downloaded setup.exe file to install the program.
    • Click on Start Scan button.
    • Click on another Start Scan button.
    • Wait until the Status box shows Scan Finished
    • Click on Remove Selected.
    • Wait until the Status box shows Deleting Finished.
    • Click on Report and copy/paste the content of the Notepad into your next reply.
    • RKreport.txt could also be found on your desktop.
    • If more than one log is produced post all logs.
    [​IMG] Please download Malwarebytes to your desktop.
    • Double-click mb3-setup-consumer-{version}.exe and follow the prompts to install the program.
    • Then click Finish.
    • Once the program has fully updated, select Scan Now on the Dashboard. Or select the Threat Scan from the Scan menu.
    • If another update of the definitions is available, it will be implemented before the rest of the scanning procedure.
    • When the scan is complete, make sure that all Threats are selected, and click Remove Selected.
    • Restart your computer when prompted to do so.
    • The Scan log is available throughout History ->Application logs. Please post it contents in your next reply.
    [​IMG] Please download AdwCleaner by Xplode and save to your Desktop.
    • Double click on AdwCleaner.exe to run the tool.
      Vista/Windows 7/8/10 users right-click and select Run As Administrator
    • The tool will start to update the database if one is required.
    • Click on the Scan button.
    • AdwCleaner will begin...be patient as the scan may take some time to complete.
    • After the scan has finished, click on the Logfile button.
    • A window will open which lists the logs of your scans.
    • Click on the Scan tab.
    • Double-click the most recent scan which will be at the top of the list....the log will appear.
    • Review the results...see note below
    • After reviewing the log, click on the Clean button.
    • Press OK when asked to close all programs and follow the onscreen prompts.
    • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
    • After rebooting, a logfile report (AdwCleaner[CX].txt) will open automatically (where the largest value of X represents the most recent report).
    • To open a Cleaning log, launch AdwareClearer, click on the Logfile button, click on the Cleaning tab and double-click the log at the top of the list.
    • Copy and paste the contents of AdwCleaner[CX].txt in your next reply.
    • A copy of all logfiles are saved to C:\AdwCleaner.
    -- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name or entry that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on and uncheck any items you want to keep.
     
    broni,
    #9
  11. 2019/07/15
    psaulm119 Lifetime Subscription

    psaulm119 Geek Member Thread Starter

    Joined:
    2003/12/07
    Messages:
    1,424
    Likes Received:
    21
    Broni, here is the log from the Rogue Killer log. It found stuff (registry keys?) from Auslogics, which wasn't malware but that I allowed it to delete anyways, and Simplitec, which I wasn't sure about. I don't think I have ever downloaded it but who knows....
    One more question--since I have MWB already installed, do you need me to download and install it fresh, or can I just update my currently installed application? I did update it yesterday and did a scan with MWB already.


    RogueKiller Anti-Malware V13.3.2.0 (x64) [Jul 15 2019] (Free) by Adlice Software
    mail : https://adlice.com/contact/
    Website : https://adlice.com/download/roguekiller/
    Operating System : Windows 10 (10.0.17763) 64 bits
    Started in : Normal mode
    User : Paul [Administrator]
    Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
    Signatures : 20190715_094632, Driver : Loaded
    Mode : Standard Scan, Delete -- Date : 2019/07/15 06:20:42 (Duration : 00:24:34)
    Switches : -refid 3

    ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Delete ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
    [PUP.Auslogics (Potentially Malicious)] HKEY_LOCAL_MACHINE\Software\Auslogics -- -> Deleted
    [PUP.Gen1 (Potentially Malicious)] HKEY_LOCAL_MACHINE\Software\simplitec -- -> Deleted
    [PUM.Policies (Potentially Malicious)] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System|ConsentPromptBehaviorAdmin -- -> Replaced (2)
    [PUP.Auslogics (Potentially Malicious)] Auslogics -- %programdata%\Auslogics -> Deleted
    [PUP.Auslogics (Potentially Malicious)] Auslogics -- %programdata%\Microsoft\Windows\Start Menu\Programs\Auslogics -> Deleted
    [PUP.Gen1 (Potentially Malicious)] simplitec -- %programdata%\simplitec -> Deleted
    [PUP.Auslogics (Potentially Malicious)] $RFN5QST.lnk -- %SystemDrive%\$Recycle.Bin\S-1-5-21-3409797038-3744183562-1095253496-1001\$RFN5QST.lnk (lnk => C:\PROGRA~2\AUSLOG~1\DUPLIC~1\DUPLIC~1.EXE []) -> Deleted
    [PUP.Auslogics (Potentially Malicious)] Auslogics -- %programfiles(x86)%\Auslogics -> Deleted
     
    psaulm119,
    #10
  12. 2019/07/15
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    Just update it.
     
    broni,
    #11
  13. 2019/07/15
    psaulm119 Lifetime Subscription

    psaulm119 Geek Member Thread Starter

    Joined:
    2003/12/07
    Messages:
    1,424
    Likes Received:
    21
    OK here is the MWB log:

    Malwarebytes
    www.malwarebytes.com

    -Log Details-
    Scan Date: 7/15/19
    Scan Time: 6:34 AM
    Log File: 42278ae2-a705-11e9-8562-68f728c826b5.json
    Administrator: Yes

    -Software Information-
    Version: 3.5.1.2522
    Components Version: 1.0.365
    Update Package Version: 1.0.11560
    License: Free

    -System Information-
    OS: Windows 10 (Build 17763.615)
    CPU: x64
    File System: NTFS
    User: DESKTOP-GFO74CP\Paul

    -Scan Summary-
    Scan Type: Threat Scan
    Scan Initiated By: Manual
    Result: Completed
    Objects Scanned: 312033
    Threats Detected: 1
    Threats Quarantined: 1
    Time Elapsed: 6 min, 51 sec

    -Scan Options-
    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Enabled
    Heuristics: Enabled
    PUP: Detect
    PUM: Detect

    -Scan Details-
    Process: 0
    (No malicious items detected)

    Module: 0
    (No malicious items detected)

    Registry Key: 0
    (No malicious items detected)

    Registry Value: 0
    (No malicious items detected)

    Registry Data: 0
    (No malicious items detected)

    Data Stream: 0
    (No malicious items detected)

    Folder: 0
    (No malicious items detected)

    File: 1
    PUP.Optional.AuslogicsBoostSpeed, C:\PROGRAMDATA\ROGUEKILLER\QUARANTINE\B4BF7AE445F07779.VIR\DUPLICATE FILE FINDER\DSSRCASYNC.DLL, Delete-on-Reboot, [3599], [610189],1.0.11560

    Physical Sector: 0
    (No malicious items detected)

    WMI: 0
    (No malicious items detected)


    (end)
     
    psaulm119,
    #12
  14. 2019/07/15
    psaulm119 Lifetime Subscription

    psaulm119 Geek Member Thread Starter

    Joined:
    2003/12/07
    Messages:
    1,424
    Likes Received:
    21
    Did the Adware cleaner log. Here is the log file:

    # -------------------------------
    # Malwarebytes AdwCleaner 7.3.0.0
    # -------------------------------
    # Build: 04-04-2019
    # Database: 2019-06-28.1 (Cloud)
    # Support: https://www.malwarebytes.com/support
    #
    # -------------------------------
    # Mode: Clean
    # -------------------------------
    # Start: 07-15-2019
    # Duration: 00:00:00
    # OS: Windows 10 Pro
    # Cleaned: 1
    # Failed: 0


    ***** [ Services ] *****

    No malicious services cleaned.

    ***** [ Folders ] *****

    No malicious folders cleaned.

    ***** [ Files ] *****

    No malicious files cleaned.

    ***** [ DLL ] *****

    No malicious DLLs cleaned.

    ***** [ WMI ] *****

    No malicious WMI cleaned.

    ***** [ Shortcuts ] *****

    No malicious shortcuts cleaned.

    ***** [ Tasks ] *****

    No malicious tasks cleaned.

    ***** [ Registry ] *****

    Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474}

    ***** [ Chromium (and derivatives) ] *****

    No malicious Chromium entries cleaned.

    ***** [ Chromium URLs ] *****

    No malicious Chromium URLs cleaned.

    ***** [ Firefox (and derivatives) ] *****

    No malicious Firefox entries cleaned.

    ***** [ Firefox URLs ] *****

    No malicious Firefox URLs cleaned.


    *************************

    [+] Delete Tracing Keys
    [+] Reset Winsock

    *************************

    AdwCleaner[S00].txt - [1324 octets] - [15/07/2019 06:46:18]

    ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
     
    psaulm119,
    #13
  15. 2019/07/15
    psaulm119 Lifetime Subscription

    psaulm119 Geek Member Thread Starter

    Joined:
    2003/12/07
    Messages:
    1,424
    Likes Received:
    21
    Here is the scan file for Adware Cleaner:

    # -------------------------------
    # Malwarebytes AdwCleaner 7.3.0.0
    # -------------------------------
    # Build: 04-04-2019
    # Database: 2019-06-28.1 (Cloud)
    # Support: https://www.malwarebytes.com/support
    #
    # -------------------------------
    # Mode: Scan
    # -------------------------------
    # Start: 07-15-2019
    # Duration: 00:00:17
    # OS: Windows 10 Pro
    # Scanned: 27557
    # Detected: 1


    ***** [ Services ] *****

    No malicious services found.

    ***** [ Folders ] *****

    No malicious folders found.

    ***** [ Files ] *****

    No malicious files found.

    ***** [ DLL ] *****

    No malicious DLLs found.

    ***** [ WMI ] *****

    No malicious WMI found.

    ***** [ Shortcuts ] *****

    No malicious shortcuts found.

    ***** [ Tasks ] *****

    No malicious tasks found.

    ***** [ Registry ] *****

    PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474}

    ***** [ Chromium (and derivatives) ] *****

    No malicious Chromium entries found.

    ***** [ Chromium URLs ] *****

    No malicious Chromium URLs found.

    ***** [ Firefox (and derivatives) ] *****

    No malicious Firefox entries found.

    ***** [ Firefox URLs ] *****

    No malicious Firefox URLs found.



    ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
     
    psaulm119,
    #14
  16. 2019/07/15
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    Re-run Farbar Recovery Scan Tool (FRST/FRST64) you ran at the very beginning of this topic.

    • Double click to run it.
    • Press Scan button.
    • Scan will create two logs, FRST.txt and Addition.txt in the same directory the tool is run. Please copy and paste them to your reply.
     
    broni,
    #15
  17. 2019/07/15
    psaulm119 Lifetime Subscription

    psaulm119 Geek Member Thread Starter

    Joined:
    2003/12/07
    Messages:
    1,424
    Likes Received:
    21
    Below is the addition.txt file:

    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-07-2019
    Ran by Paul (15-07-2019 10:08:41)
    Running from C:\Users\Paul\Desktop
    Windows 10 Pro Version 1809 17763.615 (X64) (2019-06-27 05:30:16)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-3409797038-3744183562-1095253496-500 - Administrator - Disabled)
    DefaultAccount (S-1-5-21-3409797038-3744183562-1095253496-503 - Limited - Disabled)
    Guest (S-1-5-21-3409797038-3744183562-1095253496-501 - Limited - Disabled)
    Paul (S-1-5-21-3409797038-3744183562-1095253496-1001 - Administrator - Enabled) => C:\Users\Paul
    WDAGUtilityAccount (S-1-5-21-3409797038-3744183562-1095253496-504 - Limited - Disabled)

