Jump to content


Photo

PC fixed now laptop canít log onto internet


  • Please log in to reply
8 replies to this topic

#1 Carlgrus

Carlgrus

    Advanced Member

  • Full Member
  • PipPipPip
  • 130 posts

Posted 11 February 2020 - 02:04 PM

Thank you for fixing my PC the other day, now my laptop at the office mysteriously can’t log onto the internet.  Here are the logs requested.  Thanks again, you are a magician.   Carl

 

Malwarebytes
www.malwarebytes.com
 
-Log Details-
Scan Date: 2/11/20
Scan Time: 2:45 PM
Log File: 07ff7304-4d07-11ea-af85-c8348e022bf6.json
 
-Software Information-
Version: 4.0.4.49
Components Version: 1.0.810
Update Package Version: 1.0.19056
License: Premium
 
-System Information-
OS: Windows 10 (Build 18362.628)
CPU: x64
File System: NTFS
User: DESKTOP-RA8BHB0\cruss
 
-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 301912
Threats Detected: 0
Threats Quarantined: 0
Time Elapsed: 1 min, 13 sec
 
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect
 
-Scan Details-
Process: 0
(No malicious items detected)
 
Module: 0
(No malicious items detected)
 
Registry Key: 0
(No malicious items detected)
 
Registry Value: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Data Stream: 0
(No malicious items detected)
 
Folder: 0
(No malicious items detected)
 
File: 0
(No malicious items detected)
 
Physical Sector: 0
(No malicious items detected)
 
WMI: 0
(No malicious items detected)
 
 
(end)
 
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-02-2020 02
Ran by cruss (administrator) on DESKTOP-RA8BHB0 (Microsoft Corporation Surface Laptop 3) (11-02-2020 14:48:49)
Running from C:\Users\cruss\OneDrive\Desktop\Spyware Utilities
Loaded Profiles: cruss (Available Profiles: cruss)
Platform: Windows 10 Pro Version 1909 18363.628 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
() [File not signed] C:\Program Files (x86)\ACT\Act for Windows\Act.Outlook64.Service.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(AVAST Software s.r.o. -> ) C:\Program Files\AVAST Software\Avast\AvastNM.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.5.245.0\AvastBrowserCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.5.245.0\AvastBrowserCrashHandler64.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Dashlane USA, Inc. -> Dashlane, Inc.) C:\Users\cruss\AppData\Roaming\Dashlane\Dashlane.exe
(Dashlane USA, Inc. -> Dashlane, Inc.) C:\Users\cruss\AppData\Roaming\Dashlane\DashlanePlugin.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\90.4.307\QtWebEngineProcess.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\90.4.307\QtWebEngineProcess.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\80.0.3987.18\remoting_host.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\80.0.3987.18\remoting_host.exe
(Informer Technologies, Inc.) [File not signed] C:\Program Files\Software Informer\softinfo.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_4a3ae74cfa6c37d6\esif_uf.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_1cc7b402747a872f\igfxCUIServiceN.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_1cc7b402747a872f\igfxEMN.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_99f3effa9b6e163f\IntelCpHDCPSvc.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\GoToAssist Remote Support Customer\1673\g2ax_comm_customer.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\GoToAssist Remote Support Customer\1673\g2ax_service.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\GoToAssist Remote Support Customer\1673\g2ax_system_customer.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\GoToAssist Remote Support Customer\1673\g2ax_user_customer.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL12.ACT7\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\cruss\AppData\Local\Microsoft\OneDrive\19.232.1124.0005\FileCoAuth.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\cruss\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\SurfaceService.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.BingNews_4.34.20074.0_x64__8wekyb3d8bbwe\Microsoft.Msn.News.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19081.22010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12430.20136.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12430.20136.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12001.1001.5.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_3.36.6003.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.20011.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft) [File not signed] C:\Program Files (x86)\ACT\Act for Windows\Act.Server.Host.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\hdxsstm2.inf_amd64_f027fc76f26abb05\RtkAudUService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\hdxsstm2.inf_amd64_f027fc76f26abb05\RtkAudUService64.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Sanford, L.P. -> Sanford, L.P.) C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe
(Smart Sound Technology -> Intel) C:\Windows\System32\cAVS\IAS\IntelAudioService.exe
(Sophos Limited -> Sophos Limited) C:\Program Files (x86)\Sophos\Clean\SophosCleanM.exe
(Sophos Limited -> Sophos Limited) C:\Program Files (x86)\Sophos\Health\SophosHealth.exe
(Sophos Limited -> Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe
(Sophos Limited -> Sophos Limited) C:\Program Files\Sophos\Safestore\SophosSafestore64.exe
(Sophos Limited -> Sophos Limited) C:\Program Files\Sophos\Sophos Network Threat Protection\SntpService.exe
(Sophos Ltd -> Sophos Limited) C:\Program Files (x86)\Common Files\Sophos\Web Intelligence\swi_fc.exe
(Sophos Ltd -> Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe
(Sophos Ltd -> Sophos Limited) C:\Program Files (x86)\Sophos\Management Communications System\Endpoint\McsAgent.exe
(Sophos Ltd -> Sophos Limited) C:\Program Files (x86)\Sophos\Management Communications System\Endpoint\McsClient.exe
(Sophos Ltd -> Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe
(Sophos Ltd -> Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe
(Sophos Ltd -> Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_filter.exe
(Sophos Ltd -> Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
(Sophos Ltd -> Sophos Limited) C:\Program Files\Sophos\Endpoint Defense\SEDService.exe
(Sophos Ltd -> Sophos Limited) C:\Program Files\Sophos\Endpoint Defense\SSPService.exe
(Sophos Ltd -> Sophos Limited) C:\Program Files\Sophos\Sophos File Scanner\SophosFileScanner.exe
(Sophos Ltd -> Sophos Limited) C:\Program Files\Sophos\Sophos File Scanner\SophosFileScanner.exe
(Sophos Ltd -> Sophos Limited) C:\Program Files\Sophos\Sophos File Scanner\SophosFS.exe
(Sophos Ltd -> SurfRight B.V.) C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
(Sophos Ltd -> SurfRight B.V.) C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
(Swiftpage ACT! LLC -> Swiftpage ACT! LLC) C:\Program Files (x86)\ACT\Act for Windows\Act!.exe
(Swiftpage ACT! LLC) [File not signed] C:\Program Files (x86)\ACT\Act for Windows\Act.Outlook.Service.exe
(TeamViewer GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
Failed to access process -> chrome.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> MicrosoftEdge.exe
Failed to access process -> MicrosoftEdgeCP.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtkAudUService] => C:\windows\System32\DriverStore\FileRepository\hdxsstm2.inf_amd64_f027fc76f26abb05\RtkAudUService64.exe [835872 2019-11-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [268680 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [6261760 2020-02-04] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [Act.Outlook.Service] => C:\Program Files (x86)\ACT\Act for Windows\Act.Outlook.Service.exe [18944 2017-09-24] (Swiftpage ACT! LLC) [File not signed]
HKLM-x32\...\Run: [Act.Outlook64.Service] => C:\Program Files (x86)\ACT\Act for Windows\Act.Outlook64.Service.exe [23552 2017-09-24] () [File not signed]
HKLM-x32\...\Run: [Act! Preloader] => C:\Program Files (x86)\ACT\Act for Windows\Act!.exe [272336 2019-10-01] (Swiftpage ACT! LLC -> Swiftpage ACT! LLC)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [6788032 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
HKLM-x32\...\Run: [Sophos Home UI] => C:\Program Files (x86)\Sophos\Sophos Home\SophosUI.exe [3630920 2020-01-15] (Sophos Ltd -> Sophos Limited)
HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\cruss\AppData\Local\Microsoft\Teams\Update.exe [1801840 2019-11-03] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Run: [Dashlane] => C:\Users\cruss\AppData\Roaming\Dashlane\Dashlane.exe [321536 2020-01-21] (Dashlane USA, Inc. -> Dashlane, Inc.)
HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Run: [DashlanePlugin] => C:\Users\cruss\AppData\Roaming\Dashlane\DashlanePlugin.exe [342528 2020-01-21] (Dashlane USA, Inc. -> Dashlane, Inc.)
HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Run: [AvastBrowserAutoLaunch_38E8DBE963846923F5008B0D528FC97A] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2015080 2019-11-04] (AVAST Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2019-10-25] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [68408 2019-10-25] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2019-10-25] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2019-10-25] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2019-10-25] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Run: [DymoQuickPrint] => C:\Program Files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe [1866544 2013-03-05] (Sanford, L.P. -> Sanford, L.P.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.87\Installer\chrmstp.exe [2020-02-06] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\77.2.2154.121\Installer\chrmstp.exe [2019-11-27] (AVAST Software s.r.o. -> AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Act! Integration.lnk [2019-11-03]
ShortcutTarget: Act! Integration.lnk -> C:\Program Files (x86)\ACT\Act for Windows\Act!.Integration.exe (Swiftpage ACT! LLC) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Snagit 9.lnk [2019-11-11]
ShortcutTarget: Snagit 9.lnk -> C:\Program Files (x86)\TechSmith\Snagit 9\Snagit32.exe (TechSmith Corporation -> TechSmith Corporation)
GroupPolicy: Restriction ? <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0565D503-41ED-405D-89F6-192A6930C1AA} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-11-03] (Dropbox, Inc -> Dropbox, Inc.)
Task: {07666173-3780-4E7D-8088-420A5C8E4109} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-11-03] (Google Inc -> Google LLC)
Task: {13A54AC0-0053-416B-89CD-E2E2787331A9} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [202392 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
Task: {197B9B27-3278-4BF3-A6BF-C1D9500E52CF} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24568904 2020-02-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {2699BFE8-133C-4FA4-A84E-38F20A0783BE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-11-03] (Google Inc -> Google LLC)
Task: {2A6199A1-F252-4C33-B4A4-5ECA328726AC} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [67896 2019-10-25] (Apple Inc. -> Apple Inc.)
Task: {2E8ABB52-80C1-4D48-AE5E-B37AB4F1E00A} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [6944304 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {33449590-A731-4A17-9083-5EA1A9E0D497} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [202392 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
Task: {368FEC66-27BD-41E3-BC1A-26BEBD11F6F7} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-11-03] (Dropbox, Inc -> Dropbox, Inc.)
Task: {47EF54CD-2D97-4406-8841-D4BDFBA251AC} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018616 2020-02-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {6A591A6D-BCD3-4CB4-8F1D-2D9FE4959393} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {6EB23BEE-7260-4989-90B1-C0B301287EE1} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2015080 2019-11-04] (AVAST Software s.r.o. -> AVAST Software)
Task: {7016C51D-5CC0-48AD-8F68-5038CE345B96} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158760 2020-02-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {7ACE9DAD-8BF7-4079-8594-9C959A60037E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {7DD42DBD-255C-47FC-B854-C045C60E1596} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2046040 2020-02-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {7E8BE533-885E-4635-BE76-93B3C41A65FA} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018616 2020-02-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {87BD8628-3366-49F5-ABFE-E10276366CA1} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1873288 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
Task: {8E6006E0-9E25-48F2-94F1-76A28B3DA319} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
Task: {93142CA3-3C0A-4BDB-8524-421373C6C6C2} - System32\Tasks\SoftwareInformerService => C:\Program Files\Software Informer\softinfo.exe [1689600 2018-01-31] (Informer Technologies, Inc.) [File not signed]
Task: {96B1C5BA-56E5-4ADD-B2F5-7621E9589006} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158760 2020-02-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {B39F47C6-C83B-49FD-9DD6-63F2EC5C7E16} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [7192192 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {C23E5BFD-9D64-4709-9493-C8F099A93292} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [7651984 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {CA7A5AF2-42EE-48B3-85F0-0BC677CFD4EB} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2015080 2019-11-04] (AVAST Software s.r.o. -> AVAST Software)
Task: {D6D8A6CE-4C04-44D7-9C6E-6280CB51EB4E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24568904 2020-02-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {F38202F4-04AF-48AD-9D41-659608E42722} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3933576 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc. -> Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1939fd7b-6712-4265-a4c3-e6b48f2ce4ff}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{e5e98d18-3337-4e3d-b67d-43a7156029e8}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
BHO: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files (x86)\TechSmith\Snagit 9\DLLx64\SnagitBHO64.dll [2009-10-15] (TechSmith Corporation -> TechSmith Corporation)
BHO-x32: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files (x86)\TechSmith\Snagit 9\SnagitBHO.dll [2009-10-15] (TechSmith Corporation -> TechSmith Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Act.UI.InternetExplorer.Plugins.AttachFile.CAttachFile -> {D5233FCD-D258-4903-89B8-FB1568E7413D} -> C:\Program Files (x86)\ACT\Act for Windows\Plugins\Act.UI.InternetExplorer.Plugins.AttachFile.DLL [2017-09-24] (Swiftpage ACT! LLC) [File not signed]
Toolbar: HKLM-x32 - Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 9\SnagitIEAddin.dll [2009-10-15] (TechSmith Corporation -> TechSmith Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-02-06] (Microsoft Corporation -> Microsoft Corporation)
 
Edge: 
======
DownloadDir: C:\Users\cruss\Downloads
 
FireFox:
========
FF DefaultProfile: g5xy1w6g.default
FF ProfilePath: C:\Users\cruss\AppData\Roaming\Mozilla\Firefox\Profiles\g5xy1w6g.default [2019-12-06]
FF Extension: (Avast Online Security) - C:\Users\cruss\AppData\Roaming\Mozilla\Firefox\Profiles\g5xy1w6g.default\Extensions\wrc@avast.com.xpi [2019-11-03]
FF ProfilePath: C:\Users\cruss\AppData\Roaming\Mozilla\Firefox\Profiles\kzf4eavb.default-release [2020-02-11]
FF Homepage: Mozilla\Firefox\Profiles\kzf4eavb.default-release -> hxxps://www.bing.com/?pc=U528
FF Notifications: Mozilla\Firefox\Profiles\kzf4eavb.default-release -> hxxps://www.loopnet.com
FF HomepageOverride: Mozilla\Firefox\Profiles\kzf4eavb.default-release -> Enabled: {3e06d96e-26f5-4a68-ac64-2b6bc583a35d}
FF Extension: (Facebook Container) - C:\Users\cruss\AppData\Roaming\Mozilla\Firefox\Profiles\kzf4eavb.default-release\Extensions\@contain-facebook.xpi [2019-11-03]
FF Extension: (Cisco Webex Extension) - C:\Users\cruss\AppData\Roaming\Mozilla\Firefox\Profiles\kzf4eavb.default-release\Extensions\ciscowebexstart1@cisco.com.xpi [2019-11-03]
FF Extension: (iCloud Bookmarks) - C:\Users\cruss\AppData\Roaming\Mozilla\Firefox\Profiles\kzf4eavb.default-release\Extensions\firefoxdav@icloud.com.xpi [2019-11-03]
FF Extension: (Dashlane) - C:\Users\cruss\AppData\Roaming\Mozilla\Firefox\Profiles\kzf4eavb.default-release\Extensions\jetpack-extension@dashlane.com.xpi [2020-02-10] [UpdateUrl:hxxps://ws1.dashlane.com/5/binaries/query?logins=&platform=firefox&target=ff_web_extension&format=json&version=]
FF Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\cruss\AppData\Roaming\Mozilla\Firefox\Profiles\kzf4eavb.default-release\Extensions\sp@avast.com.xpi [2020-01-20]
FF Extension: (Bing Homepage and Search Engine) - C:\Users\cruss\AppData\Roaming\Mozilla\Firefox\Profiles\kzf4eavb.default-release\Extensions\{3e06d96e-26f5-4a68-ac64-2b6bc583a35d}.xpi [2019-11-07] [UpdateUrl:hxxps://browserdefaults.azurewebsites.net/FirefoxExtn/updateextension.json]
FF Extension: (Adblock Plus - free ad blocker) - C:\Users\cruss\AppData\Roaming\Mozilla\Firefox\Profiles\kzf4eavb.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-11-03]
FF HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Firefox\Extensions: [{442718d9-475e-452a-b3e1-fb1ee16b8e9f}] - C:\Users\cruss\AppData\Roaming\Dashlane\6.1946.0.26096\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f} => not found
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @dymo.com/DymoLabelFramework -> C:\Program Files (x86)\DYMO\DYMO Label Software\Framework\npDYMOLabelFramework.dll [2013-03-05] (Sanford, L.P. ->  Sanford L.P.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-3941208988-4064051922-1525667148-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\cruss\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2019-11-07] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
 
