Jump to content

Miner.Bitcoinminer Activity 7 detected by Norton


Recommended Posts

Hello,

So I've been getting this notification all the time.
image.png.52667c770e0e33947b54ddd8fd6b81b0.png
 

I've ran Norton, Malwarebytes, Adwcleaner, and hitmanpro before and seemed to have fixed it.
However, now the notification is back. I ran all 4 programs with RogueKiller and nothing is picking up a threat and I keep getting this notification.

Can someone please help me fix this issue. Thank you.

Link to post
Share on other sites

Hello, Welcome to Malwarebytes.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

I need more information to give you sound advice.

Download the Farbar Recovery Scan Tool (FRST).
Choose the 32 or 64 bit version for your system.
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

How to attach a file:
In the Reply section in the bottom of the topic Select Click the Choose a File.
Navigate to the location of the File.
Click the file. It will appear in section.
Click the Saving button.

Wait for further instructions
====

Link to post
Share on other sites

Hi Nasdaq,

I didn't get the miner.bitcoinminer notification for 1 day, but now it's back.
I downloaded and scanned with FRST.


Here is the log I got:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-06-2019
Ran by donki (administrator) on DESKTOP-OUNS0AU (Dell Inc. G5 5587) (25-06-2019 14:18:50)
Running from C:\Users\donki\Downloads
Loaded Profiles: donki (Available Profiles: donki)
Platform: Windows 10 Home Version 1803 17134.829 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.46.60.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19041.16510.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.19031.11411.0_x64__8wekyb3d8bbwe\Music.UI.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
() [File not signed] C:\vms\VBoxVmService64.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\nvapiw.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe
(Dell Inc. -> ) C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.2.5.0_x64__htrsf667h5kn2\win32\SupportAssistAppWire.exe
(Dell Inc. -> ) C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.2.5.0_x64__htrsf667h5kn2\win32\SupportAssistAppWire.exe
(Dell Inc. -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Discord Inc. -> Discord Inc.) C:\Users\donki\AppData\Local\Discord\app-0.0.305\Discord.exe
(Discord Inc. -> Discord Inc.) C:\Users\donki\AppData\Local\Discord\app-0.0.305\Discord.exe
(Discord Inc. -> Discord Inc.) C:\Users\donki\AppData\Local\Discord\app-0.0.305\Discord.exe
(Discord Inc. -> Discord Inc.) C:\Users\donki\AppData\Local\Discord\app-0.0.305\Discord.exe
(EnigmaSoft Limited -> EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe
(EnigmaSoft Limited -> EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe
(EnigmaSoft Limited -> EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\SpyHunter5.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dc_comp.inf_amd64_82f69cea8b2d928f\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dc_comp.inf_amd64_82f69cea8b2d928f\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dc_base.inf_amd64_55c12d0c9f31d154\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dc_base.inf_amd64_55c12d0c9f31d154\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_d778d9f2df7418ce\RstMwService.exe
(Intel(R) Software Development Products -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_9008c589d5116a6b\aesm_service.exe
(Intel(R) Trust Services -> Intel(R) Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\donki\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.46.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.46.60.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsStore_11905.1001.4.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CastSrv.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Native Instruments GmbH -> Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareAccessibilityHelper.exe
(Native Instruments GmbH -> Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHostIntegrationAgent.exe
(Native Instruments GmbH -> Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\NTK\NTKDaemon.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Oracle Corporation -> ) C:\Program Files\Oracle\VirtualBox\VBoxHeadless.exe
(Oracle Corporation -> ) C:\Program Files\Oracle\VirtualBox\VBoxHeadless.exe
(Oracle Corporation -> ) C:\Program Files\Oracle\VirtualBox\VBoxHeadless.exe
(Oracle Corporation -> Oracle Corporation) C:\Program Files\Oracle\VirtualBox\VBoxSVC.exe
(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7033.2285\DSAPI.exe
(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7033.2285\pcdrwi.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Rivet Networks LLC -> CloudBees, Inc.) C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe
(Rivet Networks LLC -> CloudBees, Inc.) C:\Windows\System32\drivers\RivetNetworks\Killer\SETA890.tmp
(Rivet Networks LLC -> Rivet Networks LLC) C:\Program Files\Rivet Networks\SmartByte\RNDBWM.exe
(Rivet Networks LLC -> Rivet Networks LLC) C:\Windows\System32\drivers\RivetNetworks\Killer\SETA87E.tmp
(Rivet Networks LLC -> Rivet Networks) C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe
(Rivet Networks LLC -> Rivet Networks) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe
(Symantec Corporation -> Symantec Corporation) C:\Program Files\Norton Security\Engine\22.17.2.47\NortonSecurity.exe
(Symantec Corporation -> Symantec Corporation) C:\Program Files\Norton Security\Engine\22.17.2.47\NortonSecurity.exe
(Symantec Corporation -> Symantec Corporation) C:\Program Files\Norton Security\Engine\22.17.2.47\nsWscSvc.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_5ff36f834a6d461a\WavesSvc64.exe
(Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_5ff36f834a6d461a\WavesSysSvc64.exe
(Zemana D.O.O. Sarajevo -> Copyright 2018.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Zemana D.O.O. Sarajevo -> Copyright 2018.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\RtkAudUService64.exe [834336 2019-02-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Windows\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_5ff36f834a6d461a\WavesSvc64.exe [1222536 2018-12-05] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [DellMobileConnectWelcome] => C:\Program Files\Dell\DellMobileConnectDrivers\DellMobileConnectWStartup.exe [313064 2018-10-05] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [319544 2019-01-09] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [25160568 2019-02-14] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-623422119-4129174335-1793513392-1001\...\Run: [Spotify] => C:\Users\donki\AppData\Roaming\Spotify\Spotify.exe [25386912 2019-06-14] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-623422119-4129174335-1793513392-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3148576 2019-06-17] (Valve -> Valve Corporation)
HKU\S-1-5-21-623422119-4129174335-1793513392-1001\...\Run: [Discord] => C:\Users\donki\AppData\Local\Discord\app-0.0.305\Discord.exe [81780056 2019-03-07] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-623422119-4129174335-1793513392-1001\...\Run: [KakaoTalk] => C:\Program Files (x86)\Kakao\KakaoTalk\KakaoTalk.exe [10540648 2019-06-05] (Kakao corp. -> Kakao Corp. )
HKU\S-1-5-21-623422119-4129174335-1793513392-1001\...\Run: [com.squirrel.splice.Splice] => C:\Users\donki\AppData\Local\splice\app-3.4.61\Splice.exe [52374928 2019-04-10] (DISTRIBUTED CREATION INC. -> Splice)
HKU\S-1-5-21-623422119-4129174335-1793513392-1001\...\Run: [EpicGamesLauncher] => D:\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [35519888 2019-06-20] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-623422119-4129174335-1793513392-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22691064 2019-06-04] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.100\Installer\chrmstp.exe [2019-06-20] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NIHardwareAccessibilityHelper.exe.lnk [2019-03-24]
ShortcutTarget: NIHardwareAccessibilityHelper.exe.lnk -> C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareAccessibilityHelper.exe (Native Instruments GmbH -> Native Instruments GmbH)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NTKDaemon.lnk [2019-03-24]
ShortcutTarget: NTKDaemon.lnk -> C:\Program Files\Common Files\Native Instruments\NTK\NTKDaemon.exe (Native Instruments GmbH -> Native Instruments GmbH)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {05CDEE4D-D0FC-4C3F-BF14-4CB14C24715E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2018-12-19] (Google Inc -> Google Inc.)
Task: {08160676-E4C1-4D01-853D-1180E41D8C5C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2409040 2019-06-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {08E34E67-F46A-43E1-B3A7-B10D6EE6709B} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe [2225296 2019-06-06] (Symantec Corporation -> Symantec Corporation)
Task: {0B3AD22D-07A7-4515-964F-FE61938EBF2F} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3297728 2018-05-21] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1AAAED94-39D7-4040-ABD8-446A587BAF76} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16664352 2019-06-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {26580224-AA67-4E85-9E51-48BD096ED857} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [857024 2018-05-21] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2F4C4D5C-3C66-4669-B137-455F37138A32} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [1512920 2019-05-24] (Dell Inc. -> Dell Inc.)
Task: {2F6A9FEE-4210-4760-90DE-3A62CDC66E4F} - System32\Tasks\Microsoft\Office\OfficeOsfInstaller => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\osfinstaller.exe [87120 2019-06-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {3316069B-3868-4736-9326-85235DD3376D} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1526352 2019-06-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {39C326B2-E347-45E9-929B-B34CFBD36433} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-06-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {3B22306A-11AA-4E99-A253-4E979BCC3AB8} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => sc.exe start ThunderboltService
Task: {434ADB65-36BC-4429-B22F-741DCAF09F2C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2409040 2019-06-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {48E2B5DD-B0F9-47E2-B369-7E51CF486C1F} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764352 2018-05-21] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {52037E65-669F-46C6-B5CC-F172B40AC41B} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [654784 2018-05-21] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5279D522-B40B-4F65-84BC-B10E565803DF} - System32\Tasks\Norton Security\Norton Security Error Analyzer => C:\Program Files\Norton Security\Engine\22.17.2.47\SymErr.exe [101392 2019-06-06] (Symantec Corporation -> Symantec Corporation)
Task: {55E1E6C7-316F-487C-AC2F-566CFE606E88} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764352 2018-05-21] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5ADAE826-9ADE-4762-9A12-129004A86AC4} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [982464 2018-05-21] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5DE0A96D-930F-4442-833D-771F5A1C2999} - System32\Tasks\SmartByte Telemetry => C:\Program Files\Rivet Networks\SmartByte\SmartByteTelemetry.exe [33984 2019-03-07] (Rivet Networks LLC -> DELL)
Task: {6180E588-02E4-4D69-95EC-E9014146C5F6} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\tbtsvc.exe [2302168 2018-12-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {64816238-F2DC-4A04-99C7-14BDAA291EAB} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on switch user if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226008 2018-12-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {71AB4945-3F77-4D6E-8820-34ED1A773FC3} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [753448 2019-06-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {7AA611AE-F07E-4FED-A0C8-EDBA8E21A039} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226008 2018-12-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {9172FCBA-B9E3-49FC-9079-849D68F93C23} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [934848 2018-05-21] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {94FB85F8-5523-4ED6-9EC1-6359B304A50B} - System32\Tasks\Norton Security\Norton Security Error Processor => C:\Program Files\Norton Security\Engine\22.17.2.47\SymErr.exe [101392 2019-06-06] (Symantec Corporation -> Symantec Corporation)
Task: {A242B2CD-183B-439D-8299-5265E0A9DEE2} - System32\Tasks\Norton Security\Norton Security Autofix => C:\Program Files\Norton Security\Engine\22.17.2.47\SymErr.exe [101392 2019-06-06] (Symantec Corporation -> Symantec Corporation)
Task: {A6780DE6-0167-4A07-91C5-8C59C27462C9} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226008 2018-12-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {B474A198-2210-4BE2-B198-202B5D7D5E8F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {C8E70EFA-305F-4070-96FE-60615DDF604B} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [857024 2018-05-21] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CAC19246-4D53-40B0-919C-00A9F0208C6C} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23949600 2019-05-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {D1C0A136-47F6-4B30-8230-4832D8C7C717} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [934848 2018-05-21] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DBD4A06C-D24D-4A55-9E56-A90D35FEEB4D} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1526352 2019-06-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {DF8D9ED7-A0AD-4CA5-834B-CDC31F3C6C49} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2018-12-19] (Google Inc -> Google Inc.)
Task: {E1104442-3E12-4C9C-8EBE-E4091273CE1E} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security\Engine\22.17.2.47\WSCStub.exe [2225296 2019-06-06] (Symantec Corporation -> Symantec Corporation)
Task: {E973C49A-2B61-49C4-A4D8-77FB4B8DCDA2} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [934848 2018-05-21] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {ED144804-DC58-4FA0-B75A-5BBA7679041B} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23949600 2019-05-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {F2B4344A-965E-4740-A981-0F702401B9C3} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [934848 2018-05-21] (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{f65b5af6-e11c-4da4-bdec-15e2d520c259}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-623422119-4129174335-1793513392-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-623422119-4129174335-1793513392-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
SearchScopes: HKU\S-1-5-21-623422119-4129174335-1793513392-1001 -> DefaultScope {C8910869-F359-4830-B06A-D67210AD6CB1} URL = 
SearchScopes: HKU\S-1-5-21-623422119-4129174335-1793513392-1001 -> {C8910869-F359-4830-B06A-D67210AD6CB1} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-06-19] (Microsoft Corporation -> Microsoft Corporation)
BHO: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine\22.17.2.47\coIEPlg.dll [2019-06-06] (Symantec Corporation -> Symantec Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-01-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine32\22.17.2.47\coIEPlg.dll [2019-06-06] (Symantec Corporation -> Symantec Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine\22.17.2.47\coIEPlg.dll [2019-06-06] (Symantec Corporation -> Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine32\22.17.2.47\coIEPlg.dll [2019-06-06] (Symantec Corporation -> Symantec Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-18] (Microsoft Corporation -> Microsoft Corporation)

