Go Back   Tech Support Forum > Security Center > Virus/Trojan/Spyware Help > Resolved HJT Threads

User Tag List

Recurring Daily - Windows Refocuses to Desktop at 12:00 (Midnight)

This is a discussion on Recurring Daily - Windows Refocuses to Desktop at 12:00 (Midnight) within the Resolved HJT Threads forums, part of the Tech Support Forum category. Win 10 Pro - Upgraded from Win 7 Hi guys, I have had an issue ever since I built this


 
 
Thread Tools Search this Thread
Old 08-01-2018, 04:48 PM   #1
Registered Member
 
Join Date: Apr 2012
Posts: 29
OS: Win XP Sp3



Win 10 Pro - Upgraded from Win 7

Hi guys, I have had an issue ever since I built this computer, but only at this point has it become much more of a nuisance.

Problem:At midnight each day, if I am working/using an application in full screen mode (such as a full-screened game or movie), the system will automatically focus on the desktop. Think "ALT+TAB" but to desktop. The symptom does not sure for things applications in windowed-fullscreen.

Troubleshooting:

  • Enabling & disabling the following showed no difference: "Task Scheduler Library -> Microsoft -> Windows -> Maintenance"
  • I do not have dropbox or similar syncing software that requires some sort of pull from a cloud
  • Full scan performed with Malwarebytes + Adwcleaner and Windows defender
  • Turning off focus assist. Turning on alarms only while turning off summary
  • Windows desktop customization option is not selected for matching my desktop background
  • Task Scheduler shows no items running at midnight

I have essentially followed all advice posted in my Win 10 help thread here: https://www.techsupportforum.com/for...ml#post7695040

There is suspicion that this is due to some malware - also in part from another user experience here: Stop desktop showing at midnight - [Solved] - Components

I do not have a Windows install CD, but I can readily create a Win 10 installation USB key.


Any help or suggestions or where to look is highly appreciated!


DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.17134.1
Run by squis at 19:17:49 on 2018-08-01
Microsoft Windows 10 Pro 10.0.17134.0.1252.1.1033.18.16336.12744 [GMT -4:00]
.
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
C:\WINDOWS\system32\fontdrvhost.exe
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s hidserv
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc
c:\windows\system32\svchost.exe -k localservice -p -s nsi
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
C:\WINDOWS\system32\dashost.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
C:\Windows\SysWOW64\PnkBstrB.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
C:\Program Files (x86)\Origin\OriginWebHelperService.exe
c:\windows\system32\svchost.exe -k networkservice -p -s TapiSrv
C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
c:\windows\system32\svchost.exe -k netsvcs
c:\windows\system32\svchost.exe -k netsvcs -p -s Browser
c:\windows\system32\svchost.exe -k networkservicenetworkrestricted -p -s PolicyAgent
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\AUDIODG.EXE
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
c:\windows\system32\svchost.exe -k netsvcs -p
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
svchost.exe
c:\windows\system32\svchost.exe -k networkservice -p -s DoSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s Netman
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s QWAVE
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wlidsvc
C:\WINDOWS\System32\fontdrvhost.exe
C:\WINDOWS\System32\dwm.exe
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s camsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DsSvc
C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
c:\windows\system32\sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
c:\windows\system32\taskhostw.exe
C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\system32\SettingSyncHost.exe
C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\InputMethod\CHS\ChsIME.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p -s NcdAutoSetup
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\Windows Defender\MSASCuiL.exe
C:\Program Files\Nahimic\Nahimic VR\Foundation\NahimicVRSvc32.exe
C:\Program Files\Nahimic\Nahimic VR\Foundation\x64\NahimicVRSvc64.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files\Logitech Gaming Software\LCore.exe
C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
C:\Program Files (x86)\Send Anywhere\Send Anywhere.exe
C:\Program Files\Logitech Gaming Software\ArxApplets\Discord\logitechg_discord.exe
C:\Program Files (x86)\Send Anywhere\Send Anywhere.exe
C:\Program Files (x86)\Send Anywhere\Send Anywhere.exe
C:\Program Files\ShareX\ShareX.exe
C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\system32\ApplicationFrameHost.exe
C:\Program Files\WindowsApps\Microsoft.WindowsStore_11807.1001.13.0_x64__8wekyb3d8bbwe\WinStore.App.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_1.16.1004.0_x64__8wekyb3d8bbwe\GameBar.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService
svchost.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s BITS
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Windows\System32\smartscreen.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uLocal Page = %11%\blank.htm
mWinlogon: Userinit = C:\WINDOWS\System32\userinit.exe
BHO: Skype for Business Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
uRun: [OneDrive] "C:\Users\squis\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
uRun: [SendAnywhere] C:\Program Files (x86)\Send Anywhere\Send Anywhere.exe --tray
mRun: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
StartupFolder: C:\Users\squis\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ShareX.lnk - C:\Program Files\ShareX\ShareX.exe
mPolicies-System: DSCAutomationHostEnabled = dword:2
mPolicies-System: EnableFullTrustStartupTasks = dword:2
mPolicies-System: EnableUwpStartupTasks = dword:2
mPolicies-System: SupportFullTrustStartupTasks = dword:1
mPolicies-System: SupportUwpStartupTasks = dword:1
IE: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
TCP: NameServer = 208.67.222.222 208.67.220.220
TCP: Interfaces\{4819c6a7-3b09-4646-ba9a-43e1354b9935} : DHCPNameServer = 192.168.2.1 207.164.234.129
TCP: Interfaces\{531419f4-0591-40b5-8d4c-449a71d3612c} : NameServer = 208.67.222.222,208.67.220.220
TCP: Interfaces\{531419f4-0591-40b5-8d4c-449a71d3612c} : DHCPNameServer = 208.67.222.222 208.67.220.220
TCP: Interfaces\{580fc6f8-38d2-4c55-a4fa-cf424f8843e1} : DHCPNameServer = 192.168.42.129
TCP: Interfaces\{5dd26fc4-6669-40c1-9e0a-42b96559db66} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{afdb1cfb-e56a-4afd-939e-a8ca4b92130e} : DHCPNameServer = 192.168.0.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\MSOXMLMF.DLL
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
SSODL: WebCheck - <orphaned>
LSA: Security Packages = ""
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
x64-BHO: ExplorerWnd Helper: {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll
x64-BHO: Skype for Business Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll
x64-Run: [SecurityHealth] C:\Program Files (x86)\Windows Defender\MSASCuiL.exe
x64-Run: [NahimicVRSvc32] C:\Program Files\Nahimic\Nahimic VR\Foundation\NahimicVRSvc32.exe /start all
x64-Run: [NahimicVRSvc64] C:\Program Files\Nahimic\Nahimic VR\Foundation\x64\NahimicVRSvc64.exe /start all
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [AdobeGCInvoker-1.0] "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe"
x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
x64-Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-mPolicies-System: EnableFullTrustStartupTasks = dword:2
x64-mPolicies-System: EnableUwpStartupTasks = dword:2
x64-mPolicies-System: SupportFullTrustStartupTasks = dword:1
x64-mPolicies-System: SupportUwpStartupTasks = dword:1
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft Office\Office16\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL
x64-Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - <orphaned>
x64-Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - <orphaned>
x64-Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - <orphaned>
x64-Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - <orphaned>
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.99\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
.
============= SERVICES / DRIVERS ===============
.
P2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2017-7-11 9728]
R0 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2018-4-11 177192]
R0 iorate;Disk I/O Rate Filter Driver;C:\WINDOWS\System32\drivers\iorate.sys [2018-4-11 58272]
R0 MsSecFlt;Microsoft Security Events Component Minifilter;C:\WINDOWS\System32\drivers\mssecflt.sys [2018-4-11 304032]
R0 SgrmAgent;System Guard Runtime Monitor Agent;C:\WINDOWS\System32\drivers\SgrmAgent.sys [2018-4-11 63896]
R0 volume;Volume driver;C:\WINDOWS\System32\drivers\volume.sys [2018-4-11 16288]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2018-7-10 72768]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2018-4-11 18472]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2018-4-11 209816]
R1 afunix;afunix;C:\WINDOWS\System32\drivers\afunix.sys [2018-4-11 39424]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2018-4-11 254464]
R1 amdpsp;AMD PSP Service;C:\WINDOWS\System32\drivers\amdpsp.sys [2017-6-12 239976]
R1 bam;Background Activity Moderator Driver;C:\WINDOWS\System32\drivers\bam.sys [2018-4-11 60320]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit;C:\WINDOWS\System32\drivers\mbae64.sys [2018-5-11 152688]
R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2018-4-11 55808]
R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-4-11 8192]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver;C:\WINDOWS\System32\drivers\HWiNFO64A.SYS [2017-5-7 27552]
R2 AdobeUpdateService;AdobeUpdateService;C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [2018-6-22 818128]
R2 AGMService;Adobe Genuine Monitor Service;C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2018-5-11 2321384]
R2 AGSService;Adobe Genuine Software Integrity Service;C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2017-2-27 2128872]
R2 CDPSvc;Connected Devices Platform Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
R2 CDPUserSvc_4c36fd3;Connected Devices Platform User Service_4c36fd3;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R2 CldFlt;Windows Cloud Files Filter Driver;C:\WINDOWS\System32\drivers\cldflt.sys [2018-4-11 414208]
R2 ClickToRunSvc;Microsoft Office Click-to-Run Service;C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe [2017-5-5 8851496]
R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p [2018-4-11 51288]
R2 DiagTrack;Connected User Experiences and Telemetry;C:\WINDOWS\System32\svchost.exe -k utcsvc -p [2018-4-11 51288]
R2 DusmSvc;Data Usage;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
R2 IObitUnSvr;IObit Uninstaller Service;C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [2017-7-10 360736]
R2 LGCoreTemp;Logitech CPU Core Tempurature;C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\LgCoreTemp.sys [2015-6-21 14184]
R2 LogiRegistryService;Logitech Gaming Registry Service;C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [2018-5-7 206472]
R2 MBAMChameleon;MBAMChameleon;C:\WINDOWS\System32\drivers\MbamChameleon.sys [2018-7-8 191208]
R2 MBAMService;Malwarebytes Service;C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [2018-5-11 6541008]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container;C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-7-25 764456]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS;C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2018-7-25 764896]
R2 NvTelemetryContainer;NVIDIA Telemetry Container;C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2018-7-25 629800]
R2 OneSyncSvc_4c36fd3;Sync Host_4c36fd3;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R2 Origin Web Helper Service;Origin Web Helper Service;C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2017-10-4 3000168]
R2 SecurityHealthService;Windows Defender Security Center Service;C:\WINDOWS\System32\SecurityHealthService.exe [2018-7-10 761440]
R2 SgrmBroker;System Guard Runtime Monitor Broker;C:\WINDOWS\System32\SgrmBroker.exe [2018-4-11 163336]
R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2018-4-11 82432]
R2 TeamViewer;TeamViewer 13;C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2018-4-14 11293936]
R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R2 UsoSvc;Update Orchestrator Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R2 wcifs;Windows Container Isolation;C:\WINDOWS\System32\drivers\wcifs.sys [2018-4-11 151960]
R2 WpnService;Windows Push Notifications System Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R2 WpnUserService_4c36fd3;Windows Push Notifications User Service_4c36fd3;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R3 amdgpio2;AMD GPIO Client Driver;C:\WINDOWS\System32\drivers\amdgpio2.sys [2017-3-2 43400]
R3 amdgpio3;AMD GPIO Client Driver;C:\WINDOWS\System32\drivers\amdgpio3.sys [2016-8-13 24424]
R3 AMDPCIDev;AMD PCI;C:\WINDOWS\System32\drivers\AMDPCIDev.sys [2017-10-10 31592]
R3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx -p [2018-4-11 51288]
R3 BcastDVRUserService_4c36fd3;GameDVR and Broadcast User Service_4c36fd3;C:\WINDOWS\System32\svchost.exe -k BcastDVRUserService [2018-4-11 51288]
R3 camsvc;Capability Access Manager Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
R3 CMUSBDAC;USB Audio Class 1.0 and 2.0 DAC Device Driver;C:\WINDOWS\System32\drivers\CMUSBDAC.sys [2016-11-30 3792904]
R3 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k NetworkService -p [2018-4-11 51288]
R3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
R3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R3 LGBusEnum;Logitech Gaming Virtual Bus Enumerator Driver;C:\WINDOWS\System32\drivers\LGBusEnum.sys [2018-5-7 36496]
R3 LGJoyXlCore;Logitech Translation Layer Driver (LGS);C:\WINDOWS\System32\drivers\LGJoyXlCore.sys [2018-5-7 67736]
R3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;C:\WINDOWS\System32\drivers\LGSHidFilt.Sys [2018-5-7 64280]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;C:\WINDOWS\System32\drivers\LGVirHid.sys [2018-5-7 26008]
R3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
R3 MBAMFarflt;MBAMFarflt;C:\WINDOWS\System32\drivers\farflt.sys [2018-7-8 114920]
R3 MBAMProtection;MBAMProtection;C:\WINDOWS\System32\drivers\mbam.sys [2018-7-8 48360]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2018-6-26 253664]
R3 MBAMWebProtection;MBAMWebProtection;C:\WINDOWS\System32\drivers\mwac.sys [2018-7-26 102632]
R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2018-4-11 20992]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\WINDOWS\System32\drivers\nvvad64v.sys [2018-7-25 69544]
R3 nvvhci;NVVHCI Enumerator Service;C:\WINDOWS\System32\drivers\nvvhci.sys [2018-7-25 65792]
R3 Phosgene;FaceRig Virtual Camera;C:\WINDOWS\System32\drivers\Phosgene.sys [2017-8-15 34136]
R3 PimIndexMaintenanceSvc_4c36fd3;Contact Data_4c36fd3;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R3 rt640x64;Realtek RT640 NT Driver;C:\WINDOWS\System32\drivers\rt640x64.sys [2017-6-23 984032]
R3 RTCore64;RTCore64;C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [2017-8-27 14024]
R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
R3 TimeBrokerSvc;Time Broker;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
R3 TokenBroker;Web Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2018-6-13 29600]
R3 UnistoreSvc_4c36fd3;User Data Storage_4c36fd3;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R3 UserDataSvc_4c36fd3;User Data Access_4c36fd3;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R3 WaaSMedicSvc;Windows Update Medic Service;C:\WINDOWS\System32\svchost.exe -k wusvcs -p [2018-4-11 51288]
R3 WdNisDrv;Windows Defender Antivirus Network Inspection System Driver;C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [2018-7-31 61992]
R3 WdNisSvc;Windows Defender Antivirus Network Inspection Service;C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1807.18075-0\NisSrv.exe [2018-7-31 3905952]
S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService -p [2018-4-11 51288]
S3 AcpiDev;ACPI Devices driver;C:\WINDOWS\System32\drivers\AcpiDev.sys [2018-4-11 20480]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2018-4-11 1135520]
S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 amdkmcsp;AMD Kernel Mode CSP Service;C:\WINDOWS\System32\drivers\amdkmcsp.sys [2017-6-12 95080]
S3 applockerfltr;Smartlocker Filter Driver;C:\WINDOWS\System32\drivers\applockerfltr.sys [2018-4-11 18432]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness -p [2018-4-11 51288]
S3 AppvStrm;AppvStrm;C:\WINDOWS\System32\drivers\AppVStrm.sys [2018-4-11 127384]
S3 AppvVemgr;AppvVemgr;C:\WINDOWS\System32\drivers\AppvVemgr.sys [2018-4-11 162712]
S3 AppvVfs;AppvVfs;C:\WINDOWS\System32\drivers\AppvVfs.sys [2018-4-11 143768]
S3 AssignedAccessManagerSvc;AssignedAccessManager Service;C:\WINDOWS\System32\svchost.exe -k AssignedAccessManagerSvc [2018-4-11 51288]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2018-4-11 9728]
S3 BEService;BattlEye Service;C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2018-6-30 6875688]
S3 bindflt;Windows Bind Filter Driver;C:\WINDOWS\System32\drivers\bindflt.sys [2018-4-11 92056]
S3 BluetoothUserService_4c36fd3;Bluetooth User Support Service_4c36fd3;C:\WINDOWS\System32\svchost.exe -k BthAppGroup [2018-4-11 51288]
S3 BTAGService;Bluetooth Audio Gateway Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2018-4-11 51288]
S3 BthAvctpSvc;AVCTP service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 bttflt;Microsoft Hyper-V VHDPMEM BTT Filter;C:\WINDOWS\System32\drivers\bttflt.sys [2018-4-11 38304]
S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2018-4-11 39936]
S3 CAD;Charge Arbitration Driver;C:\WINDOWS\System32\drivers\CAD.sys [2018-4-11 60320]
S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2018-4-11 123392]
S3 CaptureService_4c36fd3;CaptureService_4c36fd3;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 cht4iscsi;cht4iscsi;C:\WINDOWS\System32\drivers\cht4sx64.sys [2018-4-11 321432]
S3 cht4vbd;Chelsio Virtual Bus Driver;C:\WINDOWS\System32\drivers\cht4vx64.sys [2018-4-11 1836952]
S3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx -p [2018-4-11 51288]
S3 dc1-controller;Xbox Peripherals Driver;C:\WINDOWS\System32\drivers\dc1-controller.sys [2018-4-11 54272]
S3 DevicePickerUserSvc_4c36fd3;DevicePicker_4c36fd3;C:\WINDOWS\System32\svchost.exe -k DevicesFlow [2018-4-11 51288]
S3 DevicesFlowUserSvc_4c36fd3;DevicesFlow_4c36fd3;C:\WINDOWS\System32\svchost.exe -k DevicesFlow [2018-4-11 51288]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudbus.sys [2017-5-18 131984]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2018-4-11 90624]
S3 diagsvc;Diagnostic Execution Service;C:\WINDOWS\System32\svchost.exe -k diagnostics [2018-4-11 51288]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 EasyAntiCheat;EasyAntiCheat;C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [2018-3-18 774312]
S3 embeddedmode;Embedded Mode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
S3 EQU8_tabg;EQU8_tabg;G:\Steam\steamapps\common\TotallyAccurateBattlegrounds\TotallyAccurateBattlegrounds_Data\Plugins\agent.x64.equ8.exe [2018-7-4 3444216]
S3 FrameServer;Windows Camera Frame Server;C:\WINDOWS\System32\svchost.exe -k Camera [2018-4-11 51288]
S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2018-4-11 20992]
S3 GPU-Z;GPU-Z;C:\Users\squis\AppData\Local\Temp\GPU-Z.sys [2018-7-23 27008]
S3 GraphicsPerfSvc;GraphicsPerfSvc;C:\WINDOWS\System32\svchost.exe -k GraphicsPerfSvcGroup [2018-4-11 51288]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2018-4-11 50592]
S3 HvHost;HV Host Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver;C:\WINDOWS\System32\drivers\mshwnclx.sys [2018-4-11 27136]
S3 I2cHkBurn;I2cHkBurn;C:\WINDOWS\System32\drivers\I2cHkBurn.sys [2017-5-8 41760]
S3 iagpio;Intel Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iagpio.sys [2018-4-11 36864]
S3 iai2c;Intel(R) Serial IO I2C Host Controller;C:\WINDOWS\System32\drivers\iai2c.sys [2018-4-11 91648]
S3 iaLPSS2i_GPIO2;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2018-4-11 79360]
S3 iaLPSS2i_GPIO2_BXT_P;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2018-4-11 88576]
S3 iaLPSS2i_I2C;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2018-4-11 171520]
S3 iaLPSS2i_I2C_BXT_P;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2018-4-11 174592]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2018-4-11 38128]
S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2018-4-11 113152]
S3 iaStorAVC;Intel Chipset SATA RAID Controller;C:\WINDOWS\System32\drivers\iaStorAVC.sys [2018-4-11 885144]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2018-4-11 526232]
S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 IndirectKmd;Indirect Displays Kernel-Mode Driver;C:\WINDOWS\System32\drivers\IndirectKmd.sys [2018-4-11 38912]
S3 InstallService;Microsoft Store Install Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 IPT;IPT;C:\WINDOWS\System32\drivers\ipt.sys [2018-4-11 32256]
S3 IpxlatCfgSvc;IP Translation Configuration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 ItSas35i;ItSas35i;C:\WINDOWS\System32\drivers\ItSas35i.sys [2018-4-11 145816]
S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2018-4-11 124312]
S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2018-4-11 128408]
S3 lvrs64;Logitech RightSound Filter Driver;C:\WINDOWS\System32\drivers\lvrs64.sys [2012-10-26 351520]
S3 LVUVC64;@oem49.inf,%PID_082D_DD%(UVC);Logitech HD Pro Webcam C920(UVC);C:\WINDOWS\System32\drivers\lvuvc64.sys [2012-10-26 4758176]
S3 LxpSvc;Language Experience Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2018-4-11 51288]
S3 mausbhost;MA-USB Host Controller Driver;C:\WINDOWS\System32\drivers\mausbhost.sys [2018-4-11 505240]
S3 mausbip;MA-USB IP Filter Driver;C:\WINDOWS\System32\drivers\mausbip.sys [2018-4-11 56736]
S3 megasas2i;megasas2i;C:\WINDOWS\System32\drivers\MegaSas2i.sys [2018-4-11 75160]
S3 megasas35i;megasas35i;C:\WINDOWS\System32\drivers\megasas35i.sys [2018-4-11 82328]
S3 MessagingService_4c36fd3;MessagingService_4c36fd3;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2018-4-11 842648]
S3 NaturalAuthentication;Natural Authentication;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2018-4-11 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library;C:\WINDOWS\System32\drivers\NetAdapterCx.sys [2018-4-11 175104]
S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 netvsc;netvsc;C:\WINDOWS\System32\drivers\netvsc.sys [2018-4-11 197632]
