a problem with the firefox browser


  1. Posts : 204
    win 10 Pro 64bit
       #1

    a problem with the firefox browser


    This is on a Gateway laptop model NV570P-18U, OS Win 10 Home 64 bit. When I boot up the laptop and the desktop comes up. Random programs that are installed on my C: HD will pop up on the desktop without me clicking on those programs to open them up. I screen captured one of them and posted here. It isn't a great big problem. It falls in the category of been annoying. How do I fix this?

    https://www.tenforums.com/images/attach/jpg.gif

    BTW what is in the screen capture, I have no idea as to how it got there. I am not into that type of junk.
      My Computer


  2. Posts : 6,961
    windows 10
       #2

    Download the correct 32 or 64 bit Download Farbar Recovery Scan Tool

    Post the two files it produces so we can see whats going on
      My Computer


  3. Posts : 25,017
    10 Home x64 (21H2) (10 Pro on 2nd pc)
       #3

    reble said:
    When I boot up the laptop and the desktop comes up. Random programs that are installed on my C: HD will pop up on the desktop without me clicking on those programs to open them up...
    By default, if you left a program open when you shut down then it will automatically be reopened after a start up. Not all programs can register for a restart, but Firefox is one that can, so is MS Office. You can turn off this behaviour.

    Use sign-in info to auto finish after Update or Restart in Windows 10

    New for version 2004, this behaviour now applies to UWP desktop apps as well.

    Turn On or Off Automatically Restart Apps after Sign In in Windows 10
      My Computers


  4. Posts : 204
    win 10 Pro 64bit
    Thread Starter
       #4

    Samuria said:
    Download the correct 32 or 64 bit Download Farbar Recovery Scan Tool

    Post the two files it produces so we can see whats going on
    Here is the 2 files that you want. BTW I am checking out Oracle's VirtualBox. To see if I can run Win 7 Home 32 bit programs on Win 10 Home 64 bit.


    Also the "MBR & Partition Table" doesn't show the 500gb HD in an external USB case

    Frst.txt

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 04-07-2020 01
    Ran by Steve (administrator) on GATEWAY-LAPTOP (Gateway NV570P) (07-07-2020 04:38:02)
    Running from D:\download\22
    Loaded Profiles: Steve
    Platform: Windows 10 Home Version 1903 18362.900 (X64) Language: English (United States)
    Default browser: FF
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (Adobe Systems, Incorporated -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
    (Check Point Software Technologies Ltd. -> ) C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe
    (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe
    (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\Remediation\RemediationService.exe
    (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\Threat Emulation\TESvc.exe
    (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAAR.exe
    (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAARUpdateService.exe
    (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ICM\ICM-Service-NET.exe
    (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
    (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
    (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
    (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
    (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
    (GOG Sp. z o.o. -> GOG.com) C:\Program Files (x86)\GOG Galaxy\GalaxyClient Helper.exe <2>
    (GOG Sp. z o.o. -> GOG.com) C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe
    (GOG Sp. z o.o. -> GOG.com) C:\Program Files (x86)\GOG Galaxy\GOG Galaxy Notifications Renderer.exe
    (GOG Sp. z o.o. -> GOG.com) C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
    (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
    (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
    (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
    (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
    (KEDMI Scientific Computing) [File not signed] C:\Program Files (x86)\tinySpell\tinyspell.exe
    (LAVASOFT SOFTWARE CANADA INC -> ) C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
    (LAVASOFT SOFTWARE CANADA INC -> Lavasoft) C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
    (Marek Jasinski -> Marek Jasinski) C:\Program Files (x86)\FreeCommander XE\FcContextMenu64.exe
    (Marek Jasinski -> Marek Jasinski) C:\Program Files (x86)\FreeCommander XE\FreeCommander.exe
    (Microsoft Corporation -> Microsoft Corporation) C:\Users\Steve\AppData\Local\Microsoft\OneDrive\OneDrive.exe
    (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wiawow64.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe <2>
    (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <7>
    (Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
    (Nero AG) [File not signed] C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
    (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
    (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
    (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXRCV.exe
    (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXSTM.exe
    (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\EPSON Software\PMA_A\PMA.exe
    (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\EPSON Software\PMA_A\PMAService.exe
    (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe
    (SEIKO EPSON Corporation -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
    (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIM1E.EXE <2>
    (Wondershare software CO., LIMITED -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