Edge: 
======
Edge Extension: (360 Viewer) -> EdgeExtension_Microsoft360Viewer_8wekyb3d8bbwe => C:\Program Files\WindowsApps\Microsoft.360Viewer_2.3.5.0_neutral__8wekyb3d8bbwe [2019-05-25]

FireFox:
========
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-01-18] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-01-18] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-14] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-14] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-02] (Adobe Inc. -> Adobe Systems Inc.)

Chrome: 
=======
CHR Profile: C:\Users\donki\AppData\Local\Google\Chrome\User Data\Default [2019-06-25]
CHR Extension: (Slides) - C:\Users\donki\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-12-19]
CHR Extension: (Adblocker for Chrome - NoAds) - C:\Users\donki\AppData\Local\Google\Chrome\User Data\Default\Extensions\alplpnakfeabeiebipdmaenpmbgknjce [2019-06-07]
CHR Extension: (Docs) - C:\Users\donki\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-12-19]
CHR Extension: (Google Drive) - C:\Users\donki\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-12-19]
CHR Extension: (YouTube) - C:\Users\donki\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-12-19]
CHR Extension: (Slinky Elegant) - C:\Users\donki\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmanlajnpdncmhfkiccmbgeocgbncfln [2019-06-23]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\donki\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-04-19]
CHR Extension: (Ebates Rakuten: Get Cash Back For Shopping) - C:\Users\donki\AppData\Local\Google\Chrome\User Data\Default\Extensions\chhjbpecpncaggjpdakmflnfcopglcmi [2019-06-01]
CHR Extension: (uBlock Origin) - C:\Users\donki\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2019-06-23]
CHR Extension: (Adblock for Youtube™) - C:\Users\donki\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2019-06-07]
CHR Extension: (Share on Rabbit) - C:\Users\donki\AppData\Local\Google\Chrome\User Data\Default\Extensions\dplabnbcafdgpcjmibgkekpaejlfhnkl [2019-01-15]
CHR Extension: (Adobe Acrobat) - C:\Users\donki\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-06-10]
CHR Extension: (Sheets) - C:\Users\donki\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-12-19]
CHR Extension: (Google Docs Offline) - C:\Users\donki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-12-19]
CHR Extension: (Hola Free VPN Proxy Unblocker) - C:\Users\donki\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2019-06-16]
CHR Extension: (SoundCloud Controller) - C:\Users\donki\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkakpffinehpokglibdifbidlgglgjmf [2019-01-07]
CHR Extension: (Grammarly for Chrome) - C:\Users\donki\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2019-06-13]
CHR Extension: (Chrome Web Store Payments) - C:\Users\donki\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-12-19]
CHR Extension: (Gmail) - C:\Users\donki\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\donki\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-20]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AESMService; C:\Windows\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_9008c589d5116a6b\aesm_service.exe [3364640 2018-08-31] (Intel(R) Software Development Products -> Intel Corporation)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9662544 2019-05-30] (Microsoft Corporation -> Microsoft Corporation)
S3 dcpm-notify; C:\Program Files\Dell\CommandPowerManager\NotifyService.exe [313440 2019-03-27] (Dell Inc -> Dell Inc.)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [209392 2019-02-28] (Dell Inc -> Dell Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3363824 2019-02-28] (Dell Inc -> Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [218096 2019-02-28] (Dell Inc -> Dell Inc.)
R2 Dell Digital Delivery Services; C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe [38048 2019-03-15] (Dell Inc -> )
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7033.2285\DSAPI.exe [1050952 2019-05-30] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
R2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [124568 2018-04-20] (Dell Inc -> Dell Inc.)
S3 Dell.CommandPowerManager.Service; C:\Windows\system32\dllhost.exe /Processid:{9EA1620A-9A18-4299-B235-A887987BA4B3} [20888 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
S3 Dell.CommandPowerManager.Service; C:\Windows\system32\dllhost.exe /Processid:{9EA1620A-9A18-4299-B235-A887987BA4B3} [20888 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [35976 2018-11-12] (Dell Inc -> )
R2 EsgShKernel; C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe [11457840 2019-06-23] (EnigmaSoft Limited -> EnigmaSoft Limited)
R2 esifsvc; C:\Windows\System32\Intel\DPTF\esif_uf.exe [1643064 2018-03-21] (Intel Corporation -> Intel Corporation)
S4 HfcDisableService; C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_d778d9f2df7418ce\HfcDisableService.exe [1860064 2019-01-09] (Intel(R) Rapid Storage Technology -> Intel Corporation)
S3 iaStorAfsService; C:\Windows\System32\iaStorAfsService.exe [2788320 2019-01-09] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe [775904 2018-09-14] (Intel(R) Trust Services -> Intel(R) Corporation)
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe [705760 2018-09-14] (Intel(R) Trust Services -> Intel(R) Corporation)
S2 IntelAudioService; C:\Windows\system32\cAVS\Intel(R) Audio Service\IntelAudioService.exe [355648 2019-02-27] (Microsoft Windows Hardware Compatibility Publisher -> Intel)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [218176 2018-11-16] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 Killer Network Service; C:\Windows\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe [2671216 2019-03-08] (Rivet Networks LLC -> Rivet Networks)
S3 KNDBWM; C:\Windows\System32\drivers\RivetNetworks\Killer\KNDBWMService.exe [72800 2019-03-08] (Rivet Networks LLC -> CloudBees, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [310880 2019-02-13] (Intel Corporation -> )
S3 NGS; C:\ProgramData\Nexon\NGS\NGService.exe [3097648 2019-03-05] (NEXON Korea Corporation. -> NEXON Korea Corporation)
R2 NIHostIntegrationAgent; C:\Program Files\Common Files\Native Instruments\Hardware\NIHostIntegrationAgent.exe [18575480 2019-03-04] (Native Instruments GmbH -> Native Instruments GmbH)
R2 NortonSecurity; C:\Program Files\Norton Security\Engine\22.17.2.47\NortonSecurity.exe [225608 2019-06-06] (Symantec Corporation -> Symantec Corporation)
R2 nsWscSvc; C:\Program Files\Norton Security\Engine\22.17.2.47\nsWscSvc.exe [933200 2019-06-06] (Symantec Corporation -> Symantec Corporation)
S3 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764352 2018-05-21] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764352 2018-05-21] (NVIDIA Corporation -> NVIDIA Corporation)
R2 RNDBWM; C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe [64184 2019-03-07] (Rivet Networks LLC -> CloudBees, Inc.)
R2 RstMwService; C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_d778d9f2df7418ce\RstMwService.exe [2112480 2019-01-09] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R2 RtkAudioUniversalService; C:\Windows\System32\RtkAudUService64.exe [834336 2019-02-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 ShMonitor; C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe [512816 2019-06-23] (EnigmaSoft Limited -> EnigmaSoft Limited)
R2 SmartByte Network Service x64; C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe [2351304 2019-03-07] (Rivet Networks LLC -> Rivet Networks)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [39896 2019-05-24] (Dell Inc. -> Dell Inc.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11665136 2019-01-16] (TeamViewer GmbH -> TeamViewer GmbH)
S3 ThunderboltService; C:\Program Files (x86)\Intel\Thunderbolt Software\tbtsvc.exe [2302168 2018-12-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
R2 VBoxVmService; C:\vms\VBoxVmService64.exe [127488 2017-10-19] () [File not signed]
R2 WavesSysSvc; C:\Windows\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_5ff36f834a6d461a\WavesSysSvc64.exe [884616 2018-12-05] (Waves Inc -> Waves Audio Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4413440 2019-03-14] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107160 2019-02-16] (Microsoft Corporation -> Microsoft Corporation)
S2 xTendSoftAPService; C:\Windows\System32\drivers\RivetNetworks\Killer\xTendSoftAPService.exe [72808 2019-03-08] (Rivet Networks LLC -> CloudBees, Inc.)
R2 xTendUtilityService; C:\Windows\System32\drivers\RivetNetworks\Killer\xTendUtilityService.exe [72816 2019-03-08] (Rivet Networks LLC -> CloudBees, Inc.)
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [25160568 2019-02-14] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [4107360 2019-02-13] (Intel Corporation -> Intel® Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 BHDrvx64; C:\Program Files\Norton Security\NortonData\22.17.2.47\Definitions\BASHDefs\20190620.002\BHDrvx64.sys [1935880 2019-06-19] (Symantec Corporation -> Symantec Corporation)
R3 bomebus; C:\Windows\System32\drivers\bomebus.sys [56376 2018-05-16] (Bome Software GmbH & Co.KG -> Bome Software GmbH & Co. KG)
R1 ccSet_NGC; C:\Windows\System32\drivers\NGCx64\1611020.02F\ccSetx64.sys [192704 2019-06-06] (Symantec Corporation -> Symantec Corporation)
R4 DBUtil_2_3; C:\Windows\TEMP\DBUtil_2_3.Sys [14840 2019-06-24] (Dell Inc. -> )
R3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [40824 2019-02-27] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
S3 DellProf; C:\Windows\system32\drivers\DellProf.sys [41208 2018-05-08] (Techporch Incorporated -> Dell Computer Corporation)
R3 dptf_acpi; C:\Windows\System32\drivers\dptf_acpi.sys [77224 2018-02-20] (Intel Corporation -> Intel Corporation)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [70568 2018-02-20] (Intel Corporation -> Intel Corporation)
R3 e2xw10x64; C:\Windows\System32\drivers\e2xw10x64.sys [165576 2018-04-17] (Rivet Networks LLC -> Qualcomm Atheros, Inc.)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [515592 2019-06-20] (Symantec Corporation -> Symantec Corporation)
R3 EnigmaFileMonDriver; C:\Windows\System32\drivers\EnigmaFileMonDriver.sys [68424 2019-06-23] (EnigmaSoft Limited -> EnigmaSoft Limited)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [153096 2019-06-20] (Symantec Corporation -> Symantec Corporation)
R3 esif_lf; C:\Windows\System32\drivers\esif_lf.sys [399784 2018-02-20] (Intel Corporation -> Intel Corporation)
R3 HfAudio; C:\Windows\system32\DRIVERS\HfAudio.sys [91200 2018-10-05] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