S3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 NvContainerNetworkService;NVIDIA NetworkService Container;C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-7-25 764456]
S3 nvdimm;Microsoft NVDIMM device driver;C:\WINDOWS\System32\drivers\nvdimm.sys [2018-4-11 104448]
S3 NvStreamKms;NVIDIA KMS;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2018-7-29 30656]
S3 Origin Client Service;Origin Client Service;C:\Program Files (x86)\Origin\OriginClientService.exe [2017-10-4 2120032]
S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2018-4-11 58776]
S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2018-4-11 61848]
S3 PhoneSvc;Phone Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 PNPMEM;Microsoft Memory Module Driver;C:\WINDOWS\System32\drivers\pnpmem.sys [2018-4-11 16896]
S3 PrintWorkflowUserSvc_4c36fd3;PrintWorkflow_4c36fd3;C:\WINDOWS\System32\svchost.exe -k PrintWorkflow [2018-4-11 51288]
S3 PushToInstall;Windows PushToInstall Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 Ramdisk;Windows RAM Disk Driver;C:\WINDOWS\System32\drivers\ramdisk.sys [2018-4-11 39840]
S3 ReFS;ReFS;C:\WINDOWS\System32\drivers\refs.sys [2018-7-10 1921944]
S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2018-7-10 945568]
S3 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k rdxgroup [2018-4-11 51288]
S3 rhproxy;Resource Hub proxy driver;C:\WINDOWS\System32\drivers\rhproxy.sys [2018-4-11 104448]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2018-4-11 51288]
S3 scmbus;Microsoft Storage Class Memory Bus Driver;C:\WINDOWS\System32\drivers\scmbus.sys [2018-4-11 128416]
S3 SDFRd;SDF Reflector;C:\WINDOWS\System32\drivers\SDFRd.sys [2018-4-11 33176]
S3 SEMgrSvc;Payments and NFC/SE Manager;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 Sense;Windows Defender Advanced Threat Protection Service;C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2018-4-11 4737448]
S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2018-4-11 1273344]
S3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2018-4-11 154528]
S3 SharedRealitySvc;Spatial Data Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2018-4-11 51288]
S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter;C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2018-4-11 57752]
S3 spectrum;Windows Perception Service;C:\WINDOWS\System32\Spectrum.exe [2018-6-13 976384]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudmdm.sys [2017-5-18 166288]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2018-6-10 105368]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2018-7-10 48544]
S3 TieringEngineService;Storage Tiers Management;C:\WINDOWS\System32\TieringEngineService.exe [2018-4-11 303616]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2018-4-11 128512]
S3 UcmTcpciCx0101;UCM-TCPCI KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmTcpciCx.sys [2018-4-11 152576]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2018-4-11 57856]
S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2018-4-11 45056]
S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2018-4-11 282008]
S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2018-4-11 98200]
S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2018-4-11 144288]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2018-4-11 29088]
S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2018-4-11 67992]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2018-4-11 28064]
S3 VacSvc;Volumetric Audio Compositor Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2018-4-11 35328]
S3 vmgid;Microsoft Hyper-V Guest Infrastructure Driver;C:\WINDOWS\System32\drivers\vmgid.sys [2018-4-11 10240]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 vmicvmsession;Hyper-V PowerShell Direct Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
S3 WarpJITSvc;WarpJITSvc;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2018-4-11 51288]
S3 wcnfs;Windows Container Name Virtualization;C:\WINDOWS\System32\drivers\wcnfs.sys [2018-4-11 82944]
S3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2018-6-13 781824]
S3 WdmCompanionFilter;WdmCompanionFilter;C:\WINDOWS\System32\drivers\WdmCompanionFilter.sys [2018-4-11 21408]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2018-4-11 51288]
S3 WFDSConMgrSvc;Wi-Fi Direct Services Connection Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2018-4-11 32152]
S3 WinNat;Windows NAT Driver;C:\WINDOWS\System32\drivers\winnat.sys [2018-4-11 227840]
S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2018-4-11 64920]
S3 wisvc;Windows Insider Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 wlpasvc;Local Profile Assistant Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 WpcMonSvc;Parental Controls;C:\WINDOWS\System32\svchost.exe -k LocalService [2018-4-11 51288]
S3 WUDFWpdMtp;WUDFWpdMtp;C:\WINDOWS\System32\drivers\WUDFRd.sys [2018-4-11 264192]
S3 xbgm;Xbox Game Monitoring;C:\WINDOWS\System32\xbgmsvc.exe [2018-4-11 59512]
S3 XblAuthManager;Xbox Live Auth Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 XblGameSave;Xbox Live Game Save;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2018-7-10 295424]
S3 XboxGipSvc;Xbox Accessory Management Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 XboxNetApiSvc;Xbox Live Networking Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2018-4-11 46592]
S4 AppVClient;Microsoft App-V Client;C:\WINDOWS\System32\AppVClient.exe [2018-6-10 826776]
S4 hvcrash;hvcrash;C:\WINDOWS\System32\drivers\hvcrash.sys [2018-4-11 33184]
S4 shpamsvc;Shared PC Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S4 ssh-agent;OpenSSH Authentication Agent;C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [2018-4-12 495616]
S4 tzautoupdate;Auto Time Zone Updater;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S4 UevAgentDriver;UevAgentDriver;C:\WINDOWS\System32\drivers\UevAgentDriver.sys [2018-4-11 40344]
S4 UevAgentService;User Experience Virtualization Service;C:\WINDOWS\System32\AgentService.exe [2018-4-11 1189376]
.
=============== File Associations ===============
.
FileExt: .txt: Applications\WINWORD.EXE="C:\Program Files (x86)\Microsoft Office\root\Office16\Winword.exe" /n "%1" [UserChoice] [default=edit - 'Open' doesn't exist]
ShellExec: MuseScore2.exe: open="C:\Program Files (x86)\MuseScore 2\bin\MuseScore.exe" "%1"
.
=============== Created Last 30 ================
.
2018-08-01 21:46:24 14834152 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{08CB0D6E-D16D-414E-8C2A-A876FD1D4396}\mpengine.dll
2018-07-31 22:13:01 14834152 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2018-07-29 05:40:56 -------- d-----w- C:\Users\squis\AppData\Roaming\NVIDIA
2018-07-29 03:28:06 -------- d-----w- C:\Users\squis\AppData\Local\NVIDIA
2018-07-28 06:31:01 -------- d-----w- C:\AdwCleaner
2018-07-27 00:12:39 102632 ----a-w- C:\WINDOWS\System32\drivers\mwac.sys
2018-07-26 02:58:08 -------- d-----w- C:\WINDOWS\Microsoft Antimalware
2018-07-26 00:21:11 -------- d-----w- C:\Users\squis\AppData\Local\NVIDIA Corporation
2018-07-26 00:17:26 2340392 ----a-w- C:\WINDOWS\System32\nvspcap64.dll
2018-07-26 00:17:26 1936424 ----a-w- C:\WINDOWS\SysWow64\nvspcap.dll
2018-07-26 00:17:26 1311784 ----a-w- C:\WINDOWS\System32\NvRtmpStreamer64.dll
2018-07-26 00:16:48 132392 ----a-w- C:\WINDOWS\SysWow64\nvStreaming.exe
2018-07-26 00:16:43 206760 ----a-w- C:\WINDOWS\System32\nvaudcap64v.dll
2018-07-26 00:16:43 185256 ----a-w- C:\WINDOWS\SysWow64\nvaudcap32v.dll
2018-07-26 00:16:42 1951 ----a-w- C:\WINDOWS\NvTelemetryContainerRecovery.bat
2018-07-26 00:16:41 -------- d-----w- C:\Program Files (x86)\VulkanRT
2018-07-26 00:16:16 -------- d-----w- C:\WINDOWS\System32\drivers\NVIDIA Corporation\Drs
2018-07-26 00:16:16 -------- d-----w- C:\WINDOWS\System32\drivers\NVIDIA Corporation
2018-07-26 00:10:45 83240 ----a-w- C:\WINDOWS\System32\nv3dappshextr.dll
2018-07-26 00:10:45 8186102 ----a-w- C:\WINDOWS\System32\nvcoproc.bin
2018-07-26 00:10:45 633984 ----a-w- C:\WINDOWS\System32\nv3dappshext.dll
2018-07-26 00:10:45 5947328 ----a-w- C:\WINDOWS\System32\nvcpl.dll
2018-07-26 00:10:45 450960 ----a-w- C:\WINDOWS\System32\nvmctray.dll
2018-07-26 00:10:45 2612520 ----a-w- C:\WINDOWS\System32\nvsvc64.dll
2018-07-26 00:10:45 1767360 ----a-w- C:\WINDOWS\System32\nvsvcr.dll
2018-07-26 00:10:45 124200 ----a-w- C:\WINDOWS\System32\nvshext.dll
2018-07-26 00:10:35 1951 ----a-w- C:\WINDOWS\NvContainerRecovery.bat
2018-07-26 00:10:33 552480 ----a-w- C:\WINDOWS\System32\OpenCL.dll
2018-07-26 00:10:33 456608 ----a-w- C:\WINDOWS\SysWow64\OpenCL.dll
2018-07-26 00:10:18 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation
2018-07-25 23:20:26 -------- d-----w- C:\Users\squis\AppData\Local\PackageStaging
2018-07-25 23:10:30 -------- d-----w- C:\Program Files\Speccy
2018-07-25 22:57:04 95136 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Offline Scanner\MsMpCom.dll
2018-07-25 22:57:04 95128 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Offline Scanner\MpAsDesc.dll
2018-07-25 22:57:04 468888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Offline Scanner\OfflineScannerShell.exe
2018-07-25 22:57:04 455656 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Offline Scanner\MpCmdRun.exe
2018-07-25 22:57:04 444832 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Offline Scanner\MsMpRes.dll
2018-07-25 22:57:04 391576 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Offline Scanner\MpCommu.dll
2018-07-25 22:57:04 3284888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Offline Scanner\MpSvc.dll
2018-07-25 22:57:04 156056 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Offline Scanner\EppManifest.dll
2018-07-25 22:57:04 14232 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Offline Scanner\MsMpLics.dll
2018-07-25 22:57:04 1283480 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Offline Scanner\MsAsCui.exe
2018-07-25 22:57:04 105344 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Offline Scanner\MsMpEng.exe
2018-07-25 22:57:04 1034648 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Offline Scanner\MpClient.dll
2018-07-24 04:46:30 -------- d-----w- C:\Users\squis\AppData\Local\Sex_Simulator
2018-07-22 18:51:04 471120 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE16\LICLUA.EXE
2018-07-22 18:50:04 31312 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE16\Office Setup Controller\pkeyconfig.companion.dll
2018-07-22 18:36:58 213584 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
2018-07-22 16:14:54 84736 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\Pipeline.v10.0\HostSideAdapters\Microsoft.VisualStudio.Tools.Office.Word.HostAdapter.v10.0.dll
2018-07-22 16:14:54 78592 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\Pipeline.v10.0\HostSideAdapters\Microsoft.VisualStudio.Tools.Office.Excel.HostAdapter.v10.0.dll
2018-07-22 16:14:54 64240 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\Pipeline.v10.0\HostSideAdapters\Microsoft.VisualStudio.Tools.Office.HostAdapter.v10.0.dll
2018-07-22 16:14:54 42248 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\Pipeline.v10.0\HostSideAdapters\Microsoft.VisualStudio.Tools.Office.Outlook.HostAdapter.v10.0.dll
2018-07-22 16:14:54 42240 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\Pipeline.v10.0\AddInSideAdapters\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v10.0.dll
2018-07-22 16:14:54 36096 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\Pipeline.v10.0\HostSideAdapters\Microsoft.VisualStudio.Tools.Applications.HostAdapter.v10.0.dll
2018-07-22 16:14:54 36088 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\Pipeline.v10.0\AddInViews\Microsoft.VisualStudio.Tools.Applications.Runtime.v10.0.dll
2018-07-22 16:14:54 25336 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\Pipeline.v10.0\Contracts\Microsoft.VisualStudio.Tools.Applications.Contract.v10.0.dll
2018-07-22 16:14:54 24816 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\Pipeline.v10.0\Contracts\Microsoft.VisualStudio.Tools.Office.Contract.v10.0.dll
2018-07-22 13:38:48 82592 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VSTO\10.0\VSTOInstaller.exe
2018-07-22 13:38:48 49832 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VSTO\10.0\VSTOMessageProvider.dll
2018-07-22 13:38:48 269976 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
2018-07-22 13:38:48 19104 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
2018-07-22 13:38:48 117904 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VSTO\vstoee.dll
2018-07-22 13:38:48 10912 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOInstallerUI.dll
2018-07-19 06:11:32 -------- d-----w- C:\Users\squis\AppData\Local\Logitech
2018-07-19 06:09:51 18960 ----a-w- C:\WINDOWS\System32\drivers\LNonPnP.sys
2018-07-19 06:09:13 -------- d-----w- C:\Program Files\Logitech Gaming Software
2018-07-19 06:08:32 -------- d-----w- C:\Users\squis\AppData\Roaming\Logishrd
2018-07-18 02:02:40 -------- d-----w- C:\Users\squis\AppData\Local\MEGAsync
2018-07-14 19:49:47 -------- d-----w- C:\Users\squis\AppData\Roaming\mkxp
2018-07-14 19:49:47 -------- d-----w- C:\Users\squis\AppData\Roaming\dingaling
2018-07-08 0730 48360 ----a-w- C:\WINDOWS\System32\drivers\mbam.sys
2018-07-08 0727 191208 ----a-w- C:\WINDOWS\System32\drivers\MbamChameleon.sys
2018-07-08 0727 114920 ----a-w- C:\WINDOWS\System32\drivers\farflt.sys
.
==================== Find3M ====================
.
2018-07-31 22:02:53 253664 ----a-w- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
2018-07-31 04:47:44 61992 ----a-w- C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys
2018-07-31 04:47:44 46584 ----a-w- C:\WINDOWS\System32\drivers\wd\WdBoot.sys
2018-07-31 04:47:44 340008 ----a-w- C:\WINDOWS\System32\drivers\wd\WdFilter.sys
2018-07-17 08:17:46 152688 ----a-w- C:\WINDOWS\System32\drivers\mbae64.sys
2018-07-16 23:15:46 563832 ------w- C:\WINDOWS\System32\MpSigStub.exe
2018-07-06 14:20:55 792472 ----a-w- C:\WINDOWS\System32\generaltel.dll
2018-07-06 14:20:50 1610648 ----a-w- C:\WINDOWS\System32\appraiser.dll
2018-07-06 14:20:49 2868640 ----a-w- C:\WINDOWS\System32\aitstatic.exe
2018-07-06 14:20:45 689560 ----a-w- C:\WINDOWS\System32\aeinv.dll
2018-07-06 14:20:45 451992 ----a-w- C:\WINDOWS\System32\invagent.dll
2018-07-06 14:20:44 612248 ----a-w- C:\WINDOWS\System32\devinv.dll
2018-07-06 14:20:44 309664 ----a-w- C:\WINDOWS\System32\acmigration.dll
2018-07-06 14:20:43 70040 ----a-w- C:\WINDOWS\System32\win32appinventorycsp.dll
2018-07-06 14:20:43 144792 ----a-w- C:\WINDOWS\System32\CompatTelRunner.exe
2018-07-06 14:17:10 3932672 ----a-w- C:\WINDOWS\explorer.exe
2018-07-06 14:15:25 2266520 ----a-w- C:\WINDOWS\System32\AppVEntSubsystems64.dll
2018-07-06 14:14:29 541592 ----a-w- C:\WINDOWS\System32\pcasvc.dll
2018-07-06 13:56:43 4708864 ----a-w- C:\WINDOWS\System32\twinui.pcshell.dll
2018-07-06 13:53:56 386048 ----a-w- C:\WINDOWS\System32\zipfldr.dll
2018-07-06 13:53:52 409088 ----a-w- C:\WINDOWS\System32\SettingsEnvironment.Desktop.dll
2018-07-06 13:53:16 340992 ----a-w- C:\WINDOWS\System32\AcGenral.dll
2018-07-06 13:53:00 672768 ----a-w- C:\WINDOWS\System32\gpprefcl.dll
2018-07-06 13:52:59 677376 ----a-w- C:\WINDOWS\System32\winlogon.exe
2018-07-06 13:52:15 1787392 ----a-w- C:\WINDOWS\System32\wsp_health.dll
2018-07-06 13:51:57 2051584 ----a-w- C:\WINDOWS\System32\wsp_fs.dll
2018-07-06 13:51:35 3652608 ----a-w- C:\WINDOWS\System32\win32kfull.sys
2018-07-06 13:51:20 1364992 ----a-w- C:\WINDOWS\System32\bcastdvruserservice.dll
2018-07-06 13:51:10 1004032 ----a-w- C:\WINDOWS\System32\clusapi.dll
2018-07-06 13:50:59 615424 ----a-w- C:\WINDOWS\System32\resutils.dll
2018-07-06 13:49:37 91136 ----a-w- C:\WINDOWS\System32\mcbuilder.exe
2018-07-06 12:12:31 1539000 ----a-w- C:\WINDOWS\SysWow64\AppVEntSubsystems32.dll
2018-07-06 1244 3611368 ----a-w- C:\WINDOWS\SysWow64\explorer.exe
2018-07-06 11:54:36 485376 ----a-w- C:\WINDOWS\SysWow64\resutils.dll
2018-07-06 11:53:54 565248 ----a-w- C:\WINDOWS\SysWow64\gpprefcl.dll
2018-07-06 11:53:40 775168 ----a-w- C:\WINDOWS\SysWow64\clusapi.dll
2018-07-06 11:53:11 347136 ----a-w- C:\WINDOWS\SysWow64\zipfldr.dll
2018-07-06 11:52:47 1308160 ----a-w- C:\WINDOWS\SysWow64\wsp_health.dll
2018-07-06 11:52:34 1452544 ----a-w- C:\WINDOWS\SysWow64\wsp_fs.dll
2018-07-06 11:52:25 2895360 ----a-w- C:\WINDOWS\SysWow64\win32kfull.sys
2018-07-06 11:51:26 2401280 ----a-w- C:\WINDOWS\SysWow64\AcGenral.dll
2018-07-06 11:51:10 80384 ----a-w- C:\WINDOWS\SysWow64\mcbuilder.exe
2018-07-06 11:26:02 19525120 ----a-w- C:\WINDOWS\System32\HologramCompositor.dll
2018-07-06 11:25:19 23863296 ----a-w- C:\WINDOWS\System32\Hydrogen.dll
2018-07-06 11:01:54 1008640 ----a-w- C:\WINDOWS\System32\Windows.Media.MixedRealityCapture.dll
2018-07-06 07:32:09 480672 ----a-w- C:\WINDOWS\System32\dcntel.dll
2018-07-06 07:31:58 462752 ----a-w- C:\WINDOWS\System32\aepic.dll
2018-07-06 07:31:57 35232 ----a-w- C:\WINDOWS\System32\DeviceCensus.exe
2018-07-06 07:29:56 272296 ----a-w- C:\WINDOWS\System32\SgrmEnclave.dll
2018-07-06 07:29:55 269224 ----a-w- C:\WINDOWS\System32\SgrmEnclave_secure.dll
2018-07-06 07:27:29 1174432 ----a-w- C:\WINDOWS\System32\hvix64.exe
2018-07-06 07:27:27 567176 ----a-w- C:\WINDOWS\System32\tcblaunch.exe
2018-07-06 07:27:27 1063320 ----a-w- C:\WINDOWS\System32\SecConfig.efi
2018-07-06 07:27:27 1012632 ----a-w- C:\WINDOWS\System32\hvax64.exe
2018-07-06 07:27:19 57440 ----a-w- C:\WINDOWS\System32\Windows.Internal.ShellCommon.Broker.dll
2018-07-06 07:27:15 134552 ----a-w- C:\WINDOWS\System32\hvloader.dll
2018-07-06 07:27:00 709824 ----a-w- C:\WINDOWS\System32\drivers\cng.sys
2018-07-06 07:26:26 2712992 ----a-w- C:\WINDOWS\System32\drivers\tcpip.sys
2018-07-06 07:26:19 930720 ----a-w- C:\WINDOWS\System32\WWAHost.exe
2018-07-06 07:26:15 170912 ----a-w- C:\WINDOWS\System32\drivers\ksecpkg.sys
2018-07-06 07:26:01 1148800 ----a-w- C:\WINDOWS\System32\mfsvr.dll
2018-07-06 07:25:59 2420632 ----a-w- C:\WINDOWS\System32\drivers\ntfs.sys
2018-07-06 07:25:54 2571728 ----a-w- C:\WINDOWS\System32\KernelBase.dll
2018-07-06 07:25:51 1945784 ----a-w- C:\WINDOWS\System32\ntdll.dll
2018-07-06 07:25:50 267680 ----a-w- C:\WINDOWS\System32\browserbroker.dll
2018-07-06 07:25:48 335776 ----a-w- C:\WINDOWS\System32\moshostcore.dll
2018-07-06 07:25:47 885856 ----a-w- C:\WINDOWS\System32\CoreMessaging.dll
2018-07-06 07:25:45 9147808 ----a-w- C:\WINDOWS\System32\ntoskrnl.exe
2018-07-06 07:25:38 483048 ----a-w- C:\WINDOWS\System32\ucrtbase_enclave.dll
2018-07-06 07:25:38 1018616 ----a-w- C:\WINDOWS\System32\ucrtbase.dll
2018-07-06 07:25:37 139672 ----a-w- C:\WINDOWS\System32\drivers\ksecdd.sys
2018-07-06 07:25:33 1026464 ----a-w- C:\WINDOWS\System32\drivers\http.sys
2018-07-06 07:24:39 380824 ----a-w- C:\WINDOWS\SysWow64\aepic.dll
2018-07-06 07:16:47 567144 ----a-w- C:\WINDOWS\SysWow64\CoreMessaging.dll
2018-07-06 07:14:28 1981896 ----a-w- C:\WINDOWS\SysWow64\KernelBase.dll
2018-07-06 07:14:19 829856 ----a-w- C:\WINDOWS\SysWow64\WWAHost.exe
2018-07-06 07:14:09 988640 ----a-w- C:\WINDOWS\SysWow64\mfsvr.dll
2018-07-06 07:14:09 1175568 ----a-w- C:\WINDOWS\SysWow64\ucrtbase.dll
2018-07-06 07:13:57 1620872 ----a-w- C:\WINDOWS\SysWow64\ntdll.dll
2018-07-06 07:10:15 25845760 ----a-w- C:\WINDOWS\System32\edgehtml.dll
2018-07-06 07:07:07 22006272 ----a-w- C:\WINDOWS\SysWow64\edgehtml.dll
2018-07-06 07:03:04 4371456 ----a-w- C:\WINDOWS\System32\EdgeContent.dll
2018-07-06 07:02:46 9084928 ----a-w- C:\WINDOWS\System32\BingMaps.dll
2018-07-06 07:01:56 7057408 ----a-w- C:\WINDOWS\System32\mos.dll
2018-07-06 07:01:23 5883904 ----a-w- C:\WINDOWS\SysWow64\mos.dll
2018-07-06 07:01:13 14848 ----a-w- C:\WINDOWS\System32\MapsBtSvcProxy.dll
2018-07-06 07:01:01 104448 ----a-w- C:\WINDOWS\System32\NotificationControllerPS.dll
2018-07-06 07:00:53 94720 ----a-w- C:\WINDOWS\System32\MapsCSP.dll
2018-07-06 07:00:41 29696 ----a-w- C:\WINDOWS\System32\MapsTelemetry.dll
2018-07-06 07:00:32 92672 ----a-w- C:\WINDOWS\System32\MosHostClient.dll
2018-07-06 07:00:22 18944 ----a-w- C:\WINDOWS\System32\nativemap.dll
2018-07-06 07:00:04 151040 ----a-w- C:\WINDOWS\System32\MapsBtSvc.dll
2018-07-06 07:00:03 53248 ----a-w- C:\WINDOWS\System32\mapstoasttask.dll
2018-07-06 06:59:58 41984 ----a-w- C:\WINDOWS\System32\mapsupdatetask.dll
2018-07-06 06:59:57 86528 ----a-w- C:\WINDOWS\System32\MosStorage.dll
2018-07-06 06:59:46 3381248 ----a-w- C:\WINDOWS\System32\MapRouter.dll
2018-07-06 06:59:39 453632 ----a-w- C:\WINDOWS\System32\cloudAP.dll
2018-07-06 06:59:35 48128 ----a-w- C:\WINDOWS\System32\tokenbinding.dll
2018-07-06 06:59:23 200192 ----a-w- C:\WINDOWS\System32\SettingsHandlers_Geolocation.dll
2018-07-06 06:59:22 334336 ----a-w- C:\WINDOWS\System32\NmaDirect.dll
.
============= FINISH: 19:18:10.73 ===============
Attached Files
File Type: txt attach.txt (18.7 KB, 5 views)
anonalchemist is offline  
Sponsored Links
Advertisement
 
