Go Back   Tech Support Forum > Security Center > Virus/Trojan/Spyware Help

User Tag List

Certain websites not working, unable to patch games from some developers

This is a discussion on Certain websites not working, unable to patch games from some developers within the Virus/Trojan/Spyware Help forums, part of the Tech Support Forum category. Was directed here to post logs of a scan. I am running Win10 and using Brave/Chrome for browsers. I first


Like Tree1Likes
Closed Thread
 
Thread Tools Search this Thread
Old 04-28-2020, 03:27 PM   #1
Registered Member
 
Join Date: May 2015
Posts: 66
OS: Win 10



Was directed here to post logs of a scan. I am running Win10 and using Brave/Chrome for browsers.
I first encountered the issue when launching the game Albion Online. The splash page wouldn't come up and it would not fetch the updates. Repair and reinstall options didn't do anything when clicked. I visited their site, albiononline.com which appeared as black text on a white background. Navigating to their download page results in "This page cannot be reached". Similar thing happened with another game launcher for Escape from Tarkov. When attempting to download the launcher again, the exe file would appear but it would say my pc cannot run this app. Other company's games, such as Blizzard, worked like normal.

I have tried different browsers, clearing cache, flushing DNS, release/renew IP, restarting modem and PC. Connecting to a VPN allows me to operate normally, but I never had to before this.

I have access to Win10 on a USB.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-04-2020
Ran by tzc00 (administrator) on TANNER-HOME (28-04-2020 15:15:10)
Running from C:\Users\tzc00\Downloads
Loaded Profiles: tzc00 (Available Profiles: tzc00)
Platform: Windows 10 Home Version 1903 18362.778 (X64) Language: English (United States)
Default browser: "C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe" -- "%1"
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe <2>
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12106.2.48003.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.exe <3>
(Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.7022\Agent.exe
(Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe <10>
(Corsair Components, Inc. -> Corsair Components, Inc.) C:\Program Files (x86)\Corsair\Corsair Utility Engine\Corsair.Service.DisplayAdapter.exe
(Corsair Components, Inc. -> Corsair Components, Inc.) C:\Program Files (x86)\Corsair\Corsair Utility Engine\Corsair.Service.exe
(Corsair Components, Inc. -> Corsair Components, Inc.) C:\Program Files (x86)\Corsair\Corsair Utility Engine\iCUE.exe
(Electronic Arts, Inc. -> ) C:\Program Files (x86)\Origin\QtWebEngineProcess.exe <2>
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\UnrealCEFSubProcess.exe
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12004.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.120.4062.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2003.8-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2003.8-0\NisSrv.exe
(Node.js Foundation -> Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(Node.js Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Slack Technologies, Inc. -> Slack Technologies Inc.) C:\Users\tzc00\AppData\Local\slack\app-4.5.0\slack.exe <7>
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(TunnelBear -> TunnelBear) C:\Program Files (x86)\TunnelBear\TunnelBear.Maintenance.exe
(TunnelBear -> TunnelBear) C:\Program Files (x86)\TunnelBear\TunnelBear.UI.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3022416 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942864 2016-10-13] (Logitech -> Logitech, Inc.)
HKLM-x32\...\Run: [CORSAIR iCUE Software] => C:\Program Files (x86)\Corsair\Corsair Utility Engine\iCUE.exe [32644304 2018-06-07] (Corsair Components, Inc. -> Corsair Components, Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2084920 2019-09-27] (Adobe Inc. -> Adobe Inc.)
HKU\S-1-5-21-3501895849-3895629900-3463264977-1004\...\Run: [Google Update] => C:\Users\tzc00\AppData\Local\Google\Update\1.3.35.452\GoogleUpdateCore.exe [217544 2020-03-20] (Google LLC -> Google LLC)
HKU\S-1-5-21-3501895849-3895629900-3463264977-1004\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3371296 2020-04-03] (Valve -> Valve Corporation)
HKU\S-1-5-21-3501895849-3895629900-3463264977-1004\...\Run: [GalaxyClient] => D:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [7937608 2019-12-25] (GOG Sp. z o.o. -> GOG.com)
HKU\S-1-5-21-3501895849-3895629900-3463264977-1004\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [913800 2019-12-03] (Nota Inc. -> Nota Inc.)
HKU\S-1-5-21-3501895849-3895629900-3463264977-1004\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3140376 2020-04-14] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-3501895849-3895629900-3463264977-1004\...\Run: [Discord] => C:\Users\tzc00\AppData\Local\Discord\app-0.0.306\Discord.exe [90950968 2020-02-24] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-3501895849-3895629900-3463264977-1004\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-10-22] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-3501895849-3895629900-3463264977-1004\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [31740816 2020-04-27] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3501895849-3895629900-3463264977-1004\...\Run: [com.squirrel.slack.slack] => C:\Users\tzc00\AppData\Local\slack\slack.exe [306704 2020-04-21] (Slack Technologies, Inc. -> Slack Technologies Inc.)
HKU\S-1-5-21-3501895849-3895629900-3463264977-1004\...\RunOnce: [Application Restart #2] => C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe [1980048 2020-04-19] (Brave Software, Inc. -> Brave Software, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\81.1.7.98\Installer\chrmstp.exe [2020-04-21] (Brave Software, Inc.) [File not signed]
Startup: C:\Users\tzc00\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2019-11-21]
ShortcutTarget: Twitch.lnk -> C:\Users\tzc00\AppData\Roaming\Twitch\Bin\Twitch.exe (Twitch Interactive, Inc. -> Twitch Interactive, Inc.)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1E0D78F6-B113-4AC0-82AE-E4F3F0BB10DE} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2C8AFF2A-000C-479F-A29C-9BB10711554A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {325685E3-CCC9-44F6-AF3D-FD4F5B18F829} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [6785448 2019-12-03] (Nota Inc. -> Nota Inc.)
Task: {330AAEC5-2F45-4E68-B738-FBF5985BAA9F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MpCmdRun.exe [480272 2020-03-24] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {36B05A90-EDA7-480E-A9F1-6AA300CC6962} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3E673A61-DCF0-47D7-B150-53D467C2E745} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [157320 2020-03-29] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {4A4BC48E-82BC-4BE4-823F-880851898AC1} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {609B7A97-0877-47BA-A03E-D6B426261768} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {615A5189-323E-48B8-B471-79652F254318} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-04-14] (Adobe Inc. -> Adobe)
Task: {634CB697-4DB1-447F-9D3E-DDACEA8D5344} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6F3D8D02-9485-407D-941F-884E7D98D021} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [157320 2020-03-29] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {78A68A0A-D810-4E40-9CC4-4BEEC473A2C1} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7932D456-1C59-403F-A405-B1358658E537} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_363_Plugin.exe [1458232 2020-04-14] (Adobe Inc. -> Adobe)
Task: {93C52B13-EF3A-4A8A-9D8E-15F4F0CFD2B4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MpCmdRun.exe [480272 2020-03-24] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {94CE7174-8709-4668-A11C-7A823075D6FE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MpCmdRun.exe [480272 2020-03-24] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {94F11C83-6A2F-4EF9-ADD6-46BE3FD28F67} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_363_pepper.exe [1454136 2020-04-14] (Adobe Inc. -> Adobe)
Task: {9B77B9F7-1A43-42CE-9224-081B5DB42AF8} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3293168 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A42A5E66-6524-43EE-B8D2-7EFBC6D78979} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A466F165-88DD-4200-A85C-F80733CCFAB2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MpCmdRun.exe [480272 2020-03-24] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A73D4157-75C4-4F26-B363-5FE93626909E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3501895849-3895629900-3463264977-1004Core => C:\Users\tzc00\AppData\Local\Google\Update\GoogleUpdate.exe [153168 2018-09-29] (Google Inc -> Google Inc.)
Task: {AB0FA6F2-6E80-4D1B-A47A-F8C63E0BB297} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B2D95B79-3E77-4EE8-A1A0-C5EBE9E12BE2} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [784880 2019-10-19] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
Task: {BAA79480-A813-49E8-8EF4-763C7655C2B6} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BF0BD619-4E7B-4475-A54E-540EF67DC62A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3501895849-3895629900-3463264977-1004UA => C:\Users\tzc00\AppData\Local\Google\Update\GoogleUpdate.exe [153168 2018-09-29] (Google Inc -> Google Inc.)
Task: {CEF9C2F5-1263-46FA-80A7-C6543E823315} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3022416 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {E8F7814E-6E84-477C-B8F9-EB0CC3A5E057} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1660520 2020-02-27] (Avast Software s.r.o. -> Avast Software)
Task: {ED8BB228-1415-43E3-A61D-8E9295C519F9} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [6785448 2019-12-03] (Nota Inc. -> Nota Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62
Tcpip\..\Interfaces\{0f03de16-ce27-4b3f-a546-378fd8554f2a}: [DhcpNameServer] 209.18.47.61 209.18.47.62

