User Tag List

Computer slow and strange

This is a discussion on Computer slow and strange within the Inactive Malware Help Topics forums, part of the Tech Support Forum category. OK. I got it. I am going to run AdwCleaner again and post the results


 
 
Thread Tools Search this Thread
Old 09-21-2019, 12:13 PM   #21
Registered Member
 
Join Date: Dec 2006
Posts: 259
OS: Windows 10



OK. I got it. I am going to run AdwCleaner again and post the results
qimqim is offline  
Sponsored Links
Advertisement
 
Old 09-21-2019, 02:32 PM   #22
Registered Member
 
Join Date: Dec 2006
Posts: 259
OS: Windows 10



Log still showing problemsd

# -------------------------------
# Malwarebytes AdwCleaner 7.4.1.0
# -------------------------------
# Build: 09-04-2019
# Database: 2019-09-18.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 09-21-2019
# Duration: 00:01:32
# OS: Windows 10 Home
# Scanned: 35634
# Detected: 1


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

PUP.Optional.Legacy MSN Homepage & Bing Search Engine

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.


AdwCleaner[S00].txt - [1280 octets] - [14/07/2018 12:38:08]
AdwCleaner[C00].txt - [1426 octets] - [14/07/2018 12:39:07]
AdwCleaner_Debug.log - [52993 octets] - [17/09/2019 17:37:38]
AdwCleaner[S01].txt - [3322 octets] - [17/09/2019 17:38:48]
AdwCleaner[S02].txt - [3384 octets] - [18/09/2019 07:20:57]
AdwCleaner[C02].txt - [3745 octets] - [18/09/2019 09:26:51]
AdwCleaner[S03].txt - [1795 octets] - [18/09/2019 09:45:07]
AdwCleaner[S04].txt - [2067 octets] - [19/09/2019 17:22:55]
AdwCleaner[C04].txt - [2272 octets] - [20/09/2019 17:44:08]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S05].txt ##########
qimqim is offline  
Old 09-21-2019, 02:39 PM   #23
Registered Member
 
Join Date: Dec 2006
Posts: 259
OS: Windows 10



I decided to quarantine the Pup, and after restarting it said computer clean, BUT at the same time the MSN/Bing extension was downloaded! I removed it but there seems to be some proframme trying to download it when it can
qimqim is offline  
Sponsored Links
Advertisement
 
Old 09-22-2019, 12:25 AM   #24
Registered Member
 
Join Date: Dec 2006
Posts: 259
OS: Windows 10



and now I am getting this page over and over again:
Attached Thumbnails
Click image for larger version

Name:	Capture.JPG
Views:	8
Size:	70.6 KB
ID:	324460  
qimqim is offline  
Old 09-22-2019, 04:18 AM   #25
Security Team Moderator
 
Join Date: Nov 2018
Location: US
Posts: 220
OS: Windows 10



Hi qimqim,

Please run a new FRST scan and copy / paste both reports to your reply.
iMacg3 is offline  
Old 09-22-2019, 04:42 AM   #26
Registered Member
 
Join Date: Dec 2006
Posts: 259
OS: Windows 10



OK here they are. I hope this is the current one... goy a bit muddles up!

