Jump to content

Recommended Posts

The other night I tried to visit a site, but Panda Dome would not let it display and reported it as a virus because of a redirect (see attached items). Now I am getting the issues on other pages.   I thought it might be malware and have used all the apps, but am unable to find anything on my system.  Do you know what could be causing this issue?

Blocked Items.txt

Link to post
Share on other sites

Hello hiddensecret and welcome to malwarebytes....

Continue with the following:

If you do not have Malwarebytes installed do the following:

Download Malwarebytes from the following link:

https://www.malwarebytes.com/mwb-download/thankyou/

or,

https://downloads.malwarebytes.com/file/mb4_offline

Double click on the installer and follow the prompts. If necessary select the Blue Help tab for video instructions....

When the install completes or Malwarebytes is already installed do the following:

Open Malwarebytes, select > "settings" > "security tab"

Scroll down to "Scan Options" ensure Scan for Rootkits and Scan within Archives are both on....

Go back to "DashBoard" select the Blue "Scan Now" tab......

When the scan completes quarantine any found entries...

To get the log from Malwarebytes do the following:
 
  • Single click on the target sight above scanner window.
  • In the new window select Report
  • Double click on the Scan log which shows the Date and time of the scan just performed.
  • Click Export > From export you have two options:
    Copy to Clipboard - if seleted right click to your reply and select "Paste" log will be pasted to your reply
    Export toTxt - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply

     
  • Please use "Export to Txt" then attach the log to your reply...


Next,

Download AdwCleaner by Malwarebytes onto your Desktop.

Or from this Mirror
 
  • Right-click on AdwCleaner.exe and select user posted imageRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users)
  • Accept the EULA (I accept), then click on Scan
  • Let the scan complete. Once it's done, make sure that every item listed in the different tabs is checked and click on the Quarantine button. This will kill all the active processes
  • Once the cleaning process is complete, AdwCleaner will ask to restart your computer, do it
  • After the restart, a log will open when logging in. Please copy/paste the content of that log in your next reply


Next,

Download Farbar Recovery Scan Tool and save it to your desktop.

Alternative download option: http://www.techspot.com/downloads/6731-farbar-recovery-scan-tool.html

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

If your security alerts to FRST either, accept the alert or turn your security off to allow FRST to run. It is not malicious or infected in any way...

Be aware FRST must be run from an account with Administrator status...
 
  • Double-click to run it. When the tool opens click Yes to disclaimer.(Windows 8/10 users will be prompted about Windows SmartScreen protection - click More information and Run.)
  • Make sure Addition.txt is checkmarked under "Optional scans"
    user posted image
     
  • Press Scan button to run the tool....
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The tool will also make a log named (Addition.txt) Please attach that log to your reply.


Let me see those logs in your reply...

Thank you,

Kevin....
Link to post
Share on other sites

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 8/1/20
Scan Time: 9:20 PM
Log File: 6bc34fc6-d45e-11ea-b927-e86f38d7ad9a.json

-Software Information-
Version: 4.1.2.73
Components Version: 1.0.990
Update Package Version: 1.0.27799
License: Trial

-System Information-
OS: Windows 10 (Build 18362.959)
CPU: x64
File System: NTFS
User: LAPTOP-HEHR1P5A\hidde

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 350681
Threats Detected: 0
Threats Quarantined: 0
Time Elapsed: 2 min, 50 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 0
(No malicious items detected)

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)

 

# -------------------------------
# Malwarebytes AdwCleaner 8.0.7.0
# -------------------------------
# Build:    07-22-2020
# Database: 2020-07-20.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    08-01-2020
# Duration: 00:00:02
# OS:       Windows 10 Home
# Cleaned:  22
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted       Preinstalled.HPAudioSwitch   Folder   C:\Program Files (x86)\HP\HPAUDIOSWITCH
Deleted       Preinstalled.HPAudioSwitch   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4D89A4FF-B039-4DC8-826A-EFB0DF1DFC37} 
Deleted       Preinstalled.HPAudioSwitch   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HPAudioSwitch
Deleted       Preinstalled.HPAudioSwitch   Task   C:\Windows\System32\Tasks\HPAUDIOSWITCH
Deleted       Preinstalled.HPCleanFLC   Registry   HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|HPSEU_Host_Launcher
Deleted       Preinstalled.HPCleanFLC   Registry   HKCU\Software\Microsoft\Windows\CurrentVersion\Run|HPSEU_Host_Launcher
Deleted       Preinstalled.HPRegistrationService   Folder   C:\ProgramData\HP\HP REGISTRATION SERVICE
Deleted       Preinstalled.HPSupportAssistant   Folder   C:\HP\SUPPORT
Deleted       Preinstalled.HPSupportAssistant   Folder   C:\ProgramData\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted       Preinstalled.HPSupportAssistant   Folder   C:\Users\hidde\AppData\Roaming\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted       Preinstalled.HPSupportAssistant   Registry   HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted       Preinstalled.HPSupportAssistant   Registry   HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted       Preinstalled.HPSupportAssistant   Registry   HKLM\Software\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted       Preinstalled.HPSupportAssistant   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted       Preinstalled.HPSupportAssistant   Registry   HKLM\Software\Wow6432Node\\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted       Preinstalled.HPSupportAssistant   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted       Preinstalled.HPSureConnect   Folder   C:\Program Files\HPCOMMRECOVERY
Deleted       Preinstalled.HPSureConnect   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{6468C4A5-E47E-405F-B675-A70A70983EA6}
Deleted       Preinstalled.HPTouchpointAnalyticsClient   Folder   C:\ProgramData\HP\HP TOUCHPOINT ANALYTICS CLIENT
Deleted       Preinstalled.HPTouchpointAnalyticsClient   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}
Deleted       Preinstalled.WildTangentGamesBundle   Folder   C:\Program Files (x86)\WILDTANGENT GAMES
Deleted       Preinstalled.WildTangentGamesBundle   Folder   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WILDTANGENT GAMES


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [4653 octets] - [30/07/2020 20:07:51]
AdwCleaner[S01].txt - [4714 octets] - [30/07/2020 20:17:55]
AdwCleaner[S02].txt - [4775 octets] - [30/07/2020 23:57:01]
AdwCleaner[S03].txt - [4167 octets] - [01/08/2020 21:25:40]
AdwCleaner[S04].txt - [4228 octets] - [01/08/2020 21:27:10]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C04].txt ##########
 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-07-2020
Ran by hidde (administrator) on LAPTOP-HEHR1P5A (HP HP Laptop 15-dy1xxx) (01-08-2020 21:30:30)
Running from C:\Users\hidde\OneDrive\Documents\_virus\2
Loaded Profiles: hidde
Platform: Windows 10 Home Version 1903 18362.959 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adlice -> ) C:\Program Files\RogueKiller\RogueKiller64.exe
(Adlice -> ) C:\Program Files\RogueKiller\RogueKillerSvc.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12108.5.48031.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(ELAN Microelectronics Corporation -> ) C:\Windows\System32\ELAN_MOC_IAP_Service.exe
(ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrl.exe
(ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDService.exe
(Greatis Software LLC -> Greatis Software) C:\Program Files (x86)\UnHackMe\hackmon.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_2576de2e12637a57\x64\TouchpointAnalyticsClient.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_2576de2e12637a57\x64\TouchpointAnalyticsClientService.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f81da7794b7c4a41\x64\AppHelperCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f81da7794b7c4a41\x64\NetworkCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f81da7794b7c4a41\x64\SysInfoCap.exe
(HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.1.18.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityHost.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_4a3ae74cfa6c37d6\esif_uf.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_31a8dbbf39dcdc3b\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_3ef70b9d5cc0699f\LMS.exe
(Intel(R) pGFX 2020 -> ) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_dc7a0fe3ada1cbf5\OneApp.IGCC.WinService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_dc2a57d591329a30\igfxCUIServiceN.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_dc2a57d591329a30\igfxEMN.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_ada2367baaae74c0\IntelCpHDCPSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_6ca78a08b838e305\RstMwService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <6>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\hidde\AppData\Local\Microsoft\OneDrive\20.124.0621.0006\FileCoAuth.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\hidde\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2005.23.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12007.1001.2.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\usocoreworker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Panda Security S.L. -> Panda Security S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\pselamsvc.exe
(Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(Safer Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) [File not signed] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOMN64.exe
(SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Support.com Inc -> SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(SurfRight B.V. -> SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(Zemana D.O.O. Sarajevo -> Zemana Ltd.) C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\windows\System32\RtkAudUService64.exe [881168 2019-07-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942864 2016-10-14] (Logitech -> Logitech, Inc.)
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [165120 2019-10-16] (Panda Security S.L. -> Panda Security, S.L.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer Networking Ltd. -> Safer-Networking Ltd.)
HKU\S-1-5-21-3860533627-3667802152-3241097522-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [28990136 2020-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3860533627-3667802152-3241097522-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [9230256 2020-03-13] (Support.com Inc -> SUPERAntiSpyware)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.105\Installer\chrmstp.exe [2020-07-27] (Google LLC -> Google LLC)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {07200EBA-5B0D-4800-8C90-9963A32A5C5E} - System32\Tasks\AMSkipUAC => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [658808 2020-07-29] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)
Task: {217481E7-1D49-44AB-81A8-4AF16EABC4F2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1099640 2020-02-23] (HP Inc. -> HP Inc.)
Task: {26E4B0C6-F2E7-4223-9D53-BA828EB7E31D} - System32\Tasks\SUPERAntiSpyware Scheduled Task c50424c8-0df0-49a3-8d10-2ea52919f08a => C:\Program Files\SUPERAntiSpyware\SASTask.exe [49944 2013-11-07] (SUPERAntiSpyware.com -> SUPERAdBlocker.com)
Task: {3A72ED7D-0BA0-4575-BEAA-46B45A5DFCCB} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {3AC6B6DC-BEB6-48B3-BBA5-222F966FF8E7} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [5753752 2016-03-21] (Safer-Networking Ltd. -> Safer-Networking Ltd.) [File not signed]
Task: {443018E2-72A8-4E18-AB95-F2758C366F54} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [6193080 2016-03-21] (Safer-Networking Ltd. -> Safer-Networking Ltd.) [File not signed]
Task: {44D895C1-68C8-4B3A-A1B3-3E716987667F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [147320 2020-02-23] (HP Inc. -> HP Inc.)
Task: {4E940697-10DA-4B30-9469-AE6EF52D9D25} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [24584376 2020-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {5100A477-348F-48CA-A0F9-BA0C7018AC24} - no filepath
Task: {516A52FF-7751-4460-ABE6-2B2B1678A37F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23815032 2020-07-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {5EDB0A0A-DF8B-4D3C-ADE5-602D6086FCCF} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [170856 2020-07-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {5F6F07BE-776D-4212-BE10-11DBA5CB9F9A} - System32\Tasks\AMHelper => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [658808 2020-07-29] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)
Task: {89193CA6-895D-4C3F-BD2F-23F4BD26541B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1099640 2020-02-23] (HP Inc. -> HP Inc.)
Task: {8EE63345-02D6-40C1-B201-431117AE4169} - System32\Tasks\UnHackMe Task Scheduler => C:\Program Files (x86)\UnHackMe\hackmon.exe [4596296 2020-07-31] (Greatis Software LLC -> Greatis Software)
Task: {B047202B-46E7-41EA-B438-0128BBEF7FC3} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [170856 2020-07-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {B8AC5AEA-266E-46CD-BC8C-848BB041DA9D} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23815032 2020-07-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {C13FAE44-C8D4-45B6-B73F-179AA692A344} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [4747720 2014-06-27] (Safer Networking Ltd. -> Safer-Networking Ltd.)
Task: {D5528AAC-6C81-402B-973A-D14CFF35A805} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-03-01] (Google LLC -> Google LLC)
Task: {D7FF19CE-FA5C-47AC-93BB-02DBD9E5C390} - no filepath
Task: {DD7D44D3-BC80-4A62-910A-69C707C31BC4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-03-01] (Google LLC -> Google LLC)
Task: {DEE19C57-0AE8-4D5A-B30F-684B15AB836D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1331792 2020-05-07] (Adobe Inc. -> Adobe Inc.)
Task: {DF59B807-9ACD-4C7C-AF94-907D1921F1E5} - no filepath
Task: {E3669076-4ABC-4DCA-BBCA-B473EFB77845} - System32\Tasks\SUPERAntiSpyware Scheduled Task b790e487-16d4-4701-ab4e-2feaaead77e9 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [49944 2013-11-07] (SUPERAntiSpyware.com -> SUPERAdBlocker.com)
Task: {F44F82F5-EA1B-49B7-A29B-6783745C3320} - System32\Tasks\HP\Consent Manager Launcher => sc start hptouchpointanalyticsservice

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\windows\explorer.exe
Task: C:\windows\Tasks\SUPERAntiSpyware Scheduled Task b790e487-16d4-4701-ab4e-2feaaead77e9.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\windows\Tasks\SUPERAntiSpyware Scheduled Task c50424c8-0df0-49a3-8d10-2ea52919f08a.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 209.18.47.62 209.18.47.61
Tcpip\..\Interfaces\{65d24db0-0750-4d94-a25d-9f88c21760d5}: [DhcpNameServer] 40.23.1.12
Tcpip\..\Interfaces\{89c8c1ce-dd1e-4220-a883-1a22d6d756da}: [DhcpNameServer] 209.18.47.62 209.18.47.61

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-3860533627-3667802152-3241097522-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
SearchScopes: HKLM -> {FDE4E059-6C33-4FC6-96E1-364BAD9D9DC1} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {FDE4E059-6C33-4FC6-96E1-364BAD9D9DC1} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-3860533627-3667802152-3241097522-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
SearchScopes: HKU\S-1-5-21-3860533627-3667802152-3241097522-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
SearchScopes: HKU\S-1-5-21-3860533627-3667802152-3241097522-1001 -> {FDE4E059-6C33-4FC6-96E1-364BAD9D9DC1} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO: IEToEdge BHO -> {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} -> C:\Program Files (x86)\Microsoft\Edge\Application\84.0.522.50\BHO\ie_to_edge_bho_64.dll [2020-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: IEToEdge BHO -> {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} -> C:\Program Files (x86)\Microsoft\Edge\Application\84.0.522.50\BHO\ie_to_edge_bho.dll [2020-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-02-24] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-07-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-07-11] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-07-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-07-11] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-07-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-07-11] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-07-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-07-11] (Microsoft Corporation -> Microsoft Corporation)

Edge: 
======
DownloadDir: C:\Users\hidde\Downloads
Edge DefaultProfile: Default
Edge Profile: C:\Users\hidde\AppData\Local\Microsoft\Edge\User Data\Default [2020-08-01]
Edge DownloadDir: C:\Users\hidde\Downloads
Edge StartupUrls: Default -> "hxxps://www.google.com/?gws_rd=ssl"

FireFox:
========
FF ProfilePath: C:\Users\hidde\AppData\Roaming\kompozer.net\KompoZer\Profiles\nsu2a9ko.default [2020-07-02]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-02-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-02-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-03] (Adobe Inc. -> Adobe Systems Inc.)