Chrome: 
=======
CHR Profile: C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default [2020-02-11]
CHR HomePage: Default -> hxxps://my.yahoo.com/?mkg=015
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR DefaultSearchURL: Default -> hxxps://ssl.gstatic.com/chromoting/chromoting_logo_512.png
CHR Extension: (Slides) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-11-03]
CHR Extension: (Docs) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-11-03]
CHR Extension: (Google Drive) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-11-03]
CHR Extension: (YouTube) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-11-03]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-11-03]
CHR Extension: (Chrome Remote Desktop) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\efmjfjelnicpmdcmfikempdhlmainjcb [2020-02-07]
CHR Extension: (Dashlane - Password Manager) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdjamakpfbbddfjaooikfcpapjohcfmg [2020-01-31]
CHR Extension: (Sheets) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-11-03]
CHR Extension: (Chrome Remote Desktop) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2019-11-03]
CHR Extension: (Google Docs Offline) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-09]
CHR Extension: (Avast Online Security) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2020-02-11]
CHR Extension: (Chrome Remote Desktop) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2019-11-03]
CHR Extension: (Disconnect) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo [2019-11-03]
CHR Extension: (Cisco Webex Extension) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2019-11-03]
CHR Extension: (Chrome Web Store Payments) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-11-03]
CHR Extension: (Gmail) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-11-03]
CHR Extension: (Chrome Media Router) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-02-07]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 Act! Scheduler; C:\Program Files (x86)\ACT\Act for Windows\Act.Scheduler.exe [90112 2017-09-24] (Swiftpage ACT! LLC) [File not signed]
R2 ActService; C:\Program Files (x86)\ACT\Act for Windows\Act.Server.Host.exe [27648 2017-09-24] (Microsoft) [File not signed]
R2 ActSmartTaskService; C:\Program Files (x86)\ACT\Act for Windows\Act.Server.Host.exe [27648 2017-09-24] (Microsoft) [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6259592 2019-12-19] (AVAST Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [202392 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [996880 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [417536 2019-12-06] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [202392 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\77.2.2154.121\elevation_service.exe [1117336 2019-11-04] (AVAST Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\80.0.3987.18\remoting_host.exe [73200 2019-12-17] (Google LLC -> Google Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11096432 2020-02-09] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-11-03] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-11-03] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\windows\system32\DbxSvc.exe [44552 2020-02-04] (Dropbox, Inc -> Dropbox, Inc.)
R2 DymoPnpService; C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe [33072 2013-03-05] (Sanford, L.P. -> Sanford, L.P.)
R2 esifsvc; C:\windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_4a3ae74cfa6c37d6\esif_uf.exe [2141064 2019-06-21] (Intel Corporation -> Intel Corporation)
R2 GoToAssist Remote Support Customer; C:\Program Files (x86)\GoToAssist Remote Support Customer\1673\g2ax_service.exe [609552 2020-02-11] (LogMeIn, Inc. -> LogMeIn, Inc.)
R2 hmpalertsvc; C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe [4761296 2019-10-29] (Sophos Ltd -> SurfRight B.V.)
R2 igfxCUIService2.0.0.0; C:\windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_1cc7b402747a872f\igfxCUIServiceN.exe [396848 2019-12-23] (Intel® pGFX -> Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_50ab1659f9152c0f\lib\SocketHeciServer.exe [877024 2019-10-11] (Intel® Trust Services -> Intel® Corporation)
S2 Intel® TPM Provisioning Service; C:\windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_50ab1659f9152c0f\lib\TPMProvisioningService.exe [806880 2019-10-11] (Intel® Trust Services -> Intel® Corporation)
R2 IntelAudioService; C:\windows\system32\cAVS\IAS\IntelAudioService.exe [398504 2019-12-09] (Smart Sound Technology -> Intel)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6960640 2019-12-09] (Malwarebytes Inc -> Malwarebytes)
R2 MSSQL$ACT7; C:\Program Files\Microsoft SQL Server\MSSQL12.ACT7\MSSQL\Binn\sqlservr.exe [370368 2014-02-21] (Microsoft Corporation -> Microsoft Corporation)
R2 RtkAudioUniversalService; C:\windows\System32\DriverStore\FileRepository\hdxsstm2.inf_amd64_f027fc76f26abb05\RtkAudUService64.exe [835872 2019-11-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 SAVAdminService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe [305888 2019-04-18] (Sophos Ltd -> Sophos Limited)
R2 SAVService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe [224880 2019-04-18] (Sophos Ltd -> Sophos Limited)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3892256 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [3943664 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [233712 2018-02-06] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5796168 2019-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SntpService; C:\Program Files\Sophos\Sophos Network Threat Protection\SntpService.exe [1870264 2018-03-09] (Sophos Limited -> Sophos Limited)
R2 Sophos AutoUpdate Service; C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe [1202680 2019-03-05] (Sophos Ltd -> Sophos Limited)
R2 Sophos Clean Service; C:\Program Files (x86)\Sophos\Clean\SophosCleanM.exe [1189704 2018-09-27] (Sophos Limited -> Sophos Limited)
R2 Sophos Endpoint Defense Service; C:\Program Files\Sophos\Endpoint Defense\SEDService.exe [1803816 2019-11-04] (Sophos Ltd -> Sophos Limited)
R2 Sophos File Scanner Service; C:\Program Files\Sophos\Sophos File Scanner\SophosFS.exe [1761064 2019-02-04] (Sophos Ltd -> Sophos Limited)
R2 Sophos Health Service; C:\Program Files (x86)\Sophos\Health\SophosHealth.exe [1816176 2018-10-10] (Sophos Limited -> Sophos Limited)
R2 Sophos MCS Agent; C:\Program Files (x86)\Sophos\Management Communications System\Endpoint\McsAgent.exe [1344888 2019-05-30] (Sophos Ltd -> Sophos Limited)
R2 Sophos MCS Client; C:\Program Files (x86)\Sophos\Management Communications System\Endpoint\McsClient.exe [1830688 2019-05-30] (Sophos Ltd -> Sophos Limited)
R2 Sophos Safestore Service; C:\Program Files\Sophos\Safestore\SophosSafestore64.exe [786688 2018-09-27] (Sophos Limited -> Sophos Limited)
R2 Sophos System Protection Service; C:\Program Files\Sophos\Endpoint Defense\SSPService.exe [13235408 2019-11-04] (Sophos Ltd -> Sophos Limited)
R2 Sophos Web Control Service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe [360040 2019-04-18] (Sophos Limited -> Sophos Limited)
S4 SQLAgent$ACT7; C:\Program Files\Microsoft SQL Server\MSSQL12.ACT7\MSSQL\Binn\SQLAGENT.EXE [613056 2014-02-21] (Microsoft Corporation -> Microsoft Corporation)
R2 swi_filter; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_filter.exe [475264 2019-04-18] (Sophos Ltd -> Sophos Limited)
R2 swi_service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [3623400 2019-04-18] (Sophos Ltd -> Sophos Limited)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12758528 2019-12-16] (TeamViewer GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\NisSrv.exe [3201616 2019-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MsMpEng.exe [103168 2019-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AppleLowerFilter; C:\windows\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R1 aswArPot; C:\windows\System32\drivers\aswArPot.sys [204824 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\windows\System32\drivers\aswbidsdriver.sys [274456 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\windows\System32\drivers\aswbidsh.sys [209552 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\windows\System32\drivers\aswbuniv.sys [65120 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\windows\System32\drivers\aswElam.sys [16304 2019-11-03] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\windows\System32\drivers\aswKbd.sys [42736 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\windows\System32\drivers\aswMonFlt.sys [161544 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswNetSec; C:\windows\System32\drivers\aswNetSec.sys [552848 2019-12-06] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\windows\System32\drivers\aswRdr2.sys [110320 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\windows\System32\drivers\aswRvrt.sys [83792 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\windows\System32\drivers\aswSnx.sys [848432 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\windows\System32\drivers\aswSP.sys [460448 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\windows\System32\drivers\aswStm.sys [236024 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\windows\System32\drivers\aswVmm.sys [316528 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
S3 AX88772; C:\windows\System32\drivers\ax88772.sys [111616 2019-03-18] (Microsoft Windows -> ASIX Electronics Corp.)
R3 dptf_acpi; C:\windows\System32\DriverStore\FileRepository\dptf_acpi.inf_amd64_5989fd2721678bab\dptf_acpi.sys [77192 2019-06-22] (Intel Corporation -> Intel Corporation)
R3 dptf_cpu; C:\windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_4a3ae74cfa6c37d6\dptf_cpu.sys [74120 2019-06-21] (Intel Corporation -> Intel Corporation)
R3 esif_lf; C:\windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_4a3ae74cfa6c37d6\esif_lf.sys [408456 2019-06-21] (Intel Corporation -> Intel Corporation)
R1 ESProtectionDriver; C:\windows\system32\drivers\mbae64.sys [153312 2020-02-07] (Malwarebytes Corporation -> Malwarebytes)
S3 hitmanpro37; C:\windows\system32\drivers\hitmanpro37.sys [55232 2020-02-11] (SurfRight B.V. -> )
R1 hmpalert; C:\windows\system32\drivers\hmpalert.sys [513104 2020-02-10] (Sophos Ltd -> SurfRight B.V.)
R3 iaLPSS2_GPIO2; C:\windows\System32\DriverStore\FileRepository\ialpss2_gpio2_icl.inf_amd64_5dfe4459ccf69034\iaLPSS2_GPIO2.sys [127888 2019-05-07] (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R3 iaLPSS2_I2C; C:\windows\System32\DriverStore\FileRepository\ialpss2_i2c_icl.inf_amd64_04e193b8806eca82\iaLPSS2_I2C.sys [197008 2019-05-07] (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 iaLPSS2_SPI; C:\windows\System32\DriverStore\FileRepository\ialpss2_spi_icl.inf_amd64_e5b8de383f9a8911\iaLPSS2_SPI.sys [156560 2019-05-07] (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R3 iaLPSS2_UART2; C:\windows\System32\DriverStore\FileRepository\ialpss2_uart2_icl.inf_amd64_2fd93d380196ad59\iaLPSS2_UART2.sys [309648 2019-08-09] (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R3 ibtusb; C:\windows\System32\DriverStore\FileRepository\ibtusb.inf_amd64_542e8c280c98b59f\ibtusb.sys [13916448 2019-07-11] (Intel® Wireless Connectivity Solutions -> Intel Corporation)
R3 igfxn; C:\windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_99f3effa9b6e163f\igdkmdn64.sys [21693488 2019-12-23] (Intel® pGFX -> Intel Corporation)
R3 IntcAudioBus; C:\windows\System32\DriverStore\FileRepository\intcaudiobus.inf_amd64_448c7d2e5e934dfc\IntcAudioBus.sys [290768 2019-12-09] (Smart Sound Technology -> Intel® Corporation)
R3 IntcAzAudAddService; C:\windows\System32\DriverStore\FileRepository\hdxsstm2.inf_amd64_f027fc76f26abb05\RTKVHD64.sys [7068664 2019-11-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R3 IntcOED; C:\windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_ff28ec604c64d76a\IntcOED.sys [1245648 2019-12-09] (Smart Sound Technology -> Intel® Corporation)
S3 libusb0; C:\windows\system32\DRIVERS\libusb0.sys [52832 2019-06-18] (Travis Lee Robinson -> hxxp://libusb-win32.sourceforge.net)
R2 MBAMChameleon; C:\windows\System32\Drivers\MbamChameleon.sys [214496 2020-02-07] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\windows\System32\DRIVERS\MbamElam.sys [20936 2019-12-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\windows\System32\DRIVERS\farflt.sys [226448 2020-02-11] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\windows\system32\DRIVERS\mbam.sys [73584 2020-02-11] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\windows\System32\Drivers\mbamswissarmy.sys [248968 2020-02-11] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\windows\system32\DRIVERS\mwac.sys [119960 2020-02-11] (Malwarebytes Inc -> Malwarebytes)
R3 MEIx64; C:\windows\System32\DriverStore\FileRepository\heci.inf_amd64_db60facf878d7699\x64\TeeDriverW8x64.sys [253840 2019-04-28] (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R3 Netwtw08; C:\windows\System32\drivers\Netwtw08.sys [9142776 2019-08-14] (Intel® Wireless Connectivity Solutions -> Intel Corporation)
S4 RsFx0300; C:\windows\System32\DRIVERS\RsFx0300.sys [247488 2014-02-21] (Microsoft Corporation -> Microsoft Corporation)
R3 rtux64w10; C:\windows\System32\drivers\rtux64w10.sys [576288 2019-06-26] (Realtek Semiconductor Corp. -> Realtek Corporation )
R1 SAVOnAccess; C:\windows\System32\DRIVERS\savonaccess.sys [204328 2019-04-18] (Sophos Limited -> Sophos Limited)
S3 sdcfilter; C:\windows\system32\DRIVERS\sdcfilter.sys [38144 2019-04-18] (Sophos Limited -> Sophos Limited)
R1 sntp; C:\windows\system32\DRIVERS\sntp.sys [125832 2018-03-09] (Sophos Limited -> Sophos Limited)
S0 Sophos ELAM; C:\windows\System32\DRIVERS\SophosEL.sys [20400 2019-11-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Sophos Limited)
R0 Sophos Endpoint Defense; C:\windows\System32\DRIVERS\SophosED.sys [930944 2019-11-04] (Sophos Ltd -> Sophos Limited)
S4 SophosBootDriver; C:\windows\system32\DRIVERS\SophosBootDriver.sys [45840 2019-04-18] (Sophos Limited -> Sophos Limited)
R3 SurfaceAcpiNotify; C:\windows\System32\drivers\SurfaceAcpiNotifyDriver.sys [281400 2019-08-23] (Microsoft Corporation -> Microsoft Corporation)
R3 SurfaceBattery; C:\windows\System32\drivers\SurfaceBattery.sys [308024 2019-08-23] (Microsoft Corporation -> Microsoft Corporation)
R3 SurfaceHidMini; C:\windows\System32\drivers\SurfaceHidMiniDriver.sys [272184 2019-08-23] (Microsoft Corporation -> Microsoft Corporation)
R3 SurfaceHotPlug; C:\windows\System32\drivers\SurfaceHotPlug.sys [337720 2019-08-23] (Microsoft Corporation -> Microsoft Corporation)
R3 SurfaceLightSensor; C:\windows\System32\drivers\SurfaceLightSensor.sys [228368 2019-09-26] (Microsoft Corporation -> Microsoft Corporation)
S3 SurfacePen217Integration; C:\windows\System32\drivers\SurfacePen217Integration.sys [35856 2019-08-10] (Microsoft Corporation -> Microsoft Corporation)
R3 SurfacePowerFilter; C:\windows\System32\DriverStore\FileRepository\surfacepowerfilter.inf_amd64_428a666856b52679\SurfacePowerFilter.sys [270136 2019-08-23] (Microsoft Corporation -> Microsoft Corporation)
R3 SurfacePowerTrackerCore; C:\windows\System32\drivers\SurfacePowerTrackerCore.sys [265520 2019-08-23] (Microsoft Corporation -> Microsoft Corporation)
R3 SurfaceSerialHubDriver; C:\windows\System32\drivers\SurfaceSerialHubDriver.sys [324624 2019-08-13] (Microsoft Corporation -> Microsoft Corporation)
R3 SurfaceTconDriver; C:\windows\System32\drivers\SurfaceTconDriver.sys [290616 2019-08-23] (Microsoft Corporation -> Microsoft Corporation)
R3 SurfaceUcmUcsiHidClient; C:\windows\System32\DriverStore\FileRepository\surfaceucmucsihidclient.inf_amd64_bed226a64c31fdb0\SurfaceUcmUcsiHidClient.sys [202040 2019-08-11] (Microsoft Corporation -> Microsoft Corporation)
R3 SurfaceVirtualFunctionEnum; C:\windows\System32\drivers\SurfaceVirtualFunctionEnum.sys [185360 2019-08-11] (Microsoft Corporation -> Microsoft Corporation)
R1 swi_callout; C:\windows\system32\DRIVERS\swi_callout.sys [47760 2019-04-18] (Sophos Limited -> Sophos Limited)
S3 WdBoot; C:\windows\system32\drivers\wd\WdBoot.sys [46472 2019-11-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\windows\system32\drivers\wd\WdFilter.sys [351968 2019-11-03] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\drivers\wd\WdNisDrv.sys [53984 2019-11-03] (Microsoft Windows -> Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ===================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-02-11 14:45 - 2020-02-11 14:46 - 000000000 ____D C:\Users\cruss\AppData\LocalLow\IGDump
2020-02-11 13:34 - 2020-02-11 13:34 - 000000000 ___HD C:\OneDriveTemp
2020-02-11 13:33 - 2020-02-11 13:33 - 000248968 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamswissarmy.sys
2020-02-11 13:33 - 2020-02-11 13:33 - 000226448 _____ (Malwarebytes) C:\windows\system32\Drivers\farflt.sys
2020-02-11 13:33 - 2020-02-11 13:33 - 000119960 _____ (Malwarebytes) C:\windows\system32\Drivers\mwac.sys
2020-02-11 13:33 - 2020-02-11 13:33 - 000073584 _____ (Malwarebytes) C:\windows\system32\Drivers\mbam.sys
2020-02-11 13:26 - 2020-02-11 13:26 - 000000928 _____ C:\Users\cruss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2020-02-11 13:26 - 2020-02-11 13:26 - 000000000 ____D C:\Users\cruss\AppData\Local\ESET
2020-02-11 13:07 - 2020-02-11 14:49 - 000000000 ____D C:\FRST
2020-02-11 12:40 - 2020-02-11 12:40 - 000012872 _____ (SurfRight B.V.) C:\windows\system32\bootdelete.exe
2020-02-11 12:31 - 2018-03-09 17:12 - 000125832 _____ (Sophos Limited) C:\windows\system32\Drivers\sntp.sys
2020-02-11 12:30 - 2019-04-18 08:27 - 000047760 _____ (Sophos Limited) C:\windows\system32\Drivers\swi_callout.sys
2020-02-11 12:30 - 2019-04-18 08:27 - 000044184 _____ (Sophos Limited) C:\windows\system32\SophosBootTasks.exe
2020-02-11 12:29 - 2020-02-11 12:29 - 000000000 ____D C:\Program Files\Common Files\Sophos
2020-02-11 12:29 - 2019-11-04 11:06 - 000930944 _____ (Sophos Limited) C:\windows\system32\Drivers\SophosED.sys
2020-02-11 12:29 - 2019-11-04 11:06 - 000048968 _____ (Sophos Limited) C:\windows\system32\SophosNA.exe
2020-02-11 12:29 - 2019-11-04 11:06 - 000039713 _____ C:\windows\system32\Drivers\SophosED.man
2020-02-11 12:29 - 2019-11-04 11:06 - 000020400 _____ (Sophos Limited) C:\windows\system32\Drivers\SophosEL.sys
2020-02-11 12:25 - 2020-02-11 12:25 - 000000214 _____ C:\Users\cruss\OneDrive\Documents\cc_20200211_122541.reg
2020-02-11 10:45 - 2020-02-11 10:45 - 000001599 _____ C:\Users\cruss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GoToAssist Customer.lnk
2020-02-11 10:45 - 2020-02-11 10:45 - 000000000 ____D C:\Program Files (x86)\GoToAssist Remote Support Customer
2020-02-11 09:50 - 2020-02-11 09:51 - 000004816 _____ C:\Users\cruss\OneDrive\Documents\cc_20200211_095052.reg
2020-02-10 14:44 - 2020-02-11 12:40 - 000055232 _____ C:\windows\system32\Drivers\hitmanpro37.sys
2020-02-10 14:35 - 2020-02-11 14:49 - 000000000 ____D C:\windows\CryptoGuard
2020-02-10 14:35 - 2020-02-10 14:35 - 000513104 _____ (SurfRight B.V.) C:\windows\system32\Drivers\hmpalert.sys
2020-02-10 14:34 - 2020-02-11 14:33 - 000000000 ____D C:\ProgramData\HitmanPro.Alert
2020-02-10 14:34 - 2020-02-11 12:30 - 000000000 ____D C:\windows\SysWOW64\SophosAV
2020-02-10 14:34 - 2020-02-11 12:30 - 000000000 ____D C:\windows\system32\SophosAV
2020-02-10 14:34 - 2020-02-10 14:35 - 000000000 ____D C:\Program Files (x86)\HitmanPro.Alert
2020-02-10 14:34 - 2020-02-10 14:34 - 001215072 _____ (SurfRight B.V.) C:\windows\system32\hmpalert.dll
2020-02-10 14:34 - 2020-02-10 14:34 - 001017184 _____ (SurfRight B.V.) C:\windows\SysWOW64\hmpalert.dll
2020-02-10 14:33 - 2020-02-11 12:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2020-02-10 14:32 - 2020-02-11 12:31 - 000000000 ____D C:\Program Files\Sophos
2020-02-10 14:32 - 2019-04-18 08:27 - 000204328 _____ (Sophos Limited) C:\windows\system32\Drivers\savonaccess.sys
2020-02-10 14:32 - 2019-04-18 08:27 - 000176120 _____ (Sophos Limited) C:\windows\system32\sdccoinstaller.dll
2020-02-10 14:32 - 2019-04-18 08:27 - 000045840 _____ (Sophos Limited) C:\windows\system32\Drivers\SophosBootDriver.sys
2020-02-10 14:32 - 2019-04-18 08:27 - 000038144 _____ (Sophos Limited) C:\windows\system32\Drivers\sdcfilter.sys
2020-02-10 14:29 - 2020-02-11 12:31 - 000000000 ____D C:\ProgramData\Sophos
2020-02-10 14:29 - 2020-02-11 12:30 - 000000000 ____D C:\Program Files (x86)\Sophos
2020-02-10 14:15 - 2020-02-10 14:16 - 000000000 ____D C:\AdwCleaner
2020-02-10 14:15 - 2020-02-10 14:15 - 008356016 _____ (Malwarebytes) C:\Users\cruss\Downloads\adwcleaner_8.0.2.exe
2020-02-07 15:27 - 2020-02-07 15:27 - 000214496 _____ (Malwarebytes) C:\windows\system32\Drivers\MbamChameleon.sys
2020-02-05 15:48 - 2020-02-05 15:48 - 004139319 _____ C:\Users\cruss\Downloads\Walgreens-Family-Dollar-Sublease-280-Broad-St-New-London-CT-06320-1.pdf
2020-02-05 15:23 - 2020-02-05 15:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2020-02-04 12:22 - 2020-02-04 12:22 - 002003694 _____ C:\Users\cruss\Downloads\Planned-Parenthood-617-Watertown-Ave-Waterbury-CT.pdf
2020-02-04 08:20 - 2020-02-04 08:20 - 000047600 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-stable.sys
2020-02-04 08:20 - 2020-02-04 08:20 - 000047600 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-dev.sys
2020-02-04 08:20 - 2020-02-04 08:20 - 000047600 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-canary.sys
2020-02-04 08:20 - 2020-02-04 08:20 - 000044552 _____ (Dropbox, Inc.) C:\windows\system32\DbxSvc.exe
2020-02-03 17:10 - 2020-01-02 10:05 - 000454656 ____R C:\windows\system32\Drivers\etc\hosts.20200203-171022.backup
2020-02-03 17:05 - 2020-02-03 17:05 - 000008866 _____ C:\Users\cruss\OneDrive\Documents\cc_20200203_170501.reg
2020-01-31 14:32 - 2020-01-31 14:32 - 000000000 ____D C:\Users\cruss\AppData\LocalLow\Intel
2020-01-31 14:31 - 2019-12-23 18:38 - 025076232 _____ (Intel Corporation) C:\windows\system32\mfxplugin64_hw.dll
2020-01-31 14:31 - 2019-12-23 18:38 - 011919368 _____ (Intel Corporation) C:\windows\SysWOW64\mfxplugin32_hw.dll
2020-01-31 14:31 - 2019-12-23 18:38 - 003013640 _____ (Intel Corporation) C:\windows\system32\mfx_mft_mjpgvd_64.dll
2020-01-31 14:31 - 2019-12-23 18:38 - 002439176 _____ (Intel Corporation) C:\windows\SysWOW64\mfx_mft_mjpgvd_32.dll
2020-01-31 14:31 - 2019-12-23 18:38 - 001087280 _____ C:\windows\system32\vulkan-1-999-0-0-0.dll
2020-01-31 14:31 - 2019-12-23 18:38 - 001087280 _____ C:\windows\system32\vulkan-1.dll
2020-01-31 14:31 - 2019-12-23 18:38 - 000944944 _____ C:\windows\SysWOW64\vulkan-1-999-0-0-0.dll
2020-01-31 14:31 - 2019-12-23 18:38 - 000944944 _____ C:\windows\SysWOW64\vulkan-1.dll
2020-01-31 14:31 - 2019-12-23 18:38 - 000862248 _____ C:\windows\system32\vulkaninfo-1-999-0-0-0.exe
2020-01-31 14:31 - 2019-12-23 18:38 - 000862248 _____ C:\windows\system32\vulkaninfo.exe
2020-01-31 14:31 - 2019-12-23 18:38 - 000720432 _____ C:\windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-01-31 14:31 - 2019-12-23 18:38 - 000720432 _____ C:\windows\SysWOW64\vulkaninfo.exe
2020-01-31 14:31 - 2019-12-23 18:38 - 000146952 _____ C:\windows\SysWOW64\libGLESv2.dll
2020-01-31 14:31 - 2019-12-23 18:38 - 000137736 _____ C:\windows\SysWOW64\libEGL.dll
2020-01-31 14:31 - 2019-12-23 18:38 - 000126472 _____ (Khronos Group) C:\windows\system32\OpenCL.dll
2020-01-31 14:31 - 2019-12-23 18:38 - 000120840 _____ C:\windows\SysWOW64\libGLESv1_CM.dll
2020-01-31 14:31 - 2019-12-23 18:38 - 000111624 _____ (Khronos Group) C:\windows\SysWOW64\OpenCL.dll
2020-01-31 14:31 - 2019-12-23 14:39 - 021448776 _____ (Intel Corporation) C:\windows\system32\libmfxhw64.dll
2020-01-31 14:31 - 2019-12-23 14:39 - 003218264 _____ (Intel Corporation) C:\windows\system32\mfx_mft_h265ve_64.dll
2020-01-31 14:31 - 2019-12-23 14:39 - 003212416 _____ (Intel Corporation) C:\windows\system32\mfx_mft_vp9ve_64.dll
2020-01-31 14:31 - 2019-12-23 14:39 - 003198816 _____ (Intel Corporation) C:\windows\system32\mfx_mft_h264ve_64.dll
2020-01-31 14:31 - 2019-12-23 14:39 - 002996064 _____ (Intel Corporation) C:\windows\system32\mfx_mft_encrypt_64.dll
2020-01-31 14:31 - 2019-12-23 14:39 - 002606104 _____ (Intel Corporation) C:\windows\SysWOW64\mfx_mft_h265ve_32.dll
2020-01-31 14:31 - 2019-12-23 14:39 - 002600984 _____ (Intel Corporation) C:\windows\SysWOW64\mfx_mft_vp9ve_32.dll
2020-01-31 14:31 - 2019-12-23 14:39 - 002591896 _____ (Intel Corporation) C:\windows\SysWOW64\mfx_mft_h264ve_32.dll
2020-01-31 14:31 - 2019-12-23 14:39 - 002435352 _____ (Intel Corporation) C:\windows\SysWOW64\mfx_mft_encrypt_32.dll
2020-01-31 14:31 - 2019-12-23 14:38 - 020346696 _____ (Intel Corporation) C:\windows\SysWOW64\libmfxhw32.dll
2020-01-31 14:31 - 2019-12-23 14:38 - 000212264 _____ (Intel Corporation) C:\windows\system32\intel_gfx_api-x64.dll
2020-01-31 14:31 - 2019-12-23 14:38 - 000183944 _____ (Intel Corporation) C:\windows\SysWOW64\intel_gfx_api-x86.dll
2020-01-31 14:31 - 2019-12-23 14:16 - 000072329 _____ C:\windows\SysWOW64\h265e_32.vp
2020-01-31 14:31 - 2019-12-23 14:16 - 000071888 _____ C:\windows\SysWOW64\vp9e_32.vp
2020-01-31 14:31 - 2019-12-23 14:16 - 000070661 _____ C:\windows\SysWOW64\he_32.vp
2020-01-31 14:31 - 2019-12-23 14:16 - 000066157 _____ C:\windows\SysWOW64\mj_32.vp
2020-01-31 14:31 - 2019-12-23 14:16 - 000057143 _____ C:\windows\SysWOW64\dev_32.vp
2020-01-31 14:31 - 2019-12-23 14:16 - 000056359 _____ C:\windows\system32\dev_64.vp
2020-01-31 14:31 - 2019-12-23 14:16 - 000014145 _____ C:\windows\system32\h265e_64.vp
2020-01-31 14:31 - 2019-12-23 14:16 - 000013996 _____ C:\windows\system32\vp9e_64.vp
2020-01-31 14:31 - 2019-12-23 14:16 - 000013581 _____ C:\windows\system32\he_64.vp
2020-01-31 14:31 - 2019-12-23 14:16 - 000013309 _____ C:\windows\system32\mj_64.vp
2020-01-31 14:31 - 2019-12-23 14:16 - 000001125 _____ C:\windows\SysWOW64\cpa_32.vp
2020-01-31 14:31 - 2019-12-23 14:16 - 000001125 _____ C:\windows\system32\cpa_64.vp
2020-01-31 14:29 - 2020-01-31 14:29 - 025444352 _____ (Microsoft Corporation) C:\windows\system32\Hydrogen.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 022635008 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 019812864 _____ (Microsoft Corporation) C:\windows\system32\HologramWorld.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 018026496 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 009926968 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2020-01-31 14:29 - 2020-01-31 14:29 - 007905208 _____ (Microsoft Corporation) C:\windows\system32\windows.storage.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 007754240 _____ (Microsoft Corporation) C:\windows\system32\Chakra.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 007600656 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.Protection.PlayReady.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 007263992 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 007259648 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 006516648 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 006435840 _____ (Microsoft Corporation) C:\windows\system32\twinui.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 006285312 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 006231200 _____ (Microsoft Corporation) C:\windows\system32\StartTileData.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 006167552 _____ (Microsoft Corporation) C:\windows\system32\twinui.pcshell.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 006083832 _____ (Microsoft Corporation) C:\windows\SysWOW64\windows.storage.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 005914112 _____ (Microsoft Corporation) C:\windows\SysWOW64\Chakra.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 005764664 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 005112320 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinui.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 004856832 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 004615376 _____ (Microsoft Corporation) C:\windows\explorer.exe
2020-01-31 14:29 - 2020-01-31 14:29 - 004470784 _____ (Microsoft Corporation) C:\windows\system32\InputService.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 004348616 _____ (Microsoft Corporation) C:\windows\system32\Windows.Mirage.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 004005888 _____ (Microsoft Corporation) C:\windows\system32\EdgeContent.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 003967888 _____ (Microsoft Corporation) C:\windows\SysWOW64\explorer.exe
2020-01-31 14:29 - 2020-01-31 14:29 - 003819008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 003729408 _____ (Microsoft Corporation) C:\windows\system32\win32kfull.sys
2020-01-31 14:29 - 2020-01-31 14:29 - 003703296 _____ (Microsoft Corporation) C:\windows\system32\AppXDeploymentServer.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 003591184 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys
2020-01-31 14:29 - 2020-01-31 14:29 - 003550208 _____ (Microsoft Corporation) C:\windows\system32\dwmcore.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 003372440 _____ (Microsoft Corporation) C:\windows\system32\combase.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 003243080 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Mirage.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 003110400 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 002988552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2020-01-31 14:29 - 2020-01-31 14:29 - 002801152 _____ (Microsoft Corporation) C:\windows\SysWOW64\win32kfull.sys
2020-01-31 14:29 - 2020-01-31 14:29 - 002773776 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 002766088 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 002703872 _____ (Microsoft Corporation) C:\windows\system32\WebRuntimeManager.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 002584008 _____ (Microsoft Corporation) C:\windows\SysWOW64\combase.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 002493928 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2vdec.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 002314952 _____ (Microsoft Corporation) C:\windows\SysWOW64\msmpeg2vdec.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 002284544 _____ (Microsoft Corporation) C:\windows\system32\AppXDeploymentExtensions.onecore.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 002260176 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 002225160 _____ (Microsoft Corporation) C:\windows\system32\ResetEngine.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 002125904 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 002084576 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 002071552 _____ (Microsoft Corporation) C:\windows\system32\ISM.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 002032128 _____ C:\windows\system32\rdpnano.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 001942016 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 001916744 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioEng.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 001858560 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 001841152 _____ C:\windows\system32\TextInputMethodFormatter.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 001835128 _____ (Microsoft Corporation) C:\windows\system32\mfsrcsnk.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 001757096 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2020-01-31 14:29 - 2020-01-31 14:29 - 001748480 _____ (Microsoft Corporation) C:\windows\system32\AppXDeploymentExtensions.desktop.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 001743672 _____ (Microsoft Corporation) C:\windows\system32\sppobjs.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 001726480 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 001693184 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 001610752 _____ (Microsoft Corporation) C:\windows\system32\HologramCompositor.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 001602560 _____ (Microsoft Corporation) C:\windows\system32\dosvc.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 001541632 _____ (Microsoft Corporation) C:\windows\system32\wbengine.exe
2020-01-31 14:29 - 2020-01-31 14:29 - 001512320 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2020-01-31 14:29 - 2020-01-31 14:29 - 001505280 _____ C:\windows\system32\FaceProcessor.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 001489064 _____ (Microsoft Corporation) C:\windows\system32\mfsvr.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 001480192 _____ (Microsoft Corporation) C:\windows\system32\usocoreworker.exe
2020-01-31 14:29 - 2020-01-31 14:29 - 001417760 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfsrcsnk.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 001413912 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 001412096 _____ (Microsoft Corporation) C:\windows\system32\SystemSettings.Handlers.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 001399304 _____ (Microsoft Corporation) C:\windows\system32\hvix64.exe
2020-01-31 14:29 - 2020-01-31 14:29 - 001394168 _____ (Microsoft Corporation) C:\windows\system32\WinTypes.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 001372160 _____ (Microsoft Corporation) C:\windows\system32\NotificationController.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 001366128 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2020-01-31 14:29 - 2020-01-31 14:29 - 001300280 _____ (Microsoft Corporation) C:\windows\system32\Drivers\http.sys
2020-01-31 14:29 - 2020-01-31 14:29 - 001283592 _____ (Microsoft Corporation) C:\windows\system32\SecConfig.efi
2020-01-31 14:29 - 2020-01-31 14:29 - 001283584 _____ (Microsoft Corporation) C:\windows\system32\werconcpl.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 001271592 _____ C:\windows\system32\FaceTrackerInternal.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 001214976 _____ (Microsoft Corporation) C:\windows\system32\reseteng.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 001182232 _____ (Microsoft Corporation) C:\windows\system32\winresume.exe
2020-01-31 14:29 - 2020-01-31 14:29 - 001170960 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 001154448 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 001151816 _____ (Microsoft Corporation) C:\windows\system32\mfmpeg2srcsnk.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 001149712 _____ (Microsoft Corporation) C:\windows\system32\ApplyTrustOffline.exe
2020-01-31 14:29 - 2020-01-31 14:29 - 001105776 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfsvr.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 001097216 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Immersive.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 001083904 _____ (Microsoft Corporation) C:\windows\system32\MusUpdateHandlers.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 001083392 _____ (Microsoft Corporation) C:\windows\system32\clusapi.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 001073168 _____ (Microsoft Corporation) C:\windows\system32\hvax64.exe
2020-01-31 14:29 - 2020-01-31 14:29 - 001051448 _____ (Microsoft Corporation) C:\windows\system32\pidgenx.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 001027000 _____ (Microsoft Corporation) C:\windows\system32\ClipSVC.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 001000960 _____ (Microsoft Corporation) C:\windows\system32\Windows.Mirage.Internal.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000974336 _____ (Microsoft Corporation) C:\windows\system32\uDWM.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000949248 _____ (Microsoft Corporation) C:\windows\system32\SecurityHealthSSO.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000928120 _____ (Microsoft Corporation) C:\windows\system32\SecurityHealthService.exe
2020-01-31 14:29 - 2020-01-31 14:29 - 000923136 _____ (Microsoft Corporation) C:\windows\system32\EdgeManager.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000916480 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Core.TextInput.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000913408 _____ (Microsoft Corporation) C:\windows\system32\rasmans.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000895488 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Immersive.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000892488 _____ (Microsoft Corporation) C:\windows\SysWOW64\WinTypes.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000891736 _____ (Microsoft Corporation) C:\windows\system32\ci.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000890368 _____ (Microsoft Corporation) C:\windows\system32\HolographicExtensions.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000875144 _____ (Microsoft Corporation) C:\windows\system32\wer.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000874512 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgmms2.sys
2020-01-31 14:29 - 2020-01-31 14:29 - 000864256 _____ (Microsoft Corporation) C:\windows\system32\netlogon.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000852480 _____ (Microsoft Corporation) C:\windows\system32\ieproxy.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000828216 _____ (Microsoft Corporation) C:\windows\system32\AppVClient.exe
2020-01-31 14:29 - 2020-01-31 14:29 - 000824848 _____ (Microsoft Corporation) C:\windows\system32\NetSetupEngine.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000805888 _____ (Microsoft Corporation) C:\windows\system32\cscui.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000805376 _____ (Microsoft Corporation) C:\windows\SysWOW64\clusapi.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000803840 _____ (Microsoft Corporation) C:\windows\system32\bisrv.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000788992 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000783480 _____ (Microsoft Corporation) C:\windows\system32\tcblaunch.exe
2020-01-31 14:29 - 2020-01-31 14:29 - 000768488 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000750080 _____ (Microsoft Corporation) C:\windows\system32\ActivationManager.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000749568 _____ (Microsoft Corporation) C:\windows\system32\FrameServer.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000747320 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000737280 _____ (Microsoft Corporation) C:\windows\system32\Windows.System.Launcher.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000735744 _____ (Microsoft Corporation) C:\windows\system32\AudioEndpointBuilder.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000732200 _____ (Microsoft Corporation) C:\windows\system32\SettingsHandlers_StorageSense.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000727040 _____ (Microsoft Corporation) C:\windows\system32\agentactivationruntime.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000716288 _____ (Microsoft Corporation) C:\windows\system32\agentactivationruntimewindows.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000704512 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.FileExplorer.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000701440 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Mirage.Internal.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000679160 _____ (Microsoft Corporation) C:\windows\SysWOW64\wer.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000673080 _____ (Microsoft Corporation) C:\windows\system32\comctl32.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000667136 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000667136 _____ (Microsoft Corporation) C:\windows\SysWOW64\EdgeManager.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\netlogon.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000661816 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys
2020-01-31 14:29 - 2020-01-31 14:29 - 000656984 _____ C:\windows\system32\FaceProcessorCore.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000642008 _____ (Microsoft Corporation) C:\windows\system32\TextInputFramework.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000637968 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys
2020-01-31 14:29 - 2020-01-31 14:29 - 000637440 _____ (Microsoft Corporation) C:\windows\system32\twinapi.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000623104 _____ (Microsoft Corporation) C:\windows\system32\resutils.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000617784 _____ (Microsoft Corporation) C:\windows\system32\hal.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000610816 _____ (Microsoft Corporation) C:\windows\system32\netprofmsvc.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000605184 _____ (Microsoft Corporation) C:\windows\system32\MusNotification.exe
2020-01-31 14:29 - 2020-01-31 14:29 - 000599552 _____ (Microsoft Corporation) C:\windows\SysWOW64\ActivationManager.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000598528 _____ (Microsoft Corporation) C:\windows\system32\webio.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000589592 _____ (Microsoft Corporation) C:\windows\system32\audiodg.exe
2020-01-31 14:29 - 2020-01-31 14:29 - 000587064 _____ (Microsoft Corporation) C:\windows\SysWOW64\NetSetupEngine.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000568120 _____ (Microsoft Corporation) C:\windows\SysWOW64\comctl32.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000558592 _____ (Microsoft Corporation) C:\windows\system32\SettingsHandlers_Notifications.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000550400 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2020-01-31 14:29 - 2020-01-31 14:29 - 000545432 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.MediaControl.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000536064 _____ (Microsoft Corporation) C:\windows\system32\usosvc.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000521728 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.System.Launcher.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000518184 _____ (Microsoft Corporation) C:\windows\system32\WerFault.exe
2020-01-31 14:29 - 2020-01-31 14:29 - 000516096 _____ (Microsoft Corporation) C:\windows\system32\MusNotificationUx.exe
2020-01-31 14:29 - 2020-01-31 14:29 - 000512000 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinapi.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000510768 _____ (Microsoft Corporation) C:\windows\system32\systemreset.exe
2020-01-31 14:29 - 2020-01-31 14:29 - 000500736 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2020-01-31 14:29 - 2020-01-31 14:29 - 000497152 _____ (Microsoft Corporation) C:\windows\system32\werui.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000490496 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.FileExplorer.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000486912 _____ (Microsoft Corporation) C:\windows\system32\puiobj.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000477496 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS
2020-01-31 14:29 - 2020-01-31 14:29 - 000476672 _____ (Microsoft Corporation) C:\windows\SysWOW64\resutils.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000469504 _____ (Microsoft Corporation) C:\windows\SysWOW64\webio.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000467648 _____ (Microsoft Corporation) C:\windows\system32\Faultrep.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000465208 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000464384 _____ (Microsoft Corporation) C:\windows\system32\cloudAP.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000459896 _____ (Microsoft Corporation) C:\windows\system32\MusNotifyIcon.exe
2020-01-31 14:29 - 2020-01-31 14:29 - 000456192 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.ConversationalAgent.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000453432 _____ (Microsoft Corporation) C:\windows\SysWOW64\WerFault.exe
2020-01-31 14:29 - 2020-01-31 14:29 - 000450048 _____ (Microsoft Corporation) C:\windows\system32\rdpclip.exe
2020-01-31 14:29 - 2020-01-31 14:29 - 000443904 _____ (Microsoft Corporation) C:\windows\system32\edgeIso.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000441144 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgmms1.sys
2020-01-31 14:29 - 2020-01-31 14:29 - 000441072 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.MediaControl.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000435200 _____ (Microsoft Corporation) C:\windows\system32\wincorlib.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000430080 _____ (Microsoft Corporation) C:\windows\SysWOW64\werui.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000421376 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2020-01-31 14:29 - 2020-01-31 14:29 - 000416056 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Classpnp.sys
2020-01-31 14:29 - 2020-01-31 14:29 - 000415808 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000407040 _____ (Microsoft Corporation) C:\windows\system32\DispBroker.Desktop.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000404912 _____ (Microsoft Corporation) C:\windows\SysWOW64\Faultrep.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000399360 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000384000 _____ (Microsoft Corporation) C:\windows\SysWOW64\puiobj.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000375504 _____ (Microsoft Corporation) C:\windows\SysWOW64\AUDIOKSE.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000370688 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieproxy.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000366416 _____ (Microsoft Corporation) C:\windows\system32\mfsensorgroup.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000355840 _____ (Microsoft Corporation) C:\windows\system32\WaaSMedicSvc.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000350720 _____ (Microsoft Corporation) C:\windows\system32\SettingsHandlers_SpeechPrivacy.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000345088 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000327680 _____ (Microsoft Corporation) C:\windows\SysWOW64\edgeIso.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000324616 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000324608 _____ (Microsoft Corporation) C:\windows\system32\FSClient.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000324096 _____ (Microsoft Corporation) C:\windows\SysWOW64\win32k.sys
2020-01-31 14:29 - 2020-01-31 14:29 - 000311096 _____ (Microsoft Corporation) C:\windows\system32\SecurityHealthAgent.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000308736 _____ (Microsoft Corporation) C:\windows\system32\msIso.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000307712 _____ (Microsoft Corporation) C:\windows\SysWOW64\wincorlib.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000300392 _____ (Microsoft Corporation) C:\windows\system32\skci.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000291328 _____ (Microsoft Corporation) C:\windows\system32\DeviceDirectoryClient.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000285184 _____ (Microsoft Corporation) C:\windows\system32\WaaSMedicCapsule.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000282112 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.AppDefaults.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000281088 _____ (Microsoft Corporation) C:\windows\system32\msutb.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000277504 _____ (Microsoft Corporation) C:\windows\system32\SettingsHandlers_CapabilityAccess.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000265216 _____ (Microsoft Corporation) C:\windows\system32\cdd.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000259984 _____ (Microsoft Corporation) C:\windows\system32\logoncli.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000256000 _____ (Microsoft Corporation) C:\windows\system32\UpdateDeploymentProvider.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000251904 _____ (Microsoft Corporation) C:\windows\SysWOW64\msIso.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000250880 _____ (Microsoft Corporation) C:\windows\system32\Drivers\winnat.sys
2020-01-31 14:29 - 2020-01-31 14:29 - 000248064 _____ (Microsoft Corporation) C:\windows\system32\weretw.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000228864 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2020-01-31 14:29 - 2020-01-31 14:29 - 000227840 _____ (Microsoft Corporation) C:\windows\system32\IndexedDbLegacy.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000226816 _____ (Microsoft Corporation) C:\windows\system32\netprofm.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000225280 _____ (Microsoft Corporation) C:\windows\system32\wersvc.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000224768 _____ (Microsoft Corporation) C:\windows\system32\DWWIN.EXE
2020-01-31 14:29 - 2020-01-31 14:29 - 000221200 _____ (Microsoft Corporation) C:\windows\system32\wermgr.exe
2020-01-31 14:29 - 2020-01-31 14:29 - 000217600 _____ (Microsoft Corporation) C:\windows\SysWOW64\msutb.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000210744 _____ (Microsoft Corporation) C:\windows\system32\tcbloader.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000209920 _____ (Microsoft Corporation) C:\windows\system32\wuuhosdeployment.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000203776 _____ (Microsoft Corporation) C:\windows\system32\regapi.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000201728 _____ (Microsoft Corporation) C:\windows\system32\puiapi.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000201728 _____ (Microsoft Corporation) C:\windows\system32\AppXApplicabilityBlob.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000199480 _____ (Microsoft Corporation) C:\windows\SysWOW64\wermgr.exe
2020-01-31 14:29 - 2020-01-31 14:29 - 000197632 _____ (Microsoft Corporation) C:\windows\system32\Win32CompatibilityAppraiserCSP.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000193592 _____ (Microsoft Corporation) C:\windows\SysWOW64\weretw.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000190464 _____ (Microsoft Corporation) C:\windows\SysWOW64\regapi.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000190256 _____ (Microsoft Corporation) C:\windows\SysWOW64\logoncli.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000187392 _____ (Microsoft Corporation) C:\windows\system32\tssrvlic.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000186880 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWWIN.EXE
2020-01-31 14:29 - 2020-01-31 14:29 - 000184832 _____ (Microsoft Corporation) C:\windows\system32\AarSvc.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000183808 _____ (Microsoft Corporation) C:\windows\system32\ResetEngOnline.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000175616 _____ (Microsoft Corporation) C:\windows\SysWOW64\IndexedDbLegacy.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000174392 _____ (Microsoft Corporation) C:\windows\system32\Drivers\AppvVemgr.sys
2020-01-31 14:29 - 2020-01-31 14:29 - 000172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\puiapi.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000169472 _____ (Microsoft Corporation) C:\windows\system32\SpatialAudioLicenseSrv.exe
2020-01-31 14:29 - 2020-01-31 14:29 - 000155648 _____ (Microsoft Corporation) C:\windows\system32\SettingsHandlers_AppExecutionAlias.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000153912 _____ (Microsoft Corporation) C:\windows\system32\Drivers\AppvVfs.sys
2020-01-31 14:29 - 2020-01-31 14:29 - 000151552 _____ (Microsoft Corporation) C:\windows\system32\SettingsHandlers_BackgroundApps.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\SpatialAudioLicenseSrv.exe
2020-01-31 14:29 - 2020-01-31 14:29 - 000143160 _____ (Microsoft Corporation) C:\windows\system32\NetSetupApi.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000138752 _____ (Microsoft Corporation) C:\windows\system32\InputLocaleManager.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000138040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\AppVStrm.sys
2020-01-31 14:29 - 2020-01-31 14:29 - 000135168 _____ (Microsoft Corporation) C:\windows\system32\musdialoghandlers.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000128512 _____ (Microsoft Corporation) C:\windows\system32\usoapi.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000127064 _____ (Microsoft Corporation) C:\windows\system32\win32u.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000123904 _____ (Microsoft Corporation) C:\windows\system32\ApplicationControlCSP.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000123392 _____ (Microsoft Corporation) C:\windows\system32\wercplsupport.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000119808 _____ (Microsoft Corporation) C:\windows\system32\DafPrintProvider.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000119296 _____ (Microsoft Corporation) C:\windows\system32\compstui.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000117264 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bindflt.sys
2020-01-31 14:29 - 2020-01-31 14:29 - 000112128 _____ (Microsoft Corporation) C:\windows\system32\NetDriverInstall.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000107832 _____ (Microsoft Corporation) C:\windows\SysWOW64\NetSetupApi.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000107008 _____ (Microsoft Corporation) C:\windows\system32\DevicePairingExperienceMEM.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000106808 _____ (Microsoft Corporation) C:\windows\system32\SecurityHealthProxyStub.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000099712 _____ (Microsoft Corporation) C:\windows\system32\FsIso.exe
2020-01-31 14:29 - 2020-01-31 14:29 - 000097280 _____ (Microsoft Corporation) C:\windows\SysWOW64\compstui.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000095232 _____ (Microsoft Corporation) C:\windows\system32\msfeedsbs.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000093704 _____ (Microsoft Corporation) C:\windows\system32\hvloader.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000092160 _____ (Microsoft Corporation) C:\windows\system32\wsqmcons.exe
2020-01-31 14:29 - 2020-01-31 14:29 - 000089328 _____ (Microsoft Corporation) C:\windows\SysWOW64\win32u.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000089088 _____ (Microsoft Corporation) C:\windows\system32\WaaSMedicAgent.exe
2020-01-31 14:29 - 2020-01-31 14:29 - 000088576 _____ (Microsoft Corporation) C:\windows\SysWOW64\DafPrintProvider.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000088352 _____ (Microsoft Corporation) C:\windows\system32\remoteaudioendpoint.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000087040 _____ (Microsoft Corporation) C:\windows\system32\EditBufferTestHook.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000084992 _____ (Microsoft Corporation) C:\windows\system32\SecurityHealthSystray.exe
2020-01-31 14:29 - 2020-01-31 14:29 - 000084496 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hvservice.sys
2020-01-31 14:29 - 2020-01-31 14:29 - 000080896 _____ (Microsoft Corporation) C:\windows\SysWOW64\NetDriverInstall.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000079872 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedsbs.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000077824 _____ (Microsoft Corporation) C:\windows\SysWOW64\usoapi.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000077824 _____ (Microsoft Corporation) C:\windows\system32\CustomInstallExec.exe
2020-01-31 14:29 - 2020-01-31 14:29 - 000072816 _____ (Microsoft Corporation) C:\windows\SysWOW64\remoteaudioendpoint.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000071480 _____ (Microsoft Corporation) C:\windows\system32\win32appinventorycsp.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000069120 _____ (Microsoft Corporation) C:\windows\system32\UsoClient.exe
2020-01-31 14:29 - 2020-01-31 14:29 - 000066560 _____ (Microsoft Corporation) C:\windows\system32\findnetprinters.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000065536 _____ (Microsoft Corporation) C:\windows\system32\iemigplugin.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000064000 _____ (Microsoft Corporation) C:\windows\system32\printui.exe
2020-01-31 14:29 - 2020-01-31 14:29 - 000063488 _____ (Microsoft Corporation) C:\windows\SysWOW64\iemigplugin.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000063288 _____ (Microsoft Corporation) C:\windows\system32\SecurityHealthHost.exe
2020-01-31 14:29 - 2020-01-31 14:29 - 000062976 _____ (Microsoft Corporation) C:\windows\system32\LSCSHostPolicy.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\printui.exe
2020-01-31 14:29 - 2020-01-31 14:29 - 000059221 _____ C:\windows\system32\srms.dat
2020-01-31 14:29 - 2020-01-31 14:29 - 000057856 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000057344 _____ (Microsoft Corporation) C:\windows\system32\audioresourceregistrar.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000053248 _____ (Microsoft Corporation) C:\windows\SysWOW64\findnetprinters.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000048640 _____ (Microsoft Corporation) C:\windows\system32\mcicda.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000047208 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2020-01-31 14:29 - 2020-01-31 14:29 - 000045056 _____ (Microsoft Corporation) C:\windows\system32\npmproxy.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000044544 _____ (Microsoft Corporation) C:\windows\system32\werdiagcontroller.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000042512 _____ (Microsoft Corporation) C:\windows\system32\SysResetErr.exe
2020-01-31 14:29 - 2020-01-31 14:29 - 000041472 _____ (Microsoft Corporation) C:\windows\system32\WordBreakers.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000038912 _____ (Microsoft Corporation) C:\windows\SysWOW64\werdiagcontroller.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000038400 _____ (Microsoft Corporation) C:\windows\SysWOW64\mcicda.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000034304 _____ (Microsoft Corporation) C:\windows\system32\mciwave.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000030208 _____ (Microsoft Corporation) C:\windows\system32\mciseq.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000029696 _____ (Microsoft Corporation) C:\windows\system32\nlmproxy.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000028672 _____ (Microsoft Corporation) C:\windows\system32\WaaSMedicPS.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000027648 _____ (Microsoft Corporation) C:\windows\SysWOW64\mciwave.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000027648 _____ (Microsoft Corporation) C:\windows\system32\lstelemetry.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000024064 _____ (Microsoft Corporation) C:\windows\SysWOW64\mciseq.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000021304 _____ (Microsoft Corporation) C:\windows\system32\kdhvcom.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000019768 _____ (Microsoft Corporation) C:\windows\system32\ResetEngine.exe
2020-01-31 14:29 - 2020-01-31 14:29 - 000017920 _____ (Microsoft Corporation) C:\windows\system32\bindflt.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000017408 _____ (Microsoft Corporation) C:\windows\system32\nlmsprep.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000015360 _____ (Microsoft Corporation) C:\windows\system32\msfeedssync.exe
2020-01-31 14:29 - 2020-01-31 14:29 - 000013824 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedssync.exe
2020-01-31 14:29 - 2020-01-31 14:29 - 000000315 _____ C:\windows\system32\DrtmAuth9.bin
2020-01-31 14:29 - 2020-01-31 14:29 - 000000315 _____ C:\windows\system32\DrtmAuth8.bin
2020-01-31 14:29 - 2020-01-31 14:29 - 000000315 _____ C:\windows\system32\DrtmAuth7.bin
2020-01-31 14:29 - 2020-01-31 14:29 - 000000315 _____ C:\windows\system32\DrtmAuth6.bin
2020-01-31 14:29 - 2020-01-31 14:29 - 000000315 _____ C:\windows\system32\DrtmAuth5.bin
2020-01-31 14:29 - 2020-01-31 14:29 - 000000315 _____ C:\windows\system32\DrtmAuth4.bin
2020-01-31 14:29 - 2020-01-31 14:29 - 000000315 _____ C:\windows\system32\DrtmAuth3.bin
2020-01-31 14:29 - 2020-01-31 14:29 - 000000315 _____ C:\windows\system32\DrtmAuth2.bin
2020-01-31 14:29 - 2020-01-31 14:29 - 000000315 _____ C:\windows\system32\DrtmAuth12.bin
2020-01-31 14:29 - 2020-01-31 14:29 - 000000315 _____ C:\windows\system32\DrtmAuth11.bin
2020-01-31 14:29 - 2020-01-31 14:29 - 000000315 _____ C:\windows\system32\DrtmAuth10.bin
2020-01-31 14:29 - 2020-01-31 14:29 - 000000315 _____ C:\windows\system32\DrtmAuth1.bin
2020-01-31 14:28 - 2020-01-31 14:28 - 000437776 _____ (Microsoft Corporation) C:\windows\system32\Drivers\pci.sys
2020-01-31 14:28 - 2020-01-31 14:28 - 000296760 _____ (Microsoft Corporation) C:\windows\system32\Drivers\sdbus.sys
2020-01-31 14:28 - 2020-01-31 14:28 - 000194064 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dumpsd.sys
2020-01-31 14:28 - 2020-01-31 14:28 - 000089912 _____ (Microsoft Corporation) C:\windows\system32\Drivers\volmgr.sys
2020-01-31 14:09 - 2019-12-09 04:48 - 000510160 _____ C:\windows\system32\Drivers\dsp_fw_release.bin
2020-01-28 09:29 - 2020-01-28 09:29 - 002203057 _____ C:\Users\cruss\Downloads\efx556i_owners_manual.pdf
2020-01-27 11:08 - 2020-01-27 11:08 - 003198862 _____ C:\Users\cruss\Downloads\Service_Manual-_C556i_Self_Powered_EFX.pdf
2020-01-23 14:51 - 2020-01-23 14:51 - 001624995 _____ C:\Users\cruss\Downloads\Properties for Lease.pdf
2020-01-22 13:35 - 2020-01-22 13:35 - 000122571 _____ C:\Users\cruss\Downloads\2020-Midyear-Governance-Meetings-1-15-20.pdf
2020-01-21 10:12 - 2020-01-31 13:22 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-01-20 09:57 - 2020-01-20 09:57 - 000000000 ____D C:\Program Files (x86)\PowerPoint Alchemy
2020-01-15 10:26 - 2020-01-15 10:26 - 025900032 _____ (Microsoft Corporation) C:\windows\system32\edgehtml.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 019849216 _____ (Microsoft Corporation) C:\windows\SysWOW64\edgehtml.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 008012800 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 007016448 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 003263488 _____ (Microsoft Corporation) C:\windows\system32\tquery.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 002870784 _____ (Microsoft Corporation) C:\windows\system32\mssrch.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 002716672 _____ (Microsoft Corporation) C:\windows\system32\win32kbase.sys
2020-01-15 10:26 - 2020-01-15 10:26 - 002561536 _____ (Microsoft Corporation) C:\windows\SysWOW64\tquery.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 002473976 _____ (Microsoft Corporation) C:\windows\system32\twinapi.appcore.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 002305536 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssrch.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 001985928 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinapi.appcore.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 001835008 _____ (Microsoft Corporation) C:\windows\system32\enterprisecsps.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 001697280 _____ (Microsoft Corporation) C:\windows\system32\GdiPlus.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 001664896 _____ (Microsoft Corporation) C:\windows\SysWOW64\user32.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 001655880 _____ (Microsoft Corporation) C:\windows\system32\user32.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 001458688 _____ (Microsoft Corporation) C:\windows\SysWOW64\GdiPlus.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 001330952 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 001106944 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.Streaming.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 001098720 _____ (Microsoft Corporation) C:\windows\system32\DolbyDecMFT.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 001020032 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000921600 _____ (Microsoft Corporation) C:\windows\system32\Windows.Internal.Management.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000896512 _____ (Microsoft Corporation) C:\windows\system32\MdmDiagnostics.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000852480 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.Streaming.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000851456 _____ (Microsoft Corporation) C:\windows\system32\SearchIndexer.exe
2020-01-15 10:26 - 2020-01-15 10:26 - 000842752 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000689664 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000678712 _____ (Microsoft Corporation) C:\windows\system32\StructuredQuery.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000673792 _____ (Microsoft Corporation) C:\windows\system32\wiaaut.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000671232 _____ (Microsoft Corporation) C:\windows\system32\wiaservc.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000670720 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchIndexer.exe
2020-01-15 10:26 - 2020-01-15 10:26 - 000646144 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Internal.Management.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000571392 _____ (Microsoft Corporation) C:\windows\SysWOW64\wiaaut.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000542496 _____ (Microsoft Corporation) C:\windows\SysWOW64\StructuredQuery.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000432256 _____ (Microsoft Corporation) C:\windows\system32\tsmf.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000401408 _____ (Microsoft Corporation) C:\windows\system32\SearchProtocolHost.exe
2020-01-15 10:26 - 2020-01-15 10:26 - 000400696 _____ (Microsoft Corporation) C:\windows\system32\Drivers\clfs.sys
2020-01-15 10:26 - 2020-01-15 10:26 - 000392192 _____ (Microsoft Corporation) C:\windows\system32\Search.ProtocolHandler.MAPI2.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000379392 _____ (Microsoft Corporation) C:\windows\system32\provengine.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000368128 _____ (Microsoft Corporation) C:\windows\system32\mssvp.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000363840 _____ (Microsoft Corporation) C:\windows\SysWOW64\tsmf.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000336384 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchProtocolHost.exe
2020-01-15 10:26 - 2020-01-15 10:26 - 000329216 _____ (Microsoft Corporation) C:\windows\system32\DiagnosticLogCSP.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000321536 _____ (Microsoft Corporation) C:\windows\system32\sti.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000317440 _____ (Microsoft Corporation) C:\windows\system32\ConhostV1.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000299520 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssvp.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000294400 _____ (Microsoft Corporation) C:\windows\system32\provops.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000283136 _____ (Microsoft Corporation) C:\windows\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000271872 _____ (Microsoft Corporation) C:\windows\system32\provhandlers.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000240640 _____ (Microsoft Corporation) C:\windows\system32\SearchFilterHost.exe
2020-01-15 10:26 - 2020-01-15 10:26 - 000233472 _____ (Microsoft Corporation) C:\windows\system32\KnobsCore.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000232448 _____ (Microsoft Corporation) C:\windows\system32\provisioningcsp.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000227840 _____ (Microsoft Corporation) C:\windows\SysWOW64\sti.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000211968 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchFilterHost.exe
2020-01-15 10:26 - 2020-01-15 10:26 - 000206336 _____ (Microsoft Corporation) C:\windows\system32\sti_ci.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000204800 _____ (Microsoft Corporation) C:\windows\system32\mssph.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000162696 _____ (Microsoft Corporation) C:\windows\system32\dmcmnutils.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000160768 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssph.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000148992 _____ (Microsoft Corporation) C:\windows\system32\MDMAppInstaller.exe
2020-01-15 10:26 - 2020-01-15 10:26 - 000147456 _____ (Microsoft Corporation) C:\windows\system32\mssprxy.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000145920 _____ (Microsoft Corporation) C:\windows\system32\wiadss.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000132096 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tsusbhub.sys
2020-01-15 10:26 - 2020-01-15 10:26 - 000128512 _____ (Microsoft Corporation) C:\windows\system32\mssitlb.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000127520 _____ (Microsoft Corporation) C:\windows\SysWOW64\dmcmnutils.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000123904 _____ (Microsoft Corporation) C:\windows\system32\cryptcatsvc.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000120320 _____ (Microsoft Corporation) C:\windows\system32\KnobsCsp.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000119808 _____ (Microsoft Corporation) C:\windows\SysWOW64\wiadss.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000113152 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssitlb.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000102400 _____ (Microsoft Corporation) C:\windows\system32\NFCProvisioningPlugin.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000097280 _____ (Microsoft Corporation) C:\windows\system32\provdatastore.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000091136 _____ (Microsoft Corporation) C:\windows\system32\ProvPluginEng.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000090624 _____ (Microsoft Corporation) C:\windows\system32\tsgqec.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000088576 _____ (Microsoft Corporation) C:\windows\system32\BarcodeProvisioningPlugin.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000084480 _____ (Microsoft Corporation) C:\windows\system32\enterpriseresourcemanager.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000083968 _____ (Microsoft Corporation) C:\windows\system32\wiarpc.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000083456 _____ (Microsoft Corporation) C:\windows\system32\provtool.exe
2020-01-15 10:26 - 2020-01-15 10:26 - 000083456 _____ (Microsoft Corporation) C:\windows\system32\clfsw32.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000070144 _____ (Microsoft Corporation) C:\windows\SysWOW64\tsgqec.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000066560 _____ (Microsoft Corporation) C:\windows\SysWOW64\clfsw32.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000066048 _____ (Microsoft Corporation) C:\windows\SysWOW64\enterpriseresourcemanager.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000066048 _____ (Microsoft Corporation) C:\windows\system32\RemovableMediaProvisioningPlugin.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssprxy.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000060416 _____ (Microsoft Corporation) C:\windows\system32\msscntrs.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000046080 _____ (Microsoft Corporation) C:\windows\SysWOW64\msscntrs.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000033792 _____ (Microsoft Corporation) C:\windows\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000018432 _____ (Microsoft Corporation) C:\windows\system32\wiatrace.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000015360 _____ (Microsoft Corporation) C:\windows\SysWOW64\wiatrace.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000010752 _____ (Microsoft Corporation) C:\windows\system32\DMAlertListener.ProxyStub.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\DMAlertListener.ProxyStub.dll
2020-01-15 10:21 - 2019-12-10 00:15 - 000492544 _____ (Microsoft Corporation) C:\windows\system32\poqexec.exe
2020-01-15 10:21 - 2019-12-09 23:59 - 000390656 _____ (Microsoft Corporation) C:\windows\SysWOW64\poqexec.exe
2020-01-13 16:09 - 2018-05-01 13:49 - 000001814 _____ C:\Users\cruss\OneDrive\Documents\SecurityCmdLnApp_LogFile-CarlsHomeoffice.txt
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-02-11 14:48 - 2019-03-18 23:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-02-11 14:22 - 2019-11-03 16:46 - 000000000 ____D C:\Users\cruss\AppData\LocalLow\Mozilla
2020-02-11 13:50 - 2019-11-04 06:14 - 000000000 ____D C:\Users\cruss\AppData\Local\D487A5E3-E2FE-4498-95A4-B00B23AF4194.aplzod
2020-02-11 13:50 - 2019-11-03 14:02 - 000000000 ____D C:\Users\cruss\OneDrive\Documents\Outlook Files
2020-02-11 13:45 - 2019-11-03 13:58 - 000000000 ____D C:\Users\cruss\AppData\Local\Packages
2020-02-11 13:45 - 2019-03-18 23:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-02-11 13:45 - 2019-03-18 23:52 - 000000000 ____D C:\windows\AppReadiness
2020-02-11 13:41 - 2019-09-03 18:47 - 000986294 _____ C:\windows\system32\PerfStringBackup.INI
2020-02-11 13:40 - 2019-03-18 23:50 - 000000000 ____D C:\windows\INF
2020-02-11 13:35 - 2019-11-03 21:59 - 000000000 ____D C:\Users\cruss\AppData\Local\AVAST Software
2020-02-11 13:34 - 2019-11-04 06:14 - 000000000 ___RD C:\Users\cruss\iCloudDrive
2020-02-11 13:34 - 2019-11-03 14:00 - 000000000 ___RD C:\Users\cruss\OneDrive
2020-02-11 13:33 - 2019-11-03 22:10 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2020-02-11 13:33 - 2019-11-03 14:16 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-02-11 13:33 - 2019-11-03 13:58 - 000000000 __SHD C:\Users\cruss\IntelGraphicsProfiles
2020-02-11 13:33 - 2019-10-07 15:02 - 000000000 ____D C:\Intel
2020-02-11 13:33 - 2019-09-03 18:39 - 000000006 ____H C:\windows\Tasks\SA.DAT
2020-02-11 13:33 - 2019-03-18 23:52 - 000000000 ____D C:\windows\system32\WinBioDatabase
2020-02-11 13:33 - 2019-03-18 23:37 - 000786432 _____ C:\windows\system32\config\BBI
2020-02-11 13:06 - 2019-03-18 23:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-02-11 13:04 - 2019-09-03 18:48 - 000000000 ____D C:\Program Files\Microsoft Office
2020-02-11 12:45 - 2019-11-03 14:16 - 000000000 ____D C:\Users\cruss\AppData\Roaming\TeamViewer
2020-02-11 12:35 - 2019-09-03 18:39 - 000000000 ____D C:\windows\system32\SleepStudy
2020-02-11 12:29 - 2019-03-18 23:52 - 000000000 ___HD C:\windows\ELAMBKUP
2020-02-11 12:25 - 2019-11-13 16:17 - 000000000 ____D C:\Users\cruss\AppData\Local\CrashDumps
2020-02-11 11:28 - 2019-11-03 17:09 - 000000938 _____ C:\windows\Tasks\DropboxUpdateTaskMachineUA.job
2020-02-11 11:28 - 2019-11-03 17:09 - 000000934 _____ C:\windows\Tasks\DropboxUpdateTaskMachineCore.job
2020-02-11 11:19 - 2019-11-03 14:10 - 000004168 _____ C:\windows\system32\Tasks\User_Feed_Synchronization-{7EA3E303-AC99-4D7B-B3DC-AF46E45FE8F3}
2020-02-11 11:13 - 2019-11-05 12:54 - 000002556 _____ C:\windows\system32\Tasks\SoftwareInformerService
2020-02-11 11:13 - 2019-11-04 06:14 - 000002644 _____ C:\windows\system32\Tasks\Apple Diagnostics
2020-02-11 11:13 - 2019-11-03 21:57 - 000000000 ____D C:\windows\system32\Tasks\Avast Software
2020-02-11 11:13 - 2019-11-03 21:55 - 000003194 _____ C:\windows\system32\Tasks\CCleaner Update
2020-02-11 11:13 - 2019-11-03 21:55 - 000002238 _____ C:\windows\system32\Tasks\CCleanerSkipUAC
2020-02-11 11:13 - 2019-11-03 21:21 - 000003348 _____ C:\windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-02-11 11:13 - 2019-11-03 21:21 - 000003124 _____ C:\windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-02-11 11:13 - 2019-11-03 17:09 - 000003452 _____ C:\windows\system32\Tasks\DropboxUpdateTaskMachineUA
2020-02-11 11:13 - 2019-11-03 17:09 - 000003228 _____ C:\windows\system32\Tasks\DropboxUpdateTaskMachineCore
2020-02-11 11:13 - 2019-11-03 14:00 - 000002862 _____ C:\windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3941208988-4064051922-1525667148-1001
2020-02-11 11:13 - 2019-10-07 15:02 - 000002856 _____ C:\windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3941208988-4064051922-1525667148-500
2020-02-11 10:55 - 2019-03-18 23:52 - 000000000 ____D C:\windows\system32\NDF
2020-02-10 14:21 - 2019-12-09 11:31 - 000000000 ____D C:\Users\cruss\AppData\Local\cache
2020-02-10 14:17 - 2019-03-18 23:52 - 000000000 ____D C:\windows\system32\WinBioPlugIns
2020-02-07 15:26 - 2019-11-03 22:01 - 000153312 _____ (Malwarebytes) C:\windows\system32\Drivers\mbae64.sys
2020-02-07 13:53 - 2019-11-03 21:57 - 000004264 _____ C:\windows\system32\Tasks\Avast Emergency Update
2020-02-06 15:52 - 2019-11-03 21:22 - 000002311 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-02-06 15:52 - 2019-11-03 21:22 - 000002270 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-02-06 15:52 - 2019-11-03 21:22 - 000002270 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-02-06 10:59 - 2019-11-03 14:00 - 000002377 _____ C:\Users\cruss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-02-05 15:23 - 2019-11-03 17:09 - 000000000 ____D C:\Program Files (x86)\Dropbox
2020-02-01 12:46 - 2019-11-03 19:22 - 000000000 ____D C:\windows\Firmware
2020-01-31 14:41 - 2019-11-03 13:58 - 000000000 ___RD C:\Users\cruss\3D Objects
2020-01-31 14:41 - 2019-09-03 19:01 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-01-31 14:40 - 2019-09-03 18:39 - 000482608 _____ C:\windows\system32\FNTCACHE.DAT
2020-01-31 14:33 - 2019-03-18 23:52 - 000000000 ___RD C:\windows\ImmersiveControlPanel
2020-01-31 14:33 - 2019-03-18 23:52 - 000000000 ____D C:\windows\SystemResources
2020-01-31 14:33 - 2019-03-18 23:52 - 000000000 ____D C:\windows\system32\PerceptionSimulation
2020-01-31 14:33 - 2019-03-18 23:52 - 000000000 ____D C:\windows\ShellExperiences
2020-01-31 14:33 - 2019-03-18 23:52 - 000000000 ____D C:\windows\bcastdvr
2020-01-31 14:31 - 2019-03-18 23:37 - 000000000 ____D C:\windows\CbsTemp
2020-01-31 14:10 - 2019-09-03 18:23 - 000000000 ____D C:\windows\system32\Intel
2020-01-31 13:22 - 2019-11-03 16:46 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-01-31 12:27 - 2019-11-08 17:03 - 000000000 ____D C:\Users\cruss\AppData\Local\ElevatedDiagnostics
2020-01-29 23:08 - 2019-11-03 21:38 - 000000000 ____D C:\Users\cruss\AppData\Roaming\Dashlane
2020-01-28 19:21 - 2019-11-03 14:00 - 000000000 ____D C:\Users\cruss\AppData\Local\PlaceholderTileLogoFolder
2020-01-22 09:08 - 2019-11-03 16:46 - 000001015 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-01-21 13:10 - 2019-11-03 17:49 - 000000000 ____D C:\Users\cruss\AppData\Local\Deployment
2020-01-20 13:59 - 2020-01-09 12:18 - 000000000 ____D C:\Users\cruss\AppData\Roaming\Mimecast
2020-01-20 13:42 - 2019-11-06 14:02 - 000000000 ____D C:\Program Files\Family Tree Maker 2017
2020-01-17 09:31 - 2019-11-03 21:21 - 000000000 ____D C:\Program Files (x86)\Google
2020-01-15 10:51 - 2019-03-18 23:52 - 000000000 ___SD C:\windows\system32\UNP
2020-01-15 10:30 - 2019-11-03 19:20 - 000000000 ____D C:\windows\system32\MRT
2020-01-15 10:28 - 2019-11-03 19:20 - 120202352 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
 