R3 HidEventFilter; C:\Windows\System32\drivers\HidEventFilter.sys [84008 2018-03-26] (Intel(R) Software -> Intel Corporation)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [226984 2018-05-02] (McAfee, Inc. -> McAfee, Inc.)
R3 iaLPSS2_GPIO2; C:\Windows\System32\drivers\iaLPSS2_GPIO2.sys [123520 2018-05-03] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R0 iaStorAC; C:\Windows\System32\drivers\iaStorAC.sys [1017312 2019-01-09] (Intel(R) Rapid Storage Technology -> Intel Corporation)
S3 iaStorAfs; C:\Windows\System32\drivers\iaStorAfs.sys [73184 2019-01-09] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [199200 2018-06-05] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R1 IDSVia64; C:\Program Files\Norton Security\NortonData\22.17.2.47\Definitions\IPSDefs\20190624.061\IDSvia64.sys [1441800 2019-06-20] (Symantec Corporation -> Symantec Corporation)
R3 IntcAudioBus; C:\Windows\System32\drivers\IntcAudioBus.sys [290568 2019-02-27] (Smart Sound Technology -> Intel(R) Corporation)
R3 IntcOED; C:\Windows\System32\drivers\IntcOED.sys [1159424 2019-02-27] (Smart Sound Technology -> Intel(R) Corporation)
R3 KfeCoSvc; C:\Windows\System32\drivers\RivetNetworks\Killer\KfeCo10X64.sys [151688 2019-03-08] (Rivet Networks LLC -> Rivet Networks, LLC.)
S3 libusb0; C:\Windows\system32\DRIVERS\libusb0.sys [43456 2016-05-02] (Akeo Consulting -> hxxp://libusb-win32.sourceforge.net)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [275232 2019-06-23] (Malwarebytes Corporation -> Malwarebytes)
S3 Netwtw04; C:\Windows\System32\drivers\Netwtw04.sys [7689728 2018-04-11] (Microsoft Windows -> Intel Corporation)
S3 Netwtw06; C:\Windows\System32\drivers\Netwtw06.sys [8742976 2018-03-23] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 Netwtw08; C:\Windows\System32\drivers\Netwtw08.sys [9037088 2019-02-14] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvdm.inf_amd64_a1845dc8b2accd98\nvlddmkm.sys [17200392 2018-07-05] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30656 2018-05-21] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [67432 2018-05-15] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [68112 2018-04-28] (NVIDIA Corporation -> NVIDIA Corporation)
S3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [604160 2018-04-11] (Microsoft Windows -> Realtek )
S3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [424384 2018-02-27] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
R3 ScrHIDDriver2; C:\Windows\system32\DRIVERS\ScrHIDDriver2.sys [75800 2018-10-05] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
R3 SmbCoSvc; C:\Windows\system32\DRIVERS\SmbCo10X64.sys [132952 2019-03-07] (Rivet Networks LLC -> Rivet Networks, LLC.)
R3 SRTSP; C:\Windows\System32\drivers\NGCx64\1611020.02F\SRTSP64.SYS [864776 2019-06-06] (Symantec Corporation -> Symantec Corporation)
R1 SRTSPX; C:\Windows\System32\drivers\NGCx64\1611020.02F\SRTSPX64.SYS [49672 2019-06-06] (Symantec Corporation -> Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\NGCx64\1611020.02F\SYMEFASI64.SYS [1998552 2019-06-06] (Symantec Corporation -> Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NGCx64\1611020.02F\SymELAM.sys [25744 2019-06-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [99848 2019-06-20] (Symantec Corporation -> Symantec Corporation)
S4 SymEvnt; C:\Program Files\Norton Security\NortonData\22.17.2.47\SymPlatform\SymEvnt.sys [712200 2019-06-07] (Symantec Corporation -> Symantec Corporation)
R1 SymIRON; C:\Windows\System32\drivers\NGCx64\1611020.02F\Ironx64.SYS [315912 2019-06-06] (Symantec Corporation -> Symantec Corporation)
R1 SymNetS; C:\Windows\System32\drivers\NGCx64\1611020.02F\symnets.sys [573448 2019-06-06] (Symantec Corporation -> Symantec Corporation)
U3 TrueSight; C:\Windows\System32\drivers\truesight.sys [28272 2019-06-23] (Adlice -> )
S3 VBoxNetAdp; no ImagePath
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44616 2018-04-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [331680 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [44032 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
S3 wpCtrlDrv_NGC; C:\Windows\System32\drivers\NGCx64\1611020.02F\wpCtrlDrv.sys [1012120 2019-06-06] (Symantec Corporation -> Symantec Corporation)
S3 xhunter1; C:\Windows\xhunter1.sys [73672 2019-03-06] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2019-06-23] (Zemana Ltd. -> Zemana Ltd.)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2019-06-22] (Zemana Ltd. -> Zemana Ltd.)
S1 VBoxNetLwf; \SystemRoot\system32\DRIVERS\VBoxNetLwf.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-06-25 14:18 - 2019-06-25 14:19 - 000048243 _____ C:\Users\donki\Downloads\FRST.txt
2019-06-25 14:18 - 2019-06-25 14:18 - 002418688 _____ (Farbar) C:\Users\donki\Downloads\FRST64.exe
2019-06-25 08:34 - 2019-06-25 08:34 - 000000000 ___HD C:\OneDriveTemp
2019-06-24 22:51 - 2019-06-24 22:51 - 000000000 ____D C:\Windows\System32\Tasks\Remediation
2019-06-23 02:37 - 2019-06-23 02:37 - 000275232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-06-23 02:22 - 2019-06-23 02:22 - 020641128 _____ (Piriform Software Ltd) C:\Users\donki\Downloads\cctrialsetup (2).exe
2019-06-23 02:20 - 2019-06-23 02:20 - 020641128 _____ (Piriform Software Ltd) C:\Users\donki\Downloads\cctrialsetup (1).exe
2019-06-23 01:53 - 2019-06-23 01:53 - 020641128 _____ (Piriform Software Ltd) C:\Users\donki\Downloads\cctrialsetup.exe
2019-06-23 01:53 - 2019-06-23 01:53 - 000003936 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-06-23 01:53 - 2019-06-23 01:53 - 000002888 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2019-06-23 01:53 - 2019-06-23 01:53 - 000000865 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-06-23 01:53 - 2019-06-23 01:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-06-23 01:53 - 2019-06-23 01:53 - 000000000 ____D C:\Program Files\CCleaner
2019-06-23 01:48 - 2019-06-23 01:48 - 000028272 _____ C:\Windows\system32\Drivers\truesight.sys
2019-06-23 01:48 - 2019-06-23 01:48 - 000000000 ____D C:\ProgramData\RogueKiller
2019-06-23 01:48 - 2019-06-23 01:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2019-06-23 01:48 - 2019-06-23 01:48 - 000000000 ____D C:\Program Files\RogueKiller
2019-06-23 01:47 - 2019-06-23 01:47 - 029932744 _____ (Adlice Software ) C:\Users\donki\Downloads\RogueKiller_setup_ref3.exe
2019-06-23 01:41 - 2019-06-25 14:18 - 000000000 ____D C:\FRST
2019-06-23 01:41 - 2019-06-23 01:41 - 000000000 ____D C:\Users\donki\Downloads\FRST-OlderVersion
2019-06-23 01:13 - 2019-06-23 01:13 - 001604128 _____ () C:\Users\donki\Downloads\Everything-1.4.1.935.x64-Setup.exe
2019-06-23 00:42 - 2019-06-23 02:38 - 000068424 _____ (EnigmaSoft Limited) C:\Windows\system32\Drivers\EnigmaFileMonDriver.sys
2019-06-23 00:42 - 2019-06-23 00:42 - 000001057 _____ C:\Users\Public\Desktop\SpyHunter5.lnk
2019-06-23 00:42 - 2019-06-23 00:42 - 000000000 ____D C:\sh5ldr
2019-06-23 00:42 - 2019-06-23 00:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EnigmaSoft
2019-06-23 00:42 - 2019-06-23 00:42 - 000000000 ____D C:\ProgramData\EnigmaSoft Limited
2019-06-23 00:42 - 2019-06-23 00:42 - 000000000 ____D C:\Program Files\EnigmaSoft
2019-06-23 00:09 - 2019-06-23 01:35 - 000002878 _____ C:\Users\donki\Desktop\Rkill.txt
2019-06-23 00:03 - 2019-06-23 00:03 - 000203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zam64.sys
2019-06-23 00:03 - 2019-06-23 00:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2019-06-22 11:24 - 2019-06-22 11:24 - 000012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe
2019-06-22 11:20 - 2019-06-22 11:24 - 000000000 ____D C:\ProgramData\HitmanPro
2019-06-22 11:18 - 2019-06-22 11:19 - 000000000 ____D C:\AdwCleaner
2019-06-22 11:11 - 2019-06-25 14:19 - 003053537 _____ C:\Windows\ZAM.krnl.trace
2019-06-22 11:11 - 2019-06-25 14:18 - 000477159 _____ C:\Windows\ZAM_Guard.krnl.trace
2019-06-22 11:11 - 2019-06-23 00:03 - 000000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2019-06-22 11:11 - 2019-06-22 11:11 - 000203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zamguard64.sys
2019-06-22 11:11 - 2019-06-22 11:11 - 000000000 ____D C:\Users\donki\AppData\Local\Zemana
2019-06-22 11:07 - 2019-06-22 11:20 - 011539456 _____ (SurfRight B.V.) C:\Users\donki\Downloads\HitmanPro_x64.exe
2019-06-22 11:07 - 2019-06-22 11:07 - 012946608 _____ (Zemana Ltd. ) C:\Users\donki\Downloads\Zemana.AntiMalware.Setup.exe
2019-06-22 11:07 - 2019-06-22 11:07 - 007025360 _____ (Malwarebytes) C:\Users\donki\Downloads\AdwCleaner.exe
2019-06-22 11:03 - 2019-06-22 11:04 - 064309056 _____ (Malwarebytes ) C:\Users\donki\Downloads\mb3-setup-1878.1878-3.7.1.2839 (1).exe
2019-06-22 11:00 - 2019-06-22 11:03 - 000153328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-06-22 11:00 - 2019-06-22 11:00 - 000001914 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-06-22 11:00 - 2019-06-22 11:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-06-22 11:00 - 2019-06-22 11:00 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-06-22 11:00 - 2019-06-22 11:00 - 000000000 ____D C:\Program Files\Malwarebytes
2019-06-22 11:00 - 2019-02-01 11:20 - 000020936 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2019-06-22 10:58 - 2019-06-22 10:58 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\donki\Downloads\iExplore.exe
2019-06-20 23:08 - 2019-06-20 23:08 - 000000000 ____D C:\Program Files\Common Files\AV
2019-06-20 22:46 - 2019-06-20 22:46 - 000000000 ____D C:\Users\donki\AppData\Local\BloodstainedRotN
2019-06-20 22:37 - 2019-06-23 02:21 - 000000000 ____D C:\Users\donki\AppData\Local\NPE
2019-06-20 22:29 - 2019-06-25 10:24 - 000000000 ____D C:\Windows\System32\Tasks\Norton Security
2019-06-20 22:26 - 2019-06-20 22:26 - 000099848 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2019-06-20 22:26 - 2019-06-20 22:26 - 000008616 _____ C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2019-06-20 22:26 - 2019-06-20 22:26 - 000003376 _____ C:\Windows\System32\Tasks\Norton WSC Integration
2019-06-20 22:26 - 2019-06-20 22:26 - 000000000 ____D C:\Program Files\Common Files\Symantec Shared
2019-06-20 22:25 - 2019-06-20 22:37 - 000002410 _____ C:\Users\Public\Desktop\Norton Security.lnk
2019-06-20 22:25 - 2019-06-20 22:23 - 000592616 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2019-06-20 22:23 - 2019-06-20 22:37 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2019-06-20 22:23 - 2019-06-20 22:24 - 000000000 ____D C:\Program Files\Norton Security
2019-06-20 22:23 - 2019-06-20 22:23 - 000000000 ____D C:\Windows\system32\Drivers\NGCx64
2019-06-20 22:17 - 2019-06-20 22:17 - 000000000 ____D C:\ProgramData\NortonInstaller