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-09-2019 01
Ran by Camilo (administrator) on CAMILO-PC (SAMSUNG ELECTRONICS CO., LTD. RC530/RC730) (22-09-2019 12:21:42)
Running from C:\Users\Camilo\Desktop
Loaded Profiles: Camilo (Available Profiles: Camilo & UpdatusUser)
Platform: Windows 10 Home Version 1809 17763.737 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(Esumsoft -> Esumsoft) C:\Program Files (x86)\POP Peeper\POPPeeper.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Malwarebytes Inc -> Malwarebytes) C:\Users\Camilo\Desktop\AdwCleaner (2).exe
(Microsoft Corporation -> © 2015 Microsoft Corporation) C:\Users\Camilo\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Camilo\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19061.18920.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19082.1006.0_x64__8wekyb3d8bbwe\YourPhone.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19072.12011.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1908.7-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1908.7-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.52.138.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.52.138.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.52.138.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
(Spotify AB -> Spotify Ltd) C:\Users\Camilo\AppData\Roaming\Spotify\Spotify.exe
(Spotify AB -> Spotify Ltd) C:\Users\Camilo\AppData\Roaming\Spotify\Spotify.exe
(Spotify AB -> Spotify Ltd) C:\Users\Camilo\AppData\Roaming\Spotify\Spotify.exe
(Spotify AB -> Spotify Ltd) C:\Users\Camilo\AppData\Roaming\Spotify\Spotify.exe
(Spotify AB -> Spotify Ltd) C:\Users\Camilo\AppData\Roaming\Spotify\Spotify.exe
(Wondershare software CO., LIMITED -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.3.1.1\WsAppService.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242200 2016-11-11] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14030080 2015-08-05] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\nvspcap64.dll [1880512 2017-02-23] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe [1971856 2016-10-24] (Wondershare software CO., LIMITED -> )
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [144520 2017-07-19] (Panda Security S.L. -> Panda Security, S.L.)
HKU\S-1-5-21-2665017104-2237686660-164763984-1000\...\Run: [BingSvc] => C:\Users\Camilo\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (Microsoft Corporation -> © 2015 Microsoft Corporation)
HKU\S-1-5-21-2665017104-2237686660-164763984-1000\...\Run: [POP Peeper] => C:\Program Files (x86)\POP Peeper\POPPeeper.exe [2792568 2019-08-29] (Esumsoft -> Esumsoft)
HKU\S-1-5-21-2665017104-2237686660-164763984-1000\...\Run: [Spotify] => C:\Users\Camilo\AppData\Roaming\Spotify\Spotify.exe [24274336 2019-09-17] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-2665017104-2237686660-164763984-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Bubbles.scr [807424 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\77.0.3865.90\Installer\chrmstp.exe [2019-09-18] (Google LLC -> Google LLC)
AppInit_DLLs: C:\WINDOWS\system32\DriverStore\FileRepository\nvsmwu.inf_amd64_40e2f893a8ddfad8\nvinitx.dll => C:\WINDOWS\system32\DriverStore\FileRepository\nvsmwu.inf_amd64_40e2f893a8ddfad8\nvinitx.dll [183144 2017-01-17] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\system32\DriverStore\FileRepository\nvsmwu.inf_amd64_40e2f893a8ddfad8\nvinit.dll => C:\WINDOWS\system32\DriverStore\FileRepository\nvsmwu.inf_amd64_40e2f893a8ddfad8\nvinit.dll [161016 2017-01-17] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00A17185-AFB2-49F3-87F5-8DAEFF13B0E5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe
Task: {04331B45-FE3B-468B-AED7-9436394B4B5A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1236048 2019-07-24] (Adobe Inc. -> Adobe Systems)
Task: {07074861-508E-4E4E-B1B7-C0E88FD11726} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe
Task: {07A15E74-75CD-44B7-B559-E323663D233C} - System32\Tasks\{38652DDC-AE93-49AD-B712-C253BA416318} => C:\WINDOWS\system32\pcalua.exe -a D:\SETUP.EXE -d D:\ -c /AUTORUN
Task: {0983BFC6-D3B7-4AC8-8E13-69AA63838D2B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {1658AF2D-336E-4002-B1E7-DAA7ACC22471} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
Task: {25405CCD-DE28-4D7A-9E3A-7E3322934BD4} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [646592 2017-02-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3694259C-6765-49A7-9923-2E2C8340F4DD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-02-25] (Google Inc -> Google Inc.)
Task: {4579ECAF-FC91-4DD5-97CD-37A92B79D9CE} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Camilo\Downloads\esetonlinescanner_enu (3).exe [7657592 2019-02-02] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {51247A5B-3A95-490D-B808-E5F58BB209C1} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [717248 2017-02-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {58C4D71A-A364-4DD5-8186-68C3EE8AF2EB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe
Task: {6262A7E5-80B3-47D2-8710-5710F250556C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe
Task: {68814BD6-0307-4CFB-B61D-E497C57CC851} - System32\Tasks\HPCeeScheduleForCamilo => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [96568 2015-06-16] (Hewlett-Packard Company -> Hewlett-Packard)
Task: {75372F51-BA4A-47E4-8CFE-605EC291DF4D} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Camilo\Downloads\esetonlinescanner_enu (3).exe [7657592 2019-02-02] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {75D02743-4BCC-49A2-A7E0-BFA84FFE9E53} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {7DAF959A-A7A8-4FE7-BA14-FB3B2AC1288D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-02-25] (Google Inc -> Google Inc.)
Task: {7F4A4F96-152D-4DA6-B11B-59A546D01944} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-02-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {860EE11B-0395-4886-992B-4026DB58449C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1908.7-0\MpCmdRun.exe [467880 2019-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {90022E33-C203-4FD7-B364-8D52D38FE9EC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe
Task: {99055F11-F71B-405E-852E-59586499FAB6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1908.7-0\MpCmdRun.exe [467880 2019-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AFD0AF72-5AF1-4BD8-8444-7EC14682196F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1908.7-0\MpCmdRun.exe [467880 2019-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BF19A091-1332-400A-84AD-1CAAE60CD214} - System32\Tasks\HPCustParticipation HP DeskJet 3630 series => C:\Program Files\HP\HP DeskJet 3630 series\Bin\HPCustPartic.exe [6438536 2017-02-08] (Hewlett Packard -> HP Inc.)
Task: {C347B51B-1B79-4C2A-B664-4A5642694E11} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [945600 2017-02-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CCFB195C-BCA8-4E64-9732-F7AAAC6A341E} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [436160 2017-02-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D353BA47-69EB-4D99-845D-CE59CA5EA41F} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [717248 2017-02-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D461DC29-09DF-4BC2-AF8F-24967E22A278} - System32\Tasks\Opera scheduled Autoupdate 1444456389 => C:\Program Files (x86)\Opera\launcher.exe [1348632 2019-09-18] (Opera Software AS -> Opera Software)
Task: {E7DAD4D5-8B18-4294-83C5-15B4FC65588C} - System32\Tasks\HPCustParticipation HP Deskjet 1510 series => C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPCustPartic.exe [5745672 2014-03-06] (Hewlett Packard -> Hewlett-Packard Co.)
Task: {EAEEDC89-3FE8-4EEC-ADC8-3C1F84D292CF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1908.7-0\MpCmdRun.exe [467880 2019-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F28B8E84-3D28-4912-8604-F5A61F884E98} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [646592 2017-02-23] (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\HPCeeScheduleForCamilo.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{11679750-d21a-44d1-8891-44048bbd542c}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{8808ba8a-d705-48d3-a16e-dff1c958c936}: [DhcpNameServer] 192.168.1.1 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-2665017104-2237686660-164763984-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.co.uk/
BHO-x32: AcroIEHlprObj Class -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [2001-04-16] (Adobe Systems, Incorporated -> )
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\ssv.dll [2019-09-01] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\jp2ssv.dll [2019-09-01] (Oracle America, Inc. -> Oracle Corporation)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-2665017104-2237686660-164763984-1000 -> hxxp://google.co.uk/

FireFox:
========
FF DefaultProfile: 1jggpe4f.default
FF ProfilePath: C:\Users\Camilo\AppData\Roaming\Mozilla\Firefox\Profiles\1jggpe4f.default [2019-09-19]
FF Homepage: Mozilla\Firefox\Profiles\1jggpe4f.default -> hxxps://www.google.co.uk/?gws_rd=ssl
FF Extension: (Firebug) - C:\Users\Camilo\AppData\Roaming\Mozilla\Firefox\Profiles\1jggpe4f.default\Extensions\[email protected] [2017-03-08] [Legacy]
FF Extension: (Valence) - C:\Users\Camilo\AppData\Roaming\Mozilla\Firefox\Profiles\1jggpe4f.default\Extensions\[email protected] [2017-08-07] [Legacy]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\ProgramData\Wondershare\Video Converter Ultimate\[email protected]_xpi
FF Extension: (Wondershare Video Converter Ultimate) - C:\ProgramData\Wondershare\Video Converter Ultimate\[email protected]_xpi [2016-11-18] [Legacy]
FF Plugin-x32: @Java.com/DTPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll [2019-09-01] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @Java.com/JavaPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\plugin2\npjp2.dll [2019-09-01] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-07-31] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2665017104-2237686660-164763984-1000: SkypePlugin -> C:\Users\Camilo\AppData\Local\SkypePlugin\7.32.6.278\npGatewayNpapi.dll [2017-04-18] (Microsoft Corporation -> Skype Technologies S.A.)
FF Plugin HKU\S-1-5-21-2665017104-2237686660-164763984-1000: SkypePlugin64 -> C:\Users\Camilo\AppData\Local\SkypePlugin\7.32.6.278\npGatewayNpapi-x64.dll [2017-04-18] (Microsoft Corporation -> Skype Technologies S.A.)