Internet Explorer:
==================
HKU\S-1-5-21-3501895849-3895629900-3463264977-1004\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3501895849-3895629900-3463264977-1004\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
SearchScopes: HKU\S-1-5-21-3501895849-3895629900-3463264977-1004 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: rz1ggtap.default-1569143622255
FF ProfilePath: C:\Users\tzc00\AppData\Roaming\Mozilla\Firefox\Profiles\rz1ggtap.default-1569143622255 [2020-04-28]
FF Plugin: @Adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_363.dll [2020-04-14] (Adobe Inc. -> )
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2019-09-27] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @Adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_363.dll [2020-04-14] (Adobe Inc. -> )
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=3 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2020-03-29] (Brave Software, Inc. -> BraveSoftware Inc.)
FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=9 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2020-03-29] (Brave Software, Inc. -> BraveSoftware Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-03-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2019-09-27] (Adobe Inc. -> Adobe Systems)
FF Plugin HKU\S-1-5-21-3501895849-3895629900-3463264977-1004: @zoom.us/ZoomVideoPlugin -> C:\Users\tzc00\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-04-17] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

Chrome:
=======
CHR Profile: C:\Users\tzc00\AppData\Local\Google\Chrome\User Data\Default [2020-04-28]
CHR Notifications: Default -> hxxps://fres-news.com; hxxps://personal-video.live; hxxps://www.facebook.com; hxxps://www.youtube.com; hxxps://wynsys.club
CHR HomePage: Default -> hxxp://google.com/
CHR StartupUrls: Default -> "hxxp://google.com/"
CHR Extension: (Slides) - C:\Users\tzc00\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-09-29]
CHR Extension: (BetterTTV) - C:\Users\tzc00\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2020-03-25]
CHR Extension: (Docs) - C:\Users\tzc00\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-09-29]
CHR Extension: (Google Drive) - C:\Users\tzc00\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-16]
CHR Extension: (YouTube) - C:\Users\tzc00\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-09-29]
CHR Extension: (Honey) - C:\Users\tzc00\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2020-04-03]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\tzc00\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-03-31]
CHR Extension: (Sheets) - C:\Users\tzc00\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-09-29]
CHR Extension: (Google Docs Offline) - C:\Users\tzc00\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-03-09]
CHR Extension: (AdBlock best ad blocker) - C:\Users\tzc00\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-03-17]
CHR Extension: (Chrome Web Store Payments) - C:\Users\tzc00\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-03]
CHR Extension: (Global Twitch Emotes) - C:\Users\tzc00\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgniedifoejifjkndekolimjeclnokkb [2020-03-25]
CHR Extension: (Gmail) - C:\Users\tzc00\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\tzc00\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-02]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [823352 2019-09-27] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3374160 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3103824 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8615864 2020-04-17] (BattlEye Innovations e.K. -> )
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [157320 2020-03-29] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [157320 2020-03-29] (Brave Software, Inc. -> BraveSoftware Inc.)
R2 CorsairService; C:\Program Files (x86)\Corsair\Corsair Utility Engine\Corsair.Service.exe [44752 2018-06-07] (Corsair Components, Inc. -> Corsair Components, Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [802432 2020-03-30] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 GalaxyClientService; D:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1208392 2019-12-25] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6617160 2019-12-25] (GOG Sp. z o.o. -> GOG.com)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2495280 2020-04-14] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3446576 2020-04-14] (Electronic Arts, Inc. -> Electronic Arts)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13216784 2020-04-09] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 TunnelBearMaintenance; C:\Program Files (x86)\TunnelBear\TunnelBear.Maintenance.exe [137848 2020-04-09] (TunnelBear -> TunnelBear)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\NisSrv.exe [3294680 2020-03-24] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MsMpEng.exe [103168 2020-03-24] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdgpio2; C:\WINDOWS\System32\drivers\amdgpio2.sys [45832 2019-10-01] (Advanced Micro Devices INC. -> Advanced Micro Devices, Inc)
R3 amdgpio3; C:\WINDOWS\System32\drivers\amdgpio3.sys [33144 2017-08-29] (AMD PMP-PE CB Code Signer v20160415 -> Advanced Micro Devices, Inc)
S3 amdkmcsp; C:\WINDOWS\system32\DRIVERS\amdkmcsp.sys [101232 2017-06-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. )
R3 AMDPCIDev; C:\WINDOWS\System32\drivers\AMDPCIDev.sys [31592 2018-04-25] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R0 amdpsp; C:\WINDOWS\System32\drivers\amdpsp.sys [137496 2018-09-12] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc. )
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-10-18] (Microsoft Corporation) [File not signed]
R3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [45528 2018-02-05] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [21968 2018-02-05] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 cpuz146; C:\WINDOWS\temp\cpuz146\cpuz146_x64.sys [52824 2020-04-28] (CPUID -> CPUID)
S3 DrvAgent64; C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS [22200 2018-10-13] (eSupport.com, Inc. -> Phoenix Technologies)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_63268710a2dc3648\nvlddmkm.sys [23439080 2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2020-03-31] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [67456 2020-03-11] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [680416 2018-10-24] (Realtek Semiconductor Corp. -> Realtek )
R3 tap-tb-0901; C:\WINDOWS\System32\drivers\tap-tb-0901.sys [38656 2020-04-08] (TunnelBear, Inc. -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45960 2020-03-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [391392 2020-03-24] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [59104 2020-03-24] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-04-28 15:15 - 2020-04-28 15:15 - 000028592 _____ C:\Users\tzc00\Downloads\FRST.txt
2020-04-28 15:12 - 2020-04-28 15:15 - 000000000 ____D C:\FRST
2020-04-28 15:12 - 2020-04-28 15:12 - 002283008 _____ (Farbar) C:\Users\tzc00\Downloads\FRST64.exe
2020-04-28 11:44 - 2020-04-28 11:44 - 000000000 ____D C:\Users\tzc00\AppData\Roaming\EasyAntiCheat
2020-04-28 10:47 - 2020-04-28 10:47 - 000000786 _____ C:\Users\Public\Desktop\Battlestate Games Launcher.lnk
2020-04-28 10:47 - 2020-04-28 10:47 - 000000786 _____ C:\ProgramData\Desktop\Battlestate Games Launcher.lnk
2020-04-28 10:47 - 2020-04-28 10:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlestate Games
2020-04-28 10:42 - 2020-04-28 10:43 - 000000000 ____D C:\Program Files (x86)\AlbionOnline
2020-04-28 10:42 - 2020-04-28 10:42 - 000001267 _____ C:\Users\tzc00\Desktop\AlbionOnline.lnk
2020-04-28 10:42 - 2020-04-28 10:42 - 000000000 ____D C:\Users\tzc00\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Albion Online
2020-04-28 10:41 - 2020-04-28 10:41 - 050022608 _____ C:\Users\tzc00\Downloads\albion-online-setup.exe
2020-04-28 10:39 - 2020-04-28 10:40 - 000000000 ____D C:\Program Files (x86)\TunnelBear
2020-04-28 10:39 - 2020-04-28 10:39 - 137103880 _____ (TunnelBear) C:\Users\tzc00\Downloads\TunnelBear-Installer.exe
2020-04-28 10:39 - 2020-04-28 10:39 - 000001980 _____ C:\Users\Public\Desktop\TunnelBear.lnk
2020-04-28 10:39 - 2020-04-28 10:39 - 000001980 _____ C:\ProgramData\Desktop\TunnelBear.lnk
2020-04-28 10:39 - 2020-04-28 10:39 - 000000000 ____D C:\Users\tzc00\AppData\Roaming\TunnelBear
2020-04-28 10:39 - 2020-04-28 10:39 - 000000000 ____D C:\Users\tzc00\AppData\Local\TunnelBear
2020-04-28 10:39 - 2020-04-28 10:39 - 000000000 ____D C:\Users\tzc00\AppData\Local\IsolatedStorage
2020-04-28 10:39 - 2020-04-28 10:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TunnelBear
2020-04-21 13:06 - 2020-04-28 15:15 - 000000000 ____D C:\Users\tzc00\AppData\Roaming\Slack
2020-04-21 13:06 - 2020-04-21 13:06 - 000002213 _____ C:\Users\tzc00\Desktop\Slack.lnk
2020-04-21 13:06 - 2020-04-21 13:06 - 000000000 ____D C:\Users\tzc00\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Slack Technologies Inc
2020-04-21 13:06 - 2020-04-21 13:06 - 000000000 ____D C:\Users\tzc00\AppData\Local\slack
2020-04-20 17:19 - 2020-04-20 17:19 - 000000000 ____D C:\Users\tzc00\AppData\Local\Skyrim Special Edition
2020-04-20 16:40 - 2020-04-20 16:40 - 000000222 _____ C:\Users\tzc00\Desktop\The Elder Scrolls V Skyrim Special Edition.url
2020-04-18 21:39 - 2020-04-18 21:39 - 000000222 _____ C:\Users\tzc00\Desktop\ARK Survival Evolved.url
2020-04-17 12:46 - 2020-04-17 12:46 - 000000000 ____D C:\Users\tzc00\Documents\Zoom
2020-04-17 12:45 - 2020-04-17 12:45 - 000000000 ____D C:\Users\tzc00\AppData\Roaming\Zoom
2020-04-17 12:45 - 2020-04-17 12:45 - 000000000 ____D C:\Users\tzc00\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2020-04-16 21:18 - 2020-04-16 21:18 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 022636544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 019850240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 019812864 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 018027520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 014818816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 009930552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-04-16 21:18 - 2020-04-16 21:18 - 008013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 007756800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 007604584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 007017472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 006523048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 005910016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 005040640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 004611584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 004538880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 004129624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 003802624 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 003753472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 003742544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 003512320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 002986808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-04-16 21:18 - 2020-04-16 21:18 - 002951832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSAT.exe