==================== Files in the root of some directories ========
 
2019-11-08 17:11 - 2019-11-08 17:16 - 000044097 __RSH () C:\Program Files (x86)\DLS8Uninstall.log
2019-11-03 17:24 - 2019-11-03 17:24 - 035552512 _____ (Swiftpage Act! LLC                                          ) C:\Users\cruss\AppData\Roaming\act2000update9ss.exe
2019-11-03 17:33 - 2019-12-17 09:43 - 000000067 ____H () C:\Users\cruss\AppData\Roaming\ActUpdate.log
2019-11-05 11:57 - 2019-11-05 12:05 - 000001752 _____ () C:\Users\cruss\AppData\Roaming\HP10bII+State.bin
2019-11-03 17:30 - 2019-11-03 17:30 - 000032305 _____ () C:\Users\cruss\AppData\Roaming\NGEN_AppLog_Install.txt
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ========================
 
 
Result of Security Analysis by Rocket Grannie (x86) Updated: 12th, January 2020
Running from:C:\Users\cruss\OneDrive\Documents\Downloads (14:57:17 - 02/11/2020)
***---------------------------------------------------------***
Microsoft Windows 10 Pro X64
UAC is Enabled
Internet Explorer 11
Default Browser: Firefox
***------------Antivirus - Antispyware - Firewall-----------***
Sophos Home (Enabled - up to Date)
Avast Antivirus (Enabled - up to Date)
Windows Defender (Disabled - up to Date)
Malwarebytes (Enabled - up to Date)
Avast Antivirus Firewall (Enabled)
***-------Security Programs - Browsers - Miscellaneous------***
Adobe Flash Player NPAPI is not installed
CCleaner (5.63)
Google Chrome (80.0.3987.87)
HitmanPro (3.7.15.446) ==> is out of Date
Malwarebytes (4.0.4.49)
Mozilla Firefox (72.0.2)
Spybot - Search & Destroy (2.7.64.0)
 
***----------------Analysis Complete-------------------------***
 
 

 



#2 Carlgrus

Carlgrus

    Advanced Member

  • Full Member
  • PipPipPip
  • 130 posts

Posted 11 February 2020 - 02:38 PM

I also wanted to tell you that the only way I was able to run the above utilities was:  I have Avast Secure Browser, it’s the only way I could gain access to the Internet.  Neither Firefox, Google Chrome, or Internet Explorer works…and even on the Avast Browser, I can’t type anything, If I type the letter F for example, it’s another letter, and it never repeats itself, and it’s all over the map, so the only way I can give you these messages is to type them in Word and cut and paste them into the Reply section. 