Chrome:
=======
CHR HomePage: Default -> msn.com
CHR StartupUrls: Default -> "hxxps://www.google.pt/search?q=google+chrome+start+page&oq=google+chrome+start+page&aqs=chrome..69i57j0l5.6076j0j4&sourceid=chrome&ie=UTF-8","hxxps://support.google.com/chrome/answer/2765944","chrome://settings/cleanup","hxxps://www.google.pt/search?ei=tGxCW7LgEsfKwALB473wAQ&q=how+to+set+chrome+homepage&oq=how+to+set+chrome+homepage&gs_l=psy-ab.3..0i7i30i19k1l5j0i7i10i30i19k1j0i7i30i19k1l3j0i19k1.4298.4868.0.5762.3.3.0.0.0.0.150.416.0j3.3.0....0...1c.1.64.psy-ab..0.3.415...0i7i30k1j0i7i10i30k1.0.y_B7Yw1FRwM","hxxps://support.google.com/chromebook/answer/95314?hl=en"
CHR Profile: C:\Users\Camilo\AppData\Local\Google\Chrome\User Data\Default [2019-09-22]
CHR Extension: (Google Drive) - C:\Users\Camilo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-22]
CHR Extension: (YouTube) - C:\Users\Camilo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-02-25]
CHR Extension: (Transfer data • mozillaZine Forums) - C:\Users\Camilo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmfgeiaighlaenofogaceniecknhlakn [2018-03-03]
CHR Extension: (Adobe Acrobat) - C:\Users\Camilo\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-08-29]
CHR Extension: (Google Play Music) - C:\Users\Camilo\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2018-10-01]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Camilo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\Camilo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-02]
CHR Extension: (Chrome Media Router) - C:\Users\Camilo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-09-17]
CHR Extension: (Streak CRM for Gmail) - C:\Users\Camilo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnnfemgpilpdaojpnkjdgfgbnnjojfik [2019-09-14]
CHR HKU\S-1-5-21-2665017104-2237686660-164763984-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ETDService; C:\Program Files\Elantech\ETDService.exe [129752 2016-11-11] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [109024 2017-07-19] (Panda Security S.L. -> Panda Security, S.L.)
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [84176 2019-02-19] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [48784 2017-07-19] (Panda Security S.L. -> Panda Security, S.L.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1908.7-0\NisSrv.exe [3630832 2019-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1908.7-0\MsMpEng.exe [103168 2019-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.3.1.1\WsAppService.exe [437392 2016-10-10] (Wondershare software CO., LIMITED -> Wondershare)
S2 HPSupportSolutionsFrameworkService; "C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe" [X]
S2 HPTouchpointAnalyticsService; "C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe" [X]
R2 NvContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000
S3 NvContainerNetworkService; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerNetworkService -f "C:\ProgramData\NVIDIA\NvContainerNetworkService.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\NetworkService" -r -p 30000
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 ETDSMBus; C:\WINDOWS\system32\DRIVERS\ETDSMBus.sys [32328 2015-09-21] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronic Corp.)
R1 NNSALPC; C:\WINDOWS\system32\DRIVERS\NNSALPC.sys [106976 2017-04-07] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSHTTP; C:\WINDOWS\system32\DRIVERS\NNSHTTP.sys [211936 2017-04-07] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSHTTPS; C:\WINDOWS\system32\DRIVERS\NNSHTTPS.sys [121312 2017-04-07] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSIDS; C:\WINDOWS\system32\DRIVERS\NNSIDS.sys [125920 2017-04-07] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSNAHSL; C:\WINDOWS\system32\DRIVERS\NNSNAHSL.sys [89960 2017-03-17] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPICC; C:\WINDOWS\system32\DRIVERS\NNSPICC.sys [118240 2017-04-07] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPIHSW; C:\WINDOWS\system32\DRIVERS\NNSPIHSW.sys [91104 2017-04-07] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPOP3; C:\WINDOWS\system32\DRIVERS\NNSPOP3.sys [135648 2017-04-07] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPROT; C:\WINDOWS\system32\DRIVERS\NNSPROT.sys [336352 2017-04-07] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPRV; C:\WINDOWS\system32\DRIVERS\NNSPRV.sys [226272 2017-04-07] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSSMTP; C:\WINDOWS\system32\DRIVERS\NNSSMTP.sys [123360 2017-04-07] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSSTRM; C:\WINDOWS\system32\DRIVERS\NNSSTRM.sys [280032 2017-04-07] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSTLSC; C:\WINDOWS\system32\DRIVERS\NNSTLSC.sys [125408 2017-04-07] (Panda Security S.L. -> Panda Security, S.L.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvsmwu.inf_amd64_40e2f893a8ddfad8\nvlddmkm.sys [14190520 2017-01-17] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2017-02-23] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [46016 2017-02-23] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-02-23] (NVIDIA Corporation -> NVIDIA Corporation)
R2 PSINAflt; C:\WINDOWS\system32\DRIVERS\PSINAflt.sys [179168 2017-07-19] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINFile; C:\WINDOWS\System32\DRIVERS\PSINFile.sys [140256 2017-07-19] (Panda Security S.L. -> Panda Security, S.L.)
R1 PSINKNC; C:\WINDOWS\system32\DRIVERS\PSINKNC.sys [207328 2017-07-19] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINProc; C:\WINDOWS\System32\DRIVERS\PSINProc.sys [133600 2017-07-19] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINProt; C:\WINDOWS\system32\DRIVERS\PSINProt.sys [146912 2017-07-19] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINReg; C:\WINDOWS\system32\DRIVERS\PSINReg.sys [117216 2017-07-19] (Panda Security S.L. -> Panda Security, S.L.)
S3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [72648 2017-05-22] (Panda Security S.L. -> Panda Security, S.L.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [711968 2019-06-04] (Realtek Semiconductor Corp. -> Realtek )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46472 2019-09-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [346336 2019-09-17] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (NGO -> MBB)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2019-09-17] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-09-22 12:17 - 2019-09-22 12:17 - 000006305 _____ C:\Users\Camilo\Documents\Almoço sem glúten (F).eml
2019-09-21 19:49 - 2019-09-21 19:49 - 000204496 _____ (Malwarebytes) C:\Users\Camilo\Downloads\startuplite-setup-1.07 (1).exe
2019-09-21 19:47 - 2019-09-21 19:47 - 000204496 _____ (Malwarebytes) C:\Users\Camilo\Downloads\startuplite-setup-1.07.exe
2019-09-21 15:38 - 2019-09-21 15:38 - 000000107 _____ C:\Users\Camilo\Downloads\jazzy.txt
2019-09-20 18:02 - 2019-09-20 18:02 - 000000000 ___HD C:\OneDriveTemp
2019-09-19 18:16 - 2019-09-19 18:21 - 000000000 ____D C:\Users\Camilo\Desktop\EYES
2019-09-19 18:15 - 2019-09-19 18:22 - 000000000 ____D C:\Users\Camilo\Desktop\EDP
2019-09-19 18:02 - 2019-09-20 22:04 - 000000000 ____D C:\Users\Camilo\Desktop\Desktop 2019
2019-09-19 07:33 - 2019-09-19 07:33 - 004876600 _____ C:\Users\Camilo\Downloads\POPPeeperPro-Install (11).exe
2019-09-18 09:27 - 2019-09-18 09:27 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2019-09-17 17:36 - 2019-09-17 17:36 - 007622344 _____ (Malwarebytes) C:\Users\Camilo\Downloads\AdwCleaner (2).exe
2019-09-17 17:36 - 2019-09-17 17:36 - 007622344 _____ (Malwarebytes) C:\Users\Camilo\Desktop\AdwCleaner (2).exe
2019-09-17 07:10 - 2019-09-17 07:15 - 000622832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp140_clr0400.dll
2019-09-17 07:10 - 2019-09-17 07:15 - 000433448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp140_clr0400.dll
2019-09-17 07:10 - 2019-09-17 07:15 - 000087296 _____ (Microsoft Corporation) C:\WINDOWS\system32\vcruntime140_clr0400.dll
2019-09-17 07:10 - 2019-09-17 07:15 - 000083768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vcruntime140_clr0400.dll
2019-09-17 07:10 - 2019-09-17 07:15 - 000017968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr100_clr0400.dll
2019-09-17 07:10 - 2019-09-17 07:15 - 000017968 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr100_clr0400.dll
2019-09-17 07:10 - 2019-09-17 07:14 - 000032816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2019-09-17 07:10 - 2019-09-17 07:14 - 000029232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll
2019-09-17 07:09 - 2019-09-17 07:15 - 000772176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_clr0400.dll
2019-09-17 07:09 - 2019-09-17 07:15 - 000702400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase_clr0400.dll
2019-09-17 06:44 - 2019-09-16 15:59 - 000835480 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-09-17 06:44 - 2019-09-16 15:59 - 000179816 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-09-16 15:47 - 2019-09-16 15:47 - 012244992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-09-16 15:47 - 2019-09-16 15:47 - 007921664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-09-16 15:47 - 2019-09-16 15:47 - 005436696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-09-16 15:47 - 2019-09-16 15:47 - 004488192 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2019-09-16 15:47 - 2019-09-16 15:47 - 003550384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-09-16 15:47 - 2019-09-16 15:47 - 003442176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2019-09-16 15:47 - 2019-09-16 15:47 - 002469432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-09-16 15:47 - 2019-09-16 15:47 - 002323696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2019-09-16 15:47 - 2019-09-16 15:47 - 002099752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2019-09-16 15:47 - 2019-09-16 15:47 - 001604760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2019-09-16 15:47 - 2019-09-16 15:47 - 001521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2019-09-16 15:47 - 2019-09-16 15:47 - 001312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-09-16 15:47 - 2019-09-16 15:47 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2019-09-16 15:47 - 2019-09-16 15:47 - 001297120 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2019-09-16 15:47 - 2019-09-16 15:47 - 001075832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2019-09-16 15:47 - 2019-09-16 15:47 - 000798736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2019-09-16 15:47 - 2019-09-16 15:47 - 000690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2019-09-16 15:47 - 2019-09-16 15:47 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-09-16 15:47 - 2019-09-16 15:47 - 000349144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2019-09-16 15:47 - 2019-09-16 15:47 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll
2019-09-16 15:46 - 2019-09-16 15:47 - 020817408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 026808320 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 023453696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 019011584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 015221248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 012939776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 008903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 007871488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 006542464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 006444544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 006310064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 006065664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 005597808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 004874752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 003821728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-09-16 15:46 - 2019-09-16 15:46 - 003702784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 003490816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 003096576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 002924344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-09-16 15:46 - 2019-09-16 15:46 - 002871608 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2019-09-16 15:46 - 2019-09-16 15:46 - 002779488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 002700784 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 002693120 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 002279296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 002127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 002086400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 002073240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 001994768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 001899152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 001864192 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 001782272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 001764352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 001687552 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 001674480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 001668752 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 001655976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 001573240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 001484592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 001465472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 001388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 001309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 001272560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ttdrecordcpu.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 001221528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2019-09-16 15:46 - 2019-09-16 15:46 - 001180248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 001132032 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 001098136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 001071616 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2019-09-16 15:46 - 2019-09-16 15:46 - 001047552 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 000988672 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 000968192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 000948224 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 000914432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 000883200 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 000833024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 000807760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-09-16 15:46 - 2019-09-16 15:46 - 000794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 000793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 000782968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 000779776 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2019-09-16 15:46 - 2019-09-16 15:46 - 000774968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Services.TargetedContent.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 000773632 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 000736056 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 000682496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 000660544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-09-16 15:46 - 2019-09-16 15:46 - 000652832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 000637752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 000626176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 000622392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 000605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 000589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 000554000 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 000540240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 000535056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2019-09-16 15:46 - 2019-09-16 15:46 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-09-16 15:46 - 2019-09-16 15:46 - 000515960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 000515152 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 000489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResourceMapper.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 000480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 000450872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 000449376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 000449024 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 000439808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 000425472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 000409256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 000386048 _____ (curl, hxxps://curl.haxx.se/) C:\WINDOWS\SysWOW64\curl.exe
2019-09-16 15:46 - 2019-09-16 15:46 - 000360960 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-09-16 15:46 - 2019-09-16 15:46 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 000322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 000313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 000279416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 000272648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ttdwriter.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 000195224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityCenterBroker.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 000177176 _____ (Microsoft Corporation) C:\WINDOWS\system32\imm32.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\NcaSvc.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 000168248 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 000144080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imm32.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 000140088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 000106048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2019-09-16 15:46 - 2019-09-16 15:46 - 000098080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Display.BrightnessOverride.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvsetup.dll
2019-09-16 15:46 - 2019-09-16 15:46 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2019-09-16 15:46 - 2019-09-16 15:46 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ComputerDefaults.exe
2019-09-16 15:46 - 2019-09-16 15:46 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ComputerDefaults.exe
2019-09-16 15:45 - 2019-09-16 15:46 - 000740904 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2019-09-16 15:45 - 2019-09-16 15:45 - 022124760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-09-16 15:45 - 2019-09-16 15:45 - 017484800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-09-16 15:45 - 2019-09-16 15:45 - 009679672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-09-16 15:45 - 2019-09-16 15:45 - 007886848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-09-16 15:45 - 2019-09-16 15:45 - 007645392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-09-16 15:45 - 2019-09-16 15:45 - 005573232 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-09-16 15:45 - 2019-09-16 15:45 - 005569024 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-09-16 15:45 - 2019-09-16 15:45 - 004588752 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-09-16 15:45 - 2019-09-16 15:45 - 004353016 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-09-16 15:45 - 2019-09-16 15:45 - 004056576 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-09-16 15:45 - 2019-09-16 15:45 - 003634688 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-09-16 15:45 - 2019-09-16 15:45 - 003385856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-09-16 15:45 - 2019-09-16 15:45 - 003082752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-09-16 15:45 - 2019-09-16 15:45 - 002879488 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2019-09-16 15:45 - 2019-09-16 15:45 - 002421248 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-09-16 15:45 - 2019-09-16 15:45 - 002233688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2019-09-16 15:45 - 2019-09-16 15:45 - 002192384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-09-16 15:45 - 2019-09-16 15:45 - 002085168 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-09-16 15:45 - 2019-09-16 15:45 - 001966096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-09-16 15:45 - 2019-09-16 15:45 - 001929728 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-09-16 15:45 - 2019-09-16 15:45 - 001904128 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-09-16 15:45 - 2019-09-16 15:45 - 001721360 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-09-16 15:45 - 2019-09-16 15:45 - 001702096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-09-16 15:45 - 2019-09-16 15:45 - 001641400 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-09-16 15:45 - 2019-09-16 15:45 - 001608192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-09-16 15:45 - 2019-09-16 15:45 - 001563880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdrecordcpu.dll
2019-09-16 15:45 - 2019-09-16 15:45 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2019-09-16 15:45 - 2019-09-16 15:45 - 001472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-09-16 15:45 - 2019-09-16 15:45 - 001388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2019-09-16 15:45 - 2019-09-16 15:45 - 001344960 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-09-16 15:45 - 2019-09-16 15:45 - 001331536 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-09-16 15:45 - 2019-09-16 15:45 - 001318400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-09-16 15:45 - 2019-09-16 15:45 - 001256960 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2019-09-16 15:45 - 2019-09-16 15:45 - 001182240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-09-16 15:45 - 2019-09-16 15:45 - 001171968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2019-09-16 15:45 - 2019-09-16 15:45 - 001081656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Services.TargetedContent.dll
2019-09-16 15:45 - 2019-09-16 15:45 - 001054952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-09-16 15:45 - 2019-09-16 15:45 - 001052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-09-16 15:45 - 2019-09-16 15:45 - 001010688 _____ (Microsoft Corporation) C:\WINDOWS\system32\refsutil.exe
2019-09-16 15:45 - 2019-09-16 15:45 - 000900096 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2019-09-16 15:45 - 2019-09-16 15:45 - 000888120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pidgenx.dll
2019-09-16 15:45 - 2019-09-16 15:45 - 000848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Signals.dll
2019-09-16 15:45 - 2019-09-16 15:45 - 000811024 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2019-09-16 15:45 - 2019-09-16 15:45 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2019-09-16 15:45 - 2019-09-16 15:45 - 000764416 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-09-16 15:45 - 2019-09-16 15:45 - 000749568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-09-16 15:45 - 2019-09-16 15:45 - 000741392 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2019-09-16 15:45 - 2019-09-16 15:45 - 000736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockController.dll