2020-04-16 21:18 - 2020-04-16 21:18 - 002800128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-04-16 21:18 - 2020-04-16 21:18 - 002767928 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 002494744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 002180408 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 002086656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 001999960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 001870408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 001729024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 001665216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 001646048 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 001545216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2020-04-16 21:18 - 2020-04-16 21:18 - 001484384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 001477112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 001413840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 001397576 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-04-16 21:18 - 2020-04-16 21:18 - 001368576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 001368576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 001310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 001300280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2020-04-16 21:18 - 2020-04-16 21:18 - 001264640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2020-04-16 21:18 - 2020-04-16 21:18 - 001245184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 001153024 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowsperformancerecordercontrol.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 001081856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 001077064 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-04-16 21:18 - 2020-04-16 21:18 - 001055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 001013000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 001009152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 001008128 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000993280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000983040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000982840 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000912896 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000892416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowsperformancerecordercontrol.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000865280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000865280 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2020-04-16 21:18 - 2020-04-16 21:18 - 000785920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000783480 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-04-16 21:18 - 2020-04-16 21:18 - 000775696 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2020-04-16 21:18 - 2020-04-16 21:18 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2020-04-16 21:18 - 2020-04-16 21:18 - 000768528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FlightSettings.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BTAGService.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000686080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000673704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000673464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2020-04-16 21:18 - 2020-04-16 21:18 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000665088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000647680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000632832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000629760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000628616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000618296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000561464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2020-04-16 21:18 - 2020-04-16 21:18 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2020-04-16 21:18 - 2020-04-16 21:18 - 000538160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2020-04-16 21:18 - 2020-04-16 21:18 - 000525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000510792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000507152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000491008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000487784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-04-16 21:18 - 2020-04-16 21:18 - 000456504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2020-04-16 21:18 - 2020-04-16 21:18 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2020-04-16 21:18 - 2020-04-16 21:18 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2020-04-16 21:18 - 2020-04-16 21:18 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000420152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000415760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000406480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000381440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpr.exe
2020-04-16 21:18 - 2020-04-16 21:18 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\es.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2020-04-16 21:18 - 2020-04-16 21:18 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-04-16 21:18 - 2020-04-16 21:18 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbadmin.exe
2020-04-16 21:18 - 2020-04-16 21:18 - 000277864 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2020-04-16 21:18 - 2020-04-16 21:18 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000268008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000259776 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoncli.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasrad.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumsvc.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000211256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000190048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logoncli.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000187392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasrad.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000185952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.XamlHost.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000178192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2020-04-16 21:18 - 2020-04-16 21:18 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumsvc.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000147696 _____ (Microsoft Corporation) C:\WINDOWS\system32\smss.exe
2020-04-16 21:18 - 2020-04-16 21:18 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.XamlHost.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000123952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slc.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2020-04-16 21:18 - 2020-04-16 21:18 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000093712 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000089336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3api.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3msm.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasacct.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000084280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2020-04-16 21:18 - 2020-04-16 21:18 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Custom.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000066624 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumcrypt.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasacct.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumapi.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000058880 _____ C:\WINDOWS\system32\runexehelper.exe
2020-04-16 21:18 - 2020-04-16 21:18 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumapi.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000050544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudNotifications.exe
2020-04-16 21:18 - 2020-04-16 21:18 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\iaspolcy.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iaspolcy.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000033080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hwpolicy.sys
2020-04-16 21:18 - 2020-04-16 21:18 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ias.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmintegrator.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2020-04-16 21:18 - 2020-04-16 21:18 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ias.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000021520 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wksprtPS.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsunattend.exe
2020-04-16 21:18 - 2020-04-16 21:18 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Custom.ps.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\pacjsworker.exe
2020-04-16 21:18 - 2020-04-16 21:18 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2020-04-16 21:18 - 2020-04-16 21:18 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-04-16 21:18 - 2020-04-16 21:18 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-04-16 21:18 - 2020-04-16 21:18 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-04-16 21:18 - 2020-04-16 21:18 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-04-16 21:18 - 2020-04-16 21:18 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-04-16 21:18 - 2020-04-16 21:18 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-04-16 21:18 - 2020-04-16 21:18 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-04-16 21:18 - 2020-04-16 21:18 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-04-16 21:18 - 2020-04-16 21:18 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-04-16 21:18 - 2020-04-16 21:18 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-04-16 21:18 - 2020-04-16 21:18 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-04-16 21:18 - 2020-04-16 21:18 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-04-16 21:17 - 2020-04-16 21:17 - 017790464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 007849216 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 006168064 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 004563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-04-16 21:17 - 2020-04-16 21:17 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-04-16 21:17 - 2020-04-16 21:17 - 003708928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 003587384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-04-16 21:17 - 2020-04-16 21:17 - 003547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 003109376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 002871608 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2020-04-16 21:17 - 2020-04-16 21:17 - 002717184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-04-16 21:17 - 2020-04-16 21:17 - 002453504 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 002131456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 002126144 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 002114560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 001960448 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 001945600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 001942528 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 001918976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 001783296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 001764336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 001762816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 001757096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-04-16 21:17 - 2020-04-16 21:17 - 001726264 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 001719808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 001656904 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 001612800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 001603584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 001512832 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2020-04-16 21:17 - 2020-04-16 21:17 - 001497600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 001480192 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-04-16 21:17 - 2020-04-16 21:17 - 001427456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 001413704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 001378528 _____ (Microsoft Corporation) C:\WINDOWS\system32\webservices.