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    7+ Taskbar Tweaker v5.1 (HKU\S-1-5-21-3409797038-3744183562-1095253496-1001\...\7 Taskbar Tweaker) (Version: 5.1 - RaMMicHaeL)
    7-Zip 15.14 (x64) (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov)
    Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.012.20035 - Adobe Systems Incorporated)
    Amazon Photos (HKU\S-1-5-21-3409797038-3744183562-1095253496-1001\...\Amazon Photos) (Version: 5.9.1 - Amazon.com, Inc.)
    AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 4.0.0.0 - AppEx Networks)
    AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.6.3 - Advanced Micro Devices, Inc.)
    ANT Drivers Installer x64 (HKLM\...\{1545D39F-D296-42D3-9E3A-D3DDC83FF45C}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
    Auslogics Duplicate File Finder (HKLM-x32\...\{6845255F-15CC-4DD1-94D5-D38F370118B3}_is1) (Version: 7.0.24.0 - Auslogics Labs Pty Ltd)
    Basilisk 52.9.2019.06.08 (x64 en-US) (HKLM\...\Basilisk 52.9.2019.06.08 (x64 en-US)) (Version: 52.9.2019.06.08 - Mozilla)
    BatteryMon V2.1 (HKLM-x32\...\BatteryMon_is1) (Version: - PassMark Software)
    BlueGriffon version 2.3.1 (HKLM-x32\...\{A9015334-10BE-4D64-A776-203336EFE806}_is1) (Version: 2.3.1 - Disruptive Innovations SAS)
    Branding64 (HKLM\...\{EE2AFCE4-0238-4DE0-A140-1647021627C1}) (Version: 1.00.0001 - Advanced Micro Devices, Inc.) Hidden
    Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 75.0.66.99 - Brave Software Inc)
    Catalyst Control Center Next Localization BR (HKLM\...\{55A4D3AB-C8DF-26B2-89A8-7E16E1E40700}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization CHS (HKLM\...\{365AEAB2-4CF3-7CBB-0DAC-E9E14B688E65}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization CHT (HKLM\...\{7ABC6D83-816E-6D48-E65D-B0CEDD294E4E}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization CS (HKLM\...\{C3EE628C-7394-FE2C-0C90-C05284EB528D}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization DA (HKLM\...\{2F544F46-5F6E-97BB-3550-A0242A3C5754}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization DE (HKLM\...\{FC4086D6-E345-5F43-08BB-280FB57DAF49}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization EL (HKLM\...\{F8EBE530-A4D5-BF51-F623-3787E6B8A878}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization ES (HKLM\...\{42FBD43F-DE53-6D4D-5134-E3C93B45CBEF}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization FI (HKLM\...\{AC85CF50-9A55-0103-ADBF-365C37603AA4}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization FR (HKLM\...\{B349892D-B015-033C-4CA8-3635E6B655D7}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization HU (HKLM\...\{BE8D6AB1-3049-2F0C-67FA-00C0A5D321A3}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization IT (HKLM\...\{26567561-DFB2-2B63-9BA8-6A490ED37016}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization JA (HKLM\...\{0809FEC1-EF86-51E9-8210-DC1B1BDB6745}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization KO (HKLM\...\{5FD706FF-6AD8-E372-A35A-879409982655}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization NL (HKLM\...\{A4E7CA0C-84EB-5E29-2F04-06C4E4790C2F}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization NO (HKLM\...\{59D2664C-949B-7FA7-9880-ECB993B6616A}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization PL (HKLM\...\{970A40CA-46AB-986C-1798-976ED0EA00FA}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization RU (HKLM\...\{4707CBFC-8ED4-463E-0FF9-DE86F4A743E9}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization SV (HKLM\...\{C14A3A5B-8A86-C239-37D7-158211778C54}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization TH (HKLM\...\{A50C89BC-8D8E-8828-824A-7171F6D583D5}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization TR (HKLM\...\{0B5633F0-C415-2F08-671E-4C9E2FAACD45}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
    Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.4.51 - Conexant)
    Copernic Desktop Search 6 (HKLM-x32\...\{39A49E6C-9E03-4DAD-98DA-90F73812A8C0}) (Version: 6.0.2.11080 - Copernic) Hidden
    Copernic Desktop Search 6 (HKLM-x32\...\CopernicDesktopSearch6) (Version: 6.0.2.11080 - Copernic)
    Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
    Elevated Installer (HKLM-x32\...\{22234FFC-C2DA-4662-8295-119232148609}) (Version: 6.12.0.0 - Garmin Ltd or its subsidiaries) Hidden
    Eraser 6.2.0.2979 (HKLM\...\{C5900DE9-D199-4C27-B692-354C9A6A6C8B}) (Version: 6.2.2979 - The Eraser Project)
    e-Sword (HKLM-x32\...\{0BF38804-B6AE-4C32-9564-B0C0E7188D62}) (Version: 11.00.0006 - Rick Meyers)
    FastStone Image Viewer 7.3 (HKLM-x32\...\FastStone Image Viewer) (Version: 7.3 - FastStone Soft)
    Firefox Developer Edition 67.0 (x64 en-US) (HKLM\...\Firefox Developer Edition 67.0 (x64 en-US)) (Version: 67.0 - Mozilla)
    Garmin Express (HKLM-x32\...\{e51e84de-2206-4ef2-91fb-8ae3f9cb68e2}) (Version: 6.12.0.0 - Garmin Ltd or its subsidiaries)
    GentiumPlus 5.000 (HKLM-x32\...\GentiumPlus) (Version: - )
    Google Chrome Beta (HKLM-x32\...\Google Chrome Beta) (Version: 76.0.3809.62 - Google LLC)
    Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
    Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden
    HP LaserJet Professional P1100-P1560-P1600 Series (HKLM\...\HP LaserJet Professional P1100-P1560-P1600 Series) (Version: - )
    Integrated Camera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 10.0.10240.11138 - Realtek Semiconductor Corp.)
    KeePass Password Safe 2.36 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.36 - Dominik Reichl)
    K-Lite Mega Codec Pack 11.9.6 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.9.6 - KLCP)
    KompoZer 0.8b3 (HKLM-x32\...\{20aa4150-b5f4-11de-8a39-0800200c9a66}_is1) (Version: - KompoZer)
    Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.11.08 - Lenovo)
    Lenovo Service Bridge (HKU\S-1-5-21-3409797038-3744183562-1095253496-1001\...\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 4.1.0.1 - Lenovo)
    LibreOffice 6.0.6.2 (HKLM\...\{982E3D14-3F50-412B-A1C2-BC9262E8810F}) (Version: 6.0.6.2 - The Document Foundation)
    Linksys Connect (HKLM-x32\...\Linksys Connect) (Version: 1.5.14350.0 - Linksys LLC)
    Malwarebytes version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
    Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 16.0.11126.20196 - Microsoft Corporation)
    Microsoft Office SharePoint Designer 2007 (HKLM-x32\...\SharePointDesigner) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0017-0000-0000-0000000FF1CE}_SharePointDesigner_{4B4DF6E2-5E40-422B-82DD-205FD7E79226}) (Version: - Microsoft)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
    Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
    Mozilla Firefox 68.0 (x64 en-US) (HKLM\...\Mozilla Firefox 68.0 (x64 en-US)) (Version: 68.0 - Mozilla)
    Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 66.0 - Mozilla)
    Mozilla Thunderbird 60.0 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 60.0 (x86 en-US)) (Version: 60.0 - Mozilla)
    Nightly 69.0a1 (x64 en-US) (HKLM\...\Nightly 69.0a1 (x64 en-US)) (Version: 69.0a1 - Mozilla)
    OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
    Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11126.20196 - Microsoft Corporation) Hidden
    Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11126.20196 - Microsoft Corporation) Hidden
    Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11126.20196 - Microsoft Corporation) Hidden
    Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.11126.20196 - Microsoft Corporation) Hidden
    OpenDNS Updater 2.2.1 (HKLM-x32\...\OpenDNS Updater) (Version: 2.2.1 - )
    OpenOffice 4.1.6 (HKLM-x32\...\{16E4FF6B-31E8-4037-B627-D87CF872E32B}) (Version: 4.16.9790 - Apache Software Foundation)
    Open-Shell (HKLM\...\{FD722BB1-4960-455F-89C6-EFAEB79527EF}) (Version: 4.4.131 - The Open-Shell Team)
    Pale Moon 28.5.0 (x64 en-US) (HKLM\...\Pale Moon 28.5.0 (x64 en-US)) (Version: 28.5.0 - Moonchild Productions)
    PandoraRecovery (Remove Only) (HKLM-x32\...\PandoraRecovery) (Version: - )
    Paragon Partition Managerâ„¢ 14 Free (HKLM\...\{47E5588F-C3A0-11DE-9857-005056C00008}) (Version: 90.00.0003 - Paragon Software)
    PDFill PDF Editor with FREE Writer and FREE Tools (HKLM\...\{D1399216-81B2-457C-A0F7-73B9A2EF6902}) (Version: 13.0 - PlotSoft LLC)
    PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.322.8 - Tracker Software Products Ltd)
    PDF-XChange Editor (HKLM\...\{F035709A-033D-480D-A75C-38F89A7309FC}) (Version: 7.0.326.1 - Tracker Software Products (Canada) Ltd.)
    PDF-XChange Editor (HKLM-x32\...\{d9c93a99-d9e9-4978-8bb5-f3ea9cf1c2fd}) (Version: 7.0.323.2 - Tracker Software Products (Canada) Ltd.)
    RogueKiller version 13.3.2.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 13.3.2.0 - Adlice Software)
    Speccy (HKLM\...\Speccy) (Version: 1.29 - Piriform)
    SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.1.2 - Krzysztof Kowalczyk)
    SumatraPDF (HKLM-x32\...\SumatraPDF) (Version: 2.5.2 - Krzysztof Kowalczyk)
    SyncBackFree (HKLM-x32\...\SyncBackFree_is1) (Version: 8.5.5.0 - 2BrightSparks)
    TeraCopy 2.3 (HKLM\...\TeraCopy_is1) (Version: - Code Sector)
    ThinkPad UltraNav Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.216.1616.137 - ALPS ELECTRIC CO., LTD.)
    TouchpadPal 1.4 (HKLM-x32\...\TouchpadPal) (Version: 1.4 - DeSofto)
    Ultimate Reference Suite (HKLM-x32\...\Ultimate Reference Suite) (Version: 2011.0.0.0 - Encyclopaedia Britannica, Inc.)
    Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0017-0000-0000-0000000FF1CE}_SharePointDesigner_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
    Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
    Virtual Account Numbers (HKLM-x32\...\{0134662F-5B97-4D60-9A24-B81B6A56DEF7}) (Version: 1.0.6.0 - Citi) Hidden
    Vivaldi (HKLM-x32\...\Vivaldi) (Version: 2.7.1594.4 - Vivaldi Technologies AS.)
    VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.4 - VideoLAN)
    Vulkan Run Time Libraries 1.0.37.0 (HKLM\...\VulkanRT1.0.37.0) (Version: 1.0.37.0 - LunarG, Inc.)
    Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.) Hidden
    Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1-2) (Version: 1.0.39.1 - LunarG, Inc.)
    Vulkan Run Time Libraries 1.0.51.0 (HKLM\...\VulkanRT1.0.51.0) (Version: 1.0.51.0 - LunarG, Inc.)
    Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
    Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
    Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
    Waterfox 56.2.8 (x64 en-US) (HKLM\...\Waterfox 56.2.8 (x64 en-US)) (Version: 56.2.8 - Waterfox Ltd)
    Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22256 - Microsoft Corporation)
    Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
    Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
    Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)
     
    psaulm119,
    #16
  18. 2019/07/15
    psaulm119 Lifetime Subscription

    psaulm119 Geek Member Thread Starter

    Joined:
    2003/12/07
    Messages:
    1,424
    Likes Received:
    21
    Packages:
    =========
    Adblock Plus -> C:\Program Files\WindowsApps\EyeoGmbH.AdblockPlus_0.9.15.0_neutral__d55gg7py3s0m0 [2019-04-30] (eyeo GmbH)
    Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.143.600.0_x86__kgqvnymyfvs32 [2019-07-11] (king.com)
    Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe [2019-07-09] (Microsoft Corporation) [MS Ad]
    Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-16] (Microsoft Corporation) [MS Ad]
    Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-16] (Microsoft Corporation) [MS Ad]
    Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.31.11723.0_x64__8wekyb3d8bbwe [2019-06-26] (Microsoft Corporation) [MS Ad]
    Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-06-16] (Microsoft Studios) [MS Ad]
    MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.29.10701.0_x64__8wekyb3d8bbwe [2019-03-23] (Microsoft Corporation) [MS Ad]
    MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.28.3242.0_x64__8wekyb3d8bbwe [2018-12-14] (Microsoft Corporation) [MS Ad]
    MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.28.10351.0_x64__8wekyb3d8bbwe [2019-02-13] (Microsoft Corporation) [MS Ad]
    Photos Add-on -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2019-05-07] (Microsoft Corporation)
    PhotoScape X -> C:\Program Files\WindowsApps\MooiiTech.PhotoScapeX_3.0.3.0_x64__f5eddttrpssna [2019-05-22] (Mooii Tech)
    Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-08] (Twitter Inc.)

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    CustomCLSID: HKU\S-1-5-21-3409797038-3744183562-1095253496-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Paul\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\amd64\FileSyncShell64.dll => No File
    CustomCLSID: HKU\S-1-5-21-3409797038-3744183562-1095253496-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Paul\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\amd64\FileSyncShell64.dll => No File
    CustomCLSID: HKU\S-1-5-21-3409797038-3744183562-1095253496-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Paul\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\amd64\FileSyncShell64.dll => No File
    CustomCLSID: HKU\S-1-5-21-3409797038-3744183562-1095253496-1001_Classes\CLSID\{9B57F475-CCB0-4C85-88A9-2AA9A6C0809A} -> [Amazon Drive] => C:\Users\Paul\Amazon Drive [2017-07-19 12:56]
    ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
    ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
    ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
    ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
    ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
    ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
    ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
    ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-12-31] (Igor Pavlov) [File not signed]
    ContextMenuHandlers1: [PDFXChange Editor Context menu] -> {2ACD35AB-F74A-4C20-AA9B-2DE80081626D} => C:\Program Files\Tracker Software\Shell Extensions\XCShellMenu.x64.dll [2018-07-25] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
    ContextMenuHandlers1: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt64.dll [2012-01-20] () [File not signed]
    ContextMenuHandlers2: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt64.dll [2012-01-20] () [File not signed]
    ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes Corporation -> Malwarebytes)
    ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-12-31] (Igor Pavlov) [File not signed]
    ContextMenuHandlers4: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt64.dll [2012-01-20] () [File not signed]
    ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2019-06-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
    ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-12-31] (Igor Pavlov) [File not signed]
    ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes Corporation -> Malwarebytes)
    ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\WINDOWS\system32\StartMenuHelper64.dll [2018-08-18] (Open-Shell) [File not signed]
    ContextMenuHandlers6: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt64.dll [2012-01-20] () [File not signed]

    ==================== Shortcuts & WMI ========================

    (The entries could be listed to be restored or removed.)