 



#3 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,293 posts

Posted 12 February 2020 - 07:35 AM

Hello, Welcome to SpywareInfo.
I'm nasdaq and will be helping you.
 
If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===
 
Is this the same computer serviced under this topic?
 
Please delete the current version of the Farbar program.
Download and run this latest version from the owner's site.
 
Download the Farbar Recovery Scan Tool (FRST).
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
 
How to attach a file to your reply:
In the Reply section in the bottom of the topic Click the "more reply Options" button.
attachlogs.png
 
Attach the file.
Select the "Choose a File" navigate to the location of the File.
Click the file you wish to Attach.
Click Attach this file.
Click the Add reply button.
===
 
Please post the logs (FRST.txt and Addition.txt)  for my review.
 
Let me know what problems persists.
 
Wait for further instructions
===
 
--RogueKiller--


  •  






  • Quit all programs that you may have started.




  • Please disconnect any USB or external drives from the computer before you run this scan!




  • For Vista or above, right-click the program file and select "Run as Administrator"




  • Accept the user agreements.




  • Execute the scan and wait until it has finished.




  • If a Windows opens to explain what [PUM's] are, read about it.




  • Click the RoguKiller icon on your taksbar to return to the report.




  • Click open the Report




  • Click Export TXT button




  • Save the file as ReportRogue.txt




  • Click the Remove button to delete the items in RED  




  • Click Finish and close the program.




  • Locate the ReportRogue.txt file on your Desktop and copy/paste the contents in your next.


 
=======
 
Download   Farbar's Service Scanner utility
and Save to your Desktop.
If using Windows 7 or above, Right-Click on fss.exe and select Run As Administrator.
If using XP, double-click to start.
Answer Yes to ok when prompted.
If your firewall then puts out a prompt, again, allow it to run.
Once FSS is on-screen, be sure the following items are checkmarked:
Internet Services
Windows Firewall
System Restore
Security Center/Action Center
Windows Update
Windows Defender
Other Services
  
Click on "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.
Copy & Paste contents of FSS.txt into your reply.
===
 
PLease post/attach all the logs.

nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#4 Carlgrus

Carlgrus

    Advanced Member

  • Full Member
  • PipPipPip
  • 130 posts

Posted 12 February 2020 - 08:29 AM

No, this is not the same computer serviced under this topic.  This is my laptop at my office.  And the problems are:  None of my browser will open except for Avast Secure Browser.  Firefox, Google, or Internet Explorer will not open.  And in Avast Secure Brower, I cannot type this message.  When I type on the keyboard, different letters come out, not the letters I’m typing, and they keep changing.  So, the only way I can give you this message is to type it in Word, and cut and paste it in the Reply section.  .   I have attached the Farbar logs as instructed, the FRST.txt and the Addition.txt.  I am now running Rogue Killer and will do the Farbar Service Scanner and get the logs posted as well. 


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-02-2020
Ran by cruss (administrator) on DESKTOP-RA8BHB0 (Microsoft Corporation Surface Laptop 3) (12-02-2020 09:11:56)
Running from C:\Users\cruss\OneDrive\Desktop\Spyware Utilities
Loaded Profiles: cruss (Available Profiles: cruss)
Platform: Windows 10 Pro Version 1909 18363.628 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
() [File not signed] C:\Program Files (x86)\ACT\Act for Windows\Act.Outlook64.Service.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(AVAST Software s.r.o. -> ) C:\Program Files\AVAST Software\Avast\AvastNM.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.5.245.0\AvastBrowserCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.5.245.0\AvastBrowserCrashHandler64.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Dashlane USA, Inc. -> Dashlane, Inc.) C:\Users\cruss\AppData\Roaming\Dashlane\Dashlane.exe
(Dashlane USA, Inc. -> Dashlane, Inc.) C:\Users\cruss\AppData\Roaming\Dashlane\DashlanePlugin.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\90.4.307\QtWebEngineProcess.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\90.4.307\QtWebEngineProcess.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\80.0.3987.18\remoting_host.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\80.0.3987.18\remoting_host.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.442\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.442\GoogleCrashHandler64.exe
(Informer Technologies, Inc.) [File not signed] C:\Program Files\Software Informer\softinfo.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_4a3ae74cfa6c37d6\esif_uf.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_1cc7b402747a872f\igfxCUIServiceN.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_1cc7b402747a872f\igfxEMN.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_99f3effa9b6e163f\IntelCpHDCPSvc.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\GoToAssist Remote Support Customer\1673\g2ax_comm_customer.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\GoToAssist Remote Support Customer\1673\g2ax_service.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\GoToAssist Remote Support Customer\1673\g2ax_system_customer.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\GoToAssist Remote Support Customer\1673\g2ax_user_customer.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL12.ACT7\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\cruss\AppData\Local\Microsoft\OneDrive\19.232.1124.0005\FileCoAuth.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\cruss\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\SurfaceService.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19081.22010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\usocoreworker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\PlacesServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.18362.651_none_5f2896f458eff373\TiWorker.exe
(Microsoft) [File not signed] C:\Program Files (x86)\ACT\Act for Windows\Act.Server.Host.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Foundation) C:\Program Files\Mozilla Firefox\crashreporter.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\hdxsstm2.inf_amd64_f027fc76f26abb05\RtkAudUService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\hdxsstm2.inf_amd64_f027fc76f26abb05\RtkAudUService64.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Sanford, L.P. -> Sanford, L.P.) C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe
(Smart Sound Technology -> Intel) C:\Windows\System32\cAVS\IAS\IntelAudioService.exe
(Sophos Limited -> Sophos Limited) C:\Program Files (x86)\Sophos\Clean\SophosCleanM.exe
(Sophos Limited -> Sophos Limited) C:\Program Files (x86)\Sophos\Health\SophosHealth.exe
(Sophos Limited -> Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe
(Sophos Limited -> Sophos Limited) C:\Program Files\Sophos\Safestore\SophosSafestore64.exe
(Sophos Limited -> Sophos Limited) C:\Program Files\Sophos\Sophos Network Threat Protection\SntpService.exe
(Sophos Ltd -> Sophos Limited) C:\Program Files (x86)\Common Files\Sophos\Web Intelligence\swi_fc.exe
(Sophos Ltd -> Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe
(Sophos Ltd -> Sophos Limited) C:\Program Files (x86)\Sophos\Management Communications System\Endpoint\McsAgent.exe
(Sophos Ltd -> Sophos Limited) C:\Program Files (x86)\Sophos\Management Communications System\Endpoint\McsClient.exe
(Sophos Ltd -> Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe
(Sophos Ltd -> Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe
(Sophos Ltd -> Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_filter.exe
(Sophos Ltd -> Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
(Sophos Ltd -> Sophos Limited) C:\Program Files\Sophos\Endpoint Defense\SEDService.exe
(Sophos Ltd -> Sophos Limited) C:\Program Files\Sophos\Endpoint Defense\SSPService.exe
(Sophos Ltd -> Sophos Limited) C:\Program Files\Sophos\Sophos File Scanner\SophosFileScanner.exe
(Sophos Ltd -> Sophos Limited) C:\Program Files\Sophos\Sophos File Scanner\SophosFileScanner.exe
(Sophos Ltd -> Sophos Limited) C:\Program Files\Sophos\Sophos File Scanner\SophosFS.exe
(Sophos Ltd -> SurfRight B.V.) C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
(Sophos Ltd -> SurfRight B.V.) C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
(Swiftpage ACT! LLC -> Swiftpage ACT! LLC) C:\Program Files (x86)\ACT\Act for Windows\Act!.exe
(Swiftpage ACT! LLC) [File not signed] C:\Program Files (x86)\ACT\Act for Windows\Act.Outlook.Service.exe
(TeamViewer GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtkAudUService] => C:\windows\System32\DriverStore\FileRepository\hdxsstm2.inf_amd64_f027fc76f26abb05\RtkAudUService64.exe [835872 2019-11-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [268680 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [6261760 2020-02-04] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [Act.Outlook.Service] => C:\Program Files (x86)\ACT\Act for Windows\Act.Outlook.Service.exe [18944 2017-09-24] (Swiftpage ACT! LLC) [File not signed]
HKLM-x32\...\Run: [Act.Outlook64.Service] => C:\Program Files (x86)\ACT\Act for Windows\Act.Outlook64.Service.exe [23552 2017-09-24] () [File not signed]
HKLM-x32\...\Run: [Act! Preloader] => C:\Program Files (x86)\ACT\Act for Windows\Act!.exe [272336 2019-10-01] (Swiftpage ACT! LLC -> Swiftpage ACT! LLC)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [6788032 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
HKLM-x32\...\Run: [Sophos Home UI] => C:\Program Files (x86)\Sophos\Sophos Home\SophosUI.exe [3630920 2020-01-15] (Sophos Ltd -> Sophos Limited)
HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\cruss\AppData\Local\Microsoft\Teams\Update.exe [1801840 2019-11-03] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Run: [Dashlane] => C:\Users\cruss\AppData\Roaming\Dashlane\Dashlane.exe [321536 2020-01-21] (Dashlane USA, Inc. -> Dashlane, Inc.)
HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Run: [DashlanePlugin] => C:\Users\cruss\AppData\Roaming\Dashlane\DashlanePlugin.exe [342528 2020-01-21] (Dashlane USA, Inc. -> Dashlane, Inc.)
HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Run: [AvastBrowserAutoLaunch_38E8DBE963846923F5008B0D528FC97A] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2015080 2019-11-04] (AVAST Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2019-10-25] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [68408 2019-10-25] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2019-10-25] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2019-10-25] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2019-10-25] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Run: [DymoQuickPrint] => C:\Program Files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe [1866544 2013-03-05] (Sanford, L.P. -> Sanford, L.P.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.100\Installer\chrmstp.exe [2020-02-11] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\77.2.2154.121\Installer\chrmstp.exe [2019-11-27] (AVAST Software s.r.o. -> AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Act! Integration.lnk [2019-11-03]
ShortcutTarget: Act! Integration.lnk -> C:\Program Files (x86)\ACT\Act for Windows\Act!.Integration.exe (Swiftpage ACT! LLC) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Snagit 9.lnk [2019-11-11]
ShortcutTarget: Snagit 9.lnk -> C:\Program Files (x86)\TechSmith\Snagit 9\Snagit32.exe (TechSmith Corporation -> TechSmith Corporation)
GroupPolicy: Restriction ? <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0565D503-41ED-405D-89F6-192A6930C1AA} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-11-03] (Dropbox, Inc -> Dropbox, Inc.)
Task: {07666173-3780-4E7D-8088-420A5C8E4109} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-11-03] (Google Inc -> Google LLC)
Task: {13A54AC0-0053-416B-89CD-E2E2787331A9} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [202392 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
Task: {197B9B27-3278-4BF3-A6BF-C1D9500E52CF} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24568904 2020-02-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {2699BFE8-133C-4FA4-A84E-38F20A0783BE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-11-03] (Google Inc -> Google LLC)
Task: {2A6199A1-F252-4C33-B4A4-5ECA328726AC} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [67896 2019-10-25] (Apple Inc. -> Apple Inc.)
Task: {2E8ABB52-80C1-4D48-AE5E-B37AB4F1E00A} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [6944304 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {33449590-A731-4A17-9083-5EA1A9E0D497} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [202392 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
Task: {368FEC66-27BD-41E3-BC1A-26BEBD11F6F7} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-11-03] (Dropbox, Inc -> Dropbox, Inc.)
Task: {47EF54CD-2D97-4406-8841-D4BDFBA251AC} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018616 2020-02-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {6A591A6D-BCD3-4CB4-8F1D-2D9FE4959393} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {6EB23BEE-7260-4989-90B1-C0B301287EE1} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2015080 2019-11-04] (AVAST Software s.r.o. -> AVAST Software)
Task: {7016C51D-5CC0-48AD-8F68-5038CE345B96} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158760 2020-02-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {7ACE9DAD-8BF7-4079-8594-9C959A60037E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {7DD42DBD-255C-47FC-B854-C045C60E1596} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2046040 2020-02-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {7E8BE533-885E-4635-BE76-93B3C41A65FA} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018616 2020-02-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {87BD8628-3366-49F5-ABFE-E10276366CA1} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1873288 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
Task: {8E6006E0-9E25-48F2-94F1-76A28B3DA319} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
Task: {93142CA3-3C0A-4BDB-8524-421373C6C6C2} - System32\Tasks\SoftwareInformerService => C:\Program Files\Software Informer\softinfo.exe [1689600 2018-01-31] (Informer Technologies, Inc.) [File not signed]
Task: {96B1C5BA-56E5-4ADD-B2F5-7621E9589006} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158760 2020-02-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {B39F47C6-C83B-49FD-9DD6-63F2EC5C7E16} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [7192192 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {C23E5BFD-9D64-4709-9493-C8F099A93292} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [7651984 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {CA7A5AF2-42EE-48B3-85F0-0BC677CFD4EB} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2015080 2019-11-04] (AVAST Software s.r.o. -> AVAST Software)
Task: {D6D8A6CE-4C04-44D7-9C6E-6280CB51EB4E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24568904 2020-02-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {F38202F4-04AF-48AD-9D41-659608E42722} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3933576 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc. -> Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1939fd7b-6712-4265-a4c3-e6b48f2ce4ff}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{e5e98d18-3337-4e3d-b67d-43a7156029e8}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
BHO: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files (x86)\TechSmith\Snagit 9\DLLx64\SnagitBHO64.dll [2009-10-15] (TechSmith Corporation -> TechSmith Corporation)
BHO-x32: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files (x86)\TechSmith\Snagit 9\SnagitBHO.dll [2009-10-15] (TechSmith Corporation -> TechSmith Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Act.UI.InternetExplorer.Plugins.AttachFile.CAttachFile -> {D5233FCD-D258-4903-89B8-FB1568E7413D} -> C:\Program Files (x86)\ACT\Act for Windows\Plugins\Act.UI.InternetExplorer.Plugins.AttachFile.DLL [2017-09-24] (Swiftpage ACT! LLC) [File not signed]
Toolbar: HKLM-x32 - Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 9\SnagitIEAddin.dll [2009-10-15] (TechSmith Corporation -> TechSmith Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-02-06] (Microsoft Corporation -> Microsoft Corporation)
 
Edge: 
======
DownloadDir: C:\Users\cruss\Downloads
 
FireFox:
========
FF DefaultProfile: g5xy1w6g.default
FF ProfilePath: C:\Users\cruss\AppData\Roaming\Mozilla\Firefox\Profiles\g5xy1w6g.default [2019-12-06]
FF Extension: (Avast Online Security) - C:\Users\cruss\AppData\Roaming\Mozilla\Firefox\Profiles\g5xy1w6g.default\Extensions\wrc@avast.com.xpi [2019-11-03]
FF ProfilePath: C:\Users\cruss\AppData\Roaming\Mozilla\Firefox\Profiles\kzf4eavb.default-release [2020-02-12]
FF Homepage: Mozilla\Firefox\Profiles\kzf4eavb.default-release -> hxxps://www.bing.com/?pc=U528
FF Notifications: Mozilla\Firefox\Profiles\kzf4eavb.default-release -> hxxps://www.loopnet.com
FF HomepageOverride: Mozilla\Firefox\Profiles\kzf4eavb.default-release -> Enabled: {3e06d96e-26f5-4a68-ac64-2b6bc583a35d}
FF Extension: (Facebook Container) - C:\Users\cruss\AppData\Roaming\Mozilla\Firefox\Profiles\kzf4eavb.default-release\Extensions\@contain-facebook.xpi [2019-11-03]
FF Extension: (Cisco Webex Extension) - C:\Users\cruss\AppData\Roaming\Mozilla\Firefox\Profiles\kzf4eavb.default-release\Extensions\ciscowebexstart1@cisco.com.xpi [2019-11-03]
FF Extension: (iCloud Bookmarks) - C:\Users\cruss\AppData\Roaming\Mozilla\Firefox\Profiles\kzf4eavb.default-release\Extensions\firefoxdav@icloud.com.xpi [2019-11-03]
FF Extension: (Dashlane) - C:\Users\cruss\AppData\Roaming\Mozilla\Firefox\Profiles\kzf4eavb.default-release\Extensions\jetpack-extension@dashlane.com.xpi [2020-02-10] [UpdateUrl:hxxps://ws1.dashlane.com/5/binaries/query?logins=&platform=firefox&target=ff_web_extension&format=json&version=]
FF Extension: (Bing Homepage and Search Engine) - C:\Users\cruss\AppData\Roaming\Mozilla\Firefox\Profiles\kzf4eavb.default-release\Extensions\{3e06d96e-26f5-4a68-ac64-2b6bc583a35d}.xpi [2019-11-07] [UpdateUrl:hxxps://browserdefaults.azurewebsites.net/FirefoxExtn/updateextension.json]
FF Extension: (Adblock Plus - free ad blocker) - C:\Users\cruss\AppData\Roaming\Mozilla\Firefox\Profiles\kzf4eavb.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-11-03]
FF HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Firefox\Extensions: [{442718d9-475e-452a-b3e1-fb1ee16b8e9f}] - C:\Users\cruss\AppData\Roaming\Dashlane\6.1946.0.26096\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f} => not found
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @dymo.com/DymoLabelFramework -> C:\Program Files (x86)\DYMO\DYMO Label Software\Framework\npDYMOLabelFramework.dll [2013-03-05] (Sanford, L.P. ->  Sanford L.P.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-3941208988-4064051922-1525667148-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\cruss\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2019-11-07] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
 