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 001318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 001263856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2020-04-16 21:17 - 2020-04-16 21:17 - 001261808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 001257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 001243648 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 001136128 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 001127424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 001083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 001071616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 001011200 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 000974336 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 000924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 000915192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 000893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 000879616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-04-16 21:17 - 2020-04-16 21:17 - 000840704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 000811320 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 000759272 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 000747320 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 000722072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 000684560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 000654912 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 000638480 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 000637240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2020-04-16 21:17 - 2020-04-16 21:17 - 000605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-04-16 21:17 - 2020-04-16 21:17 - 000604984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 000589384 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2020-04-16 21:17 - 2020-04-16 21:17 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-04-16 21:17 - 2020-04-16 21:17 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 000524264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2020-04-16 21:17 - 2020-04-16 21:17 - 000515600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 000513576 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 000465208 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 000459688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2020-04-16 21:17 - 2020-04-16 21:17 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-04-16 21:17 - 2020-04-16 21:17 - 000437560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2020-04-16 21:17 - 2020-04-16 21:17 - 000416016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 000408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\es.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 000355328 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcApi.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 000339304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 000297272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2020-04-16 21:17 - 2020-04-16 21:17 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 000278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2020-04-16 21:17 - 2020-04-16 21:17 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 000251704 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 000251392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2020-04-16 21:17 - 2020-04-16 21:17 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 000231912 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 000193848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2020-04-16 21:17 - 2020-04-16 21:17 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2020-04-16 21:17 - 2020-04-16 21:17 - 000164368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2020-04-16 21:17 - 2020-04-16 21:17 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 000152408 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 000151352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmbus.sys
2020-04-16 21:17 - 2020-04-16 21:17 - 000142544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingUI.exe
2020-04-16 21:17 - 2020-04-16 21:17 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 000129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcDecoderHost.exe
2020-04-16 21:17 - 2020-04-16 21:17 - 000127280 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 000115120 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2020-04-16 21:17 - 2020-04-16 21:17 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3msm.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 000102216 _____ (Microsoft Corporation) C:\WINDOWS\system32\changepk.exe
2020-04-16 21:17 - 2020-04-16 21:17 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Custom.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3api.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 000089912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2020-04-16 21:17 - 2020-04-16 21:17 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2020-04-16 21:17 - 2020-04-16 21:17 - 000088352 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 000071480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\keepaliveprovider.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudNotifications.exe
2020-04-16 21:17 - 2020-04-16 21:17 - 000059192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2020-04-16 21:17 - 2020-04-16 21:17 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2020-04-16 21:17 - 2020-04-16 21:17 - 000047000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2020-04-16 21:17 - 2020-04-16 21:17 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.Common.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpgradeResultsUI.exe
2020-04-16 21:17 - 2020-04-16 21:17 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcProxyStubs.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2020-04-16 21:17 - 2020-04-16 21:17 - 000036152 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2020-04-16 21:17 - 2020-04-16 21:17 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxssrv.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprtPS.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys
2020-04-16 21:17 - 2020-04-16 21:17 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicPS.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 000028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\flpydisk.sys
2020-04-16 21:17 - 2020-04-16 21:17 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Custom.ps.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbservicetrigger.dll
2020-04-16 21:17 - 2020-04-16 21:17 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sfloppy.sys
2020-04-16 21:17 - 2020-04-16 21:17 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll
2020-04-16 21:13 - 2020-03-16 20:57 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-04-16 21:13 - 2020-03-16 20:56 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-04-08 19:43 - 2020-04-08 19:43 - 000038656 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\tap-tb-0901.sys
2020-03-31 15:10 - 2020-03-31 15:10 - 000091829 _____ C:\Users\tzc00\Downloads\FullSizeRender (4).jpeg
2020-03-31 15:08 - 2020-03-31 15:08 - 000246194 _____ C:\Users\tzc00\Downloads\FullSizeRender (3).jpeg
2020-03-31 15:07 - 2020-03-31 15:07 - 000091829 _____ C:\Users\tzc00\Downloads\FullSizeRender (2).jpeg
2020-03-31 15:06 - 2020-03-31 15:06 - 000246194 _____ C:\Users\tzc00\Downloads\FullSizeRender (1).jpeg
2020-03-31 14:50 - 2020-03-31 14:50 - 000246194 _____ C:\Users\tzc00\Downloads\FullSizeRender.jpeg
2020-03-30 21:12 - 2020-03-30 21:12 - 000000000 ____D C:\Users\tzc00\AppData\Roaming\NVIDIA
2020-03-30 00:41 - 2020-03-30 00:41 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2020-03-30 00:41 - 2020-03-18 09:59 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2020-03-30 00:41 - 2020-03-17 21:00 - 005581800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2020-03-30 00:41 - 2020-03-17 21:00 - 002632680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2020-03-30 00:41 - 2020-03-17 21:00 - 001759216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2020-03-30 00:41 - 2020-03-17 21:00 - 001172464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2020-03-30 00:41 - 2020-03-17 21:00 - 000446264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2020-03-30 00:41 - 2020-03-17 21:00 - 000121144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2020-03-30 00:41 - 2020-03-17 21:00 - 000074736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2020-03-30 00:41 - 2020-03-15 23:39 - 008997147 _____ C:\WINDOWS\system32\nvcoproc.bin
2020-03-30 00:39 - 2020-03-18 22:11 - 001729232 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2020-03-30 00:39 - 2020-03-18 22:11 - 001729232 _____ C:\WINDOWS\system32\vulkaninfo.exe
2020-03-30 00:39 - 2020-03-18 22:11 - 001329360 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-03-30 00:39 - 2020-03-18 22:11 - 001329360 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2020-03-30 00:39 - 2020-03-18 22:11 - 001078992 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2020-03-30 00:39 - 2020-03-18 22:11 - 001078992 _____ C:\WINDOWS\system32\vulkan-1.dll
2020-03-30 00:39 - 2020-03-18 22:11 - 000937680 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2020-03-30 00:39 - 2020-03-18 22:11 - 000937680 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2020-03-30 00:39 - 2020-03-18 22:11 - 000450464 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2020-03-30 00:39 - 2020-03-18 22:11 - 000348048 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2020-03-30 00:39 - 2020-03-18 22:10 - 011945072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2020-03-30 00:39 - 2020-03-18 22:10 - 010285680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2020-03-30 00:39 - 2020-03-18 22:10 - 000817056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2020-03-30 00:39 - 2020-03-18 22:10 - 000676448 _____ C:\WINDOWS\system32\nvofapi64.dll