2019-06-20 22:17 - 2019-06-20 22:17 - 000000000 ____D C:\Program Files (x86)\NortonInstaller
2019-06-20 22:16 - 2019-06-20 22:37 - 000000000 ____D C:\ProgramData\Norton
2019-06-20 22:16 - 2019-06-20 22:24 - 000001334 _____ C:\Users\donki\Desktop\Norton Installation Files.lnk
2019-06-20 22:16 - 2019-06-20 22:16 - 000000000 ____D C:\Users\Public\Downloads\Norton
2019-06-20 21:53 - 2019-06-20 21:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tag&Rename
2019-06-20 21:53 - 2019-06-20 21:55 - 000000000 ____D C:\Program Files (x86)\TagRename
2019-06-20 21:53 - 2019-06-20 21:53 - 007216832 _____ (Softpointer Inc ) C:\Users\donki\Downloads\TagRename3915.exe
2019-06-20 21:37 - 2019-06-20 21:37 - 000350129 _____ C:\Users\donki\Downloads\05f6b314-7111-4d9d-80d4-d7bb488ce794.tmp
2019-06-20 21:36 - 2019-06-20 21:40 - 000000000 ____D C:\Program Files\Icaros
2019-06-20 10:39 - 2019-06-20 10:39 - 000000000 ____D C:\Program Files\UNP
2019-06-19 15:01 - 2019-06-19 15:01 - 015160873 _____ C:\Users\donki\Downloads\videoplayback.mp4
2019-06-19 09:57 - 2019-06-19 09:57 - 000002460 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2019-06-19 09:57 - 2019-06-19 09:57 - 000002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-06-19 09:57 - 2019-06-19 09:57 - 000002454 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-06-19 09:57 - 2019-06-19 09:57 - 000002418 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-06-19 09:57 - 2019-06-19 09:57 - 000002417 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-06-19 09:57 - 2019-06-19 09:57 - 000002411 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-06-19 09:57 - 2019-06-19 09:57 - 000002405 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-06-19 09:57 - 2019-06-19 09:57 - 000002397 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-06-19 09:57 - 2019-06-19 09:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2019-06-18 21:34 - 2019-06-18 21:34 - 000000000 ____D C:\Windows\LastGood.Tmp
2019-06-18 21:33 - 2019-02-26 00:40 - 005539296 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPOU64.dll
2019-06-18 21:33 - 2019-02-26 00:40 - 001126336 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtCOM64.dll
2019-06-18 21:33 - 2019-02-26 00:40 - 000820816 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64U.dll
2019-06-18 21:33 - 2019-02-26 00:40 - 000481888 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2019-06-18 21:33 - 2019-02-26 00:24 - 028630367 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2019-06-18 01:10 - 2019-06-18 01:10 - 000089354 _____ C:\Users\donki\Downloads\2_mp3_files (online-audio-converter.com) (1).zip
2019-06-18 00:38 - 2019-06-18 00:38 - 000089354 _____ C:\Users\donki\Downloads\2_mp3_files (online-audio-converter.com).zip
2019-06-16 22:50 - 2019-06-16 22:50 - 001568915 _____ C:\Users\donki\Downloads\you_so_f_precious_when_you_smile_green_screen_template_by_Blatodog_no_watermark.mp4
2019-06-16 22:06 - 2019-06-16 22:06 - 001104586 _____ C:\Users\donki\Downloads\Kirby walking while having no copy abilities.mp4
2019-06-16 11:54 - 2019-06-16 11:54 - 000000000 ____D C:\Windows\Firmware
2019-06-16 00:56 - 2019-06-16 01:23 - 000000000 ____D C:\Users\donki\AppData\Local\BlueStacks
2019-06-16 00:56 - 2019-06-16 00:57 - 000000000 ____D C:\Users\Public\BlueStacks
2019-06-14 13:34 - 2019-06-14 13:34 - 000357376 _____ () C:\Users\donki\Downloads\ModAssistant.exe
2019-06-14 12:45 - 2019-06-14 12:45 - 000003809 _____ C:\Users\donki\Downloads\ezgif.com-gif-to-mp4 (2).mp4
2019-06-14 12:45 - 2019-06-14 12:45 - 000003532 _____ C:\Users\donki\Downloads\ezgif.com-gif-maker.mp4
2019-06-14 12:44 - 2019-06-14 12:44 - 000044099 _____ C:\Users\donki\Downloads\ezgif.com-gif-to-mp4 (1).mp4
2019-06-14 11:27 - 2019-06-14 11:27 - 000256111 _____ C:\Users\donki\Downloads\ezgif.com-gif-to-mp4.mp4
2019-06-14 11:13 - 2019-06-14 11:13 - 000024314 _____ C:\Users\donki\Downloads\Mario-Sheet-Music-Overworld-Main-Theme.mid
2019-06-14 10:37 - 2019-06-14 10:37 - 000026644 _____ C:\Users\donki\Downloads\audioclip-1560479468000-2902.mp4
2019-06-13 17:01 - 2019-06-13 17:01 - 002722315 _____ C:\Users\donki\Downloads\A lot of damage.mp4
2019-06-13 16:50 - 2019-06-22 10:59 - 000000000 ____D C:\Users\donki\Desktop\HitFilm Express 2017 Exports
2019-06-13 16:42 - 2019-02-13 01:47 - 001909560 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2019-06-13 16:34 - 2019-06-13 16:34 - 000251803 _____ C:\Users\donki\Downloads\Dark Souls ' You Died ' Sound Effect.mp4
2019-06-12 09:59 - 2019-06-07 01:57 - 000413720 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2019-06-12 09:59 - 2019-06-07 01:56 - 000713272 _____ (Microsoft Corporation) C:\Windows\system32\MSVideoDSP.dll
2019-06-12 09:59 - 2019-06-07 01:46 - 000581048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVideoDSP.dll
2019-06-12 09:59 - 2019-06-07 01:24 - 001361408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSPhotography.dll
2019-06-12 09:59 - 2019-06-07 01:20 - 001708544 _____ (Microsoft Corporation) C:\Windows\system32\MSPhotography.dll
2019-06-12 09:59 - 2019-05-17 08:07 - 002206424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVCORE.DLL
2019-06-12 09:59 - 2019-05-17 04:52 - 000868864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-06-12 09:58 - 2019-06-07 07:04 - 021388752 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2019-06-12 09:58 - 2019-06-07 07:04 - 001633136 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2019-06-12 09:58 - 2019-06-07 06:48 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\iemigplugin.dll
2019-06-12 09:58 - 2019-06-07 06:47 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2019-06-12 09:58 - 2019-06-07 06:45 - 012756480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-06-12 09:58 - 2019-06-07 06:42 - 003613696 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2019-06-12 09:58 - 2019-06-07 06:41 - 004055552 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2019-06-12 09:58 - 2019-06-07 06:40 - 001663488 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2019-06-12 09:58 - 2019-06-07 06:40 - 001364992 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvruserservice.dll
2019-06-12 09:58 - 2019-06-07 06:23 - 001453920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2019-06-12 09:58 - 2019-06-07 06:19 - 020383832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2019-06-12 09:58 - 2019-06-07 06:10 - 000046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2019-06-12 09:58 - 2019-06-07 06:07 - 011942400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-06-12 09:58 - 2019-06-07 06:04 - 004056064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2019-06-12 09:58 - 2019-06-07 06:04 - 002881536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2019-06-12 09:58 - 2019-06-07 06:04 - 001471488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2019-06-12 09:58 - 2019-06-07 02:07 - 000707384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2019-06-12 09:58 - 2019-06-07 02:01 - 001035040 _____ (Microsoft Corporation) C:\Windows\system32\ApplyTrustOffline.exe
2019-06-12 09:58 - 2019-06-07 01:58 - 001220112 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2019-06-12 09:58 - 2019-06-07 01:58 - 001027384 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2019-06-12 09:58 - 2019-06-07 01:58 - 000568320 _____ (Microsoft Corporation) C:\Windows\system32\tcblaunch.exe
2019-06-12 09:58 - 2019-06-07 01:58 - 000422416 _____ (Microsoft Corporation) C:\Windows\system32\wmicmiplugin.dll
2019-06-12 09:58 - 2019-06-07 01:58 - 000135176 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.dll
2019-06-12 09:58 - 2019-06-07 01:58 - 000076304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hvservice.sys
2019-06-12 09:58 - 2019-06-07 01:57 - 007519896 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2019-06-12 09:58 - 2019-06-07 01:57 - 007436536 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2019-06-12 09:58 - 2019-06-07 01:57 - 002811192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2019-06-12 09:58 - 2019-06-07 01:57 - 002719032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2019-06-12 09:58 - 2019-06-07 01:57 - 001934808 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2019-06-12 09:58 - 2019-06-07 01:57 - 001209696 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2019-06-12 09:58 - 2019-06-07 01:57 - 000792888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2019-06-12 09:58 - 2019-06-07 01:57 - 000709728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2019-06-12 09:58 - 2019-06-07 01:57 - 000594024 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2019-06-12 09:58 - 2019-06-07 01:57 - 000494304 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2019-06-12 09:58 - 2019-06-07 01:57 - 000435000 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-06-12 09:58 - 2019-06-07 01:57 - 000412984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2019-06-12 09:58 - 2019-06-07 01:57 - 000383504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2019-06-12 09:58 - 2019-06-07 01:57 - 000170296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-06-12 09:58 - 2019-06-07 01:57 - 000148280 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll
2019-06-12 09:58 - 2019-06-07 01:57 - 000137448 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2019-06-12 09:58 - 2019-06-07 01:56 - 009084216 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-06-12 09:58 - 2019-06-07 01:47 - 000380432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-06-12 09:58 - 2019-06-07 01:47 - 000097272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2019-06-12 09:58 - 2019-06-07 01:46 - 006569344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-06-12 09:58 - 2019-06-07 01:46 - 006043496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2019-06-12 09:58 - 2019-06-07 01:46 - 001805656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2019-06-12 09:58 - 2019-06-07 01:46 - 001011872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2019-06-12 09:58 - 2019-06-07 01:46 - 000357072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2019-06-12 09:58 - 2019-06-07 01:46 - 000128792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\userenv.dll
2019-06-12 09:58 - 2019-06-07 01:38 - 025857536 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2019-06-12 09:58 - 2019-06-07 01:37 - 022019584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2019-06-12 09:58 - 2019-06-07 01:31 - 019372544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-06-12 09:58 - 2019-06-07 01:27 - 022718976 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-06-12 09:58 - 2019-06-07 01:24 - 005784064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2019-06-12 09:58 - 2019-06-07 01:24 - 003400704 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2019-06-12 09:58 - 2019-06-07 01:23 - 000608768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll
2019-06-12 09:58 - 2019-06-07 01:23 - 000561152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2019-06-12 09:58 - 2019-06-07 01:23 - 000209408 _____ (Microsoft Corporation) C:\Windows\system32\AppXApplicabilityBlob.dll
2019-06-12 09:58 - 2019-06-07 01:22 - 005307392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2019-06-12 09:58 - 2019-06-07 01:22 - 003710976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-06-12 09:58 - 2019-06-07 01:22 - 000578560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
2019-06-12 09:58 - 2019-06-07 01:22 - 000233984 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2019-06-12 09:58 - 2019-06-07 01:22 - 000216064 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2019-06-12 09:58 - 2019-06-07 01:21 - 007588864 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2019-06-12 09:58 - 2019-06-07 01:21 - 004866048 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-06-12 09:58 - 2019-06-07 01:21 - 001778688 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2019-06-12 09:58 - 2019-06-07 01:21 - 000808448 _____ (Microsoft Corporation) C:\Windows\system32\EdgeManager.dll
2019-06-12 09:58 - 2019-06-07 01:21 - 000473600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-06-12 09:58 - 2019-06-07 01:21 - 000154112 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2019-06-12 09:58 - 2019-06-07 01:20 - 002610688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2019-06-12 09:58 - 2019-06-07 01:20 - 000894464 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
2019-06-12 09:58 - 2019-06-07 01:20 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-06-12 09:58 - 2019-06-07 01:19 - 003212288 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2019-06-12 09:58 - 2019-06-07 01:19 - 002175488 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2019-06-12 09:58 - 2019-06-07 01:19 - 001560576 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2019-06-12 09:58 - 2019-06-07 01:19 - 001549824 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-06-12 09:58 - 2019-06-07 01:19 - 000778240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2019-06-12 09:58 - 2019-06-07 01:19 - 000369664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskcomp.dll
2019-06-12 09:58 - 2019-06-07 01:18 - 002166784 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2019-06-12 09:58 - 2019-06-07 01:18 - 000686592 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2019-06-12 09:58 - 2019-06-07 01:18 - 000531968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-06-12 09:58 - 2019-06-07 01:17 - 001920000 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2019-06-12 09:58 - 2019-06-07 01:17 - 000961024 _____ (Microsoft Corporation) C:\Windows\system32\StorSvc.dll
2019-06-12 09:58 - 2019-06-07 01:17 - 000889344 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2019-06-12 09:58 - 2019-06-07 01:16 - 001102336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2019-06-12 09:58 - 2019-06-07 01:16 - 000900096 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-06-12 09:58 - 2019-06-07 01:16 - 000544768 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-06-12 09:58 - 2019-06-07 01:16 - 000478720 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
2019-06-12 09:58 - 2019-06-07 00:00 - 000001308 _____ C:\Windows\system32\tcbres.wim
2019-06-12 09:58 - 2019-05-18 18:12 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2019-06-12 09:58 - 2019-05-18 18:12 - 000353280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2019-06-12 09:58 - 2019-05-18 18:12 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2019-06-12 09:58 - 2019-05-18 18:12 - 000241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msltus40.dll
2019-06-12 09:58 - 2019-05-17 08:44 - 000348160 _____ (Microsoft Corporation) C:\Windows\system32\MusNotifyIcon.exe
2019-06-12 09:58 - 2019-05-17 08:40 - 002394960 _____ (Microsoft Corporation) C:\Windows\system32\WMVCORE.DLL
2019-06-12 09:58 - 2019-05-17 08:40 - 000280888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2019-06-12 09:58 - 2019-05-17 08:27 - 006586880 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2019-06-12 09:58 - 2019-05-17 08:26 - 004393984 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2019-06-12 09:58 - 2019-05-17 08:25 - 004718080 _____ (Microsoft Corporation) C:\Windows\system32\twinui.pcshell.dll
2019-06-12 09:58 - 2019-05-17 08:25 - 000039424 _____ (Microsoft Corporation) C:\Windows\system32\WindowsUpdateElevatedInstaller.exe
2019-06-12 09:58 - 2019-05-17 08:24 - 000122368 _____ (Microsoft Corporation) C:\Windows\system32\musdialoghandlers.dll
2019-06-12 09:58 - 2019-05-17 08:23 - 000110080 _____ (Microsoft Corporation) C:\Windows\system32\AxInstSv.dll
2019-06-12 09:58 - 2019-05-17 08:22 - 000392192 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-06-12 09:58 - 2019-05-17 08:22 - 000182784 _____ (Microsoft Corporation) C:\Windows\system32\LanguageComponentsInstaller.dll
2019-06-12 09:58 - 2019-05-17 08:21 - 001180672 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2019-06-12 09:58 - 2019-05-17 08:21 - 001121792 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2019-06-12 09:58 - 2019-05-17 08:21 - 000878592 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2019-06-12 09:58 - 2019-05-17 08:21 - 000274944 _____ (Microsoft Corporation) C:\Windows\system32\dot3gpui.dll
2019-06-12 09:58 - 2019-05-17 08:21 - 000221184 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-06-12 09:58 - 2019-05-17 08:20 - 002084864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-06-12 09:58 - 2019-05-17 08:19 - 000757248 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-06-12 09:58 - 2019-05-17 08:00 - 005658112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2019-06-12 09:58 - 2019-05-17 07:56 - 000344576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2019-06-12 09:58 - 2019-05-17 07:56 - 000240640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dot3gpui.dll
2019-06-12 09:58 - 2019-05-17 07:55 - 000704000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2019-06-12 09:58 - 2019-05-17 07:55 - 000668160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-06-12 09:58 - 2019-05-17 07:55 - 000470528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AcSpecfc.dll
2019-06-12 09:58 - 2019-05-17 07:54 - 002016768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2019-06-12 09:58 - 2019-05-17 07:54 - 000908288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2019-06-12 09:58 - 2019-05-17 05:33 - 001008640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.MixedRealityCapture.dll
2019-06-12 09:58 - 2019-05-17 03:07 - 000105272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stornvme.sys
2019-06-12 09:58 - 2019-05-17 02:44 - 000829960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2019-06-12 09:58 - 2019-05-17 02:44 - 000550520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2019-06-12 09:58 - 2019-05-17 02:43 - 000297688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wevtapi.dll
2019-06-12 09:58 - 2019-05-17 02:42 - 005625160 _____ (Microsoft Corporation) C:\Windows\system32\StartTileData.dll
2019-06-12 09:58 - 2019-05-17 02:42 - 004789944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2019-06-12 09:58 - 2019-05-17 02:42 - 002256560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-06-12 09:58 - 2019-05-17 02:42 - 001989552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2019-06-12 09:58 - 2019-05-17 02:42 - 001980256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-06-12 09:58 - 2019-05-17 02:42 - 001620264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2019-06-12 09:58 - 2019-05-17 02:42 - 001380096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2019-06-12 09:58 - 2019-05-17 02:42 - 001130568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvproc.dll
2019-06-12 09:58 - 2019-05-17 02:42 - 000129088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2019-06-12 09:58 - 2019-05-17 02:42 - 000125504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KerbClientShared.dll
2019-06-12 09:58 - 2019-05-17 02:30 - 013878784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2019-06-12 09:58 - 2019-05-17 02:26 - 002969600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdp.dll
2019-06-12 09:58 - 2019-05-17 02:23 - 000074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dtdump.exe
2019-06-12 09:58 - 2019-05-17 02:23 - 000068096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usoapi.dll
2019-06-12 09:58 - 2019-05-17 02:23 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2019-06-12 09:58 - 2019-05-17 02:22 - 000142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallServiceTasks.dll
2019-06-12 09:58 - 2019-05-17 02:22 - 000031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2019-06-12 09:58 - 2019-05-17 02:21 - 000333824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgeIso.dll
2019-06-12 09:58 - 2019-05-17 02:21 - 000326144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esentutl.exe
2019-06-12 09:58 - 2019-05-17 02:21 - 000224768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credprovhost.dll
2019-06-12 09:58 - 2019-05-17 02:20 - 000366080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
2019-06-12 09:58 - 2019-05-17 02:20 - 000118272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\updatepolicy.dll
2019-06-12 09:58 - 2019-05-17 02:19 - 004515840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-06-12 09:58 - 2019-05-17 02:19 - 001630720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-06-12 09:58 - 2019-05-17 02:19 - 001110528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallService.dll
2019-06-12 09:58 - 2019-05-17 02:19 - 001073664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2019-06-12 09:58 - 2019-05-17 02:19 - 000873472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2019-06-12 09:58 - 2019-05-17 02:19 - 000835584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2019-06-12 09:58 - 2019-05-17 02:18 - 002796032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2019-06-12 09:58 - 2019-05-17 02:18 - 001006592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpnapps.dll
2019-06-12 09:58 - 2019-05-17 02:18 - 000251904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msIso.dll