Chrome: 
=======
CHR Profile: C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default [2020-02-12]
CHR HomePage: Default -> hxxps://my.yahoo.com/?mkg=015
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR DefaultSearchURL: Default -> hxxps://ssl.gstatic.com/chromoting/chromoting_logo_512.png
CHR Extension: (Slides) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-11-03]
CHR Extension: (Docs) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-11-03]
CHR Extension: (Google Drive) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-11-03]
CHR Extension: (YouTube) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-11-03]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-11-03]
CHR Extension: (Chrome Remote Desktop) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\efmjfjelnicpmdcmfikempdhlmainjcb [2020-02-07]
CHR Extension: (Dashlane - Password Manager) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdjamakpfbbddfjaooikfcpapjohcfmg [2020-01-31]
CHR Extension: (Sheets) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-11-03]
CHR Extension: (Chrome Remote Desktop) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2019-11-03]
CHR Extension: (Google Docs Offline) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-09]
CHR Extension: (Chrome Remote Desktop) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2019-11-03]
CHR Extension: (Disconnect) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo [2019-11-03]
CHR Extension: (Cisco Webex Extension) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2019-11-03]
CHR Extension: (Chrome Web Store Payments) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-11-03]
CHR Extension: (Gmail) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-11-03]
CHR Extension: (Chrome Media Router) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-02-07]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 Act! Scheduler; C:\Program Files (x86)\ACT\Act for Windows\Act.Scheduler.exe [90112 2017-09-24] (Swiftpage ACT! LLC) [File not signed]
R2 ActService; C:\Program Files (x86)\ACT\Act for Windows\Act.Server.Host.exe [27648 2017-09-24] (Microsoft) [File not signed]
R2 ActSmartTaskService; C:\Program Files (x86)\ACT\Act for Windows\Act.Server.Host.exe [27648 2017-09-24] (Microsoft) [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6259592 2019-12-19] (AVAST Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [202392 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [996880 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [417536 2019-12-06] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [202392 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\77.2.2154.121\elevation_service.exe [1117336 2019-11-04] (AVAST Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\80.0.3987.18\remoting_host.exe [73200 2019-12-17] (Google LLC -> Google Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11096432 2020-02-09] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-11-03] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-11-03] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\windows\system32\DbxSvc.exe [44552 2020-02-04] (Dropbox, Inc -> Dropbox, Inc.)
R2 DymoPnpService; C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe [33072 2013-03-05] (Sanford, L.P. -> Sanford, L.P.)
R2 esifsvc; C:\windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_4a3ae74cfa6c37d6\esif_uf.exe [2141064 2019-06-21] (Intel Corporation -> Intel Corporation)
R2 GoToAssist Remote Support Customer; C:\Program Files (x86)\GoToAssist Remote Support Customer\1673\g2ax_service.exe [609552 2020-02-11] (LogMeIn, Inc. -> LogMeIn, Inc.)
R2 hmpalertsvc; C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe [4761296 2019-10-29] (Sophos Ltd -> SurfRight B.V.)
R2 igfxCUIService2.0.0.0; C:\windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_1cc7b402747a872f\igfxCUIServiceN.exe [396848 2019-12-23] (Intel® pGFX -> Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_50ab1659f9152c0f\lib\SocketHeciServer.exe [877024 2019-10-11] (Intel® Trust Services -> Intel® Corporation)
S2 Intel® TPM Provisioning Service; C:\windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_50ab1659f9152c0f\lib\TPMProvisioningService.exe [806880 2019-10-11] (Intel® Trust Services -> Intel® Corporation)
R2 IntelAudioService; C:\windows\system32\cAVS\IAS\IntelAudioService.exe [398504 2019-12-09] (Smart Sound Technology -> Intel)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6960640 2019-12-09] (Malwarebytes Inc -> Malwarebytes)
R2 MSSQL$ACT7; C:\Program Files\Microsoft SQL Server\MSSQL12.ACT7\MSSQL\Binn\sqlservr.exe [370368 2014-02-21] (Microsoft Corporation -> Microsoft Corporation)
R2 RtkAudioUniversalService; C:\windows\System32\DriverStore\FileRepository\hdxsstm2.inf_amd64_f027fc76f26abb05\RtkAudUService64.exe [835872 2019-11-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 SAVAdminService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe [305888 2019-04-18] (Sophos Ltd -> Sophos Limited)
R2 SAVService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe [224880 2019-04-18] (Sophos Ltd -> Sophos Limited)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3892256 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [3943664 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [233712 2018-02-06] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5796168 2019-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SntpService; C:\Program Files\Sophos\Sophos Network Threat Protection\SntpService.exe [1870264 2018-03-09] (Sophos Limited -> Sophos Limited)
R2 Sophos AutoUpdate Service; C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe [1202680 2019-03-05] (Sophos Ltd -> Sophos Limited)
R2 Sophos Clean Service; C:\Program Files (x86)\Sophos\Clean\SophosCleanM.exe [1189704 2018-09-27] (Sophos Limited -> Sophos Limited)
R2 Sophos Endpoint Defense Service; C:\Program Files\Sophos\Endpoint Defense\SEDService.exe [1803816 2019-11-04] (Sophos Ltd -> Sophos Limited)
R2 Sophos File Scanner Service; C:\Program Files\Sophos\Sophos File Scanner\SophosFS.exe [1761064 2019-02-04] (Sophos Ltd -> Sophos Limited)
R2 Sophos Health Service; C:\Program Files (x86)\Sophos\Health\SophosHealth.exe [1816176 2018-10-10] (Sophos Limited -> Sophos Limited)
R2 Sophos MCS Agent; C:\Program Files (x86)\Sophos\Management Communications System\Endpoint\McsAgent.exe [1344888 2019-05-30] (Sophos Ltd -> Sophos Limited)
R2 Sophos MCS Client; C:\Program Files (x86)\Sophos\Management Communications System\Endpoint\McsClient.exe [1830688 2019-05-30] (Sophos Ltd -> Sophos Limited)
R2 Sophos Safestore Service; C:\Program Files\Sophos\Safestore\SophosSafestore64.exe [786688 2018-09-27] (Sophos Limited -> Sophos Limited)
R2 Sophos System Protection Service; C:\Program Files\Sophos\Endpoint Defense\SSPService.exe [13235408 2019-11-04] (Sophos Ltd -> Sophos Limited)
R2 Sophos Web Control Service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe [360040 2019-04-18] (Sophos Limited -> Sophos Limited)
S4 SQLAgent$ACT7; C:\Program Files\Microsoft SQL Server\MSSQL12.ACT7\MSSQL\Binn\SQLAGENT.EXE [613056 2014-02-21] (Microsoft Corporation -> Microsoft Corporation)
R2 swi_filter; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_filter.exe [475264 2019-04-18] (Sophos Ltd -> Sophos Limited)
R2 swi_service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [3623400 2019-04-18] (Sophos Ltd -> Sophos Limited)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12758528 2019-12-16] (TeamViewer GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\NisSrv.exe [3201616 2019-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MsMpEng.exe [103168 2019-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AppleLowerFilter; C:\windows\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R1 aswArPot; C:\windows\System32\drivers\aswArPot.sys [204824 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\windows\System32\drivers\aswbidsdriver.sys [274456 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\windows\System32\drivers\aswbidsh.sys [209552 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\windows\System32\drivers\aswbuniv.sys [65120 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\windows\System32\drivers\aswElam.sys [16304 2019-11-03] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\windows\System32\drivers\aswKbd.sys [42736 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\windows\System32\drivers\aswMonFlt.sys [161544 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswNetSec; C:\windows\System32\drivers\aswNetSec.sys [552848 2019-12-06] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\windows\System32\drivers\aswRdr2.sys [110320 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\windows\System32\drivers\aswRvrt.sys [83792 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\windows\System32\drivers\aswSnx.sys [848432 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\windows\System32\drivers\aswSP.sys [460448 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\windows\System32\drivers\aswStm.sys [236024 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\windows\System32\drivers\aswVmm.sys [316528 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
S3 AX88772; C:\windows\System32\drivers\ax88772.sys [111616 2019-03-18] (Microsoft Windows -> ASIX Electronics Corp.)
R3 dptf_acpi; C:\windows\System32\DriverStore\FileRepository\dptf_acpi.inf_amd64_5989fd2721678bab\dptf_acpi.sys [77192 2019-06-22] (Intel Corporation -> Intel Corporation)
R3 dptf_cpu; C:\windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_4a3ae74cfa6c37d6\dptf_cpu.sys [74120 2019-06-21] (Intel Corporation -> Intel Corporation)
R3 esif_lf; C:\windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_4a3ae74cfa6c37d6\esif_lf.sys [408456 2019-06-21] (Intel Corporation -> Intel Corporation)
R1 ESProtectionDriver; C:\windows\system32\drivers\mbae64.sys [153312 2020-02-07] (Malwarebytes Corporation -> Malwarebytes)
R1 hmpalert; C:\windows\system32\drivers\hmpalert.sys [513104 2020-02-10] (Sophos Ltd -> SurfRight B.V.)
R3 iaLPSS2_GPIO2; C:\windows\System32\DriverStore\FileRepository\ialpss2_gpio2_icl.inf_amd64_5dfe4459ccf69034\iaLPSS2_GPIO2.sys [127888 2019-05-07] (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R3 iaLPSS2_I2C; C:\windows\System32\DriverStore\FileRepository\ialpss2_i2c_icl.inf_amd64_04e193b8806eca82\iaLPSS2_I2C.sys [197008 2019-05-07] (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 iaLPSS2_SPI; C:\windows\System32\DriverStore\FileRepository\ialpss2_spi_icl.inf_amd64_e5b8de383f9a8911\iaLPSS2_SPI.sys [156560 2019-05-07] (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R3 iaLPSS2_UART2; C:\windows\System32\DriverStore\FileRepository\ialpss2_uart2_icl.inf_amd64_2fd93d380196ad59\iaLPSS2_UART2.sys [309648 2019-08-09] (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R3 ibtusb; C:\windows\System32\DriverStore\FileRepository\ibtusb.inf_amd64_542e8c280c98b59f\ibtusb.sys [13916448 2019-07-11] (Intel® Wireless Connectivity Solutions -> Intel Corporation)
R3 igfxn; C:\windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_99f3effa9b6e163f\igdkmdn64.sys [21693488 2019-12-23] (Intel® pGFX -> Intel Corporation)
R3 IntcAudioBus; C:\windows\System32\DriverStore\FileRepository\intcaudiobus.inf_amd64_448c7d2e5e934dfc\IntcAudioBus.sys [290768 2019-12-09] (Smart Sound Technology -> Intel® Corporation)
R3 IntcAzAudAddService; C:\windows\System32\DriverStore\FileRepository\hdxsstm2.inf_amd64_f027fc76f26abb05\RTKVHD64.sys [7068664 2019-11-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R3 IntcOED; C:\windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_ff28ec604c64d76a\IntcOED.sys [1245648 2019-12-09] (Smart Sound Technology -> Intel® Corporation)
S3 libusb0; C:\windows\system32\DRIVERS\libusb0.sys [52832 2019-06-18] (Travis Lee Robinson -> hxxp://libusb-win32.sourceforge.net)
R2 MBAMChameleon; C:\windows\System32\Drivers\MbamChameleon.sys [214496 2020-02-07] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\windows\System32\DRIVERS\MbamElam.sys [20936 2019-12-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\windows\System32\DRIVERS\farflt.sys [226448 2020-02-11] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\windows\system32\DRIVERS\mbam.sys [73584 2020-02-11] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\windows\System32\Drivers\mbamswissarmy.sys [248968 2020-02-11] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\windows\system32\DRIVERS\mwac.sys [119960 2020-02-11] (Malwarebytes Inc -> Malwarebytes)
R3 MEIx64; C:\windows\System32\DriverStore\FileRepository\heci.inf_amd64_db60facf878d7699\x64\TeeDriverW8x64.sys [253840 2019-04-28] (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R3 Netwtw08; C:\windows\System32\drivers\Netwtw08.sys [9142776 2019-08-14] (Intel® Wireless Connectivity Solutions -> Intel Corporation)
S4 RsFx0300; C:\windows\System32\DRIVERS\RsFx0300.sys [247488 2014-02-21] (Microsoft Corporation -> Microsoft Corporation)
R3 rtux64w10; C:\windows\System32\drivers\rtux64w10.sys [576288 2019-06-26] (Realtek Semiconductor Corp. -> Realtek Corporation )
R1 SAVOnAccess; C:\windows\System32\DRIVERS\savonaccess.sys [204328 2019-04-18] (Sophos Limited -> Sophos Limited)
S3 sdcfilter; C:\windows\system32\DRIVERS\sdcfilter.sys [38144 2019-04-18] (Sophos Limited -> Sophos Limited)
R1 sntp; C:\windows\system32\DRIVERS\sntp.sys [125832 2018-03-09] (Sophos Limited -> Sophos Limited)
S0 Sophos ELAM; C:\windows\System32\DRIVERS\SophosEL.sys [20400 2019-11-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Sophos Limited)
R0 Sophos Endpoint Defense; C:\windows\System32\DRIVERS\SophosED.sys [930944 2019-11-04] (Sophos Ltd -> Sophos Limited)
S4 SophosBootDriver; C:\windows\system32\DRIVERS\SophosBootDriver.sys [45840 2019-04-18] (Sophos Limited -> Sophos Limited)
R3 SurfaceAcpiNotify; C:\windows\System32\drivers\SurfaceAcpiNotifyDriver.sys [281400 2019-08-23] (Microsoft Corporation -> Microsoft Corporation)
R3 SurfaceBattery; C:\windows\System32\drivers\SurfaceBattery.sys [308024 2019-08-23] (Microsoft Corporation -> Microsoft Corporation)
R3 SurfaceHidMini; C:\windows\System32\drivers\SurfaceHidMiniDriver.sys [272184 2019-08-23] (Microsoft Corporation -> Microsoft Corporation)
R3 SurfaceHotPlug; C:\windows\System32\drivers\SurfaceHotPlug.sys [337720 2019-08-23] (Microsoft Corporation -> Microsoft Corporation)
R3 SurfaceLightSensor; C:\windows\System32\drivers\SurfaceLightSensor.sys [228368 2019-09-26] (Microsoft Corporation -> Microsoft Corporation)
S3 SurfacePen217Integration; C:\windows\System32\drivers\SurfacePen217Integration.sys [35856 2019-08-10] (Microsoft Corporation -> Microsoft Corporation)
R3 SurfacePowerFilter; C:\windows\System32\DriverStore\FileRepository\surfacepowerfilter.inf_amd64_428a666856b52679\SurfacePowerFilter.sys [270136 2019-08-23] (Microsoft Corporation -> Microsoft Corporation)
R3 SurfacePowerTrackerCore; C:\windows\System32\drivers\SurfacePowerTrackerCore.sys [265520 2019-08-23] (Microsoft Corporation -> Microsoft Corporation)
R3 SurfaceSerialHubDriver; C:\windows\System32\drivers\SurfaceSerialHubDriver.sys [324624 2019-08-13] (Microsoft Corporation -> Microsoft Corporation)
R3 SurfaceTconDriver; C:\windows\System32\drivers\SurfaceTconDriver.sys [290616 2019-08-23] (Microsoft Corporation -> Microsoft Corporation)
R3 SurfaceUcmUcsiHidClient; C:\windows\System32\DriverStore\FileRepository\surfaceucmucsihidclient.inf_amd64_bed226a64c31fdb0\SurfaceUcmUcsiHidClient.sys [202040 2019-08-11] (Microsoft Corporation -> Microsoft Corporation)
R3 SurfaceVirtualFunctionEnum; C:\windows\System32\drivers\SurfaceVirtualFunctionEnum.sys [185360 2019-08-11] (Microsoft Corporation -> Microsoft Corporation)
R1 swi_callout; C:\windows\system32\DRIVERS\swi_callout.sys [47760 2019-04-18] (Sophos Limited -> Sophos Limited)
S3 WdBoot; C:\windows\system32\drivers\wd\WdBoot.sys [46472 2019-11-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\windows\system32\drivers\wd\WdFilter.sys [351968 2019-11-03] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\drivers\wd\WdNisDrv.sys [53984 2019-11-03] (Microsoft Windows -> Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ===================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-02-12 09:10 - 2020-01-16 00:07 - 000492544 _____ (Microsoft Corporation) C:\windows\system32\poqexec.exe
2020-02-12 09:10 - 2020-01-15 23:23 - 000390656 _____ (Microsoft Corporation) C:\windows\SysWOW64\poqexec.exe
2020-02-12 09:09 - 2020-02-12 09:09 - 000000000 ____D C:\Users\cruss\AppData\LocalLow\IGDump
2020-02-12 09:06 - 2020-02-12 09:06 - 000000000 ___HD C:\OneDriveTemp
2020-02-11 15:20 - 2020-02-11 15:20 - 000248968 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamswissarmy.sys
2020-02-11 15:20 - 2020-02-11 15:20 - 000226448 _____ (Malwarebytes) C:\windows\system32\Drivers\farflt.sys
2020-02-11 15:20 - 2020-02-11 15:20 - 000119960 _____ (Malwarebytes) C:\windows\system32\Drivers\mwac.sys
2020-02-11 15:20 - 2020-02-11 15:20 - 000073584 _____ (Malwarebytes) C:\windows\system32\Drivers\mbam.sys
2020-02-11 15:14 - 2020-02-11 15:14 - 000001976 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2020-02-11 15:14 - 2020-02-11 15:14 - 000001976 _____ C:\ProgramData\Desktop\HitmanPro.lnk
2020-02-11 15:14 - 2020-02-11 15:14 - 000000000 ____D C:\Program Files\HitmanPro
2020-02-11 15:12 - 2020-02-11 15:18 - 000000000 ____D C:\ProgramData\HitmanPro
2020-02-11 13:26 - 2020-02-11 13:26 - 000000928 _____ C:\Users\cruss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2020-02-11 13:26 - 2020-02-11 13:26 - 000000000 ____D C:\Users\cruss\AppData\Local\ESET
2020-02-11 13:07 - 2020-02-12 09:12 - 000000000 ____D C:\FRST
2020-02-11 12:40 - 2020-02-11 15:17 - 000012872 _____ (SurfRight B.V.) C:\windows\system32\bootdelete.exe
2020-02-11 12:31 - 2018-03-09 17:12 - 000125832 _____ (Sophos Limited) C:\windows\system32\Drivers\sntp.sys
2020-02-11 12:30 - 2019-04-18 08:27 - 000047760 _____ (Sophos Limited) C:\windows\system32\Drivers\swi_callout.sys
2020-02-11 12:30 - 2019-04-18 08:27 - 000044184 _____ (Sophos Limited) C:\windows\system32\SophosBootTasks.exe
2020-02-11 12:29 - 2020-02-11 12:29 - 000000000 ____D C:\Program Files\Common Files\Sophos
2020-02-11 12:29 - 2019-11-04 11:06 - 000930944 _____ (Sophos Limited) C:\windows\system32\Drivers\SophosED.sys
2020-02-11 12:29 - 2019-11-04 11:06 - 000048968 _____ (Sophos Limited) C:\windows\system32\SophosNA.exe
2020-02-11 12:29 - 2019-11-04 11:06 - 000039713 _____ C:\windows\system32\Drivers\SophosED.man
2020-02-11 12:29 - 2019-11-04 11:06 - 000020400 _____ (Sophos Limited) C:\windows\system32\Drivers\SophosEL.sys
2020-02-11 12:25 - 2020-02-11 12:25 - 000000214 _____ C:\Users\cruss\OneDrive\Documents\cc_20200211_122541.reg
2020-02-11 10:45 - 2020-02-11 10:45 - 000001599 _____ C:\Users\cruss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GoToAssist Customer.lnk
2020-02-11 10:45 - 2020-02-11 10:45 - 000000000 ____D C:\Program Files (x86)\GoToAssist Remote Support Customer
2020-02-11 09:50 - 2020-02-11 09:51 - 000004816 _____ C:\Users\cruss\OneDrive\Documents\cc_20200211_095052.reg
2020-02-10 14:44 - 2020-02-11 15:14 - 000057728 _____ C:\windows\system32\Drivers\hitmanpro37.sys
2020-02-10 14:35 - 2020-02-12 09:12 - 000000000 ____D C:\windows\CryptoGuard
2020-02-10 14:35 - 2020-02-10 14:35 - 000513104 _____ (SurfRight B.V.) C:\windows\system32\Drivers\hmpalert.sys
2020-02-10 14:34 - 2020-02-12 09:12 - 000000000 ____D C:\ProgramData\HitmanPro.Alert
2020-02-10 14:34 - 2020-02-11 12:30 - 000000000 ____D C:\windows\SysWOW64\SophosAV
2020-02-10 14:34 - 2020-02-11 12:30 - 000000000 ____D C:\windows\system32\SophosAV
2020-02-10 14:34 - 2020-02-10 14:35 - 000000000 ____D C:\Program Files (x86)\HitmanPro.Alert
2020-02-10 14:34 - 2020-02-10 14:34 - 001215072 _____ (SurfRight B.V.) C:\windows\system32\hmpalert.dll
2020-02-10 14:34 - 2020-02-10 14:34 - 001017184 _____ (SurfRight B.V.) C:\windows\SysWOW64\hmpalert.dll
2020-02-10 14:33 - 2020-02-11 12:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2020-02-10 14:32 - 2020-02-11 12:31 - 000000000 ____D C:\Program Files\Sophos
2020-02-10 14:32 - 2019-04-18 08:27 - 000204328 _____ (Sophos Limited) C:\windows\system32\Drivers\savonaccess.sys
2020-02-10 14:32 - 2019-04-18 08:27 - 000176120 _____ (Sophos Limited) C:\windows\system32\sdccoinstaller.dll
2020-02-10 14:32 - 2019-04-18 08:27 - 000045840 _____ (Sophos Limited) C:\windows\system32\Drivers\SophosBootDriver.sys
2020-02-10 14:32 - 2019-04-18 08:27 - 000038144 _____ (Sophos Limited) C:\windows\system32\Drivers\sdcfilter.sys
2020-02-10 14:29 - 2020-02-11 12:31 - 000000000 ____D C:\ProgramData\Sophos
2020-02-10 14:29 - 2020-02-11 12:30 - 000000000 ____D C:\Program Files (x86)\Sophos
2020-02-10 14:15 - 2020-02-10 14:16 - 000000000 ____D C:\AdwCleaner
2020-02-10 14:15 - 2020-02-10 14:15 - 008356016 _____ (Malwarebytes) C:\Users\cruss\Downloads\adwcleaner_8.0.2.exe
2020-02-07 15:27 - 2020-02-07 15:27 - 000214496 _____ (Malwarebytes) C:\windows\system32\Drivers\MbamChameleon.sys
2020-02-05 15:48 - 2020-02-05 15:48 - 004139319 _____ C:\Users\cruss\Downloads\Walgreens-Family-Dollar-Sublease-280-Broad-St-New-London-CT-06320-1.pdf
2020-02-05 15:23 - 2020-02-05 15:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2020-02-04 12:22 - 2020-02-04 12:22 - 002003694 _____ C:\Users\cruss\Downloads\Planned-Parenthood-617-Watertown-Ave-Waterbury-CT.pdf
2020-02-04 08:20 - 2020-02-04 08:20 - 000047600 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-stable.sys
2020-02-04 08:20 - 2020-02-04 08:20 - 000047600 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-dev.sys
2020-02-04 08:20 - 2020-02-04 08:20 - 000047600 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-canary.sys
2020-02-04 08:20 - 2020-02-04 08:20 - 000044552 _____ (Dropbox, Inc.) C:\windows\system32\DbxSvc.exe
2020-02-03 17:10 - 2020-01-02 10:05 - 000454656 ____R C:\windows\system32\Drivers\etc\hosts.20200203-171022.backup
2020-02-03 17:05 - 2020-02-03 17:05 - 000008866 _____ C:\Users\cruss\OneDrive\Documents\cc_20200203_170501.reg
2020-01-31 14:32 - 2020-01-31 14:32 - 000000000 ____D C:\Users\cruss\AppData\LocalLow\Intel
2020-01-31 14:31 - 2019-12-23 18:38 - 025076232 _____ (Intel Corporation) C:\windows\system32\mfxplugin64_hw.dll
2020-01-31 14:31 - 2019-12-23 18:38 - 011919368 _____ (Intel Corporation) C:\windows\SysWOW64\mfxplugin32_hw.dll
2020-01-31 14:31 - 2019-12-23 18:38 - 003013640 _____ (Intel Corporation) C:\windows\system32\mfx_mft_mjpgvd_64.dll
2020-01-31 14:31 - 2019-12-23 18:38 - 002439176 _____ (Intel Corporation) C:\windows\SysWOW64\mfx_mft_mjpgvd_32.dll
2020-01-31 14:31 - 2019-12-23 18:38 - 001087280 _____ C:\windows\system32\vulkan-1-999-0-0-0.dll
2020-01-31 14:31 - 2019-12-23 18:38 - 001087280 _____ C:\windows\system32\vulkan-1.dll
2020-01-31 14:31 - 2019-12-23 18:38 - 000944944 _____ C:\windows\SysWOW64\vulkan-1-999-0-0-0.dll
2020-01-31 14:31 - 2019-12-23 18:38 - 000944944 _____ C:\windows\SysWOW64\vulkan-1.dll
2020-01-31 14:31 - 2019-12-23 18:38 - 000862248 _____ C:\windows\system32\vulkaninfo-1-999-0-0-0.exe
2020-01-31 14:31 - 2019-12-23 18:38 - 000862248 _____ C:\windows\system32\vulkaninfo.exe
2020-01-31 14:31 - 2019-12-23 18:38 - 000720432 _____ C:\windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-01-31 14:31 - 2019-12-23 18:38 - 000720432 _____ C:\windows\SysWOW64\vulkaninfo.exe
2020-01-31 14:31 - 2019-12-23 18:38 - 000146952 _____ C:\windows\SysWOW64\libGLESv2.dll
2020-01-31 14:31 - 2019-12-23 18:38 - 000137736 _____ C:\windows\SysWOW64\libEGL.dll
2020-01-31 14:31 - 2019-12-23 18:38 - 000126472 _____ (Khronos Group) C:\windows\system32\OpenCL.dll
2020-01-31 14:31 - 2019-12-23 18:38 - 000120840 _____ C:\windows\SysWOW64\libGLESv1_CM.dll
2020-01-31 14:31 - 2019-12-23 18:38 - 000111624 _____ (Khronos Group) C:\windows\SysWOW64\OpenCL.dll
2020-01-31 14:31 - 2019-12-23 14:39 - 021448776 _____ (Intel Corporation) C:\windows\system32\libmfxhw64.dll
2020-01-31 14:31 - 2019-12-23 14:39 - 003218264 _____ (Intel Corporation) C:\windows\system32\mfx_mft_h265ve_64.dll
2020-01-31 14:31 - 2019-12-23 14:39 - 003212416 _____ (Intel Corporation) C:\windows\system32\mfx_mft_vp9ve_64.dll
2020-01-31 14:31 - 2019-12-23 14:39 - 003198816 _____ (Intel Corporation) C:\windows\system32\mfx_mft_h264ve_64.dll
2020-01-31 14:31 - 2019-12-23 14:39 - 002996064 _____ (Intel Corporation) C:\windows\system32\mfx_mft_encrypt_64.dll
2020-01-31 14:31 - 2019-12-23 14:39 - 002606104 _____ (Intel Corporation) C:\windows\SysWOW64\mfx_mft_h265ve_32.dll
2020-01-31 14:31 - 2019-12-23 14:39 - 002600984 _____ (Intel Corporation) C:\windows\SysWOW64\mfx_mft_vp9ve_32.dll
2020-01-31 14:31 - 2019-12-23 14:39 - 002591896 _____ (Intel Corporation) C:\windows\SysWOW64\mfx_mft_h264ve_32.dll
2020-01-31 14:31 - 2019-12-23 14:39 - 002435352 _____ (Intel Corporation) C:\windows\SysWOW64\mfx_mft_encrypt_32.dll
2020-01-31 14:31 - 2019-12-23 14:38 - 020346696 _____ (Intel Corporation) C:\windows\SysWOW64\libmfxhw32.dll
2020-01-31 14:31 - 2019-12-23 14:38 - 000212264 _____ (Intel Corporation) C:\windows\system32\intel_gfx_api-x64.dll
2020-01-31 14:31 - 2019-12-23 14:38 - 000183944 _____ (Intel Corporation) C:\windows\SysWOW64\intel_gfx_api-x86.dll
2020-01-31 14:31 - 2019-12-23 14:16 - 000072329 _____ C:\windows\SysWOW64\h265e_32.vp
2020-01-31 14:31 - 2019-12-23 14:16 - 000071888 _____ C:\windows\SysWOW64\vp9e_32.vp
2020-01-31 14:31 - 2019-12-23 14:16 - 000070661 _____ C:\windows\SysWOW64\he_32.vp
2020-01-31 14:31 - 2019-12-23 14:16 - 000066157 _____ C:\windows\SysWOW64\mj_32.vp
2020-01-31 14:31 - 2019-12-23 14:16 - 000057143 _____ C:\windows\SysWOW64\dev_32.vp
2020-01-31 14:31 - 2019-12-23 14:16 - 000056359 _____ C:\windows\system32\dev_64.vp
2020-01-31 14:31 - 2019-12-23 14:16 - 000014145 _____ C:\windows\system32\h265e_64.vp
2020-01-31 14:31 - 2019-12-23 14:16 - 000013996 _____ C:\windows\system32\vp9e_64.vp
2020-01-31 14:31 - 2019-12-23 14:16 - 000013581 _____ C:\windows\system32\he_64.vp
2020-01-31 14:31 - 2019-12-23 14:16 - 000013309 _____ C:\windows\system32\mj_64.vp
2020-01-31 14:31 - 2019-12-23 14:16 - 000001125 _____ C:\windows\SysWOW64\cpa_32.vp
2020-01-31 14:31 - 2019-12-23 14:16 - 000001125 _____ C:\windows\system32\cpa_64.vp
2020-01-31 14:29 - 2020-01-31 14:29 - 025444352 _____ (Microsoft Corporation) C:\windows\system32\Hydrogen.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 022635008 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 019812864 _____ (Microsoft Corporation) C:\windows\system32\HologramWorld.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 018026496 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 009926968 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2020-01-31 14:29 - 2020-01-31 14:29 - 007905208 _____ (Microsoft Corporation) C:\windows\system32\windows.storage.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 007754240 _____ (Microsoft Corporation) C:\windows\system32\Chakra.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 007600656 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.Protection.PlayReady.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 007263992 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 007259648 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 006516648 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 006435840 _____ (Microsoft Corporation) C:\windows\system32\twinui.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 006285312 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 006231200 _____ (Microsoft Corporation) C:\windows\system32\StartTileData.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 006167552 _____ (Microsoft Corporation) C:\windows\system32\twinui.pcshell.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 006083832 _____ (Microsoft Corporation) C:\windows\SysWOW64\windows.storage.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 005914112 _____ (Microsoft Corporation) C:\windows\SysWOW64\Chakra.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 005764664 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 005112320 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinui.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 004856832 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 004615376 _____ (Microsoft Corporation) C:\windows\explorer.exe
2020-01-31 14:29 - 2020-01-31 14:29 - 004470784 _____ (Microsoft Corporation) C:\windows\system32\InputService.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 004348616 _____ (Microsoft Corporation) C:\windows\system32\Windows.Mirage.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 004005888 _____ (Microsoft Corporation) C:\windows\system32\EdgeContent.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 003967888 _____ (Microsoft Corporation) C:\windows\SysWOW64\explorer.exe
2020-01-31 14:29 - 2020-01-31 14:29 - 003819008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 003729408 _____ (Microsoft Corporation) C:\windows\system32\win32kfull.sys
2020-01-31 14:29 - 2020-01-31 14:29 - 003703296 _____ (Microsoft Corporation) C:\windows\system32\AppXDeploymentServer.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 003591184 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys
2020-01-31 14:29 - 2020-01-31 14:29 - 003550208 _____ (Microsoft Corporation) C:\windows\system32\dwmcore.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 003372440 _____ (Microsoft Corporation) C:\windows\system32\combase.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 003243080 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Mirage.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 003110400 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 002988552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2020-01-31 14:29 - 2020-01-31 14:29 - 002801152 _____ (Microsoft Corporation) C:\windows\SysWOW64\win32kfull.sys
2020-01-31 14:29 - 2020-01-31 14:29 - 002773776 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 002766088 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 002703872 _____ (Microsoft Corporation) C:\windows\system32\WebRuntimeManager.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 002584008 _____ (Microsoft Corporation) C:\windows\SysWOW64\combase.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 002493928 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2vdec.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 002314952 _____ (Microsoft Corporation) C:\windows\SysWOW64\msmpeg2vdec.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 002284544 _____ (Microsoft Corporation) C:\windows\system32\AppXDeploymentExtensions.onecore.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 002260176 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 002225160 _____ (Microsoft Corporation) C:\windows\system32\ResetEngine.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 002125904 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 002084576 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 002071552 _____ (Microsoft Corporation) C:\windows\system32\ISM.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 002032128 _____ C:\windows\system32\rdpnano.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 001942016 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 001916744 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioEng.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 001858560 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 001841152 _____ C:\windows\system32\TextInputMethodFormatter.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 001835128 _____ (Microsoft Corporation) C:\windows\system32\mfsrcsnk.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 001757096 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2020-01-31 14:29 - 2020-01-31 14:29 - 001748480 _____ (Microsoft Corporation) C:\windows\system32\AppXDeploymentExtensions.desktop.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 001743672 _____ (Microsoft Corporation) C:\windows\system32\sppobjs.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 001726480 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 001693184 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 001610752 _____ (Microsoft Corporation) C:\windows\system32\HologramCompositor.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 001602560 _____ (Microsoft Corporation) C:\windows\system32\dosvc.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 001541632 _____ (Microsoft Corporation) C:\windows\system32\wbengine.exe
2020-01-31 14:29 - 2020-01-31 14:29 - 001512320 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2020-01-31 14:29 - 2020-01-31 14:29 - 001505280 _____ C:\windows\system32\FaceProcessor.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 001489064 _____ (Microsoft Corporation) C:\windows\system32\mfsvr.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 001480192 _____ (Microsoft Corporation) C:\windows\system32\usocoreworker.exe
2020-01-31 14:29 - 2020-01-31 14:29 - 001417760 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfsrcsnk.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 001413912 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 001412096 _____ (Microsoft Corporation) C:\windows\system32\SystemSettings.Handlers.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 001399304 _____ (Microsoft Corporation) C:\windows\system32\hvix64.exe
2020-01-31 14:29 - 2020-01-31 14:29 - 001394168 _____ (Microsoft Corporation) C:\windows\system32\WinTypes.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 001372160 _____ (Microsoft Corporation) C:\windows\system32\NotificationController.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 001366128 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2020-01-31 14:29 - 2020-01-31 14:29 - 001300280 _____ (Microsoft Corporation) C:\windows\system32\Drivers\http.sys
2020-01-31 14:29 - 2020-01-31 14:29 - 001283592 _____ (Microsoft Corporation) C:\windows\system32\SecConfig.efi
2020-01-31 14:29 - 2020-01-31 14:29 - 001283584 _____ (Microsoft Corporation) C:\windows\system32\werconcpl.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 001271592 _____ C:\windows\system32\FaceTrackerInternal.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 001214976 _____ (Microsoft Corporation) C:\windows\system32\reseteng.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 001182232 _____ (Microsoft Corporation) C:\windows\system32\winresume.exe
2020-01-31 14:29 - 2020-01-31 14:29 - 001170960 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 001154448 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 001151816 _____ (Microsoft Corporation) C:\windows\system32\mfmpeg2srcsnk.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 001149712 _____ (Microsoft Corporation) C:\windows\system32\ApplyTrustOffline.exe
2020-01-31 14:29 - 2020-01-31 14:29 - 001105776 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfsvr.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 001097216 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Immersive.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 001083904 _____ (Microsoft Corporation) C:\windows\system32\MusUpdateHandlers.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 001083392 _____ (Microsoft Corporation) C:\windows\system32\clusapi.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 001073168 _____ (Microsoft Corporation) C:\windows\system32\hvax64.exe
2020-01-31 14:29 - 2020-01-31 14:29 - 001051448 _____ (Microsoft Corporation) C:\windows\system32\pidgenx.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 001027000 _____ (Microsoft Corporation) C:\windows\system32\ClipSVC.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 001000960 _____ (Microsoft Corporation) C:\windows\system32\Windows.Mirage.Internal.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000974336 _____ (Microsoft Corporation) C:\windows\system32\uDWM.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000949248 _____ (Microsoft Corporation) C:\windows\system32\SecurityHealthSSO.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000928120 _____ (Microsoft Corporation) C:\windows\system32\SecurityHealthService.exe
2020-01-31 14:29 - 2020-01-31 14:29 - 000923136 _____ (Microsoft Corporation) C:\windows\system32\EdgeManager.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000916480 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Core.TextInput.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000913408 _____ (Microsoft Corporation) C:\windows\system32\rasmans.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000895488 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Immersive.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000892488 _____ (Microsoft Corporation) C:\windows\SysWOW64\WinTypes.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000891736 _____ (Microsoft Corporation) C:\windows\system32\ci.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000890368 _____ (Microsoft Corporation) C:\windows\system32\HolographicExtensions.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000875144 _____ (Microsoft Corporation) C:\windows\system32\wer.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000874512 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgmms2.sys
2020-01-31 14:29 - 2020-01-31 14:29 - 000864256 _____ (Microsoft Corporation) C:\windows\system32\netlogon.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000852480 _____ (Microsoft Corporation) C:\windows\system32\ieproxy.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000828216 _____ (Microsoft Corporation) C:\windows\system32\AppVClient.exe
2020-01-31 14:29 - 2020-01-31 14:29 - 000824848 _____ (Microsoft Corporation) C:\windows\system32\NetSetupEngine.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000805888 _____ (Microsoft Corporation) C:\windows\system32\cscui.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000805376 _____ (Microsoft Corporation) C:\windows\SysWOW64\clusapi.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000803840 _____ (Microsoft Corporation) C:\windows\system32\bisrv.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000788992 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000783480 _____ (Microsoft Corporation) C:\windows\system32\tcblaunch.exe
2020-01-31 14:29 - 2020-01-31 14:29 - 000768488 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000750080 _____ (Microsoft Corporation) C:\windows\system32\ActivationManager.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000749568 _____ (Microsoft Corporation) C:\windows\system32\FrameServer.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000747320 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000737280 _____ (Microsoft Corporation) C:\windows\system32\Windows.System.Launcher.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000735744 _____ (Microsoft Corporation) C:\windows\system32\AudioEndpointBuilder.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000732200 _____ (Microsoft Corporation) C:\windows\system32\SettingsHandlers_StorageSense.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000727040 _____ (Microsoft Corporation) C:\windows\system32\agentactivationruntime.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000716288 _____ (Microsoft Corporation) C:\windows\system32\agentactivationruntimewindows.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000704512 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.FileExplorer.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000701440 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Mirage.Internal.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000679160 _____ (Microsoft Corporation) C:\windows\SysWOW64\wer.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000673080 _____ (Microsoft Corporation) C:\windows\system32\comctl32.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000667136 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000667136 _____ (Microsoft Corporation) C:\windows\SysWOW64\EdgeManager.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\netlogon.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000661816 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys
2020-01-31 14:29 - 2020-01-31 14:29 - 000656984 _____ C:\windows\system32\FaceProcessorCore.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000642008 _____ (Microsoft Corporation) C:\windows\system32\TextInputFramework.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000637968 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys
2020-01-31 14:29 - 2020-01-31 14:29 - 000637440 _____ (Microsoft Corporation) C:\windows\system32\twinapi.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000623104 _____ (Microsoft Corporation) C:\windows\system32\resutils.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000617784 _____ (Microsoft Corporation) C:\windows\system32\hal.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000610816 _____ (Microsoft Corporation) C:\windows\system32\netprofmsvc.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000605184 _____ (Microsoft Corporation) C:\windows\system32\MusNotification.exe
2020-01-31 14:29 - 2020-01-31 14:29 - 000599552 _____ (Microsoft Corporation) C:\windows\SysWOW64\ActivationManager.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000598528 _____ (Microsoft Corporation) C:\windows\system32\webio.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000589592 _____ (Microsoft Corporation) C:\windows\system32\audiodg.exe
2020-01-31 14:29 - 2020-01-31 14:29 - 000587064 _____ (Microsoft Corporation) C:\windows\SysWOW64\NetSetupEngine.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000568120 _____ (Microsoft Corporation) C:\windows\SysWOW64\comctl32.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000558592 _____ (Microsoft Corporation) C:\windows\system32\SettingsHandlers_Notifications.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000550400 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2020-01-31 14:29 - 2020-01-31 14:29 - 000545432 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.MediaControl.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000536064 _____ (Microsoft Corporation) C:\windows\system32\usosvc.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000521728 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.System.Launcher.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000518184 _____ (Microsoft Corporation) C:\windows\system32\WerFault.exe
2020-01-31 14:29 - 2020-01-31 14:29 - 000516096 _____ (Microsoft Corporation) C:\windows\system32\MusNotificationUx.exe
2020-01-31 14:29 - 2020-01-31 14:29 - 000512000 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinapi.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000510768 _____ (Microsoft Corporation) C:\windows\system32\systemreset.exe
2020-01-31 14:29 - 2020-01-31 14:29 - 000500736 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2020-01-31 14:29 - 2020-01-31 14:29 - 000497152 _____ (Microsoft Corporation) C:\windows\system32\werui.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000490496 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.FileExplorer.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000486912 _____ (Microsoft Corporation) C:\windows\system32\puiobj.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000477496 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS
2020-01-31 14:29 - 2020-01-31 14:29 - 000476672 _____ (Microsoft Corporation) C:\windows\SysWOW64\resutils.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000469504 _____ (Microsoft Corporation) C:\windows\SysWOW64\webio.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000467648 _____ (Microsoft Corporation) C:\windows\system32\Faultrep.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000465208 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000464384 _____ (Microsoft Corporation) C:\windows\system32\cloudAP.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000459896 _____ (Microsoft Corporation) C:\windows\system32\MusNotifyIcon.exe
2020-01-31 14:29 - 2020-01-31 14:29 - 000456192 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.ConversationalAgent.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000453432 _____ (Microsoft Corporation) C:\windows\SysWOW64\WerFault.exe
2020-01-31 14:29 - 2020-01-31 14:29 - 000450048 _____ (Microsoft Corporation) C:\windows\system32\rdpclip.exe
2020-01-31 14:29 - 2020-01-31 14:29 - 000443904 _____ (Microsoft Corporation) C:\windows\system32\edgeIso.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000441144 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgmms1.sys
2020-01-31 14:29 - 2020-01-31 14:29 - 000441072 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.MediaControl.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000435200 _____ (Microsoft Corporation) C:\windows\system32\wincorlib.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000430080 _____ (Microsoft Corporation) C:\windows\SysWOW64\werui.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000421376 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2020-01-31 14:29 - 2020-01-31 14:29 - 000416056 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Classpnp.sys
2020-01-31 14:29 - 2020-01-31 14:29 - 000415808 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000407040 _____ (Microsoft Corporation) C:\windows\system32\DispBroker.Desktop.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000404912 _____ (Microsoft Corporation) C:\windows\SysWOW64\Faultrep.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000399360 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000384000 _____ (Microsoft Corporation) C:\windows\SysWOW64\puiobj.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000375504 _____ (Microsoft Corporation) C:\windows\SysWOW64\AUDIOKSE.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000370688 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieproxy.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000366416 _____ (Microsoft Corporation) C:\windows\system32\mfsensorgroup.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000355840 _____ (Microsoft Corporation) C:\windows\system32\WaaSMedicSvc.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000350720 _____ (Microsoft Corporation) C:\windows\system32\SettingsHandlers_SpeechPrivacy.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000345088 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000327680 _____ (Microsoft Corporation) C:\windows\SysWOW64\edgeIso.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000324616 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000324608 _____ (Microsoft Corporation) C:\windows\system32\FSClient.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000324096 _____ (Microsoft Corporation) C:\windows\SysWOW64\win32k.sys
2020-01-31 14:29 - 2020-01-31 14:29 - 000311096 _____ (Microsoft Corporation) C:\windows\system32\SecurityHealthAgent.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000308736 _____ (Microsoft Corporation) C:\windows\system32\msIso.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000307712 _____ (Microsoft Corporation) C:\windows\SysWOW64\wincorlib.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000300392 _____ (Microsoft Corporation) C:\windows\system32\skci.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000291328 _____ (Microsoft Corporation) C:\windows\system32\DeviceDirectoryClient.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000285184 _____ (Microsoft Corporation) C:\windows\system32\WaaSMedicCapsule.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000282112 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.AppDefaults.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000281088 _____ (Microsoft Corporation) C:\windows\system32\msutb.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000277504 _____ (Microsoft Corporation) C:\windows\system32\SettingsHandlers_CapabilityAccess.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000265216 _____ (Microsoft Corporation) C:\windows\system32\cdd.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000259984 _____ (Microsoft Corporation) C:\windows\system32\logoncli.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000256000 _____ (Microsoft Corporation) C:\windows\system32\UpdateDeploymentProvider.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000251904 _____ (Microsoft Corporation) C:\windows\SysWOW64\msIso.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000250880 _____ (Microsoft Corporation) C:\windows\system32\Drivers\winnat.sys
2020-01-31 14:29 - 2020-01-31 14:29 - 000248064 _____ (Microsoft Corporation) C:\windows\system32\weretw.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000228864 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2020-01-31 14:29 - 2020-01-31 14:29 - 000227840 _____ (Microsoft Corporation) C:\windows\system32\IndexedDbLegacy.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000226816 _____ (Microsoft Corporation) C:\windows\system32\netprofm.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000225280 _____ (Microsoft Corporation) C:\windows\system32\wersvc.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000224768 _____ (Microsoft Corporation) C:\windows\system32\DWWIN.EXE
2020-01-31 14:29 - 2020-01-31 14:29 - 000221200 _____ (Microsoft Corporation) C:\windows\system32\wermgr.exe
2020-01-31 14:29 - 2020-01-31 14:29 - 000217600 _____ (Microsoft Corporation) C:\windows\SysWOW64\msutb.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000210744 _____ (Microsoft Corporation) C:\windows\system32\tcbloader.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000209920 _____ (Microsoft Corporation) C:\windows\system32\wuuhosdeployment.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000203776 _____ (Microsoft Corporation) C:\windows\system32\regapi.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000201728 _____ (Microsoft Corporation) C:\windows\system32\puiapi.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000201728 _____ (Microsoft Corporation) C:\windows\system32\AppXApplicabilityBlob.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000199480 _____ (Microsoft Corporation) C:\windows\SysWOW64\wermgr.exe
2020-01-31 14:29 - 2020-01-31 14:29 - 000197632 _____ (Microsoft Corporation) C:\windows\system32\Win32CompatibilityAppraiserCSP.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000193592 _____ (Microsoft Corporation) C:\windows\SysWOW64\weretw.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000190464 _____ (Microsoft Corporation) C:\windows\SysWOW64\regapi.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000190256 _____ (Microsoft Corporation) C:\windows\SysWOW64\logoncli.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000187392 _____ (Microsoft Corporation) C:\windows\system32\tssrvlic.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000186880 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWWIN.EXE
2020-01-31 14:29 - 2020-01-31 14:29 - 000184832 _____ (Microsoft Corporation) C:\windows\system32\AarSvc.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000183808 _____ (Microsoft Corporation) C:\windows\system32\ResetEngOnline.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000175616 _____ (Microsoft Corporation) C:\windows\SysWOW64\IndexedDbLegacy.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000174392 _____ (Microsoft Corporation) C:\windows\system32\Drivers\AppvVemgr.sys
2020-01-31 14:29 - 2020-01-31 14:29 - 000172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\puiapi.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000169472 _____ (Microsoft Corporation) C:\windows\system32\SpatialAudioLicenseSrv.exe
2020-01-31 14:29 - 2020-01-31 14:29 - 000155648 _____ (Microsoft Corporation) C:\windows\system32\SettingsHandlers_AppExecutionAlias.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000153912 _____ (Microsoft Corporation) C:\windows\system32\Drivers\AppvVfs.sys
2020-01-31 14:29 - 2020-01-31 14:29 - 000151552 _____ (Microsoft Corporation) C:\windows\system32\SettingsHandlers_BackgroundApps.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\SpatialAudioLicenseSrv.exe
2020-01-31 14:29 - 2020-01-31 14:29 - 000143160 _____ (Microsoft Corporation) C:\windows\system32\NetSetupApi.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000138752 _____ (Microsoft Corporation) C:\windows\system32\InputLocaleManager.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000138040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\AppVStrm.sys
2020-01-31 14:29 - 2020-01-31 14:29 - 000135168 _____ (Microsoft Corporation) C:\windows\system32\musdialoghandlers.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000128512 _____ (Microsoft Corporation) C:\windows\system32\usoapi.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000127064 _____ (Microsoft Corporation) C:\windows\system32\win32u.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000123904 _____ (Microsoft Corporation) C:\windows\system32\ApplicationControlCSP.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000123392 _____ (Microsoft Corporation) C:\windows\system32\wercplsupport.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000119808 _____ (Microsoft Corporation) C:\windows\system32\DafPrintProvider.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000119296 _____ (Microsoft Corporation) C:\windows\system32\compstui.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000117264 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bindflt.sys
2020-01-31 14:29 - 2020-01-31 14:29 - 000112128 _____ (Microsoft Corporation) C:\windows\system32\NetDriverInstall.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000107832 _____ (Microsoft Corporation) C:\windows\SysWOW64\NetSetupApi.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000107008 _____ (Microsoft Corporation) C:\windows\system32\DevicePairingExperienceMEM.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000106808 _____ (Microsoft Corporation) C:\windows\system32\SecurityHealthProxyStub.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000099712 _____ (Microsoft Corporation) C:\windows\system32\FsIso.exe
2020-01-31 14:29 - 2020-01-31 14:29 - 000097280 _____ (Microsoft Corporation) C:\windows\SysWOW64\compstui.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000095232 _____ (Microsoft Corporation) C:\windows\system32\msfeedsbs.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000093704 _____ (Microsoft Corporation) C:\windows\system32\hvloader.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000092160 _____ (Microsoft Corporation) C:\windows\system32\wsqmcons.exe
2020-01-31 14:29 - 2020-01-31 14:29 - 000089328 _____ (Microsoft Corporation) C:\windows\SysWOW64\win32u.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000089088 _____ (Microsoft Corporation) C:\windows\system32\WaaSMedicAgent.exe
2020-01-31 14:29 - 2020-01-31 14:29 - 000088576 _____ (Microsoft Corporation) C:\windows\SysWOW64\DafPrintProvider.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000088352 _____ (Microsoft Corporation) C:\windows\system32\remoteaudioendpoint.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000087040 _____ (Microsoft Corporation) C:\windows\system32\EditBufferTestHook.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000084992 _____ (Microsoft Corporation) C:\windows\system32\SecurityHealthSystray.exe
2020-01-31 14:29 - 2020-01-31 14:29 - 000084496 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hvservice.sys
2020-01-31 14:29 - 2020-01-31 14:29 - 000080896 _____ (Microsoft Corporation) C:\windows\SysWOW64\NetDriverInstall.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000079872 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedsbs.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000077824 _____ (Microsoft Corporation) C:\windows\SysWOW64\usoapi.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000077824 _____ (Microsoft Corporation) C:\windows\system32\CustomInstallExec.exe
2020-01-31 14:29 - 2020-01-31 14:29 - 000072816 _____ (Microsoft Corporation) C:\windows\SysWOW64\remoteaudioendpoint.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000071480 _____ (Microsoft Corporation) C:\windows\system32\win32appinventorycsp.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000069120 _____ (Microsoft Corporation) C:\windows\system32\UsoClient.exe
2020-01-31 14:29 - 2020-01-31 14:29 - 000066560 _____ (Microsoft Corporation) C:\windows\system32\findnetprinters.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000065536 _____ (Microsoft Corporation) C:\windows\system32\iemigplugin.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000064000 _____ (Microsoft Corporation) C:\windows\system32\printui.exe
2020-01-31 14:29 - 2020-01-31 14:29 - 000063488 _____ (Microsoft Corporation) C:\windows\SysWOW64\iemigplugin.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000063288 _____ (Microsoft Corporation) C:\windows\system32\SecurityHealthHost.exe
2020-01-31 14:29 - 2020-01-31 14:29 - 000062976 _____ (Microsoft Corporation) C:\windows\system32\LSCSHostPolicy.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\printui.exe
2020-01-31 14:29 - 2020-01-31 14:29 - 000059221 _____ C:\windows\system32\srms.dat
2020-01-31 14:29 - 2020-01-31 14:29 - 000057856 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000057344 _____ (Microsoft Corporation) C:\windows\system32\audioresourceregistrar.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000053248 _____ (Microsoft Corporation) C:\windows\SysWOW64\findnetprinters.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000048640 _____ (Microsoft Corporation) C:\windows\system32\mcicda.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000047208 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2020-01-31 14:29 - 2020-01-31 14:29 - 000045056 _____ (Microsoft Corporation) C:\windows\system32\npmproxy.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000044544 _____ (Microsoft Corporation) C:\windows\system32\werdiagcontroller.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000042512 _____ (Microsoft Corporation) C:\windows\system32\SysResetErr.exe
2020-01-31 14:29 - 2020-01-31 14:29 - 000041472 _____ (Microsoft Corporation) C:\windows\system32\WordBreakers.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000038912 _____ (Microsoft Corporation) C:\windows\SysWOW64\werdiagcontroller.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000038400 _____ (Microsoft Corporation) C:\windows\SysWOW64\mcicda.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000034304 _____ (Microsoft Corporation) C:\windows\system32\mciwave.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000030208 _____ (Microsoft Corporation) C:\windows\system32\mciseq.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000029696 _____ (Microsoft Corporation) C:\windows\system32\nlmproxy.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000028672 _____ (Microsoft Corporation) C:\windows\system32\WaaSMedicPS.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000027648 _____ (Microsoft Corporation) C:\windows\SysWOW64\mciwave.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000027648 _____ (Microsoft Corporation) C:\windows\system32\lstelemetry.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000024064 _____ (Microsoft Corporation) C:\windows\SysWOW64\mciseq.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000021304 _____ (Microsoft Corporation) C:\windows\system32\kdhvcom.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000019768 _____ (Microsoft Corporation) C:\windows\system32\ResetEngine.exe
2020-01-31 14:29 - 2020-01-31 14:29 - 000017920 _____ (Microsoft Corporation) C:\windows\system32\bindflt.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000017408 _____ (Microsoft Corporation) C:\windows\system32\nlmsprep.dll
2020-01-31 14:29 - 2020-01-31 14:29 - 000015360 _____ (Microsoft Corporation) C:\windows\system32\msfeedssync.exe
2020-01-31 14:29 - 2020-01-31 14:29 - 000013824 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedssync.exe
2020-01-31 14:29 - 2020-01-31 14:29 - 000000315 _____ C:\windows\system32\DrtmAuth9.bin
2020-01-31 14:29 - 2020-01-31 14:29 - 000000315 _____ C:\windows\system32\DrtmAuth8.bin
2020-01-31 14:29 - 2020-01-31 14:29 - 000000315 _____ C:\windows\system32\DrtmAuth7.bin
2020-01-31 14:29 - 2020-01-31 14:29 - 000000315 _____ C:\windows\system32\DrtmAuth6.bin
2020-01-31 14:29 - 2020-01-31 14:29 - 000000315 _____ C:\windows\system32\DrtmAuth5.bin
2020-01-31 14:29 - 2020-01-31 14:29 - 000000315 _____ C:\windows\system32\DrtmAuth4.bin
2020-01-31 14:29 - 2020-01-31 14:29 - 000000315 _____ C:\windows\system32\DrtmAuth3.bin
2020-01-31 14:29 - 2020-01-31 14:29 - 000000315 _____ C:\windows\system32\DrtmAuth2.bin
2020-01-31 14:29 - 2020-01-31 14:29 - 000000315 _____ C:\windows\system32\DrtmAuth12.bin
2020-01-31 14:29 - 2020-01-31 14:29 - 000000315 _____ C:\windows\system32\DrtmAuth11.bin
2020-01-31 14:29 - 2020-01-31 14:29 - 000000315 _____ C:\windows\system32\DrtmAuth10.bin
2020-01-31 14:29 - 2020-01-31 14:29 - 000000315 _____ C:\windows\system32\DrtmAuth1.bin
2020-01-31 14:28 - 2020-01-31 14:28 - 000437776 _____ (Microsoft Corporation) C:\windows\system32\Drivers\pci.sys
2020-01-31 14:28 - 2020-01-31 14:28 - 000296760 _____ (Microsoft Corporation) C:\windows\system32\Drivers\sdbus.sys
2020-01-31 14:28 - 2020-01-31 14:28 - 000194064 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dumpsd.sys
2020-01-31 14:28 - 2020-01-31 14:28 - 000089912 _____ (Microsoft Corporation) C:\windows\system32\Drivers\volmgr.sys
2020-01-31 14:09 - 2019-12-09 04:48 - 000510160 _____ C:\windows\system32\Drivers\dsp_fw_release.bin
2020-01-28 09:29 - 2020-01-28 09:29 - 002203057 _____ C:\Users\cruss\Downloads\efx556i_owners_manual.pdf
2020-01-27 11:08 - 2020-01-27 11:08 - 003198862 _____ C:\Users\cruss\Downloads\Service_Manual-_C556i_Self_Powered_EFX.pdf
2020-01-23 14:51 - 2020-01-23 14:51 - 001624995 _____ C:\Users\cruss\Downloads\Properties for Lease.pdf
2020-01-22 13:35 - 2020-01-22 13:35 - 000122571 _____ C:\Users\cruss\Downloads\2020-Midyear-Governance-Meetings-1-15-20.pdf
2020-01-21 10:12 - 2020-01-31 13:22 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-01-20 09:57 - 2020-01-20 09:57 - 000000000 ____D C:\Program Files (x86)\PowerPoint Alchemy
2020-01-15 10:26 - 2020-01-15 10:26 - 025900032 _____ (Microsoft Corporation) C:\windows\system32\edgehtml.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 019849216 _____ (Microsoft Corporation) C:\windows\SysWOW64\edgehtml.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 008012800 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 007016448 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 003263488 _____ (Microsoft Corporation) C:\windows\system32\tquery.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 002870784 _____ (Microsoft Corporation) C:\windows\system32\mssrch.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 002716672 _____ (Microsoft Corporation) C:\windows\system32\win32kbase.sys
2020-01-15 10:26 - 2020-01-15 10:26 - 002561536 _____ (Microsoft Corporation) C:\windows\SysWOW64\tquery.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 002473976 _____ (Microsoft Corporation) C:\windows\system32\twinapi.appcore.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 002305536 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssrch.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 001985928 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinapi.appcore.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 001835008 _____ (Microsoft Corporation) C:\windows\system32\enterprisecsps.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 001697280 _____ (Microsoft Corporation) C:\windows\system32\GdiPlus.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 001664896 _____ (Microsoft Corporation) C:\windows\SysWOW64\user32.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 001655880 _____ (Microsoft Corporation) C:\windows\system32\user32.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 001458688 _____ (Microsoft Corporation) C:\windows\SysWOW64\GdiPlus.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 001330952 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 001106944 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.Streaming.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 001098720 _____ (Microsoft Corporation) C:\windows\system32\DolbyDecMFT.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 001020032 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000921600 _____ (Microsoft Corporation) C:\windows\system32\Windows.Internal.Management.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000896512 _____ (Microsoft Corporation) C:\windows\system32\MdmDiagnostics.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000852480 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.Streaming.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000851456 _____ (Microsoft Corporation) C:\windows\system32\SearchIndexer.exe
2020-01-15 10:26 - 2020-01-15 10:26 - 000842752 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000689664 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000678712 _____ (Microsoft Corporation) C:\windows\system32\StructuredQuery.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000673792 _____ (Microsoft Corporation) C:\windows\system32\wiaaut.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000671232 _____ (Microsoft Corporation) C:\windows\system32\wiaservc.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000670720 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchIndexer.exe
2020-01-15 10:26 - 2020-01-15 10:26 - 000646144 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Internal.Management.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000571392 _____ (Microsoft Corporation) C:\windows\SysWOW64\wiaaut.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000542496 _____ (Microsoft Corporation) C:\windows\SysWOW64\StructuredQuery.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000432256 _____ (Microsoft Corporation) C:\windows\system32\tsmf.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000401408 _____ (Microsoft Corporation) C:\windows\system32\SearchProtocolHost.exe
2020-01-15 10:26 - 2020-01-15 10:26 - 000400696 _____ (Microsoft Corporation) C:\windows\system32\Drivers\clfs.sys
2020-01-15 10:26 - 2020-01-15 10:26 - 000392192 _____ (Microsoft Corporation) C:\windows\system32\Search.ProtocolHandler.MAPI2.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000379392 _____ (Microsoft Corporation) C:\windows\system32\provengine.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000368128 _____ (Microsoft Corporation) C:\windows\system32\mssvp.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000363840 _____ (Microsoft Corporation) C:\windows\SysWOW64\tsmf.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000336384 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchProtocolHost.exe
2020-01-15 10:26 - 2020-01-15 10:26 - 000329216 _____ (Microsoft Corporation) C:\windows\system32\DiagnosticLogCSP.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000321536 _____ (Microsoft Corporation) C:\windows\system32\sti.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000317440 _____ (Microsoft Corporation) C:\windows\system32\ConhostV1.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000299520 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssvp.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000294400 _____ (Microsoft Corporation) C:\windows\system32\provops.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000283136 _____ (Microsoft Corporation) C:\windows\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000271872 _____ (Microsoft Corporation) C:\windows\system32\provhandlers.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000240640 _____ (Microsoft Corporation) C:\windows\system32\SearchFilterHost.exe
2020-01-15 10:26 - 2020-01-15 10:26 - 000233472 _____ (Microsoft Corporation) C:\windows\system32\KnobsCore.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000232448 _____ (Microsoft Corporation) C:\windows\system32\provisioningcsp.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000227840 _____ (Microsoft Corporation) C:\windows\SysWOW64\sti.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000211968 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchFilterHost.exe
2020-01-15 10:26 - 2020-01-15 10:26 - 000206336 _____ (Microsoft Corporation) C:\windows\system32\sti_ci.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000204800 _____ (Microsoft Corporation) C:\windows\system32\mssph.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000162696 _____ (Microsoft Corporation) C:\windows\system32\dmcmnutils.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000160768 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssph.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000148992 _____ (Microsoft Corporation) C:\windows\system32\MDMAppInstaller.exe
2020-01-15 10:26 - 2020-01-15 10:26 - 000147456 _____ (Microsoft Corporation) C:\windows\system32\mssprxy.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000145920 _____ (Microsoft Corporation) C:\windows\system32\wiadss.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000132096 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tsusbhub.sys
2020-01-15 10:26 - 2020-01-15 10:26 - 000128512 _____ (Microsoft Corporation) C:\windows\system32\mssitlb.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000127520 _____ (Microsoft Corporation) C:\windows\SysWOW64\dmcmnutils.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000123904 _____ (Microsoft Corporation) C:\windows\system32\cryptcatsvc.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000120320 _____ (Microsoft Corporation) C:\windows\system32\KnobsCsp.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000119808 _____ (Microsoft Corporation) C:\windows\SysWOW64\wiadss.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000113152 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssitlb.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000102400 _____ (Microsoft Corporation) C:\windows\system32\NFCProvisioningPlugin.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000097280 _____ (Microsoft Corporation) C:\windows\system32\provdatastore.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000091136 _____ (Microsoft Corporation) C:\windows\system32\ProvPluginEng.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000090624 _____ (Microsoft Corporation) C:\windows\system32\tsgqec.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000088576 _____ (Microsoft Corporation) C:\windows\system32\BarcodeProvisioningPlugin.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000084480 _____ (Microsoft Corporation) C:\windows\system32\enterpriseresourcemanager.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000083968 _____ (Microsoft Corporation) C:\windows\system32\wiarpc.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000083456 _____ (Microsoft Corporation) C:\windows\system32\provtool.exe
2020-01-15 10:26 - 2020-01-15 10:26 - 000083456 _____ (Microsoft Corporation) C:\windows\system32\clfsw32.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000070144 _____ (Microsoft Corporation) C:\windows\SysWOW64\tsgqec.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000066560 _____ (Microsoft Corporation) C:\windows\SysWOW64\clfsw32.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000066048 _____ (Microsoft Corporation) C:\windows\SysWOW64\enterpriseresourcemanager.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000066048 _____ (Microsoft Corporation) C:\windows\system32\RemovableMediaProvisioningPlugin.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssprxy.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000060416 _____ (Microsoft Corporation) C:\windows\system32\msscntrs.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000046080 _____ (Microsoft Corporation) C:\windows\SysWOW64\msscntrs.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000033792 _____ (Microsoft Corporation) C:\windows\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000018432 _____ (Microsoft Corporation) C:\windows\system32\wiatrace.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000015360 _____ (Microsoft Corporation) C:\windows\SysWOW64\wiatrace.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000010752 _____ (Microsoft Corporation) C:\windows\system32\DMAlertListener.ProxyStub.dll
2020-01-15 10:26 - 2020-01-15 10:26 - 000007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\DMAlertListener.ProxyStub.dll
2020-01-13 16:09 - 2018-05-01 13:49 - 000001814 _____ C:\Users\cruss\OneDrive\Documents\SecurityCmdLnApp_LogFile-CarlsHomeoffice.txt
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-02-12 09:12 - 2019-03-18 23:37 - 000000000 ____D C:\windows\CbsTemp
2020-02-12 09:08 - 2019-11-03 16:46 - 000000000 ____D C:\Users\cruss\AppData\LocalLow\Mozilla
2020-02-12 09:08 - 2019-11-03 14:10 - 000004168 _____ C:\windows\system32\Tasks\User_Feed_Synchronization-{7EA3E303-AC99-4D7B-B3DC-AF46E45FE8F3}
2020-02-12 09:06 - 2019-11-04 06:14 - 000000000 ___RD C:\Users\cruss\iCloudDrive
2020-02-12 09:06 - 2019-11-04 06:14 - 000000000 ____D C:\Users\cruss\AppData\Local\D487A5E3-E2FE-4498-95A4-B00B23AF4194.aplzod
2020-02-12 09:06 - 2019-11-03 21:59 - 000000000 ____D C:\Users\cruss\AppData\Local\AVAST Software
2020-02-12 09:06 - 2019-11-03 14:02 - 000000000 ____D C:\Users\cruss\OneDrive\Documents\Outlook Files
2020-02-12 09:06 - 2019-11-03 14:00 - 000000000 ___RD C:\Users\cruss\OneDrive
2020-02-12 09:05 - 2019-11-03 13:58 - 000000000 __SHD C:\Users\cruss\IntelGraphicsProfiles
2020-02-12 09:05 - 2019-03-18 23:52 - 000000000 ____D C:\windows\system32\WinBioDatabase
2020-02-11 17:13 - 2019-03-18 23:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-02-11 16:01 - 2019-11-05 12:54 - 000002556 _____ C:\windows\system32\Tasks\SoftwareInformerService
2020-02-11 16:01 - 2019-11-04 06:14 - 000002644 _____ C:\windows\system32\Tasks\Apple Diagnostics
2020-02-11 16:01 - 2019-11-03 21:57 - 000000000 ____D C:\windows\system32\Tasks\Avast Software
2020-02-11 16:01 - 2019-11-03 21:55 - 000003194 _____ C:\windows\system32\Tasks\CCleaner Update
2020-02-11 16:01 - 2019-11-03 21:55 - 000002238 _____ C:\windows\system32\Tasks\CCleanerSkipUAC
2020-02-11 16:01 - 2019-11-03 21:21 - 000003348 _____ C:\windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-02-11 16:01 - 2019-11-03 21:21 - 000003124 _____ C:\windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-02-11 16:01 - 2019-11-03 17:09 - 000003452 _____ C:\windows\system32\Tasks\DropboxUpdateTaskMachineUA
2020-02-11 16:01 - 2019-11-03 17:09 - 000003228 _____ C:\windows\system32\Tasks\DropboxUpdateTaskMachineCore
2020-02-11 16:01 - 2019-11-03 17:09 - 000000938 _____ C:\windows\Tasks\DropboxUpdateTaskMachineUA.job
2020-02-11 16:01 - 2019-11-03 17:09 - 000000934 _____ C:\windows\Tasks\DropboxUpdateTaskMachineCore.job
2020-02-11 16:01 - 2019-11-03 14:00 - 000002862 _____ C:\windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3941208988-4064051922-1525667148-1001
2020-02-11 16:01 - 2019-10-07 15:02 - 000002856 _____ C:\windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3941208988-4064051922-1525667148-500
2020-02-11 15:27 - 2019-09-03 18:47 - 000986294 _____ C:\windows\system32\PerfStringBackup.INI
2020-02-11 15:27 - 2019-03-18 23:50 - 000000000 ____D C:\windows\INF
2020-02-11 15:20 - 2019-11-03 22:10 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2020-02-11 15:20 - 2019-11-03 14:16 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-02-11 15:20 - 2019-10-07 15:02 - 000000000 ____D C:\Intel
2020-02-11 15:20 - 2019-09-03 18:39 - 000000006 ____H C:\windows\Tasks\SA.DAT
2020-02-11 15:19 - 2019-03-18 23:37 - 000786432 _____ C:\windows\system32\config\BBI
2020-02-11 15:05 - 2019-11-03 21:22 - 000002311 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-02-11 15:05 - 2019-11-03 21:22 - 000002270 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-02-11 15:05 - 2019-11-03 21:22 - 000002270 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-02-11 13:45 - 2019-11-03 13:58 - 000000000 ____D C:\Users\cruss\AppData\Local\Packages
2020-02-11 13:45 - 2019-03-18 23:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-02-11 13:45 - 2019-03-18 23:52 - 000000000 ____D C:\windows\AppReadiness
2020-02-11 13:06 - 2019-03-18 23:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-02-11 13:04 - 2019-09-03 18:48 - 000000000 ____D C:\Program Files\Microsoft Office
2020-02-11 12:45 - 2019-11-03 14:16 - 000000000 ____D C:\Users\cruss\AppData\Roaming\TeamViewer
2020-02-11 12:35 - 2019-09-03 18:39 - 000000000 ____D C:\windows\system32\SleepStudy
2020-02-11 12:29 - 2019-03-18 23:52 - 000000000 ___HD C:\windows\ELAMBKUP
2020-02-11 12:25 - 2019-11-13 16:17 - 000000000 ____D C:\Users\cruss\AppData\Local\CrashDumps
2020-02-11 10:55 - 2019-03-18 23:52 - 000000000 ____D C:\windows\system32\NDF
2020-02-10 14:21 - 2019-12-09 11:31 - 000000000 ____D C:\Users\cruss\AppData\Local\cache
2020-02-10 14:17 - 2019-03-18 23:52 - 000000000 ____D C:\windows\system32\WinBioPlugIns
2020-02-07 15:26 - 2019-11-03 22:01 - 000153312 _____ (Malwarebytes) C:\windows\system32\Drivers\mbae64.sys
2020-02-07 13:53 - 2019-11-03 21:57 - 000004264 _____ C:\windows\system32\Tasks\Avast Emergency Update
2020-02-06 10:59 - 2019-11-03 14:00 - 000002377 _____ C:\Users\cruss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-02-05 15:23 - 2019-11-03 17:09 - 000000000 ____D C:\Program Files (x86)\Dropbox
2020-02-01 12:46 - 2019-11-03 19:22 - 000000000 ____D C:\windows\Firmware
2020-01-31 14:41 - 2019-11-03 13:58 - 000000000 ___RD C:\Users\cruss\3D Objects
2020-01-31 14:41 - 2019-09-03 19:01 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-01-31 14:40 - 2019-09-03 18:39 - 000482608 _____ C:\windows\system32\FNTCACHE.DAT
2020-01-31 14:33 - 2019-03-18 23:52 - 000000000 ___RD C:\windows\ImmersiveControlPanel
2020-01-31 14:33 - 2019-03-18 23:52 - 000000000 ____D C:\windows\SystemResources
2020-01-31 14:33 - 2019-03-18 23:52 - 000000000 ____D C:\windows\system32\PerceptionSimulation
2020-01-31 14:33 - 2019-03-18 23:52 - 000000000 ____D C:\windows\ShellExperiences
2020-01-31 14:33 - 2019-03-18 23:52 - 000000000 ____D C:\windows\bcastdvr
2020-01-31 14:10 - 2019-09-03 18:23 - 000000000 ____D C:\windows\system32\Intel
2020-01-31 13:22 - 2019-11-03 16:46 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-01-31 12:27 - 2019-11-08 17:03 - 000000000 ____D C:\Users\cruss\AppData\Local\ElevatedDiagnostics
2020-01-29 23:08 - 2019-11-03 21:38 - 000000000 ____D C:\Users\cruss\AppData\Roaming\Dashlane
2020-01-28 19:21 - 2019-11-03 14:00 - 000000000 ____D C:\Users\cruss\AppData\Local\PlaceholderTileLogoFolder
2020-01-22 09:08 - 2019-11-03 16:46 - 000001015 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-01-21 13:10 - 2019-11-03 17:49 - 000000000 ____D C:\Users\cruss\AppData\Local\Deployment
2020-01-20 13:59 - 2020-01-09 12:18 - 000000000 ____D C:\Users\cruss\AppData\Roaming\Mimecast
2020-01-20 13:42 - 2019-11-06 14:02 - 000000000 ____D C:\Program Files\Family Tree Maker 2017
2020-01-17 09:31 - 2019-11-03 21:21 - 000000000 ____D C:\Program Files (x86)\Google
2020-01-15 10:51 - 2019-03-18 23:52 - 000000000 ___SD C:\windows\system32\UNP
2020-01-15 10:30 - 2019-11-03 19:20 - 000000000 ____D C:\windows\system32\MRT
2020-01-15 10:28 - 2019-11-03 19:20 - 120202352 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
 