2020-03-30 00:39 - 2020-03-18 22:10 - 000544352 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2020-03-30 00:39 - 2020-03-18 22:09 - 017600912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2020-03-30 00:39 - 2020-03-18 22:09 - 015157664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2020-03-30 00:39 - 2020-03-18 22:09 - 005856656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2020-03-30 00:39 - 2020-03-18 22:09 - 005158304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2020-03-30 00:39 - 2020-03-18 22:09 - 002072992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2020-03-30 00:39 - 2020-03-18 22:09 - 001723280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6444575.dll
2020-03-30 00:39 - 2020-03-18 22:09 - 001564904 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2020-03-30 00:39 - 2020-03-18 22:09 - 001483168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6444575.dll
2020-03-30 00:39 - 2020-03-18 22:09 - 001480936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2020-03-30 00:39 - 2020-03-18 22:09 - 001351568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2020-03-30 00:39 - 2020-03-18 22:09 - 001142176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2020-03-30 00:39 - 2020-03-18 22:09 - 001049488 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2020-03-30 00:39 - 2020-03-18 22:09 - 000811424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2020-03-30 00:39 - 2020-03-18 22:09 - 000679840 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2020-03-30 00:39 - 2020-03-18 22:09 - 000655264 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2020-03-30 00:39 - 2020-03-18 22:09 - 000546720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2020-03-30 00:39 - 2020-03-18 19:06 - 004927048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2020-03-30 00:39 - 2020-03-18 19:05 - 004196160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2020-03-30 00:39 - 2020-03-18 00:51 - 001682368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2020-03-30 00:39 - 2020-03-18 00:51 - 000223120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2020-03-30 00:39 - 2020-03-18 00:51 - 000056618 _____ C:\WINDOWS\system32\nvinfo.pb
2020-03-30 00:39 - 2020-03-18 00:51 - 000039824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2020-03-30 00:39 - 2020-03-11 12:26 - 000067456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2020-03-29 21:20 - 2020-03-29 21:20 - 000000000 ____D C:\Users\tzc00\AppData\Local\Saber
2020-03-29 18:50 - 2020-04-21 16:55 - 000002430 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2020-03-29 18:50 - 2020-04-21 16:55 - 000002389 _____ C:\Users\Public\Desktop\Brave.lnk
2020-03-29 18:50 - 2020-04-21 16:55 - 000002389 _____ C:\ProgramData\Desktop\Brave.lnk
2020-03-29 18:50 - 2020-03-29 18:50 - 000003436 _____ C:\WINDOWS\system32\Tasks\BraveSoftwareUpdateTaskMachineUA
2020-03-29 18:50 - 2020-03-29 18:50 - 000003312 _____ C:\WINDOWS\system32\Tasks\BraveSoftwareUpdateTaskMachineCore
2020-03-29 18:49 - 2020-03-29 18:50 - 000000000 ____D C:\Users\tzc00\AppData\Local\BraveSoftware
2020-03-29 18:49 - 2020-03-29 18:50 - 000000000 ____D C:\Program Files (x86)\BraveSoftware
2020-03-29 18:49 - 2020-03-29 18:49 - 001299864 _____ (BraveSoftware Inc.) C:\Users\tzc00\Downloads\BraveBrowserSetup-ANI763.exe
2020-03-29 00:44 - 2020-03-29 00:44 - 000187618 _____ C:\Users\tzc00\Downloads\2019TurboTaxReturn.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-04-28 15:16 - 2019-03-20 18:28 - 000000000 ____D C:\Users\tzc00\AppData\Roaming\Origin
2020-04-28 15:13 - 2019-10-17 23:28 - 000003134 _____ C:\WINDOWS\system32\Tasks\MSIAfterburner
2020-04-28 15:13 - 2018-09-29 23:40 - 000000000 ____D C:\Users\tzc00\AppData\Roaming\discord
2020-04-28 15:08 - 2018-09-30 00:37 - 000000000 ____D C:\Users\tzc00\AppData\Local\Battle.net
2020-04-28 15:00 - 2019-03-18 21:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-04-28 14:50 - 2018-10-10 17:35 - 000015212 _____ C:\Users\tzc00\Downloads\FarmVille.xlsx
2020-04-28 14:20 - 2019-06-09 16:04 - 000000000 ____D C:\Program Files\Warcraft III
2020-04-28 14:01 - 2018-09-29 22:54 - 000000000 ____D C:\ProgramData\NVIDIA
2020-04-28 12:16 - 2019-10-02 09:03 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-04-28 12:16 - 2019-10-02 09:03 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2020-04-28 11:43 - 2018-10-03 22:24 - 000000000 ____D C:\Users\tzc00\AppData\Local\CrashDumps
2020-04-28 11:37 - 2019-10-17 23:23 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-04-28 10:47 - 2020-01-29 18:09 - 000000000 ____D C:\Users\tzc00\AppData\Roaming\Battlestate Games
2020-04-28 10:47 - 2020-01-29 18:09 - 000000000 ____D C:\Users\tzc00\AppData\Local\Battlestate Games
2020-04-28 10:40 - 2019-03-18 21:50 - 000000000 ____D C:\WINDOWS\INF
2020-04-28 10:39 - 2018-09-29 23:58 - 000000000 ____D C:\ProgramData\Package Cache
2020-04-28 10:30 - 2018-12-27 02:17 - 000001017 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-04-28 10:30 - 2018-12-27 02:17 - 000000000 ____D C:\Users\tzc00\AppData\LocalLow\Mozilla
2020-04-28 10:30 - 2018-12-27 02:17 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-04-28 10:30 - 2018-12-27 02:17 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-04-28 10:17 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-04-28 09:56 - 2019-10-17 23:31 - 000841376 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-04-28 09:53 - 2019-10-17 23:28 - 000004168 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{6B472310-807C-4712-88B8-DB10195B7423}
2020-04-28 09:51 - 2019-02-05 22:43 - 000000000 ____D C:\ProgramData\Origin
2020-04-28 09:51 - 2018-09-30 00:01 - 000000000 ____D C:\Program Files (x86)\Steam
2020-04-28 09:50 - 2019-10-17 23:28 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-04-28 09:50 - 2019-08-27 20:07 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-04-28 09:50 - 2019-03-24 20:12 - 000002249 _____ C:\Users\tzc00\Desktop\Discord.lnk
2020-04-28 09:50 - 2019-03-20 18:28 - 000000000 ____D C:\Users\tzc00\AppData\Local\Origin
2020-04-28 09:50 - 2018-09-30 13:32 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2020-04-27 23:57 - 2019-03-18 21:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-04-27 19:37 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-04-26 21:28 - 2018-10-11 15:55 - 000000000 ____D C:\Users\tzc00\AppData\Roaming\obs-studio
2020-04-25 23:33 - 2019-03-18 21:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-04-24 22:28 - 2019-10-17 23:28 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-24 22:28 - 2019-10-17 23:28 - 000004106 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-24 22:28 - 2019-10-17 23:28 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-24 22:28 - 2019-10-17 23:28 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-24 22:28 - 2019-10-17 23:28 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-24 22:28 - 2019-10-17 23:28 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-24 22:28 - 2019-10-17 23:28 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-24 22:28 - 2019-10-17 23:28 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-24 22:28 - 2019-10-17 23:28 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-24 22:28 - 2019-10-17 23:28 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-04-24 22:28 - 2018-10-03 22:21 - 000001459 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2020-04-24 22:28 - 2018-10-03 22:21 - 000001459 _____ C:\ProgramData\Desktop\GeForce Experience.lnk
2020-04-24 22:28 - 2018-09-29 22:54 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2020-04-24 22:28 - 2018-09-29 22:54 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2020-04-24 22:28 - 2018-09-29 22:54 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2020-04-23 14:22 - 2018-10-27 10:36 - 000000000 ____D C:\Users\tzc00\AppData\Roaming\TS3Client
2020-04-21 16:28 - 2018-09-29 23:31 - 000002514 _____ C:\Users\tzc00\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-04-21 16:28 - 2018-09-29 23:31 - 000002477 _____ C:\Users\tzc00\Desktop\Google Chrome.lnk
2020-04-21 13:06 - 2018-09-29 23:39 - 000000000 ____D C:\Users\tzc00\AppData\Local\SquirrelTemp
2020-04-20 17:10 - 2019-03-20 18:29 - 000000000 ____D C:\Program Files (x86)\Origin
2020-04-20 16:40 - 2018-09-30 00:17 - 000000000 ____D C:\Users\tzc00\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2020-04-20 16:39 - 2018-10-01 20:08 - 000000000 ____D C:\Users\tzc00\Documents\my games
2020-04-19 15:00 - 2018-09-30 14:23 - 000000000 ____D C:\Users\tzc00\AppData\Local\D3DSCache
2020-04-19 13:54 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-04-19 13:34 - 2018-10-27 10:36 - 000000000 ____D C:\Users\tzc00\AppData\Local\TeamSpeak 3 Client
2020-04-18 21:53 - 2019-03-10 13:05 - 000000000 ____D C:\Users\tzc00\AppData\Roaming\vlc
2020-04-18 21:36 - 2018-09-29 23:00 - 000000000 ____D C:\Users\tzc00\AppData\Local\Packages
2020-04-17 23:36 - 2020-03-21 18:11 - 000030973 _____ C:\Users\tzc00\Desktop\ammo.xlsx
2020-04-17 09:44 - 2019-10-17 23:23 - 000362152 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-04-17 02:09 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-04-17 02:09 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2020-04-17 02:09 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-04-17 02:09 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-04-17 02:09 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\Provisioning
2020-04-17 02:09 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-04-16 21:19 - 2019-03-18 21:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-04-14 22:37 - 2019-10-17 23:28 - 000004550 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier
2020-04-14 22:37 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-04-14 22:37 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-04-14 21:37 - 2019-10-17 23:28 - 000004538 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-04-14 18:29 - 2019-10-17 21:19 - 000000000 ____D C:\Users\tzc00\AppData\Local\ElevatedDiagnostics
2020-04-10 11:20 - 2019-08-27 21:30 - 000000000 ____D C:\Users\tzc00\AppData\Roaming\Twitch
2020-04-07 10:58 - 2018-10-03 22:21 - 002799416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2020-04-07 10:58 - 2018-10-03 22:21 - 002159592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2020-04-07 10:58 - 2018-10-03 22:21 - 001314792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2020-04-01 18:59 - 2019-10-18 17:08 - 000748816 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2020-03-31 14:28 - 2018-09-30 00:36 - 000000000 ____D C:\Program Files (x86)\Battle.net
2020-03-30 21:12 - 2018-10-03 22:21 - 000000000 ____D C:\Users\tzc00\AppData\Local\NVIDIA
2020-03-30 00:39 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\Help
2020-03-29 10:57 - 2019-08-27 20:08 - 000000000 ____D C:\Users\tzc00\AppData\Local\TeamViewer