    Shortcut: C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\ClearPrintJobs.lnk -> D:\Stuff\ClearPrintJobs.bat ()
    Shortcut: C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browsers\Firefox Developer Edition.lnk -> C:\Program Files\Firefox Developer Edition\firefox.exe (Mozilla Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox Developer Edition.lnk -> C:\Program Files\Firefox Developer Edition\firefox.exe (Mozilla Corporation)

    ShortcutWithArgument: C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Beta Apps\Gmail (1).lnk -> C:\Program Files (x86)\Google\Chrome Beta\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=kmhopmchchfpfdcdjodmpfaaphdclmlj
    ShortcutWithArgument: C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Beta Apps\Gmail (2).lnk -> C:\Program Files (x86)\Google\Chrome Beta\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=hkpeeeoimoedkcoenbnppmfkpjdebibo
    ShortcutWithArgument: C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Beta Apps\Gmail.lnk -> C:\Program Files (x86)\Google\Chrome Beta\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=kmhopmchchfpfdcdjodmpfaaphdclmlj
    ShortcutWithArgument: C:\Users\Paul\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Gmail (1).lnk -> C:\Program Files (x86)\Google\Chrome Beta\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=kmhopmchchfpfdcdjodmpfaaphdclmlj

    ==================== Loaded Modules (Whitelisted) ==============

    2010-06-16 14:42 - 2010-06-16 14:42 - 000839680 _____ () [File not signed] C:\Program Files (x86)\OpenDNS Updater\OpenDNSUpdater.exe
    2019-01-08 13:00 - 2019-01-08 13:00 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.DLL
    2019-01-08 13:00 - 2019-01-08 13:00 - 003598336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
    2019-06-26 18:46 - 2019-06-26 18:46 - 000158208 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\SYSTEM32\amdihk64.dll
    2017-10-06 11:17 - 2017-10-06 11:17 - 000056832 _____ (Copernic, a division of N. Harris Computer Systems) [File not signed] C:\Program Files (x86)\Copernic\DesktopSearch\x64\CCLOpenIndexingPS.dll
    2017-10-06 11:21 - 2017-10-06 11:21 - 000008704 _____ (Copernic, a division of N. Harris Computer Systems) [File not signed] C:\Program Files (x86)\Copernic\DesktopSearch\x64\Copernic.Data.Index.IndexExport.dll
    2017-10-06 11:22 - 2017-10-06 11:22 - 000787456 _____ (Copernic, a division of N. Harris Computer Systems) [File not signed] C:\Program Files (x86)\Copernic\DesktopSearch\x64\Copernic.DesktopSearch.exe
    2009-06-25 10:27 - 2009-06-25 10:27 - 000541184 _____ (Marvell Semiconductor, Inc.) [File not signed] C:\WINDOWS\System32\mvtcpmon.dll
    2016-06-09 19:17 - 2016-06-09 19:17 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\AppVIsvSubsystems32.dll
    2016-06-09 19:17 - 2016-06-09 19:17 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\c2r32.dll
    2018-08-18 23:58 - 2018-08-18 23:58 - 000216576 _____ (Open-Shell) [File not signed] C:\Program Files\Open-Shell\StartMenu.exe
    2018-08-18 23:57 - 2018-08-18 23:57 - 003447808 _____ (Open-Shell) [File not signed] C:\Program Files\Open-Shell\StartMenuDLL.dll
    2009-06-25 10:25 - 2009-06-25 10:25 - 000144896 _____ (OpenSLP) [File not signed] C:\WINDOWS\System32\slp64.dll
    2019-01-08 13:00 - 2019-01-08 13:00 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
    2019-01-08 13:00 - 2019-01-08 13:00 - 000040960 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
    2019-01-08 13:00 - 2019-01-08 13:00 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
    2019-01-08 13:00 - 2019-01-08 13:00 - 000414208 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
    2019-01-08 13:00 - 2019-01-08 13:00 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
    2019-01-08 13:00 - 2019-01-08 13:00 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
    2019-01-08 13:00 - 2019-01-08 13:00 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
    2019-01-08 13:00 - 2019-01-08 13:00 - 000516608 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
    2019-01-08 13:00 - 2019-01-08 13:00 - 001441280 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
    2019-06-26 19:03 - 2019-06-26 19:03 - 005999104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
    2019-01-08 12:59 - 2019-01-08 12:59 - 006413824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
    2019-01-08 12:59 - 2019-01-08 12:59 - 001141760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
    2019-01-08 12:59 - 2019-01-08 12:59 - 000339968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
    2019-01-08 12:59 - 2019-01-08 12:59 - 004143104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
    2019-01-08 12:59 - 2019-01-08 12:59 - 003840000 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
    2019-01-08 12:59 - 2019-01-08 12:59 - 000332800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
    2019-01-08 12:59 - 2019-01-08 12:59 - 000113152 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
    2019-01-08 12:59 - 2019-01-08 12:59 - 000349184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
    2019-01-08 12:59 - 2019-01-08 12:59 - 080959488 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
    2019-01-08 13:00 - 2019-01-08 13:00 - 005622272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
    2019-01-08 13:00 - 2019-01-08 13:00 - 000463360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
    2019-01-08 13:00 - 2019-01-08 13:00 - 000190464 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
    2019-01-08 13:00 - 2019-01-08 13:00 - 002825216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
    2019-01-08 13:00 - 2019-01-08 13:00 - 000053760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
    2019-01-08 13:00 - 2019-01-08 13:00 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
    2019-01-08 13:00 - 2019-01-08 13:00 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
    2019-01-08 13:00 - 2019-01-08 13:00 - 000330752 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
    2019-01-08 13:00 - 2019-01-08 13:00 - 000137216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
    2019-01-08 13:00 - 2019-01-08 13:00 - 000090112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
    2019-01-08 13:00 - 2019-01-08 13:00 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
    2019-01-08 13:00 - 2019-01-08 13:00 - 000136192 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\styles\qwindowsvistastyle.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)

    AlternateDataStreams: C:\Users\Paul\Amazon Drive:com.amazon.drive.sync [179]
    AlternateDataStreams: C:\Users\Paul\Amazon Drive:com.amazon.drive.sync.root [42]

    ==================== Safe Mode (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


    ==================== Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)


    ==================== Hosts content: ===============================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2015-10-30 00:24 - 2018-06-15 07:28 - 000000828 _____ C:\WINDOWS\system32\drivers\etc\hosts


    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-3409797038-3744183562-1095253496-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Paul\AppData\Roaming\FastStone\FSIV\FSViewerWallPaper.bmp
    DNS Servers: 10.150.7.7
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
    Windows Firewall is enabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    If an entry is included in the fixlist, it will be removed.

    MSCONFIG\Services: AdobeARMservice => 2
    MSCONFIG\Services: AMD External Events Utility => 2
    HKLM\...\StartupApproved\Run: => "Eraser"
    HKLM\...\StartupApproved\Run: => "Open-Shell Start Menu"
    HKU\S-1-5-21-3409797038-3744183562-1095253496-1001\...\StartupApproved\Run: => "Messenger (Yahoo!)"
    HKU\S-1-5-21-3409797038-3744183562-1095253496-1001\...\StartupApproved\Run: => "Backblaze"
    HKU\S-1-5-21-3409797038-3744183562-1095253496-1001\...\StartupApproved\Run: => "OneDriveSetup"
    HKU\S-1-5-21-3409797038-3744183562-1095253496-1001\...\StartupApproved\Run: => "Amazon Photos"
    HKU\S-1-5-21-3409797038-3744183562-1095253496-1001\...\StartupApproved\Run: => "Vivaldi Update Notifier"

    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [{1414C050-9FE0-4465-97DA-6EE9E6DBCA15}] => (Allow) C:\Program Files\Waterfox\waterfox.exe (Waterfox Limited -> Mozilla Corporation)
    FirewallRules: [{68DC3ABB-6231-4A4A-BA59-FC7A0D569CE9}] => (Allow) C:\Program Files\Waterfox\waterfox.exe (Waterfox Limited -> Mozilla Corporation)
    FirewallRules: [{422ECF17-B1A7-4030-B6C5-2F641DEA7EDF}] => (Allow) C:\Program Files\Basilisk\basilisk.exe (Mark Straver -> Moonchild Productions)
    FirewallRules: [{9B873889-E760-4AF1-B9EF-DD390698A617}] => (Allow) C:\Program Files\Basilisk\basilisk.exe (Mark Straver -> Moonchild Productions)
    FirewallRules: [{7E7B9327-14D1-426D-BB0B-655DC537ADEE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
    FirewallRules: [{08689C6B-4462-4B0A-B20C-2225DD1E15DD}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
    FirewallRules: [{7F97DD6F-FC41-47A7-B4FF-A4343954E0EB}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
    FirewallRules: [{5768FC07-4D13-4E3A-B01E-D52D961FC5D5}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
    FirewallRules: [{106E91EC-01A5-4DEF-BA60-8D8A4B2CAC73}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
    FirewallRules: [UDP Query User{78289495-3E25-4241-B043-E6376F98F39B}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
    FirewallRules: [TCP Query User{3F90E47E-DC87-4B3A-A17F-3207584CD573}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
    FirewallRules: [{AB22C455-A5A9-4957-AFBE-7B4114254F60}] => (Allow) C:\Program Files\Pale Moon\palemoon.exe (Mark Straver -> Moonchild Productions)
    FirewallRules: [{F3785824-6A1D-4429-A455-6867F591D991}] => (Allow) C:\Program Files\Pale Moon\palemoon.exe (Mark Straver -> Moonchild Productions)
    FirewallRules: [{00A80428-293A-42B4-9154-A16740F1CE08}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe No File
    FirewallRules: [{9E38A258-48DC-48C9-89FC-6790F25A65D6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe No File
    FirewallRules: [{507B5207-C36B-4BE0-AF63-309A7B9AE04C}] => (Allow) C:\Program Files\Nightly\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
    FirewallRules: [{F848B36C-F33B-43BF-A4DC-31A86C32889C}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc. -> Yahoo! Inc.)
    FirewallRules: [{8439E295-53F4-4713-8158-B7DE37C32AA7}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc. -> Yahoo! Inc.)
    FirewallRules: [{FE336A9E-5CD1-4FC4-A6E4-DE178FFB01F7}] => (Allow) LPort=161
    FirewallRules: [{87F6E02F-0215-40F2-9C56-31C7E6B8ED37}] => (Allow) LPort=427
    FirewallRules: [{6DEC58A2-0616-414D-B911-1EEF9372F55C}] => (Allow) LPort=9100
    FirewallRules: [{8FD25335-5571-462D-A35D-57EF68E3B2E7}] => (Allow) E:\ProductInst64.exe No File
    FirewallRules: [{A6411B83-8BB9-4782-A0E9-D0C72D66DF7C}] => (Allow) E:\ProductInst64.exe No File
    FirewallRules: [{DD981F19-84AB-4C0D-A202-B3F522B987D1}] => (Allow) C:\Program Files\Firefox Developer Edition\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
    FirewallRules: [TCP Query User{81B143B0-8515-470E-8A56-C58CAB15739E}C:\users\paul\appdata\local\vivaldi\application\vivaldi.exe] => (Allow) C:\users\paul\appdata\local\vivaldi\application\vivaldi.exe No File
    FirewallRules: [UDP Query User{2577D21E-6837-4516-8860-6816806AB5A3}C:\users\paul\appdata\local\vivaldi\application\vivaldi.exe] => (Allow) C:\users\paul\appdata\local\vivaldi\application\vivaldi.exe No File
    FirewallRules: [TCP Query User{D2B131D6-9021-4130-A0AD-284C1E510896}C:\program files (x86)\copernic\desktopsearch\x64\copernic.desktopsearch.exe] => (Allow) C:\program files (x86)\copernic\desktopsearch\x64\copernic.desktopsearch.exe (Copernic, a division of N. Harris Computer Systems) [File not signed]
    FirewallRules: [UDP Query User{B12184B1-7DD0-4170-85AE-D805649B7D98}C:\program files (x86)\copernic\desktopsearch\x64\copernic.desktopsearch.exe] => (Allow) C:\program files (x86)\copernic\desktopsearch\x64\copernic.desktopsearch.exe (Copernic, a division of N. Harris Computer Systems) [File not signed]
    FirewallRules: [TCP Query User{BE7EE53A-5C11-45E4-ADC7-B4EC29C8211F}C:\users\paul\appdata\local\programs\crashplan\crashplanservice.exe] => (Allow) C:\users\paul\appdata\local\programs\crashplan\crashplanservice.exe No File
    FirewallRules: [UDP Query User{B871C9DA-0421-4818-9F7F-EB9BE2AC45DF}C:\users\paul\appdata\local\programs\crashplan\crashplanservice.exe] => (Allow) C:\users\paul\appdata\local\programs\crashplan\crashplanservice.exe No File
    FirewallRules: [{DA6CA7C7-0665-47CB-87E7-96204F1BBD8C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
    FirewallRules: [{63D85140-40F2-40D9-BAE8-4389AEE24410}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
    FirewallRules: [TCP Query User{F220693D-7F17-4E40-A995-7EC243DA2A3D}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
    FirewallRules: [UDP Query User{EB799D68-E6FC-43AC-A467-112C01324783}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
    FirewallRules: [TCP Query User{A76E0241-9FDC-46A7-8487-8A763CDABA33}C:\program files\nightly\firefox.exe] => (Block) C:\program files\nightly\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
    FirewallRules: [UDP Query User{1535F920-2CBC-48DA-A81D-AD836BB4B115}C:\program files\nightly\firefox.exe] => (Block) C:\program files\nightly\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
    FirewallRules: [{6672BE75-027D-40AB-A63B-18D24693E403}] => (Allow) C:\Program Files\Nightly\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
    FirewallRules: [{61447BB7-FEAE-41FA-B6BC-FC367883305B}] => (Allow) C:\Program Files\Nightly\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
    FirewallRules: [{C5F784F6-BADC-44C9-843C-2BE1C12411D2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
    FirewallRules: [{8026D76D-21EE-4A69-A461-06A26E24928F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
    FirewallRules: [{98DB0759-CE99-460B-AE45-04862FB8B5CC}] => (Allow) C:\Program Files (x86)\Copernic\DesktopSearch\Copernic.DesktopSearch.exe (N. Harris Computer Corporation -> Copernic, a division of N. Harris Computer Systems)
    FirewallRules: [{01CDD2DE-A232-4EDA-8257-84514B504F9B}] => (Allow) C:\Program Files (x86)\Copernic\DesktopSearch\x64\Copernic.DesktopSearch.exe (Copernic, a division of N. Harris Computer Systems) [File not signed]
    FirewallRules: [{89B8C427-EEDC-4E5D-B702-F45DD369AF5F}] => (Allow) C:\Program Files\Vivaldi\Application\vivaldi.exe (Vivaldi Technologies AS -> Vivaldi Technologies AS)
    FirewallRules: [{3355AF50-0822-459B-9EA6-9E77F9172A92}] => (Allow) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
    FirewallRules: [{DC0DE22D-9D7E-4531-8E82-D0CA183CF6AB}] => (Allow) C:\Program Files (x86)\Google\Chrome Beta\Application\chrome.exe (Google LLC -> Google LLC)

    ==================== Restore Points =========================

    09-07-2019 13:07:25 Windows Update

    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (07/15/2019 06:51:54 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
    Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

    Error: (07/15/2019 06:51:54 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
    Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

    Error: (07/12/2019 06:47:24 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
    Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

    Error: (07/12/2019 06:47:24 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
    Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

    Error: (07/12/2019 06:47:02 AM) (Source: SideBySide) (EventID: 35) (User: )
    Description: Activation context generation failed for "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest".Error in manifest or policy file "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" on line 1.
    Component identity found in manifest does not match the identity of the component requested.
    Reference is UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
    Definition is UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
    Please use sxstrace.exe for detailed diagnosis.