Chrome: 
=======
CHR Profile: C:\Users\hidde\AppData\Local\Google\Chrome\User Data\Default [2020-08-01]
CHR Extension: (Slides) - C:\Users\hidde\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-03-01]
CHR Extension: (Docs) - C:\Users\hidde\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-03-01]
CHR Extension: (Google Drive) - C:\Users\hidde\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-03-01]
CHR Extension: (YouTube) - C:\Users\hidde\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-03-01]
CHR Extension: (Adobe Acrobat) - C:\Users\hidde\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-07-30]
CHR Extension: (Sheets) - C:\Users\hidde\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-03-01]
CHR Extension: (Google Docs Offline) - C:\Users\hidde\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-05-27]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\hidde\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-07-31]
CHR Extension: (Chrome Web Store Payments) - C:\Users\hidde\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-03-01]
CHR Extension: (Gmail) - C:\Users\hidde\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-03-01]
CHR Extension: (Chrome Media Router) - C:\Users\hidde\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-07-20]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-30] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [10574712 2020-07-02] (Microsoft Corporation -> Microsoft Corporation)
S4 ELANFPService; C:\windows\system32\ELANFPService.exe [193264 2019-10-11] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
R2 ELAN_MOC_IAP_Service; C:\windows\System32\ELAN_MOC_IAP_Service.exe [41512 2020-04-28] (ELAN Microelectronics Corporation -> )
R2 ETDService; C:\windows\System32\ETDService.exe [196032 2019-07-30] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [162392 2020-07-31] (SurfRight B.V. -> SurfRight B.V.)
R2 HPAppHelperCap; C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f81da7794b7c4a41\x64\AppHelperCap.exe [613136 2020-06-15] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f81da7794b7c4a41\x64\NetworkCap.exe [612112 2020-06-15] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f81da7794b7c4a41\x64\SysInfoCap.exe [612112 2020-06-15] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_2576de2e12637a57\x64\TouchpointAnalyticsClientService.exe [445184 2020-06-14] (HP Inc. -> HP Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6970968 2020-07-30] (Malwarebytes Inc -> Malwarebytes)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [109536 2019-10-16] (Panda Security S.L. -> Panda Security, S.L.)
S3 Panda VPN Service; C:\Program Files (x86)\Panda Security\Panda Security Protection\Hydra.Sdk.Windows.Service.exe [320848 2017-11-19] (AnchorFree Inc -> )
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [84176 2019-02-19] (Panda Security S.L. -> Panda Security, S.L.)
R2 pselamsvc; C:\Program Files (x86)\Panda Security\Panda Security Protection\pselamsvc.exe [189448 2018-07-25] (Panda Security S.L. -> Panda Security S.L.)
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [48784 2019-10-16] (Panda Security S.L. -> Panda Security, S.L.)
R2 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [13587000 2020-07-27] (Adlice -> )
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer Networking Ltd. -> Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [4088608 2016-09-21] (Safer-Networking Ltd. -> Safer-Networking Ltd.) [File not signed]
S2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [235984 2016-11-24] (Safer-Networking Ltd. -> Safer-Networking Ltd.) [File not signed]
R2 SECOMNService; C:\windows\System32\SECOMN64.exe [169680 2019-07-01] (Sound Research Corporation -> Sound Research, Corp.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S2 HP Comm Recover; "C:\Program Files\HPCommRecovery\HPCommRecovery.exe" [X]
S2 WildTangentHelper; "C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aftap0901; C:\windows\System32\drivers\aftap0901.sys [48624 2017-11-16] (AnchorFree Inc -> The OpenVPN Project)
R1 amsdk; C:\windows\system32\drivers\amsdk.sys [232792 2020-07-31] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
S3 AmUStor; C:\windows\system32\drivers\AmUStorU.sys [127936 2019-07-02] (Alcorlink Corp. -> )
S3 AppleKmdfFilter; C:\windows\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\windows\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 BthA2dp; C:\windows\System32\drivers\BthA2dp.sys [231936 2020-02-24] (Microsoft Corporation) [File not signed]
R1 ESProtectionDriver; C:\windows\system32\drivers\mbae64.sys [153312 2020-07-30] (Malwarebytes Corporation -> Malwarebytes)
R3 ETDHCF; C:\windows\System32\drivers\ETDHCF.sys [29632 2019-07-30] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.)
R3 HPCustomCapDriver; C:\windows\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_1f5602eb8a12ac4c\x64\hpcustomcapdriver.sys [25024 2019-04-18] (Microsoft Windows Hardware Compatibility Publisher -> HP Inc.)
R2 MBAMChameleon; C:\windows\System32\Drivers\MbamChameleon.sys [216056 2020-08-01] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\windows\System32\DRIVERS\MbamElam.sys [19912 2020-07-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\windows\System32\DRIVERS\farflt.sys [197264 2020-08-01] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\windows\system32\DRIVERS\mbam.sys [73368 2020-08-01] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\windows\System32\Drivers\mbamswissarmy.sys [248968 2020-08-01] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\windows\system32\DRIVERS\mwac.sys [131232 2020-08-01] (Malwarebytes Inc -> Malwarebytes)
R3 MEIx64; C:\windows\System32\DriverStore\FileRepository\heci.inf_amd64_d01e7c2e2b4c1b72\x64\TeeDriverW10x64.sys [298480 2020-01-12] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R1 NNSALPC; C:\windows\system32\DRIVERS\NNSALPC.sys [111384 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSDNS; C:\windows\system32\DRIVERS\NNSDNS.sys [104728 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSHTTP; C:\windows\system32\DRIVERS\NNSHTTP.sys [211736 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSHTTPS; C:\windows\system32\DRIVERS\NNSHTTPS.sys [125720 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSIDS; C:\windows\system32\DRIVERS\NNSIDS.sys [132888 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSNAHSL; C:\windows\system32\DRIVERS\NNSNAHSL.sys [95472 2018-07-16] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPICC; C:\windows\system32\DRIVERS\NNSPICC.sys [149784 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPIHSW; C:\windows\system32\DRIVERS\NNSPIHSW.sys [95000 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPOP3; C:\windows\system32\DRIVERS\NNSPOP3.sys [135448 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPROT; C:\windows\system32\DRIVERS\NNSPROT.sys [346392 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPRV; C:\windows\system32\DRIVERS\NNSPRV.sys [290584 2019-05-30] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSSMTP; C:\windows\system32\DRIVERS\NNSSMTP.sys [123160 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSSTRM; C:\windows\system32\DRIVERS\NNSSTRM.sys [295192 2019-05-30] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSTLSC; C:\windows\system32\DRIVERS\NNSTLSC.sys [132376 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINAflt; C:\windows\system32\DRIVERS\PSINAflt.sys [198424 2019-06-11] (Panda Security S.L. -> Panda Security, S.L.)
S0 psinelam; C:\windows\System32\DRIVERS\psinelam.sys [21952 2019-01-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Panda Security, S.L.)
R2 PSINFile; C:\windows\System32\DRIVERS\PSINFile.sys [160536 2019-06-11] (Panda Security S.L. -> Panda Security, S.L.)
R1 PSINKNC; C:\windows\system32\DRIVERS\PSINKNC.sys [215320 2019-03-04] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINProc; C:\windows\System32\DRIVERS\PSINProc.sys [147224 2019-06-11] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINProt; C:\windows\system32\DRIVERS\PSINProt.sys [159512 2019-06-11] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINReg; C:\windows\system32\DRIVERS\PSINReg.sys [129304 2019-06-11] (Panda Security S.L. -> Panda Security, S.L.)
U3 PSKMAD; C:\windows\System32\DRIVERS\PSKMAD.sys [72648 2017-05-22] (Panda Security S.L. -> Panda Security, S.L.)
R3 PTPFilter; C:\windows\System32\drivers\PTPFilter.sys [46232 2019-07-30] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronic Corp.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
U3 TrueSight; C:\Windows\System32\drivers\truesight.sys [38032 2020-08-01] (Adlice -> )
S3 WdBoot; C:\windows\system32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\windows\system32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\windows\System32\drivers\WirelessButtonDriver64.sys [35392 2020-06-08] (HP Inc. -> HP)
R1 ZAM_Guard; C:\windows\System32\drivers\zamguard64.sys [203680 2020-07-31] (Zemana Ltd. -> Zemana Ltd.)
S3 mfeavfk01; \Device\mfeavfk01.sys [X]
U0 Partizan; system32\drivers\Partizan.sys [X]
S3 WinRing0_1_2_0; \??\C:\windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_942053d68a2ba613\x64\OpenHardwareMonitorLib.sys [X]
S1 ZAM; \??\C:\windows\System32\drivers\zam64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-08-01 21:28 - 2020-08-01 21:28 - 000216056 _____ (Malwarebytes) C:\windows\system32\Drivers\MbamChameleon.sys
2020-08-01 21:28 - 2020-08-01 21:28 - 000197264 _____ (Malwarebytes) C:\windows\system32\Drivers\farflt.sys
2020-08-01 21:28 - 2020-08-01 21:28 - 000131232 _____ (Malwarebytes) C:\windows\system32\Drivers\mwac.sys
2020-08-01 21:28 - 2020-08-01 21:28 - 000073368 _____ (Malwarebytes) C:\windows\system32\Drivers\mbam.sys
2020-08-01 15:42 - 2020-08-01 15:42 - 000325598 _____ C:\TDSSKiller.3.1.0.28_01.08.2020_15.42.09_log.txt
2020-08-01 15:31 - 2020-08-01 21:28 - 000038032 _____ C:\windows\system32\Drivers\truesight.sys
2020-08-01 15:30 - 2020-08-01 15:46 - 000376968 _____ C:\windows\ntbtlog.txt
2020-08-01 15:30 - 2020-08-01 15:30 - 000000214 _____ C:\windows\Tasks\CreateExplorerShellUnelevatedTask.job
2020-08-01 15:27 - 2020-08-01 15:27 - 005054744 _____ (AO Kaspersky Lab) C:\Users\hidde\Downloads\tdsskiller (1).exe
2020-08-01 15:27 - 2020-08-01 15:27 - 000006040 _____ C:\TDSSKiller.3.1.0.28_01.08.2020_15.27.13_log.txt
2020-08-01 15:12 - 2020-08-01 15:13 - 000004224 _____ C:\Users\hidde\Desktop\Rkill.txt
2020-08-01 15:12 - 2020-08-01 15:12 - 000000000 ____D C:\Users\hidde\Desktop\rkill
2020-08-01 10:33 - 2020-08-01 11:08 - 000000280 _____ C:\Users\hidde\OneDrive\Documents\pc.txt
2020-08-01 09:57 - 2019-03-19 00:49 - 000000824 _____ C:\windows\system32\Drivers\etc\hosts.old
2020-08-01 09:47 - 2020-08-01 19:19 - 000000000 ____D C:\Users\hidde\OneDrive\Documents\RegRun2
2020-08-01 09:47 - 2020-08-01 15:50 - 000000000 ____D C:\Program Files (x86)\UnHackMe
2020-08-01 09:47 - 2020-08-01 09:47 - 000003420 _____ C:\windows\system32\Tasks\UnHackMe Task Scheduler
2020-08-01 09:47 - 2020-08-01 09:47 - 000001047 _____ C:\Users\hidde\Desktop\UnHackMe.lnk
2020-08-01 09:47 - 2020-08-01 09:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UnHackMe
2020-08-01 09:47 - 2020-06-23 14:24 - 000016184 _____ (Greatis Software, LLC.) C:\windows\SysWOW64\Drivers\UnHackMeDrv.sys
2020-08-01 09:47 - 2015-12-28 11:32 - 000049968 _____ (Greatis Software) C:\windows\system32\partizan.exe
2020-08-01 09:44 - 2020-08-01 09:45 - 025427826 _____ C:\Users\hidde\Downloads\unhackme-beta.zip
2020-07-31 21:25 - 2020-08-01 15:27 - 000000542 _____ C:\windows\Tasks\SUPERAntiSpyware Scheduled Task c50424c8-0df0-49a3-8d10-2ea52919f08a.job
2020-07-31 21:25 - 2020-08-01 15:27 - 000000542 _____ C:\windows\Tasks\SUPERAntiSpyware Scheduled Task b790e487-16d4-4701-ab4e-2feaaead77e9.job
2020-07-31 21:25 - 2020-07-31 21:25 - 044996336 _____ (SUPERAntiSpyware) C:\Users\hidde\Downloads\SUPERAntiSpyware.exe
2020-07-31 21:25 - 2020-07-31 21:25 - 000003782 _____ C:\windows\system32\Tasks\SUPERAntiSpyware Scheduled Task b790e487-16d4-4701-ab4e-2feaaead77e9
2020-07-31 21:25 - 2020-07-31 21:25 - 000003700 _____ C:\windows\system32\Tasks\SUPERAntiSpyware Scheduled Task c50424c8-0df0-49a3-8d10-2ea52919f08a
2020-07-31 21:25 - 2020-07-31 21:25 - 000001856 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2020-07-31 21:25 - 2020-07-31 21:25 - 000001856 _____ C:\ProgramData\Desktop\SUPERAntiSpyware Free Edition.lnk
2020-07-31 21:25 - 2020-07-31 21:25 - 000000000 ____D C:\Users\hidde\AppData\Roaming\SUPERAntiSpyware.com
2020-07-31 21:25 - 2020-07-31 21:25 - 000000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2020-07-31 21:25 - 2020-07-31 21:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2020-07-31 21:25 - 2020-07-31 21:25 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
2020-07-31 20:58 - 2020-07-31 20:59 - 006455520 _____ (EnigmaSoft Limited) C:\Users\hidde\Downloads\SpyHunter-Installer.exe
2020-07-31 20:47 - 2020-07-31 20:47 - 000000000 ____D C:\ProgramData\WildTangent
2020-07-31 20:21 - 2020-07-31 20:21 - 000001973 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2020-07-31 20:21 - 2020-07-31 20:21 - 000001973 _____ C:\ProgramData\Desktop\HitmanPro.lnk
2020-07-31 20:21 - 2020-07-31 20:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2020-07-31 20:21 - 2020-07-31 20:21 - 000000000 ____D C:\Program Files\HitmanPro
2020-07-31 20:20 - 2020-07-31 20:32 - 000000000 ____D C:\ProgramData\HitmanPro
2020-07-31 20:20 - 2020-07-31 20:20 - 011429976 _____ (SurfRight B.V.) C:\Users\hidde\Downloads\HitmanPro_x64.exe
2020-07-31 00:23 - 2020-07-31 00:23 - 000030852 _____ C:\Users\hidde\Downloads\Addition.txt
2020-07-31 00:22 - 2020-07-31 00:23 - 000107250 _____ C:\Users\hidde\Downloads\FRST.txt
2020-07-31 00:21 - 2020-08-01 21:30 - 000000000 ____D C:\FRST
2020-07-31 00:21 - 2020-07-31 00:21 - 000000000 ____D C:\Users\hidde\Downloads\FRST-OlderVersion
2020-07-31 00:20 - 2020-07-31 00:21 - 002296832 _____ (Farbar) C:\Users\hidde\Downloads\FRST64.exe
2020-07-31 00:17 - 2020-07-31 00:17 - 000000000 ____D C:\ProgramData\Emsisoft
2020-07-31 00:16 - 2020-07-31 00:22 - 000000000 ____D C:\EEK
2020-07-31 00:15 - 2020-07-31 00:16 - 322001728 _____ C:\Users\hidde\Downloads\EmsisoftEmergencyKit.exe
2020-07-31 00:11 - 2020-07-31 00:11 - 000002680 _____ C:\windows\system32\Tasks\AMSkipUAC
2020-07-31 00:08 - 2020-08-01 21:28 - 000000000 ____D C:\Users\hidde\AppData\Local\AMSDK
2020-07-31 00:08 - 2020-07-31 00:12 - 000003558 _____ C:\windows\system32\Tasks\AMHelper
2020-07-31 00:08 - 2020-07-31 00:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2020-07-31 00:08 - 2020-07-31 00:08 - 000232792 _____ (Copyright 2018.) C:\windows\system32\Drivers\amsdk.sys
2020-07-31 00:08 - 2020-07-31 00:08 - 000000000 ____D C:\Program Files (x86)\Zemana
2020-07-31 00:07 - 2020-08-01 21:31 - 000163758 _____ C:\windows\ZAM.krnl.trace
2020-07-31 00:07 - 2020-08-01 21:30 - 000038760 _____ C:\windows\ZAM_Guard.krnl.trace
2020-07-31 00:07 - 2020-07-31 00:12 - 000001340 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2020-07-31 00:07 - 2020-07-31 00:12 - 000001340 _____ C:\ProgramData\Desktop\Zemana AntiMalware.lnk
2020-07-31 00:07 - 2020-07-31 00:08 - 000000000 ____D C:\Users\hidde\AppData\Local\Zemana
2020-07-31 00:07 - 2020-07-31 00:07 - 005765792 _____ (Zemana Ltd. ) C:\Users\hidde\Downloads\Zemana.AntiMalware.Setup.exe
2020-07-31 00:07 - 2020-07-31 00:07 - 000203680 _____ (Zemana Ltd.) C:\windows\system32\Drivers\zamguard64.sys
2020-07-30 20:56 - 2020-08-01 21:24 - 000000000 ____D C:\Users\hidde\OneDrive\Documents\_virus
2020-07-30 20:53 - 2020-08-01 15:47 - 000248968 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamswissarmy.sys
2020-07-30 20:53 - 2020-07-30 20:53 - 000019912 _____ (Malwarebytes) C:\windows\system32\Drivers\MbamElam.sys
2020-07-30 20:52 - 2020-07-30 20:52 - 002025944 _____ (Malwarebytes) C:\Users\hidde\Downloads\MBSetup.exe
2020-07-30 20:37 - 2020-07-30 20:37 - 000000906 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2020-07-30 20:37 - 2020-07-30 20:37 - 000000906 _____ C:\ProgramData\Desktop\RogueKiller.lnk
2020-07-30 20:37 - 2020-07-30 20:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2020-07-30 20:37 - 2020-07-30 20:37 - 000000000 ____D C:\Program Files\RogueKiller
2020-07-30 20:36 - 2020-07-30 20:42 - 000000000 ____D C:\ProgramData\RogueKiller
2020-07-30 20:36 - 2020-07-30 20:36 - 040314800 _____ (Adlice Software ) C:\Users\hidde\Downloads\RogueKiller_setup.exe
2020-07-30 20:07 - 2020-08-01 21:27 - 000000000 ____D C:\AdwCleaner
2020-07-30 19:55 - 2020-07-30 20:54 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-07-30 19:55 - 2020-07-30 20:54 - 000002028 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-07-30 19:55 - 2020-07-30 20:54 - 000002028 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-07-30 19:55 - 2020-07-30 20:53 - 000153312 _____ (Malwarebytes) C:\windows\system32\Drivers\mbae64.sys
2020-07-30 19:55 - 2020-07-30 19:55 - 001988280 _____ (Malwarebytes) C:\Users\hidde\Downloads\MBSetup-009996.009996-consumer.exe
2020-07-30 19:55 - 2020-07-30 19:55 - 000000000 ____D C:\Users\hidde\AppData\Local\mbam
2020-07-30 19:55 - 2020-07-30 19:55 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-07-30 19:55 - 2020-07-30 19:55 - 000000000 ____D C:\Program Files\Malwarebytes
2020-07-30 19:55 - 2020-07-30 19:55 - 000000000 ____D C:\Malwarebytes
2020-07-28 20:51 - 2020-07-28 20:51 - 000102037 _____ C:\Users\hidde\OneDrive\Documents\WISH.xcf
2020-07-28 20:51 - 2020-07-28 20:51 - 000008654 _____ C:\Users\hidde\AppData\Local\recently-used.xbel
2020-07-24 19:31 - 2020-07-29 16:06 - 000000000 ____D C:\Users\hidde\AppData\LocalLow\Adobe
2020-07-23 18:23 - 2020-07-24 19:32 - 000004562 _____ C:\windows\system32\Tasks\Adobe Acrobat Update Task
2020-07-23 18:23 - 2020-07-24 19:32 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-07-23 18:23 - 2020-07-23 18:23 - 000002131 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2020-07-23 18:23 - 2020-07-23 18:23 - 000002131 _____ C:\ProgramData\Desktop\Acrobat Reader DC.lnk
2020-07-23 18:22 - 2020-07-24 19:31 - 000000000 ____D C:\ProgramData\Adobe
2020-07-23 18:22 - 2020-07-23 18:22 - 000000000 ____D C:\Program Files (x86)\Adobe
2020-07-23 18:21 - 2020-07-24 19:31 - 000000000 ____D C:\Users\hidde\AppData\Local\Adobe
2020-07-20 13:57 - 2020-07-20 13:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2020-07-16 19:11 - 2020-07-16 19:11 - 000000000 ____D C:\Users\hidde\Apple
2020-07-16 19:09 - 2020-07-16 19:09 - 000000000 ____D C:\ProgramData\Apple Computer
2020-07-16 19:09 - 2020-07-16 19:09 - 000000000 ____D C:\ProgramData\Apple
2020-07-16 15:23 - 2020-07-16 15:23 - 000000000 ____D C:\Users\hidde\AppData\Roaming\Skype
2020-07-14 19:58 - 2020-07-14 19:58 - 025902592 _____ (Microsoft Corporation) C:\windows\system32\edgehtml.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 025444352 _____ (Microsoft Corporation) C:\windows\system32\Hydrogen.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 022641664 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 019851776 _____ (Microsoft Corporation) C:\windows\SysWOW64\edgehtml.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 019812864 _____ (Microsoft Corporation) C:\windows\system32\HologramWorld.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 018031104 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 017792512 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Xaml.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 014820352 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Xaml.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 009931576 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2020-07-14 19:58 - 2020-07-14 19:58 - 008015872 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 007917408 _____ (Microsoft Corporation) C:\windows\system32\windows.storage.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 007850288 _____ (Microsoft Corporation) C:\windows\system32\OneCoreUAPCommonProxyStub.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 007823912 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 007604584 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.Protection.PlayReady.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 007297536 _____ (Microsoft Corporation) C:\windows\system32\Windows.Data.Pdf.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 007269376 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 007268640 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 007012864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 006523856 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 006437376 _____ (Microsoft Corporation) C:\windows\system32\twinui.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 006292992 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 006233080 _____ (Microsoft Corporation) C:\windows\system32\StartTileData.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 006169088 _____ (Microsoft Corporation) C:\windows\system32\twinui.pcshell.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 006089512 _____ (Microsoft Corporation) C:\windows\SysWOW64\windows.storage.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 005946368 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Data.Pdf.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 005765648 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 005111808 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinui.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 005099384 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 004625192 _____ (Microsoft Corporation) C:\windows\explorer.exe
2020-07-14 19:58 - 2020-07-14 19:58 - 004565264 _____ (Microsoft Corporation) C:\windows\system32\sppsvc.exe
2020-07-14 19:58 - 2020-07-14 19:58 - 004129424 _____ (Microsoft Corporation) C:\windows\system32\mfcore.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 004014592 _____ (Microsoft Corporation) C:\windows\system32\Microsoft.Bluetooth.Service.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 003974368 _____ (Microsoft Corporation) C:\windows\SysWOW64\explorer.exe
2020-07-14 19:58 - 2020-07-14 19:58 - 003800576 _____ (Microsoft Corporation) C:\windows\system32\diagtrack.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 003748352 _____ (Microsoft Corporation) C:\windows\system32\SettingsHandlers_nt.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 003743048 _____ (Microsoft Corporation) C:\windows\SysWOW64\OneCoreUAPCommonProxyStub.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 003727360 _____ (Microsoft Corporation) C:\windows\system32\win32kfull.sys
2020-07-14 19:58 - 2020-07-14 19:58 - 003712000 _____ (Microsoft Corporation) C:\windows\system32\AppXDeploymentServer.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 003084800 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 002799104 _____ (Microsoft Corporation) C:\windows\SysWOW64\win32kfull.sys
2020-07-14 19:58 - 2020-07-14 19:58 - 002768984 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 002737664 _____ (Microsoft Corporation) C:\windows\system32\WebRuntimeManager.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 002716672 _____ (Microsoft Corporation) C:\windows\system32\win32kbase.sys
2020-07-14 19:58 - 2020-07-14 19:58 - 002576896 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 002552120 _____ (Microsoft Corporation) C:\windows\system32\UpdateAgent.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 002505496 _____ (Microsoft Corporation) C:\windows\system32\twinapi.appcore.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 002494744 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2vdec.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 002467840 _____ (Microsoft Corporation) C:\windows\system32\InstallService.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 002448712 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 002357248 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.Perception.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 002285056 _____ (Microsoft Corporation) C:\windows\system32\Windows.Graphics.Printing.3D.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 002264064 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.Bluetooth.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 002237096 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 002161664 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.PointOfService.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 002087168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 002074112 _____ (Microsoft Corporation) C:\windows\system32\ISM.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 002060288 _____ (Microsoft Corporation) C:\windows\system32\cdprt.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 001991592 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinapi.appcore.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 001952880 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 001946144 _____ (Microsoft Corporation) C:\windows\system32\dcomp.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 001918464 _____ (Microsoft Corporation) C:\windows\system32\wevtsvc.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 001885184 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 001877504 _____ (Microsoft Corporation) C:\windows\system32\LocationFramework.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 001827328 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.Speech.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 001821696 _____ (Microsoft Corporation) C:\windows\system32\CoreShell.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 001787392 _____ (Microsoft Corporation) C:\windows\system32\Windows.Globalization.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 001764336 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 001745728 _____ (Microsoft Corporation) C:\windows\system32\ContentDeliveryManager.Utilities.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 001743680 _____ (Microsoft Corporation) C:\windows\system32\sppobjs.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 001737728 _____ (Microsoft Corporation) C:\windows\SysWOW64\InstallService.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 001723392 _____ (Microsoft Corporation) C:\windows\system32\Wpc.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 001697792 _____ (Microsoft Corporation) C:\windows\system32\GdiPlus.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 001665728 _____ (Microsoft Corporation) C:\windows\SysWOW64\user32.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 001658368 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 001656904 _____ (Microsoft Corporation) C:\windows\system32\user32.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 001655472 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 001654304 _____ (Microsoft Corporation) C:\windows\system32\gdi32full.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 001640448 _____ (Microsoft Corporation) C:\windows\system32\TaskFlowDataEngine.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 001612800 _____ (Microsoft Corporation) C:\windows\system32\wpncore.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 001610240 _____ (Microsoft Corporation) C:\windows\system32\HologramCompositor.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 001604608 _____ (Microsoft Corporation) C:\windows\system32\dosvc.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 001581568 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.Perception.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 001550336 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Graphics.Printing.3D.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 001540608 _____ (Microsoft Corporation) C:\windows\system32\WindowManagement.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 001512960 _____ (Microsoft Corporation) C:\windows\SysWOW64\cdprt.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 001500160 _____ (Microsoft Corporation) C:\windows\system32\TokenBroker.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 001495040 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.Bluetooth.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 001486848 _____ (Microsoft Corporation) C:\windows\system32\usocoreworker.exe