Old 08-02-2018, 07:33 PM   #2
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar

Microsoft Most Valuable Professional
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,790
OS: XP/Win7/Win10



Hello and Welcome to TSF.

If you haven't already, please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.

Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.

------------------------------------------------------

Please download AdwCleaner from here and save it to your desktop.
  • Run AdwCleaner and select Scan Now
  • Once the Scan is done, select Clean & Repair
  • When prompted, select Clean & Restart Now
  • On reboot, a log will be produced. It can also be found at C:\AdwCleaner\Logs\AdwCleaner[C0#].txt
  • Please copy/paste the contents of the log in your next reply.
------------------------------------------------------

Please download Farbar Recovery Scan Tool and save it to your desktop.
  • Double-click FRST64 to run it. When the tool opens click Yes to the disclaimer.
  • Make sure the Addition.txt button is ticked.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • It also makes another log (Addition.txt). Please attach it to your reply.
------------------------------------------------------
__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
Old 08-03-2018, 10:39 AM   #3
Registered Member
 
Join Date: Apr 2012
Posts: 29
OS: Win XP Sp3



Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02.08.2018
Ran by squis (administrator) on DESKTOP-Q92O4BI (03-08-2018 13:37:37)
Running from E:\Downloads
Loaded Profiles: squis (Available Profiles: squis)
Platform: Windows 10 Pro Version 1803 17134.165 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: https://www.geekstogo.com/forum/topi...ery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1807.18075-0\MsMpEng.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1807.18075-0\NisSrv.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
() C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(H.D.S. Hungary) C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe
(Microsoft Corporation) C:\Windows\System32\InputMethod\CHS\ChsIME.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(A-Volute) C:\Program Files\Nahimic\Nahimic VR\Foundation\NahimicVRSvc32.exe
(A-Volute) C:\Program Files\Nahimic\Nahimic VR\Foundation\x64\NahimicVRSvc64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Estmob Inc.) C:\Program Files (x86)\Send Anywhere\Send Anywhere.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\ArxApplets\Discord\logitechg_discord.exe
(Estmob Inc.) C:\Program Files (x86)\Send Anywhere\Send Anywhere.exe
(Estmob Inc.) C:\Program Files (x86)\Send Anywhere\Send Anywhere.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ShareX Team) C:\Program Files\ShareX\ShareX.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) E:\Downloads\FRST64 (1).exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Corporation)
HKLM\...\Run: [NahimicVRSvc32] => C:\Program Files\Nahimic\Nahimic VR\Foundation\NahimicVRSvc32.exe [985784 2017-04-04] (A-Volute)
HKLM\...\Run: [NahimicVRSvc64] => C:\Program Files\Nahimic\Nahimic VR\Foundation\x64\NahimicVRSvc64.exe [1142456 2017-04-04] (A-Volute)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [316392 2018-05-11] (Adobe Systems, Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9192960 2017-05-05] (Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [18630280 2018-05-07] (Logitech Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2409944 2018-06-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-21-2764327516-4005678066-3595614337-1001\...\Run: [OneDrive] => "C:\Users\squis\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
HKU\S-1-5-21-2764327516-4005678066-3595614337-1001\...\Run: [SendAnywhere] => C:\Program Files (x86)\Send Anywhere\Send Anywhere.exe [56263272 2018-01-26] (Estmob Inc.)
Startup: C:\Users\squis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ShareX.lnk [2018-06-27]
ShortcutTarget: ShareX.lnk -> C:\Program Files\ShareX\ShareX.exe (ShareX Team)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 208.67.222.222 208.67.220.220
Tcpip\..\Interfaces\{4819c6a7-3b09-4646-ba9a-43e1354b9935}: [DhcpNameServer] 192.168.2.1 207.164.234.129
Tcpip\..\Interfaces\{531419f4-0591-40b5-8d4c-449a71d3612c}: [NameServer] 208.67.222.222,208.67.220.220
Tcpip\..\Interfaces\{531419f4-0591-40b5-8d4c-449a71d3612c}: [DhcpNameServer] 208.67.222.222 208.67.220.220
Tcpip\..\Interfaces\{580fc6f8-38d2-4c55-a4fa-cf424f8843e1}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{5dd26fc4-6669-40c1-9e0a-42b96559db66}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{afdb1cfb-e56a-4afd-939e-a8ca4b92130e}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2017-03-28] (IObit)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-07-29] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-04-29] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-07-29] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-07-29] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-07-29] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-07-29] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: mupswn1j.default
FF ProfilePath: C:\Users\squis\AppData\Roaming\Mozilla\Firefox\Profiles\mupswn1j.default [2018-07-25]
FF Plugin: @microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-06-22] (Adobe Systems)
FF Plugin-x32: @Adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll [2017-07-10] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-04-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-03-02] (Microsoft Corporation)
FF Plugin-x32: @Nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-05-22] (NVIDIA Corporation)
FF Plugin-x32: @Nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-05-22] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-07-31] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-06-22] (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Users\squis\AppData\Roaming\mozilla\plugins\npatgpc.dll [2017-05-31] (Cisco WebEx LLC)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://intranet.collinsbarrowtoronto.com
CHR StartupUrls: Default -> "hxxp://intranet.collinsbarrowtoronto.com"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\squis\AppData\Local\Google\Chrome\User Data\Default [2018-08-03]
CHR Extension: (Slides) - C:\Users\squis\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Flash Video Downloader) - C:\Users\squis\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc [2018-02-24]
CHR Extension: (BetterTTV) - C:\Users\squis\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2017-11-20]
CHR Extension: (Docs) - C:\Users\squis\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\squis\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-05-05]
CHR Extension: (YouTube) - C:\Users\squis\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-05-05]
CHR Extension: (Honey) - C:\Users\squis\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2018-07-08]
CHR Extension: (uBlock Origin) - C:\Users\squis\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2018-07-20]
CHR Extension: (Sheets) - C:\Users\squis\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Chrome Remote Desktop) - C:\Users\squis\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2018-07-18]
CHR Extension: (Google Docs Offline) - C:\Users\squis\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-05-05]
CHR Extension: (Google Keep - notes and lists) - C:\Users\squis\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2018-07-03]
CHR Extension: (Cisco Webex Extension) - C:\Users\squis\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2018-07-06]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\squis\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2018-06-29]
CHR Extension: (Lazarus: Form Recovery) - C:\Users\squis\AppData\Local\Google\Chrome\User Data\Default\Extensions\loljledaigphbcpfhfmgopdkppkifgno [2017-11-08]
CHR Extension: (Chrome Web Store Payments) - C:\Users\squis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\squis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-05-05]
CHR Extension: (Chrome Media Router) - C:\Users\squis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-08-03]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818128 2018-06-22] (Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2321384 2018-05-11] (Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2128872 2018-05-11] (Adobe Systems, Incorporated)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6875688 2018-07-29] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8851496 2018-07-22] (Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [774312 2018-03-11] (EasyAntiCheat Ltd)
S3 EQU8_tabg; G:\Steam\steamapps\common\TotallyAccurateBattlegrounds\TotallyAccurateBattlegrounds_Data\Plugins\agent.x64.equ8.exe [3444216 2018-07-04] (Int3 Software AB)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2018-06-11] (Hi-Rez Studios) [File not signed]
R2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [360736 2017-03-28] (IObit)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [206472 2018-05-07] (Logitech Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764456 2018-07-19] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764456 2018-07-19] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2120032 2017-10-04] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3000168 2017-10-04] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2017-05-27] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [189248 2017-05-27] ()
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4737448 2018-04-12] (Microsoft Corporation)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11293936 2018-04-03] (TeamViewer GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\NisSrv.exe [3905952 2018-07-31] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MsMpEng.exe [110944 2018-07-31] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdgpio2; C:\WINDOWS\System32\drivers\amdgpio2.sys [43400 2017-03-02] (Advanced Micro Devices, Inc)
R3 amdgpio3; C:\WINDOWS\System32\drivers\amdgpio3.sys [24424 2016-08-13] (Advanced Micro Devices, Inc)
S3 amdkmcsp; C:\WINDOWS\system32\DRIVERS\amdkmcsp.sys [95080 2017-06-12] (Advanced Micro Devices, Inc. )
R3 AMDPCIDev; C:\WINDOWS\System32\drivers\AMDPCIDev.sys [31592 2018-04-25] (Advanced Micro Devices)
R1 amdpsp; C:\WINDOWS\system32\DRIVERS\amdpsp.sys [239976 2017-06-12] (Advanced Micro Devices, Inc. )
R3 CMUSBDAC; C:\WINDOWS\system32\DRIVERS\CMUSBDAC.sys [3792904 2016-11-30] (C-MEDIA)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [152688 2018-07-17] (Malwarebytes)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [27552 2017-05-07] (REALiX(tm))
S3 I2cHkBurn; C:\WINDOWS\system32\drivers\I2cHkBurn.sys [41760 2015-07-27] (FINTEK Corp.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2018-05-07] (Logitech Inc.)
R3 LGSHidFilt; C:\WINDOWS\system32\DRIVERS\LGSHidFilt.Sys [64280 2018-05-07] (Logitech Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [191208 2018-07-25] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [114920 2018-08-03] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [48360 2018-08-03] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253664 2018-08-03] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [102632 2018-08-03] (Malwarebytes)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_f32bf428bbff8aa5\nvlddmkm.sys [17194584 2018-05-23] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30656 2018-07-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69544 2018-06-07] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [65792 2018-04-24] (NVIDIA Corporation)
R3 Phosgene; C:\WINDOWS\system32\DRIVERS\Phosgene.sys [34136 2015-09-02] (Adoriasoft LLC)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [984032 2017-06-05] (Realtek )
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2017-08-27] ()
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
U5 vwifimp; C:\Windows\System32\Drivers\vwifimp.sys [44544 2018-04-11] (Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46584 2018-07-31] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [340008 2018-07-31] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [61992 2018-07-31] (Microsoft Corporation)
S3 GPU-Z; \??\C:\Users\squis\AppData\Local\Temp\GPU-Z.sys [X] <==== ATTENTION