2019-06-12 09:58 - 2019-05-17 02:08 - 001063224 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2019-06-12 09:58 - 2019-05-17 02:08 - 000723432 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2019-06-12 09:58 - 2019-05-17 02:08 - 000491200 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2019-06-12 09:58 - 2019-05-17 02:08 - 000401328 _____ (Microsoft Corporation) C:\Windows\system32\wevtapi.dll
2019-06-12 09:58 - 2019-05-17 02:07 - 004404720 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2019-06-12 09:58 - 2019-05-17 02:07 - 002768960 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-06-12 09:58 - 2019-05-17 02:07 - 002571640 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-06-12 09:58 - 2019-05-17 02:07 - 002467320 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2019-06-12 09:58 - 2019-05-17 02:07 - 001459120 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-06-12 09:58 - 2019-05-17 02:07 - 001288712 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2019-06-12 09:58 - 2019-05-17 02:07 - 001260272 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2019-06-12 09:58 - 2019-05-17 02:07 - 000930616 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2019-06-12 09:58 - 2019-05-17 02:07 - 000275768 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
2019-06-12 09:58 - 2019-05-17 02:07 - 000260800 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2019-06-12 09:58 - 2019-05-17 02:06 - 001943136 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-06-12 09:58 - 2019-05-17 02:06 - 001784696 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2019-06-12 09:58 - 2019-05-17 02:06 - 001307648 _____ (Microsoft Corporation) C:\Windows\system32\MSVPXENC.dll
2019-06-12 09:58 - 2019-05-17 02:06 - 001140992 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-06-12 09:58 - 2019-05-17 02:06 - 001098056 _____ (Microsoft Corporation) C:\Windows\system32\msvproc.dll
2019-06-12 09:58 - 2019-05-17 02:06 - 000983424 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2019-06-12 09:58 - 2019-05-17 02:06 - 000151888 _____ (Microsoft Corporation) C:\Windows\system32\KerbClientShared.dll
2019-06-12 09:58 - 2019-05-17 02:04 - 001826816 _____ (Microsoft Corporation) C:\Windows\system32\Windows.CloudStore.dll
2019-06-12 09:58 - 2019-05-17 02:00 - 001295360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVPXENC.dll
2019-06-12 09:58 - 2019-05-17 01:44 - 016597504 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2019-06-12 09:58 - 2019-05-17 01:38 - 004709376 _____ (Microsoft Corporation) C:\Windows\system32\cdp.dll
2019-06-12 09:58 - 2019-05-17 01:37 - 004385280 _____ (Microsoft Corporation) C:\Windows\system32\EdgeContent.dll
2019-06-12 09:58 - 2019-05-17 01:37 - 000185344 _____ (Microsoft Corporation) C:\Windows\system32\InstallServiceTasks.dll
2019-06-12 09:58 - 2019-05-17 01:37 - 000108544 _____ (Microsoft Corporation) C:\Windows\system32\DuCsps.dll
2019-06-12 09:58 - 2019-05-17 01:36 - 000228864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winnat.sys
2019-06-12 09:58 - 2019-05-17 01:36 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\updatecsp.dll
2019-06-12 09:58 - 2019-05-17 01:36 - 000096768 _____ (Microsoft Corporation) C:\Windows\system32\usoapi.dll
2019-06-12 09:58 - 2019-05-17 01:36 - 000067584 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2019-06-12 09:58 - 2019-05-17 01:36 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\UsoClient.exe
2019-06-12 09:58 - 2019-05-17 01:36 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2019-06-12 09:58 - 2019-05-17 01:36 - 000002560 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2019-06-12 09:58 - 2019-05-17 01:35 - 000433152 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2019-06-12 09:58 - 2019-05-17 01:35 - 000362496 _____ (Microsoft Corporation) C:\Windows\system32\esentutl.exe
2019-06-12 09:58 - 2019-05-17 01:35 - 000322560 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2019-06-12 09:58 - 2019-05-17 01:34 - 001804288 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2019-06-12 09:58 - 2019-05-17 01:34 - 000916480 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2019-06-12 09:58 - 2019-05-17 01:34 - 000671744 _____ (Microsoft Corporation) C:\Windows\system32\aadcloudap.dll
2019-06-12 09:58 - 2019-05-17 01:34 - 000275456 _____ (Microsoft Corporation) C:\Windows\system32\SIHClient.exe
2019-06-12 09:58 - 2019-05-17 01:34 - 000270336 _____ (Microsoft Corporation) C:\Windows\system32\credprovhost.dll
2019-06-12 09:58 - 2019-05-17 01:34 - 000175104 _____ (Microsoft Corporation) C:\Windows\system32\wuuhosdeployment.dll
2019-06-12 09:58 - 2019-05-17 01:34 - 000141312 _____ (Microsoft Corporation) C:\Windows\system32\updatepolicy.dll
2019-06-12 09:58 - 2019-05-17 01:34 - 000047616 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2019-06-12 09:58 - 2019-05-17 01:33 - 003091456 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2019-06-12 09:58 - 2019-05-17 01:33 - 002912256 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2019-06-12 09:58 - 2019-05-17 01:33 - 002370560 _____ (Microsoft Corporation) C:\Windows\system32\WebRuntimeManager.dll
2019-06-12 09:58 - 2019-05-17 01:33 - 001487360 _____ (Microsoft Corporation) C:\Windows\system32\InstallService.dll
2019-06-12 09:58 - 2019-05-17 01:33 - 001214464 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2019-06-12 09:58 - 2019-05-17 01:33 - 000787968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdiWiFi.sys
2019-06-12 09:58 - 2019-05-17 01:33 - 000270336 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2019-06-12 09:58 - 2019-05-17 01:32 - 001070080 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2019-06-12 09:58 - 2019-05-17 01:32 - 000815104 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
2019-06-12 09:58 - 2019-05-17 01:31 - 004937216 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-06-12 09:58 - 2019-05-17 01:31 - 003376640 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll
2019-06-12 09:58 - 2019-05-17 01:31 - 003293184 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2019-06-12 09:58 - 2019-05-17 01:31 - 001854976 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2019-06-12 09:58 - 2019-05-17 01:31 - 001805312 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-06-12 09:58 - 2019-05-17 01:31 - 001383424 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2019-06-12 09:58 - 2019-05-17 01:31 - 001215488 _____ (Microsoft Corporation) C:\Windows\system32\NotificationController.dll
2019-06-12 09:58 - 2019-05-17 01:31 - 001211904 _____ (Microsoft Corporation) C:\Windows\system32\wpnapps.dll
2019-06-12 09:58 - 2019-05-17 01:31 - 001027584 _____ (Microsoft Corporation) C:\Windows\system32\usermgr.dll
2019-06-12 09:58 - 2019-05-17 01:31 - 000620032 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
2019-06-12 09:58 - 2019-05-17 01:31 - 000466432 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2019-06-12 09:58 - 2019-05-17 01:30 - 000917504 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2019-06-12 09:58 - 2019-05-17 01:30 - 000507392 _____ (Microsoft Corporation) C:\Windows\system32\edgeIso.dll
2019-06-12 09:58 - 2019-05-17 01:30 - 000276992 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2019-06-10 18:15 - 2019-06-10 18:15 - 000000000 ____D C:\Users\donki\AppData\LocalLow\Ubisoft
2019-06-10 17:29 - 2019-06-23 01:18 - 000000000 ____D C:\Users\donki\AppData\Local\Ubisoft Game Launcher
2019-06-10 17:29 - 2019-06-10 17:29 - 000000649 _____ C:\Users\donki\Desktop\Uplay.lnk
2019-06-10 17:29 - 2019-06-10 17:29 - 000000000 ____D C:\Users\donki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2019-06-10 17:28 - 2019-06-10 17:28 - 105355760 _____ (Ubisoft) C:\Users\donki\Downloads\UplayInstaller.exe
2019-06-09 02:04 - 2019-06-09 02:04 - 000000000 ____D C:\Users\donki\AppData\LocalLow\noio
2019-06-07 04:07 - 2019-06-07 04:07 - 000000000 ____D C:\Users\donki\AppData\Local\mbam
2019-06-07 04:06 - 2019-06-07 04:06 - 063182216 _____ (Malwarebytes ) C:\Users\donki\Downloads\mb3-setup-43841.43841-3.7.1.2839-1.0.586-1.0.10430.exe
2019-06-07 04:06 - 2019-06-07 04:06 - 000000000 ____D C:\Users\donki\AppData\Local\mbamtray
2019-06-04 10:03 - 2019-06-04 10:04 - 000000000 ____D C:\Users\donki\Desktop\HitFilm
2019-06-04 09:27 - 2019-06-04 09:27 - 000000000 ____D C:\Users\donki\Documents\FXHOME
2019-06-04 09:27 - 2019-06-04 09:27 - 000000000 ____D C:\Users\donki\AppData\Local\FXHOME Helper
2019-06-04 09:27 - 2019-06-04 09:27 - 000000000 ____D C:\Users\donki\AppData\Local\FXHOME
2019-06-04 09:26 - 2019-06-04 09:26 - 000000000 ____D C:\Users\donki\AppData\Local\HitFilm Express 2017 Activation
2019-06-04 09:26 - 2019-06-04 09:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitFilm Express 2017
2019-06-04 09:26 - 2019-06-04 09:26 - 000000000 ____D C:\ProgramData\FXHOME
2019-06-04 09:26 - 2019-06-04 09:26 - 000000000 ____D C:\Program Files\FXHOME
2019-06-04 09:26 - 2019-06-04 09:26 - 000000000 ____D C:\Program Files\Common Files\OFX
2019-06-04 09:26 - 2019-06-04 09:26 - 000000000 ____D C:\Program Files\Boris FX, Inc
2019-06-04 09:26 - 2019-06-04 09:26 - 000000000 ____D C:\Program Files (x86)\Boris FX, Inc
2019-06-04 09:24 - 2019-06-04 09:25 - 288817152 _____ C:\Users\donki\Downloads\HitFilmExpress2017_x64_5.0.7012.39363.msi
2019-06-02 13:54 - 2019-06-02 13:54 - 000000000 ____D C:\Users\donki\AppData\LocalLow\DefaultCompany
2019-05-30 21:08 - 2019-05-30 21:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2019-05-30 13:54 - 2019-05-30 13:54 - 001447178 _____ (Igor Pavlov) C:\Users\donki\Downloads\7z1900-x64.exe
2019-05-30 13:54 - 2019-05-30 13:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2019-05-30 13:54 - 2019-05-30 13:54 - 000000000 ____D C:\Program Files\7-Zip
2019-05-29 23:02 - 2019-05-29 23:02 - 001769496 _____ C:\Users\donki\Downloads\FXJockey.zip
2019-05-29 00:22 - 2019-05-29 00:22 - 000000000 ____D C:\Windows\System32\Tasks\Intel
2019-05-29 00:21 - 2019-05-29 00:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbolt™ Software
2019-05-28 16:52 - 2019-05-28 16:52 - 000000000 ____D C:\Users\donki\AppData\LocalLow\SAT-BOX
2019-05-28 15:45 - 2019-05-28 15:45 - 000000000 ____D C:\Users\donki\AppData\LocalLow\SLR
2019-05-28 15:43 - 2019-05-28 15:45 - 000000000 ____D C:\Users\donki\AppData\Local\SLR VR Application
2019-05-28 15:43 - 2019-05-28 15:43 - 000000000 ____D C:\Users\donki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SLR VR Application
2019-05-28 15:33 - 2019-05-28 15:33 - 000000000 ____D C:\Users\donki\AppData\LocalLow\Valve Software
2019-05-27 20:30 - 2019-05-27 20:30 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2019-05-27 16:55 - 2019-06-04 13:57 - 000000322 _____ C:\Users\donki\Documents\colors.txt