2020-07-14 19:58 - 2020-07-14 19:58 - 001484384 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 001477632 _____ (Microsoft Corporation) C:\windows\SysWOW64\dcomp.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 001463808 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.PointOfService.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 001458688 _____ (Microsoft Corporation) C:\windows\SysWOW64\GdiPlus.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 001420328 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32full.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 001397568 _____ (Microsoft Corporation) C:\windows\system32\hvix64.exe
2020-07-14 19:58 - 2020-07-14 19:58 - 001392128 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.FaceAnalysis.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 001385696 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 001374208 _____ (Microsoft Corporation) C:\windows\system32\NotificationController.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 001371136 _____ (Microsoft Corporation) C:\windows\SysWOW64\Wpc.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 001357824 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Globalization.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 001346048 _____ (Microsoft Corporation) C:\windows\system32\HoloSI.PCShell.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 001344512 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.Audio.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 001337856 _____ (Microsoft Corporation) C:\windows\system32\wpnapps.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 001335296 _____ (Microsoft Corporation) C:\windows\system32\MiracastReceiver.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 001312256 _____ (Microsoft Corporation) C:\windows\SysWOW64\msjet40.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 001307136 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.Audio.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 001306944 _____ (Microsoft Corporation) C:\windows\SysWOW64\ContentDeliveryManager.Utilities.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 001290192 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.Sensors.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 001284608 _____ (Microsoft Corporation) C:\windows\system32\werconcpl.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 001284608 _____ (Microsoft Corporation) C:\windows\system32\usermgr.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 001271296 _____ (Microsoft Corporation) C:\windows\system32\SEMgrSvc.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 001265152 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.Speech.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 001247232 _____ (Microsoft Corporation) C:\windows\SysWOW64\TokenBroker.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 001223168 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.FaceAnalysis.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 001195008 _____ (Microsoft Corporation) C:\windows\system32\sdengin2.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 001183744 _____ (Microsoft Corporation) C:\windows\system32\Windows.Security.Authentication.Web.Core.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 001159168 _____ (Microsoft Corporation) C:\windows\system32\MbaeApiPublic.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 001151816 _____ (Microsoft Corporation) C:\windows\system32\mfmpeg2srcsnk.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 001151304 _____ (Microsoft Corporation) C:\windows\system32\InputHost.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 001149712 _____ (Microsoft Corporation) C:\windows\system32\ApplyTrustOffline.exe
2020-07-14 19:58 - 2020-07-14 19:58 - 001125376 _____ (Microsoft Corporation) C:\windows\system32\CBDHSvc.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 001121792 _____ (Microsoft Corporation) C:\windows\system32\MrmCoreR.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 001100800 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Immersive.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 001086776 _____ (Microsoft Corporation) C:\windows\system32\Windows.Services.TargetedContent.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 001081344 _____ (Microsoft Corporation) C:\windows\system32\ShareHost.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 001077048 _____ (Microsoft Corporation) C:\windows\system32\hvax64.exe
2020-07-14 19:58 - 2020-07-14 19:58 - 001068544 _____ (Microsoft Corporation) C:\windows\system32\SettingSyncCore.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 001059840 _____ (Microsoft Corporation) C:\windows\system32\Windows.Networking.BackgroundTransfer.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 001055232 _____ (Microsoft Corporation) C:\windows\system32\Windows.AccountsControl.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 001048992 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 001028336 _____ (Microsoft Corporation) C:\windows\system32\Windows.Perception.Stub.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 001014784 _____ (Microsoft Corporation) C:\windows\SysWOW64\wpnapps.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 001009152 _____ (Microsoft Corporation) C:\windows\system32\StorSvc.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 001008960 _____ (Microsoft Corporation) C:\windows\system32\CloudExperienceHostCommon.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 001007616 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000995840 _____ (Microsoft Corporation) C:\windows\system32\EdgeManager.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000967680 _____ (Microsoft Corporation) C:\windows\system32\WebcamUi.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000958608 _____ (Microsoft Corporation) C:\windows\system32\AppContracts.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000950272 _____ (Microsoft Corporation) C:\windows\system32\rasapi32.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000949760 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.Ocr.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000945176 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.Sensors.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000931840 _____ (Microsoft Corporation) C:\windows\system32\Windows.Internal.Management.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000922624 _____ (Microsoft Corporation) C:\windows\system32\Windows.Management.Service.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000919880 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000917504 _____ (Microsoft Corporation) C:\windows\system32\Windows.Security.Authentication.OnlineId.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000913408 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Search.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000912896 _____ (Microsoft Corporation) C:\windows\SysWOW64\MiracastReceiver.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000904192 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.SmartCards.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000899584 _____ (Microsoft Corporation) C:\windows\system32\MdmDiagnostics.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000898048 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Immersive.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000895600 _____ (Microsoft Corporation) C:\windows\SysWOW64\MrmCoreR.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000892928 _____ (Microsoft Corporation) C:\windows\SysWOW64\MbaeApiPublic.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000891392 _____ (Microsoft Corporation) C:\windows\system32\HolographicExtensions.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000889416 _____ (Microsoft Corporation) C:\windows\system32\Windows.Internal.Shell.Broker.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000882184 _____ (Microsoft Corporation) C:\windows\system32\wer.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000882176 _____ (Microsoft Corporation) C:\windows\SysWOW64\ShareHost.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000875008 _____ (Microsoft Corporation) C:\windows\SysWOW64\rasapi32.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000867840 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000865280 _____ (Microsoft Corporation) C:\windows\system32\efswrt.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000848384 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000844096 _____ (Microsoft Corporation) C:\windows\SysWOW64\CloudExperienceHostCommon.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000827904 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.Import.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000822200 _____ (Microsoft Corporation) C:\windows\system32\fontdrvhost.exe
2020-07-14 19:58 - 2020-07-14 19:58 - 000821232 _____ (Microsoft Corporation) C:\windows\system32\windows.applicationmodel.datatransfer.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000815616 _____ (Microsoft Corporation) C:\windows\SysWOW64\WebcamUi.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000814080 _____ (Microsoft Corporation) C:\windows\SysWOW64\SettingSyncCore.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000809984 _____ (Microsoft Corporation) C:\windows\system32\Windows.Gaming.Input.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000797448 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000793320 _____ (Microsoft Corporation) C:\windows\SysWOW64\InputHost.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000783488 _____ (Microsoft Corporation) C:\windows\system32\tcblaunch.exe
2020-07-14 19:58 - 2020-07-14 19:58 - 000782848 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000779080 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Services.TargetedContent.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000778872 _____ (Microsoft Corporation) C:\windows\SysWOW64\AppContracts.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000750592 _____ (Microsoft Corporation) C:\windows\system32\ActivationManager.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000750080 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000742712 _____ (Microsoft Corporation) C:\windows\system32\LicensingWinRT.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000737792 _____ (Microsoft Corporation) C:\windows\system32\Windows.System.Launcher.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000733184 _____ (Microsoft Corporation) C:\windows\system32\windows.immersiveshell.serviceprovider.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000727040 _____ (Microsoft Corporation) C:\windows\system32\agentactivationruntime.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000722072 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000717824 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.AccountsControl.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000716288 _____ (Microsoft Corporation) C:\windows\system32\agentactivationruntimewindows.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000701440 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Mirage.Internal.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000695208 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000692224 _____ (Microsoft Corporation) C:\windows\system32\LockController.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000689664 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Search.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000687104 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.Ocr.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000685384 _____ (Microsoft Corporation) C:\windows\SysWOW64\wer.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000684864 _____ (Microsoft Corporation) C:\windows\system32\SHCore.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000678720 _____ (Microsoft Corporation) C:\windows\system32\StructuredQuery.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000673448 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontdrvhost.exe
2020-07-14 19:58 - 2020-07-14 19:58 - 000669184 _____ (Microsoft Corporation) C:\windows\SysWOW64\EdgeManager.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000656696 _____ (Microsoft Corporation) C:\windows\system32\Drivers\spaceport.sys
2020-07-14 19:58 - 2020-07-14 19:58 - 000653824 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Internal.Management.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000651264 _____ (Microsoft Corporation) C:\windows\system32\DevicesFlowBroker.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000639488 _____ (Microsoft Corporation) C:\windows\system32\twinapi.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000638464 _____ (Microsoft Corporation) C:\windows\system32\twinui.appcore.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000630784 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.AllJoyn.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000628416 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000628024 _____ (Microsoft Corporation) C:\windows\SysWOW64\LicensingWinRT.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000624640 _____ (Microsoft Corporation) C:\windows\system32\TileDataRepository.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000616960 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.LowLevel.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000614912 _____ (Microsoft Corporation) C:\windows\SysWOW64\efswrt.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000614912 _____ (Microsoft Corporation) C:\windows\system32\netprofmsvc.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000608256 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.SmartCards.Phone.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000605896 _____ (Microsoft Corporation) C:\windows\system32\sechost.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000602112 _____ (Microsoft Corporation) C:\windows\system32\Windows.Payments.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000600064 _____ (Microsoft Corporation) C:\windows\SysWOW64\ActivationManager.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000596992 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000594992 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Perception.Stub.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000593408 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000584704 _____ (Microsoft Corporation) C:\windows\system32\PlayToManager.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000582056 _____ (Microsoft Corporation) C:\windows\SysWOW64\windows.applicationmodel.datatransfer.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000570368 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.Import.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000565248 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Gaming.Input.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000550400 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2020-07-14 19:58 - 2020-07-14 19:58 - 000549048 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.MediaControl.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000544256 _____ (Microsoft Corporation) C:\windows\system32\usosvc.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000542288 _____ (Microsoft Corporation) C:\windows\SysWOW64\StructuredQuery.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000540672 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.SmartCards.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000538664 _____ (Microsoft Corporation) C:\windows\SysWOW64\SHCore.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000534016 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000533504 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000526848 _____ (Microsoft Corporation) C:\windows\system32\Windows.Graphics.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000524784 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.Enumeration.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000522240 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.System.Launcher.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000521728 _____ (Microsoft Corporation) C:\windows\system32\WinBioDataModel.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000518656 _____ (Microsoft Corporation) C:\windows\system32\ncsi.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000518464 _____ (Microsoft Corporation) C:\windows\system32\WerFault.exe
2020-07-14 19:58 - 2020-07-14 19:58 - 000513024 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinapi.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000513024 _____ (Microsoft Corporation) C:\windows\system32\Windows.Data.Activities.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000512000 _____ (Microsoft Corporation) C:\windows\system32\Windows.Cortana.Desktop.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000502784 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinui.appcore.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000502784 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.WiFiDirect.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000501760 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.LockScreen.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000497664 _____ (Microsoft Corporation) C:\windows\system32\werui.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000495616 _____ (Microsoft Corporation) C:\windows\system32\RTMediaFrame.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000490496 _____ (Microsoft Corporation) C:\windows\system32\profsvc.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000484352 _____ (Microsoft Corporation) C:\windows\system32\MixedReality.Broker.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000478296 _____ (Microsoft Corporation) C:\windows\SysWOW64\sechost.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000477184 _____ (Microsoft Corporation) C:\windows\system32\CloudDomainJoinDataModelServer.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000476160 _____ (Microsoft Corporation) C:\windows\system32\MicrosoftAccountWAMExtension.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000475136 _____ (Microsoft Corporation) C:\windows\system32\Geolocation.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000467960 _____ (Microsoft Corporation) C:\windows\system32\Faultrep.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000467456 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.Picker.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000467456 _____ (Microsoft Corporation) C:\windows\system32\modernexecserver.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000466432 _____ (Microsoft Corporation) C:\windows\system32\Windows.Graphics.Printing.Workflow.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000462848 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000461112 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000458240 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.ConversationalAgent.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000456704 _____ (Microsoft Corporation) C:\windows\system32\upnphost.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000453944 _____ (Microsoft Corporation) C:\windows\SysWOW64\WerFault.exe
2020-07-14 19:58 - 2020-07-14 19:58 - 000452096 _____ (Microsoft Corporation) C:\windows\SysWOW64\TileDataRepository.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000444416 _____ (Microsoft Corporation) C:\windows\system32\fhsettingsprovider.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000444416 _____ (Microsoft Corporation) C:\windows\system32\edgeIso.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000442368 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.AllJoyn.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000442096 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.MediaControl.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000434176 _____ (Microsoft Corporation) C:\windows\system32\MicrosoftAccountExtension.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000432128 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.Midi.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000432128 _____ (Microsoft Corporation) C:\windows\system32\WalletService.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000430592 _____ (Microsoft Corporation) C:\windows\SysWOW64\werui.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000419328 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Graphics.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000419328 _____ (Microsoft Corporation) C:\windows\system32\Windows.Networking.NetworkOperators.ESim.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000416768 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.Usb.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000416768 _____ (Microsoft Corporation) C:\windows\system32\RDXTaskFactory.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000412672 _____ (Microsoft Corporation) C:\windows\system32\AboveLockAppHost.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000411640 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.Devices.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000411136 _____ (Microsoft Corporation) C:\windows\SysWOW64\PlayToManager.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000410112 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.SmartCards.Phone.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000406992 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.Enumeration.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000406992 _____ (Microsoft Corporation) C:\windows\system32\tsmf.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000405944 _____ (Microsoft Corporation) C:\windows\SysWOW64\Faultrep.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000403968 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Payments.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000399672 _____ (Microsoft Corporation) C:\windows\system32\SystemSettings.DataModel.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000397824 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.Lights.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000395264 _____ (Microsoft Corporation) C:\windows\system32\Windows.Gaming.Preview.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000392504 _____ (Microsoft Corporation) C:\windows\system32\CloudExperienceHost.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000388096 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.LowLevel.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000387584 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000382976 _____ (Microsoft Corporation) C:\windows\system32\nlasvc.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000381152 _____ (Microsoft Corporation) C:\windows\system32\CredentialEnrollmentManager.exe
2020-07-14 19:58 - 2020-07-14 19:58 - 000380224 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000375296 _____ (Microsoft Corporation) C:\windows\system32\Windows.System.Diagnostics.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000374272 _____ (Microsoft Corporation) C:\windows\system32\PickerPlatform.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000371712 _____ (Microsoft Corporation) C:\windows\SysWOW64\Geolocation.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000361472 _____ (Microsoft Corporation) C:\windows\system32\vaultsvc.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000361472 _____ (Microsoft Corporation) C:\windows\system32\QuickActionsDataModel.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000358912 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.WiFiDirect.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000355840 _____ (Microsoft Corporation) C:\windows\system32\wpnclient.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000355840 _____ (Microsoft Corporation) C:\windows\system32\WaaSMedicSvc.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000355328 _____ (Microsoft Corporation) C:\windows\system32\ConsoleLogon.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000354816 _____ (Microsoft Corporation) C:\windows\SysWOW64\RTMediaFrame.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000353792 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrd3x40.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000352256 _____ (Microsoft Corporation) C:\windows\system32\APHostService.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000345560 _____ (Microsoft Corporation) C:\windows\SysWOW64\tsmf.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\AboveLockAppHost.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000340328 _____ (Microsoft Corporation) C:\windows\system32\Windows.Storage.ApplicationData.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000338944 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.Picker.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000335360 _____ (Microsoft Corporation) C:\windows\SysWOW64\MicrosoftAccountWAMExtension.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000334336 _____ (Microsoft Corporation) C:\windows\system32\SettingsHandlers_Cortana.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000329728 _____ (Microsoft Corporation) C:\windows\SysWOW64\upnphost.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000328192 _____ (Microsoft Corporation) C:\windows\SysWOW64\edgeIso.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000327168 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000327168 _____ (Microsoft Corporation) C:\windows\system32\windows.internal.shellcommon.shareexperience.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000324096 _____ (Microsoft Corporation) C:\windows\SysWOW64\win32k.sys