2019-09-16 15:45 - 2019-09-16 15:45 - 000689664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2019-09-16 15:45 - 2019-09-16 15:45 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2019-09-16 15:45 - 2019-09-16 15:45 - 000616448 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-09-16 15:45 - 2019-09-16 15:45 - 000606088 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2019-09-16 15:45 - 2019-09-16 15:45 - 000604344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-09-16 15:45 - 2019-09-16 15:45 - 000595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-09-16 15:45 - 2019-09-16 15:45 - 000591160 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-09-16 15:45 - 2019-09-16 15:45 - 000585184 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2019-09-16 15:45 - 2019-09-16 15:45 - 000574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-09-16 15:45 - 2019-09-16 15:45 - 000572416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2019-09-16 15:45 - 2019-09-16 15:45 - 000558592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2019-09-16 15:45 - 2019-09-16 15:45 - 000519168 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-09-16 15:45 - 2019-09-16 15:45 - 000505128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2019-09-16 15:45 - 2019-09-16 15:45 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2019-09-16 15:45 - 2019-09-16 15:45 - 000484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2019-09-16 15:45 - 2019-09-16 15:45 - 000464912 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2019-09-16 15:45 - 2019-09-16 15:45 - 000435712 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2019-09-16 15:45 - 2019-09-16 15:45 - 000421376 _____ (curl, hxxps://curl.haxx.se/) C:\WINDOWS\system32\curl.exe
2019-09-16 15:45 - 2019-09-16 15:45 - 000405304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2019-09-16 15:45 - 2019-09-16 15:45 - 000378368 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2019-09-16 15:45 - 2019-09-16 15:45 - 000351432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2019-09-16 15:45 - 2019-09-16 15:45 - 000347576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll
2019-09-16 15:45 - 2019-09-16 15:45 - 000346624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-09-16 15:45 - 2019-09-16 15:45 - 000330672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdwriter.dll
2019-09-16 15:45 - 2019-09-16 15:45 - 000330592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2019-09-16 15:45 - 2019-09-16 15:45 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-09-16 15:45 - 2019-09-16 15:45 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2019-09-16 15:45 - 2019-09-16 15:45 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2019-09-16 15:45 - 2019-09-16 15:45 - 000275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2019-09-16 15:45 - 2019-09-16 15:45 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2019-09-16 15:45 - 2019-09-16 15:45 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ManagePhone.dll
2019-09-16 15:45 - 2019-09-16 15:45 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2019-09-16 15:45 - 2019-09-16 15:45 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2019-09-16 15:45 - 2019-09-16 15:45 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ptpprov.dll
2019-09-16 15:45 - 2019-09-16 15:45 - 000190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2019-09-16 15:45 - 2019-09-16 15:45 - 000164152 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2019-09-16 15:45 - 2019-09-16 15:45 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-09-16 15:45 - 2019-09-16 15:45 - 000140600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2019-09-16 15:45 - 2019-09-16 15:45 - 000130872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Display.BrightnessOverride.dll
2019-09-16 15:45 - 2019-09-16 15:45 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Storage.dll
2019-09-16 15:45 - 2019-09-16 15:45 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2019-09-16 15:45 - 2019-09-16 15:45 - 000120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2019-09-16 15:45 - 2019-09-16 15:45 - 000120344 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2019-09-16 15:45 - 2019-09-16 15:45 - 000099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsiCx.sys
2019-09-16 15:45 - 2019-09-16 15:45 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2019-09-16 15:45 - 2019-09-16 15:45 - 000071696 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2019-09-16 15:45 - 2019-09-16 15:45 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2019-09-16 15:45 - 2019-09-16 15:45 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ws2ifsl.sys
2019-09-16 15:44 - 2019-09-16 15:44 - 007690648 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-09-16 15:44 - 2019-09-16 15:44 - 003333984 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-09-16 15:44 - 2019-09-16 15:44 - 002706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-09-16 15:44 - 2019-09-16 15:44 - 002645504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2019-09-16 15:44 - 2019-09-16 15:44 - 002593032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-09-16 15:44 - 2019-09-16 15:44 - 001893376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2019-09-16 15:44 - 2019-09-16 15:44 - 001743168 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2019-09-16 15:44 - 2019-09-16 15:44 - 001387512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2019-09-16 15:44 - 2019-09-16 15:44 - 001294280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-09-16 15:44 - 2019-09-16 15:44 - 001253688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-09-16 15:44 - 2019-09-16 15:44 - 001191512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2019-09-16 15:44 - 2019-09-16 15:44 - 001048888 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-09-16 15:44 - 2019-09-16 15:44 - 001022824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2019-09-16 15:44 - 2019-09-16 15:44 - 000865576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-09-16 15:44 - 2019-09-16 15:44 - 000851272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-09-16 15:44 - 2019-09-16 15:44 - 000806568 _____ C:\WINDOWS\SysWOW64\locale.nls
2019-09-16 15:44 - 2019-09-16 15:44 - 000806568 _____ C:\WINDOWS\system32\locale.nls
2019-09-16 15:44 - 2019-09-16 15:44 - 000793824 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-09-16 15:44 - 2019-09-16 15:44 - 000791352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2019-09-16 15:44 - 2019-09-16 15:44 - 000774192 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2019-09-16 15:44 - 2019-09-16 15:44 - 000773632 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2019-09-16 15:44 - 2019-09-16 15:44 - 000751928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2019-09-16 15:44 - 2019-09-16 15:44 - 000675096 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2019-09-16 15:44 - 2019-09-16 15:44 - 000652600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-09-16 15:44 - 2019-09-16 15:44 - 000652304 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-09-16 15:44 - 2019-09-16 15:44 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32time.dll
2019-09-16 15:44 - 2019-09-16 15:44 - 000607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2019-09-16 15:44 - 2019-09-16 15:44 - 000603784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-09-16 15:44 - 2019-09-16 15:44 - 000532192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2019-09-16 15:44 - 2019-09-16 15:44 - 000520208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Vid.sys
2019-09-16 15:44 - 2019-09-16 15:44 - 000513336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2019-09-16 15:44 - 2019-09-16 15:44 - 000511288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2019-09-16 15:44 - 2019-09-16 15:44 - 000506200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-09-16 15:44 - 2019-09-16 15:44 - 000415544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2019-09-16 15:44 - 2019-09-16 15:44 - 000402368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2019-09-16 15:44 - 2019-09-16 15:44 - 000398336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\HdAudio.sys
2019-09-16 15:44 - 2019-09-16 15:44 - 000398208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2019-09-16 15:44 - 2019-09-16 15:44 - 000294728 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2019-09-16 15:44 - 2019-09-16 15:44 - 000273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-09-16 15:44 - 2019-09-16 15:44 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32tm.exe
2019-09-16 15:44 - 2019-09-16 15:44 - 000240128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2019-09-16 15:44 - 2019-09-16 15:44 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\w32tm.exe
2019-09-16 15:44 - 2019-09-16 15:44 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2019-09-16 15:44 - 2019-09-16 15:44 - 000202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecureTimeAggregator.dll
2019-09-16 15:44 - 2019-09-16 15:44 - 000164504 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
2019-09-16 15:44 - 2019-09-16 15:44 - 000163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2019-09-16 15:44 - 2019-09-16 15:44 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2019-09-16 15:44 - 2019-09-16 15:44 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvsetup.dll
2019-09-16 15:44 - 2019-09-16 15:44 - 000090632 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-09-16 15:44 - 2019-09-16 15:44 - 000087056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhvr.sys
2019-09-16 15:44 - 2019-09-16 15:44 - 000036152 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2019-09-16 15:44 - 2019-09-16 15:44 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsiAcpiClient.sys
2019-09-16 15:44 - 2019-09-16 15:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-09-16 15:44 - 2019-09-16 15:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-09-16 15:44 - 2019-09-16 15:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-09-16 15:44 - 2019-09-16 15:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-09-16 15:44 - 2019-09-16 15:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-09-16 15:44 - 2019-09-16 15:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-09-16 15:44 - 2019-09-16 15:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-09-16 15:44 - 2019-09-16 15:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2019-09-16 07:22 - 2019-09-16 07:28 - 000022284 _____ C:\Users\Camilo\Desktop\Fixlog.txt
2019-09-16 07:12 - 2019-09-22 12:21 - 000000000 ____D C:\Users\Camilo\Desktop\FRST-OlderVersion
2019-09-14 09:30 - 2019-09-14 09:34 - 000048311 _____ C:\Users\Camilo\Desktop\Addition.txt
2019-09-14 09:25 - 2019-09-22 12:25 - 000029773 _____ C:\Users\Camilo\Desktop\FRST.txt
2019-09-14 09:24 - 2019-09-22 12:21 - 001615360 _____ (Farbar) C:\Users\Camilo\Desktop\FRST64 (2).exe
2019-09-14 09:23 - 2019-09-14 09:23 - 001614848 _____ (Farbar) C:\Users\Camilo\Downloads\FRST64 (2).exe
2019-09-06 12:54 - 2019-09-06 12:54 - 000000107 _____ C:\Users\Camilo\Desktop\jazzy.txt
2019-09-01 08:35 - 2019-09-01 08:35 - 010186969 _____ C:\Users\Camilo\Downloads\Corto .webm
2019-09-01 08:35 - 2019-09-01 08:35 - 010186969 _____ C:\Users\Camilo\Downloads\Corto (1).webm
2019-09-01 08:23 - 2019-09-01 08:23 - 000008725 _____ C:\Users\Camilo\Downloads\Untitled (2)
2019-09-01 08:23 - 2019-09-01 08:23 - 000008725 _____ C:\Users\Camilo\Downloads\Untitled (1)
2019-09-01 08:22 - 2019-09-01 08:22 - 000008725 _____ C:\Users\Camilo\Downloads\Untitled
2019-09-01 08:20 - 2019-09-01 08:20 - 000133002 _____ C:\Users\Camilo\Downloads\Yahoo Mail - EDP.pdf