    ==================== Registry (Whitelisted) ===================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
    HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14021336 2015-06-18] (Realtek Semiconductor Corp -> Realtek Semiconductor)
    HKLM-x32\...\Run: [ZaAntiRansomware] => C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAAR.exe [4230880 2020-02-09] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
    HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [37232 2008-06-12] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
    HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [640376 2008-06-11] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
    HKLM-x32\...\Run: [ZoneAlarm] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [326448 2019-07-25] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
    HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1087184 2016-01-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
    HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [670856 2019-12-16] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
    HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [896136 2019-12-16] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
    HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2137744 2016-10-08] (Wondershare software CO., LIMITED -> Wondershare)
    HKLM-x32\...\Run: [NeroFilterCheck] => C:\WINDOWS\SysWOW64\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh) [File not signed]
    HKU\S-1-5-21-222439763-1504960209-4064898973-1001\...\Run: [tinySpell] => C:\Program Files (x86)\tinySpell\tinyspell.exe [562688 2017-02-13] (KEDMI Scientific Computing) [File not signed]
    HKU\S-1-5-21-222439763-1504960209-4064898973-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIM1E.EXE [298560 2013-12-15] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
    HKU\S-1-5-21-222439763-1504960209-4064898973-1001\...\Run: [EPLTarget\P0000000000000001] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIM1E.EXE [298560 2013-12-15] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
    HKU\S-1-5-21-222439763-1504960209-4064898973-1001\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [94208 2005-10-28] (Nero AG) [File not signed]
    HKU\S-1-5-21-222439763-1504960209-4064898973-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [8146520 2020-06-25] (LAVASOFT SOFTWARE CANADA INC -> Lavasoft)
    HKU\S-1-5-21-222439763-1504960209-4064898973-1001\...\Run: [GalaxyClient] => [X]
    HKU\S-1-5-21-222439763-1504960209-4064898973-1001\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [14119496 2020-07-02] (GOG Sp. z o.o. -> GOG.com)
    HKLM\...\Windows x64\Print Processors\HP1006PrintProc: C:\Windows\System32\spool\prtprocs\x64\HP1006PP.dll [65024 2013-04-15] (Microsoft Windows Hardware Compatibility Publisher -> )
    HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [51032 2008-04-07] (Adobe Systems, Incorporated -> Adobe Systems Inc)
    HKLM\...\Print\Monitors\EPSON WF-2760 Series 64MonitorBE: C:\WINDOWS\system32\E_YLMBM1E.DLL [180224 2014-03-04] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
    HKLM\...\Print\Monitors\EpsonNet Print Port: C:\WINDOWS\system32\enppmon.dll [500736 2016-09-14] (SEIKO EPSON CORPORATION) [File not signed]
    HKLM\...\Print\Monitors\HP1006LM: C:\WINDOWS\system32\HP1006LM.DLL [198144 2013-04-15] (Microsoft Windows Hardware Compatibility Publisher -> )
    HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.116\Installer\chrmstp.exe [2020-06-23] (Google LLC -> Google LLC)
    GroupPolicy: Restriction ? <==== ATTENTION
    CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

    ==================== Scheduled Tasks (Whitelisted) ============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {0BC45787-3B6E-418A-9F44-6A9F0DAEBF57} - System32\Tasks\TinyTakeUpgrade => C:\Users\Steve\AppData\Local\MangoApps\TinyTake by MangoApps\TinyTake.exe
    Task: {82911844-C6DF-45E5-80BC-D45DF1CBEAA9} - System32\Tasks\EPSON WF-2760 Series Update {2F5D60BE-AD88-424E-8004-2E03862A428D} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSM1E.EXE [690536 2013-11-21] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
    Task: {9E220416-19A8-47A4-A965-84091379AEAD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-19] (Google LLC -> Google LLC)
    Task: {A3A5B2CE-9B74-415F-944F-7270A5C94A60} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-19] (Google LLC -> Google LLC)
    Task: {BED2D3AE-0982-406D-97E8-BB9B6D9F07D7} - System32\Tasks\EPSON WF-2760 Series Update {9FD1E512-4C0B-40ED-8F6F-5BD89DE13CBF} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSM1E.EXE [690536 2013-11-21] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
    Task: {F5475B64-4D31-4CE7-A6AE-C08E41C64A29} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [6562168 2016-09-08] (Nero AG -> Nero AG)
    Task: {F7567E35-734B-448D-A969-3FA59D57524E} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [124624 2020-06-20] (Mozilla Corporation -> Mozilla Foundation)

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
    Task: C:\WINDOWS\Tasks\EPSON WF-2760 Series Update {2F5D60BE-AD88-424E-8004-2E03862A428D}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSM1E.EXE:/EXE:{2F5D60BE-AD88-424E-8004-2E03862A428D} /F:UpdateWORKGROUP\GATEWAY-LAPTOP$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
    Task: C:\WINDOWS\Tasks\EPSON WF-2760 Series Update {9FD1E512-4C0B-40ED-8F6F-5BD89DE13CBF}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSM1E.EXE:/EXE:{9FD1E512-4C0B-40ED-8F6F-5BD89DE13CBF} /F:UpdateWORKGROUP\GATEWAY-LAPTOP$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
    Tcpip\..\Interfaces\{f60af2fe-1c83-467b-a896-00510ac9ce8c}: [DhcpNameServer] 192.168.1.1

    Internet Explorer:
    ==================
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
    HKU\S-1-5-21-222439763-1504960209-4064898973-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/?pc=COS2&ptag=D062620-A21ABFDD9D88F4162B1F&form=CONMHP&conlogo=CT3332016
    SearchScopes: HKU\S-1-5-21-222439763-1504960209-4064898973-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COS2&ptag=D062620-N0700A21ABFDD9D88F4162B1F&form=CONBDF&conlogo=CT3332016&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-222439763-1504960209-4064898973-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COS2&ptag=D062620-N0700A21ABFDD9D88F4162B1F&form=CONBDF&conlogo=CT3332016&q={searchTerms}
    BHO: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitBHO64.dll [2010-04-13] (TechSmith Corporation -> TechSmith Corporation)
    BHO-x32: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files (x86)\TechSmith\Snagit 10\SnagitBHO.dll [2010-04-13] (TechSmith Corporation -> TechSmith Corporation)
    BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
    BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
    BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
    Toolbar: HKLM - Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitIEAddin64.dll [2010-04-13] (TechSmith Corporation -> TechSmith Corporation)
    Toolbar: HKLM-x32 - Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitIEAddin.dll [2010-04-13] (TechSmith Corporation -> TechSmith Corporation)
    Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
    Toolbar: HKU\S-1-5-21-222439763-1504960209-4064898973-1001 -> No Name - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File
    Toolbar: HKU\S-1-5-21-222439763-1504960209-4064898973-1001 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File