2020-07-14 19:58 - 2020-07-14 19:58 - 000317440 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.Midi.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000316928 _____ (Microsoft Corporation) C:\windows\system32\SyncSettings.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000311608 _____ (Microsoft Corporation) C:\windows\system32\CloudExperienceHostBroker.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000311440 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.Devices.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000306688 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.CredDialogController.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000295936 _____ (Microsoft Corporation) C:\windows\system32\TDLMigration.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000293888 _____ (Microsoft Corporation) C:\windows\system32\CXHProvisioningServer.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000293376 _____ (Microsoft Corporation) C:\windows\SysWOW64\wpnclient.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000292864 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.System.Diagnostics.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000290304 _____ (Microsoft Corporation) C:\windows\system32\vaultcli.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000287744 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Gaming.Preview.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000285184 _____ (Microsoft Corporation) C:\windows\system32\WaaSMedicCapsule.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000283648 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Networking.NetworkOperators.ESim.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000283136 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.AppDefaults.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000281600 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.HumanInterfaceDevice.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000280576 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.Usb.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000275968 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.Lights.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000274432 _____ (Microsoft Corporation) C:\windows\system32\Windows.Security.Authentication.Identity.Provider.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000272384 _____ (Microsoft Corporation) C:\windows\SysWOW64\PickerPlatform.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000268552 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Storage.ApplicationData.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000266552 _____ (Microsoft Corporation) C:\windows\SysWOW64\SystemSettings.DataModel.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000265728 _____ (Microsoft Corporation) C:\windows\system32\netman.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000261632 _____ (Microsoft Corporation) C:\windows\system32\bthprops.cpl
2020-07-14 19:58 - 2020-07-14 19:58 - 000260288 _____ (Microsoft Corporation) C:\windows\system32\logoncli.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000256000 _____ (Microsoft Corporation) C:\windows\SysWOW64\ConsoleLogon.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000248832 _____ (Microsoft Corporation) C:\windows\system32\PasswordEnrollmentManager.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000247864 _____ (Microsoft Corporation) C:\windows\system32\weretw.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000243200 _____ (Microsoft Corporation) C:\windows\system32\SystemEventsBrokerServer.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000242688 _____ (Microsoft Corporation) C:\windows\system32\CapabilityAccessManagerClient.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000241152 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.CredDialogController.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000240640 _____ (Microsoft Corporation) C:\windows\system32\dialclient.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000239928 _____ (Microsoft Corporation) C:\windows\system32\Windows.Management.Workplace.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000237056 _____ (Microsoft Corporation) C:\windows\system32\Windows.Internal.CapturePicker.Desktop.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000237056 _____ (Microsoft Corporation) C:\windows\system32\psmsrv.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000237056 _____ (Microsoft Corporation) C:\windows\system32\pku2u.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000231424 _____ (Microsoft Corporation) C:\windows\system32\HoloShellRuntime.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000228864 _____ (Microsoft Corporation) C:\windows\system32\wersvc.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000228864 _____ (Microsoft Corporation) C:\windows\system32\netprofm.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000227840 _____ (Microsoft Corporation) C:\windows\SysWOW64\SyncSettings.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000224768 _____ (Microsoft Corporation) C:\windows\system32\DWWIN.EXE
2020-07-14 19:58 - 2020-07-14 19:58 - 000220992 _____ (Microsoft Corporation) C:\windows\system32\wermgr.exe
2020-07-14 19:58 - 2020-07-14 19:58 - 000220672 _____ (Microsoft Corporation) C:\windows\system32\MtcModel.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000219136 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000217600 _____ (Microsoft Corporation) C:\windows\SysWOW64\bthprops.cpl
2020-07-14 19:58 - 2020-07-14 19:58 - 000217600 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Core.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000215552 _____ (Microsoft Corporation) C:\windows\system32\UserDeviceRegistration.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000215040 _____ (Microsoft Corporation) C:\windows\system32\PeopleBand.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000215040 _____ (Microsoft Corporation) C:\windows\system32\DiagSvc.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000211256 _____ (Microsoft Corporation) C:\windows\system32\tcbloader.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000210944 _____ (Microsoft Corporation) C:\windows\system32\ErrorDetails.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000206336 _____ (Microsoft Corporation) C:\windows\system32\useractivitybroker.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000204608 _____ (Microsoft Corporation) C:\windows\system32\Drivers\spacedump.sys
2020-07-14 19:58 - 2020-07-14 19:58 - 000200704 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Internal.Input.ExpressiveInput.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000199496 _____ (Microsoft Corporation) C:\windows\SysWOW64\wermgr.exe
2020-07-14 19:58 - 2020-07-14 19:58 - 000196096 _____ (Microsoft Corporation) C:\windows\SysWOW64\pku2u.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000195584 _____ (Microsoft Corporation) C:\windows\system32\AarSvc.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000193600 _____ (Microsoft Corporation) C:\windows\SysWOW64\weretw.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000190056 _____ (Microsoft Corporation) C:\windows\SysWOW64\logoncli.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000188928 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000188928 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000186880 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWWIN.EXE
2020-07-14 19:58 - 2020-07-14 19:58 - 000186368 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000183808 _____ (Microsoft Corporation) C:\windows\system32\Windows.Energy.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000180224 _____ (Microsoft Corporation) C:\windows\system32\dialserver.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000179712 _____ (Microsoft Corporation) C:\windows\system32\SettingsHandlers_Clipboard.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000179512 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2020-07-14 19:58 - 2020-07-14 19:58 - 000179200 _____ (Microsoft Corporation) C:\windows\system32\PrintWorkflowService.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000179200 _____ (Microsoft Corporation) C:\windows\system32\easwrt.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000179200 _____ (Microsoft Corporation) C:\windows\system32\AppExtension.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000178688 _____ (Microsoft Corporation) C:\windows\system32\Windows.Internal.Graphics.Display.DisplayEnhancementManagement.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000176952 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Management.Workplace.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\HoloShellRuntime.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\dialclient.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000172032 _____ (Microsoft Corporation) C:\windows\system32\Windows.Internal.CapturePicker.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000165840 _____ (Microsoft Corporation) C:\windows\system32\WerFaultSecure.exe
2020-07-14 19:58 - 2020-07-14 19:58 - 000165376 _____ (Microsoft Corporation) C:\windows\splwow64.exe
2020-07-14 19:58 - 2020-07-14 19:58 - 000162816 _____ (Microsoft Corporation) C:\windows\SysWOW64\ErrorDetails.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000162304 _____ (Microsoft Corporation) C:\windows\SysWOW64\UserDeviceRegistration.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000160768 _____ (Microsoft Corporation) C:\windows\SysWOW64\CapabilityAccessManagerClient.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000159744 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Core.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000157184 _____ (Microsoft Corporation) C:\windows\system32\PrintWSDAHost.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000152064 _____ (Microsoft Corporation) C:\windows\SysWOW64\useractivitybroker.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000151552 _____ (Microsoft Corporation) C:\windows\system32\fdWSD.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000151040 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.SerialCommunication.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000150336 _____ (Microsoft Corporation) C:\windows\SysWOW64\WerFaultSecure.exe
2020-07-14 19:58 - 2020-07-14 19:58 - 000147968 _____ (Microsoft Corporation) C:\windows\system32\Family.Client.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000146232 _____ (Microsoft Corporation) C:\windows\system32\ResourcePolicyServer.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000144384 _____ (Microsoft Corporation) C:\windows\system32\AppointmentActivation.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000143360 _____ (Microsoft Corporation) C:\windows\SysWOW64\easwrt.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000141312 _____ (Microsoft Corporation) C:\windows\SysWOW64\PrintWorkflowService.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000140800 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Energy.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000133632 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Internal.Graphics.Display.DisplayEnhancementManagement.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000133632 _____ (Microsoft Corporation) C:\windows\SysWOW64\AppExtension.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000132608 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Storage.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000132408 _____ (Microsoft Corporation) C:\windows\system32\offlinelsa.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000131584 _____ (Microsoft Corporation) C:\windows\system32\DevicePairingExperienceMEM.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000131072 _____ (Microsoft Corporation) C:\windows\system32\CredDialogBroker.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000130560 _____ (Microsoft Corporation) C:\windows\system32\StorageUsage.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000129536 _____ (Microsoft Corporation) C:\windows\system32\CameraCaptureUI.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000128512 _____ (Microsoft Corporation) C:\windows\system32\CaptureService.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000127488 _____ (Microsoft Corporation) C:\windows\SysWOW64\fdWSD.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000127064 _____ (Microsoft Corporation) C:\windows\system32\win32u.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000125952 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000124928 _____ (Microsoft Corporation) C:\windows\system32\wercplsupport.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000121856 _____ (Microsoft Corporation) C:\windows\SysWOW64\PrintWSDAHost.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000118784 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000118272 _____ (Microsoft Corporation) C:\windows\system32\EaseOfAccessDialog.exe
2020-07-14 19:58 - 2020-07-14 19:58 - 000115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\AppointmentActivation.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000112128 _____ (Microsoft Corporation) C:\windows\system32\AxInstSv.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000110040 _____ (Microsoft Corporation) C:\windows\system32\Windows.Security.Credentials.UI.CredentialPicker.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000107520 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.SerialCommunication.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000105984 _____ (Microsoft Corporation) C:\windows\system32\utcutil.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000100864 _____ (Microsoft Corporation) C:\windows\system32\sethc.exe
2020-07-14 19:58 - 2020-07-14 19:58 - 000100864 _____ (Microsoft Corporation) C:\windows\system32\Family.Authentication.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000100352 _____ (Microsoft Corporation) C:\windows\system32\DiagnosticInvoker.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000099328 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000094720 _____ (Microsoft Corporation) C:\windows\SysWOW64\CameraCaptureUI.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000094208 _____ (Microsoft Corporation) C:\windows\SysWOW64\EaseOfAccessDialog.exe
2020-07-14 19:58 - 2020-07-14 19:58 - 000093184 _____ (Microsoft Corporation) C:\windows\system32\nlaapi.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000092672 _____ (Microsoft Corporation) C:\windows\system32\wsqmcons.exe
2020-07-14 19:58 - 2020-07-14 19:58 - 000091648 _____ (Microsoft Corporation) C:\windows\system32\Windows.Internal.Graphics.Display.DisplayColorManagement.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000090624 _____ (Microsoft Corporation) C:\windows\system32\keyiso.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000089600 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000089328 _____ (Microsoft Corporation) C:\windows\SysWOW64\win32u.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000089088 _____ (Microsoft Corporation) C:\windows\system32\WaaSMedicAgent.exe
2020-07-14 19:58 - 2020-07-14 19:58 - 000086272 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Security.Credentials.UI.CredentialPicker.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000083456 _____ (Microsoft Corporation) C:\windows\system32\SystemUWPLauncher.exe
2020-07-14 19:58 - 2020-07-14 19:58 - 000082432 _____ (Microsoft Corporation) C:\windows\system32\LocationFrameworkInternalPS.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000081408 _____ (Microsoft Corporation) C:\windows\system32\Print.Workflow.Source.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000079360 _____ (Microsoft Corporation) C:\windows\SysWOW64\sethc.exe
2020-07-14 19:58 - 2020-07-14 19:58 - 000076952 _____ (Microsoft Corporation) C:\windows\system32\CredentialEnrollmentManagerForUser.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000075776 _____ (Microsoft Corporation) C:\windows\SysWOW64\DiagnosticInvoker.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000071168 _____ (Microsoft Corporation) C:\windows\system32\MiracastReceiverExt.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000070248 _____ (Microsoft Corporation) C:\windows\system32\ResourcePolicyClient.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000068096 _____ (Microsoft Corporation) C:\windows\system32\udhisapi.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000066560 _____ (Microsoft Corporation) C:\windows\SysWOW64\keyiso.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000066048 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Internal.Graphics.Display.DisplayColorManagement.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000065536 _____ (Microsoft Corporation) C:\windows\system32\iemigplugin.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000064512 _____ (Microsoft Corporation) C:\windows\SysWOW64\SystemUWPLauncher.exe
2020-07-14 19:58 - 2020-07-14 19:58 - 000063488 _____ (Microsoft Corporation) C:\windows\SysWOW64\iemigplugin.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000063488 _____ (Microsoft Corporation) C:\windows\system32\tsgqec.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\Print.Workflow.Source.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000060928 _____ (Microsoft Corporation) C:\windows\system32\mf3216.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000060416 _____ (Microsoft Corporation) C:\windows\system32\AxInstUI.exe
2020-07-14 19:58 - 2020-07-14 19:58 - 000058368 _____ (Microsoft Corporation) C:\windows\SysWOW64\udhisapi.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000058368 _____ (Microsoft Corporation) C:\windows\SysWOW64\MiracastReceiverExt.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000052152 _____ (Microsoft Corporation) C:\windows\SysWOW64\ResourcePolicyClient.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\tsgqec.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000046080 _____ (Microsoft Corporation) C:\windows\SysWOW64\mf3216.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000045056 _____ (Microsoft Corporation) C:\windows\system32\npmproxy.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000044544 _____ (Microsoft Corporation) C:\windows\system32\werdiagcontroller.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000040960 _____ (Microsoft Corporation) C:\windows\system32\upnpcont.exe
2020-07-14 19:58 - 2020-07-14 19:58 - 000040248 _____ (Microsoft Corporation) C:\windows\system32\LocationFrameworkPS.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000038912 _____ (Microsoft Corporation) C:\windows\SysWOW64\werdiagcontroller.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000037376 _____ (Microsoft Corporation) C:\windows\system32\UIMgrBroker.exe
2020-07-14 19:58 - 2020-07-14 19:58 - 000035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\upnpcont.exe
2020-07-14 19:58 - 2020-07-14 19:58 - 000029696 _____ (Microsoft Corporation) C:\windows\system32\SystemEventsBrokerClient.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000029696 _____ (Microsoft Corporation) C:\windows\system32\nlmproxy.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000028672 _____ (Microsoft Corporation) C:\windows\system32\WaaSMedicPS.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000026112 _____ (Microsoft Corporation) C:\windows\system32\PrintWorkflowProxy.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000024064 _____ (Microsoft Corporation) C:\windows\system32\CSystemEventsBrokerClient.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000021504 _____ (Microsoft Corporation) C:\windows\SysWOW64\SystemEventsBrokerClient.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000017408 _____ (Microsoft Corporation) C:\windows\system32\nlmsprep.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000016896 _____ (Microsoft Corporation) C:\windows\SysWOW64\PrintWorkflowProxy.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000016896 _____ (Microsoft Corporation) C:\windows\system32\Windows.Graphics.Printing.Workflow.Native.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000014336 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000013824 _____ (Microsoft Corporation) C:\windows\system32\UIManagerBrokerps.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000012288 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Graphics.Printing.Workflow.Native.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000011776 _____ (Microsoft Corporation) C:\windows\SysWOW64\dciman32.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000008192 _____ (Microsoft Corporation) C:\windows\system32\msimg32.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\msimg32.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000003072 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000002560 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6r.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000002560 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000002560 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll
2020-07-14 19:58 - 2020-07-14 19:58 - 000000315 _____ C:\windows\system32\DrtmAuth9.bin
2020-07-14 19:58 - 2020-07-14 19:58 - 000000315 _____ C:\windows\system32\DrtmAuth8.bin
2020-07-14 19:58 - 2020-07-14 19:58 - 000000315 _____ C:\windows\system32\DrtmAuth7.bin
2020-07-14 19:58 - 2020-07-14 19:58 - 000000315 _____ C:\windows\system32\DrtmAuth6.bin
2020-07-14 19:58 - 2020-07-14 19:58 - 000000315 _____ C:\windows\system32\DrtmAuth5.bin
2020-07-14 19:58 - 2020-07-14 19:58 - 000000315 _____ C:\windows\system32\DrtmAuth4.bin
2020-07-14 19:58 - 2020-07-14 19:58 - 000000315 _____ C:\windows\system32\DrtmAuth3.bin
2020-07-14 19:58 - 2020-07-14 19:58 - 000000315 _____ C:\windows\system32\DrtmAuth2.bin
2020-07-14 19:58 - 2020-07-14 19:58 - 000000315 _____ C:\windows\system32\DrtmAuth12.bin
2020-07-14 19:58 - 2020-07-14 19:58 - 000000315 _____ C:\windows\system32\DrtmAuth11.bin
2020-07-14 19:58 - 2020-07-14 19:58 - 000000315 _____ C:\windows\system32\DrtmAuth10.bin
2020-07-14 19:58 - 2020-07-14 19:58 - 000000315 _____ C:\windows\system32\DrtmAuth1.bin
2020-07-14 19:54 - 2020-06-30 00:32 - 000390656 _____ (Microsoft Corporation) C:\windows\SysWOW64\poqexec.exe
2020-07-14 19:54 - 2020-06-30 00:26 - 000492544 _____ (Microsoft Corporation) C:\windows\system32\poqexec.exe
2020-07-12 23:24 - 2020-08-01 15:45 - 000000000 ____D C:\Users\hidde\AppData\Local\CrashDumps
2020-07-08 20:30 - 2020-07-08 20:30 - 000003936 _____ C:\windows\system32\Tasks\CCleaner Update
2020-07-08 20:30 - 2020-07-08 20:30 - 000002888 _____ C:\windows\system32\Tasks\CCleanerSkipUAC
2020-07-08 20:30 - 2020-07-08 20:30 - 000000870 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-07-08 20:30 - 2020-07-08 20:30 - 000000870 _____ C:\ProgramData\Desktop\CCleaner.lnk
2020-07-08 20:30 - 2020-07-08 20:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2020-07-08 20:29 - 2020-07-08 20:30 - 000000000 ____D C:\Program Files\CCleaner
2020-07-07 02:45 - 2020-07-31 21:10 - 000000000 ____D C:\Users\hidde\OneDrive\Documents\Bandicam
2020-07-05 21:09 - 2020-08-01 09:46 - 000000803 _____ C:\Users\hidde\AppData\Roaming\mainhst.zgh
2020-07-05 20:39 - 2020-07-22 02:03 - 000000000 ____D C:\Users\hidde\AppData\Roaming\ZipGenius
2020-07-05 20:39 - 2020-07-05 20:39 - 000001239 _____ C:\Users\Public\Desktop\ZipGenius 6.lnk
2020-07-05 20:39 - 2020-07-05 20:39 - 000001239 _____ C:\ProgramData\Desktop\ZipGenius 6.lnk
2020-07-05 20:39 - 2020-07-05 20:39 - 000001101 _____ C:\Users\Public\Desktop\CZIP 2 Opener.lnk
2020-07-05 20:39 - 2020-07-05 20:39 - 000001101 _____ C:\ProgramData\Desktop\CZIP 2 Opener.lnk
2020-07-05 20:39 - 2020-07-05 20:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZipGenius 6
2020-07-05 20:38 - 2020-07-05 20:39 - 000000000 ____D C:\Program Files (x86)\ZipGenius 6
2020-07-02 21:32 - 2020-07-02 21:32 - 000000000 ___SD C:\Users\hidde\OneDrive\Documents\My Web Sites
2020-07-02 21:31 - 2020-07-02 21:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Expression
2020-07-02 21:31 - 2020-07-02 21:31 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2020-07-02 21:31 - 2008-07-12 08:18 - 003851784 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_39.dll
2020-07-02 21:30 - 2020-07-02 21:31 - 000000000 ____D C:\Program Files (x86)\Microsoft Expression
2020-07-02 19:03 - 2020-07-31 20:12 - 000000000 ____D C:\Users\hidde\AppData\Roaming\IDMComp
2020-07-02 19:03 - 2020-07-02 19:03 - 000000000 ____D C:\Users\hidde\OneDrive\Documents\IDM Computer Solutions
2020-07-02 19:03 - 2020-07-02 19:03 - 000000000 ____D C:\ProgramData\IDMComp
2020-07-02 18:36 - 2020-07-02 19:37 - 000000000 ____D C:\Users\hidde\AppData\Local\TextCrawler
2020-07-02 18:36 - 2020-07-02 18:36 - 000000000 ____D C:\Users\hidde\AppData\Roaming\IsolatedStorage
2020-07-02 18:36 - 2020-07-02 18:36 - 000000000 ____D C:\ProgramData\IsolatedStorage
2020-07-02 18:21 - 2020-07-02 18:21 - 000000000 ____D C:\Users\hidde\AppData\Local\ZZZ_Projects
2020-07-02 17:59 - 2020-07-02 18:33 - 000000000 ____D C:\Program Files\Notepad++
2020-07-02 12:04 - 2020-07-30 20:39 - 000000000 ____D C:\_MyStuff
2020-07-02 12:00 - 2020-07-02 12:00 - 000001550 _____ C:\Users\hidde\Desktop\Where are my files.lnk
2020-07-02 02:46 - 2020-07-02 02:48 - 000000013 _____ C:\windows\SysWOW64\WinSys32.crc
2020-07-02 02:44 - 2020-07-02 18:34 - 000000000 ____D C:\Users\hidde\AppData\Roaming\CoffeeCup Software
2020-07-02 02:15 - 2020-07-02 02:15 - 000000000 ____D C:\Users\hidde\AppData\Roaming\Mozilla
2020-07-02 02:15 - 2020-07-02 02:15 - 000000000 ____D C:\Users\hidde\AppData\Roaming\kompozer.net
2020-07-02 02:15 - 2020-07-02 02:15 - 000000000 ____D C:\Users\hidde\AppData\Local\kompozer.net
2020-07-02 01:37 - 2020-07-08 20:31 - 000000000 ____D C:\Users\hidde\AppData\Roaming\CoreFTP
2020-07-02 01:36 - 2020-07-02 01:36 - 000000000 ____D C:\Users\hidde\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Core FTP (x64)
2020-07-02 01:36 - 2020-07-02 01:36 - 000000000 ____D C:\Program Files\CoreFTP