==================== Files in the root of some directories ========
 
2019-11-08 17:11 - 2019-11-08 17:16 - 000044097 __RSH () C:\Program Files (x86)\DLS8Uninstall.log
2019-11-03 17:24 - 2019-11-03 17:24 - 035552512 _____ (Swiftpage Act! LLC                                          ) C:\Users\cruss\AppData\Roaming\act2000update9ss.exe
2019-11-03 17:33 - 2019-12-17 09:43 - 000000067 ____H () C:\Users\cruss\AppData\Roaming\ActUpdate.log
2019-11-05 11:57 - 2019-11-05 12:05 - 000001752 _____ () C:\Users\cruss\AppData\Roaming\HP10bII+State.bin
2019-11-03 17:30 - 2019-11-03 17:30 - 000032305 _____ () C:\Users\cruss\AppData\Roaming\NGEN_AppLog_Install.txt
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ========================
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-02-2020
Ran by cruss (12-02-2020 09:13:52)
Running from C:\Users\cruss\OneDrive\Desktop\Spyware Utilities
Windows 10 Pro Version 1909 18363.628 (X64) (2019-10-07 20:04:42)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3941208988-4064051922-1525667148-500 - Administrator - Disabled)
cruss (S-1-5-21-3941208988-4064051922-1525667148-1001 - Administrator - Enabled) => C:\Users\cruss
DefaultAccount (S-1-5-21-3941208988-4064051922-1525667148-503 - Limited - Disabled)
Guest (S-1-5-21-3941208988-4064051922-1525667148-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3941208988-4064051922-1525667148-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Sophos Home (Enabled - Up to date) {FFADE7EA-DC92-4602-D6B2-626CD3450A0F}
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
FW: Avast Antivirus (Enabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Act! Pro (HKLM-x32\...\{DE0E0806-B6B1-4662-B012-768DB62F2791}) (Version: 20.0.0.0 - Swiftpage ACT! LLC) Hidden
Act! Pro (HKLM-x32\...\InstallShield_{DE0E0806-B6B1-4662-B012-768DB62F2791}) (Version: 20.0.0.0 - Swiftpage ACT! LLC)
Apple Application Support (32-bit) (HKLM-x32\...\{BED24701-751B-41C5-8888-A8EABAB9FE8C}) (Version: 8.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{88F21C94-88AF-4665-AF4F-FECB1FA059B9}) (Version: 8.1 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
Avast Internet Security (HKLM-x32\...\Avast Antivirus) (Version: 19.8.2393 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 77.2.2154.121 - AVAST Software)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.5.245.0 - AVAST Software) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform)
Chrome Remote Desktop Host (HKLM-x32\...\{EF08968E-F7E7-43EA-95B1-1E8ACC8CC459}) (Version: 80.0.3987.18 - Google Inc.)
Dashlane (HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Dashlane) (Version: 6.2004.0.32112 - Dashlane, Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 90.4.307 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.295.1 - Dropbox, Inc.) Hidden
DYMO Label v.8 (HKLM-x32\...\DYMO Label v.8) (Version: 8.5.0.1751 - Sanford, L.P.)
DYMO LabelWriter Drivers (HKLM\...\{CE16D92B-50F3-4FC5-B29C-13FAFEE1A6C6}) (Version: 8.3.0.443 - Sanford L.P.)
EaseUS MobiMover 5.0.1 (HKLM-x32\...\EaseUS MobiMover_is1) (Version:  - EaseUS)
Family Tree Maker 2017 (HKLM\...\{6BEF69F9-92AA-4BCC-8529-DA42F585EC36}) (Version: 23.3.1570 - Software MacKiev)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.100 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.441 - Google LLC) Hidden
GoTo Opener (HKLM-x32\...\{C0F33C38-345C-4C02-B161-11389350C2A5}) (Version: 1.0.533 - LogMeIn, Inc.)
GoToAssist Customer 4.7.0.1673 (HKLM-x32\...\GoToAssist Express Customer) (Version: 4.7.0.1673 - LogMeIn, Inc.)
HitmanPro 3.8 (HKLM\...\HitmanPro38) (Version: 3.8.16.310 - SurfRight B.V.)
HitmanPro.Alert 3 (managed by Sophos) (HKLM\...\HitmanPro.Alert) (Version: 3.7.15.446 - SurfRight B.V.) Hidden
HP 10bII+ Virtual Calculator (HKLM-x32\...\{C6ABAE79-1C6E-45DF-84DA-ADA90740F2FB}) (Version: 1.3.0.0 - Hewlett-Packard)
iCloud (HKLM\...\{576BC8FA-1891-47C8-8A23-F3DDB78C06DE}) (Version: 7.15.0.10 - Apple Inc.)
Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes)
Microsoft ODBC Driver 11 for SQL Server (HKLM\...\{A106FA6F-E94C-44C9-8A0F-C34BD82C9FE6}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.12430.20264 - Microsoft Corporation)
Microsoft Office Access database engine 2007 (English) (HKLM-x32\...\{90120000-00D1-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1031 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\OneDriveSetup.exe) (Version: 19.232.1124.0005 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{6292D514-17A4-403F-98F9-E150F10C043D}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2014 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2014) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2014 Setup (English) (HKLM\...\{0EEBDCCA-EF5D-4896-9FEA-D7D410A57E8A}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom  (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Support and Recovery Assistant (HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\f9a89bd2a46a7606) (Version: 17.0.3711.5 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Core Components (x64) ENU  (HKLM\...\{8CCBEC22-D2DB-4DC9-A58A-E1A1F3A38C8A}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Core Components (x86) ENU  (HKLM-x32\...\{FF63121D-91C6-42CC-B341-F1AA729728E7}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Provider Services (x64) ENU  (HKLM\...\{03AC245F-4C64-425C-89CF-7783C1D3AB2C}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Provider Services (x86) ENU  (HKLM-x32\...\{D3A80508-CD83-4CA3-8671-914A1BC78B61}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Teams) (Version: 1.2.00.10168 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.60724 - Microsoft Corporation)
Microsoft VSS Writer for SQL Server 2014 (HKLM\...\{366CD715-2FF4-40B4-A8B4-A05E5D21A945}) (Version: 12.0.2000.8 - Microsoft Corporation)
Mozilla Firefox 72.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 72.0.2 (x64 en-US)) (Version: 72.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 70.0.1 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.12430.20264 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.12430.20184 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.12430.20264 - Microsoft Corporation) Hidden
Shuffle for PowerPoint (HKLM-x32\...\{6B802AFC-4C59-4BED-9051-F2A6A1CF526A}) (Version: 3.0.2 - PowerPoint Alchemy)
Snagit 9.1.3 (HKLM-x32\...\{5C47C8B6-77FF-4FC7-A388-66FCF9CFC24C}) (Version: 9.1.3.19 - TechSmith Corporation)
Software Informer 1.5.1334.0 (HKLM\...\Software Informer_is1) (Version:  - Informer Technologies, Inc.)
Sophos Anti-Virus (HKLM-x32\...\{CBA26491-B602-484E-B846-00623CA80D03}) (Version: 10.8.4.233 - Sophos Limited) Hidden
Sophos AutoUpdate XG (HKLM-x32\...\{72E136F7-3751-422E-AC7A-1B2E46391909}) (Version: 6.0.457.0 - Sophos Limited) Hidden
Sophos Clean (HKLM\...\Sophos Clean) (Version: 3.8.6.1 - Sophos Limited) Hidden
Sophos Diagnostic Utility (HKLM-x32\...\{4627F5A1-E85A-4394-9DB3-875DF83AF6C2}) (Version: 1.26.0.2 - Sophos Limited) Hidden
Sophos Endpoint Defense (HKLM\...\Sophos Endpoint Defense) (Version: 2.1.20.0 - Sophos Limited) Hidden
Sophos Exploit Prevention (HKLM\...\{866151B2-E14E-40E0-B6D9-64B1D428F5CB}) (Version: 3.7.15.446 - Sophos Limited) Hidden
Sophos File Scanner (HKLM\...\{CD39E739-F480-4AC4-B0C9-68CA731D8AC6}) (Version: 1.5.15.0 - Sophos Limited) Hidden
Sophos Health (HKLM-x32\...\{80D18B7B-8DF1-4BCA-901F-BEC86BAE2774}) (Version: 2.1.0.33 - Sophos Limited) Hidden
Sophos Home (HKLM\...\Sophos Endpoint Agent) (Version: 2.1.11 - Sophos Limited)
Sophos Home (HKLM-x32\...\{0257C366-B90C-462A-BAF8-0A28D17748A1}) (Version: 3.7.12.0 - Sophos Limited) Hidden
Sophos Home Clean (HKLM\...\Sophos Home Clean) (Version: 3.7.21.245 - Sophos Limited) Hidden
Sophos Management Communications System (HKLM-x32\...\{2C14E1A2-C4EB-466E-8374-81286D723D3A}) (Version: 4.10.423.0 - Sophos Limited) Hidden
Sophos ML Engine (HKLM\...\Sophos ML Engine) (Version: 1.3.6 - Sophos Limited) Hidden
Sophos Network Threat Protection (HKLM\...\{604350BF-BE9A-4F79-B0EB-B1C22D889E2D}) (Version: 1.5.128 - Sophos Limited) Hidden
Sophos Standalone Engine (HKLM\...\Sophos Standalone Engine) (Version: 1.2.24 - Sophos Limited) Hidden
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.7.64.0 - Safer-Networking Ltd.)
SQL Server 2014 Common Files (HKLM\...\{BD1CD96B-FE4B-4EAE-83D4-6EF55AB5779C}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Common Files (HKLM\...\{F7012F84-80F5-4C25-852E-B1BA03276FE6}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Services (HKLM\...\{17531BCD-C627-46A2-9F1E-7CC920E0E94A}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Services (HKLM\...\{5082A9F3-AEE5-4639-9BA7-C19661BA7331}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Shared (HKLM\...\{ACC530B8-B6B4-40D6-B59B-152468CF47D0}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Shared (HKLM\...\{D1B847A9-B06B-4264-9EF0-78E6E1571E65}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server Browser for SQL Server 2014 (HKLM-x32\...\{3204DE95-97D2-4261-A286-98A262E171D4}) (Version: 12.0.2000.8 - Microsoft Corporation)
Sql Server Customer Experience Improvement Program (HKLM\...\{6476DB81-F263-4C04-8574-AAD31136C304}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.2.0.10168 - Microsoft Corporation)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.1.3937 - TeamViewer)
Zoom (HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\ZoomUMX) (Version: 4.5 - Zoom Video Communications, Inc.)
 
Packages:
=========
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_110.1.660.0_x64__v10z8vjag6ke6 [2020-01-31] (HP Inc.)
Japanese Landscapes -> C:\Program Files\WindowsApps\Microsoft.JapaneseLandscapes_1.0.0.0_neutral__8wekyb3d8bbwe [2019-11-07] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-11-06] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-11-06] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.34.20074.0_x64__8wekyb3d8bbwe [2020-01-16] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-12] (Microsoft Studios) [MS Ad]
Microsoft Sudoku -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSudoku_1.7.10190.0_x86__8wekyb3d8bbwe [2019-11-07] (Microsoft Studios) [MS Ad]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_20.10113.4727.0_x64__8wekyb3d8bbwe [2020-01-31] (Microsoft Corporation)
MPEG-2 Video Extension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2019-11-08] (Microsoft Corporation)
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-19] (Microsoft Corporation) [MS Ad]
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-12-26] (Microsoft Corporation)
RICOH Driver Utility -> C:\Program Files\WindowsApps\3EA2211E.RICOHDriverUtility_4.4.0.5_x86__fxme7667cy4q4 [2020-01-08] (Ricoh Company, Ltd.)
Surface -> C:\Program Files\WindowsApps\Microsoft.SurfaceHub_44.600.139.0_x64__8wekyb3d8bbwe [2019-12-20] (Microsoft Corporation)
US National Parks -> C:\Program Files\WindowsApps\Microsoft.USNationalParks_1.0.0.0_neutral__8wekyb3d8bbwe [2019-11-18] (Microsoft Corporation)
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3941208988-4064051922-1525667148-1001_Classes\CLSID\{1360fa9f-ad39-4cda-aad1-07929027e2ef}\InprocServer32 -> C:\windows\system32\kernel32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3941208988-4064051922-1525667148-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\cruss\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.19098.3\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3941208988-4064051922-1525667148-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\cruss\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.19098.3\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3941208988-4064051922-1525667148-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\cruss\Dropbox [2019-11-04 13:34]
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-10-30] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-10-30] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-10-30] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-10-30] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-10-30] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-10-30] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-10-30] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-10-30] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-10-30] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-10-30] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-10-30] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-10-30] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-10-30] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-10-30] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-10-30] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-10-30] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-10-30] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-10-30] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-10-30] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-10-30] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-10-30] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2019-10-25] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers1: [SnagItMainShellExt] -> {CF74B903-3389-469c-B3B6-0204D204FCBD} => C:\Program Files (x86)\TechSmith\Snagit 9\DLLx64\SnagItShellExt64.dll [2009-10-15] (TechSmith Corporation -> TechSmith Corporation)
ContextMenuHandlers1: [SophosHomeShellExt] -> {2FE0F6D6-426A-4728-B435-7CF2FE926449} => C:\Program Files (x86)\Sophos\Sophos Home\SophosHomeShellExtX64.dll [2020-01-15] (Sophos Ltd -> Sophos Limited)
ContextMenuHandlers2: [SophosHomeShellExt] -> {2FE0F6D6-426A-4728-B435-7CF2FE926449} => C:\Program Files (x86)\Sophos\Sophos Home\SophosHomeShellExtX64.dll [2020-01-15] (Sophos Ltd -> Sophos Limited)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-10-30] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [SnagItMainShellExt] -> {CF74B903-3389-469c-B3B6-0204D204FCBD} => C:\Program Files (x86)\TechSmith\Snagit 9\DLLx64\SnagItShellExt64.dll [2009-10-15] (TechSmith Corporation -> TechSmith Corporation)
ContextMenuHandlers4: [SophosHomeShellExt] -> {2FE0F6D6-426A-4728-B435-7CF2FE926449} => C:\Program Files (x86)\Sophos\Sophos Home\SophosHomeShellExtX64.dll [2020-01-15] (Sophos Ltd -> Sophos Limited)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-10-30] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [SophosHomeShellExt] -> {2FE0F6D6-426A-4728-B435-7CF2FE926449} => C:\Program Files (x86)\Sophos\Sophos Home\SophosHomeShellExtX64.dll [2020-01-15] (Sophos Ltd -> Sophos Limited)
 
==================== Codecs (Whitelisted) ====================
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
ShortcutWithArgument: C:\Users\cruss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Chrome Remote Desktop.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
 
==================== Loaded Modules (Whitelisted) =============
 
2020-02-01 17:08 - 2020-02-01 17:08 - 000032256 _____ (©2013 Swiftpage ACT! LLC) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Act.Shared.7319adae#\d26d996830d7282ff5e2e2e3a9082ae6\Act.Shared.UI.Utilities.ni.dll
2019-11-05 12:54 - 2018-01-31 15:08 - 001708032 _____ (Informer Technologies, Inc.) [File not signed] C:\Program Files\Software Informer\core.dll
2019-11-05 12:54 - 2018-01-31 15:07 - 000020992 _____ (Informer Technologies, Inc.) [File not signed] C:\Program Files\Software Informer\impl.dll
2019-11-05 12:54 - 2015-10-28 16:43 - 000015360 _____ (Informer Technologies, Inc.) [File not signed] C:\Program Files\Software Informer\wbacommon.dll
2019-11-05 12:54 - 2018-01-31 15:07 - 000308224 _____ (Informer Technologies, Inc.) [File not signed] C:\Program Files\Software Informer\winunivappfeatures.dll
2020-02-01 17:10 - 2020-02-01 17:10 - 000332288 _____ (Infragistics, Inc.) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Infragisticaa8fcf78#\68e646281a0a88e8ef804a577518b1ea\Infragistics.Act.Shared.ni.dll
2020-02-01 17:10 - 2020-02-01 17:10 - 002721792 _____ (Infragistics, Inc.) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Infragisticcc7b0f04#\40142244d0b80b008866df47f07b4097\Infragistics.Act.Win.UltraWinSchedule.ni.dll
2020-02-01 17:10 - 2020-02-01 17:10 - 003194880 _____ (Infragistics, Inc.) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Infragistics.Act.Win\7533c1fc8ee88953204b0cf57ee2f9d9\Infragistics.Act.Win.ni.dll
2019-09-03 18:48 - 2019-09-03 18:48 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll
2019-09-03 18:48 - 2019-09-03 18:48 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\c2r64.dll
2013-03-05 01:56 - 2013-03-05 01:56 - 000334848 _____ (Sanford, L.P.) [File not signed] C:\Program Files (x86)\DYMO\DYMO Label Software\DYMOPrintingSupport.dll
2020-02-01 15:37 - 2020-02-01 15:37 - 000108544 _____ (Swiftpage ACT! LLC) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Act.Applica68916592#\50a6cd83f9e6fb040bedb0a84ea7bdfb\Act.Application.Interop.ni.dll
2020-02-01 15:37 - 2020-02-01 15:37 - 000022528 _____ (Swiftpage ACT! LLC) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Act.Composi0ce54da2#\c83256033967082c268ab9f1ed02009e\Act.CompositeExtensions.ni.dll
2020-02-01 15:37 - 2020-02-01 15:37 - 000034304 _____ (Swiftpage ACT! LLC) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Act.Composi287a2193#\48b4b5eef26cd93acae84d3cd6f7e25b\Act.CompositeExtensions.Unity.ni.dll
2020-02-01 15:37 - 2020-02-01 15:37 - 000089600 _____ (Swiftpage ACT! LLC) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Act.Data.ActDb\6c4f330dabf7678509ef64f8cb0305de\Act.Data.ActDb.ni.dll
2020-02-01 15:37 - 2020-02-01 15:37 - 002300928 _____ (Swiftpage ACT! LLC) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Act.Data.Resources\7148a06dfd2b33421dd5e83aefdf21fe\Act.Data.Resources.ni.dll
2020-02-01 15:37 - 2020-02-01 15:37 - 000128000 _____ (Swiftpage ACT! LLC) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Act.Data\5fbb1861c07856e3029d283457974a52\Act.Data.ni.dll
2020-02-01 15:59 - 2020-02-01 15:59 - 000018944 _____ (Swiftpage ACT! LLC) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Act.Devices.Plugin\0b21cef18e4bb5a48964dfb6ba6a0467\Act.Devices.Plugin.ni.dll
2020-02-01 16:07 - 2020-02-01 16:07 - 001041408 _____ (Swiftpage ACT! LLC) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Act.Framewo27db50a4#\1682b189f37b68719d312947524228c3\Act.Framework.DataExchange.ni.dll
2020-02-01 16:15 - 2020-02-01 16:15 - 000202752 _____ (Swiftpage ACT! LLC) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Act.Framewo477affbe#\7b1138d1b9e3294aa65887ce6b9aee12\Act.Framework.MailMerge.ni.dll
2020-02-01 16:38 - 2020-02-01 16:38 - 000905728 _____ (Swiftpage ACT! LLC) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Act.Framewo7237de81#\99d90f2f72c18e88ba67f6e321649426\Act.Framework.SageIntegration.ni.dll
2020-02-01 16:07 - 2020-02-01 16:07 - 000306688 _____ (Swiftpage ACT! LLC) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Act.Framewoa3e2a95a#\964b99a0f439392ca478b316cb02e567\Act.Framework.ComponentModel.Core.ni.dll
2020-02-01 16:07 - 2020-02-01 16:07 - 000573440 _____ (Swiftpage ACT! LLC) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Act.Framewoa7c82375#\22e8e9da2f7e9e420362ded0cacabee5\Act.Framework.BusinessLink.Synchronization.ni.dll
2020-02-01 16:15 - 2020-02-01 16:15 - 000161792 _____ (Swiftpage ACT! LLC) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Act.Framewoa95d2654#\01051c6a8552bb73a52a79d28293f19e\Act.Framework.Interop.ni.dll
2020-02-01 16:38 - 2020-02-01 16:38 - 001551360 _____ (Swiftpage ACT! LLC) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Act.Framewob25cef3d#\dc14905c439c8f71368d83ae37f8207c\Act.Framework.Synchronization.ni.dll
2020-02-01 16:38 - 2020-02-01 16:38 - 000025088 _____ (Swiftpage ACT! LLC) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Act.Framewodb3e5e21#\e375ce75bab902459bcfd64d6785477f\Act.Framework.Messaging.ni.dll
2020-02-01 16:07 - 2020-02-01 16:07 - 000081920 _____ (Swiftpage ACT! LLC) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Act.Framewodd6a1969#\6301a898dd5f931fff5981c653702b43\Act.Framework.BusinessLink.Messaging.ni.dll
2020-02-01 17:07 - 2020-02-01 17:07 - 000604160 _____ (Swiftpage ACT! LLC) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Act.Outlook087b4ddb#\23aebe95560ce3a996d48eca686db898\Act.Outlook.Service.Desktop.ni.dll
2020-02-01 17:07 - 2020-02-01 17:07 - 000047616 _____ (Swiftpage ACT! LLC) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Act.Outlook22f3a37f#\9faf34f283259f3a500e3eb5dc8d0c49\Act.Outlook.Service.Interfaces.ni.dll
2020-02-01 17:07 - 2020-02-01 17:07 - 001036288 _____ (Swiftpage ACT! LLC) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Act.Outlook26feecde#\9a8a6062fd04a0b5840519938dfb60ce\Act.Outlook.Sync.Common.ni.dll
2020-02-01 16:45 - 2020-02-01 16:45 - 000455168 _____ (Swiftpage ACT! LLC) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Act.Outlookdbe19404#\807c8f90e25b7a7a9760b2c594242ab9\Act.Outlook.Integration.ni.dll
2020-02-01 17:07 - 2020-02-01 17:07 - 000587776 _____ (Swiftpage ACT! LLC) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Act.Outlooke08b44a0#\93006dd6340f68a85dcfafb484e4a94a\Act.Outlook.Service.Shared.ni.dll
2020-02-01 17:08 - 2020-02-01 17:08 - 000139776 _____ (Swiftpage ACT! LLC) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Act.Shared.0e0fb8ca#\ba472acb4ef181110ad517a3d3ea801f\Act.Shared.Windows.Forms.Navigation.ni.dll
2020-02-01 17:08 - 2020-02-01 17:08 - 000020992 _____ (Swiftpage ACT! LLC) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Act.Shared.12632491#\e72eddf053b8df049988645571939cac\Act.Shared.Messaging.Types.ni.dll
2020-02-01 17:08 - 2020-02-01 17:08 - 000119808 _____ (Swiftpage ACT! LLC) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Act.Shared.4c707719#\fc2395bfac45046ae77d9d5c943dc839\Act.Shared.Localization.ni.dll
2020-02-01 17:08 - 2020-02-01 17:08 - 000163840 _____ (Swiftpage ACT! LLC) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Act.Shared.7f9f27da#\1896c004f7205bd4cc9b424e93e0a2f3\Act.Shared.ComponentModel.ni.dll
2020-02-01 17:08 - 2020-02-01 17:08 - 000327680 _____ (Swiftpage ACT! LLC) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Act.Shared.85fb1d61#\a9776ab5ea59a12edf158002ab94ba25\Act.Shared.Wpf.Controls.ni.dll
2020-02-01 17:08 - 2020-02-01 17:08 - 000340992 _____ (Swiftpage ACT! LLC) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Act.Shared.936fb0dd#\afa1c374410d213eda430675b7d04a15\Act.Shared.LicProvider.ni.dll
2020-02-01 17:08 - 2020-02-01 17:08 - 000138240 _____ (Swiftpage ACT! LLC) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Act.Shared.949821cc#\ee015a6ed1690440070b57ca984804ae\Act.Shared.Windows.Forms.Charting.ni.dll
2020-02-01 17:08 - 2020-02-01 17:08 - 000132096 _____ (Swiftpage ACT! LLC) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Act.Shared.b7c81501#\2f1768250acdc6a8e8c33cbf394b8180\Act.Shared.Diagnostics.DefectLogger.ni.dll
2020-02-01 17:07 - 2020-02-01 17:07 - 000210432 _____ (Swiftpage ACT! LLC) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Act.Shared.c5db5c3f#\201b2ff17a4c23f5c77b8a75b5e52262\Act.Shared.Collections.ni.dll
2020-02-01 17:08 - 2020-02-01 17:08 - 000064000 _____ (Swiftpage ACT! LLC) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Act.Shared.c972cb58#\081f8d585ef8835eb5bc9895f77c2c15\Act.Shared.Windows.Forms.NotificationItem.ni.dll
2020-02-01 17:08 - 2020-02-01 17:08 - 000088576 _____ (Swiftpage ACT! LLC) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Act.Shared.Config\961c9505b709497b59ddf714f0b0e1de\Act.Shared.Config.ni.dll
2020-02-01 17:08 - 2020-02-01 17:08 - 004396032 _____ (Swiftpage ACT! LLC) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Act.Shared.dbaddaae#\80a63b4e4b0118d0887c26f8ecb459a1\Act.Shared.Windows.Forms.ni.dll
2020-02-01 17:08 - 2020-02-01 17:08 - 020098048 _____ (Swiftpage ACT! LLC) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Act.Shared.Images\7110ad127d910833386d656660faec09\Act.Shared.Images.ni.dll
2020-02-01 17:08 - 2020-02-01 17:08 - 000033280 _____ (Swiftpage ACT! LLC) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Act.Shared.Licensing\1045bba5d074d94c17c3fc54603457d6\Act.Shared.Licensing.ni.dll
2020-02-01 17:08 - 2020-02-01 17:08 - 000045568 _____ (Swiftpage ACT! LLC) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Act.Shared.Messaging\5c8a7eb8cd314f05231b0521fe22f7ca\Act.Shared.Messaging.ni.dll
2020-02-01 17:08 - 2020-02-01 17:08 - 000709120 _____ (Swiftpage ACT! LLC) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Act.Shared.Win32\276e895cc13fb567d6267468ecb01bda\Act.Shared.Win32.ni.dll
2020-02-01 17:08 - 2020-02-01 17:08 - 002068992 _____ (Swiftpage ACT! LLC) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Act.UI.Acti338b16d4#\1b4e88bda4b4412b3c7554b629b636d4\Act.UI.Activities.Views.ni.dll
2020-02-01 17:08 - 2020-02-01 17:08 - 000179200 _____ (Swiftpage ACT! LLC) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Act.UI.Acti96953793#\7496ffd0487fbbb5ebbce023a744aac4\Act.UI.Activities.Views.Shared.ni.dll
2020-02-01 17:08 - 2020-02-01 17:08 - 000144384 _____ (Swiftpage ACT! LLC) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Act.UI.Actiaf92ec23#\c1f235fe0ce578c3b4a1d5fd83cd40ac\Act.UI.ActivityViews.Widgets.TimeSelector.ni.dll
2020-02-01 17:08 - 2020-02-01 17:08 - 004355584 _____ (Swiftpage ACT! LLC) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\ACT.UI.Common.Images\751614b5cd7164ae870abd971ab69858\ACT.UI.Common.Images.ni.dll
2020-02-01 17:08 - 2020-02-01 17:08 - 001119744 _____ (Swiftpage ACT! LLC) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Act.UI.Core\7707845a069028064394f8e1a5072f6b\Act.UI.Core.ni.dll
2020-02-01 17:08 - 2020-02-01 17:08 - 000560640 _____ (Swiftpage ACT! LLC) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Act.UI.Desi4206ce90#\eadfe730631a3399e56ee621257ce2ee\Act.UI.Designer.Controls.ni.dll
2020-02-01 17:08 - 2020-02-01 17:08 - 000918016 _____ (Swiftpage ACT! LLC) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Act.UI.Desi94e7ccbe#\aecc907392c560e8809318ce40114f8a\Act.UI.Designer.Layout.ni.dll
2020-02-01 17:08 - 2020-02-01 17:08 - 000022016 _____ (Swiftpage ACT! LLC) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Act.UI.Dialogs\3ac8ff58faab1b1527d4a878f96db0e3\Act.UI.Dialogs.ni.dll
2020-02-01 17:08 - 2020-02-01 17:08 - 000180224 _____ (Swiftpage ACT! LLC) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Act.UI.Email\371e1b7109a739db29ead849862fb651\Act.UI.Email.ni.dll
2020-02-01 17:08 - 2020-02-01 17:08 - 000021504 _____ (Swiftpage ACT! LLC) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Act.UI.Look7c671ee7#\b47e7560995aaa5249696e64580890d6\Act.UI.LookupsResources.ni.dll
2020-02-01 17:08 - 2020-02-01 17:08 - 000773632 _____ (Swiftpage ACT! LLC) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Act.UI.PickList\eb0f3c899de435dc375477a54ef76439\Act.UI.PickList.ni.dll
2020-02-01 17:08 - 2020-02-01 17:08 - 000035840 _____ (Swiftpage ACT! LLC) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Act.UI.Remo4b8374cd#\3479aae64f8498556baf0a6ae1ff98ee\Act.UI.Remoting.Common.ni.dll
2020-02-01 17:08 - 2020-02-01 17:08 - 002255360 _____ (Swiftpage ACT! LLC) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Act.UI.Sagec5f5fa81#\f7bb883eea3d98b84522526641e9d70c\Act.UI.SageIntegration.ni.dll
2020-02-01 17:08 - 2020-02-01 17:08 - 001948160 _____ (Swiftpage ACT! LLC) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Act.UI.SyncSetup\de1b4c2c5c5f5d388154dd95a662441b\Act.UI.SyncSetup.ni.dll
2020-02-01 17:08 - 2020-02-01 17:08 - 000051200 _____ (Swiftpage ACT! LLC) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Act.UI.Theme\ed5e0f7f1ad552a2c8a7ee1d1d97ac66\Act.UI.Theme.ni.dll
2020-02-01 17:08 - 2020-02-01 17:08 - 000173056 _____ (Swiftpage ACT! LLC) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Act.UI.Updater\c64674f4ea7c67018f803cf0ef850cad\Act.UI.Updater.ni.dll
2020-02-01 17:08 - 2020-02-01 17:08 - 000833536 _____ (Swiftpage ACT! LLC) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Act.UI.Widgets\0b753cfbeed906bbef6998af646a44d0\Act.UI.Widgets.ni.dll
2020-02-01 17:08 - 2020-02-01 17:08 - 002570240 _____ (Swiftpage ACT! LLC) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Act.UI.WordProcessor\7c5ebdf92ad8e57a685e0615909d0323\Act.UI.WordProcessor.ni.dll
2019-11-03 17:30 - 2019-11-03 17:30 - 000187904 _____ (Swiftpage ACT! LLC) [File not signed] C:\windows\Microsoft.Net\assembly\GAC_64\Act.Outlook.Message.Reader\v4.0_20.0.159.0__ebf6b2ff4d0a08aa\Act.Outlook.Message.Reader.dll
2019-11-03 21:39 - 2020-01-21 16:20 - 001240064 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Users\cruss\AppData\Roaming\Dashlane\libeay32.dll
2019-11-03 21:39 - 2020-01-21 16:20 - 000281600 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Users\cruss\AppData\Roaming\Dashlane\ssleay32.dll
2020-01-29 19:22 - 2020-01-21 16:20 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Users\cruss\AppData\Roaming\Dashlane\6.2004.0.32112\bin\Qt\imageformats\qgif.dll
2020-01-29 19:22 - 2020-01-21 16:20 - 000034816 _____ (The Qt Company Ltd.) [File not signed] C:\Users\cruss\AppData\Roaming\Dashlane\6.2004.0.32112\bin\Qt\imageformats\qicns.dll
2020-01-29 19:22 - 2020-01-21 16:20 - 000025600 _____ (The Qt Company Ltd.) [File not signed] C:\Users\cruss\AppData\Roaming\Dashlane\6.2004.0.32112\bin\Qt\imageformats\qico.dll
2020-01-29 19:22 - 2020-01-21 16:20 - 000298496 _____ (The Qt Company Ltd.) [File not signed] C:\Users\cruss\AppData\Roaming\Dashlane\6.2004.0.32112\bin\Qt\imageformats\qjpeg.dll
2020-01-29 19:22 - 2020-01-21 16:20 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Users\cruss\AppData\Roaming\Dashlane\6.2004.0.32112\bin\Qt\imageformats\qsvg.dll
2020-01-29 19:22 - 2020-01-21 16:20 - 000019968 _____ (The Qt Company Ltd.) [File not signed] C:\Users\cruss\AppData\Roaming\Dashlane\6.2004.0.32112\bin\Qt\imageformats\qtga.dll
2020-01-29 19:22 - 2020-01-21 16:20 - 000332288 _____ (The Qt Company Ltd.) [File not signed] C:\Users\cruss\AppData\Roaming\Dashlane\6.2004.0.32112\bin\Qt\imageformats\qtiff.dll
2020-01-29 19:22 - 2020-01-21 16:20 - 000019456 _____ (The Qt Company Ltd.) [File not signed] C:\Users\cruss\AppData\Roaming\Dashlane\6.2004.0.32112\bin\Qt\imageformats\qwbmp.dll
2020-01-29 19:22 - 2020-01-21 16:20 - 000414720 _____ (The Qt Company Ltd.) [File not signed] C:\Users\cruss\AppData\Roaming\Dashlane\6.2004.0.32112\bin\Qt\imageformats\qwebp.dll
2020-01-29 19:22 - 2020-01-21 16:20 - 001126400 _____ (The Qt Company Ltd.) [File not signed] C:\Users\cruss\AppData\Roaming\Dashlane\6.2004.0.32112\bin\Qt\platforms\qwindows.dll
2020-01-29 19:22 - 2020-01-21 16:20 - 004994048 _____ (The Qt Company Ltd.) [File not signed] C:\Users\cruss\AppData\Roaming\Dashlane\6.2004.0.32112\bin\Qt\Qt5Core.dll
2020-01-29 19:22 - 2020-01-21 16:20 - 003637248 _____ (The Qt Company Ltd.) [File not signed] C:\Users\cruss\AppData\Roaming\Dashlane\6.2004.0.32112\bin\Qt\Qt5Gui.dll
2020-01-29 19:22 - 2020-01-21 16:20 - 001088512 _____ (The Qt Company Ltd.) [File not signed] C:\Users\cruss\AppData\Roaming\Dashlane\6.2004.0.32112\bin\Qt\Qt5Network.dll
2020-01-29 19:22 - 2020-01-21 16:20 - 000280576 _____ (The Qt Company Ltd.) [File not signed] C:\Users\cruss\AppData\Roaming\Dashlane\6.2004.0.32112\bin\Qt\Qt5Positioning.dll
2020-01-29 19:22 - 2020-01-21 16:20 - 000278016 _____ (The Qt Company Ltd.) [File not signed] C:\Users\cruss\AppData\Roaming\Dashlane\6.2004.0.32112\bin\Qt\Qt5PrintSupport.dll
2020-01-29 19:22 - 2020-01-21 16:20 - 002966016 _____ (The Qt Company Ltd.) [File not signed] C:\Users\cruss\AppData\Roaming\Dashlane\6.2004.0.32112\bin\Qt\Qt5Qml.dll
2020-01-29 19:22 - 2020-01-21 16:20 - 002796032 _____ (The Qt Company Ltd.) [File not signed] C:\Users\cruss\AppData\Roaming\Dashlane\6.2004.0.32112\bin\Qt\Qt5Quick.dll
2020-01-29 19:22 - 2020-01-21 16:20 - 000048640 _____ (The Qt Company Ltd.) [File not signed] C:\Users\cruss\AppData\Roaming\Dashlane\6.2004.0.32112\bin\Qt\Qt5QuickWidgets.dll
2020-01-29 19:22 - 2020-01-21 16:20 - 000163840 _____ (The Qt Company Ltd.) [File not signed] C:\Users\cruss\AppData\Roaming\Dashlane\6.2004.0.32112\bin\Qt\Qt5Sql.dll
2020-01-29 19:22 - 2020-01-21 16:20 - 000268288 _____ (The Qt Company Ltd.) [File not signed] C:\Users\cruss\AppData\Roaming\Dashlane\6.2004.0.32112\bin\Qt\Qt5Svg.dll
2020-01-29 19:22 - 2020-01-21 16:20 - 000092160 _____ (The Qt Company Ltd.) [File not signed] C:\Users\cruss\AppData\Roaming\Dashlane\6.2004.0.32112\bin\Qt\Qt5WebChannel.dll
2020-01-29 19:22 - 2020-01-21 16:20 - 055062528 _____ (The Qt Company Ltd.) [File not signed] C:\Users\cruss\AppData\Roaming\Dashlane\6.2004.0.32112\bin\Qt\Qt5WebEngineCore.dll
2020-01-29 19:22 - 2020-01-21 16:20 - 000190976 _____ (The Qt Company Ltd.) [File not signed] C:\Users\cruss\AppData\Roaming\Dashlane\6.2004.0.32112\bin\Qt\Qt5WebEngineWidgets.dll
2020-01-29 19:22 - 2020-01-21 16:20 - 004590592 _____ (The Qt Company Ltd.) [File not signed] C:\Users\cruss\AppData\Roaming\Dashlane\6.2004.0.32112\bin\Qt\Qt5Widgets.dll
2020-01-29 19:22 - 2020-01-21 16:20 - 000122368 _____ (The Qt Company Ltd.) [File not signed] C:\Users\cruss\AppData\Roaming\Dashlane\6.2004.0.32112\bin\Qt\styles\qwindowsvistastyle.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Program Files (x86)\EXP:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\cruss\Downloads\2019.qex:com.dropbox.attrs [54]
 