    Error: (06/30/2019 08:07:19 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
    Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

    Error: (06/30/2019 08:07:19 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
    Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

    Error: (06/30/2019 07:43:36 PM) (Source: VSS) (EventID: 8193) (User: )
    Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW. hr = 0x80070006, The handle is invalid.
    .


    Operation:
    Executing Asynchronous Operation

    Context:
    Current State: DoSnapshotSet


    System errors:
    =============
    Error: (07/15/2019 10:01:02 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-GFO74CP)
    Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
    {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
    and APPID
    {15C20B67-12E7-4BB6-92BB-7AFF07997402}
    to the user DESKTOP-GFO74CP\Paul SID (S-1-5-21-3409797038-3744183562-1095253496-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

    Error: (07/15/2019 07:55:14 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-GFO74CP)
    Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
    {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
    and APPID
    {15C20B67-12E7-4BB6-92BB-7AFF07997402}
    to the user DESKTOP-GFO74CP\Paul SID (S-1-5-21-3409797038-3744183562-1095253496-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

    Error: (07/15/2019 06:54:02 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-GFO74CP)
    Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
    {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
    and APPID
    {15C20B67-12E7-4BB6-92BB-7AFF07997402}
    to the user DESKTOP-GFO74CP\Paul SID (S-1-5-21-3409797038-3744183562-1095253496-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

    Error: (07/15/2019 06:49:04 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
    Windows.SecurityCenter.WscDataProtection
    and APPID
    Unavailable
    to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

    Error: (07/15/2019 06:46:35 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The Conexant SmartAudio service service terminated unexpectedly. It has done this 1 time(s).

    Error: (07/15/2019 06:46:35 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The Microsoft Office Click-to-Run Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.

    Error: (07/15/2019 06:46:35 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The HP SI Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.

    Error: (07/15/2019 06:46:35 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The Conexant Audio Message Service service terminated unexpectedly. It has done this 1 time(s).


    Windows Defender:
    ===================================
    Date: 2019-07-14 16:31:08.056
    Description:
    Windows Defender Antivirus scan has been stopped before completion.
    Scan ID: {DB687D2E-65D1-4B7C-BB56-183D8424DD1A}
    Scan Type: Antimalware
    Scan Parameters: Full Scan

    Date: 2019-07-14 16:14:10.117
    Description:
    Windows Defender Antivirus has detected malware or other potentially unwanted software.
    For more information please see the following:
    https://go.microsoft.com/fwlink/?li...n32/Vigorf.A&threatid=2147714384&enterprise=0
    Name: Trojan:Win32/Vigorf.A
    ID: 2147714384
    Severity: Severe
    Category: Trojan
    Path: file:_D:\Stuff\EraserSetup32.exe
    Detection Origin: Local machine
    Detection Type: FastPath
    Detection Source: Real-Time Protection
    Process Name: C:\Windows\explorer.exe
    Signature Version: AV: 1.297.1066.0, AS: 1.297.1066.0, NIS: 1.297.1066.0
    Engine Version: AM: 1.1.16100.4, NIS: 1.1.16100.4

    Date: 2019-07-13 07:54:06.325
    Description:
    Windows Defender Antivirus scan has been stopped before completion.
    Scan ID: {15E341FF-7F01-4B86-97E8-7ADF7B7FA85F}
    Scan Type: Antimalware
    Scan Parameters: Quick Scan

    Date: 2019-07-13 07:03:32.248
    Description:
    Windows Defender Antivirus scan has been stopped before completion.
    Scan ID: {2BF8B3F0-CFE5-475F-80F6-2EDD3BB87ADE}
    Scan Type: Antimalware
    Scan Parameters: Quick Scan

    Date: 2019-07-13 00:26:55.136
    Description:
    Windows Defender Antivirus scan has been stopped before completion.
    Scan ID: {266A98E7-3DD4-46C7-B4AA-61026DF092B1}
    Scan Type: Antimalware
    Scan Parameters: Quick Scan

    Date: 2019-07-13 07:00:02.037
    Description:
    Windows Defender Antivirus has encountered an error trying to update signatures.
    New Signature Version:
    Previous Signature Version: 1.297.944.0
    Update Source: Microsoft Update Server
    Signature Type: AntiVirus
    Update Type: Full
    Current Engine Version:
    Previous Engine Version: 1.1.16100.4
    Error code: 0x8024402c
    Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

    CodeIntegrity:
    ===================================

    Date: 2019-07-09 21:33:57.857
    Description:
    Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\WINDOWS\WinSxS\wow64_microsoft-windows-security-spp-clientext_31bf3856ad364e35_10.0.17134.1_none_bc9c2c7e4eaa1d22\sppcext.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2019-07-09 21:33:57.849
    Description:
    Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\WINDOWS\WinSxS\wow64_microsoft-windows-security-spp-clientext_31bf3856ad364e35_10.0.17134.1_none_bc9c2c7e4eaa1d22\sppcext.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2019-07-09 21:33:57.841
    Description:
    Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\WINDOWS\WinSxS\wow64_microsoft-windows-security-spp-clientext_31bf3856ad364e35_10.0.17134.1_none_bc9c2c7e4eaa1d22\sppcext.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2019-07-09 21:33:57.832
    Description:
    Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\WINDOWS\WinSxS\wow64_microsoft-windows-security-spp-clientext_31bf3856ad364e35_10.0.17134.1_none_bc9c2c7e4eaa1d22\sppcext.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2019-07-09 21:33:41.234
    Description:
    Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\WINDOWS\WinSxS\wow64_microsoft-windows-utilman_31bf3856ad364e35_10.0.17134.1_none_f27ee698cec876b7\Utilman.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2019-07-09 21:33:41.206
    Description:
    Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\WINDOWS\WinSxS\wow64_microsoft-windows-utilman_31bf3856ad364e35_10.0.17134.1_none_f27ee698cec876b7\Utilman.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2019-07-09 21:33:41.199
    Description:
    Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\WINDOWS\WinSxS\wow64_microsoft-windows-utilman_31bf3856ad364e35_10.0.17134.1_none_f27ee698cec876b7\Utilman.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2019-07-09 21:33:41.195
    Description:
    Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\WINDOWS\WinSxS\wow64_microsoft-windows-utilman_31bf3856ad364e35_10.0.17134.1_none_f27ee698cec876b7\Utilman.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    ==================== Memory info ===========================

    BIOS: LENOVO HTET46WW (1.18 ) 09/30/2015
    Motherboard: LENOVO 20DH002TUS
    Processor: AMD A10-7300 Radeon R6, 10 Compute Cores 4C+6G
    Percentage of memory in use: 40%
    Total physical RAM: 6989.48 MB
    Available physical RAM: 4154.59 MB
    Total Virtual: 11597.48 MB
    Available Virtual: 8489.7 MB

    ==================== Drives ================================

    Drive c: (Windows7_OS) (Fixed) (Total:229.19 GB) (Free:85.43 GB) NTFS ==>[system with boot components (obtained from drive)]
    Drive d: (New Volume) (Fixed) (Total:245.84 GB) (Free:138.92 GB) NTFS

    \\?\Volume{56cde85b-0000-0000-0000-100000000000}\ (SYSTEM_DRV) (Fixed) (Total:1.46 GB) (Free:1.01 GB) NTFS
    \\?\Volume{56cde85b-0000-0000-0000-40aa39000000}\ () (Fixed) (Total:0.44 GB) (Free:0.11 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (Size: 476.9 GB) (Disk ID: 56CDE85B)
    Partition 1: (Active) - (Size=1.5 GB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=229.2 GB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
    Partition 4: (Not Active) - (Size=245.8 GB) - (Type=07 NTFS)

    ==================== End of Addition.txt ============================
     
    psaulm119,
    #17
  19. 2019/07/15
    psaulm119 Lifetime Subscription

    psaulm119 Geek Member Thread Starter

    Joined:
    2003/12/07
    Messages:
    1,424
    Likes Received:
    21
    I'll post the First.txt logs in an hour or two when I get home.
     
    psaulm119,
    #18
  20. 2019/07/15
    psaulm119 Lifetime Subscription

    psaulm119 Geek Member Thread Starter

    Joined:
    2003/12/07
    Messages:
    1,424
    Likes Received:
    21
    OK here is the first part of the first.txt log:

    ==================== Registry (Whitelisted) ===========================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [919768 2014-11-20] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
    HKLM\...\Run: [Eraser] => C:\Program Files\Eraser\Eraser.exe [1074600 2016-08-28] (Heidi Computers Ltd -> The Eraser Project)
    HKLM\...\Run: [Open-Shell Start Menu] => C:\Program Files\Open-Shell\StartMenu.exe [216576 2018-08-18] (Open-Shell) [File not signed]
    HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
    HKLM Group Policy restriction on software: C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy <==== ATTENTION
    HKU\S-1-5-21-3409797038-3744183562-1095253496-1001\...\Run: [OpenDNS Updater] => C:\Program Files (x86)\OpenDNS Updater\OpenDNSUpdater.exe [839680 2010-06-16] () [File not signed]
    HKU\S-1-5-21-3409797038-3744183562-1095253496-1001\...\Run: [Copernic Desktop Search] => C:\Program Files (x86)\Copernic\DesktopSearch\x64\Copernic.DesktopSearch.exe [787456 2017-10-06] (Copernic, a division of N. Harris Computer Systems) [File not signed]
    HKU\S-1-5-21-3409797038-3744183562-1095253496-1001\...\Run: [Amazon Photos] => C:\Users\Paul\AppData\Local\Amazon Drive\AmazonPhotos.exe [8489128 2019-05-16] (Amazon Services LLC -> Amazon.com Inc.)
    HKU\S-1-5-21-3409797038-3744183562-1095253496-1001\...\Run: [Vivaldi Update Notifier] => C:\Program Files\Vivaldi\Application\update_notifier.exe [1840200 2019-07-01] (Vivaldi Technologies AS -> Vivaldi Technologies AS)
    HKU\S-1-5-21-3409797038-3744183562-1095253496-1001\...\RunOnce: [Application Restart #4] => C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe [1916560 2019-06-27] (Brave Software, Inc. -> Brave Software, Inc.)
    HKU\S-1-5-21-3409797038-3744183562-1095253496-1001\...\MountPoints2: {96405994-8b7b-11e6-9d1c-68f728c826b5} - "F:\VZW_Software_upgrade_assistant.exe"
    HKLM\...\Drivers32: [VIDC.LAGS] => C:\WINDOWS\system32\lagarith.dll [148992 2011-12-07] ( ) [File not signed]
    HKLM\...\Drivers32: [VIDC.X264] => C:\WINDOWS\system32\x264vfw64.dll [3571200 2015-02-28] (x264vfw project) [File not signed]
    HKLM\...\Drivers32: [VIDC.XVID] => C:\WINDOWS\system32\xvidvfw.dll [309248 2015-12-18] () [File not signed]
    HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed]
    HKLM\...\Drivers32: [VIDC.LAGS] => C:\WINDOWS\SysWOW64\lagarith.dll [216064 2011-12-07] ( ) [File not signed]
    HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3591680 2015-02-28] (x264vfw project) [File not signed]
    HKLM\...\Drivers32: [VIDC.XVID] => C:\WINDOWS\SysWOW64\xvidvfw.dll [282112 2015-12-18] () [File not signed]
    HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112128 2015-10-24] () [File not signed]
    HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]
    HKLM\Software\Microsoft\Active Setup\Installed Components: [{8237E44A-0054-442C-B6B6-EA0509993955}] -> C:\Program Files (x86)\Google\Chrome Beta\Application\76.0.3809.62\Installer\chrmstp.exe [2019-07-10] (Google LLC -> Google LLC)
    HKLM\Software\Microsoft\Active Setup\Installed Components: [{9C142C0C-124C-4467-B117-EBCC62801D7B}] -> C:\Program Files\Vivaldi\Application\2.7.1594.4\Installer\chrmstp.exe [2019-07-02] (Vivaldi Technologies AS -> Vivaldi Technologies AS)
    HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\75.0.66.99\Installer\chrmstp.exe [2019-07-02] (Brave Software, Inc.) [File not signed]
    Startup: C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2019-07-15]
    ShortcutTarget: Send to OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
    GroupPolicy: Restriction ? <==== ATTENTION