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

Error(1) reading file: "C:\s6r8."
Error(1) reading file: "C:\s5m0."
2018-08-03 13:36 - 2018-08-03 13:37 - 000000000 ____D C:\FRST
2018-08-03 13:35 - 2018-08-03 13:35 - 000001836 _____ C:\Users\squis\Desktop\AdwCleaner[C04].txt
2018-08-03 13:35 - 2018-08-03 13:35 - 000000162 ____H C:\Users\squis\Desktop\~$wCleaner[C04].txt
2018-08-02 21:07 - 2018-08-02 20:38 - 035784718 _____ C:\Users\squis\Desktop\20180802_203825.mp4
2018-08-02 21:07 - 2018-07-29 23:45 - 036529061 _____ C:\Users\squis\Desktop\20180729_234526.mp4
2018-08-01 20:16 - 2018-08-01 20:16 - 000000162 ____H C:\Users\squis\Desktop\~$dds.txt
2018-08-01 19:18 - 2018-08-01 19:18 - 000057533 _____ C:\Users\squis\Desktop\dds.txt
2018-08-01 19:18 - 2018-08-01 19:18 - 000019196 _____ C:\Users\squis\Desktop\attach.txt
2018-07-29 10:11 - 2018-07-29 10:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2018-07-29 01:40 - 2018-07-29 01:40 - 000000000 ____D C:\Users\squis\Documents\BlackSquad
2018-07-29 01:40 - 2018-07-29 01:40 - 000000000 ____D C:\Users\squis\AppData\Roaming\NVIDIA
2018-07-28 23:28 - 2018-07-28 23:28 - 000000000 ____D C:\Users\squis\AppData\Local\NVIDIA
2018-07-28 02:31 - 2018-07-28 02:32 - 000000000 ____D C:\AdwCleaner
2018-07-27 17:31 - 2018-07-27 17:31 - 000001302 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2018-07-27 17:31 - 2018-07-27 17:31 - 000001290 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2018-07-26 20:12 - 2018-08-03 13:34 - 000102632 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2018-07-25 23:01 - 2018-08-03 13:33 - 104595456 _____ C:\WINDOWS\system32\config\SOFTWARE
2018-07-25 22:58 - 2018-07-25 23:01 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2018-07-25 20:21 - 2018-07-29 00:09 - 000000000 ____D C:\Users\squis\AppData\Local\NVIDIA Corporation
2018-07-25 20:17 - 2018-07-25 20:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2018-07-25 20:17 - 2018-07-19 16:20 - 002340392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2018-07-25 20:17 - 2018-07-19 16:20 - 001936424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2018-07-25 20:17 - 2018-07-19 16:20 - 001311784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2018-07-25 20:16 - 2018-07-25 20:16 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2018-07-25 20:16 - 2018-07-25 20:16 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2018-07-25 20:16 - 2018-07-19 13:44 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2018-07-25 20:16 - 2018-06-27 20:26 - 000206760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2018-07-25 20:16 - 2018-06-27 20:26 - 000185256 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2018-07-25 20:16 - 2018-05-22 16:09 - 000132392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2018-07-25 20:14 - 2018-06-07 21:59 - 000069544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2018-07-25 20:14 - 2018-05-23 14:21 - 040347168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2018-07-25 20:14 - 2018-05-23 14:21 - 035250536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2018-07-25 20:14 - 2018-05-23 14:21 - 031278392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2018-07-25 20:14 - 2018-05-23 14:21 - 025991448 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2018-07-25 20:14 - 2018-05-23 14:21 - 013727792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2018-07-25 20:14 - 2018-05-23 14:21 - 011273120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2018-07-25 20:14 - 2018-05-23 14:21 - 004350392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2018-07-25 20:14 - 2018-05-23 14:21 - 003760672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2018-07-25 20:14 - 2018-05-23 14:21 - 002013784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6439793.dll
2018-07-25 20:14 - 2018-05-23 14:21 - 001563584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2018-07-25 20:14 - 2018-05-23 14:21 - 001467808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6439793.dll
2018-07-25 20:14 - 2018-05-23 14:21 - 001419296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2018-07-25 20:14 - 2018-05-23 14:21 - 001357000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2018-07-25 20:14 - 2018-05-23 14:21 - 001216952 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2018-07-25 20:14 - 2018-05-23 14:21 - 001157208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2018-07-25 20:14 - 2018-05-23 14:21 - 001092184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2018-07-25 20:14 - 2018-05-23 14:21 - 001069416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2018-07-25 20:14 - 2018-05-23 14:21 - 001063400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2018-07-25 20:14 - 2018-05-23 14:21 - 000904896 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2018-07-25 20:14 - 2018-05-23 14:21 - 000814424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2018-07-25 20:14 - 2018-05-23 14:21 - 000749472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2018-07-25 20:14 - 2018-05-23 14:21 - 000652344 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2018-07-25 20:14 - 2018-05-23 14:21 - 000634576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2018-07-25 20:14 - 2018-05-23 14:21 - 000627232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2018-07-25 20:14 - 2018-05-23 14:21 - 000608160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2018-07-25 20:14 - 2018-05-23 14:21 - 000518072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2018-07-25 20:14 - 2018-05-23 14:20 - 017784432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2018-07-25 20:14 - 2018-05-23 14:20 - 015195248 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2018-07-25 20:14 - 2018-05-23 14:20 - 004125048 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2018-07-25 20:14 - 2018-05-22 18:00 - 000227928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2018-07-25 20:14 - 2018-05-22 18:00 - 000047648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2018-07-25 20:14 - 2018-04-24 13:29 - 000065792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2018-07-25 20:10 - 2018-08-03 13:36 - 000000000 ____D C:\ProgramData\NVIDIA
2018-07-25 20:10 - 2018-07-29 22:41 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-07-25 20:10 - 2018-05-23 14:22 - 000552480 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2018-07-25 20:10 - 2018-05-23 14:22 - 000456608 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2018-07-25 20:10 - 2018-05-22 15:58 - 002612520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2018-07-25 20:10 - 2018-05-22 15:57 - 005947328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2018-07-25 20:10 - 2018-05-22 15:57 - 001767360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2018-07-25 20:10 - 2018-05-22 15:57 - 000633984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2018-07-25 20:10 - 2018-05-22 15:57 - 000450960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2018-07-25 20:10 - 2018-05-22 15:57 - 000124200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2018-07-25 20:10 - 2018-05-22 15:57 - 000083240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2018-07-25 20:10 - 2018-05-22 02:43 - 008186102 _____ C:\WINDOWS\system32\nvcoproc.bin
2018-07-25 20:10 - 2018-04-27 03:12 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2018-07-25 20:06 - 2018-07-25 20:08 - 000324632 _____ C:\WINDOWS\ntbtlog.txt
2018-07-25 19:39 - 2018-07-25 19:39 - 000606368 _____ C:\Users\squis\Desktop\DESKTOP-Q92O4BI-2018-07-25_193843_75.zip
2018-07-25 19:20 - 2018-07-25 19:20 - 000000000 ____D C:\Users\squis\AppData\Local\PackageStaging
2018-07-25 19:10 - 2018-07-25 19:10 - 000000837 _____ C:\Users\squis\Desktop\Speccy.lnk
2018-07-25 19:10 - 2018-07-25 19:10 - 000000000 ____D C:\Program Files\Speccy
2018-07-25 19:08 - 2018-07-25 19:08 - 000965382 _____ C:\Users\squis\Documents\SysnativeFileCollectionApp.zip
2018-07-25 19:07 - 2018-07-25 19:17 - 000000000 ____D C:\Users\squis\Documents\SysnativeFileCollectionApp
2018-07-25 18:43 - 2018-07-25 09:31 - 000957948 _____ C:\Users\squis\Desktop\072518-9640-01.dmp
2018-07-24 00:46 - 2018-07-24 00:46 - 000000000 ____D C:\Users\squis\AppData\Local\Sex_Simulator
2018-07-21 01:17 - 2018-07-21 01:12 - 826276949 _____ C:\Users\squis\Desktop\MEMORY.DMP
2018-07-21 01:12 - 2018-07-26 19:46 - 000000000 ____D C:\WINDOWS\Minidump
2018-07-19 02:11 - 2018-07-19 20:22 - 000000000 ____D C:\Users\squis\AppData\Local\Logitech
2018-07-19 02:11 - 2018-07-19 02:11 - 000000000 ____D C:\ProgramData\LogiShrd
2018-07-19 02:09 - 2018-07-29 00:53 - 000018960 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys
2018-07-19 02:09 - 2018-07-19 02:10 - 000000000 ____D C:\Program Files\Logitech Gaming Software
2018-07-19 02:09 - 2018-07-19 02:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2018-07-19 02:08 - 2018-07-19 02:08 - 000000000 ____D C:\Users\squis\AppData\Roaming\Logitech
2018-07-19 02:08 - 2018-07-19 02:08 - 000000000 ____D C:\Users\squis\AppData\Roaming\Logishrd
2018-07-17 22:03 - 2018-07-17 22:03 - 000000000 ____D C:\WINDOWS\System32\Tasks\MEGA
2018-07-17 22:02 - 2018-07-17 22:02 - 000001174 _____ C:\Users\squis\Desktop\MEGAsync.lnk
2018-07-17 22:02 - 2018-07-17 22:02 - 000000000 ____D C:\Users\squis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEGAsync
2018-07-17 22:02 - 2018-07-17 22:02 - 000000000 ____D C:\Users\squis\AppData\Local\MEGAsync
2018-07-16 20:10 - 2018-07-16 20:10 - 000000000 ____D C:\Users\squis\AppData\LocalLow\VRGEN
2018-07-14 15:55 - 2018-07-14 15:55 - 000000222 _____ C:\Users\squis\Desktop\LISA.url
2018-07-14 15:49 - 2018-07-14 15:49 - 000000000 ____D C:\Users\squis\AppData\Roaming\mkxp
2018-07-14 15:49 - 2018-07-14 15:49 - 000000000 ____D C:\Users\squis\AppData\Roaming\dingaling
2018-07-14 06:00 - 2018-07-29 10:11 - 000002435 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2018-07-10 23:43 - 2018-07-06 10:20 - 002868640 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-07-10 23:43 - 2018-07-06 10:20 - 001610648 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-07-10 23:43 - 2018-07-06 10:20 - 000792472 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-07-10 23:43 - 2018-07-06 10:20 - 000689560 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-07-10 23:43 - 2018-07-06 10:20 - 000612248 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-07-10 23:43 - 2018-07-06 10:20 - 000451992 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-07-10 23:43 - 2018-07-06 10:20 - 000309664 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-07-10 23:43 - 2018-07-06 10:20 - 000144792 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-07-10 23:43 - 2018-07-06 10:20 - 000070040 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2018-07-10 23:43 - 2018-07-06 10:17 - 003932672 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2018-07-10 23:43 - 2018-07-06 10:15 - 002266520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2018-07-10 23:43 - 2018-07-06 10:14 - 000541592 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-07-10 23:43 - 2018-07-06 09:56 - 004708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2018-07-10 23:43 - 2018-07-06 09:53 - 000672768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpprefcl.dll
2018-07-10 23:43 - 2018-07-06 09:53 - 000409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2018-07-10 23:43 - 2018-07-06 09:53 - 000386048 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2018-07-10 23:43 - 2018-07-06 09:53 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2018-07-10 23:43 - 2018-07-06 09:52 - 001787392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2018-07-10 23:43 - 2018-07-06 09:52 - 000677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2018-07-10 23:43 - 2018-07-06 09:51 - 003652608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-07-10 23:43 - 2018-07-06 09:51 - 002051584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2018-07-10 23:43 - 2018-07-06 09:51 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2018-07-10 23:43 - 2018-07-06 09:51 - 001004032 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2018-07-10 23:43 - 2018-07-06 09:51 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-07-10 23:43 - 2018-07-06 09:50 - 000615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2018-07-10 23:43 - 2018-07-06 09:49 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2018-07-10 23:43 - 2018-07-06 08:12 - 001539000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2018-07-10 23:43 - 2018-07-06 08:06 - 003611368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2018-07-10 23:43 - 2018-07-06 07:54 - 000485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2018-07-10 23:43 - 2018-07-06 07:54 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-07-10 23:43 - 2018-07-06 07:53 - 000775168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2018-07-10 23:43 - 2018-07-06 07:53 - 000565248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpprefcl.dll
2018-07-10 23:43 - 2018-07-06 07:53 - 000347136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2018-07-10 23:43 - 2018-07-06 07:52 - 002895360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-07-10 23:43 - 2018-07-06 07:52 - 001452544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2018-07-10 23:43 - 2018-07-06 07:52 - 001308160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2018-07-10 23:43 - 2018-07-06 07:51 - 002401280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2018-07-10 23:43 - 2018-07-06 07:51 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2018-07-10 23:43 - 2018-07-06 07:26 - 019525120 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2018-07-10 23:43 - 2018-07-06 07:25 - 023863296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2018-07-10 23:43 - 2018-07-06 07:01 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2018-07-10 23:43 - 2018-07-06 03:32 - 000480672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-07-10 23:43 - 2018-07-06 03:31 - 000462752 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-07-10 23:43 - 2018-07-06 03:31 - 000035232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2018-07-10 23:43 - 2018-07-06 03:29 - 000272296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-07-10 23:43 - 2018-07-06 03:29 - 000269224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-07-10 23:43 - 2018-07-06 03:27 - 001174432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-07-10 23:43 - 2018-07-06 03:27 - 001063320 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-07-10 23:43 - 2018-07-06 03:27 - 001012632 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-07-10 23:43 - 2018-07-06 03:27 - 000709824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-07-10 23:43 - 2018-07-06 03:27 - 000567176 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2018-07-10 23:43 - 2018-07-06 03:27 - 000134552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-07-10 23:43 - 2018-07-06 03:27 - 000057440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.ShellCommon.Broker.dll
2018-07-10 23:43 - 2018-07-06 03:26 - 002712992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-07-10 23:43 - 2018-07-06 03:26 - 001148800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2018-07-10 23:43 - 2018-07-06 03:26 - 000930720 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2018-07-10 23:43 - 2018-07-06 03:26 - 000766608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2018-07-10 23:43 - 2018-07-06 03:26 - 000170912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-07-10 23:43 - 2018-07-06 03:25 - 009147808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-07-10 23:43 - 2018-07-06 03:25 - 002753040 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-07-10 23:43 - 2018-07-06 03:25 - 002571728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-07-10 23:43 - 2018-07-06 03:25 - 002420632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-07-10 23:43 - 2018-07-06 03:25 - 001945784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-07-10 23:43 - 2018-07-06 03:25 - 001026464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-07-10 23:43 - 2018-07-06 03:25 - 001018616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2018-07-10 23:43 - 2018-07-06 03:25 - 000885856 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-07-10 23:43 - 2018-07-06 03:25 - 000483048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-07-10 23:43 - 2018-07-06 03:25 - 000335776 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2018-07-10 23:43 - 2018-07-06 03:25 - 000267680 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-07-10 23:43 - 2018-07-06 03:25 - 000139672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2018-07-10 23:43 - 2018-07-06 03:24 - 000380824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2018-07-10 23:43 - 2018-07-06 03:16 - 000567144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-07-10 23:43 - 2018-07-06 03:14 - 002242208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-07-10 23:43 - 2018-07-06 03:14 - 001981896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-07-10 23:43 - 2018-07-06 03:14 - 001175568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2018-07-10 23:43 - 2018-07-06 03:14 - 000988640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2018-07-10 23:43 - 2018-07-06 03:14 - 000829856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2018-07-10 23:43 - 2018-07-06 03:14 - 000573904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2018-07-10 23:43 - 2018-07-06 03:13 - 001620872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-07-10 23:43 - 2018-07-06 03:10 - 025845760 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-07-10 23:43 - 2018-07-06 03:07 - 022006272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-07-10 23:43 - 2018-07-06 03:04 - 022713856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-07-10 23:43 - 2018-07-06 03:03 - 004371456 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-07-10 23:43 - 2018-07-06 03:02 - 009084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2018-07-10 23:43 - 2018-07-06 03:01 - 007057408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2018-07-10 23:43 - 2018-07-06 03:01 - 005883904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2018-07-10 23:43 - 2018-07-06 03:01 - 000104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2018-07-10 23:43 - 2018-07-06 03:01 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll
2018-07-10 23:43 - 2018-07-06 03:00 - 019403264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-07-10 23:43 - 2018-07-06 03:00 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2018-07-10 23:43 - 2018-07-06 03:00 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2018-07-10 23:43 - 2018-07-06 03:00 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2018-07-10 23:43 - 2018-07-06 03:00 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll
2018-07-10 23:43 - 2018-07-06 03:00 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsTelemetry.dll
2018-07-10 23:43 - 2018-07-06 03:00 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll
2018-07-10 23:43 - 2018-07-06 02:59 - 006647296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2018-07-10 23:43 - 2018-07-06 02:59 - 003381248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2018-07-10 23:43 - 2018-07-06 02:59 - 001153536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2018-07-10 23:43 - 2018-07-06 02:59 - 000453632 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2018-07-10 23:43 - 2018-07-06 02:59 - 000334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\NmaDirect.dll
2018-07-10 23:43 - 2018-07-06 02:59 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Geolocation.dll
2018-07-10 23:43 - 2018-07-06 02:59 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2018-07-10 23:43 - 2018-07-06 02:59 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\tokenbinding.dll
2018-07-10 23:43 - 2018-07-06 02:59 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2018-07-10 23:43 - 2018-07-06 02:58 - 004867584 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-07-10 23:43 - 2018-07-06 02:58 - 002825728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2018-07-10 23:43 - 2018-07-06 02:58 - 001931776 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeangle.dll
2018-07-10 23:43 - 2018-07-06 02:58 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2018-07-10 23:43 - 2018-07-06 02:58 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-07-10 23:43 - 2018-07-06 02:58 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2018-07-10 23:43 - 2018-07-06 02:58 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2018-07-10 23:43 - 2018-07-06 02:58 - 000236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2018-07-10 23:43 - 2018-07-06 02:58 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Cortana.dll
2018-07-10 23:43 - 2018-07-06 02:58 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-07-10 23:43 - 2018-07-06 02:58 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProv2faHelper.dll
2018-07-10 23:43 - 2018-07-06 02:58 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2018-07-10 23:43 - 2018-07-06 02:58 - 000075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mpsdrv.sys
2018-07-10 23:43 - 2018-07-06 02:58 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tokenbinding.dll
2018-07-10 23:43 - 2018-07-06 02:57 - 007579648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-07-10 23:43 - 2018-07-06 02:57 - 005779456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-07-10 23:43 - 2018-07-06 02:57 - 003712512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-07-10 23:43 - 2018-07-06 02:57 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2018-07-10 23:43 - 2018-07-06 02:57 - 000839680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2018-07-10 23:43 - 2018-07-06 02:57 - 000813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-07-10 23:43 - 2018-07-06 02:57 - 000676864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Devices.dll
2018-07-10 23:43 - 2018-07-06 02:57 - 000614912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-07-10 23:43 - 2018-07-06 02:57 - 000473088 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2018-07-10 23:43 - 2018-07-06 02:57 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2018-07-10 23:43 - 2018-07-06 02:57 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NmaDirect.dll
2018-07-10 23:43 - 2018-07-06 02:56 - 001986560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2018-07-10 23:43 - 2018-07-06 02:56 - 001817600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2018-07-10 23:43 - 2018-07-06 02:56 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2018-07-10 23:43 - 2018-07-06 02:56 - 001567744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2018-07-10 23:43 - 2018-07-06 02:56 - 001535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-07-10 23:43 - 2018-07-06 02:56 - 001225216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2018-07-10 23:43 - 2018-07-06 02:56 - 000814592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2018-07-10 23:43 - 2018-07-06 02:56 - 000784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2018-07-10 23:43 - 2018-07-06 02:56 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-07-10 23:43 - 2018-07-06 02:56 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuietHours.dll
2018-07-10 23:43 - 2018-07-06 02:56 - 000508416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2018-07-10 23:43 - 2018-07-06 02:56 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2018-07-10 23:43 - 2018-07-06 02:56 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-07-10 23:43 - 2018-07-06 02:56 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2018-07-10 23:43 - 2018-07-06 02:56 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioCredProv.dll
2018-07-10 23:43 - 2018-07-06 02:56 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll
2018-07-10 23:43 - 2018-07-06 02:56 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2018-07-10 23:43 - 2018-07-06 02:56 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProv2faHelper.dll
2018-07-10 23:43 - 2018-07-06 02:55 - 003440128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-07-10 23:43 - 2018-07-06 02:55 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-07-10 23:43 - 2018-07-06 02:55 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-07-10 23:43 - 2018-07-06 02:55 - 001395712 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-07-10 23:43 - 2018-07-06 02:55 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2018-07-10 23:43 - 2018-07-06 02:55 - 001264640 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2018-07-10 23:43 - 2018-07-06 02:55 - 000619520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2018-07-10 23:43 - 2018-07-06 02:55 - 000415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2018-07-10 23:43 - 2018-07-06 02:55 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-07-10 23:43 - 2018-07-06 02:54 - 003015680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-07-10 23:43 - 2018-07-06 02:54 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2018-07-10 23:43 - 2018-07-06 02:54 - 002236928 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-07-10 23:43 - 2018-07-06 02:54 - 001214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2018-07-10 23:43 - 2018-07-06 02:54 - 000999936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-07-10 23:43 - 2018-07-06 02:54 - 000978944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2018-07-10 23:43 - 2018-07-06 02:54 - 000943616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2018-07-10 23:43 - 2018-07-06 02:54 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2018-07-10 23:43 - 2018-07-06 02:54 - 000884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2018-07-10 23:43 - 2018-07-06 02:54 - 000884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2018-07-10 23:43 - 2018-07-06 02:54 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-07-10 23:43 - 2018-07-06 02:54 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-07-10 23:43 - 2018-07-06 02:54 - 000275968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2018-07-10 23:43 - 2018-07-06 02:54 - 000254464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BioCredProv.dll
2018-07-10 23:43 - 2018-07-06 02:53 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2018-07-10 23:43 - 2018-07-06 02:53 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2018-07-10 23:43 - 2018-07-06 02:53 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2018-07-10 23:43 - 2018-07-06 02:53 - 000705024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2018-07-10 23:43 - 2018-07-06 02:52 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-07-10 23:43 - 2018-07-06 01:41 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2018-07-10 23:43 - 2018-06-29 00:16 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2018-07-10 23:43 - 2018-06-15 13:55 - 000542888 _____ C:\WINDOWS\system32\FaceProcessorCore.dll
2018-07-10 23:43 - 2018-06-15 13:53 - 000348256 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2018-07-10 23:43 - 2018-06-15 13:53 - 000094104 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2018-07-10 23:43 - 2018-06-15 13:50 - 001376576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2018-07-10 23:43 - 2018-06-15 13:49 - 021388856 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-07-10 23:43 - 2018-06-15 13:48 - 002395056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2018-07-10 23:43 - 2018-06-15 13:48 - 000338352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll
2018-07-10 23:43 - 2018-06-15 13:35 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2018-07-10 23:43 - 2018-06-15 13:34 - 008623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2018-07-10 23:43 - 2018-06-15 13:34 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\DsmUserTask.exe
2018-07-10 23:43 - 2018-06-15 13:34 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfnet.dll
2018-07-10 23:43 - 2018-06-15 13:33 - 012710400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-07-10 23:43 - 2018-06-15 13:33 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
2018-07-10 23:43 - 2018-06-15 13:33 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManagerAPI.dll
2018-07-10 23:43 - 2018-06-15 13:33 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2018-07-10 23:43 - 2018-06-15 13:32 - 000755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.PrinterCustomActions.dll
2018-07-10 23:43 - 2018-06-15 13:32 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CscUnpinTool.exe
2018-07-10 23:43 - 2018-06-15 13:32 - 000301568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2018-07-10 23:43 - 2018-06-15 13:32 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2018-07-10 23:43 - 2018-06-15 13:31 - 002193920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ModernAppAgent.dll
2018-07-10 23:43 - 2018-06-15 13:31 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2018-07-10 23:43 - 2018-06-15 13:31 - 000907776 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe
2018-07-10 23:43 - 2018-06-15 13:31 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2018-07-10 23:43 - 2018-06-15 13:30 - 001308672 _____ C:\WINDOWS\system32\FaceProcessor.dll
2018-07-10 23:43 - 2018-06-15 13:30 - 001254400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2018-07-10 23:43 - 2018-06-15 13:30 - 001186816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CommonBridge.dll
2018-07-10 23:43 - 2018-06-15 13:30 - 001127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplySettingsTemplateCatalog.exe
2018-07-10 23:43 - 2018-06-15 13:30 - 001054720 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2018-07-10 23:43 - 2018-06-15 13:30 - 000878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2018-07-10 23:43 - 2018-06-15 13:30 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe
2018-07-10 23:43 - 2018-06-15 13:30 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinit.exe
2018-07-10 23:43 - 2018-06-15 13:29 - 002084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-07-10 23:43 - 2018-06-15 13:29 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2018-07-10 23:43 - 2018-06-15 13:29 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-07-10 23:43 - 2018-06-15 13:29 - 000740864 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2018-07-10 23:43 - 2018-06-15 13:29 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2018-07-10 23:43 - 2018-06-15 13:29 - 000103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSoftwareInstallationClient.dll
2018-07-10 23:43 - 2018-06-15 13:28 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpd_ci.dll
2018-07-10 23:43 - 2018-06-15 13:28 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2018-07-10 23:43 - 2018-06-15 13:03 - 000055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UevAppMonitor.exe
2018-07-10 23:43 - 2018-06-15 13:00 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ModernAppCore.dll
2018-07-10 23:43 - 2018-06-15 11:25 - 020383720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-07-10 23:43 - 2018-06-15 11:22 - 001026896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2018-07-10 23:43 - 2018-06-15 11:16 - 002206528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2018-07-10 23:43 - 2018-06-15 11:07 - 011901952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-07-10 23:43 - 2018-06-15 11:06 - 007987712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2018-07-10 23:43 - 2018-06-15 11:06 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfnet.dll
2018-07-10 23:43 - 2018-06-15 11:04 - 000851968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2018-07-10 23:43 - 2018-06-15 11:04 - 000373248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
2018-07-10 23:43 - 2018-06-15 11:03 - 000831488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe
2018-07-10 23:43 - 2018-06-15 11:03 - 000667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-07-10 23:43 - 2018-06-15 11:02 - 000704000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2018-07-10 23:43 - 2018-06-15 11:01 - 002015744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-07-10 23:43 - 2018-06-15 11:01 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll
2018-07-10 23:43 - 2018-06-15 09:23 - 000788992 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2018-07-10 23:43 - 2018-06-15 03:11 - 000611232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2018-07-10 23:43 - 2018-06-15 03:10 - 000048544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2018-07-10 23:43 - 2018-06-15 03:03 - 000083360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2018-07-10 23:43 - 2018-06-15 01:21 - 001213368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2018-07-10 23:43 - 2018-06-15 01:21 - 000761440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2018-07-10 23:43 - 2018-06-15 01:19 - 001034632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-07-10 23:43 - 2018-06-15 01:19 - 000116632 _____ (Microsoft Corporation) C:\WINDOWS\system32\DTUHandler.exe
2018-07-10 23:43 - 2018-06-15 01:19 - 000093600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2018-07-10 23:43 - 2018-06-15 01:18 - 000228768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2018-07-10 23:43 - 2018-06-15 01:16 - 000562080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2018-07-10 23:43 - 2018-06-15 01:16 - 000433560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2018-07-10 23:43 - 2018-06-15 01:15 - 002563960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2018-07-10 23:43 - 2018-06-15 01:15 - 000753152 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2018-07-10 23:43 - 2018-06-15 01:13 - 000510904 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2018-07-10 23:43 - 2018-06-15 01:13 - 000324000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2018-07-10 23:43 - 2018-06-15 01:12 - 007519992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-07-10 23:43 - 2018-06-15 01:12 - 000661152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2018-07-10 23:43 - 2018-06-15 01:12 - 000491304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2018-07-10 23:43 - 2018-06-15 01:12 - 000260896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-07-10 23:43 - 2018-06-15 01:12 - 000118872 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2018-07-10 23:43 - 2018-06-15 01:11 - 006817872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2018-07-10 23:43 - 2018-06-15 01:10 - 001934400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2018-07-10 23:43 - 2018-06-15 01:10 - 001097640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-07-10 23:43 - 2018-06-15 01:10 - 000717208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2018-07-10 23:43 - 2018-06-15 01:10 - 000326024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExecModelClient.dll
2018-07-10 23:43 - 2018-06-15 01:09 - 007436120 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-07-10 23:43 - 2018-06-15 01:09 - 002830240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-07-10 23:43 - 2018-06-15 01:09 - 002546592 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2018-07-10 23:43 - 2018-06-15 01:09 - 001798552 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2018-07-10 23:43 - 2018-06-15 01:09 - 001742272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2018-07-10 23:43 - 2018-06-15 01:09 - 001659296 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2018-07-10 23:43 - 2018-06-15 01:09 - 001209800 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2018-07-10 23:43 - 2018-06-15 01:09 - 001112600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2018-07-10 23:43 - 2018-06-15 01:09 - 000594128 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2018-07-10 23:43 - 2018-06-15 01:09 - 000247984 _____ (Microsoft Corporation) C:\WINDOWS\system32\RESAMPLEDMO.DLL
2018-07-10 23:43 - 2018-06-15 01:08 - 004403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-07-10 23:43 - 2018-06-15 01:08 - 002371392 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2018-07-10 23:43 - 2018-06-15 01:08 - 002062488 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2018-07-10 23:43 - 2018-06-15 01:08 - 001946752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2018-07-10 23:43 - 2018-06-15 01:08 - 001921944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2018-07-10 23:43 - 2018-06-15 01:08 - 001784584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2018-07-10 23:43 - 2018-06-15 01:08 - 001457128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-07-10 23:43 - 2018-06-15 01:08 - 001288840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2018-07-10 23:43 - 2018-06-15 01:08 - 001258280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-07-10 23:43 - 2018-06-15 01:08 - 001150408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2018-07-10 23:43 - 2018-06-15 01:08 - 001140568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-07-10 23:43 - 2018-06-15 01:08 - 000983008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-07-10 23:43 - 2018-06-15 01:08 - 000945568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2018-07-10 23:43 - 2018-06-15 01:08 - 000898760 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2018-07-10 23:43 - 2018-06-15 01:08 - 000642088 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll
2018-07-10 23:43 - 2018-06-15 01:08 - 000604576 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-07-10 23:43 - 2018-06-15 01:08 - 000500552 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2018-07-10 23:43 - 2018-06-15 01:08 - 000413816 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2018-07-10 23:43 - 2018-06-15 01:08 - 000072768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WindowsTrustedRT.sys
2018-07-10 23:43 - 2018-06-15 01:07 - 001611584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2018-07-10 23:43 - 2018-06-15 01:07 - 001145696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2018-07-10 23:43 - 2018-06-15 01:05 - 000550608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2018-07-10 23:43 - 2018-06-15 01:05 - 000444240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2018-07-10 23:43 - 2018-06-15 01:04 - 002331576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2018-07-10 23:43 - 2018-06-15 01:04 - 001462824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2018-07-10 23:43 - 2018-06-15 01:04 - 001397192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2018-07-10 23:43 - 2018-06-15 01:04 - 001251736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2018-07-10 23:43 - 2018-06-15 01:04 - 000719552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2018-07-10 23:43 - 2018-06-15 01:04 - 000281080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExecModelClient.dll
2018-07-10 23:43 - 2018-06-15 01:04 - 000105376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2018-07-10 23:43 - 2018-06-15 01:03 - 006572000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-07-10 23:43 - 2018-06-15 01:03 - 006528600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2018-07-10 23:43 - 2018-06-15 01:03 - 006043600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-07-10 23:43 - 2018-06-15 01:03 - 004788504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-07-10 23:43 - 2018-06-15 01:03 - 002535032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2018-07-10 23:43 - 2018-06-15 01:03 - 002163184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2018-07-10 23:43 - 2018-06-15 01:03 - 001805752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2018-07-10 23:43 - 2018-06-15 01:03 - 001710240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2018-07-10 23:43 - 2018-06-15 01:03 - 001559368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2018-07-10 23:43 - 2018-06-15 01:03 - 001380192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2018-07-10 23:43 - 2018-06-15 01:03 - 001144120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2018-07-10 23:43 - 2018-06-15 01:03 - 001129640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-07-10 23:43 - 2018-06-15 01:03 - 001020160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2018-07-10 23:43 - 2018-06-15 01:03 - 001011968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2018-07-10 23:43 - 2018-06-15 01:03 - 000770152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2018-07-10 23:43 - 2018-06-15 01:03 - 000472136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2018-07-10 23:43 - 2018-06-15 01:03 - 000356960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2018-07-10 23:43 - 2018-06-15 01:03 - 000232488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RESAMPLEDMO.DLL
2018-07-10 23:43 - 2018-06-15 01:03 - 000129192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2018-07-10 23:43 - 2018-06-15 00:49 - 002962944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-07-10 23:43 - 2018-06-15 00:48 - 002900992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-07-10 23:43 - 2018-06-15 00:48 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Diagnostics.dll
2018-07-10 23:43 - 2018-06-15 00:47 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2018-07-10 23:43 - 2018-06-15 00:47 - 000515072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2018-07-10 23:43 - 2018-06-15 00:47 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2018-07-10 23:43 - 2018-06-15 00:46 - 004706816 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-07-10 23:43 - 2018-06-15 00:46 - 004333568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2018-07-10 23:43 - 2018-06-15 00:46 - 001356800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2018-07-10 23:43 - 2018-06-15 00:46 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2018-07-10 23:43 - 2018-06-15 00:46 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2018-07-10 23:43 - 2018-06-15 00:46 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2018-07-10 23:43 - 2018-06-15 00:46 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2018-07-10 23:43 - 2018-06-15 00:45 - 002548736 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2018-07-10 23:43 - 2018-06-15 00:45 - 000992768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2018-07-10 23:43 - 2018-06-15 00:45 - 000871424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2018-07-10 23:43 - 2018-06-15 00:45 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2018-07-10 23:43 - 2018-06-15 00:45 - 000740352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2018-07-10 23:43 - 2018-06-15 00:45 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2018-07-10 23:43 - 2018-06-15 00:45 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2018-07-10 23:43 - 2018-06-15 00:45 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\system32\DTUHandlerPS.dll
2018-07-10 23:43 - 2018-06-15 00:44 - 001632256 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2018-07-10 23:43 - 2018-06-15 00:44 - 001342976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2018-07-10 23:43 - 2018-06-15 00:44 - 000873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2018-07-10 23:43 - 2018-06-15 00:44 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2018-07-10 23:43 - 2018-06-15 00:44 - 000185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2018-07-10 23:43 - 2018-06-15 00:44 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2018-07-10 23:43 - 2018-06-15 00:44 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2018-07-10 23:43 - 2018-06-15 00:44 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2018-07-10 23:43 - 2018-06-15 00:44 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\cellulardatacapabilityhandler.dll
2018-07-10 23:43 - 2018-06-15 00:43 - 001114112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2018-07-10 23:43 - 2018-06-15 00:43 - 001110528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2018-07-10 23:43 - 2018-06-15 00:43 - 000675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2018-07-10 23:43 - 2018-06-15 00:43 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-07-10 23:43 - 2018-06-15 00:43 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2018-07-10 23:43 - 2018-06-15 00:43 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll
2018-07-10 23:43 - 2018-06-15 00:43 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-07-10 23:43 - 2018-06-15 00:43 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2018-07-10 23:43 - 2018-06-15 00:43 - 000191488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VideoHandlers.dll
2018-07-10 23:43 - 2018-06-15 00:43 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2018-07-10 23:43 - 2018-06-15 00:43 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2018-07-10 23:43 - 2018-06-15 00:42 - 003392512 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-07-10 23:43 - 2018-06-15 00:42 - 002367488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-07-10 23:43 - 2018-06-15 00:42 - 000978432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2018-07-10 23:43 - 2018-06-15 00:42 - 000558592 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2018-07-10 23:43 - 2018-06-15 00:42 - 000431104 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2018-07-10 23:43 - 2018-06-15 00:42 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2018-07-10 23:43 - 2018-06-15 00:42 - 000386048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Diagnostics.dll
2018-07-10 23:43 - 2018-06-15 00:42 - 000319488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-07-10 23:43 - 2018-06-15 00:42 - 000273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2018-07-10 23:43 - 2018-06-15 00:42 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2018-07-10 23:43 - 2018-06-15 00:42 - 000216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2018-07-10 23:43 - 2018-06-15 00:42 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2018-07-10 23:43 - 2018-06-15 00:42 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2018-07-10 23:43 - 2018-06-15 00:41 - 004561920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2018-07-10 23:43 - 2018-06-15 00:41 - 003320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-07-10 23:43 - 2018-06-15 00:41 - 001768448 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2018-07-10 23:43 - 2018-06-15 00:41 - 001724928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2018-07-10 23:43 - 2018-06-15 00:41 - 000953856 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2018-07-10 23:43 - 2018-06-15 00:41 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-07-10 23:43 - 2018-06-15 00:41 - 000811520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2018-07-10 23:43 - 2018-06-15 00:41 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-07-10 23:43 - 2018-06-15 00:41 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2018-07-10 23:43 - 2018-06-15 00:41 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2018-07-10 23:43 - 2018-06-15 00:41 - 000265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2018-07-10 23:43 - 2018-06-15 00:41 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManager.dll
2018-07-10 23:43 - 2018-06-15 00:40 - 001550848 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-07-10 23:43 - 2018-06-15 00:40 - 001487360 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2018-07-10 23:43 - 2018-06-15 00:40 - 000827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2018-07-10 23:43 - 2018-06-15 00:40 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2018-07-10 23:43 - 2018-06-15 00:40 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2018-07-10 23:43 - 2018-06-15 00:39 - 002903040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-07-10 23:43 - 2018-06-15 00:39 - 002583552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2018-07-10 23:43 - 2018-06-15 00:39 - 002172416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-07-10 23:43 - 2018-06-15 00:39 - 001303040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2018-07-10 23:43 - 2018-06-15 00:39 - 000916992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2018-07-10 23:43 - 2018-06-15 00:39 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2018-07-10 23:43 - 2018-06-15 00:39 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-07-10 23:43 - 2018-06-15 00:38 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-07-10 23:43 - 2018-06-15 00:38 - 001581568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2018-07-10 23:43 - 2018-06-15 00:38 - 001305088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2018-07-10 23:43 - 2018-06-15 00:38 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2018-07-10 23:43 - 2018-06-15 00:38 - 001036288 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-07-10 23:43 - 2018-06-15 00:38 - 000949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2018-07-10 23:43 - 2018-06-15 00:38 - 000910848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2018-07-10 23:43 - 2018-06-15 00:38 - 000596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-07-10 23:43 - 2018-06-15 00:37 - 001374208 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-07-10 23:43 - 2018-06-15 00:37 - 000883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2018-07-10 23:43 - 2018-06-15 00:36 - 000159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdrom.sys
2018-07-10 23:43 - 2018-06-01 01:18 - 000058524 _____ C:\WINDOWS\system32\srms.dat
2018-07-08 03:06 - 2018-08-03 13:34 - 000114920 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2018-07-08 03:06 - 2018-08-03 13:34 - 000048360 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2018-07-08 03:06 - 2018-07-25 20:06 - 000191208 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2018-07-06 18:01 - 2018-07-06 18:01 - 000000222 _____ C:\Users\squis\Desktop\Use Your Words.url
2018-07-06 18:01 - 2018-07-06 18:01 - 000000000 ____D C:\Users\squis\AppData\LocalLow\Smiling Buddha Games
2018-07-06 00:33 - 2018-07-06 00:35 - 000040257 _____ C:\Users\squis\Desktop\1233AM_TEMPS_IDLE.CSV
2018-07-04 22:09 - 2018-07-04 22:09 - 000000000 ____D C:\Users\squis\AppData\LocalLow\Landfall Games