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-09-22 12:25 - 2015-11-17 17:50 - 000000000 ____D C:\ProgramData\NVIDIA
2019-09-22 12:23 - 2018-11-27 13:42 - 000000000 ____D C:\Users\Camilo\AppData\Roaming\Spotify
2019-09-22 12:21 - 2018-03-21 08:42 - 000000000 ____D C:\FRST
2019-09-22 12:16 - 2019-04-09 22:36 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-09-22 12:14 - 2018-09-15 08:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-09-22 09:14 - 2019-08-14 15:14 - 000000356 _____ C:\WINDOWS\Tasks\HPCeeScheduleForCamilo.job
2019-09-21 22:36 - 2015-08-05 01:03 - 000000000 ___RD C:\Users\Camilo\OneDrive
2019-09-21 22:34 - 2019-04-09 23:12 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-09-21 22:33 - 2018-09-15 07:09 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-09-21 20:08 - 2015-08-05 17:10 - 000000000 ____D C:\Users\Camilo\AppData\Roaming\POP Peeper
2019-09-21 12:36 - 2018-04-29 10:15 - 000000252 _____ C:\Users\Camilo\Desktop\Words.txt
2019-09-20 17:48 - 2018-09-15 08:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-09-20 17:48 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-09-20 17:46 - 2019-07-14 19:33 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-09-20 17:46 - 2015-08-06 18:44 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-09-20 17:44 - 2019-04-09 22:43 - 000000000 ____D C:\Users\Camilo
2019-09-20 17:43 - 2015-08-11 07:42 - 000000000 ____D C:\Users\Camilo\AppData\Roaming\Hewlett-Packard
2019-09-20 17:43 - 2015-08-11 07:35 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2019-09-20 17:43 - 2015-08-08 16:01 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2019-09-20 14:29 - 2017-06-29 20:13 - 000001149 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera Browser.lnk
2019-09-20 14:29 - 2015-08-23 12:52 - 000000000 ____D C:\Program Files (x86)\Opera
2019-09-20 11:19 - 2018-11-27 13:43 - 000000000 ____D C:\Users\Camilo\AppData\Local\Spotify
2019-09-20 09:33 - 2019-04-09 22:43 - 000002366 _____ C:\Users\Camilo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-09-19 18:53 - 2019-02-16 20:07 - 000000000 ____D C:\Users\Camilo\Desktop\Tax
2019-09-19 18:52 - 2019-02-16 20:31 - 000000000 ____D C:\Users\Camilo\Desktop\Dance
2019-09-19 14:15 - 2019-04-16 23:16 - 000000000 ____D C:\WINDOWS\Minidump
2019-09-19 10:00 - 2017-08-07 06:23 - 000000000 ____D C:\Users\Camilo\AppData\LocalLow\Mozilla
2019-09-19 09:58 - 2015-08-23 12:33 - 000001216 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-09-19 06:52 - 2018-09-15 08:31 - 000000000 ____D C:\WINDOWS\INF
2019-09-18 22:44 - 2017-02-25 13:51 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-09-18 09:26 - 2017-08-07 08:36 - 000000000 ____D C:\ProgramData\HP
2019-09-18 09:26 - 2015-08-11 07:43 - 000000000 ____D C:\Program Files\HP
2019-09-18 09:25 - 2015-08-11 07:38 - 000000000 ____D C:\Users\Camilo\AppData\Local\Hewlett-Packard
2019-09-18 07:09 - 2018-09-15 08:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-09-17 07:34 - 2019-04-09 22:56 - 001672192 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-09-17 07:34 - 2019-04-09 18:46 - 000742444 _____ C:\WINDOWS\system32\prfh0816.dat
2019-09-17 07:34 - 2019-04-09 18:46 - 000144514 _____ C:\WINDOWS\system32\prfc0816.dat
2019-09-17 07:09 - 2018-05-26 06:38 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-09-17 06:45 - 2017-11-23 07:39 - 000000000 ___RD C:\Users\Camilo\3D Objects
2019-09-17 06:45 - 2015-08-05 01:00 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-09-17 01:45 - 2019-04-09 22:36 - 000371064 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-09-17 01:41 - 2018-09-15 08:33 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2019-09-17 01:41 - 2018-09-15 08:33 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2019-09-17 01:41 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-09-17 01:41 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-09-17 01:41 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-09-17 01:41 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\ShellComponents
2019-09-17 01:41 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-09-17 01:41 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-09-17 01:41 - 2018-09-15 07:09 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-09-16 07:30 - 2016-12-30 16:36 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2019-09-16 07:26 - 2015-08-08 19:53 - 000000000 ____D C:\Users\Camilo\AppData\LocalLow\Temp
2019-09-08 09:25 - 2015-08-06 18:44 - 000001266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2019-09-01 08:09 - 2016-03-31 14:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2019-09-01 08:09 - 2016-03-31 14:39 - 000000000 ____D C:\Program Files (x86)\Java
2019-09-01 08:07 - 2016-03-31 14:39 - 000098288 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2019-08-29 22:35 - 2019-04-09 16:33 - 000000000 ___DC C:\WINDOWS\Panther
2019-08-29 21:37 - 2019-04-09 23:10 - 000028578 _____ C:\WINDOWS\diagwrn.xml
2019-08-29 21:37 - 2019-04-09 23:10 - 000028578 _____ C:\WINDOWS\diagerr.xml
2019-08-29 18:14 - 2018-09-15 07:09 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2019-08-29 17:57 - 2019-03-19 08:02 - 000000000 ___HD C:\$WINDOWS.~BT
2019-08-29 15:14 - 2019-08-14 15:14 - 000003252 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForCamilo
2019-08-29 14:21 - 2015-11-18 08:53 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-08-29 14:20 - 2015-08-05 19:27 - 000741432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2019-08-25 08:02 - 2019-04-09 23:12 - 000004156 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{8CA0EB1A-2769-4A1E-A7D9-792AE159DF1B}