    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {209BE161-188D-4B77-A49D-E4C3B2DCC700} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\MpCmdRun.exe [470176 2019-07-08] (Microsoft Windows Publisher -> Microsoft Corporation)
    Task: {20AAE787-3362-4E97-A961-93D5C63E2CE8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2420640 2019-01-11] (Microsoft Corporation -> Microsoft Corporation)
    Task: {28B3CCB5-64D9-4430-8C20-707458AB5B5B} - System32\Tasks\Lenovo\Power Manager\Background monitor => C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe [112312 2019-02-12] (Lenovo -> Lenovo)
    Task: {2AF44762-2A6C-4321-8391-6151A01375EF} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [159368 2019-06-03] (Brave Software, Inc. -> BraveSoftware Inc.)
    Task: {2C19EDF4-DECD-42E7-B9EC-FB02307FD92A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24257704 2019-01-02] (Microsoft Corporation -> Microsoft Corporation)
    Task: {2F838805-8009-41D3-9D83-CAD0A73195FD} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe [468992 2019-06-26] (Advanced Micro Devices, Inc.) [File not signed]
    Task: {3DE4A343-5F79-4921-9C54-8763CA36DDFB} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
    Task: {442C004F-FCA4-4AA1-A07D-408D3DF6EA27} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [468992 2019-06-26] (Advanced Micro Devices, Inc.) [File not signed]
    Task: {4B1F180F-63E8-4C73-B34E-BADBD15C4AB1} - System32\Tasks\AMD ThankingURL => C:\Program Files\AMD\CIM\Bin64\Setup.exe [891584 2019-06-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
    Task: {6A200B4E-222D-4B93-9FE3-72614EE336EC} - System32\Tasks\RtsCM => C:\WINDOWS\RtsCM64.exe [225560 2015-12-11] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
    Task: {6E25C621-3050-47AD-8E93-C55239670D97} - System32\Tasks\Lenovo\Power Manager\Uninstall task => C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgrInst.exe [58552 2019-02-12] (Lenovo -> )
    Task: {721D1668-7A9C-41DA-876D-7B9C94095FB9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2420640 2019-01-11] (Microsoft Corporation -> Microsoft Corporation)
    Task: {7C8096E5-BE50-4E67-9C23-CAC8EE6C4459} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-07-19] (Google Inc -> Google Inc.)
    Task: {87507061-B7D4-4CBC-BE64-89AF2C2FB5B0} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [159368 2019-06-03] (Brave Software, Inc. -> BraveSoftware Inc.)
    Task: {90B84335-5128-4612-93C5-7731E2FE2602} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-07-19] (Google Inc -> Google Inc.)
    Task: {A4F13222-A356-4BC2-BE7A-B3F7C607CF61} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [68288 2019-06-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
    Task: {A6507AB3-0AF1-40C2-910D-A6792F29DB6B} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-3409797038-3744183562-1095253496-1001 => C:\Users\Paul\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [115496 2019-06-05] (Lenovo (Beijing) Limited -> Lenovo Group Limited)
    Task: {ACAB4A1B-C276-4FF3-9019-ED175E34C9D6} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
    Task: {B23BBB33-BEDD-45A9-ABD1-C8BCD5F1F1CE} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [91736 2019-01-11] (Microsoft Corporation -> Microsoft Corporation)
    Task: {B61BDD4B-3B8D-4C7D-924F-756E47DD2B56} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [91736 2019-01-11] (Microsoft Corporation -> Microsoft Corporation)
    Task: {C40A4FD6-483E-44E7-B1F0-C853C1E93FDF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\MpCmdRun.exe [470176 2019-07-08] (Microsoft Windows Publisher -> Microsoft Corporation)
    Task: {CF2121D9-7A91-4F6C-9091-1F239ECCEEEE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\MpCmdRun.exe [470176 2019-07-08] (Microsoft Windows Publisher -> Microsoft Corporation)
    Task: {D59CB59F-FB36-4807-A662-344F75F2263D} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24257704 2019-01-02] (Microsoft Corporation -> Microsoft Corporation)
    Task: {D8FCB8DC-7895-4612-99D4-95866B004024} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\MpCmdRun.exe [470176 2019-07-08] (Microsoft Windows Publisher -> Microsoft Corporation)
    Task: {DCA3246F-1A39-41D3-A961-DBAEA880C355} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61120 2019-06-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
    Task: {E3945EC4-4963-4F04-97A3-29A3DDB66969} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1395288 2019-01-11] (Microsoft Corporation -> Microsoft Corporation)
    Task: {E6E09EDE-2C4F-4DB1-AF5B-87AE444C75F6} - System32\Tasks\RogueKiller Anti-Malware => C:\Program Files\RogueKiller\RogueKiller64.exe [34898488 2019-07-15] (Adlice -> )
    Task: {F360BA94-0FBC-4F42-AB8D-E6A0359BCE03} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1395288 2019-01-11] (Microsoft Corporation -> Microsoft Corporation)

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Tcpip\Parameters: [DhcpNameServer] 10.150.7.7
    Tcpip\..\Interfaces\{0765e26f-e356-44a8-9b07-c2b210fc3913}: [DhcpNameServer] 71.10.216.1 71.10.216.2
    Tcpip\..\Interfaces\{e76819d1-c424-43e0-83c6-993b554207e3}: [DhcpNameServer] 208.67.222.222 208.67.220.220 71.10.216.1
    Tcpip\..\Interfaces\{f2b803a1-550e-48a9-9095-5d70018589a1}: [DhcpNameServer] 10.150.7.7

    Internet Explorer:
    ==================
    HKU\S-1-5-21-3409797038-3744183562-1095253496-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
    BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-01-11] (Microsoft Corporation -> Microsoft Corporation)
    BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-12-22] (Microsoft Corporation -> Microsoft Corporation)
    Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - No File
    Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-11] (Microsoft Corporation -> Microsoft Corporation)
    Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-11] (Microsoft Corporation -> Microsoft Corporation)
    Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-11] (Microsoft Corporation -> Microsoft Corporation)
    Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-11] (Microsoft Corporation -> Microsoft Corporation)
    Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - No File
    Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - No File
    Filter: lzdhtml - {8f6b0360-b80d-11d0-a9b3-006097942311} - No File

    Edge:
    ======
    Edge Extension: (Adblock Plus) -> 10_EyeoGmbHAdblockPlus_d55gg7py3s0m0 => C:\Program Files\WindowsApps\EyeoGmbH.AdblockPlus_0.9.15.0_neutral__d55gg7py3s0m0 [2019-04-30]