==================== Files in the root of some directories ========

2019-01-26 20:05 - 2020-01-15 20:17 - 000001456 _____ () C:\Users\tzc00\AppData\Local\Adobe Save for Web 13.0 Prefs
2018-09-29 23:45 - 2018-09-29 23:45 - 000000036 _____ () C:\Users\tzc00\AppData\Local\housecall.guid.cache
2018-11-08 20:35 - 2018-11-08 20:35 - 000000410 _____ () C:\Users\tzc00\AppData\Local\oobelibMkey.log
2018-11-01 20:44 - 2019-01-08 16:35 - 000007597 _____ () C:\Users\tzc00\AppData\Local\Resmon.ResmonCfg
2018-09-30 13:33 - 2019-09-21 21:49 - 000000010 _____ () C:\Users\tzc00\AppData\Local\sponge.last.runtime.cache

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
Attached Files
File Type: txt Addition.txt (80.7 KB, 8 views)
TanMan5 is offline  
Sponsored Links
Advertisement
 
Old 04-30-2020, 09:04 AM   #2
Moderator
Security Team
 
Gary R's Avatar
 
Join Date: Jul 2008
Location: Yorkshire
Posts: 662
OS: W8.1 x64, Mint Cinnamon 19.2 x64, MX Linux x64



Looking over your logs, there's quite a bit I need to research in them, so it could well be tomorrow morning (my time GMT) before I get back to you.
__________________
Gary R is offline  
Old 04-30-2020, 09:07 AM   #3
Registered Member
 
Join Date: May 2015
Posts: 66
OS: Win 10



Quote:
Originally Posted by Gary R View Post
Looking over your logs, there's quite a bit I need to research in them, so it could well be tomorrow morning (my time GMT) before I get back to you.
Appreciate it, but as for now my PC is functioning normally.
TanMan5 is offline  
Sponsored Links
Advertisement
 
Old 04-30-2020, 01:24 PM   #4
Moderator
Security Team
 
Gary R's Avatar
 
Join Date: Jul 2008
Location: Yorkshire
Posts: 662
OS: W8.1 x64, Mint Cinnamon 19.2 x64, MX Linux x64



So do you want me to close this topic ?
__________________
Gary R is offline  
Old 04-30-2020, 03:13 PM   #5
Registered Member
 
Join Date: May 2015
Posts: 66
OS: Win 10



Quote:
Originally Posted by Gary R View Post
So do you want me to close this topic ?
This morning the issue arose again, but it is once again working normally. Seems to be intermittent.
TanMan5 is offline  
Old 04-30-2020, 10:43 PM   #6
Moderator
Security Team
 
Gary R's Avatar
 
Join Date: Jul 2008
Location: Yorkshire
Posts: 662
OS: W8.1 x64, Mint Cinnamon 19.2 x64, MX Linux x64



No obvious signs of an active infection in the logs you've supplied.

What I suggest you do to try and resolve your problem is as follows ...

First ...

Uninstall Brave, in my experience it is not the most stable of browsers, and can create problems.

Please note ... the inbuilt uninstaller for Brave does not do a very good job, and leaves behind quite a few orphans, so I recommend that you unistall Brave using RevoUninstaller ... https://www.revouninstaller.com/revo...free-download/ ... I usually use the free portable version, which does not require you to install it on your machine.

I would also recommend that you uninstall qBittorrent as well. P2P/torrent programs are a sure conduit for infection to get onto your machine, and are the favourite vehicle for most malware authors.

Reboot your computer to complete the uninstall process.

Next ....

Please uninstall the following Chrome Extensions ...

Quote:
Chrome Web Store Payments nmmhkkegccagdldgiimedpiccmgmieda
Chrome Media Router pkedcjkdefgpdelpbcmbmeomcjbeemfm
https://www.timeatlas.com/uninstall-chrome-extensions/

Next ...
  • Start FRST in a similar manner to when you ran a scan earlier, but this time when it opens ....
  • Press Ctrl+y (Ctrl and y keys at the same time)
  • A blank randomly named .txt Notepad file will open.
  • Copy and paste the following into it (don't include Code: Select all) ....
Code:
Hosts:
EmptyTemp:
Cmd: ipconfig /flushdns
AlternateDataStreams: C:\Users\tzc00\Application Data:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\tzc00\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
  • Press Ctrl+s to save fixlist.txt
NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system
  • Now press the Fix button once and wait.
  • FRST will process fixlist.txt
  • When finished, it will produce a log fixlog.txt in the same folder/directory as FRST64.exe
  • Please post me the log

Please let me know if this has resolved or improved your problem.
icotonev likes this.
__________________
Gary R is offline  
Old 05-01-2020, 10:44 AM   #7
Registered Member
 
Join Date: May 2015
Posts: 66
OS: Win 10



The txt I saved the code to was named 'xwastpjnqw.txt', not sure if that matters.

My launchers are still misbehaving and the websites mentioned before still appear broken

Fix result of Farbar Recovery Scan Tool (x64) Version: 30-04-2020
Ran by tzc00 (01-05-2020 10:36:47) Run:1
Running from C:\Users\tzc00\Downloads
Loaded Profiles: tzc00 (Available Profiles: tzc00)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Hosts:
EmptyTemp:
Cmd: ipconfig /flushdns
AlternateDataStreams: C:\Users\tzc00\Application Data:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\tzc00\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
*****************

C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

========= ipconfig /flushdns =========


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========

C:\Users\tzc00\Application Data => ":00e481b5e22dbe1f649fcddd505d3eb7" ADS removed successfully
"C:\Users\tzc00\AppData\Roaming" => ":00e481b5e22dbe1f649fcddd505d3eb7" ADS not found.

=========== EmptyTemp: ==========

BITS transfer queue => 10248192 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 26551163 B
Java, Flash, Steam htmlcache => 335587384 B
Windows/system/drivers => 8433695 B
Edge => 10338179 B
Chrome => 325625704 B
Firefox => 37242655 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 2370 B
NetworkService => 5094038 B
defaultuser0 => 5101206 B
tzc00 => 208292096 B

RecycleBin => 4477306 B
EmptyTemp: => 931.7 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 10:38:39 ====
TanMan5 is offline  
Old 05-01-2020, 03:07 PM   #8
Moderator
Security Team
 
Gary R's Avatar
 
Join Date: Jul 2008
Location: Yorkshire
Posts: 662
OS: W8.1 x64, Mint Cinnamon 19.2 x64, MX Linux x64



Have you tried checking your Windows System Files for corruption ?

If not, please do the following ...
  • Start FRST in a similar manner to when you ran a scan earlier, but this time when it opens ....
  • Press Ctrl+y (Ctrl and y keys at the same time)
  • A blank randomly named .txt Notepad file will open.
  • Copy and paste the following into it ....
Code:
CMD: DISM.exe /Online /Cleanup-image /Restorehealth
  • Press Ctrl+s to save fixlist.txt
NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system
  • Now press the Fix button once and wait.
  • FRST will process fixlist.txt and run a system file scan using Deployment Image Servicing and Management (DISM) tool, repairing any corrupted files it finds. This uses Windows Update Client, so dependant on your processor, and connection speed, this may take some time to complete (on my machine it took just over half an hour).
  • When finished, it will produce a log fixlog.txt in the same folder/directory as FRST64.exe
  • Please post me the log

Also, please let me know if this has any effect on your problem.
__________________
Gary R is offline  
Old 05-01-2020, 03:20 PM   #9
Registered Member
 
Join Date: May 2015
Posts: 66
OS: Win 10



No noticeable changes, game launchers still behaving poorly, Albion website still broken for me only.

~~

Fix result of Farbar Recovery Scan Tool (x64) Version: 30-04-2020
Ran by tzc00 (01-05-2020 15:08:49) Run:2
Running from C:\Users\tzc00\Downloads
Loaded Profiles: tzc00 (Available Profiles: tzc00)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CMD: DISM.exe /Online /Cleanup-image /Restorehealth
*****************


========= DISM.exe /Online /Cleanup-image /Restorehealth =========


Deployment Image Servicing and Management tool
Version: 10.0.18362.1

Image Version: 10.0.18362.778


[== 4.5% ]

[== 4.7% ]

[== 5.1% ]

[=== 5.5% ]

[=== 5.9% ]

[=== 6.4% ]

[==== 6.9% ]

[==== 7.3% ]

[==== 7.6% ]

[==== 8.3% ]

[==== 8.5% ]

[===== 8.7% ]

[===== 8.9% ]

[===== 9.0% ]

[===== 9.1% ]

[===== 9.2% ]

[===== 9.3% ]

[===== 9.3% ]

[===== 9.4% ]

[===== 9.7% ]

[===== 10.2% ]

[====== 11.2% ]

[======= 12.2% ]

[======= 13.2% ]

[======== 14.2% ]

[======== 14.9% ]

[========= 15.5% ]

[========= 16.5% ]

[========== 17.3% ]

[========== 18.3% ]

[=========== 19.3% ]

[=========== 20.1% ]

[============ 20.8% ]

[============ 21.4% ]

[============ 22.0% ]

[============= 23.0% ]

[============= 23.9% ]

[============== 24.9% ]

[=============== 25.9% ]