    FireFox:
    ========
    FF DefaultProfile: liw8anwv.default
    FF ProfilePath: C:\Users\Steve\AppData\Roaming\Mozilla\Firefox\Profiles\liw8anwv.default [2020-06-25]
    FF NewTab: Mozilla\Firefox\Profiles\liw8anwv.default -> hxxps://defaultsearch.co/homepage?hp=1&pId=IC150206&iDate=2020-06-26 06:55:04&bName=&bitmask=0600
    FF ProfilePath: C:\Users\Steve\AppData\Roaming\Mozilla\Firefox\Profiles\92ceg5mm.default-release [2020-07-07]
    FF Homepage: Mozilla\Firefox\Profiles\92ceg5mm.default-release -> hxxps://www.nbcrightnow.com/
    FF NewTab: Mozilla\Firefox\Profiles\92ceg5mm.default-release -> hxxps://defaultsearch.co/homepage?hp=1&pId=IC150206&iDate=2020-06-26 06:55:04&bName=&bitmask=0600

    Chrome:
    =======
    CHR Profile: C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default [2020-06-18]
    CHR Extension: (Slides) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-05-06]
    CHR Extension: (Docs) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-05-06]
    CHR Extension: (Google Drive) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-05-06]
    CHR Extension: (YouTube) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-05-06]
    CHR Extension: (Sheets) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-05-06]
    CHR Extension: (Google Docs Offline) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-06-18]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-05-06]
    CHR Extension: (Gmail) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-05-06]
    CHR Extension: (Chrome Media Router) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-06-18]

    ==================== Services (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 CPEFR; C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe [2900728 2020-02-06] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
    R2 CpSbaCipolla; C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe [33016 2020-02-06] (Check Point Software Technologies Ltd. -> )
    R2 CpSbaUpdater; C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe [33016 2020-02-06] (Check Point Software Technologies Ltd. -> )
    R2 Epson PMAService A; C:\Program Files (x86)\Epson Software\PMA_A\PMAService.exe [113144 2017-03-28] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
    R2 EpsonCustomerResearchParticipation; C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe [678328 2018-06-11] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
    R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-17] (SEIKO EPSON Corporation -> Seiko Epson Corporation)
    R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-07] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
    S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2020-04-21] (Macrovision Corporation -> Macrovision Europe Ltd.) [File not signed]
    S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1673288 2020-07-02] (GOG Sp. z o.o. -> GOG.com)
    S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6821960 2020-07-02] (GOG Sp. z o.o. -> GOG.com)
    R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel(R) pGFX -> Intel Corporation)
    R2 RemediationService; C:\Program Files (x86)\CheckPoint\Endpoint Security\Remediation\RemediationService.exe [18168 2020-02-06] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
    R2 TESvc; C:\Program Files (x86)\CheckPoint\Endpoint Security\Threat Emulation\TESvc.exe [306424 2020-02-06] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
    S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [744968 2020-06-04] (Oracle Corporation -> Oracle Corporation)
    R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [4501544 2019-07-25] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
    R2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [29272 2020-06-25] (LAVASOFT SOFTWARE CANADA INC -> )
    S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\NisSrv.exe [2496144 2020-07-04] (Microsoft Windows Publisher -> Microsoft Corporation)
    S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\MsMpEng.exe [104192 2020-07-04] (Microsoft Windows Publisher -> Microsoft Corporation)
    R2 ZA NET ICM Service; C:\Program Files (x86)\CheckPoint\ICM\ICM-Service-NET.exe [40304 2019-02-06] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
    R2 ZAARUpdateService; C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAARUpdateService.exe [51936 2020-02-09] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
    S3 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [114936 2019-07-25] (Check Point Software Technologies Ltd. -> Check Point Software Technologies, Ltd.)
    S2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\WsAppService.exe [X]

    ===================== Drivers (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    S3 AndnetBus; C:\WINDOWS\System32\drivers\lgandnetbus64.sys [30208 2019-08-12] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
    S3 AndNetDiag; C:\WINDOWS\system32\DRIVERS\lgandnetdiag64.sys [30720 2019-08-12] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
    S3 ANDNetModem; C:\WINDOWS\system32\DRIVERS\lgandnetmodem64.sys [37376 2019-08-12] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
    R2 cpbak; C:\WINDOWS\System32\DRIVERS\cpbak.sys [67360 2020-01-23] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
    R1 CPEPMon; C:\WINDOWS\System32\DRIVERS\CPEPMon.sys [110872 2020-01-26] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
    R1 epnetflt; C:\WINDOWS\system32\drivers\epnetflt.sys [133920 2020-01-26] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
    R1 epregflt; C:\WINDOWS\system32\drivers\epregflt.sys [132176 2019-05-01] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
    S3 evserial7; C:\WINDOWS\System32\DRIVERS\evserial7.sys [71432 2011-10-31] (Eltima Software -> ELTIMA Software)
    R2 ISWKL; C:\Program Files (x86)\CheckPoint\Endpoint Security\Endpoint Common\bin\ISWKL.sys [56184 2020-01-22] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
    S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [37816 2019-07-25] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
    R3 klfltsdk; C:\WINDOWS\system32\DRIVERS\klfltsdk.sys [252544 2019-07-25] (Kaspersky Lab -> AO Kaspersky Lab)
    R1 klgse; C:\WINDOWS\System32\DRIVERS\klgse.sys [521336 2019-07-25] (Kaspersky Lab -> AO Kaspersky Lab)
    R1 klhk; C:\WINDOWS\system32\DRIVERS\klhk.sys [1107064 2019-07-25] (Kaspersky Lab -> AO Kaspersky Lab)
    R1 klifsdk; C:\WINDOWS\System32\DRIVERS\klifsdk.sys [1105536 2019-07-25] (Kaspersky Lab -> AO Kaspersky Lab)
    R0 klupd_klifsdk_arkmon; C:\WINDOWS\System32\Drivers\klupd_klifsdk_arkmon.sys [256752 2020-05-30] (Kaspersky Lab -> AO Kaspersky Lab)
    R3 klupd_klifsdk_kimul; C:\WINDOWS\System32\Drivers\klupd_klifsdk_kimul.sys [99152 2020-05-30] (Kaspersky Lab -> AO Kaspersky Lab)
    R3 klupd_klifsdk_klark; C:\WINDOWS\System32\Drivers\klupd_klifsdk_klark.sys [309968 2020-05-30] (Kaspersky Lab -> AO Kaspersky Lab)
    R0 klupd_klifsdk_klbg; C:\WINDOWS\System32\Drivers\klupd_klifsdk_klbg.sys [116920 2020-06-29] (Kaspersky Lab -> AO Kaspersky Lab)
    R3 klupd_klifsdk_mark; C:\WINDOWS\System32\Drivers\klupd_klifsdk_mark.sys [206880 2020-05-30] (Kaspersky Lab -> AO Kaspersky Lab)
    R1 klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [212304 2019-07-25] (Kaspersky Lab -> AO Kaspersky Lab)
    S2 SecDrv; C:\WINDOWS\SysWOW64\drivers\SECDRV.SYS [12400 2020-06-16] (Macrovision Europe Ltd) [File not signed]
    U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] (Empty Loop -> )
    R3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [237832 2020-06-04] (Oracle Corporation -> Oracle Corporation)
    R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [247232 2020-06-04] (Oracle Corporation -> Oracle Corporation)
    R3 VSBC7; C:\WINDOWS\System32\drivers\evsbc7.sys [36616 2011-10-31] (Eltima Software -> ELTIMA Software)
    R1 Vsdatant; C:\WINDOWS\System32\drivers\vsdatant.sys [461240 2019-07-25] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
    S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45976 2020-07-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
    S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [408816 2020-07-04] (Microsoft Windows -> Microsoft Corporation)
    S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [64224 2020-07-04] (Microsoft Windows -> Microsoft Corporation)
    S4 InCDFs; system32\drivers\InCDFs.sys [X]
    S1 InCDPass; system32\drivers\InCDPass.sys [X]
    S1 InCDRm; system32\drivers\InCDRm.sys [X]
    U3 iswSvc; no ImagePath