    FireFox:
    ========
    FF DefaultProfile: 71ezmx5n.default
    FF DefaultProfile: l7pw15jy.default
    FF DefaultProfile: eymbiwfk.default
    FF DefaultProfile: 91drvwdf.default
    FF DefaultProfile: 5v2lbdhd.default
    FF DefaultProfile: mur4sejs.default
    FF ProfilePath: C:\Users\Paul\AppData\Roaming\Waterfox\Profiles\71ezmx5n.default [2019-04-30]
    FF Extension: (Classic Add-ons Archive) - C:\Users\Paul\AppData\Roaming\Waterfox\Profiles\71ezmx5n.default\Extensions\ca-archive@Off.JustOff.xpi [2019-03-14] [Legacy] [not signed]
    FF Extension: (Gecko Profiler) - C:\Users\Paul\AppData\Roaming\Waterfox\Profiles\71ezmx5n.default\Extensions\geckoprofiler@mozilla.com.xpi [2019-03-30] [UpdateUrl:hxxps://raw.githubusercontent.com/firefox-devtools/Gecko-Profiler-Addon/master/updates.json]
    FF Extension: (Privacy Badger) - C:\Users\Paul\AppData\Roaming\Waterfox\Profiles\71ezmx5n.default\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2019-02-23] [UpdateUrl:hxxps://clients2.google.com/service/update2/crx]
    FF Extension: (Panorama Tab Groups) - C:\Users\Paul\AppData\Roaming\Waterfox\Profiles\71ezmx5n.default\Extensions\panorama-tab-groups@example.com.xpi [2019-02-23]
    FF Extension: (Print Edit WE) - C:\Users\Paul\AppData\Roaming\Waterfox\Profiles\71ezmx5n.default\Extensions\printedit-we@DW-dev.xpi [2019-04-30]
    FF Extension: (Tree Style Tab) - C:\Users\Paul\AppData\Roaming\Waterfox\Profiles\71ezmx5n.default\Extensions\treestyletab@piro.sakura.ne.jp.xpi [2018-12-14] [Legacy]
    FF Extension: (Reader) - C:\Users\Paul\AppData\Roaming\Waterfox\Profiles\71ezmx5n.default\Extensions\{20068ab2-1901-4140-9f3c-81207d4dacc4}.xpi [2018-02-26]
    FF Extension: (Password Exporter) - C:\Users\Paul\AppData\Roaming\Waterfox\Profiles\71ezmx5n.default\Extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}.xpi [2018-12-14] [Legacy]
    FF Extension: (Adblock Plus - free ad blocker) - C:\Users\Paul\AppData\Roaming\Waterfox\Profiles\71ezmx5n.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-04-30]
    FF ProfilePath: C:\Users\Paul\AppData\Roaming\Mozilla\SeaMonkey\Profiles\l7pw15jy.default [2016-12-01]
    FF Extension: (DOM Inspector) - C:\Users\Paul\AppData\Roaming\Mozilla\SeaMonkey\Profiles\l7pw15jy.default\Extensions\inspector@mozilla.org.xpi [2016-12-01] [Legacy] [not signed]
    FF Extension: (ChatZilla) - C:\Users\Paul\AppData\Roaming\Mozilla\SeaMonkey\Profiles\l7pw15jy.default\Extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}.xpi [2016-12-01] [Legacy] [not signed]
    FF ProfilePath: C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\ilie146i.Nightly [2019-05-26]
    FF Homepage: Mozilla\Firefox\Profiles\ilie146i.Nightly -> about:blank
    FF Extension: (Enhancer for YouTubeâ„¢) - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\ilie146i.Nightly\Extensions\enhancerforyoutube@maximerf.addons.mozilla.org.xpi [2019-05-26]
    FF Extension: (Privacy Badger) - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\ilie146i.Nightly\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2019-04-21] [UpdateUrl:hxxps://clients2.google.com/service/update2/crx]
    FF Extension: (Tab Center Redux) - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\ilie146i.Nightly\Extensions\{0ad88674-2b41-4cfb-99e3-e206c74a0076}.xpi [2019-05-26]
    FF ProfilePath: C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\sjtre9cr.Testing [2019-02-06]
    FF ProfilePath: C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\eymbiwfk.default [2019-07-15]
    FF Homepage: Mozilla\Firefox\Profiles\eymbiwfk.default -> about:blank
    FF Extension: (Disable HTML5 Autoplay) - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\eymbiwfk.default\Extensions\disable-html5-autoplay@afnankhan.xpi [2018-12-20]
    FF Extension: (Enhancer for YouTubeâ„¢) - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\eymbiwfk.default\Extensions\enhancerforyoutube@maximerf.addons.mozilla.org.xpi [2019-07-11]
    FF Extension: (hotfix-update-xpi-intermediate) - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\eymbiwfk.default\Extensions\hotfix-update-xpi-intermediate@mozilla.com.xpi [2019-05-15]
    FF Extension: (Privacy Badger) - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\eymbiwfk.default\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2019-07-10]
    FF Extension: (Panorama Tab Groups) - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\eymbiwfk.default\Extensions\panorama-tab-groups@example.com.xpi [2019-05-28]
    FF Extension: (Print Edit WE) - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\eymbiwfk.default\Extensions\printedit-we@DW-dev.xpi [2019-07-08]
    FF Extension: (Tree Style Tab) - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\eymbiwfk.default\Extensions\treestyletab@piro.sakura.ne.jp.xpi [2019-07-09]
    FF Extension: (dark brush) - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\eymbiwfk.default\Extensions\{0384a87f-db7d-4843-b069-90179da2367d}.xpi [2019-05-13]
    FF Extension: (Tab Center Redux) - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\eymbiwfk.default\Extensions\{0ad88674-2b41-4cfb-99e3-e206c74a0076}.xpi [2018-12-23]
    FF Extension: (Reader) - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\eymbiwfk.default\Extensions\{20068ab2-1901-4140-9f3c-81207d4dacc4}.xpi [2018-02-26]
    FF Extension: (Black Marble - Rough) - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\eymbiwfk.default\Extensions\{42d24643-6ae7-4ac4-a39b-5f97916e553a}.xpi [2019-05-14]
    FF Extension: (Purple and Black) - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\eymbiwfk.default\Extensions\{4a4c7fc9-b564-407c-af79-2c77998417a3}.xpi [2019-05-14]
    FF Extension: (Disable Autoplay) - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\eymbiwfk.default\Extensions\{6674730a-e591-43c6-8680-d332ea121cc2}.xpi [2018-12-27]
    FF Extension: (Purple Damask) - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\eymbiwfk.default\Extensions\{708f9ab6-8bfa-457c-b4cf-7ef77dcd5e70}.xpi [2019-05-13]
    FF Extension: (Liquid Marble) - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\eymbiwfk.default\Extensions\{9ebf5874-03e8-4599-aca4-74a466aba79d}.xpi [2019-05-13]
    FF Extension: (Adblocker for YouTubeâ„¢) - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\eymbiwfk.default\Extensions\{ab2186b0-8c0b-4921-a2d4-95e6e05c0e3c}.xpi [2019-07-02]
    FF Extension: (Adblock Plus - free ad blocker) - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\eymbiwfk.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-04-19]
    FF ProfilePath: C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default [2019-07-06]
    FF Homepage: Moonchild Productions\Pale Moon\Profiles\91drvwdf.default -> about:blank
    FF Extension: (Page Zoom Button) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default\Extensions\54c7d9671b9eccd9e5686a73df34ab60@button.codefisher.org.xpi [2017-02-25] [Legacy]
    FF Extension: (Adblock Latitude) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default\Extensions\adblocklatitude@addons.palemoon.org.xpi [2018-04-12] [Legacy] [not signed]
    FF Extension: (Cookies Exterminator) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default\Extensions\CookiesExterminator@Off.JustOff.xpi [2018-12-05] [Legacy] [not signed]
    FF Extension: (Crush Those Cookies) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default\Extensions\crush-those-cookies@wsdfhjxc.xpi [2017-08-13] [Legacy] [not signed]
    FF Extension: (LavaFox V2-Blue) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default\Extensions\djziggy@gmail.com [2018-04-21] [Legacy]
    FF Extension: (Material Moon) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default\Extensions\materialmoon@franklindm.xpi [2018-12-05] [Legacy] [not signed]
    FF Extension: (Modoki Moon) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default\Extensions\modoki@lootyhoof-pm.xpi [2018-12-05] [Legacy] [not signed]
    FF Extension: (Moon PDF Viewer) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default\Extensions\MoonPDFViewer@Off.JustOff.xpi [2018-12-05] [Legacy] [not signed]
    FF Extension: (Password Backup Tool) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default\Extensions\password-backup-tool@Off.JustOff.xpi [2018-12-05] [Legacy] [not signed]
    FF Extension: (Past Modern Revisited) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default\Extensions\past-modern-revisited@lootyhoof-pm.xpi [2018-12-05] [Legacy] [not signed]
    FF Extension: (PDF Viewer) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default\Extensions\pdf.js-seamonkey@lakora.us.xpi [2018-12-06] [Legacy] [not signed]
    FF Extension: (Print Edit) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default\Extensions\printedit@DW-dev.xpi [2018-05-07] [Legacy]
    FF Extension: (Clearly) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default\Extensions\readable@evernote.com.xpi [2016-12-03] [Legacy]
    FF Extension: (Tree Style Tabs for Pale Moon) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default\Extensions\treestyletabforpm@oinkoink.xpi [2018-12-05] [Legacy] [not signed]
    FF Extension: (uBlock Origin Updater) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default\Extensions\ublock0-updater@Off.JustOff.xpi [2019-01-15] [Legacy] [not signed]
    FF Extension: (uBlock Origin) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default\Extensions\uBlock0@raymondhill.net.xpi [2018-12-06] [Legacy] [not signed]
    FF Extension: (Kempelton Reloaded) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default\Extensions\{03c2ba51-52c3-4cb1-9309-229eb4bc8948}.xpi [2018-12-05] [Legacy] [not signed]
    FF Extension: (RC Print) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default\Extensions\{0bb519bc-bca6-45af-82a6-c982f237acc7}.xpi [2016-12-04] [Legacy]
    FF Extension: (Qute 4 PM) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default\Extensions\{0c44653b-8ca4-4125-b98e-98e62085837f}.xpi [2018-12-05] [Legacy] [not signed]
    FF Extension: (Moonfox3) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default\Extensions\{0ed852bb-a216-42e9-b98e-98e62085837f}.xpi [2018-12-05] [Legacy] [not signed]
    FF Extension: (Reader View) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default\Extensions\{1111dd1e-dd02-4c30-956f-f23c44dfea8e}.xpi [2018-12-05] [Legacy] [not signed]
    FF Extension: (Reader) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default\Extensions\{20068ab2-1901-4140-9f3c-81207d4dacc4}.xpi [2017-08-23] [Legacy]
    FF Extension: (DarkPitch) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default\Extensions\{4b13c0da-55d5-44ce-b98e-98e62085837f}.xpi [2018-12-05] [Legacy] [not signed]
    FF Extension: (XMoon) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default\Extensions\{60e12e8a-8197-4391-b98e-98e62085837f}.xpi [2018-12-05] [Legacy] [not signed]
    FF Extension: (Tangerinemoon) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default\Extensions\{669920c8-3426-4071-b98e-98e62085837f}.xpi [2018-12-05] [Legacy] [not signed]
    FF Extension: (Australium) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default\Extensions\{6a2ffbbc-4f20-42f0-b98e-98e62085837f}.xpi [2018-12-05] [Legacy] [not signed]
    FF Extension: (Bluhell Firewall) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default\Extensions\{6BB5760D-F97E-421B-AF5B-8457A90C3CED}.xpi [2016-12-10] [Legacy]
    FF Extension: (Winstripe Moon) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default\Extensions\{77d97525-e813-48d0-9bba-9c43df19baf9}.xpi [2017-08-13] [Legacy] [not signed]
    FF Extension: (White Moon) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default\Extensions\{81c983b9-ebe4-4b2e-b98e-98e62085837f}.xpi [2018-12-05] [Legacy] [not signed]
    FF Extension: (PMChrome) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default\Extensions\{87a59598-d2b6-45ba-b98e-98e62085837f}.xpi [2018-12-05] [Legacy] [not signed]
    FF Extension: (Qute Legacy) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default\Extensions\{8a13d488-8657-4dab-b98e-98e62085837f}.xpi [2018-12-05] [Legacy] [not signed]
    FF Extension: (Password Exporter) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default\Extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}.xpi [2016-12-02] [Legacy]
    FF Extension: (User Agent Switcher) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default\Extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}.xpi [2016-12-04] [Legacy]
    FF Extension: (Aeromoon) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default\Extensions\{edbb972f-e557-4870-b98e-98e62085837f}.xpi [2018-12-05] [Legacy] [not signed]
    FF Extension: (Stratum) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default\Extensions\{ef547bbe-6237-45ed-b0d6-bc6ad58af954}.xpi [2018-12-05] [Legacy] [not signed]
    FF Extension: (BookmarkMenuHider) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default\Extensions\{f154a53f-654b-4e52-9544-fd51a0e82edd}.xpi [2017-11-14] [Legacy]
    FF Extension: (Zoom toolbar) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default\Extensions\{FBFB7597-9E32-46b4-A500-8B6B0412777F}.xpi [2016-12-05] [Legacy]
    FF SearchPlugin: C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default\searchplugins\google-books.xml [2019-07-05]
    FF SearchPlugin: C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default\searchplugins\google-images-2mp.xml [2019-07-05]
    FF SearchPlugin: C:\Users\Paul\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\91drvwdf.default\searchplugins\google-images.xml [2019-07-05]
    FF ProfilePath: C:\Users\Paul\AppData\Roaming\Moonchild Productions\Basilisk\Profiles\5v2lbdhd.default [2019-06-24]
    FF Extension: (Adblock Latitude) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Basilisk\Profiles\5v2lbdhd.default\Extensions\adblocklatitude@addons.palemoon.org.xpi [2018-04-19] [Legacy] [not signed]
    FF Extension: (Classic Add-ons Archive) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Basilisk\Profiles\5v2lbdhd.default\Extensions\ca-archive@Off.JustOff.xpi [2019-06-23] [Legacy] [not signed]
    FF Extension: (Password Backup Tool) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Basilisk\Profiles\5v2lbdhd.default\Extensions\password-backup-tool@Off.JustOff.xpi [2019-06-23] [Legacy] [not signed]
    FF Extension: (Tree Style Tab) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Basilisk\Profiles\5v2lbdhd.default\Extensions\treestyletab@piro.sakura.ne.jp.xpi [2018-12-14] [Legacy]
    FF Extension: (Simple bookmarks menu) - C:\Users\Paul\AppData\Roaming\Moonchild Productions\Basilisk\Profiles\5v2lbdhd.default\Extensions\{8e1651be-1f0f-469e-baaa-003bf71d973c}.xpi [2018-04-19] [Legacy]
    FF ProfilePath: C:\Users\Paul\AppData\Roaming\kompozer.net\KompoZer\Profiles\0cb5bg8p.default [2017-07-24]
    FF ProfilePath: C:\Users\Paul\AppData\Roaming\KompoZer\Profiles\n9cqaobu.default [2019-06-15]
    FF ProfilePath: C:\Users\Paul\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\mur4sejs.default [2017-11-18]
    FF Extension: (Czech (CZ) Language Pack) - C:\Users\Paul\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\mur4sejs.default\Extensions\langpack-cs@bluegriffon.org.xpi [2017-07-23] [Legacy] [not signed]
    FF Extension: (Deutsch (DE) Language Pack) - C:\Users\Paul\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\mur4sejs.default\Extensions\langpack-de@bluegriffon.org.xpi [2017-07-23] [Legacy] [not signed]
    FF Extension: (English (US) Language Pack) - C:\Users\Paul\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\mur4sejs.default\Extensions\langpack-en-US@bluegriffon.org.xpi [2017-07-23] [Legacy] [not signed]
    FF Extension: (Español (España) Language Pack) - C:\Users\Paul\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\mur4sejs.default\Extensions\langpack-es-ES@bluegriffon.org.xpi [2017-07-23] [Legacy] [not signed]
    FF Extension: (Finnish Language Pack) - C:\Users\Paul\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\mur4sejs.default\Extensions\langpack-fi@bluegriffon.org.xpi [2017-07-23] [Legacy] [not signed]
    FF Extension: (Français Language Pack) - C:\Users\Paul\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\mur4sejs.default\Extensions\langpack-fr@bluegriffon.org.xpi [2017-07-23] [Legacy] [not signed]
    FF Extension: (Galego (España) Language Pack) - C:\Users\Paul\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\mur4sejs.default\Extensions\langpack-gl@bluegriffon.org.xpi [2017-07-23] [Legacy] [not signed]
    FF Extension: (Hebrew (IL) Language Pack) - C:\Users\Paul\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\mur4sejs.default\Extensions\langpack-he@bluegriffon.org.xpi [2017-07-23] [Legacy] [not signed]
    FF Extension: (Magyar (HU) Language Pack) - C:\Users\Paul\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\mur4sejs.default\Extensions\langpack-hu@bluegriffon.org.xpi [2017-07-23] [Legacy] [not signed]
    FF Extension: (Italiano (IT) Language Pack) - C:\Users\Paul\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\mur4sejs.default\Extensions\langpack-it@bluegriffon.org.xpi [2017-07-23] [Legacy] [not signed]
    FF Extension: (Japanese Language Pack) - C:\Users\Paul\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\mur4sejs.default\Extensions\langpack-ja@bluegriffon.org.xpi [2017-07-23] [Legacy] [not signed]
    FF Extension: (Korean (KR) Language Pack) - C:\Users\Paul\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\mur4sejs.default\Extensions\langpack-ko@bluegriffon.org.xpi [2017-07-23] [Legacy] [not signed]
    FF Extension: (Nederlands (NL) Language Pack) - C:\Users\Paul\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\mur4sejs.default\Extensions\langpack-nl@bluegriffon.org.xpi [2017-07-23] [Legacy] [not signed]
    FF Extension: (Polski Language Pack) - C:\Users\Paul\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\mur4sejs.default\Extensions\langpack-pl@bluegriffon.org.xpi [2017-07-23] [Legacy] [not signed]
    FF Extension: (Russian (RU) Language Pack) - C:\Users\Paul\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\mur4sejs.default\Extensions\langpack-ru@bluegriffon.org.xpi [2017-07-23] [Legacy] [not signed]
    FF Extension: (Slovenski jezik Language Pack) - C:\Users\Paul\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\mur4sejs.default\Extensions\langpack-sl@bluegriffon.org.xpi [2017-07-23] [Legacy] [not signed]
    FF Extension: (�рп�ки (sr) Language Pack) - C:\Users\Paul\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\mur4sejs.default\Extensions\langpack-sr@bluegriffon.org.xpi [2017-07-23] [Legacy] [not signed]
    FF Extension: (Svenska (SE) Language Pack) - C:\Users\Paul\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\mur4sejs.default\Extensions\langpack-sv-SE@bluegriffon.org.xpi [2017-07-23] [Legacy] [not signed]
    FF Extension: (Chinese Simplified (zh-CN) Language Pack) - C:\Users\Paul\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\mur4sejs.default\Extensions\langpack-zh-CN@bluegriffon.org.xpi [2017-07-23] [Legacy] [not signed]
    FF Extension: (Traditional Chinese (zh-TW) Language Pack) - C:\Users\Paul\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\mur4sejs.default\Extensions\langpack-zh-TW@bluegriffon.org.xpi [2017-07-23] [Legacy] [not signed]
    FF Extension: (FireFTP) - C:\Users\Paul\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\mur4sejs.default\Extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}.xpi [2017-07-23] [Legacy] [not signed]
    FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
    FF Extension: (SmartPrintButton) - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2011-01-26] [Legacy] [not signed]
    FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2018-01-24] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
    FF Plugin: @Tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2018-07-25] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
    FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2018-01-24] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
    FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2012-05-25] (Yahoo! Inc. -> Yahoo! Inc.)
    FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-01-11] (Microsoft Corporation -> Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-10-04] (Microsoft Corporation -> Microsoft Corporation)
    FF Plugin-x32: @mozilla.zeniko.ch/SumatraPDF_Browser_Plugin -> C:\Program Files (x86)\SumatraPDF\npPdfViewer.dll [2016-12-05] (Simon Bünzli) [File not signed]
    FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=3 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2019-06-03] (Brave Software, Inc. -> BraveSoftware Inc.)
    FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=9 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2019-06-03] (Brave Software, Inc. -> BraveSoftware Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-14] (Google Inc -> Google LLC)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-14] (Google Inc -> Google LLC)
    FF Plugin-x32: @Tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2018-07-25] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
    FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
    FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
    FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
    FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-02] (Adobe Inc. -> Adobe Systems Inc.)
    FF Plugin HKU\S-1-5-21-3409797038-3744183562-1095253496-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2018-01-24] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
    FF Plugin HKU\S-1-5-21-3409797038-3744183562-1095253496-1001: @mozilla.zeniko.ch/SumatraPDF_Browser_Plugin_x64 -> C:\Program Files (x86)\SumatraPDF\nppdfviewer.dll [2016-12-05] (Simon Bünzli) [File not signed]
    StartMenuInternet: Firefox-A3710B8EBB50CD3 - C:\Program Files\Nightly\firefox.exe

    Chrome:
    =======
    StartMenuInternet: Google Chrome Beta - C:\Program Files (x86)\Google\Chrome Beta\Application\chrome.exe