==================== Files in the root of some directories ================

2018-03-02 19:16 - 2018-03-02 19:16 - 000003584 _____ () C:\Users\Camilo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-07-07 09:50 - 2018-07-07 09:50 - 000004096 ____H () C:\Users\Camilo\AppData\Local\keyfile3.drm
2018-08-27 12:24 - 2018-08-27 12:24 - 000000218 _____ () C:\Users\Camilo\AppData\Local\recently-used.xbel

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================
Attached Files
File Type: txt Addition.txt (38.4 KB, 4 views)
qimqim is offline  
Old 09-23-2019, 11:29 AM   #27
Security Team Moderator
 
Join Date: Nov 2018
Location: US
Posts: 220
OS: Windows 10



Do you still receive the error message? If so, does it occur at a specific time/when you run a program?
iMacg3 is offline  
Old 09-23-2019, 03:05 PM   #28
Registered Member
 
Join Date: Dec 2006
Posts: 259
OS: Windows 10



It seemed to be connected to your own pages..., but has not returned since I posted last.
qimqim is offline  
Old 09-24-2019, 08:50 AM   #29
Security Team Moderator
 
Join Date: Nov 2018
Location: US
Posts: 220
OS: Windows 10



Hi qimqim,

Quote:
It seemed to be connected to your own pages..., but has not returned since I posted last.
Do you mean the Tech Support Forum website?