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-08-01 21:29 - 2019-03-19 00:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-08-01 21:28 - 2020-02-23 15:39 - 000000000 ___RD C:\Users\hidde\OneDrive
2020-08-01 21:28 - 2020-02-23 15:37 - 000000000 __SHD C:\Users\hidde\IntelGraphicsProfiles
2020-08-01 21:28 - 2020-01-18 00:37 - 000000000 ____D C:\Intel
2020-08-01 21:28 - 2019-07-26 10:01 - 000000000 ____D C:\ProgramData\HP
2020-08-01 21:28 - 2019-04-15 11:38 - 000000006 ____H C:\windows\Tasks\SA.DAT
2020-08-01 21:28 - 2019-03-19 00:37 - 000786432 _____ C:\windows\system32\config\BBI
2020-08-01 21:27 - 2020-02-23 15:54 - 000000000 ____D C:\Users\hidde\AppData\Roaming\Hewlett-Packard
2020-08-01 21:27 - 2020-01-18 01:40 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2020-08-01 21:27 - 2019-07-26 10:01 - 000000000 ____D C:\Program Files (x86)\HP
2020-08-01 21:27 - 2019-07-16 14:46 - 000000000 ___HD C:\hp
2020-08-01 21:22 - 2020-05-13 22:16 - 000004168 _____ C:\windows\system32\Tasks\User_Feed_Synchronization-{C9F59EDC-3835-4392-9A6B-E6DA4D0B6E37}
2020-08-01 21:22 - 2019-03-19 00:52 - 000000000 ____D C:\windows\AppReadiness
2020-08-01 21:19 - 2019-04-15 11:38 - 000000000 ____D C:\windows\system32\SleepStudy
2020-08-01 15:53 - 2019-07-26 10:05 - 000846050 _____ C:\windows\system32\PerfStringBackup.INI
2020-08-01 15:53 - 2019-03-19 00:50 - 000000000 ____D C:\windows\INF
2020-07-31 21:10 - 2020-04-25 02:33 - 000000000 ____D C:\Users\hidde\AppData\Roaming\vlc
2020-07-31 20:38 - 2020-05-22 15:12 - 000000000 ____D C:\Users\hidde\AppData\Local\D3DSCache
2020-07-31 19:25 - 2020-04-28 12:11 - 000000000 ____D C:\Users\hidde\AppData\LocalLow\Temp
2020-07-31 19:23 - 2020-03-27 16:11 - 000002428 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-07-31 19:23 - 2020-03-27 16:11 - 000002266 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-07-31 19:23 - 2020-03-27 16:11 - 000002266 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2020-07-31 00:11 - 2019-03-19 00:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-07-30 20:53 - 2019-03-19 00:52 - 000000000 ___HD C:\windows\ELAMBKUP
2020-07-30 20:09 - 2020-02-23 20:09 - 000000000 ____D C:\Users\hidde\AppData\Local\HP_Inc
2020-07-30 19:44 - 2020-02-23 15:31 - 000000000 ____D C:\Users\hidde\AppData\Local\Packages
2020-07-30 06:04 - 2020-02-23 15:31 - 000002374 _____ C:\Users\hidde\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-07-29 15:58 - 2020-02-23 16:04 - 000000000 ____D C:\Users\hidde\OneDrive\Documents\Global
2020-07-28 20:51 - 2020-04-30 17:09 - 000000000 ____D C:\Users\hidde\AppData\Local\gtk-2.0
2020-07-28 20:51 - 2020-04-30 17:08 - 000000000 ____D C:\Users\hidde\AppData\Local\babl-0.1
2020-07-27 18:40 - 2020-03-01 20:19 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-07-27 18:40 - 2020-03-01 20:19 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-07-27 18:40 - 2020-03-01 20:19 - 000002267 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-07-24 19:31 - 2020-02-23 15:37 - 000000000 ____D C:\Users\hidde\AppData\Roaming\Adobe
2020-07-22 02:19 - 2020-02-23 15:31 - 000000000 ____D C:\Users\hidde
2020-07-21 15:55 - 2019-04-15 11:38 - 000520720 _____ C:\windows\system32\FNTCACHE.DAT
2020-07-20 13:57 - 2019-07-26 10:06 - 000002458 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2020-07-20 13:57 - 2019-07-26 10:06 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2020-07-20 13:57 - 2019-07-26 10:06 - 000002421 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2020-07-20 13:57 - 2019-07-26 10:06 - 000002420 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2020-07-20 13:57 - 2019-07-26 10:06 - 000002414 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2020-07-20 13:57 - 2019-07-26 10:06 - 000002408 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2020-07-20 13:56 - 2019-07-26 10:03 - 000000000 ____D C:\Program Files\Microsoft Office
2020-07-19 13:35 - 2019-03-19 00:52 - 000000000 ____D C:\windows\LiveKernelReports
2020-07-16 19:11 - 2019-03-19 00:52 - 000000000 ____D C:\windows\ServiceState
2020-07-16 19:09 - 2020-02-23 15:54 - 000000000 ____D C:\Users\hidde\AppData\Local\Publishers
2020-07-16 19:09 - 2020-02-23 15:42 - 000000000 ____D C:\Users\hidde\AppData\Local\PlaceholderTileLogoFolder
2020-07-16 19:09 - 2020-01-18 01:42 - 000000000 ____D C:\ProgramData\Packages
2020-07-14 20:04 - 2020-02-23 15:37 - 000000000 ___RD C:\Users\hidde\3D Objects
2020-07-14 20:04 - 2019-04-15 11:39 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-07-14 20:03 - 2019-03-19 00:52 - 000000000 ___SD C:\windows\system32\DiagSvcs
2020-07-14 20:03 - 2019-03-19 00:52 - 000000000 ____D C:\windows\SystemResources
2020-07-14 20:03 - 2019-03-19 00:52 - 000000000 ____D C:\windows\system32\oobe
2020-07-14 20:03 - 2019-03-19 00:52 - 000000000 ____D C:\windows\ShellExperiences
2020-07-14 20:03 - 2019-03-19 00:52 - 000000000 ____D C:\windows\bcastdvr
2020-07-14 20:03 - 2019-03-19 00:52 - 000000000 ____D C:\Program Files\Common Files\System
2020-07-14 20:00 - 2019-03-19 00:37 - 000000000 ____D C:\windows\CbsTemp
2020-07-12 00:27 - 2020-03-27 16:11 - 000003478 _____ C:\windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-07-12 00:27 - 2020-03-27 16:11 - 000003354 _____ C:\windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-07-11 12:17 - 2019-03-19 00:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-07-02 23:58 - 2020-05-16 18:22 - 000000000 ____D C:\Users\hidde\OneDrive\Documents\MISC
2020-07-02 15:50 - 2020-02-23 15:37 - 000000000 ____D C:\Users\hidde\AppData\Local\VirtualStore
2020-07-02 11:50 - 2020-04-25 02:16 - 000000000 ____D C:\Users\hidde\OneDrive\Documents\Cam