    ==================== Services (Whitelisted) ====================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 AMD External Events Utility; C:\WINDOWS\System32\DriverStore\FileRepository\c0344035.inf_amd64_2f25d95c250a5c18\B344048\atiesrxx.exe [508632 2019-06-27] (Advanced Micro Devices, Inc. -> AMD)
    R2 ApHidMonitorService; C:\Program Files\Apoint2K\HidMonitorSvc.exe [105248 2016-08-08] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
    S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [159368 2019-06-03] (Brave Software, Inc. -> BraveSoftware Inc.)
    S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [159368 2019-06-03] (Brave Software, Inc. -> BraveSoftware Inc.)
    R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9619616 2019-01-02] (Microsoft Corporation -> Microsoft Corporation)
    S3 GoogleChromeBetaElevationService; C:\Program Files (x86)\Google\Chrome Beta\Application\76.0.3809.62\elevation_service.exe [1096176 2019-07-09] (Google LLC -> Google LLC)
    R2 HPSIService; C:\WINDOWS\system32\HPSIsvc.exe [126880 2012-08-31] (Hewlett-Packard Company -> HP)
    S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes Corporation -> Malwarebytes)
    S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5356848 2019-07-09] (Microsoft Windows Publisher -> Microsoft Corporation)
    R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\NisSrv.exe [2455544 2019-07-08] (Microsoft Windows Publisher -> Microsoft Corporation)
    R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\MsMpEng.exe [110104 2019-07-08] (Microsoft Windows Publisher -> Microsoft Corporation)

    ===================== Drivers (Whitelisted) ======================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    S3 aftap0901; C:\WINDOWS\System32\drivers\aftap0901.sys [48624 2018-03-06] (AnchorFree Inc -> The OpenVPN Project)
    S3 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
    R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0344035.inf_amd64_2f25d95c250a5c18\B344048\atikmdag.sys [55255256 2019-06-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
    R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0344035.inf_amd64_2f25d95c250a5c18\B344048\atikmpag.sys [595160 2019-06-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
    R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [103664 2019-06-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
    S3 amd_sata; C:\WINDOWS\System32\drivers\amd_sata.sys [83176 2013-11-05] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
    S3 amd_xata; C:\WINDOWS\System32\drivers\amd_xata.sys [43240 2013-11-05] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
    R2 APXACC; C:\WINDOWS\system32\DRIVERS\appexDrv.sys [229056 2015-04-03] (AppEx Networks Corporation -> AppEx Networks Corporation)
    R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [107936 2019-05-16] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
    S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
    R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [895256 2015-06-18] (Realtek Semiconductor Corp -> Realtek )
    R3 RtkBtFilter; C:\WINDOWS\System32\drivers\RtkBtfilter.sys [624456 2015-07-07] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
    R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [761600 2015-06-15] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
    R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3096856 2015-12-11] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
    R3 RTWlanE; C:\WINDOWS\System32\drivers\rtwlane.sys [8169472 2018-09-15] (Microsoft Windows -> Realtek Semiconductor Corporation )
    S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
    S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2017-08-30] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
    S3 tpflhlp; C:\Drivers\Flash\htuj46ww\tpflhlp.sys [18232 2014-04-04] (Lenovo(Japan)Ltd. -> Lenovo Group Limited)
    R3 usbfilter; C:\WINDOWS\system32\DRIVERS\usbfilter.sys [56352 2015-12-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc)
    S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [47704 2019-07-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
    R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [367032 2019-07-08] (Microsoft Windows -> Microsoft Corporation)
    R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54200 2019-07-08] (Microsoft Windows -> Microsoft Corporation)

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One month (created) ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2019-07-15 09:55 - 2019-07-15 09:55 - 000011623 _____ C:\Users\Paul\Desktop\JennaK 15 July 2015.odt
    2019-07-15 06:51 - 2019-07-15 06:51 - 000000000 ____D C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TouchPad
    2019-07-15 06:45 - 2019-07-15 06:46 - 000000000 ____D C:\AdwCleaner
    2019-07-15 05:53 - 2019-07-15 06:28 - 000000000 ____D C:\ProgramData\RogueKiller
    2019-07-15 05:53 - 2019-07-15 05:53 - 000003154 _____ C:\WINDOWS\System32\Tasks\RogueKiller Anti-Malware
    2019-07-15 05:53 - 2019-07-15 05:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
    2019-07-15 05:53 - 2019-07-15 05:53 - 000000000 ____D C:\Program Files\RogueKiller
    2019-07-15 05:50 - 2019-07-15 05:51 - 007025360 _____ (Malwarebytes) C:\Users\Paul\Desktop\AdwCleaner.exe
    2019-07-15 05:49 - 2019-07-15 05:50 - 064553816 _____ (Malwarebytes ) C:\Users\Paul\Desktop\mb3-setup-consumer-3.8.3.2965-1.0.613-1.0.11540.exe
    2019-07-15 05:49 - 2019-07-15 05:50 - 030667800 _____ (Adlice Software ) C:\Users\Paul\Desktop\RogueKiller_setup_ref3.exe
    2019-07-14 16:33 - 2019-07-15 10:05 - 000043906 _____ C:\Users\Paul\Desktop\FRST.txt
    2019-07-14 16:32 - 2019-07-14 16:32 - 002095104 _____ (Farbar) C:\Users\Paul\Desktop\FRST64.exe
    2019-07-14 16:12 - 2019-07-14 16:12 - 007086592 _____ (Open-Shell) C:\Users\Paul\Desktop\OpenShellSetup_4_4_131.exe
    2019-07-14 07:08 - 2019-07-14 07:08 - 000030160 _____ C:\Users\Paul\Desktop\payschedule for cehrly payroll annual 18_19 FINAL.pdf
    2019-07-12 09:35 - 2019-07-12 10:25 - 000009732 _____ C:\Users\Paul\Desktop\Thrift Shop.odt
    2019-07-10 19:13 - 2019-07-10 19:13 - 000071849 _____ C:\Users\Paul\Desktop\Jeff Okabayashi Event Flyer.pdf
    2019-07-09 14:10 - 2019-07-09 14:10 - 002438199 _____ C:\Users\Paul\Desktop\4951-15311-1-PB.pdf
    2019-07-09 14:10 - 2019-07-09 14:10 - 000798321 _____ C:\Users\Paul\Desktop\The decline and fall of the Western Roman Empire.pdf
    2019-07-09 14:09 - 2019-07-09 14:09 - 000433621 _____ C:\Users\Paul\Desktop\The-Anonymous-De-Rebus-Bellicis-and-the-Ethics-of-Empire-in-Late-Antiquity-C.-Grubaugh-2015.pdf
    2019-07-09 13:22 - 2019-07-09 13:22 - 026808320 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 023454208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 022115472 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 020816384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 019012096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 009683472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
    2019-07-09 13:22 - 2019-07-09 13:22 - 008900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 007921664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 007876096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 007687784 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 007645600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 006545304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 006308232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 006068224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 005587976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 004880896 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 004588752 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
    2019-07-09 13:22 - 2019-07-09 13:22 - 004056576 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 003738624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 003636224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
    2019-07-09 13:22 - 2019-07-09 13:22 - 003385856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 003335216 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 003081728 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 002706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
    2019-07-09 13:22 - 2019-07-09 13:22 - 002701000 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 002645504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 002633216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 002593336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 002469432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 002421760 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
    2019-07-09 13:22 - 2019-07-09 13:22 - 002323688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 002189312 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 002085376 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 002073472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 001929728 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 001903616 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 001715000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 001702088 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
    2019-07-09 13:22 - 2019-07-09 13:22 - 001701888 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 001676288 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 001674752 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 001668752 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 001662480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 001484800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 001477648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 001472808 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
    2019-07-09 13:22 - 2019-07-09 13:22 - 001465464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 001397048 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 001345168 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
    2019-07-09 13:22 - 2019-07-09 13:22 - 001321784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 001259520 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 001253688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
    2019-07-09 13:22 - 2019-07-09 13:22 - 001208320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 001182448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
    2019-07-09 13:22 - 2019-07-09 13:22 - 001160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 001145856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 001075712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 001054928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
    2019-07-09 13:22 - 2019-07-09 13:22 - 001052672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 001048592 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
    2019-07-09 13:22 - 2019-07-09 13:22 - 000998928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
    2019-07-09 13:22 - 2019-07-09 13:22 - 000988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000964608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000895552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000865272 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000850992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000833024 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000828728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
    2019-07-09 13:22 - 2019-07-09 13:22 - 000816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
    2019-07-09 13:22 - 2019-07-09 13:22 - 000807480 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
    2019-07-09 13:22 - 2019-07-09 13:22 - 000804744 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioIso.exe
    2019-07-09 13:22 - 2019-07-09 13:22 - 000799776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
     