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One month (created) ===================

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2020-07-07 03:39 - 2020-07-07 04:39 - 000000000 ____D C:\FRST
    2020-07-04 20:58 - 2020-07-04 20:58 - 000000000 ____D C:\VirtualBox
    2020-07-04 20:27 - 2020-07-06 07:10 - 000000000 ____D C:\Users\Steve\.VirtualBox
    2020-07-04 20:27 - 2020-07-06 06:50 - 000000000 ____D C:\ProgramData\VirtualBox
    2020-07-04 20:27 - 2020-07-04 20:27 - 000001149 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
    2020-07-04 20:27 - 2020-07-04 20:27 - 000001149 _____ C:\ProgramData\Desktop\Oracle VM VirtualBox.lnk
    2020-07-04 20:27 - 2020-07-04 20:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
    2020-07-04 20:26 - 2020-07-04 20:26 - 000000000 ____D C:\Program Files\Oracle
    2020-07-04 20:26 - 2020-06-04 10:20 - 001030096 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxDrv.sys
    2020-07-04 20:26 - 2020-06-04 10:20 - 000186936 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxUSBMon.sys
    2020-07-04 04:12 - 2020-07-04 05:27 - 000000000 ____D C:\Users\Steve\Documents\SimCity 4
    2020-07-04 04:12 - 2020-07-04 04:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimCity 4 Deluxe Edition [GOG.com]
    2020-07-03 20:14 - 2020-07-03 20:14 - 000000000 ____D C:\Users\Steve\AppData\LocalLow\uTorrent
    2020-07-03 02:01 - 2020-07-03 02:13 - 000000000 ____D C:\Program Files (x86)\GOG Galaxy
    2020-07-03 02:01 - 2020-07-03 02:01 - 000000000 ____D C:\Users\Steve\AppData\Local\GOG.com
    2020-07-03 02:01 - 2020-07-03 02:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
    2020-07-03 01:59 - 2020-07-03 02:15 - 000000000 ____D C:\ProgramData\GOG.com
    2020-07-01 09:22 - 2020-07-01 09:22 - 000000000 ____D C:\Users\Steve\AppData\Local\CrashDumps
    2020-06-30 04:18 - 2020-06-30 04:18 - 000000000 ____D C:\Users\Steve\AppData\Roaming\IDMComp
    2020-06-30 04:18 - 2020-06-30 04:18 - 000000000 ____D C:\ProgramData\IDMComp
    2020-06-30 04:07 - 2020-06-30 04:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraEdit
    2020-06-30 04:07 - 2020-06-30 04:07 - 000000000 ____D C:\Program Files\IDM Computer Solutions
    2020-06-29 09:46 - 2020-06-29 09:46 - 000116920 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klifsdk_klbg.sys
    2020-06-26 07:15 - 2020-06-26 07:15 - 000000000 ____D C:\Users\Steve\AppData\Local\DOSBox
    2020-06-26 07:07 - 2020-06-26 07:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ISO Opener
    2020-06-26 07:07 - 2020-06-26 07:07 - 000000000 ____D C:\Program Files (x86)\ISO Opener
    2020-06-26 06:33 - 2020-06-26 06:45 - 000000000 ____D C:\Users\Steve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mythusoft
    2020-06-26 06:15 - 2020-07-03 20:14 - 000000000 ____D C:\Users\Steve\AppData\Local\BitTorrentHelper
    2020-06-26 06:14 - 2020-07-03 23:52 - 000000000 ____D C:\Users\Steve\AppData\Roaming\uTorrent
    2020-06-26 06:14 - 2020-06-26 06:14 - 000000876 _____ C:\Users\Steve\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
    2020-06-25 23:55 - 2020-06-25 23:55 - 000000000 ____D C:\Users\Steve\AppData\Local\Lavasoft
    2020-06-25 23:55 - 2020-06-25 23:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
    2020-06-25 23:54 - 2020-06-25 23:54 - 000000000 ____D C:\Users\Steve\AppData\Roaming\Lavasoft
    2020-06-25 23:54 - 2020-06-25 23:54 - 000000000 ____D C:\ProgramData\Lavasoft
    2020-06-25 23:54 - 2020-06-25 23:54 - 000000000 ____D C:\Program Files (x86)\Lavasoft
    2020-06-22 23:55 - 2020-06-22 23:55 - 000000000 ____D C:\Users\Steve\AppData\Local\Ahead
    2020-06-22 23:52 - 2020-06-26 06:46 - 000000000 ____D C:\Users\Steve\AppData\Roaming\Nero
    2020-06-22 23:50 - 2020-06-22 23:50 - 000000000 ____D C:\WINDOWS\system32\Tasks\Nero
    2020-06-22 23:44 - 2020-06-22 23:50 - 000000000 ____D C:\ProgramData\Nero
    2020-06-22 20:06 - 2020-06-22 20:06 - 000043062 _____ C:\Users\Steve\Documents\UserImages.bmp
    2020-06-22 19:37 - 2010-05-26 11:41 - 002106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
    2020-06-22 19:37 - 2010-05-26 11:41 - 001998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
    2020-06-22 19:37 - 2010-05-26 11:41 - 001868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
    2020-06-22 19:37 - 2010-05-26 11:41 - 000470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
    2020-06-22 19:37 - 2010-05-26 11:41 - 000248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
    2020-06-22 19:31 - 2020-06-22 19:31 - 000000000 ____D C:\Users\Steve\AppData\Roaming\Obsidium
    2020-06-22 08:46 - 2020-06-22 08:46 - 000000000 ____D C:\Users\Steve\AppData\Roaming\Ahead
    2020-06-22 08:45 - 2020-06-22 09:01 - 000002623 _____ C:\WINDOWS\Irremote.ini
    2020-06-22 08:44 - 2020-06-22 23:50 - 000000000 ____D C:\Program Files (x86)\Nero
    2020-06-22 02:38 - 2020-06-22 19:44 - 000000000 ____D C:\Program Files (x86)\Astonsoft
    2020-06-22 02:38 - 2020-06-22 02:43 - 000000000 ____D C:\Users\Steve\AppData\Roaming\DeepBurner
    2020-06-22 02:11 - 2020-06-22 02:11 - 000000000 ____D C:\Users\Steve\AppData\Local\Wondershare
    2020-06-22 02:10 - 2020-06-22 02:12 - 000000000 ____D C:\Users\Steve\Documents\Wondershare DVD Creator
    2020-06-22 01:49 - 2020-06-22 01:49 - 000000000 ____D C:\Program Files (x86)\7-Zip
    2020-06-18 19:22 - 2020-06-18 19:22 - 000000000 ____D C:\Users\Steve\AppData\LocalLow\Google
    2020-06-17 16:16 - 2020-06-17 16:16 - 000000000 ____D C:\Users\Steve\AppData\Local\FlightGear
    2020-06-17 16:16 - 2020-06-17 16:16 - 000000000 ____D C:\Users\Steve\AppData\Local\cache
    2020-06-17 16:14 - 2020-06-19 15:57 - 000000000 ____D C:\Users\Steve\AppData\Roaming\flightgear.org
    2020-06-17 16:14 - 2020-06-17 16:14 - 000000000 ____D C:\Users\Steve\AppData\Local\CrashRpt
    2020-06-17 13:43 - 2020-06-18 21:47 - 000000000 ____D C:\Users\Steve\Documents\FlightGear
    2020-06-16 15:31 - 2020-07-04 03:12 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
    2020-06-16 02:59 - 2020-06-16 18:02 - 000012400 _____ (Macrovision Europe Ltd) C:\WINDOWS\SysWOW64\Drivers\SECDRV.SYS
    2020-06-16 02:45 - 2020-06-16 17:14 - 000000540 _____ C:\WINDOWS\eReg.dat
    2020-06-14 04:55 - 2020-06-14 04:56 - 000000000 ____D C:\Users\Steve\Desktop\cell phone apps
    2020-06-14 04:32 - 2020-06-14 04:32 - 000000000 ____D C:\Program Files (x86)\LG Electronics
    2020-06-14 04:32 - 2019-08-22 05:24 - 001730200 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01009.dll
    2020-06-14 04:32 - 2019-08-12 20:12 - 000030208 _____ (LG Electronics Inc.) C:\WINDOWS\system32\Drivers\lgandnetbus64.sys
    2020-06-14 04:32 - 2019-08-12 18:47 - 000037376 _____ (LG Electronics Inc.) C:\WINDOWS\system32\Drivers\lgandnetmodem64.sys
    2020-06-14 04:32 - 2019-08-12 18:46 - 000030720 _____ (LG Electronics Inc.) C:\WINDOWS\system32\Drivers\lgandnetdiag64.sys
    2020-06-14 00:09 - 2020-06-14 00:09 - 000000000 ____D C:\Program Files (x86)\Minimal ADB and Fastboot
    2020-06-13 09:05 - 2020-06-13 09:06 - 000000000 ____D C:\Users\Steve\.android
    2020-06-11 00:54 - 2006-11-06 15:30 - 000262144 _____ C:\WINDOWS\SysWOW64\lame_enc.dll
    2020-06-10 23:44 - 2020-06-11 03:05 - 000000000 ____D C:\Users\Steve\AppData\Roaming\SDR Console
    2020-06-10 23:44 - 2020-06-10 23:44 - 000000000 ____D C:\Users\Steve\AppData\Roaming\SDR-RADIO.com (V3)
    2020-06-10 23:44 - 2020-06-10 23:44 - 000000000 ____D C:\ProgramData\SDR-Radio.com
    2020-06-10 21:49 - 2020-06-10 21:49 - 000000000 ____D C:\Users\Steve\Documents\HDSDR
    2020-06-10 21:42 - 2020-06-27 19:03 - 000000258 __RSH C:\ProgramData\ntuser.pol
    2020-06-10 21:42 - 2020-06-27 19:02 - 001002728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinUSBCoInstaller2.dll