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-08-03 13:34 - 2018-06-26 23:47 - 000253664 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-08-03 13:34 - 2018-06-10 11:58 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-08-03 13:34 - 2018-04-14 13:38 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2018-08-03 13:34 - 2018-04-11 19:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-08-03 13:34 - 2018-02-04 23:44 - 000000000 ____D C:\Users\squis\AppData\Roaming\Send Anywhere
2018-08-03 13:34 - 2017-07-11 14:48 - 000000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2018-08-03 13:33 - 2018-04-11 17:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-08-03 12:59 - 2017-05-07 12:23 - 000000000 ____D C:\Users\squis\Documents\ShareX
2018-08-03 11:41 - 2018-06-10 11:51 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-08-03 03:20 - 2018-06-10 11:58 - 000003142 _____ C:\WINDOWS\System32\Tasks\MSIAfterburner
2018-08-03 03:19 - 2017-05-07 22:08 - 000000000 ____D C:\Users\squis\AppData\Local\Battle.net
2018-08-03 02:41 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-08-03 00:44 - 2017-07-10 23:00 - 000000000 ____D C:\ProgramData\ProductData
2018-08-02 23:05 - 2017-05-05 20:35 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-08-02 23:05 - 2017-05-05 20:35 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-08-02 22:53 - 2017-05-07 22:08 - 000000000 ____D C:\Program Files (x86)\Blizzard App
2018-08-02 20:58 - 2017-07-10 13:53 - 000000000 ____D C:\Users\squis\AppData\Local\CrashDumps
2018-08-02 18:33 - 2018-04-11 19:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-08-01 22:40 - 2018-04-11 19:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-08-01 22:38 - 2018-06-10 12:01 - 000838560 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-08-01 22:38 - 2018-04-11 19:36 - 000000000 ____D C:\WINDOWS\INF
2018-08-01 19:17 - 2017-05-10 19:53 - 000000000 ____D C:\Users\squis\AppData\Roaming\uTorrent
2018-07-31 01:21 - 2018-06-26 23:48 - 000000000 ____D C:\ProgramData\Packages
2018-07-31 00:47 - 2018-02-18 20:12 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-07-29 19:03 - 2018-06-29 22:45 - 000003976 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-07-29 19:03 - 2018-06-29 22:45 - 000003940 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-07-29 19:03 - 2018-06-02 13:22 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-07-29 19:02 - 2018-06-29 22:45 - 000004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-07-29 19:02 - 2018-06-29 22:45 - 000004106 _____ C:\WINDOWS\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-07-29 19:02 - 2018-06-10 11:58 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-07-29 19:02 - 2018-06-10 11:58 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-07-29 19:02 - 2018-06-10 11:58 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-07-29 19:02 - 2018-06-10 11:58 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-07-29 19:02 - 2018-06-10 11:58 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-07-29 19:02 - 2018-06-10 11:58 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-07-29 19:02 - 2018-06-10 11:58 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-07-29 19:02 - 2018-06-02 13:21 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-07-29 15:14 - 2017-05-05 21:05 - 000000000 ____D C:\Program Files (x86)\Steam
2018-07-29 10:11 - 2017-05-05 23:05 - 000002498 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2018-07-29 10:11 - 2017-05-05 23:05 - 000002493 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2018-07-29 10:11 - 2017-05-05 23:05 - 000002492 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2018-07-29 10:11 - 2017-05-05 23:05 - 000002456 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2018-07-29 10:11 - 2017-05-05 23:05 - 000002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2018-07-29 10:11 - 2017-05-05 23:05 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2018-07-29 10:11 - 2017-05-05 23:05 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2018-07-29 10:11 - 2017-05-05 23:03 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-07-29 01:40 - 2018-06-30 13:56 - 000000000 ____D C:\Users\squis\AppData\Local\BattlEye
2018-07-29 00:10 - 2018-05-12 16:51 - 000000000 ____D C:\Users\squis\.MCTranscodingSDK
2018-07-29 00:10 - 2018-05-02 20:05 - 000000000 __SHD C:\82ace7d6-0197-474d-bf4b-a2043e72329b
2018-07-29 00:09 - 2017-05-08 20:53 - 000000000 ____D C:\Users\squis\AppData\Local\Ubisoft Game Launcher
2018-07-27 17:31 - 2017-06-01 18:37 - 000000000 ____D C:\Program Files (x86)\Adobe
2018-07-27 16:59 - 2017-08-21 20:53 - 000000000 ___RD C:\Users\squis\Creative Cloud Files
2018-07-27 16:59 - 2017-08-21 20:42 - 000000000 ____D C:\Users\squis\AppData\Local\Adobe
2018-07-26 22:31 - 2018-06-13 01:01 - 000000000 ____D C:\Users\squis\AppData\Local\D3DSCache
2018-07-25 22:18 - 2017-05-05 23:34 - 000000000 ____D C:\Users\squis\Desktop\Animu
2018-07-25 20:17 - 2017-07-11 19:12 - 000000000 ____D C:\Temp
2018-07-25 20:10 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\Help
2018-07-25 20:08 - 2017-07-11 18:35 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2018-07-25 19:20 - 2017-11-19 11:36 - 000000000 ____D C:\Users\squis\AppData\Local\Packages
2018-07-25 18:51 - 2018-06-29 18:50 - 000000000 ____D C:\WINDOWS\SysWOW64\directx
2018-07-25 09:38 - 2018-06-10 11:53 - 000000000 ____D C:\Users\squis
2018-07-24 21:17 - 2017-12-01 18:30 - 000000000 ___RD C:\Users\squis\Documents\Scanned Documents
2018-07-23 01:38 - 2017-05-07 23:52 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2018-07-22 15:53 - 2017-05-05 20:46 - 000000000 ____D C:\Program Files (x86)\Hard Disk Sentinel
2018-07-22 15:51 - 2017-10-22 23:03 - 000000409 _____ C:\Users\Public\Desktop\Overwatch.lnk
2018-07-21 19:13 - 2017-05-05 21:51 - 000000000 ____D C:\Users\squis\AppData\Roaming\obs-studio
2018-07-17 04:17 - 2018-05-11 20:27 - 000152688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2018-07-16 19:15 - 2017-05-05 20:35 - 000563832 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-07-14 15:54 - 2018-06-29 18:50 - 000000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2018-07-14 05:48 - 2018-06-10 11:53 - 000002259 _____ C:\Users\squis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-07-12 00:35 - 2018-06-10 11:51 - 000473736 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-07-12 00:35 - 2017-11-19 11:44 - 000000000 ___RD C:\Users\squis\3D Objects
2018-07-12 00:35 - 2017-05-05 20:32 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-07-11 00:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
2018-07-11 00:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\yo-NG
2018-07-11 00:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
2018-07-11 00:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\wo-SN
2018-07-11 00:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2018-07-11 00:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
2018-07-11 00:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ti-ET
2018-07-11 00:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2018-07-11 00:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2018-07-11 00:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2018-07-11 00:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
2018-07-11 00:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\rw-RW
2018-07-11 00:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
2018-07-11 00:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
2018-07-11 00:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
2018-07-11 00:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
2018-07-11 00:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ig-NG
2018-07-11 00:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
2018-07-11 00:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2018-07-11 00:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2018-07-11 00:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2018-07-11 00:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2018-07-11 00:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\zu-ZA
2018-07-11 00:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\yo-NG
2018-07-11 00:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\xh-ZA
2018-07-11 00:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\wo-SN
2018-07-11 00:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2018-07-11 00:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\tn-ZA
2018-07-11 00:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\ti-ET
2018-07-11 00:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2018-07-11 00:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2018-07-11 00:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2018-07-11 00:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2018-07-11 00:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\rw-RW
2018-07-11 00:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2018-07-11 00:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2018-07-11 00:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\nso-ZA
2018-07-11 00:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2018-07-11 00:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\ig-NG
2018-07-11 00:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2018-07-11 00:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
2018-07-11 00:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2018-07-11 00:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2018-07-11 00:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2018-07-11 00:37 - 2018-04-11 19:38 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-07-11 00:37 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2018-07-11 00:37 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-07-11 00:37 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-07-11 00:37 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-07-10 23:48 - 2017-05-09 21:29 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-07-10 23:46 - 2017-05-09 21:29 - 134675576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-07-06 17:54 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-07-05 22:46 - 2017-05-07 23:09 - 000000000 ____D C:\Users\squis\Documents\Overwatch
2018-07-04 21:33 - 2017-06-29 12:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games