    psaulm119,
    #19
  21. 2019/07/15
    psaulm119 Lifetime Subscription

    psaulm119 Geek Member Thread Starter

    Joined:
    2003/12/07
    Messages:
    1,424
    Likes Received:
    21
    2019-07-09 13:22 - 2019-07-09 13:22 - 000758896 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
    2019-07-09 13:22 - 2019-07-09 13:22 - 000749568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000731104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
    2019-07-09 13:22 - 2019-07-09 13:22 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000680176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000660032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
    2019-07-09 13:22 - 2019-07-09 13:22 - 000652528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000651792 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
    2019-07-09 13:22 - 2019-07-09 13:22 - 000642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000580024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000514136 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000482104 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
    2019-07-09 13:22 - 2019-07-09 13:22 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
    2019-07-09 13:22 - 2019-07-09 13:22 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000423480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000397688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000351432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000346624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000333128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000317456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mssecflt.sys
    2019-07-09 13:22 - 2019-07-09 13:22 - 000310288 _____ (Microsoft Corporation) C:\WINDOWS\system32\computestorage.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000294000 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000292152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
    2019-07-09 13:22 - 2019-07-09 13:22 - 000281600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000279920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000241944 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPHLPAPI.DLL
    2019-07-09 13:22 - 2019-07-09 13:22 - 000240128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
    2019-07-09 13:22 - 2019-07-09 13:22 - 000212792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
    2019-07-09 13:22 - 2019-07-09 13:22 - 000203272 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000201528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
    2019-07-09 13:22 - 2019-07-09 13:22 - 000197832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IPHLPAPI.DLL
    2019-07-09 13:22 - 2019-07-09 13:22 - 000192824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
    2019-07-09 13:22 - 2019-07-09 13:22 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\NcaSvc.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
    2019-07-09 13:22 - 2019-07-09 13:22 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000121896 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000095544 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000092592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
    2019-07-09 13:22 - 2019-07-09 13:22 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
    2019-07-09 13:22 - 2019-07-09 13:22 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
    2019-07-09 13:22 - 2019-07-09 13:22 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
    2019-07-09 13:22 - 2019-07-09 13:22 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
    2019-07-09 13:22 - 2019-07-09 13:22 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
    2019-07-09 13:22 - 2019-07-09 13:22 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
    2019-07-09 13:22 - 2019-07-09 13:22 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
    2019-07-09 13:22 - 2019-07-09 13:22 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
    2019-07-09 13:22 - 2019-07-09 13:22 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
    2019-07-09 01:22 - 2019-07-09 17:13 - 000030122 _____ C:\Users\Paul\Desktop\Huns & End of Roman Empire.odt
    2019-07-09 01:18 - 2019-07-09 01:18 - 005313441 _____ C:\Users\Paul\Desktop\Metropolis and hinterland.pdf
    2019-07-09 01:13 - 2019-07-09 01:13 - 001715815 _____ C:\Users\Paul\Desktop\Late Roman Economic Systems.pdf
    2019-07-08 19:19 - 2019-07-08 19:19 - 000080608 _____ C:\Users\Paul\Desktop\CausesFallWestNEW.odt
    2019-07-07 17:48 - 2019-07-07 17:48 - 006017050 _____ C:\Users\Paul\Desktop\811154.pdf
    2019-07-07 04:51 - 2019-07-07 04:51 - 000001183 _____ C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Yoga_Large.mp4 - Shortcut.lnk
    2019-07-06 15:04 - 2019-07-06 15:04 - 002767337 _____ C:\Users\Paul\Desktop\4.pdf
    2019-07-06 14:11 - 2019-07-08 09:41 - 000029585 _____ C:\Users\Paul\Desktop\Barbarian PDF.odt
    2019-07-05 21:19 - 2019-07-05 21:19 - 000502524 _____ C:\Users\Paul\Desktop\Tennis July.pdf
    2019-07-05 19:00 - 2019-07-05 19:00 - 005720690 _____ C:\Users\Paul\Desktop\catosletter_spring2019.pdf
    2019-07-04 08:01 - 2019-07-04 08:58 - 000028701 _____ C:\Users\Paul\Desktop\LRR BITOG.odt
    2019-07-03 08:35 - 2019-07-04 15:06 - 000026193 _____ C:\Users\Paul\Desktop\SilkRoadReadings.odt
    2019-07-01 22:32 - 2019-07-01 22:32 - 000626194 _____ C:\Users\Paul\Desktop\Lynn White Medieval Tech.pdf
    2019-07-01 16:45 - 2019-07-01 16:45 - 010750265 _____ C:\Users\Paul\Desktop\Noble (Ed.) - From Roman Provinces to Medieval Kingdoms, Rewriting Histories (2006).pdf
    2019-07-01 16:45 - 2019-07-01 16:45 - 008900623 _____ C:\Users\Paul\Desktop\MQ54153.pdf
    2019-07-01 16:43 - 2019-07-01 16:43 - 002513857 _____ C:\Users\Paul\Desktop\Carolingian Renaissance.pdf
    2019-07-01 15:00 - 2019-07-03 21:13 - 000022052 _____ C:\Users\Paul\Desktop\Cavalry Infantry.odt
    2019-07-01 14:01 - 2019-07-01 14:01 - 000241157 _____ C:\Users\Paul\Desktop\2.2._a6.pdf
    2019-07-01 14:01 - 2019-07-01 14:01 - 000139010 _____ C:\Users\Paul\Desktop\2464a915461a55cc32bba43a7770505f7709.pdf
    2019-07-01 14:01 - 2019-07-01 14:01 - 000097233 _____ C:\Users\Paul\Desktop\stirrup.pdf
    2019-07-01 10:41 - 2019-07-01 10:41 - 000168775 _____ C:\Users\Paul\Desktop\mk1-waxwork-frontal.jpg.webp
    2019-07-01 10:41 - 2019-07-01 10:41 - 000038675 _____ C:\Users\Paul\Desktop\philip-2_waxwork_frontal-hr.jpg.webp
    2019-06-30 20:10 - 2019-06-30 20:11 - 000000000 ____D C:\Users\Paul\Desktop\Assyria
    2019-06-30 20:06 - 2019-06-30 20:06 - 000000000 ____D C:\Users\Paul\AppData\LocalLow\AMD
    2019-06-30 19:56 - 2019-06-30 19:56 - 000003414 _____ C:\WINDOWS\System32\Tasks\AMD ThankingURL
    2019-06-30 19:51 - 2019-06-30 19:51 - 000003160 _____ C:\WINDOWS\System32\Tasks\StartCN
    2019-06-30 19:51 - 2019-06-30 19:51 - 000003080 _____ C:\WINDOWS\System32\Tasks\StartDVR
    2019-06-30 19:51 - 2019-06-30 19:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Settings
    2019-06-30 19:41 - 2019-06-30 19:41 - 028268472 _____ (AMD Inc.) C:\Users\Paul\Desktop\radeon-software-adrenalin-2019-19.6.3-minimalsetup-190627_web.exe
    2019-06-28 13:38 - 2019-06-28 13:38 - 000209490 _____ C:\Users\Paul\Desktop\Gromyko.pdf
    2019-06-28 11:36 - 2019-06-28 11:36 - 000000000 ____D C:\Users\Paul\AppData\Roaming\LibreOffice
    2019-06-28 11:35 - 2019-06-28 11:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 6.0
    2019-06-28 11:33 - 2019-06-28 11:34 - 000000000 ____D C:\Program Files\LibreOffice
    2019-06-28 07:28 - 2019-06-28 07:28 - 000010118 _____ C:\Users\Paul\Desktop\IdahoLocust.odt
    2019-06-28 06:48 - 2019-06-28 06:48 - 001993528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
    2019-06-27 06:35 - 2019-07-01 06:26 - 000000000 ____D C:\WINDOWS\Minidump
    2019-06-27 05:07 - 2019-06-27 05:07 - 003886000 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
    2019-06-27 05:07 - 2019-06-27 05:07 - 003485104 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
    2019-06-27 05:07 - 2019-06-27 05:07 - 001589976 _____ (AMD) C:\WINDOWS\system32\SET2457.tmp
    2019-06-27 05:07 - 2019-06-27 05:07 - 001589976 _____ (AMD) C:\WINDOWS\system32\SET1ADB.tmp
    2019-06-27 05:07 - 2019-06-27 05:07 - 001589976 _____ (AMD) C:\WINDOWS\system32\coinst_19.20.dll
    2019-06-27 05:07 - 2019-06-27 05:07 - 001237928 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
    2019-06-27 05:07 - 2019-06-27 05:07 - 001011320 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
    2019-06-27 05:07 - 2019-06-27 05:07 - 001011320 _____ C:\WINDOWS\system32\vulkan-1.dll
    2019-06-27 05:07 - 2019-06-27 05:07 - 000874264 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
    2019-06-27 05:07 - 2019-06-27 05:07 - 000874264 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
    2019-06-27 05:07 - 2019-06-27 05:07 - 000574680 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
    2019-06-27 05:07 - 2019-06-27 05:07 - 000493784 _____ C:\WINDOWS\system32\dgtrayicon.exe
    2019-06-27 05:07 - 2019-06-27 05:07 - 000485592 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
    2019-06-27 05:07 - 2019-06-27 05:07 - 000480984 _____ C:\WINDOWS\system32\GameManager64.dll
    2019-06-27 05:07 - 2019-06-27 05:07 - 000382168 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
    2019-06-27 05:07 - 2019-06-27 05:07 - 000304856 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
    2019-06-27 05:07 - 2019-06-27 05:07 - 000304856 _____ C:\WINDOWS\system32\vulkaninfo.exe
    2019-06-27 05:07 - 2019-06-27 05:07 - 000276696 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
    2019-06-27 05:07 - 2019-06-27 05:07 - 000276696 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
    2019-06-27 05:07 - 2019-06-27 05:07 - 000184536 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
    2019-06-27 05:07 - 2019-06-27 05:07 - 000163544 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
    2019-06-27 05:07 - 2019-06-27 05:07 - 000153304 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
    2019-06-27 05:07 - 2019-06-27 05:07 - 000138968 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
    2019-06-27 05:07 - 2019-06-27 05:07 - 000135592 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
    2019-06-27 05:07 - 2019-06-27 05:07 - 000122280 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
    2019-06-27 05:07 - 2019-06-27 05:07 - 000071104 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
    2019-06-27 05:07 - 2019-06-27 05:07 - 000047320 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
    2019-06-27 05:07 - 2019-06-27 05:07 - 000044248 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
    2019-06-27 05:07 - 2019-06-27 05:07 - 000020392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
    2019-06-27 05:07 - 2019-06-27 05:07 - 000020392 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
    2019-06-27 05:06 - 2019-06-27 05:06 - 000941992 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
    2019-06-27 05:06 - 2019-06-27 05:06 - 000769448 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
    2019-06-27 05:06 - 2019-06-27 05:06 - 000554408 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll
    2019-06-27 05:06 - 2019-06-27 05:06 - 000384424 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll
    2019-06-26 22:57 - 2019-06-26 23:13 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
    2019-06-26 22:55 - 2019-06-26 22:57 - 000000000 ____D C:\WINDOWS\ServiceProfiles
    2019-06-26 22:55 - 2019-06-26 22:55 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
    2019-06-26 22:49 - 2019-06-26 22:49 - 024616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 019284480 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 012243968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 011724288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 009941504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 007727336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 005436696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 005115384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 004920832 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 004488192 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
    2019-06-26 22:49 - 2019-06-26 22:49 - 003602944 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 003566080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 003550384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 003442176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
    2019-06-26 22:49 - 2019-06-26 22:49 - 003421696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
    2019-06-26 22:49 - 2019-06-26 22:49 - 002986352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 002752360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 002429752 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
    2019-06-26 22:49 - 2019-06-26 22:49 - 002393088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 002278240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 002205184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 002160160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
    2019-06-26 22:49 - 2019-06-26 22:49 - 002017280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
    2019-06-26 22:49 - 2019-06-26 22:49 - 001969152 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistSvc.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 001706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 001521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 001459080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 001297120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 001294520 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 001289192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 001282640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 001266192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
    2019-06-26 22:49 - 2019-06-26 22:49 - 001254400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
    2019-06-26 22:49 - 2019-06-26 22:49 - 001223168 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloSI.PCShell.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 001200920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 001166336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
    2019-06-26 22:49 - 2019-06-26 22:49 - 001077912 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 001072424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 001057976 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 001024920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 001022464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000927744 _____ (Microsoft Corporation) C:\WINDOWS\system32\assignedaccessmanagersvc.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000898048 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000870400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000866152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000854784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000833024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000829440 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000798736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
    2019-06-26 22:49 - 2019-06-26 22:49 - 000762272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000747568 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOE.DLL
    2019-06-26 22:49 - 2019-06-26 22:49 - 000743216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
    2019-06-26 22:49 - 2019-06-26 22:49 - 000740352 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscsvc.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000732160 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistCacheProvider.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000687896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOE.DLL
    2019-06-26 22:49 - 2019-06-26 22:49 - 000684032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000673520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
    2019-06-26 22:49 - 2019-06-26 22:49 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000662528 ____R (Microsoft Corporation) C:\WINDOWS\system32\MixedRealityCapture.Pipeline.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000654848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000618496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessManager.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfh264enc.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfh264enc.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000464384 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe
    2019-06-26 22:49 - 2019-06-26 22:49 - 000454144 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000453632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
    2019-06-26 22:49 - 2019-06-26 22:49 - 000429056 _____ (Microsoft Corporation) C:\WINDOWS\system32\MixedReality.Broker.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000427520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000421688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistSh.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000376320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdechangepin.exe
    2019-06-26 22:49 - 2019-06-26 22:49 - 000371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinit.exe
    2019-06-26 22:49 - 2019-06-26 22:49 - 000362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PeerDistSh.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000345600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\regedit.exe
    2019-06-26 22:49 - 2019-06-26 22:49 - 000311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000301096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpeffects.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscobj.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000263360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000241680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpeffects.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistCleaner.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDist.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpdxm.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000203264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscobj.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PeerDist.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistWSDDiscoProv.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpdxm.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000166400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscinterop.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpshell.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000109568 _____ C:\WINDOWS\system32\uwfcfgmgmt.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000101376 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncCsp.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000098816 ____R (Microsoft Corporation) C:\WINDOWS\system32\MixedRealityCapture.Broker.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpshell.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssecuser.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\EASPolicyManagerBrokerHost.exe
    2019-06-26 22:49 - 2019-06-26 22:49 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll
    2019-06-26 22:49 - 2019-06-26 22:49 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfts.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 015221248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 012938752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 007251456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 006925312 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 006441472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 005915936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 005764608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 005566464 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 005210904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 005086208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 004661760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 004627456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 004527624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 004019200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 003952952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 003906560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 003818416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
    2019-06-26 22:48 - 2019-06-26 22:48 - 003761664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 003690496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
    2019-06-26 22:48 - 2019-06-26 22:48 - 003656192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 003652656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 003504128 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 003496448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AI.MachineLearning.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 003427328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 003406848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 003344896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 003108864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 002982400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 002942464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 002926096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
    2019-06-26 22:48 - 2019-06-26 22:48 - 002893312 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 002871816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
    2019-06-26 22:48 - 2019-06-26 22:48 - 002832896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 002778760 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 002765312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 002714624 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 002693120 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 002626872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
    2019-06-26 22:48 - 2019-06-26 22:48 - 002447360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 002346496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 002298880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 002278784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 002127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 002096128 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
    2019-06-26 22:48 - 2019-06-26 22:48 - 002086400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 002013696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 002001408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001994760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001966904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
    2019-06-26 22:48 - 2019-06-26 22:48 - 001918464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001899160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001863168 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001837136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001819136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001782272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001763328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001721352 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001720936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001711104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001687552 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001675712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001674696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001622016 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001618944 ____R (The ICU Project) C:\WINDOWS\SysWOW64\icuin.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001590064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001572176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
    2019-06-26 22:48 - 2019-06-26 22:48 - 001506304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001483872 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001476096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001458056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001446400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42u.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001427592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001415680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001395264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001391096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
    2019-06-26 22:48 - 2019-06-26 22:48 - 001387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001382912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001370624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001360184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
    2019-06-26 22:48 - 2019-06-26 22:48 - 001332224 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpasvc.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001316352 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001294848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001290752 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001279024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
    2019-06-26 22:48 - 2019-06-26 22:48 - 001272552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ttdrecordcpu.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001271608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001257472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001249280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001223168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdprt.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001221944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001221528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
    2019-06-26 22:48 - 2019-06-26 22:48 - 001217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001182720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
    2019-06-26 22:48 - 2019-06-26 22:48 - 001180248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001168384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001162320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001159168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001155072 ____R (The ICU Project) C:\WINDOWS\SysWOW64\icuuc.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001132032 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001125416 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001110528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001098136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001062400 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001047552 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001026792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001019392 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 001010688 _____ (Microsoft Corporation) C:\WINDOWS\system32\refsutil.exe
    2019-06-26 22:48 - 2019-06-26 22:48 - 001001472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
    2019-06-26 22:48 - 2019-06-26 22:48 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000982528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000981816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
    2019-06-26 22:48 - 2019-06-26 22:48 - 000976896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000964976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000949760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000948224 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000918032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000909840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
    2019-06-26 22:48 - 2019-06-26 22:48 - 000908800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
    2019-06-26 22:48 - 2019-06-26 22:48 - 000889344 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000884224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000883200 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
    2019-06-26 22:48 - 2019-06-26 22:48 - 000875008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000860160 _____ C:\WINDOWS\system32\MBR2GPT.EXE
    2019-06-26 22:48 - 2019-06-26 22:48 - 000845824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000833536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000823296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000821048 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000810504 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000803328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000791040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000791040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000782968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000780632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcrt.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000775168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000772408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Services.TargetedContent.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000771584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
    2019-06-26 22:48 - 2019-06-26 22:48 - 000764216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000762880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000742912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000740664 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000731648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000730936 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000730112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000725696 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000711168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000699392 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000695296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
    2019-06-26 22:48 - 2019-06-26 22:48 - 000682496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationFrame.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\system32\objsel.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000660480 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000655160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
    2019-06-26 22:48 - 2019-06-26 22:48 - 000649064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000638376 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcrt.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000637968 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000626176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000617784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000615936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000604248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.applicationmodel.datatransfer.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000599040 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000598544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000591832 _____ C:\WINDOWS\SysWOW64\InputHost.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000588304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
    2019-06-26 22:48 - 2019-06-26 22:48 - 000585728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
    2019-06-26 22:48 - 2019-06-26 22:48 - 000570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000555232 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000553992 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000553984 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000553664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000549376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000548864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuietHours.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000540720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000540448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
    2019-06-26 22:48 - 2019-06-26 22:48 - 000535048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
    2019-06-26 22:48 - 2019-06-26 22:48 - 000528384 _____ (Microsoft Corporation) C:\
     
    psaulm119,
    #20
Page 1 of 3

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...