    2020-06-10 21:42 - 2020-06-27 19:02 - 000000000 ____D C:\Users\Steve\usb_driver
    2020-06-10 21:42 - 2020-06-10 21:42 - 001795952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01011.dll
    2020-06-10 20:09 - 2020-06-05 14:03 - 000835480 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
    2020-06-10 20:09 - 2020-06-05 14:03 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
    2020-06-10 10:55 - 2020-06-10 10:55 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 019851776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 019812864 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 018029056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 011608064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 009712640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 008015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 007760384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 007268864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 007012864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 006292480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 005909504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 004858880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 004610560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 004470272 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
    2020-06-10 10:55 - 2020-06-10 10:55 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 003822592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 003525608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 003515392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 003398656 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 003365376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
    2020-06-10 10:55 - 2020-06-10 10:55 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
    2020-06-10 10:55 - 2020-06-10 10:55 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
    2020-06-10 10:55 - 2020-06-10 10:55 - 002494744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 002281472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcndmgr.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 002230240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 002204160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 002184504 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 001803776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmc.exe
    2020-06-10 10:55 - 2020-06-10 10:55 - 001704448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmcndmgr.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 001637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 001539072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
    2020-06-10 10:55 - 2020-06-10 10:55 - 001467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 001410048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmc.exe
    2020-06-10 10:55 - 2020-06-10 10:55 - 001344512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMNetMgr.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 001312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 001272160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 001151824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 001138688 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 001112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMNetMgr.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 001099608 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 001066496 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdosys.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 001012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000994304 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapi3.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregcmd.exe
    2020-06-10 10:55 - 2020-06-10 10:55 - 000940544 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000868352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2fs.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000850944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapi3.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000832512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdosys.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000747832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000740352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000686080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMEX.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000640000 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\psisdecd.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msra.exe
    2020-06-10 10:55 - 2020-06-10 10:55 - 000575488 _____ (Microsoft® Windows® Operating System) C:\WINDOWS\system32\wvc.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msTextPrediction.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000571904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
    2020-06-10 10:55 - 2020-06-10 10:55 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000555520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000549376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
    2020-06-10 10:55 - 2020-06-10 10:55 - 000526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSCOMEX.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
    2020-06-10 10:55 - 2020-06-10 10:55 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\azroles.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000484864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\psisdecd.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000478208 _____ (Microsoft® Windows® Operating System) C:\WINDOWS\SysWOW64\wvc.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000466944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\WalletService.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\termmgr.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000423424 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswmdm.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000420352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000398336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMM.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000398336 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000361472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\termmgr.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassdo.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswmdm.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Feedback.Analog.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000338944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WlanMM.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\CXHProvisioningServer.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000267776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000260096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wavemsp.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpg2splt.ax
    2020-06-10 10:55 - 2020-06-10 10:55 - 000249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\FileHistory.exe
    2020-06-10 10:55 - 2020-06-10 10:55 - 000248320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wavemsp.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpdxm.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\cic.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg2splt.ax
    2020-06-10 10:55 - 2020-06-10 10:55 - 000204008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityCenterBroker.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmidx.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpdxm.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cic.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000146944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmidx.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000133120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasrecst.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkspbrokerAx.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasnap.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