[=============== 26.9% ]

[================ 27.9% ]

[================ 28.9% ]

[================= 29.9% ]

[================= 30.9% ]

[================== 31.9% ]

[=================== 32.9% ]

[=================== 33.6% ]

[=================== 34.4% ]

[==================== 34.8% ]

[==================== 34.9% ]

[==================== 35.2% ]

[==================== 36.2% ]

[===================== 37.2% ]

[====================== 38.2% ]

[====================== 39.2% ]

[======================= 40.2% ]

[======================= 41.2% ]

[======================== 42.2% ]

[========================= 43.2% ]

[========================= 44.2% ]

[========================== 45.2% ]

[========================== 46.2% ]

[===========================47.1% ]

[===========================47.5% ]

[===========================47.9% ]

[===========================48.9% ]

[===========================49.5% ]

[===========================49.8% ]

[===========================50.0% ]

[===========================50.3% ]

[===========================50.7% ]

[===========================51.7% ]

[===========================52.1% ]

[===========================52.7% ]

[===========================53.3% ]

[===========================54.0% ]

[===========================54.8% ]

[===========================55.5% ]

[===========================56.4% ]

[===========================57.2%= ]

[===========================58.2%= ]

[===========================59.2%== ]

[===========================60.2%== ]

[===========================61.2%=== ]

[===========================62.2%==== ]

[===========================63.2%==== ]

[===========================63.7%==== ]

[===========================64.4%===== ]

[===========================64.8%===== ]

[===========================65.5%===== ]

[===========================66.0%====== ]

[===========================66.4%====== ]

[===========================67.0%====== ]

[===========================67.5%======= ]

[===========================68.1%======= ]

[===========================68.6%======= ]

[===========================69.1%======== ]

[===========================69.5%======== ]

[===========================69.6%======== ]

[===========================70.0%======== ]

[===========================70.4%======== ]

[===========================71.1%========= ]

[===========================71.5%========= ]

[===========================72.2%========= ]

[===========================72.7%========== ]

[===========================73.7%========== ]

[===========================74.7%=========== ]

[===========================75.5%=========== ]

[===========================76.5%============ ]

[===========================77.5%============ ]

[===========================78.5%============= ]

[===========================79.5%============== ]

[===========================80.1%============== ]

[===========================80.5%============== ]

[===========================80.9%============== ]

[===========================81.6%=============== ]

[===========================82.1%=============== ]

[===========================82.8%================ ]

[===========================83.5%================ ]

[===========================84.5%================= ]

[===========================85.5%================= ]

[===========================86.1%================= ]

[===========================86.6%================== ]

[===========================87.5%================== ]

[===========================87.7%================== ]

[===========================88.1%=================== ]

[===========================89.1%=================== ]

[===========================90.1%==================== ]

[==========================100.0%==========================]
The restore operation completed successfully.
The operation completed successfully.

========= End of CMD: =========


==== End of Fixlog 15:10:49 ====
TanMan5 is offline  
Old 05-01-2020, 10:37 PM   #10
Moderator
Security Team
 
Gary R's Avatar
 
Join Date: Jul 2008
Location: Yorkshire
Posts: 662
OS: W8.1 x64, Mint Cinnamon 19.2 x64, MX Linux x64



OK, the DISM command was part 1 of fixing your system files, and often it's enough. So let's try part 2, and see if that gets us any further ....
  • Start FRST in a similar manner to when you ran a scan earlier, but this time when it opens ....
  • Press Ctrl+y (Ctrl and y keys at the same time)
  • A blank randomly named .txt Notepad file will open.
  • Copy and paste the following into it ....
Code:
CMD: sfc /scannow
  • Press Ctrl+s to save fixlist.txt
NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system
  • Now press the Fix button once and wait.
  • FRST will process fixlist.txt, and will run a system file scan which can last quite some time, and may require a reboot of your computer.
  • When finished, it will produce a log fixlog.txt in the same folder/directory as FRST64.exe
  • Please post me the log, and let me know if it improves anything
__________________
Gary R is offline  
Old 05-02-2020, 10:42 AM   #11
Registered Member
 
Join Date: May 2015
Posts: 66
OS: Win 10



Same issues, launchers no loading and website coming up broken

Fix result of Farbar Recovery Scan Tool (x64) Version: 30-04-2020
Ran by tzc00 (02-05-2020 10:37:48) Run:3
Running from C:\Users\tzc00\Downloads
Loaded Profiles: tzc00 (Available Profiles: tzc00)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CMD: sfc /scannow
*****************


========= sfc /scannow =========



Beginning system scan. This process will take some time.



Beginning verification phase of system scan.


Verification 0% complete.
Verification 1% complete.
Verification 1% complete.
Verification 2% complete.
Verification 3% complete.
Verification 3% complete.
Verification 4% complete.
Verification 5% complete.
Verification 5% complete.
Verification 6% complete.
Verification 6% complete.
Verification 7% complete.
Verification 8% complete.
Verification 8% complete.
Verification 9% complete.
Verification 10% complete.
Verification 10% complete.
Verification 11% complete.
Verification 11% complete.
Verification 12% complete.
Verification 13% complete.
Verification 13% complete.
Verification 14% complete.
Verification 15% complete.
Verification 15% complete.
Verification 16% complete.
Verification 16% complete.
Verification 17% complete.
Verification 18% complete.
Verification 18% complete.
Verification 19% complete.
Verification 20% complete.
Verification 20% complete.
Verification 21% complete.
Verification 21% complete.
Verification 22% complete.
Verification 23% complete.
Verification 23% complete.
Verification 24% complete.
Verification 25% complete.
Verification 25% complete.
Verification 26% complete.
Verification 26% complete.
Verification 27% complete.
Verification 28% complete.
Verification 28% complete.
Verification 29% complete.
Verification 30% complete.
Verification 30% complete.
Verification 31% complete.
Verification 31% complete.
Verification 32% complete.
Verification 33% complete.
Verification 33% complete.
Verification 34% complete.
Verification 35% complete.
Verification 35% complete.
Verification 36% complete.
Verification 36% complete.
Verification 37% complete.
Verification 38% complete.
Verification 38% complete.
Verification 39% complete.
Verification 40% complete.
Verification 40% complete.
Verification 41% complete.
Verification 41% complete.
Verification 42% complete.
Verification 43% complete.
Verification 43% complete.
Verification 44% complete.
Verification 45% complete.
Verification 45% complete.
Verification 46% complete.
Verification 47% complete.
Verification 47% complete.
Verification 48% complete.
Verification 48% complete.
Verification 49% complete.
Verification 50% complete.
Verification 50% complete.
Verification 51% complete.
Verification 52% complete.
Verification 52% complete.
Verification 53% complete.
Verification 53% complete.
Verification 54% complete.
Verification 55% complete.
Verification 55% complete.
Verification 56% complete.
Verification 57% complete.
Verification 57% complete.
Verification 58% complete.
Verification 58% complete.
Verification 59% complete.
Verification 60% complete.
Verification 60% complete.
Verification 61% complete.
Verification 62% complete.
Verification 62% complete.
Verification 63% complete.
Verification 63% complete.
Verification 64% complete.
Verification 65% complete.
Verification 65% complete.
Verification 66% complete.
Verification 67% complete.
Verification 67% complete.
Verification 68% complete.
Verification 68% complete.
Verification 69% complete.
Verification 70% complete.
Verification 70% complete.
Verification 71% complete.
Verification 72% complete.
Verification 72% complete.
Verification 73% complete.
Verification 73% complete.
Verification 74% complete.
Verification 75% complete.
Verification 75% complete.
Verification 76% complete.
Verification 77% complete.
Verification 77% complete.
Verification 78% complete.
Verification 78% complete.
Verification 79% complete.
Verification 80% complete.
Verification 80% complete.
Verification 81% complete.
Verification 82% complete.
Verification 82% complete.
Verification 83% complete.
Verification 83% complete.
Verification 84% complete.
Verification 85% complete.
Verification 85% complete.
Verification 86% complete.
Verification 87% complete.
Verification 87% complete.
Verification 88% complete.
Verification 89% complete.
Verification 89% complete.
Verification 90% complete.
Verification 90% complete.
Verification 91% complete.
Verification 92% complete.
Verification 92% complete.
Verification 93% complete.
Verification 94% complete.
Verification 94% complete.
Verification 95% complete.
Verification 95% complete.
Verification 96% complete.
Verification 97% complete.
Verification 97% complete.
Verification 98% complete.
Verification 99% complete.
Verification 99% complete.
Verification 100% complete.