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-06-25 14:03 - 2018-04-11 19:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-06-25 13:50 - 2019-01-05 16:53 - 000808032 _____ C:\Windows\system32\perfh012.dat
2019-06-25 13:50 - 2019-01-05 16:53 - 000225420 _____ C:\Windows\system32\perfc012.dat
2019-06-25 13:50 - 2019-01-05 16:50 - 000797974 _____ C:\Windows\system32\perfh011.dat
2019-06-25 13:50 - 2019-01-05 16:50 - 000225396 _____ C:\Windows\system32\perfc011.dat
2019-06-25 13:50 - 2018-11-20 07:09 - 003296696 _____ C:\Windows\system32\PerfStringBackup.INI
2019-06-25 13:50 - 2018-04-11 19:36 - 000000000 ____D C:\Windows\INF
2019-06-25 13:46 - 2018-12-19 19:42 - 000000000 ____D C:\Program Files (x86)\Steam
2019-06-25 12:25 - 2018-11-29 12:00 - 000000000 ____D C:\ProgramData\NVIDIA
2019-06-25 10:50 - 2018-11-20 06:54 - 000000000 ____D C:\Windows\system32\SleepStudy
2019-06-25 08:46 - 2019-04-25 21:34 - 000000000 ____D C:\Program Files (x86)\Dell Digital Delivery Services
2019-06-25 08:37 - 2019-03-05 23:46 - 000004166 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{83686BF7-9CCD-4195-8004-C848B00D9FB3}
2019-06-25 08:34 - 2018-12-19 20:06 - 000000000 ____D C:\Users\donki\AppData\Roaming\discord
2019-06-25 08:34 - 2018-12-19 19:35 - 000000000 ___RD C:\Users\donki\OneDrive
2019-06-25 08:33 - 2018-12-19 19:33 - 000000000 __SHD C:\Users\donki\IntelGraphicsProfiles
2019-06-25 08:33 - 2018-04-11 19:38 - 000000000 ____D C:\Windows\AppReadiness
2019-06-24 20:00 - 2018-04-11 19:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-06-23 02:39 - 2018-12-19 19:29 - 000000000 ____D C:\Users\donki
2019-06-23 02:37 - 2019-05-01 15:20 - 000000000 ____D C:\Users\donki\AppData\Roaming\sys00_1
2019-06-23 02:37 - 2019-02-17 23:24 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-06-23 02:37 - 2018-11-20 06:55 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-06-23 02:37 - 2018-04-11 19:38 - 000000000 ____D C:\Windows\Registration
2019-06-23 02:37 - 2018-04-11 17:04 - 000786432 _____ C:\Windows\system32\config\BBI
2019-06-23 02:21 - 2018-12-19 19:41 - 000000000 ____D C:\Users\donki\AppData\Local\Spotify
2019-06-23 02:20 - 2018-12-19 19:41 - 000000000 ____D C:\Users\donki\AppData\Roaming\Spotify
2019-06-23 01:30 - 2019-01-18 13:35 - 000000000 ____D C:\Program Files (x86)\Mondrian - Plastic Reality EX7
2019-06-23 00:28 - 2018-12-19 19:33 - 000000000 ____D C:\Users\donki\AppData\Local\Packages
2019-06-22 11:00 - 2018-04-11 19:38 - 000000000 ___HD C:\Windows\ELAMBKUP
2019-06-21 23:28 - 2018-12-19 23:40 - 000000000 ____D C:\Program Files\rempl
2019-06-21 22:19 - 2018-12-19 20:13 - 000000000 ____D C:\Users\donki\AppData\Roaming\Twitch
2019-06-20 22:28 - 2018-04-11 17:04 - 000032768 _____ C:\Windows\system32\config\ELAM
2019-06-20 22:23 - 2018-11-29 12:04 - 000000000 ____D C:\ProgramData\McAfee
2019-06-20 22:23 - 2018-11-29 12:04 - 000000000 ____D C:\Program Files\mcafee
2019-06-20 22:23 - 2018-11-29 12:04 - 000000000 ____D C:\Program Files (x86)\McAfee
2019-06-20 22:21 - 2018-11-29 12:04 - 000000000 ____D C:\Windows\System32\Tasks\McAfee
2019-06-20 21:35 - 2018-12-19 19:37 - 000002263 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-06-20 21:35 - 2018-12-19 19:37 - 000002222 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-06-19 14:58 - 2018-12-19 22:20 - 000000000 ____D C:\Users\donki\Documents\KakaoTalk Downloads
2019-06-19 09:57 - 2018-12-20 13:06 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-06-18 21:34 - 2018-11-29 12:00 - 000000000 ____D C:\Windows\system32\Intel
2019-06-18 21:34 - 2018-11-29 11:55 - 000000000 ___HD C:\Program Files (x86)\Temp
2019-06-18 21:33 - 2018-12-27 21:47 - 000001536 _____ C:\Windows\SysWOW64\RtkMsgs.dll
2019-06-18 21:33 - 2018-11-29 11:55 - 000000000 ____D C:\ProgramData\Package Cache
2019-06-18 00:35 - 2018-12-19 21:58 - 000000000 ____D C:\Users\donki\Documents\Sound recordings
2019-06-17 09:22 - 2018-12-20 00:33 - 000000000 ____D C:\Users\donki\AppData\Local\D3DSCache
2019-06-16 19:58 - 2018-12-19 20:13 - 000000000 ____D C:\Users\donki\AppData\Roaming\slobs-client
2019-06-16 18:32 - 2018-12-19 20:13 - 000000000 ____D C:\Users\donki\AppData\Roaming\obs-studio-node-server
2019-06-16 18:32 - 2018-12-19 20:12 - 000000000 ____D C:\Program Files\Streamlabs OBS
2019-06-16 14:00 - 2019-04-02 13:31 - 000000000 ____D C:\Users\donki\Documents\Work stuff
2019-06-14 19:37 - 2019-01-11 11:06 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-06-14 13:31 - 2019-05-25 02:15 - 000000000 ____D C:\Users\donki\AppData\Roaming\Microsoft\Windows\Start Menu\SteamVR
2019-06-13 16:42 - 2018-04-11 19:30 - 000000000 ____D C:\Windows\CbsTemp
2019-06-12 17:47 - 2018-12-19 19:33 - 000000000 ___RD C:\Users\donki\3D Objects
2019-06-12 17:47 - 2018-11-20 08:16 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-06-12 17:36 - 2018-11-20 06:54 - 000473808 _____ C:\Windows\system32\FNTCACHE.DAT
2019-06-12 17:35 - 2018-04-11 19:38 - 000000000 ____D C:\Windows\TextInput
2019-06-12 17:34 - 2018-04-11 19:38 - 000000000 ____D C:\Windows\ShellExperiences
2019-06-12 17:34 - 2018-04-11 19:38 - 000000000 ____D C:\Windows\Provisioning
2019-06-12 17:34 - 2018-04-11 19:38 - 000000000 ____D C:\Windows\bcastdvr
2019-06-12 09:57 - 2018-12-19 23:55 - 000000000 ____D C:\Windows\system32\MRT
2019-06-12 09:55 - 2018-12-19 23:55 - 135349160 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-06-11 14:54 - 2018-12-19 22:19 - 000000000 ____D C:\Users\donki\Documents\FL projects
2019-06-08 09:45 - 2018-12-19 19:37 - 000003378 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-623422119-4129174335-1793513392-1001
2019-06-08 09:45 - 2018-12-19 19:29 - 000002365 _____ C:\Users\donki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-06-07 03:20 - 2019-02-15 15:04 - 000000000 ____D C:\Program Files\Epic Games
2019-06-05 14:41 - 2018-12-19 19:38 - 000000000 ____D C:\Users\donki\AppData\Local\CrashDumps
2019-06-02 01:03 - 2018-04-11 19:38 - 000000000 ____D C:\Windows\LiveKernelReports
2019-05-31 21:48 - 2019-02-26 14:51 - 000001087 _____ C:\Users\donki\Documents\Mute EP.txt
2019-05-31 12:04 - 2019-05-25 14:07 - 000000000 ____D C:\Users\donki\Desktop\CustomSongs
2019-05-31 12:02 - 2019-05-25 13:59 - 000000000 ____D C:\Users\donki\AppData\Local\ModAssistant
2019-05-30 21:57 - 2018-04-11 19:41 - 000835688 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-05-30 21:57 - 2018-04-11 19:41 - 000179816 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-05-30 21:10 - 2018-11-29 11:55 - 000000000 ____D C:\ProgramData\PCDr
2019-05-30 21:07 - 2018-11-29 11:55 - 000000000 ____D C:\ProgramData\SupportAssist
2019-05-29 00:27 - 2018-11-29 11:55 - 000000000 ____D C:\Program Files\Common Files\Intel
2019-05-29 00:27 - 2018-11-29 11:51 - 000000000 ____D C:\ProgramData\Intel
2019-05-29 00:26 - 2018-11-29 11:55 - 000000000 ____D C:\Program Files (x86)\Intel
2019-05-29 00:23 - 2018-11-29 11:55 - 000000000 ____D C:\Program Files\Intel
2019-05-29 00:23 - 2018-04-11 19:38 - 000000000 ____D C:\Windows\system32\Drivers\DriverData
2019-05-27 21:49 - 2019-05-20 19:51 - 000000000 ____D C:\Users\donki\Documents\Ample Sound
2019-05-27 21:49 - 2019-05-20 19:51 - 000000000 ____D C:\Users\donki\AppData\Roaming\Ample Sound