==================== Files in the root of some directories =======

2017-09-16 23:39 - 2017-09-16 23:39 - 000003130 _____ () C:\Users\squis\win.vbs
2017-09-16 21:14 - 2017-09-16 21:14 - 000000706 _____ () C:\Program Files (x86)\LMIR0002.tmp.bat
2017-09-16 21:14 - 2017-09-16 21:14 - 000000514 _____ () C:\Program Files (x86)\LMIR0002.tmp_r.bat
2017-09-16 22:12 - 2017-09-16 22:12 - 000000706 _____ () C:\Program Files (x86)\LMIR0003.tmp.bat
2017-09-16 22:12 - 2017-09-16 22:12 - 000000514 _____ () C:\Program Files (x86)\LMIR0003.tmp_r.bat
2018-03-17 10:02 - 2018-03-17 10:02 - 000027163 _____ () C:\Program Files (x86)\survivorroyale_license.htm
2017-05-10 22:44 - 2017-05-15 21:46 - 000003239 _____ () C:\Users\squis\AppData\Roaming\SpeedRunnersLog.txt
2017-08-05 13:03 - 2017-08-08 20:13 - 000005120 _____ () C:\Users\squis\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-05-20 03:18 - 2018-06-30 12:24 - 001065984 _____ () C:\Users\squis\AppData\Local\file__0.localstorage
2017-09-16 22:17 - 2017-09-16 22:17 - 000000704 _____ () C:\Users\squis\AppData\Local\LMIR0001.tmp.bat
2017-09-16 22:17 - 2017-09-16 22:17 - 000000512 _____ () C:\Users\squis\AppData\Local\LMIR0001.tmp_r.bat
2017-05-06 15:07 - 2018-01-30 00:40 - 000007602 _____ () C:\Users\squis\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-06-10 11:51

==================== End of FRST.txt ============================
Attached Files
File Type: txt Addition.txt (90.4 KB, 5 views)
anonalchemist is offline  
Sponsored Links
Advertisement
 
Old 08-03-2018, 10:41 AM   #4
Registered Member
 
Join Date: Apr 2012
Posts: 29
OS: Win XP Sp3



# -------------------------------
# Malwarebytes AdwCleaner 7.2.1.0
# -------------------------------
# Build: 06-26-2018
# Database: 2018-07-25.1
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 08-03-2018
# Duration: 00:00:00
# OS: Windows 10 Pro
# Cleaned: 0
# Failed: 1


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

Not Deleted Ask

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1307 octets] - [28/07/2018 02:32:07]
AdwCleaner[C00].txt - [1447 octets] - [28/07/2018 02:32:51]
AdwCleaner[S01].txt - [1371 octets] - [28/07/2018 02:34:54]
AdwCleaner[C01].txt - [1531 octets] - [28/07/2018 02:35:02]
AdwCleaner[S02].txt - [1491 octets] - [28/07/2018 10:41:00]
AdwCleaner[S03].txt - [1552 octets] - [29/07/2018 22:34:04]
AdwCleaner[C03].txt - [1718 octets] - [29/07/2018 22:40:18]
AdwCleaner[S04].txt - [1670 octets] - [03/08/2018 13:33:21]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C04].txt ##########
anonalchemist is offline  
Old 08-04-2018, 01:33 PM   #5
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar

Microsoft Most Valuable Professional
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,790
OS: XP/Win7/Win10



Hello anonalchemist. Unfortunately, your symptoms are not typical of something malware does.