Windows Resource Protection found corrupt files and successfully repaired them.

For online repairs, details are included in the CBS log file located at

windir\Logs\CBS\CBS.log. For example C:\Windows\Logs\CBS\CBS.log. For offline

repairs, details are included in the log file provided by the /OFFLOGFILE flag.


========= End of CMD: =========


==== End of Fixlog 10:39:39 ====
TanMan5 is offline  
Old 05-02-2020, 11:40 AM   #12
Moderator
Security Team
 
Gary R's Avatar
 
Join Date: Jul 2008
Location: Yorkshire
Posts: 662
OS: W8.1 x64, Mint Cinnamon 19.2 x64, MX Linux x64



OK, couple of last checks to make.

First ....
  • Right click on Start and select Command Prompt (Admin)
  • When prompted allow the prompt
  • An Administration Command Prompt window will open
  • Type chkdsk /spotfix and then hit enter
  • You will get a message telling you the volume is in use, and asking if you want to schedule a check at the next restart
  • Type Y and hit return
  • Exit the command window.
  • Restart your computer

On restart your computer will check your hard drive for problems, and fix any it finds. Dependant on number of problems this may take just a few minutes, or considerably longer.

Next ....

I'd like you to run an online AV scan for me, to see if I've missed something in your FRST logs ...

Download ESET Online Scanner and save it to your desktop.
  • Right-click on esetonlinescanner_enu.exe and select Run as Administrator.
  • When the tool opens, click Get Started.
  • Read and accept the license agreement.
  • At the Welcome to ESET Online Scanner window, click Get Started.
  • Select whether you would like to send anonymous data to ESET.
  • Note: if you see the "Welcome Back to ESET Online Scanner" screen, click Computer Scan > Full Scan.
  • Click on the Full Scan option.[/*]
  • Select Enable ESET to detect and remove potentially unwanted applications, then click Start scan.
  • ESET will now begin scanning your computer. This may take some time.
  • When the scan is finished and if threats have been detected, select Save scan log. Save it to your desktop as eset.txt. Click on Continue.
  • ESET Online Scanner may ask if you'd like to turn on the Periodic Scan feature. Click on Continue.
  • On the next screen, you can leave feedback about the program if you wish. Check the box for Delete application data on closing. If you left feedback, click Submit and continue. If not, Close without feedback.
  • Open the scan log on your desktop (eset.txt) and copy and paste its contents into your next reply.
__________________
Gary R is offline  
Old 05-02-2020, 03:07 PM   #13
Registered Member
 
Join Date: May 2015
Posts: 66
OS: Win 10



This morning everything was operating normally. Ran the scans Now


5/2/2020 15:02:12 PM
Files scanned: 883433
Detected files: 8
Cleaned files: 8
Total scan time 01:53:09
Scan status: Finished


C:\Users\tzc00\AppData\Roaming\PowerISO\Upgrade\PowerISO7-x64.exe a variant of Win32/FusionCore.AY.gen potentially unwanted application cleaned by deleting
C:\Users\tzc00\Downloads\CR_Downloader_for_baldur's-gate---dark-alliance_0460792000.exe Win32/InstallCore.Gen.B potentially unwanted application cleaned by deleting
C:\Users\tzc00\Downloads\PowerISO7-x64.exe a variant of Win32/FusionCore.AY.gen potentially unwanted application cleaned by deleting
C:\Users\tzc00\Downloads\spsetup132.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting
E:\FileHistory\tzc00\DESKTOP-1FIVMTR\Data\C\Users\tzc00\Downloads\biosagentplus_1218 (2019_03_03 06_21_44 UTC).exe a variant of Win32/DriverAgent.A potentially unwanted application cleaned by deleting
E:\FileHistory\tzc00\DESKTOP-1FIVMTR\Data\C\Users\tzc00\Downloads\CR_Downloader_for_baldur's-gate---dark-alliance_0460792000 (2020_03_15 19_04_14 UTC).exe Win32/InstallCore.Gen.B potentially unwanted application cleaned by deleting
E:\FileHistory\tzc00\DESKTOP-1FIVMTR\Data\C\Users\tzc00\Downloads\PowerISO7-x64 (2020_02_04 00_20_48 UTC).exe a variant of Win32/FusionCore.AY.gen potentially unwanted application cleaned by deleting
E:\FileHistory\tzc00\DESKTOP-1FIVMTR\Data\C\Users\tzc00\Downloads\spsetup132 (2019_08_25 17_36_19 UTC).exe Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting
TanMan5 is offline  
Old 05-02-2020, 03:27 PM   #14
Registered Member
 
Join Date: May 2015
Posts: 66
OS: Win 10



** Still running properly after the scans too, forgot to add.
TanMan5 is offline  
Old 05-02-2020, 10:52 PM   #15
Moderator
Security Team
 
Gary R's Avatar
 
Join Date: Jul 2008
Location: Yorkshire
Posts: 662
OS: W8.1 x64, Mint Cinnamon 19.2 x64, MX Linux x64



OK, the detections by e-set are all "potentially unwanted programs" (PUPS) and their presence is not necessarily the cause of your problems, but it's probably better that they're removed.

If your problem has been resolved, it's much more likely to be because of the disk scan.

I'll leave this topic open for a couple of days, if your problem recurs then please let me know, if not then I think that we can call it resolved and I'll close it.
__________________
Gary R is offline  
Old 05-05-2020, 05:29 PM   #16
Registered Member
 
Join Date: May 2015
Posts: 66
OS: Win 10



Worked fine all day today, only just now is giving me the same issue as before
TanMan5 is offline  
Old 05-05-2020, 09:49 PM   #17
Moderator
Security Team
 
Gary R's Avatar
 
Join Date: Jul 2008
Location: Yorkshire
Posts: 662
OS: W8.1 x64, Mint Cinnamon 19.2 x64, MX Linux x64



Please run another e-set scan for me, and let's see if any of the detections it made last time have recurred.

My gut feeling is they won't have, because I don't think that malware is the cause of your problem, but it would be foolish not to make sure before we try anything else.
__________________
Gary R is offline  
Old 05-06-2020, 10:57 AM   #18
Registered Member
 
Join Date: May 2015
Posts: 66
OS: Win 10



This morning before the scan everything was operating normally. Geez.

5/6/2020 10:55:57 AM
Files scanned: 886479
Detected files: 0
Cleaned files: 0
Total scan time: 01:46:54
Scan status: Finished
TanMan5 is offline  
Old 05-06-2020, 02:48 PM   #19
Moderator
Security Team
 
Gary R's Avatar
 
Join Date: Jul 2008
Location: Yorkshire
Posts: 662
OS: W8.1 x64, Mint Cinnamon 19.2 x64, MX Linux x64



OK, so looking at your latest scan results, I think we can safely eliminate Malware as being the source of your problem.

We've repaired some System File problems, and run a basic disk check and fix.

To be honest, we're now getting to the limits of my ability to troubleshoot this problem.

My expertise and experience is in removing Malware, and as far as I can see, your problems are not being caused by Malware.

The intermittent nature of them, would tend to suggest to me that they are being caused by some kind of system instability, or hardware instability.

Obviously the basic system fixes we've done have not fully resolved things, and it may be that you need to run some more in depth disk checks, and/or re-install your OS.

That's not really my area of expertise, so you'll probably be better advised by the guys in W10 support and/or Hardware support.

Please feel free to refer them to this topic.

Please understand also, that I'm not trying to fob you off on others, I'm just trying to get you the best help, and hopefully a permanent resolution to your problems.
__________________
Gary R is offline  
Old 05-06-2020, 08:22 PM   #20
Registered Member
 
Join Date: May 2015
Posts: 66
OS: Win 10



I appreciate the time you took to help me. It works more than it doesn't now.
TanMan5 is offline  
Closed Thread

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is on
Smilies are on
[IMG] code is on
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Post a Question


» Site Navigation
 > FAQ
  > 10.0.0.2
Powered by vBadvanced CMPS v3.2.3


All times are GMT -7. The time now is 03:35 PM.


Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2020, vBulletin Solutions, Inc.
vBulletin Security provided by vBSecurity v2.2.2 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
User Alert System provided by Advanced User Tagging v3.1.0 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
Copyright 2001 - 2018, Tech Support Forum

Windows 10 - Windows 7 - Windows XP - Windows Vista - Trojan Removal - Spyware Removal - Virus Removal - Networking - Security - Top Web Hosts