==================== Safe Mode (Whitelisted) ==================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SAVService => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist Remote Support Customer => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SAVService => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SntpService => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Sophos File Scanner Service => ""="service"
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer trusted/restricted ==========
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
 
There are 7941 more sites.
 
IE restricted site: HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\123simsen.com -> www.123simsen.com
 
There are 7941 more sites.
 
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2019-03-18 23:49 - 2020-02-03 17:10 - 000454656 ____R C:\windows\system32\drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com
 
There are 15606 more lines.
 
 
2019-11-12 14:09 - 2019-11-12 14:09 - 000000375 _____ C:\windows\system32\drivers\etc\hosts.ics
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\cruss\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
HKLM\...\StartupApproved\StartupFolder: => "Act! Integration.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Snagit 9.lnk"
HKLM\...\StartupApproved\Run: => "TechSmithSnagit"
HKLM\...\StartupApproved\Run32: => "Act! Preloader"
HKLM\...\StartupApproved\Run32: => "Act.Outlook64.Service"
HKLM\...\StartupApproved\Run32: => "SDTray"
HKLM\...\StartupApproved\Run32: => "Sophos Home UI"
HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\StartupApproved\Run: => "AvastBrowserAutoLaunch_38E8DBE963846923F5008B0D528FC97A"
HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\StartupApproved\Run: => "DashlanePlugin"
HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\StartupApproved\Run: => "AppleIEDAV"
HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\StartupApproved\Run: => "ApplePhotoStreams"
HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\StartupApproved\Run: => "iCloudPhotos"
HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\StartupApproved\Run: => "DymoQuickPrint"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{34DEA52C-EE5B-4359-B4B0-B24A8891840B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{651F0A23-4EB6-4575-8AC4-4A9AB6BB8FD9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{0B35A7FD-5040-4CB1-AB79-44F777EBDF92}] => (Allow) C:\Program Files (x86)\ACT\Act for Windows\Act!.exe (Swiftpage ACT! LLC -> Swiftpage ACT! LLC)
FirewallRules: [{EC0254AB-31D4-4023-BD56-E2497CA71555}] => (Allow) C:\Program Files (x86)\ACT\Act for Windows\Act!.exe (Swiftpage ACT! LLC -> Swiftpage ACT! LLC)
FirewallRules: [{21D750CE-1EBD-41E7-B2EE-0744595A148F}] => (Allow) C:\Program Files (x86)\ACT\Act for Windows\ActEmail.exe (Swiftpage ACT! LLC) [File not signed]
FirewallRules: [{8EDB38FD-FA3C-4778-97F1-24CD9E4E5A95}] => (Allow) C:\Program Files (x86)\ACT\Act for Windows\ActEmail.exe (Swiftpage ACT! LLC) [File not signed]
FirewallRules: [{16EB27FD-315E-498F-95CF-3B8A58E0B8F0}] => (Allow) C:\Program Files (x86)\ACT\Act for Windows\Act15.exe (Swiftpage ACT! LLC -> Swiftpage ACT! LLC)
FirewallRules: [{62F6F2E5-AC30-4A5D-B922-2C45957B542A}] => (Allow) C:\Program Files (x86)\ACT\Act for Windows\Act15.exe (Swiftpage ACT! LLC -> Swiftpage ACT! LLC)
FirewallRules: [{EC340202-5A20-44D8-AD3D-EF7086819492}] => (Allow) C:\Program Files (x86)\ACT\Act for Windows\Act.Server.Host.exe (Microsoft) [File not signed]
FirewallRules: [{0354768B-952E-4830-822E-906A36803593}] => (Allow) C:\Program Files (x86)\ACT\Act for Windows\Act.Server.Host.exe (Microsoft) [File not signed]
FirewallRules: [{E79CF8BA-84FB-4EA9-AE38-0AF0BF4BB66E}] => (Allow) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Arvato Digital Services Canada Inc -> arvato digital services llc)
FirewallRules: [{BDE59566-3824-46DB-AE83-C447C90E9837}] => (Allow) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Arvato Digital Services Canada Inc -> arvato digital services llc)
FirewallRules: [{36E28921-1838-4274-9130-3DA43461B828}] => (Allow) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4EC2E8C9-65A6-4171-998D-57CA80DF2E6B}] => (Allow) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{59E0A18E-2AA4-4232-BAB6-2574DA841025}] => (Allow) C:\Program Files\Microsoft SQL Server\MSSQL12.ACT7\MSSQL\Binn\sqlservr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{331F4AC6-34EF-47A4-A04E-EBEFB5B8D60A}] => (Allow) C:\Program Files\Microsoft SQL Server\MSSQL12.ACT7\MSSQL\Binn\sqlservr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5AE3F2C5-F462-4200-BFC2-7995B55A9CB0}] => (Allow) LPort=1434
FirewallRules: [{B072E5E0-4308-4343-B9D1-5B0EA762F73A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{23DB6B85-19C3-4993-9E7C-F69CEC86FBC6}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{420AD31C-DFD7-4EC8-96E5-D9F9FC560198}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{08BE1541-0831-419B-94BC-2C314275A906}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{09B0211D-AEE1-431D-8842-D620AAFBCB22}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{EE3FD05D-CF80-481F-A1EF-88EB201C01E8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{914B24F3-118C-4011-8A8E-C5DE24D4E6C2}C:\program files (x86)\act\act for windows\act!.exe] => (Allow) C:\program files (x86)\act\act for windows\act!.exe (Swiftpage ACT! LLC -> Swiftpage ACT! LLC)
FirewallRules: [UDP Query User{CE4BA937-7A3E-4C35-A353-9A15FD1E5064}C:\program files (x86)\act\act for windows\act!.exe] => (Allow) C:\program files (x86)\act\act for windows\act!.exe (Swiftpage ACT! LLC -> Swiftpage ACT! LLC)
FirewallRules: [{17E2DE11-E573-463D-A18E-93F2040E31E7}] => (Allow) C:\Users\cruss\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{90F824B0-A44C-49CF-AD26-F21138686F6B}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{68C0891E-7F1D-439C-96E5-A9EB6B34ADE5}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{B7CA98D4-4B4C-41FC-99FD-2F85FF09A0DA}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{0AE74680-3C14-4994-8092-F95F1D7D07D5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{378B3CA6-BEF7-464F-8DE6-379685A1A4FA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{20688AC5-FB04-4D21-853E-7BC99F1DA476}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{08ACABCF-EEC9-406F-9448-E11FCC4C5023}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{815EA27A-46C5-4184-8FED-21538336ECB4}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\80.0.3987.18\remoting_host.exe (Google LLC -> Google Inc.)
FirewallRules: [{F257BE38-2D13-4109-B296-D74E7BEE8558}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{43A61B22-3467-48D7-AD2D-9AB1AC2CEB2D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
 
==================== Restore Points =========================
 
10-02-2020 14:45:27 Checkpoint by Sophos Home Clean
11-02-2020 15:17:03 Checkpoint by HitmanPro
 
==================== Faulty Device Manager Devices ============
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (02/12/2020 09:07:46 AM) (Source: Act.Outlook.Service.Desktop) (EventID: 0) (User: )
Description: Error in the application.
 
Error: (02/12/2020 09:07:46 AM) (Source: Act.Outlook.Service.Desktop) (EventID: 0) (User: )
Description: Error in the application.
 
Error: (02/12/2020 09:07:46 AM) (Source: Act.Outlook.Service.Desktop) (EventID: 0) (User: )
Description: Error in the application.
 
Error: (02/12/2020 09:07:46 AM) (Source: Act.Outlook.Service.Desktop) (EventID: 0) (User: )
Description: Error in the application.
 
Error: (02/12/2020 09:07:45 AM) (Source: Act.Outlook.Service.Desktop) (EventID: 0) (User: )
Description: Error in the application.
 
Error: (02/12/2020 09:07:45 AM) (Source: Act.Outlook.Service.Desktop) (EventID: 0) (User: )
Description: Error in the application.
 
Error: (02/12/2020 09:06:22 AM) (Source: Desktop History Queue Provider) (EventID: 0) (User: )
Description: Restarting the timer to handle future records
 
Error: (02/12/2020 09:06:22 AM) (Source: Desktop History Queue Provider) (EventID: 0) (User: )
Description: Setting Processing to False
 
 
System errors:
=============
Error: (02/12/2020 09:13:51 AM) (Source: SAVOnAccess) (EventID: 15) (User: )
Description: The on-access driver was unable to create an impersonation token for file \Device\HarddiskVolume3\WINDOWS\SYSTEM32\BCDEDIT.EXE.
 
Error: (02/12/2020 09:13:50 AM) (Source: SAVOnAccess) (EventID: 15) (User: )
Description: The on-access driver was unable to create an impersonation token for file \Device\HarddiskVolume3\WINDOWS\SYSTEM32\CMD.EXE.
 
Error: (02/12/2020 09:13:49 AM) (Source: SAVOnAccess) (EventID: 15) (User: )
Description: The on-access driver was unable to create an impersonation token for file \Device\HarddiskVolume3\WINDOWS\SYSTEM32\BCDEDIT.EXE.
 
Error: (02/12/2020 09:13:48 AM) (Source: SAVOnAccess) (EventID: 15) (User: )
Description: The on-access driver was unable to create an impersonation token for file \Device\HarddiskVolume3\WINDOWS\SYSTEM32\CMD.EXE.
 
Error: (02/12/2020 09:08:46 AM) (Source: SAVOnAccess) (EventID: 15) (User: )
Description: The on-access driver was unable to create an impersonation token for file \Device\HarddiskVolume3\PROGRAM FILES\AVAST SOFTWARE\AVAST\AVASTNM.EXE.
 
Error: (02/12/2020 09:08:35 AM) (Source: SAVOnAccess) (EventID: 15) (User: )
Description: The on-access driver was unable to create an impersonation token for file \Device\HarddiskVolume3\WINDOWS\SYSTEM32\SHELL32.DLL.
 
Error: (02/12/2020 09:08:24 AM) (Source: SAVOnAccess) (EventID: 15) (User: )
Description: The on-access driver was unable to create an impersonation token for file \Device\HarddiskVolume3\WINDOWS\SYSTEM32\DAVCLNT.DLL.
 
Error: (02/12/2020 09:06:46 AM) (Source: SAVOnAccess) (EventID: 15) (User: )
Description: The on-access driver was unable to create an impersonation token for file \Device\HarddiskVolume3\PROGRAM FILES\AVAST SOFTWARE\AVAST\FIREFOX_PASS.DLL.
 
 
Windows Defender:
===================================
Date: 2019-11-03 17:43:46.618
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {983B4124-CCFE-4C4E-BB18-D2FAD185F031}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2019-11-03 13:50:46.339
Description: 
Windows Defender Antivirus has encountered an error trying to load security intelligence and will attempt reverting back to a known-good version.
Security intelligence Attempted: Current
Error Code: 0x80070002
Error description: The system cannot find the file specified. 
Security intelligence version: 0.0.0.0;0.0.0.0
Engine version: 0.0.0.0
 
CodeIntegrity:
===================================
 
Date: 2020-02-12 09:11:10.986
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-02-12 09:11:10.982
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-02-12 09:10:53.197
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2020-02-12 09:10:53.196
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2020-02-12 09:10:52.868
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2020-02-12 09:10:52.866
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2020-02-12 09:10:37.719
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-02-12 09:10:37.716
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
 
==================== Memory info =========================== 
 
BIOS: Microsoft Corporation 7.100.140 12/20/2019
Motherboard: Microsoft Corporation Surface Laptop 3
Processor: Intel® Core™ i7-1065G7 CPU @ 1.30GHz
Percentage of memory in use: 59%
Total physical RAM: 15974.48 MB
Available physical RAM: 6448.52 MB
Total Virtual: 18406.48 MB
Available Virtual: 7932.6 MB
 
==================== Drives ================================
 
Drive c: (Local Disk) (Fixed) (Total:475.8 GB) (Free:381 GB) NTFS
 
\\?\Volume{a86fc56c-0cf4-4aca-b681-de631d1db459}\ (Windows RE tools) (Fixed) (Total:0.76 GB) (Free:0.34 GB) NTFS
\\?\Volume{0927b683-993c-4fcf-a91e-d1ee867e1855}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 6A32A2B3)
 
Partition: GPT.
 
==================== End of Addition.txt =======================

 



#5 Carlgrus

Carlgrus

    Advanced Member

  • Full Member
  • PipPipPip
  • 130 posts

Posted 12 February 2020 - 08:49 AM

And here are the Rogue Killer text file and the FSS.txt file…thanks again

 

RogueKiller Anti-Malware V14.1.1.0 (x64) [Jan 28 2020] (Free) by Adlice Software
Operating System : Windows 10 (10.0.18363) 64 bits
Started in : Normal mode
User : cruss [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Signatures : 20200212_135530, Driver : Loaded
Mode : Standard Scan, Scan -- Date : 2020/02/12 09:33:02 (Duration : 00:07:56)
Switches : -minimize
 
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
 
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Process Modules ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
 
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Services ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
 
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Tasks ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
 
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Registry ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
>>>>>> XX - Software
  [PUP.Gen1 (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\Software\Description -- N/A -> Found
 
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ WMI ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
 
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Hosts File ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
Hosts file is too big
 
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Files ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
 
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Web browsers ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
 
 
Farbar Service Scanner Version: 14-12-2019
Ran by cruss (administrator) on 12-02-2020 at 09:45:57
Running from "C:\Users\cruss\OneDrive\Desktop\Spyware Utilities"
Microsoft Windows 10 Pro  (X64)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
 
 
Other Services:
==============
 
 
File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
 
 
**** End of log ****


#6 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,293 posts

Posted 13 February 2020 - 07:50 AM

Hi,
 
Sophos and Avast should not be running together in real life.
This only slow down browsing the net.
I suggest you disable Sophos.
 

AV: Sophos Home (Enabled - Up to date) {FFADE7EA-DC92-4602-D6B2-626CD3450A0F}
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
FW: Avast Antivirus (Enabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}
<<<>>>
 
Press the Windows key + r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.
Please copy the entire contents of the code box below to the a new file.
 
start
 
CreateRestorePoint:
CloseProcesses:
 
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
FF HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Firefox\Extensions: [{442718d9-475e-452a-b3e1-fb1ee16b8e9f}] - C:\Users\cruss\AppData\Roaming\Dashlane\6.1946.0.26096\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f} => not found
AlternateDataStreams: C:\Program Files (x86)\EXP:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\cruss\Downloads\2019.qex:com.dropbox.attrs [54]
FirewallRules: [{90F824B0-A44C-49CF-AD26-F21138686F6B}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{68C0891E-7F1D-439C-96E5-A9EB6B34ADE5}] => (Allow) %systemroot%\system32\alg.exe No File
 
CMD: netsh int ip reset
CMD: ipconfig /flushDNS
 
VirusTotal: C:\windows\system32\kernel32.dll
 
Reboot:
 
End
 
Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.
 
Run FRST and click Fix only once and wait.
 
The tool will create a log (Fixlog.txt) please post it to your reply.
===
 
You FRST.TXt log shows that Firefox is not accessable.
If the problem persists please execute this.
 
Remove and re-install Firefox it may be compromised.
 
Before proceeding save your Bookmarks. (Export)
 
Firefox Password manager - Import your passwords.
Password Manager - Remember, delete, change and import saved passwords in Firefox
 
If the problem persists in Firefox and you are Syncing with other Devices reset it.
 
When all is well you can re-sync your devices.
 
Clean the Firefox Cache.
 
Remove Firefox using the instructions one this page.
 
Restart the computer normally.
 
Install the latest version of the application.
 
Import your Bookmarks. Same link as the Export function above.
 
Restart the computer normally.
<<<>>>
 
Please let me know if you also have issues with the other browsers.

nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#7 Carlgrus

Carlgrus

    Advanced Member

  • Full Member
  • PipPipPip
  • 130 posts

Posted 13 February 2020 - 09:41 AM

Magic! all is working, Thank you again.  Can I buy you dinner?  You're fantastic! I appreciate all that you do.  You got both my computer back up an operating in short order, I can't thank you enough....Carl



#8 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,293 posts

Posted 14 February 2020 - 07:36 AM

Glad we could help.

 

Can you post the Fixlog.txt for my review.

 

I want to see what submitting the Kernell.dll file was reported.

 

Stay safe.


nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#9 Carlgrus

Carlgrus

    Advanced Member

  • Full Member
  • PipPipPip
  • 130 posts

Posted 14 February 2020 - 03:50 PM

Here you go, and thanks again:

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 12-02-2020
Ran by cruss (13-02-2020 10:23:40) Run:1
Running from C:\Users\cruss\OneDrive\Desktop\Spyware Utilities
Loaded Profiles: cruss (Available Profiles: cruss)
Boot Mode: Normal
==============================================

fixlist content:
*****************
start
 
CreateRestorePoint:
CloseProcesses:
 
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
FF HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Firefox\Extensions: [{442718d9-475e-452a-b3e1-fb1ee16b8e9f}] - C:\Users\cruss\AppData\Roaming\Dashlane\6.1946.0.26096\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f} => not found
AlternateDataStreams: C:\Program Files (x86)\EXP:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\cruss\Downloads\2019.qex:com.dropbox.attrs [54]
FirewallRules: [{90F824B0-A44C-49CF-AD26-F21138686F6B}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{68C0891E-7F1D-439C-96E5-A9EB6B34ADE5}] => (Allow) %systemroot%\system32\alg.exe No File
 
CMD: netsh int ip reset
CMD: ipconfig /flushDNS
 
VirusTotal: C:\windows\system32\kernel32.dll
 
Reboot:
 
End
*****************

Restore point was successfully created.
Processes closed successfully.
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\Software\Mozilla\Firefox\Extensions\\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}" => removed successfully
C:\Program Files (x86)\EXP => ":com.dropbox.attrs" ADS removed successfully
C:\Users\cruss\Downloads\2019.qex => ":com.dropbox.attrs" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{90F824B0-A44C-49CF-AD26-F21138686F6B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{68C0891E-7F1D-439C-96E5-A9EB6B34ADE5}" => removed successfully

========= netsh int ip reset =========

Resetting Compartment Forwarding, OK!
Resetting Compartment, OK!
Resetting Control Protocol, OK!
Resetting Echo Sequence Request, OK!
Resetting Global, OK!
Resetting Interface, OK!
Resetting Anycast Address, OK!
Resetting Multicast Address, OK!
Resetting Unicast Address, OK!
Resetting Neighbor, OK!
Resetting Path, OK!
Resetting Potential, OK!
Resetting Prefix Policy, OK!
Resetting Proxy Neighbor, OK!
Resetting Route, OK!
Resetting Site Prefix, OK!
Resetting Subinterface, OK!
Resetting Wakeup Pattern, OK!
Resetting Resolve Neighbor, OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , failed.
Access is denied.

Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Restart the computer to complete this action.


========= End of CMD: =========


========= ipconfig /flushDNS =========


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========

VirusTotal: C:\windows\system32\kernel32.dll => https://www.virustot...sis/1581587750/


The system needed a reboot.

==== End of Fixlog 10:23:55 ====






Member of UNITE
Support SpywareInfo Forum - click the button