    2020-06-10 10:55 - 2020-06-10 10:55 - 000099712 _____ (Microsoft Corporation) C:\WINDOWS\system32\FsIso.exe
    2020-06-10 10:55 - 2020-06-10 10:55 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkspbrokerAx.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000093448 _____ (Microsoft Corporation) C:\WINDOWS\system32\devenum.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000083600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devenum.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
    2020-06-10 10:55 - 2020-06-10 10:55 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasads.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeUISrv.exe
    2020-06-10 10:55 - 2020-06-10 10:55 - 000041864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityCenterBrokerPS.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000028368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SecurityCenterBrokerPS.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
    2020-06-10 10:55 - 2020-06-10 10:55 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
    2020-06-10 10:54 - 2020-06-10 10:55 - 025902080 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 009931576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
    2020-06-10 10:54 - 2020-06-10 10:54 - 007604592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 007266080 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 006526448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 006435840 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 006091048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 005765144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 005283264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 005195432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 005111808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 005004344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 004565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
    2020-06-10 10:54 - 2020-06-10 10:54 - 004012032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 003726848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
    2020-06-10 10:54 - 2020-06-10 10:54 - 003368104 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 002831872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 002798592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
    2020-06-10 10:54 - 2020-06-10 10:54 - 002583496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 001919488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 001743680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 001683968 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 001654960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 001649152 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 001486336 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
    2020-06-10 10:54 - 2020-06-10 10:54 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 001447424 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
    2020-06-10 10:54 - 2020-06-10 10:54 - 001416224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 001397560 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
    2020-06-10 10:54 - 2020-06-10 10:54 - 001393952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 001348096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 001314304 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagperf.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 001284608 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 001283072 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 001274128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 001261568 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 001260744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 001250816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpsharercom.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 001215488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe
    2020-06-10 10:54 - 2020-06-10 10:54 - 001193984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 001153024 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowsperformancerecordercontrol.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 001100288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 001077048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
    2020-06-10 10:54 - 2020-06-10 10:54 - 001055184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 001007104 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 001003832 _____ (Microsoft Corporation) C:\WINDOWS\system32\DismApi.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000992256 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2fs.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000932256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
    2020-06-10 10:54 - 2020-06-10 10:54 - 000929280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000897536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000894024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000892416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000892048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowsperformancerecordercontrol.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000797464 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000783496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
    2020-06-10 10:54 - 2020-06-10 10:54 - 000782336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000777216 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000760296 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000740664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DismApi.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000716320 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BTAGService.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000696832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000692224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000690176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkObjCore.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000684856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000674304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000651776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000632320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000628408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000619008 _____ (Microsoft Corporation) C:\WINDOWS\system32\azroles.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000614400 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000593424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000572200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000564496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000561464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
    2020-06-10 10:54 - 2020-06-10 10:54 - 000557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000553984 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
    2020-06-10 10:54 - 2020-06-10 10:54 - 000544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000522240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000518456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