I see no signs of infection in your logs. Sounds more like a Windows issue.

------------------------------------------------------

Please run this online scan to help look for remnants.

Go here and click 'SCAN NOW' under 'ESET Online Scanner' to check for remnants.
  • You will be prompted to download and install esetonlinescanner_enu.exe. Click on the link and save the file to a convenient location.
  • Double-click on esetonlinescanner_enu.exe to install and a new window will open. Follow the prompts.
  • Turn off the real-time scanner of any existing antivirus program before performing the online scan. Here's how
  • At the bottom of the Terms of use window, tick the option Download latest version of ESET Online Scanner then click Accept
  • When/if prompted by UAC, 'Do you want to allow this app to make changes to your PC?', please choose Yes
  • Tick the option Enable detection of potentially unwanted applications
  • Click on Advanced settings
  • Make sure that the option Clean threats automatically is unticked.
  • Ensure these options are ticked:
    • Enable detection of potentially unsafe applications
    • Enable detection of suspicious applications
    • Scan archives
    • Enable Anti-Stealth technology
  • Click Scan
  • Wait for the scan to finish.
  • When the scan is done, if it shows a screen that says Threats found, click Save to text file... then name it and save it to your desktop.
  • Do NOT be alarmed by what you see in the report. Many of the finds have likely been quarantined.
  • Please copy/paste the contents of the log in your next reply.
  • To close ESET Online Scanner, select Do not clean then Finish
------------------------------------------------------
__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
Old 08-04-2018, 04:13 PM   #6
Registered Member
 
Join Date: Apr 2012
Posts: 29
OS: Win XP Sp3



Thanks chemist. I'll consider this resolved for now then with respects to the virus side of things.
I'll check back in on the other thread for further troubleshooting.
Cheers!
anonalchemist is offline  
Old 08-05-2018, 06:34 AM   #7
Registered Member
 
Join Date: Apr 2012
Posts: 29
OS: Win XP Sp3



C:\Users\squis\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc\31.2.4_0\popup.html JS/Chromex.Agent.AP trojan
C:\Users\squis\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc\31.2.4_0\js\background.js JS/Chromex.Agent.AP trojan
C:\Users\squis\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc\31.2.4_0\js\jquery.js JS/Chromex.Agent.AP trojan
C:\Users\squis\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc\31.2.4_0\js\contentScripts\contentScript.js JS/Chromex.Agent.AP trojan
C:\Users\squis\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc\31.2.4_0\js\popup\Popup.js JS/Chromex.Agent.AP trojan
C:\Users\squis\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Files\S0\31\confirm_identity682[1115].html HTML/Phishing.PayPal.BN trojan
C:\Users\squis\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Files\S0\31\confirm_identity682[137].html HTML/Phishing.PayPal.BN trojan
C:\Users\squis\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\Files\S0\31\Docum.57947529[2340].cab JS/Kryptik.BFL trojan
C:\Users\squis\AppData\Roaming\nhm2\bin\excavator_cuda9.1\excavator+web+restart_script.bat BAT/CoinMiner.A potentially unwanted application
C:\Users\squis\AppData\Roaming\nhm2\bin\excavator_cuda9.1\excavator.exe a variant of Win64/CoinMiner.HR potentially unwanted application
C:\Users\squis\AppData\Roaming\nhm2\bin\excavator_server\excavator.exe a variant of Win64/CoinMiner.JK potentially unwanted application
C:\Users\squis\AppData\Roaming\nhm2\bin\xmr-stak-cpu\xmr-stak-cpu.exe a variant of Win64/CoinMiner.DU potentially unwanted application
C:\Users\squis\AppData\Roaming\uTorrent\updates\3.5.0_43580.exe Win32/OpenCandy.J potentially unsafe application
E:\Downloads\android-data-recovery.exe a variant of Android/Exploit.Lotoor.GX trojan
E:\Downloads\ccsetup_512.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
E:\Downloads\Claymore.s.Dual.Ethereum.Decred_Siacoin_Lbry_Pascal.AMD.NVIDIA.GPU.Miner.v9.5 (1).zip a variant of Win64/CoinMiner.BX potentially unwanted application,a variant of Win32/CoinMiner.FS potentially unwanted application
E:\Downloads\Claymore.s.Dual.Ethereum.Decred_Siacoin_Lbry_Pascal.AMD.NVIDIA.GPU.Miner.v9.5.zip a variant of Win64/CoinMiner.BX potentially unwanted application,a variant of Win32/CoinMiner.FS potentially unwanted application
E:\Downloads\CuteWriter(1).exe a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application
E:\Downloads\Install JDownloader.rar Win32/Downloader.Agent.BX potentially unwanted application
E:\Downloads\ManyCamWebInstaller.exe a variant of Win32/Visicom.B potentially unwanted application
E:\Downloads\nhm_setup_2.0.1.6.exe a variant of Win64/CoinMiner.CI potentially unwanted application,BAT/CoinMiner.A potentially unwanted application
E:\Downloads\rcsetup152.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
E:\Downloads\spsetup132.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
E:\Downloads\uTorrent.exe Win32/OpenCandy.J potentially unsafe application
E:\Downloads\Danganronpa.Trigger.Happy.Havoc\Danganronpa.Trigger.Happy.Havoc-ALI213\Danganronpa Trigger Happy Havoc\开始游戏.exe Win32/GameTool.EN potentially unsafe application
E:\Downloads\Install JDownloader\Install JDownloader.exe Win32/Downloader.Agent.BX potentially unwanted application
E:\Eth\BACK UP ETH ONLY____Claymore.s.Dual.Ethereum.Decred_Siacoin_Lbry_Pascal.AMD.NVIDIA.GPU.Miner.v9.5 - Copy\EthDcrMiner64.exe a variant of Win64/CoinMiner.BX potentially unwanted application
E:\Eth\BACK UP ETH ONLY____Claymore.s.Dual.Ethereum.Decred_Siacoin_Lbry_Pascal.AMD.NVIDIA.GPU.Miner.v9.5 - Copy\cuda6.5\EthDcrMiner64.exe a variant of Win64/CoinMiner.BX potentially unwanted application
E:\Eth\BACK UP ETH ONLY____Claymore.s.Dual.Ethereum.Decred_Siacoin_Lbry_Pascal.AMD.NVIDIA.GPU.Miner.v9.5 - Copy\cuda7.5\EthDcrMiner64.exe a variant of Win64/CoinMiner.BX potentially unwanted application
E:\Eth\BACK UP ETH ONLY____Claymore.s.Dual.Ethereum.Decred_Siacoin_Lbry_Pascal.AMD.NVIDIA.GPU.Miner.v9.5 - Copy\Remote manager\EthMan.exe a variant of Win32/CoinMiner.FS potentially unwanted application
E:\Eth\Claymore.s.Dual.Ethereum.Decred_Siacoin_Lbry_Pascal.AMD.NVIDIA.GPU.Miner.v10.0 (1)\cuda6.5\EthDcrMiner64.exe a variant of Win64/CoinMiner.BX potentially unwanted application
E:\Eth\Claymore.s.Dual.Ethereum.Decred_Siacoin_Lbry_Pascal.AMD.NVIDIA.GPU.Miner.v10.0 (1)\cuda7.5\EthDcrMiner64.exe a variant of Win64/CoinMiner.BX potentially unwanted application
E:\Eth\Claymore.s.Dual.Ethereum.Decred_Siacoin_Lbry_Pascal.AMD.NVIDIA.GPU.Miner.v10.0 (1)\Remote manager\EthMan.exe a variant of Win32/CoinMiner.FS potentially unwanted application
E:\Eth\Claymore.s.Dual.Ethereum.Decred_Siacoin_Lbry_Pascal.AMD.NVIDIA.GPU.Miner.v9.5\EthDcrMiner64.exe a variant of Win64/CoinMiner.BX potentially unwanted application
E:\Eth\Claymore.s.Dual.Ethereum.Decred_Siacoin_Lbry_Pascal.AMD.NVIDIA.GPU.Miner.v9.5\cuda6.5\EthDcrMiner64.exe a variant of Win64/CoinMiner.BX potentially unwanted application
E:\Eth\Claymore.s.Dual.Ethereum.Decred_Siacoin_Lbry_Pascal.AMD.NVIDIA.GPU.Miner.v9.5\cuda7.5\EthDcrMiner64.exe a variant of Win64/CoinMiner.BX potentially unwanted application
E:\Eth\Claymore.s.Dual.Ethereum.Decred_Siacoin_Lbry_Pascal.AMD.NVIDIA.GPU.Miner.v9.5\Remote manager\EthMan.exe a variant of Win32/CoinMiner.FS potentially unwanted application
E:\Original_Q9450_PC\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell® Blacklist™\src\SYSTEM\uplay_r1.dll Win32/HackTool.Crack.DG potentially unsafe application
E:\Original_Q9450_PC\Users\Panda\AppData\Roaming\uTorrent\uTorrent.exe a variant of Win32/AdkDLLWrapper.A potentially unwanted application
E:\Original_Q9450_PC\Users\Panda\AppData\Roaming\uTorrent\updates\3.3.2_30488.exe a variant of Win32/AdkDLLWrapper.A potentially unwanted application
E:\Original_Q9450_PC\Users\Panda\Desktop\produkey-x64.zip a variant of Win64/PSWTool.ProductKey.A potentially unsafe application
E:\Original_Q9450_PC\Users\Panda\Desktop\produkey-x64\ProduKey.exe a variant of Win64/PSWTool.ProductKey.A potentially unsafe application
E:\Original_Q9450_PC\Users\Panda\Documents\USB DRIVE BACKUP\tb_free.exe a variant of Win32/TFTPD32.A potentially unsafe application
E:\Original_Q9450_PC\Users\Panda\Downloads\couponprinter.exe a variant of Win32/Adware.Coupons.AA application
E:\Original_Q9450_PC\Users\Panda\Downloads\rcsetup151(1).exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
E:\Original_Q9450_PC\Users\Panda\Downloads\rcsetup151.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
E:\Original_Q9450_PC\Windows.old\Windows\Temp\avast_ash\uTorrent (current user)\uTorrent.exe a variant of Win32/AdkDLLWrapper.A potentially unwanted application
F:\C-BackUp\Users\squis\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc\29.1.0_0\js\contentScripts\contentScript.js JS/Chromex.Agent.AP trojan
F:\C-BackUp\Users\squis\AppData\Local\Temp\HYD7699.tmp.1494460417\HTA\install.1494460417.zip a variant of Win32/FusionCore.K potentially unwanted application,Win32/OpenCandy.J potentially unsafe application
F:\C-BackUp\Users\squis\AppData\Local\Temp\HYD7699.tmp.1494460417\HTA\3rdparty\FS.dll a variant of Win32/FusionCore.K potentially unwanted application
F:\C-BackUp\Users\squis\AppData\Local\Temp\HYD7699.tmp.1494460417\HTA\scripts\uninstall.js Win32/OpenCandy.J potentially unsafe application
F:\C-BackUp\Users\squis\AppData\Local\Temp\HYD7699.tmp.1494460417\HTA\shell_scripts\shell_install_offer.js Win32/OpenCandy.J potentially unsafe application
F:\C-BackUp\Users\squis\AppData\Roaming\uTorrent\updates\3.5.0_43580.exe Win32/OpenCandy.J potentially unsafe application
F:\C-BackUp\Users\squis\Desktop\New folder (2)\Download\❄+Caravan+Palace+-+➆+Lone+Digger.html JS/Adware.Serhoxs.A application
F:\New folder (2)\Download\❄+Caravan+Palace+-+➆+Lone+Digger.html JS/Adware.Serhoxs.A application
F:\Old_Stuff_Apr_29\Gaming Desktop\USB BACKUIP Nov 16 (BOSS)\KeyFinderInstaller.exe a variant of Win32/MagicalJellyBean.B potentially unsafe application,Win32/OpenCandy potentially unsafe application
F:\Old_Stuff_Apr_29\Gaming Desktop\USB BACKUIP Nov 16 (BOSS)\OrbitSetup4.1.00.exe Win32/OpenCandy potentially unsafe application
anonalchemist is offline  
Old 08-05-2018, 06:14 PM   #8
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar

Microsoft Most Valuable Professional
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,790
OS: XP/Win7/Win10



Hello again, anonalchemist. You're very welcome.

You might want to go over the ESET results and delete any of those 'potentially unwanted or unsafe applications' that you did not install on purpose or you do not recognize.

------------------------------------------------------
__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
Old 08-07-2018, 02:18 PM   #9
Registered Member
 
Join Date: Apr 2012
Posts: 29
OS: Win XP Sp3



Done and done. Cleared every item on that list. Thanks!
anonalchemist is offline  
Old 08-08-2018, 02:42 AM   #10
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar

Microsoft Most Valuable Professional
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,790
OS: XP/Win7/Win10



You're welcome! Hope you get your issue resolved.
__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
 

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Similar Threads
Thread Thread Starter Forum Replies Last Post
ESET threats
In earlier message, and in continuation of another thread on another conmuter I started a thread stating that having tried ESET it had found a number of threats which i will mention at the end. meanwhile I ran DDS abnd will add the the logs. Gmer found rootkit activity but when I ran the scan on...
qimqim Inactive Malware Help Topics 13 12-13-2013 07:22 PM
FBI.Cybercrime lock-out
Hello and thank you in advance for helping me. I am locked out of my computer with a notice from "FBI.Cybercrime" to pay a fine or the FBI will be here to haul me off to prison. I received a suggestion that through Bleeping Computers I would find the instructions to follow for self help removal...
Cathy95820 Resolved HJT Threads 34 05-06-2013 03:49 AM
Cannot create shortcuts
Hello, I've been having issues with my computer for a while. It started out with a virus that "scanned" my computer for an infection, and of course my wife hits "OK". I had thought i cleaned that up, then I had the "The FBI has locked your computer" for whatever reason, and I had cleaned that up...
Andy_F Resolved HJT Threads 76 02-19-2013 06:46 PM
Help..xp bsod when i run virus scan.
Hi, this is Troy, i have windows xp with sp3 and i everytime i run a virus scan and have run multiple kinds from windows to maleware bytes...you name it. I get to a point in the scan where i get a blue screen and then computer shuts down. When i run it with out doing a scan the computer stays on....
sootherlol Virus/Trojan/Spyware Help 0 02-18-2013 05:31 PM
can't install or uninstall programs
I've tried to install my printer software but when it gets to the last phase of the installation process it says 'unable to install software' I tried to download and install AVG 2012 and the same thing it got to the last step and said set up error: general internal error: additional message:MSI...
reedkwize1 Virus/Trojan/Spyware Help 59 11-10-2011 04:40 PM

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is on
Smilies are on
[IMG] code is on
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Post a Question


» Site Navigation
 > FAQ
  > 10.0.0.2
Powered by vBadvanced CMPS v3.2.3


All times are GMT -7. The time now is 07:41 PM.


Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2020, vBulletin Solutions, Inc.
vBulletin Security provided by vBSecurity v2.2.2 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
User Alert System provided by Advanced User Tagging v3.1.0 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
Copyright 2001 - 2018, Tech Support Forum

Windows 10 - Windows 7 - Windows XP - Windows Vista - Trojan Removal - Spyware Removal - Virus Removal - Networking - Security - Top Web Hosts