==================== FLock ================

2018-11-29 12:32 C:\Recovery

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

 

Here is the Addition file:
Addition.txt

 

Link to post
Share on other sites

Hi,

Your logs are clean.

This is what I suspect.
After an update Norton will re-scan your computer and the quarantine folder where the compromised files was parked..

Open the Norton Security,  navigate to the Quarantine folder.

Delete all the files in that folder.

Restart the computer  normally.

Let me know in a few days if the problem persists.

Link to post
Share on other sites

Hi Nasdaq,

For a few days, I did not receive the notification. However, whenever I played the game "Bloodstained Ritual of the Night" on Steam, the notification seems to come back.

I don't know if that helps at all, but the notifications are back again.

Link to post
Share on other sites

Hi,

Scan the exe file for this game at VirusTotal.

https://www.virustotal.com/gui/home/upload

If found to be good then I suggest you sent the file to Norton for their review.
https://support.norton.com/sp/en/us/home/current/solutions/kb20090602171902EN_EndUserProfile_en_us

If found to not cause a problem they may whitelist the file.

Link to post
Share on other sites

Hi,

I checked the exe file of the game and nothing was detected. 

I looked a bit closer into the details of the notification and the source seemed to be coming from something called vboxheadless.exe.
I found the folder and deleted the file. So far that seemed to stop the notifications, but I'm giving it some time to make sure it's gone completely.

Link to post
Share on other sites

Hi,

The process is from Adobe Virtual Box.
https://www.oracle.com/ca-en/virtualization/virtualbox/

C:\vms\VBoxVmService64.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated)

By deleting the file you will not be able to use that service.

What you can do if you still have the file in the Recycle bin is to submit it to Norton for there review.
If found to be good they will WhiteList it.

Follow the instructions on this page.
https://support.norton.com/sp/en/us/home/current/solutions/kb20090602171902EN_EndUserProfile_en_us

If found to be good then restore the file from the Recycle bin.
 

Link to post
Share on other sites

  • 2 weeks later...
  • Root Admin

Due to the lack of feedback, this topic is closed to prevent others from posting here.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this topic. Other members who need assistance please start your own topic in a new thread.

Thanks

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.