    2020-06-10 10:54 - 2020-06-10 10:54 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000508720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000508216 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizeng.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000498176 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000490496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000467952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassdo.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000461112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000453944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
    2020-06-10 10:54 - 2020-06-10 10:54 - 000451864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000440832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprt.exe
    2020-06-10 10:54 - 2020-06-10 10:54 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000407864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwizeng.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000405936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000384512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000384000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000380728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000357176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpr.exe
    2020-06-10 10:54 - 2020-06-10 10:54 - 000325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpviewerax.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
    2020-06-10 10:54 - 2020-06-10 10:54 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000309248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
    2020-06-10 10:54 - 2020-06-10 10:54 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\RASMM.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000287232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Preview.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000280376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Dism.exe
    2020-06-10 10:54 - 2020-06-10 10:54 - 000271360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpviewerax.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkEd.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000259776 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoncli.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000247856 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkEd.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\psr.exe
    2020-06-10 10:54 - 2020-06-10 10:54 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000223544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Dism.exe
    2020-06-10 10:54 - 2020-06-10 10:54 - 000221496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
    2020-06-10 10:54 - 2020-06-10 10:54 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdigest.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000211256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000209216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000199992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
    2020-06-10 10:54 - 2020-06-10 10:54 - 000196096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\psr.exe
    2020-06-10 10:54 - 2020-06-10 10:54 - 000193592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000190048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logoncli.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdigest.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasrecst.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netprofm.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000179512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
    2020-06-10 10:54 - 2020-06-10 10:54 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaatext.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000165832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
    2020-06-10 10:54 - 2020-06-10 10:54 - 000165296 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000165192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSM.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000150328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
    2020-06-10 10:54 - 2020-06-10 10:54 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdrsvc.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasnap.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000132424 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000130112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000129600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkStatus.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMM.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaatext.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleprn.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000108856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000104248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000090952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000089344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwanRadioManager.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
    2020-06-10 10:54 - 2020-06-10 10:54 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atl.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\RpcEpMap.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasads.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtutils.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000063288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
    2020-06-10 10:54 - 2020-06-10 10:54 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtutils.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnosticsTool.exe
    2020-06-10 10:54 - 2020-06-10 10:54 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnrollCtrl.exe
    2020-06-10 10:54 - 2020-06-10 10:54 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
    2020-06-10 10:54 - 2020-06-10 10:54 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atlthunk.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
    2020-06-10 10:54 - 2020-06-10 10:54 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryCore.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
    2020-06-10 10:54 - 2020-06-10 10:54 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
    2020-06-10 10:54 - 2020-06-10 10:54 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
    2020-06-10 10:54 - 2020-06-10 10:54 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
    2020-06-10 10:54 - 2020-06-10 10:54 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
    2020-06-10 10:54 - 2020-06-10 10:54 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
    2020-06-10 10:54 - 2020-06-10 10:54 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
    2020-06-10 10:54 - 2020-06-10 10:54 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
    2020-06-10 10:54 - 2020-06-10 10:54 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
    2020-06-10 10:54 - 2020-06-10 10:54 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
    2020-06-10 10:54 - 2020-06-10 10:54 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
    2020-06-10 10:54 - 2020-06-10 10:54 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
    2020-06-10 10:54 - 2020-06-10 10:54 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
    2020-06-10 10:53 - 2020-06-10 10:54 - 007911176 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
    2020-06-10 10:53 - 2020-06-10 10:53 - 006066808 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
    2020-06-10 10:53 - 2020-06-10 10:53 - 003712000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
    2020-06-10 10:53 - 2020-06-10 10:53 - 003581240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
    2020-06-10 10:53 - 2020-06-10 10:53 - 003187200 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
    2020-06-10 10:53 - 2020-06-10 10:53 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