----------------------------------------------

How is the computer doing?
iMacg3 is offline  
Old 09-24-2019, 08:57 AM   #30
Registered Member
 
Join Date: Dec 2006
Posts: 259
OS: Windows 10



Well that happened repeatedly (closed one, another was already there) at a time I was dealing with the Tech Support Forum, but may have been due to something else that tried to download. I simply closed the pages, maybe 6/8 in all at same time.

the computer seems a lot better. As I said it still takes a long time to start, as if a scan is being done...

Is the last FRST results OK?
qimqim is offline  
Old 09-25-2019, 08:06 AM   #31
Security Team Moderator
 
Join Date: Nov 2018
Location: US
Posts: 220
OS: Windows 10



Hi qimqim ,

Your logs are clear of malware. Please do the following to boot your computer in Clean Boot mode.


---------------------------------------------------
Create a System Restore Point
  • Click the Start button, type sysdm.cpl, and press Enter.
  • Select the System Protection tab and click Create.
  • Enter a description for the restore point and select Create.
  • Once complete, close the System Restore window.

---------------------------------------------------
Clean Boot
  • Press the Windows Key + R. Type msconfig and click on OK.
  • msconfig will now open. Click on the Services tab, then check the Hide all Microsoft services box. Select Disable all.
  • Click on the Startup tab, then select Open Task Manager. In Task Manager, navigate to the Startup tab. Select each startup item and click Disable until all are disabled.
  • Close the Task Manager and return to MSConfig. Click OK and restart the computer.
  • Test your computer performance.
Let me know how the computer is doing in Clean Boot mode.
iMacg3 is offline  
Old 09-25-2019, 08:46 AM   #32
Registered Member
 
Join Date: Dec 2006
Posts: 259
OS: Windows 10



I've done that. How long should I test it for? 2/3 days?

Could you give me instructions for getting it back to where it was, please. I guess I go back to msconfig and do everything again the other way round.
qimqim is offline  
Old 09-26-2019, 02:23 AM   #33
Registered Member
 
Join Date: Dec 2006
Posts: 259
OS: Windows 10



Hi

I'm still running in Clean BOot mode. Too early to tell if it is better, especiALLY on start up.

I have found in MSconfig two suspicious entries: in services Wondershare Application frameqwork and in Startup delaypluinl

The Wondershare is mentioned in

https://h30434.www3.hp.com/t5/Notebo...e/td-p/6225611

What should I do?


Thank you
qimqim is offline  
Old 09-26-2019, 02:15 PM   #34
Security Team Moderator
 
Join Date: Nov 2018
Location: US
Posts: 220
OS: Windows 10



Hi qimqim,

To revert back to Normal Boot, you can navigate to System Restore and roll back to the restore point you created.

Both those entries are related to Wondershare Video Converter which is installed on your computer.
iMacg3 is offline  
Old 09-26-2019, 02:18 PM   #35
Registered Member
 
Join Date: Dec 2006
Posts: 259
OS: Windows 10



Should I leave the entries as it is?
qimqim is offline  
Old 09-27-2019, 09:31 AM   #36
Security Team Moderator
 
Join Date: Nov 2018
Location: US
Posts: 220
OS: Windows 10



Hi qimqim,

I'd recommend leaving the entries as they are. If you don't use Wondershare Video Converter you may uninstall it from the Start menu > Settings icon > Apps.

Let me know if the Clean Boot has made a difference in startup times.
iMacg3 is offline  
Old 09-27-2019, 09:42 AM   #37
Registered Member
 
Join Date: Dec 2006
Posts: 259
OS: Windows 10



Hi

Yes, starting up is faster and overall I am happy. Now, the question is: shall I leave it as it is or start suspending some of the start items?
qimqim is offline  
Old 09-28-2019, 01:25 AM   #38
Registered Member
 
Join Date: Dec 2006
Posts: 259
OS: Windows 10



Hi

I'm quite happy with the computer now. Could I not leave it as it is without rolling it back to the Restore Point?
qimqim is offline  
Old 09-29-2019, 05:49 PM   #39
Security Team Moderator
 
Join Date: Nov 2018
Location: US
Posts: 220
OS: Windows 10



Hi qimqim,

Please do the following to check which item(s) are causing the issues.

While in msconfig, check half the unchecked items and restart your computer.
If the issue re-appears, uncheck one item, restart your computer, and check if the problem goes away. Repeat as necessary.
If the issue does not re-appear, check one item, restart your computer, and check if the problem goes away. Repeat as necessary.

Let me know which program(s) is causing the issues.
iMacg3 is offline  
Old 10-02-2019, 08:18 AM   #40
Security Team Moderator
 
Join Date: Nov 2018
Location: US
Posts: 220
OS: Windows 10



Due to lack of response, this topic will now be closed.

If you need continued support, please begin a new thread, and provide a link to this topic. This applies only to the original topic starter. Everyone else please begin a New Topic, after following the steps outlined here:

https://www.techsupportforum.com/for...ns-305963.html
iMacg3 is offline  
 

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is on
Smilies are on
[IMG] code is on
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Post a Question


» Site Navigation
 > FAQ
  > 10.0.0.2
Powered by vBadvanced CMPS v3.2.3


All times are GMT -7. The time now is 06:22 AM.


Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2020, vBulletin Solutions, Inc.
vBulletin Security provided by vBSecurity v2.2.2 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
User Alert System provided by Advanced User Tagging v3.1.0 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
Copyright 2001 - 2018, Tech Support Forum

Windows 10 - Windows 7 - Windows XP - Windows Vista - Trojan Removal - Spyware Removal - Virus Removal - Networking - Security - Top Web Hosts