==================== Files in the root of some directories ========

2020-07-05 21:09 - 2020-08-01 09:46 - 000000803 _____ () C:\Users\hidde\AppData\Roaming\mainhst.zgh
2020-07-28 20:51 - 2020-07-28 20:51 - 000008654 _____ () C:\Users\hidde\AppData\Local\recently-used.xbel

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

 

 

Addition.txt

Link to post
Share on other sites

Hello hiddensecret,

Thanks for those logs. i want you to uninstall the following security programs, these programs have drivers and services running in the background and will not really help to keep your system stable...

HitmanPro 3.8
RogueKiller version 14.6.2.0
Spybot - Search & Destroy
SUPERAntiSpyware
UnHackMe 11.88
Zemana AntiMalware version 3.2.27

Download Revo Uninstaller Free Portable and save it to your Desktop from here: https://www.revouninstaller.com/download-free-portable.php
 

  • Right click on the folder and select Extract All..., then click Extract
  • Double click on the RevoUninstaller-Portable folder
  • Right click on RevoUPort and select Run as administrator
  • Click OK on the License Agreement
  • From the list of programs double click on the listed program(s), or anything similar, to remove it (if it exists)
 
Quote

HitmanPro 3.8
RogueKiller version 14.6.2.0
Spybot - Search & Destroy
SUPERAntiSpyware
UnHackMe 11.88
Zemana AntiMalware version 3.2.27


 
  • If the program's uninstaller appears work through the steps to remove the program(s)
  • Be sure the Advanced option is selected then click Scan
  • For each window that may appear identifying leftover items click Select All, Delete, then confirm the deletion
  • Once done click Finish, then reboot your computer

Next,

Please download the attached fixlist.txt file and save it to the Desktop or location where you ran FRST from.

NOTE. It's important that both files, FRST or FRST64, and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system that cannot be undone.

Run FRST or FRST64 and press the Fix button just once and wait.
If the tool needs a restart please make sure you let the system restart normally and let the tool complete its run after restart.
The tool will make a log on the Desktop (Fixlog.txt) or wherever you ran FRST from. Please attach or post it to your next reply.

Note: If the tool warned you about an outdated version please download and run the updated version.

NOTE-1 As part of this fix all temporary files will be removed. If you have any open web pages that have not been bookmarked please make sure you bookmark them now as all open applications will be automatically closed. Also, make sure you know the passwords for all websites as cookies will also be removed.

The following directories are emptied:
 
  • Windows Temp
  • Users Temp folders
  • Edge, IE, FF, Chrome and Opera caches, HTML5 storages, Cookies and History
  • Recently opened files cache
  • Flash Player cache
  • Java cache
  • Steam HTML cache
  • Explorer thumbnail and icon cache
  • BITS transfer queue (qmgr*.dat files)
  • Recycle Bin



Important: items are permanently deleted. They are not moved to quarantine. If you have any questions or concerns please ask before running this fix.

The system will be rebooted after the fix has run.

Next,

Download Sophos Free Virus Removal Tool and save it to your desktop.

If your security alerts to this scan either accept the alert or turn off your security to allow Sophos to run and complete.....

Please Do Not use your PC whilst the scan is in progress.... This scan is very thorough so may take several hours...
 
  • Double click the icon and select Run
  • Click Next
  • Select I accept the terms in this license agreement, then click Next twice
  • Click Install
  • Click Finish to launch the program
  • Once the virus database has been updated click Start Scanning
  • If any threats are found click Details, then View log file... (bottom left hand corner)
  • Copy and paste the results in your reply
  • Close the Notepad document, close the Threat Details screen, then click Start cleanup
  • Click Exit to close the program
  • If no threats were found please confirm that result....

Let me see those logs in your reply, also let me know if there are any remaining issues or concerns..

Thank you,

Kevin..

fixlist.txt

Link to post
Share on other sites

The issue is not resolved.

Fix result of Farbar Recovery Scan Tool (x64) Version: 02-08-2020
Ran by hidde (02-08-2020 12:32:59) Run:3
Running from C:\Users\hidde\OneDrive\Documents\_virus\2
Loaded Profiles: hidde
Boot Mode: Normal
==============================================

fixlist content:
*****************
CloseProcesses:
SystemRestore: On
CreateRestorePoint:
Task: {5100A477-348F-48CA-A0F9-BA0C7018AC24} - no filepath
Task: {D7FF19CE-FA5C-47AC-93BB-02DBD9E5C390} - no filepath
Task: {DF59B807-9ACD-4C7C-AF94-907D1921F1E5} - no filepath
S2 HP Comm Recover; "C:\Program Files\HPCommRecovery\HPCommRecovery.exe" [X]
S2 WildTangentHelper; "C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe" [X] 
S3 mfeavfk01; \Device\mfeavfk01.sys [X]
U0 Partizan; system32\drivers\Partizan.sys [X]
S3 WinRing0_1_2_0; \??\C:\windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_942053d68a2ba613\x64\OpenHardwareMonitorLib.sys [X]
S1 ZAM; \??\C:\windows\System32\drivers\zam64.sys [X] 
AlternateDataStreams: C:\Users\hidde\Downloads\HitmanPro_x64.exe:SmartScreen [7]
AlternateDataStreams: C:\Users\hidde\Downloads\MBSetup-009996.009996-consumer.exe:SmartScreen [7]
AlternateDataStreams: C:\Users\hidde\Downloads\SUPERAntiSpyware.exe:SmartScreen [7]
FirewallRules: [{E79A9B39-40AB-4370-9A40-B2318CF94F39}] => (Allow) LPort=810
FirewallRules: [{35617F2C-7EA4-414C-BD75-4E608332FFD8}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerREC\ApowerREC.exe => No File
FirewallRules: [{FCC6FA85-596F-4BDC-ABD4-601F85952AA2}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerREC\ApowerREC.exe => No File
FirewallRules: [{BB15C99D-C788-4E79-BA28-7574706F12F5}] => (Allow) C:\Users\hidde\AppData\Roaming\Zoom\bin\airhost.exe => No File
CMD: winmgmt /verifyrepository
Hosts:
EmptyTemp:

*****************

Processes closed successfully.
SystemRestore: On => completed
Restore point was successfully created.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5100A477-348F-48CA-A0F9-BA0C7018AC24}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D7FF19CE-FA5C-47AC-93BB-02DBD9E5C390}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DF59B807-9ACD-4C7C-AF94-907D1921F1E5}" => not found
HP Comm Recover => service not found.
WildTangentHelper => service not found.
mfeavfk01 => service not found.
Partizan => service not found.
WinRing0_1_2_0 => service not found.
ZAM => service not found.
"C:\Users\hidde\Downloads\HitmanPro_x64.exe" => ":SmartScreen" ADS not found.
"C:\Users\hidde\Downloads\MBSetup-009996.009996-consumer.exe" => ":SmartScreen" ADS not found.
"C:\Users\hidde\Downloads\SUPERAntiSpyware.exe" => ":SmartScreen" ADS not found.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E79A9B39-40AB-4370-9A40-B2318CF94F39}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{35617F2C-7EA4-414C-BD75-4E608332FFD8}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FCC6FA85-596F-4BDC-ABD4-601F85952AA2}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BB15C99D-C788-4E79-BA28-7574706F12F5}" => not found

========= winmgmt /verifyrepository =========

WMI repository is consistent

========= End of CMD: =========

C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 8440832 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 98584 B
Edge => 0 B
Chrome => 0 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 11410 B
NetworkService => 11410 B
hidde => 21096 B

RecycleBin => 5263 B
EmptyTemp: => 18.2 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 12:33:24 ====

 

2020-08-02 16:38:22.882    Sophos Virus Removal Tool version 2.8.0
2020-08-02 16:38:22.884    Copyright (c) 2009-2020 Sophos Limited. All rights reserved.

2020-08-02 16:38:22.885    This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.

2020-08-02 16:38:22.885    Windows version 6.2 SP 0.0  build 9200 SM=0x300 PT=0x1 WOW64
2020-08-02 16:38:22.885    Checking for updates...
2020-08-02 16:38:22.899    Update progress: proxy server not available
2020-08-02 16:38:30.923    Downloading updates...
2020-08-02 16:38:30.924    Update progress: [I96736] sdds.svrt_v1.18: adding primary package C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED baseVersion=1
2020-08-02 16:38:30.924    Update progress: [I95020] sdds.svrt_v1.18: looking for packages included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2020-08-02 16:38:30.924    Update progress: [I22529] sdds.svrt_v1.18: looking for supplements included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2020-08-02 16:38:30.924    Update progress: [V81533] SU::createCachedPackageSource creating cached package source for http://d2.sophosupd.com/update-B: url=SOPHOS
2020-08-02 16:38:30.925    Update progress: [V81533] SU::createCachedPackageSource creating http_source_specific_data to download customer file
2020-08-02 16:38:30.925    Update progress: [V81533] SU::createCachedPackageSource creating package source to download customer file
2020-08-02 16:38:30.925    Update progress: [V81533] SU::createCachedPackageSource creating cached package source
2020-08-02 16:38:30.925    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: catalogue/sdds.data0910.xml
2020-08-02 16:38:30.925    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: catalogue/sdds.data0910.xml: 94 ms
2020-08-02 16:38:30.925    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 4ae84629b1940c826c644d1534166ae5x000.xml: 3817 bytes
2020-08-02 16:38:30.925    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 4ae84629b1940c826c644d1534166ae5x000.xml: 47 ms
2020-08-02 16:38:30.925    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 5e0e04bd3fb237111ac812b28906092ex000.xml: 8673 bytes
2020-08-02 16:38:30.925    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 5e0e04bd3fb237111ac812b28906092ex000.xml: 31 ms
2020-08-02 16:38:30.926    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: IDE579/be72557af274465f55bb90d707222bcex000.xml: 590 bytes
2020-08-02 16:38:30.926    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: IDE579/be72557af274465f55bb90d707222bcex000.xml: 47 ms
2020-08-02 16:38:30.926    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: SXLSUP/9658bb75e4104455fe802645d41af3dax000.xml: 598 bytes
2020-08-02 16:38:30.926    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: SXLSUP/9658bb75e4104455fe802645d41af3dax000.xml: 47 ms
2020-08-02 16:38:30.926    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: IDE565/1ce171d7f5b9565065bf17a44774f0a1x000.xml: 601 bytes
2020-08-02 16:38:30.926    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: IDE565/1ce171d7f5b9565065bf17a44774f0a1x000.xml: 47 ms
2020-08-02 16:38:30.926    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: IDE569/248a1f9123c16937d1a142b9bd2a4596x000.xml: 601 bytes
2020-08-02 16:38:30.926    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: IDE569/248a1f9123c16937d1a142b9bd2a4596x000.xml: 47 ms
2020-08-02 16:38:30.926    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: IDE572/4ab07c00d79967fb6508f55710ec9b42x000.xml: 601 bytes
2020-08-02 16:38:30.926    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: IDE572/4ab07c00d79967fb6508f55710ec9b42x000.xml: 47 ms
2020-08-02 16:38:30.926    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: IDE577/55f0b0a4e526c2d0401e01357d48129ax000.xml: 601 bytes
2020-08-02 16:38:30.927    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: IDE577/55f0b0a4e526c2d0401e01357d48129ax000.xml: 78 ms
2020-08-02 16:38:30.927    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: IDE567/7b23de79c99d2127137bb3a2e2e9ab95x000.xml: 601 bytes
2020-08-02 16:38:30.927    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: IDE567/7b23de79c99d2127137bb3a2e2e9ab95x000.xml: 94 ms
2020-08-02 16:38:30.927    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: IDE573/7ba8e288e69480f63603dae9299d2bbfx000.xml: 601 bytes
2020-08-02 16:38:30.927    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: IDE573/7ba8e288e69480f63603dae9299d2bbfx000.xml: 78 ms
2020-08-02 16:38:30.927    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: IDE576/7ed1ad18698b36122cfd3eb25407d6e6x000.xml: 601 bytes
2020-08-02 16:38:30.927    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: IDE576/7ed1ad18698b36122cfd3eb25407d6e6x000.xml: 62 ms
2020-08-02 16:38:30.927    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: IDE568/848b908325eda99060171b6fb57a995dx000.xml: 601 bytes
2020-08-02 16:38:30.927    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: IDE568/848b908325eda99060171b6fb57a995dx000.xml: 141 ms
2020-08-02 16:38:30.927    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: IDE570/c4215464d25d3865903108d821935879x000.xml: 601 bytes
2020-08-02 16:38:30.927    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: IDE570/c4215464d25d3865903108d821935879x000.xml: 31 ms
2020-08-02 16:38:30.927    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: IDE574/ccfbc65ac586329407a2efa32e204976x000.xml: 601 bytes
2020-08-02 16:38:30.927    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: IDE574/ccfbc65ac586329407a2efa32e204976x000.xml: 125 ms
2020-08-02 16:38:30.927    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: IDE566/d051415c7c83e949b41461e8db404aedx000.xml: 601 bytes
2020-08-02 16:38:30.928    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: IDE566/d051415c7c83e949b41461e8db404aedx000.xml: 78 ms
2020-08-02 16:38:30.928    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: IDE571/edf129287364b01442832aa2cf0459d1x000.xml: 601 bytes
2020-08-02 16:38:30.928    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: IDE571/edf129287364b01442832aa2cf0459d1x000.xml: 94 ms
2020-08-02 16:38:30.928    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: IDE575/f655ae2aebfe5da4ab6db868c674ba43x000.xml: 601 bytes
2020-08-02 16:38:30.928    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: IDE575/f655ae2aebfe5da4ab6db868c674ba43x000.xml: 78 ms
2020-08-02 16:38:30.928    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: IDE578/3045ee2115c99d8d17a37784dfeae28ax000.xml: 4520 bytes
2020-08-02 16:38:30.928    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: IDE578/3045ee2115c99d8d17a37784dfeae28ax000.xml: 31 ms
2020-08-02 16:38:30.928    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 155b3a95d5b0e4846854a9243c74ddcdx000.xml: 615 bytes
2020-08-02 16:38:30.928    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 155b3a95d5b0e4846854a9243c74ddcdx000.xml: 47 ms
2020-08-02 16:38:30.928    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 7053105889eb8d37f0ff3e14e00cb32ex000.xml: 320 bytes
2020-08-02 16:38:30.928    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 7053105889eb8d37f0ff3e14e00cb32ex000.xml: 62 ms
2020-08-02 16:38:30.928    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 0c458d84352f35f2b272f8b87e9f9576x000.xml: 753 bytes
2020-08-02 16:38:30.929    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 0c458d84352f35f2b272f8b87e9f9576x000.xml: 32 ms
2020-08-02 16:38:30.929    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 5c7f0eec8cb5f488397216dcfb7e98e8x000.xml: 331 bytes
2020-08-02 16:38:30.929    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 5c7f0eec8cb5f488397216dcfb7e98e8x000.xml: 47 ms
2020-08-02 16:38:30.929    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 32f2c03993b8d3414be5d9d714792de3x000.xml: 1027 bytes
2020-08-02 16:38:30.929    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 32f2c03993b8d3414be5d9d714792de3x000.xml: 47 ms
2020-08-02 16:38:30.929    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 13ff2225063d88f220fa6841f37c8371x000.xml: 338 bytes
2020-08-02 16:38:30.929    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 13ff2225063d88f220fa6841f37c8371x000.xml: 31 ms
2020-08-02 16:38:30.929    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 6af07560e7f7cbe00e191bfa0abee6e0x000.xml: 1027 bytes
2020-08-02 16:38:30.930    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 6af07560e7f7cbe00e191bfa0abee6e0x000.xml: 47 ms
2020-08-02 16:38:30.930    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 76f3567164278171cca28fc8121461d1x000.xml: 338 bytes
2020-08-02 16:38:30.930    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 76f3567164278171cca28fc8121461d1x000.xml: 31 ms
2020-08-02 16:38:30.930    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 6c3ddc48c2d025297a730e04edc5f3b2x000.xml: 1027 bytes
2020-08-02 16:38:30.930    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 6c3ddc48c2d025297a730e04edc5f3b2x000.xml: 110 ms
2020-08-02 16:38:30.930    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 85126464fb11fca22421b7a21742a6adx000.xml: 338 bytes
2020-08-02 16:38:30.930    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 85126464fb11fca22421b7a21742a6adx000.xml: 31 ms
2020-08-02 16:38:30.930    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: d48b68b7041bde7c1484c5cb94897672x000.xml: 1027 bytes
2020-08-02 16:38:30.930    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: d48b68b7041bde7c1484c5cb94897672x000.xml: 47 ms
2020-08-02 16:38:30.930    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 28bb8eb241a254452f85129686b027e5x000.xml: 338 bytes
2020-08-02 16:38:30.930    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 28bb8eb241a254452f85129686b027e5x000.xml: 47 ms
2020-08-02 16:38:30.930    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 78c5bd6e43890df1ecf3457a9b5a5dd1x000.xml: 1027 bytes
2020-08-02 16:38:30.930    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 78c5bd6e43890df1ecf3457a9b5a5dd1x000.xml: 31 ms
2020-08-02 16:38:30.930    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 2302ad75630d4b58cca278062b8b5de4x000.xml: 338 bytes
2020-08-02 16:38:30.930    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 2302ad75630d4b58cca278062b8b5de4x000.xml: 47 ms
2020-08-02 16:38:30.930    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 985d7fdf3a8062434d72516f5baed879x000.xml: 1027 bytes
2020-08-02 16:38:30.930    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 985d7fdf3a8062434d72516f5baed879x000.xml: 63 ms
2020-08-02 16:38:30.930    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: aa703f2a2b1a92c90674ad451a16034cx000.xml: 338 bytes
2020-08-02 16:38:30.930    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: aa703f2a2b1a92c90674ad451a16034cx000.xml: 47 ms
2020-08-02 16:38:30.930    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 2a074ff18c7f3222667dc2edfa46e75fx000.xml: 1027 bytes
2020-08-02 16:38:30.930    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 2a074ff18c7f3222667dc2edfa46e75fx000.xml: 31 ms
2020-08-02 16:38:30.930    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 9bb8aeca1b234665832ec72c609610cex000.xml: 338 bytes
2020-08-02 16:38:30.931    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 9bb8aeca1b234665832ec72c609610cex000.xml: 31 ms
2020-08-02 16:38:30.931    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: aa6f963652fadc6cdeff28b207423ccbx000.xml: 1027 bytes
2020-08-02 16:38:30.931    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: aa6f963652fadc6cdeff28b207423ccbx000.xml: 47 ms
2020-08-02 16:38:30.931    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 2604e1b742f72c5b2358230ceb552befx000.xml: 338 bytes
2020-08-02 16:38:30.931    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 2604e1b742f72c5b2358230ceb552befx000.xml: 94 ms
2020-08-02 16:38:30.931    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 87666e9540b89546868b55d119c7b029x000.xml: 1027 bytes
2020-08-02 16:38:30.932    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 87666e9540b89546868b55d119c7b029x000.xml: 47 ms
2020-08-02 16:38:30.932    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 332f16f3f32467ddbe44773d18577bccx000.xml: 338 bytes
2020-08-02 16:38:30.932    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 332f16f3f32467ddbe44773d18577bccx000.xml: 219 ms
2020-08-02 16:38:30.932    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: d237963bb731cbdbc601999032c52b9fx000.xml: 1027 bytes
2020-08-02 16:38:30.932    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: d237963bb731cbdbc601999032c52b9fx000.xml: 46 ms
2020-08-02 16:38:30.932    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: f69ad668e95e36fbcf54a28cc37044bax000.xml: 338 bytes
2020-08-02 16:38:30.932    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: f69ad668e95e36fbcf54a28cc37044bax000.xml: 63 ms
2020-08-02 16:38:30.932    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: f22440c76fa98b33be36804ffa922b99x000.xml: 1027 bytes
2020-08-02 16:38:30.932    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: f22440c76fa98b33be36804ffa922b99x000.xml: 47 ms
2020-08-02 16:38:30.932    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 677c6984b6b0fcb32a84bb4f05a2e35ax000.xml: 338 bytes
2020-08-02 16:38:30.932    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 677c6984b6b0fcb32a84bb4f05a2e35ax000.xml: 78 ms
2020-08-02 16:38:30.932    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: a13db9de3890166bfd908f854b655c37x000.xml: 1027 bytes
2020-08-02 16:38:30.932    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: a13db9de3890166bfd908f854b655c37x000.xml: 31 ms
2020-08-02 16:38:30.932    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: fc4049d7c7119b0048a7d49548ad3f97x000.xml: 338 bytes
2020-08-02 16:38:30.932    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: fc4049d7c7119b0048a7d49548ad3f97x000.xml: 94 ms
2020-08-02 16:38:30.932    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 7009c81b29e1d232da816176e143ae49x000.xml: 1027 bytes
2020-08-02 16:38:30.933    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 7009c81b29e1d232da816176e143ae49x000.xml: 78 ms
2020-08-02 16:38:30.933    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 51d6e7beb10ae1cf1b534f59c6e58e86x000.xml: 338 bytes
2020-08-02 16:38:30.933    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 51d6e7beb10ae1cf1b534f59c6e58e86x000.xml: 78 ms
2020-08-02 16:38:30.933    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 6a4dbd479797e9c84995bda5021edca2x000.xml: 877 bytes
2020-08-02 16:38:30.933    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 6a4dbd479797e9c84995bda5021edca2x000.xml: 31 ms
2020-08-02 16:38:30.933    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: ab0f4d9f097ae5257cdc66d89cf8ae45x000.xml: 336 bytes
2020-08-02 16:38:30.933    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: ab0f4d9f097ae5257cdc66d89cf8ae45x000.xml: 32 ms
2020-08-02 16:38:30.933    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 39d5f3cd129f1e56c473cd8dee55185cx000.xml: 877 bytes
2020-08-02 16:38:30.933    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 39d5f3cd129f1e56c473cd8dee55185cx000.xml: 31 ms
2020-08-02 16:38:30.933    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 241ac14c8c9e3e517ad2928dcc084babx000.xml: 336 bytes
2020-08-02 16:38:30.933    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 241ac14c8c9e3e517ad2928dcc084babx000.xml: 32 ms
2020-08-02 16:38:30.933    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 1a75ff8ea76de557a60f568b54ca44c2x000.xml: 877 bytes
2020-08-02 16:38:30.933    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 1a75ff8ea76de557a60f568b54ca44c2x000.xml: 31 ms
2020-08-02 16:38:30.933    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 0c883b31b0e1ab23671c133d6e3abdb1x000.xml: 336 bytes
2020-08-02 16:38:30.933    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 0c883b31b0e1ab23671c133d6e3abdb1x000.xml: 31 ms
2020-08-02 16:38:30.933    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 82685b34616812b1476c9a0d428bcdd3x000.xml: 877 bytes
2020-08-02 16:38:30.934    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 82685b34616812b1476c9a0d428bcdd3x000.xml: 31 ms
2020-08-02 16:38:30.934    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 9052615c646f80ae286397be2fdd11bex000.xml: 336 bytes
2020-08-02 16:38:30.934    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 9052615c646f80ae286397be2fdd11bex000.xml: 31 ms
2020-08-02 16:38:30.934    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 53d76a3f3f0363dc0dcec8deb5df0821x000.xml: 877 bytes
2020-08-02 16:38:30.934    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 53d76a3f3f0363dc0dcec8deb5df0821x000.xml: 32 ms
2020-08-02 16:38:30.934    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: b2532ed50924a5c705ed5fdd110900c7x000.xml: 336 bytes
2020-08-02 16:38:30.934    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: b2532ed50924a5c705ed5fdd110900c7x000.xml: 31 ms
2020-08-02 16:38:30.934    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 0039a46e8d89e6f43d1bde25d14576bdx000.xml: 877 bytes
2020-08-02 16:38:30.934    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 0039a46e8d89e6f43d1bde25d14576bdx000.xml: 32 ms
2020-08-02 16:38:30.934    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: d5ff1afb30e8819002be7f1cfd202b74x000.xml: 336 bytes
2020-08-02 16:38:30.934    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: d5ff1afb30e8819002be7f1cfd202b74x000.xml: 31 ms
2020-08-02 16:38:30.934    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 8a7503358977cc6cff1b7375e9a71c6ax000.xml: 877 bytes
2020-08-02 16:38:30.934    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 8a7503358977cc6cff1b7375e9a71c6ax000.xml: 31 ms
2020-08-02 16:38:30.934    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: c3f5abd0851d2738711cd2954c83af6ax000.xml: 336 bytes
2020-08-02 16:38:30.934    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: c3f5abd0851d2738711cd2954c83af6ax000.xml: 31 ms
2020-08-02 16:38:30.934    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: e1a25cb17ed2206d1ea7816af9af6c83x000.xml: 877 bytes
2020-08-02 16:38:30.934    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: e1a25cb17ed2206d1ea7816af9af6c83x000.xml: 31 ms
2020-08-02 16:38:30.934    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: fc8c952f7e10a7e0c9778a58328f738cx000.xml: 336 bytes
2020-08-02 16:38:30.934    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: fc8c952f7e10a7e0c9778a58328f738cx000.xml: 32 ms
2020-08-02 16:38:30.935    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 2ca6eb5ee4d7920c04f83d4f862cf679x000.xml: 1027 bytes
2020-08-02 16:38:30.935    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 2ca6eb5ee4d7920c04f83d4f862cf679x000.xml: 31 ms
2020-08-02 16:38:30.935    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: dfa689c02884be7caf653783772890ebx000.xml: 336 bytes
2020-08-02 16:38:30.935    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: dfa689c02884be7caf653783772890ebx000.xml: 32 ms
2020-08-02 16:38:30.935    Update progress: [I49502] sdds.data0910.xml: found supplement IDE577 LATEST path= baseVersion= [included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=]
2020-08-02 16:38:30.935    Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE577 LATEST path=
2020-08-02 16:38:30.935    Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE577 LATEST path=
2020-08-02 16:38:30.935    Update progress: [I49502] sdds.data0910.xml: found supplement IDE578 LATEST path= baseVersion= [included from product IDE577 LATEST path=]
2020-08-02 16:38:30.935    Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE578 LATEST path=
2020-08-02 16:38:30.935    Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE578 LATEST path=
2020-08-02 16:38:30.935    Update progress: [I49502] sdds.data0910.xml: found supplement IDE579 LATEST path= baseVersion= [included from product IDE578 LATEST path=]
2020-08-02 16:38:30.935    Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE579 LATEST path=
2020-08-02 16:38:30.935    Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE579 LATEST path=
2020-08-02 16:38:30.935    Update progress: [I19463] Syncing product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2020-08-02 16:38:30.935    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 66576692d59fc6bca90a40009920c658x000.xml: 57194 bytes
2020-08-02 16:38:30.935    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 66576692d59fc6bca90a40009920c658x000.xml: 172 ms
2020-08-02 16:38:30.935    Update progress: [I19463] Product download size 172271185 bytes
2020-08-02 16:38:32.018    Option all = no
2020-08-02 16:38:32.018    Option recurse = yes
2020-08-02 16:38:32.018    Option archive = no
2020-08-02 16:38:32.018    Option service = yes
2020-08-02 16:38:32.018    Option confirm = yes
2020-08-02 16:38:32.018    Option sxl = yes
2020-08-02 16:38:32.018    Option max-data-age = 35
2020-08-02 16:38:32.018    Option vdl-logging = yes
2020-08-02 16:38:32.024    Customer ID:    094260ca9b3af99f9d4a3909fc47a743
2020-08-02 16:38:32.024    Machine ID:    3f91c280386d413b813df0001aee7f06
2020-08-02 16:38:32.032    Component SVRTcli.exe version 2.8.0
2020-08-02 16:38:32.033    Component control.dll version 2.8.0
2020-08-02 16:38:32.033    Component SVRTservice.exe version 2.8.0
2020-08-02 16:38:32.033    Component engine\osdp.dll version 1.44.1.2490
2020-08-02 16:38:32.033    Component engine\veex.dll version 3.79.0.2490
2020-08-02 16:38:32.033    Component engine\savi.dll version 9.0.20.2490
2020-08-02 16:38:32.034    Component rkdisk.dll version 1.5.33.1
2020-08-02 16:38:32.035    Version info:    Product version    2.8.0
2020-08-02 16:38:32.035    Version info:    Detection engine    3.79.0
2020-08-02 16:38:32.035    Version info:    Detection data    5.76
2020-08-02 16:38:32.035    Version info:    Build date    6/23/2020
2020-08-02 16:38:32.035    Version info:    Data files added    264
2020-08-02 16:38:32.035    Version info:    Last successful update    (not yet updated)
2020-08-02 16:38:39.853    Update progress: [I19463] Syncing product IDE577 LATEST path=
2020-08-02 16:38:39.853    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: de685a791066b4c3c2aad0c0f5ee0a97x000.xml: 41318 bytes
2020-08-02 16:38:39.853    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: de685a791066b4c3c2aad0c0f5ee0a97x000.xml: 125 ms
2020-08-02 16:38:39.853    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 2f2c1f0c9eca07e699c7fa437d8e2a31x000.xml: 397 bytes
2020-08-02 16:38:39.853    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 2f2c1f0c9eca07e699c7fa437d8e2a31x000.xml: 31 ms
2020-08-02 16:38:39.853    Update progress: [I19463] Product download size 2065013 bytes
2020-08-02 16:38:40.488    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 702ee878deb92e8f0d0b72869db68896x000.xml: 4823 bytes
2020-08-02 16:38:40.488    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 702ee878deb92e8f0d0b72869db68896x000.xml: 31 ms
2020-08-02 16:38:40.571    Update progress: [I19463] Syncing product IDE578 LATEST path=
2020-08-02 16:38:40.571    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: a419d1a5818942950a68d3b52ff7689ax000.xml: 24717 bytes
2020-08-02 16:38:40.571    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: a419d1a5818942950a68d3b52ff7689ax000.xml: 47 ms
2020-08-02 16:38:40.571    Update progress: [I19463] Product download size 1465400 bytes
2020-08-02 16:38:40.981    Update progress: [I19463] Syncing product IDE579 LATEST path=
2020-08-02 16:38:40.981    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: f430c089bf466bb070b959d79391e4c2x000.xml: 124 bytes
2020-08-02 16:38:40.981    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: f430c089bf466bb070b959d79391e4c2x000.xml: 62 ms
2020-08-02 16:38:41.053    Installing updates...
2020-08-02 16:38:41.678    Error level 1
2020-08-02 16:38:51.215    Update successful
2020-08-02 16:38:57.501    Option all = no
2020-08-02 16:38:57.501    Option recurse = yes
2020-08-02 16:38:57.501    Option archive = no
2020-08-02 16:38:57.501    Option service = yes
2020-08-02 16:38:57.501    Option confirm = yes
2020-08-02 16:38:57.502    Option sxl = yes
2020-08-02 16:38:57.503    Option max-data-age = 35
2020-08-02 16:38:57.503    Option vdl-logging = yes
2020-08-02 16:38:57.509    Customer ID:    094260ca9b3af99f9d4a3909fc47a743
2020-08-02 16:38:57.509    Machine ID:    3f91c280386d413b813df0001aee7f06
2020-08-02 16:38:57.510    Component SVRTcli.exe version 2.8.0
2020-08-02 16:38:57.510    Component control.dll version 2.8.0
2020-08-02 16:38:57.510    Component SVRTservice.exe version 2.8.0
2020-08-02 16:38:57.511    Component engine\osdp.dll version 1.44.1.2490
2020-08-02 16:38:57.511    Component engine\veex.dll version 3.79.0.2490
2020-08-02 16:38:57.511    Component engine\savi.dll version 9.0.20.2490
2020-08-02 16:38:57.511    Component rkdisk.dll version 1.5.33.1
2020-08-02 16:38:57.512    Version info:    Product version    2.8.0
2020-08-02 16:38:57.512    Version info:    Detection engine    3.79.0
2020-08-02 16:38:57.512    Version info:    Detection data    5.76
2020-08-02 16:38:57.512    Version info:    Build date    6/23/2020
2020-08-02 16:38:57.512    Version info:    Data files added    265
2020-08-02 16:38:57.512    Version info:    Last successful update    8/2/2020 12:38:51 PM

2020-08-02 16:43:48.603    Could not open C:\hiberfil.sys
2020-08-02 16:43:54.563    Could not open C:\pagefile.sys
2020-08-02 16:46:50.533    Could not open C:\swapfile.sys
2020-08-02 16:46:51.001    Could not open C:\System Volume Information\{0597dd98-d4d9-11ea-81aa-e86f38d7ad9a}{3808876b-c176-4e48-b7ae-04046e6cc752}
2020-08-02 16:46:51.001    Could not open C:\System Volume Information\{0597ddb1-d4d9-11ea-81aa-e86f38d7ad9a}{3808876b-c176-4e48-b7ae-04046e6cc752}
2020-08-02 16:46:51.001    Could not open C:\System Volume Information\{0597dddb-d4d9-11ea-81aa-e86f38d7ad9a}{3808876b-c176-4e48-b7ae-04046e6cc752}
2020-08-02 16:46:51.001    Could not open C:\System Volume Information\{0597de03-d4d9-11ea-81aa-e86f38d7ad9a}{3808876b-c176-4e48-b7ae-04046e6cc752}
2020-08-02 16:46:51.001    Could not open C:\System Volume Information\{0597de15-d4d9-11ea-81aa-e86f38d7ad9a}{3808876b-c176-4e48-b7ae-04046e6cc752}
2020-08-02 16:46:51.001    Could not open C:\System Volume Information\{0597de21-d4d9-11ea-81aa-e86f38d7ad9a}{3808876b-c176-4e48-b7ae-04046e6cc752}
2020-08-02 16:46:51.001    Could not open C:\System Volume Information\{0597de31-d4d9-11ea-81aa-e86f38d7ad9a}{3808876b-c176-4e48-b7ae-04046e6cc752}
2020-08-02 16:46:51.001    Could not open C:\System Volume Information\{0597de40-d4d9-11ea-81aa-e86f38d7ad9a}{3808876b-c176-4e48-b7ae-04046e6cc752}
2020-08-02 16:46:51.001    Could not open C:\System Volume Information\{0597de57-d4d9-11ea-81aa-e86f38d7ad9a}{3808876b-c176-4e48-b7ae-04046e6cc752}
2020-08-02 16:46:51.001    Could not open C:\System Volume Information\{0597de69-d4d9-11ea-81aa-e86f38d7ad9a}{3808876b-c176-4e48-b7ae-04046e6cc752}
2020-08-02 16:46:51.001    Could not open C:\System Volume Information\{0597de7a-d4d9-11ea-81aa-e86f38d7ad9a}{3808876b-c176-4e48-b7ae-04046e6cc752}
2020-08-02 16:46:51.001    Could not open C:\System Volume Information\{0597de89-d4d9-11ea-81aa-e86f38d7ad9a}{3808876b-c176-4e48-b7ae-04046e6cc752}
2020-08-02 16:46:51.001    Could not open C:\System Volume Information\{0597de98-d4d9-11ea-81aa-e86f38d7ad9a}{3808876b-c176-4e48-b7ae-04046e6cc752}
2020-08-02 16:46:51.001    Could not open C:\System Volume Information\{0597dead-d4d9-11ea-81aa-e86f38d7ad9a}{3808876b-c176-4e48-b7ae-04046e6cc752}
2020-08-02 16:46:51.001    Could not open C:\System Volume Information\{0597debc-d4d9-11ea-81aa-e86f38d7ad9a}{3808876b-c176-4e48-b7ae-04046e6cc752}
2020-08-02 16:46:51.001    Could not open C:\System Volume Information\{0597deca-d4d9-11ea-81aa-e86f38d7ad9a}{3808876b-c176-4e48-b7ae-04046e6cc752}
2020-08-02 16:46:51.001    Could not open C:\System Volume Information\{11c05ae0-d388-11ea-819d-e86f38d7ad9a}{3808876b-c176-4e48-b7ae-04046e6cc752}
2020-08-02 16:46:51.001    Could not open C:\System Volume Information\{208bdb13-d09b-11ea-8198-e86f38d7ad9a}{3808876b-c176-4e48-b7ae-04046e6cc752}
2020-08-02 16:46:51.001    Could not open C:\System Volume Information\{246ab19c-cb8c-11ea-8197-e86f38d7ad9a}{3808876b-c176-4e48-b7ae-04046e6cc752}
2020-08-02 16:46:51.001    Could not open C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}
2020-08-02 16:46:51.001    Could not open C:\System Volume Information\{48f34dfe-d4db-11ea-81ab-e86f38d7ad9a}{3808876b-c176-4e48-b7ae-04046e6cc752}
2020-08-02 16:46:51.001    Could not open C:\System Volume Information\{6f73a0d3-d45f-11ea-81a6-e86f38d7ad9a}{3808876b-c176-4e48-b7ae-04046e6cc752}
2020-08-02 16:46:51.001    Could not open C:\System Volume Information\{6f73aa36-d45f-11ea-81a6-e86f38d7ad9a}{3808876b-c176-4e48-b7ae-04046e6cc752}
2020-08-02 16:46:51.001    Could not open C:\System Volume Information\{6f73aa4a-d45f-11ea-81a6-e86f38d7ad9a}{3808876b-c176-4e48-b7ae-04046e6cc752}
2020-08-02 16:46:51.001    Could not open C:\System Volume Information\{6f73aa5d-d45f-11ea-81a6-e86f38d7ad9a}{3808876b-c176-4e48-b7ae-04046e6cc752}
2020-08-02 16:46:51.001    Could not open C:\System Volume Information\{95d52300-d4d7-11ea-81a7-e86f38d7ad9a}{3808876b-c176-4e48-b7ae-04046e6cc752}
2020-08-02 16:46:51.001    Could not open C:\System Volume Information\{a0c68492-c8a3-11ea-8196-e86f38d7ad9a}{3808876b-c176-4e48-b7ae-04046e6cc752}
2020-08-02 16:46:51.001    Could not open C:\System Volume Information\{c06ba714-d42f-11ea-81a5-e86f38d7ad9a}{3808876b-c176-4e48-b7ae-04046e6cc752}
2020-08-02 16:46:51.001    Could not open C:\System Volume Information\{d409f21d-d2e3-11ea-819b-e86f38d7ad9a}{3808876b-c176-4e48-b7ae-04046e6cc752}
2020-08-02 16:46:51.001    Could not open C:\System Volume Information\{d409f28e-d2e3-11ea-819b-e86f38d7ad9a}{3808876b-c176-4e48-b7ae-04046e6cc752}
2020-08-02 16:46:51.001    Could not open C:\System Volume Information\{d409fd52-d2e3-11ea-819b-e86f38d7ad9a}{3808876b-c176-4e48-b7ae-04046e6cc752}
2020-08-02 16:46:51.001    Could not open C:\System Volume Information\{e13dffe1-d4dc-11ea-81ac-e86f38d7ad9a}{3808876b-c176-4e48-b7ae-04046e6cc752}
2020-08-02 16:46:51.001    Could not open C:\System Volume Information\{e13e0016-d4dc-11ea-81ac-e86f38d7ad9a}{3808876b-c176-4e48-b7ae-04046e6cc752}
2020-08-02 16:46:51.001    Could not open C:\System Volume Information\{fbc1ab54-d4d7-11ea-81a8-e86f38d7ad9a}{3808876b-c176-4e48-b7ae-04046e6cc752}
2020-08-02 16:46:51.001    Could not open C:\System Volume Information\{fbc1ab90-d4d7-11ea-81a8-e86f38d7ad9a}{3808876b-c176-4e48-b7ae-04046e6cc752}
2020-08-02 16:46:51.001    Could not open C:\System Volume Information\{fbc1abcc-d4d7-11ea-81a8-e86f38d7ad9a}{3808876b-c176-4e48-b7ae-04046e6cc752}
2020-08-02 16:48:47.010    Could not open C:\Users\hidde\AppData\Local\Microsoft\WindowsApps\AD2F1837.HPJumpStarts_v10z8vjag6ke6\HP.JumpStarts.exe
2020-08-02 16:48:47.010    Could not open C:\Users\hidde\AppData\Local\Microsoft\WindowsApps\AppleInc.Defaults.exe
2020-08-02 16:48:47.010    Could not open C:\Users\hidde\AppData\Local\Microsoft\WindowsApps\AppleInc.iTunes_nzyj5cx40ttqa\AppleInc.Defaults.exe
2020-08-02 16:48:47.010    Could not open C:\Users\hidde\AppData\Local\Microsoft\WindowsApps\AppleInc.iTunes_nzyj5cx40ttqa\AppleInc.MDCrashReportTool.exe
2020-08-02 16:48:47.010    Could not open C:\Users\hidde\AppData\Local\Microsoft\WindowsApps\AppleInc.iTunes_nzyj5cx40ttqa\iTunes.exe
2020-08-02 16:48:47.010    Could not open C:\Users\hidde\AppData\Local\Microsoft\WindowsApps\AppleInc.MDCrashReportTool.exe
2020-08-02 16:48:47.010    Could not open C:\Users\hidde\AppData\Local\Microsoft\WindowsApps\HP.JumpStarts.exe
2020-08-02 16:48:47.010    Could not open C:\Users\hidde\AppData\Local\Microsoft\WindowsApps\iTunes.exe
2020-08-02 16:48:47.010    Could not open C:\Users\hidde\AppData\Local\Microsoft\WindowsApps\Microsoft.DesktopAppInstaller_8wekyb3d8bbwe\python.exe
2020-08-02 16:48:47.010    Could not open C:\Users\hidde\AppData\Local\Microsoft\WindowsApps\Microsoft.DesktopAppInstaller_8wekyb3d8bbwe\python3.exe
2020-08-02 16:48:47.025    Could not open C:\Users\hidde\AppData\Local\Microsoft\WindowsApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
2020-08-02 16:48:47.025    Could not open C:\Users\hidde\AppData\Local\Microsoft\WindowsApps\Microsoft.SkypeApp_kzf8qxf38zg5c\Skype.exe
2020-08-02 16:48:47.025    Could not open C:\Users\hidde\AppData\Local\Microsoft\WindowsApps\MicrosoftEdge.exe
2020-08-02 16:48:47.025    Could not open C:\Users\hidde\AppData\Local\Microsoft\WindowsApps\python.exe
2020-08-02 16:48:47.025    Could not open C:\Users\hidde\AppData\Local\Microsoft\WindowsApps\python3.exe
2020-08-02 16:48:47.025    Could not open C:\Users\hidde\AppData\Local\Microsoft\WindowsApps\Skype.exe
2020-08-02 16:53:08.437    Could not open C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb
2020-08-02 16:53:08.437    Could not open C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
2020-08-02 16:53:09.734    Could not open C:\Windows\System32\config\BBI
2020-08-02 17:06:14.209    Error level 0

2020-08-02 17:26:59.856    Scan completed.
2020-08-02 17:26:59.856    

------------------------------------------------------------

 

 

 

 

 

 

Link to post
Share on other sites

Reset your router, instructons available at the following link:

http://setuprouter.com/networking/how-to-reset-your-router/

Follow those instructions very carefully.

Next,

Download and unzip DNSJumper to your Desktop, the tool is portable no installation necessary.

Tool can be downloaded here: http://www.sordum.org/downloads/?dns-jumper
 
  • Right click on Dnsjumper.exe and select "Run as Administrator" to start the tool, For XP just double click to run.
  • From the left hand pane select "Flush DNS"
  • From the main interface select the dropdown under "Choose a DNS Server"
  • From the list select either "Google Public DNS" or "Open DNS"
  • From the left hand pane select "Apply DNS"
When done re-boot your system, any change..?
Link to post
Share on other sites

user posted imageScan with Autoruns

Please download Sysinternals Autoruns from the following link: https://live.sysinternals.com/autoruns.exe save it to your desktop.

Note: If using Windows Vista, Windows 7, Windows 8/8.1 or Windows 10 then you also need to do the following:
 
  • Right-click on Autoruns.exe and select Properties
  • Click on the Compatibility tab
  • Under Privilege Level check the box next to Run this program as an administrator
  • Click on Apply then click OK
     
  • Double-click Autoruns.exe to run it.
  • Once it starts, please press the Esc key on your keyboard.
  • Now that scanning is stopped, click on the Options button at the top of the program and verify that the following are checked, if they are unchecked, check them:

    Hide empty locations
    Hide Windows entries

     
  • Click on the Options button at the top of the program and select Scan Options... then in the Autoruns Scan Options dialog enable/check the following two options:

    Verify code signatures
    Check VirusTotal.com

     
  • Once that's done click the Rescan button at the bottom of the Autoruns Scan Options dialog and this will start the scan again, this time let it finish.
  • When it's finished and says Ready. on the lower left of the program window, please click on the File button at the top of the program and select Save and save the file to your desktop and close Autoruns.
  • Right click on the file on your desktop that you just saved and hover your mouse over Send To and select Compressed (zipped) Folder
  • Attach the ZIP folder you just created to your next reply
Link to post
Share on other sites

Hiya hiddensecret,

Nothing of note in autruns log. It seems that you may have some type of autoconfig infection as all browsers are affected, usually FRST logs would show that issue. Run the following , see if the log shows us anything...

Please download MiniToolBox from here:

http://www.bleepingcomputer.com/download/minitoolbox/dl/65/

Transfer to sick PC save to desktop and run it.

Checkmark the following checkboxes:
 
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files
  • List Restore Points



Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
 

Thank you,

Kevin

Link to post
Share on other sites

Nothing of note in that log either, continue please:

Download attached fixlist.txt file (end of reply) and save it to the Desktop, or the folder you saved FRST into. "Do not open that file when running FRST fix"
NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

Open FRST and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt) or the folder it was ran from. Please post it to your reply.


Thanks,

Kevin

fixlist.txt

Link to post
Share on other sites

Apologies, have given fix with wrong syntax,

Download attached fixlist.txt file (end of reply) and save it to the Desktop, or the folder you saved FRST into. "Do not open that file when running FRST fix"
NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

Open FRST and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt) or the folder it was ran from. Please post it to your reply.

Next,

 
Download Kaspersky Virus Removal Tool (KVRT) from here: https://www.kaspersky.com/downloads/thank-you/free-virus-removal-tool and save to your Desktop.

Select the Windows Key and R Key together, the "Run" box should open.

user posted image

Drag and Drop KVRT.exe into the Run Box.

user posted image

C:\Users\{your user name}\DESKTOP\KVRT.exe will now show in the run box.

user posted image

add -dontcryptsupportinfo Note the space between KVRT.exe and -dontcryptsupportinfo

C:\Users\{your user name}\DESKTOP\KVRT.exe -dontcryptsupportinfo should now show in the Run box.

user posted image

That addendum to the run command is very important, when the scan does eventually complete the resultant report is normally encrypted, with the extra command it is saved as a readable file.

Reports are saved here C:\KVRT_data\Reports and look similar to this report_20200727_103821.klr Right click direct onto that report, select > open with > Notepad. Save that file and attach to your reply.


To start the scan select OK in the "Run" box.

user posted image

The Windows Protected your PC window will open, select "More Info"

user posted image

A new Window will open, select "Run anyway"

user posted image

A EULA window will open, tick both confirmation boxes then select "Accept"

user posted image

In the new window select "Change Parameters"

user posted image

In the new window ensure all selection boxes are ticked, then select "OK" The scan should now start...

user posted image

When complete if entries are found there will be options, if "Cure" is offered leave as is. For any other options change to "Delete" then select "Continue"

user posted image

When complete, or if nothing was found select "Close"

user posted image

Attach the report information as previously instructed....
 
Thanks,

Fixlist.txt

Edited by kevinf80
Link to post
Share on other sites

Nothing of note in those logs, this is frustrating for sure. Are the redirects still happening in all browsers.. Try the following:

 
Please read carefully and follow these steps.
  • Download TDSSKiller from here  http://support.kaspersky.com/downloads/utils/tdsskiller.exe and save it to your Desktop.
  • Doubleclick on user posted image to run the application.
  • The "Ready to scan" window will open, Click on "Change parameters"

    user posted image

     
  • Ensure all entries are Checkmarked under Additionl Options, Ensure all entries are Checkmarked under Objects to scan When Loaded Modules is checkmarked a re-boot will be offered, allow that to happen...

    user posted image

     
  • Continue after reboot select "Change Parameters" make sure entries are checkmarked and then Select "Start Scan"

    user posted image

     
  • If an infected file is detected, the default action will be Cure, click on Continue.

    user posted image

     
  • If a suspicious file is detected, the default action will be Skip, click on Continue.

    user posted image

     
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.

    user posted image

     
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

 
Edited by kevinf80
typing error
Link to post
Share on other sites

Hi Kevin, 

Sorry for the delayed update, but it was a crazy day at work.  When I restarted my laptop tonight (after yesterday's actions) the redirects stopped.  I am not sure why, but everything seems to be working fine today after using the Kaspersky removal tool process.  I truly appreciate all of your help.  I was about to give up on it.  You are awesome!!

Link to post
Share on other sites

Hiya hiddensecret,

Thanks for the update, good to hear your system is back to normal. Continue to clean up...

Uninstall the following program:

Sophos AV Also delete this folder if still present C:\ProgramData\Sophos

http://www.askvg.com/how-to-completely-uninstall-remove-a-software-program-in-windows-without-using-3rd-party-software/

Next,

Delete KVRT.exe from your Desktop or the folder it was saved to, also delete this folder: C:\KVRT_data

Next,

Right click on FRST here: C:\Users\hidde\OneDrive\Documents\_virus\2\FRST64.exe and rename uninstall.exe when complete right click on uninstall.exe and select "Run as Administrator"

If you do not see the .exe appended that is because file extensions are hidden, in that case just rename FRST64 to uninstall

That action will remove FRST and all created files and folders...

Next,

Remove all System Restore Points: https://www.tenforums.com/tutorials/33593-delete-system-restore-points-windows-10-a.html#option2

Create clean fresh Restore Point: http://www.thewindowsclub.com/create-system-restore-point

Run Windows Disk Clean Up Utility - https://neosmart.net/wiki/disk-cleanup/

From there you should be good to go...

Next,

Read the following links to fully understand PC Security and Best Practices, you may find them useful....

Answers to Common Security Questions and best Practices

Do I need a Registry Cleaner?

Take care and surf safe

Kevin... user posted image

 

Link to post
Share on other sites

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread.

Please review the following for Tips to help protect from infection

Thank you

 

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.