    2020-06-10 10:53 - 2020-06-10 10:53 - 002656256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
    2020-06-10 10:53 - 2020-06-10 10:53 - 002289664 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
    2020-06-10 10:53 - 2020-06-10 10:53 - 002235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
    2020-06-10 10:53 - 2020-06-10 10:53 - 001942528 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
    2020-06-10 10:53 - 2020-06-10 10:53 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
    2020-06-10 10:53 - 2020-06-10 10:53 - 001637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll
    2020-06-10 10:53 - 2020-06-10 10:53 - 001583104 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
    2020-06-10 10:53 - 2020-06-10 10:53 - 001466368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpsharercom.dll
    2020-06-10 10:53 - 2020-06-10 10:53 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
    2020-06-10 10:53 - 2020-06-10 10:53 - 001158144 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
    2020-06-10 10:53 - 2020-06-10 10:53 - 001155944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
    2020-06-10 10:53 - 2020-06-10 10:53 - 001073664 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
    2020-06-10 10:53 - 2020-06-10 10:53 - 000931840 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkObjCore.dll
    2020-06-10 10:53 - 2020-06-10 10:53 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
    2020-06-10 10:53 - 2020-06-10 10:53 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
    2020-06-10 10:53 - 2020-06-10 10:53 - 000826368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
    2020-06-10 10:53 - 2020-06-10 10:53 - 000784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
    2020-06-10 10:53 - 2020-06-10 10:53 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
    2020-06-10 10:53 - 2020-06-10 10:53 - 000736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
    2020-06-10 10:53 - 2020-06-10 10:53 - 000727040 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntime.dll
    2020-06-10 10:53 - 2020-06-10 10:53 - 000722072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
    2020-06-10 10:53 - 2020-06-10 10:53 - 000716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntimewindows.dll
    2020-06-10 10:53 - 2020-06-10 10:53 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
    2020-06-10 10:53 - 2020-06-10 10:53 - 000548984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
    2020-06-10 10:53 - 2020-06-10 10:53 - 000531768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
    2020-06-10 10:53 - 2020-06-10 10:53 - 000472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
    2020-06-10 10:53 - 2020-06-10 10:53 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.ConversationalAgent.dll
    2020-06-10 10:53 - 2020-06-10 10:53 - 000441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
    2020-06-10 10:53 - 2020-06-10 10:53 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
    2020-06-10 10:53 - 2020-06-10 10:53 - 000425056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
    2020-06-10 10:53 - 2020-06-10 10:53 - 000394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll
    2020-06-10 10:53 - 2020-06-10 10:53 - 000368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
    2020-06-10 10:53 - 2020-06-10 10:53 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
    2020-06-10 10:53 - 2020-06-10 10:53 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
    2020-06-10 10:53 - 2020-06-10 10:53 - 000291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll
    2020-06-10 10:53 - 2020-06-10 10:53 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
    2020-06-10 10:53 - 2020-06-10 10:53 - 000264192 _____ (Microsoft Corporation) C:\WINDOWS\system32\netman.dll
    2020-06-10 10:53 - 2020-06-10 10:53 - 000242688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
    2020-06-10 10:53 - 2020-06-10 10:53 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpdMtp.dll
    2020-06-10 10:53 - 2020-06-10 10:53 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSM.dll
    2020-06-10 10:53 - 2020-06-10 10:53 - 000201528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SIUF.dll
    2020-06-10 10:53 - 2020-06-10 10:53 - 000190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AarSvc.dll
    2020-06-10 10:53 - 2020-06-10 10:53 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3mm.dll
    2020-06-10 10:53 - 2020-06-10 10:53 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpdMtpUS.dll
    2020-06-10 10:53 - 2020-06-10 10:53 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleprn.dll
    2020-06-10 10:53 - 2020-06-10 10:53 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
    2020-06-10 10:53 - 2020-06-10 10:53 - 000128312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
    2020-06-10 10:53 - 2020-06-10 10:53 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\atl.dll
    2020-06-10 10:53 - 2020-06-10 10:53 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanRadioManager.dll
    2020-06-10 10:53 - 2020-06-10 10:53 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxGipRadioManager.dll
    2020-06-10 10:53 - 2020-06-10 10:53 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnrollCtrl.exe
    2020-06-10 10:53 - 2020-06-10 10:53 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\NfcRadioMedia.dll
    2020-06-10 10:53 - 2020-06-10 10:53 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
    2020-06-10 10:53 - 2020-06-10 10:53 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
    2020-06-10 10:53 - 2020-06-10 10:53 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\atlthunk.dll
    2020-06-10 10:53 - 2020-06-10 10:53 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
    2020-06-10 10:53 - 2020-06-10 10:53 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
    2020-06-10 10:53 - 2020-06-10 10:53 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
    2020-06-10 10:28 - 2020-05-14 21:29 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
    2020-06-10 10:28 - 2020-05-14 21:10 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
    2020-06-08 18:25 - 2020-06-10 20:06 - 000000949 _____ C:\WINDOWS\Tasks\EPSON WF-2760 Series Update {9FD1E512-4C0B-40ED-8F6F-5BD89DE13CBF}.job
    2020-06-08 18:25 - 2020-06-08 18:25 - 000004148 _____ C:\WINDOWS\system32\Tasks\EPSON WF-2760 Series Update {9FD1E512-4C0B-40ED-8F6F-5BD89DE13CBF}
    2020-06-07 23:39 - 2020-06-07 23:39 - 000000000 _____ C:\WINDOWS\eeventmanager.INI
    2020-06-07 20:42 - 2020-07-03 02:47 - 000000000 ____D C:\Users\Steve\AppData\Local\D3DSCache
    2020-06-07 20:40 - 2020-06-10 20:06 - 000000949 _____ C:\WINDOWS\Tasks\EPSON WF-2760 Series Update {2F5D60BE-AD88-424E-8004-2E03862A428D}.job
    2020-06-07 20:40 - 2020-06-07 20:40 - 000004148 _____ C:\WINDOWS\system32\Tasks\EPSON WF-2760 Series Update {2F5D60BE-AD88-424E-8004-2E03862A428D}
    2020-06-07 20:40 - 2020-06-07 20:40 - 000000000 ____D C:\Program Files\Common Files\EPSON
    2020-06-07 20:35 - 2020-06-07 20:47 - 000000000 ____D C:\Users\Steve\AppData\Roaming\Epson
    2020-06-07 20:34 - 2020-06-07 20:35 - 000000000 ____D C:\Program Files (x86)\EPSON Software
    2020-06-07 20:34 - 2020-06-07 20:34 - 000000000 ____D C:\Program Files\EpsonNet
    2020-06-07 20:34 - 2020-06-07 20:34 - 000000000 ____D C:\Program Files\EPSON
    2020-06-07 20:33 - 2020-06-07 20:36 - 000000000 ____D C:\Program Files (x86)\epson
    2020-06-07 20:33 - 2014-02-25 00:00 - 000466944 _____ (Seiko Epson Corporation) C:\WINDOWS\system32\esxw2ud.dll
    2020-06-07 20:33 - 2012-05-17 00:00 - 000144560 _____ (Seiko Epson Corporation) C:\WINDOWS\system32\escsvc64.exe
    2020-06-07 20:33 - 2010-11-22 13:27 - 000147472 _____ (TWAIN Working Group) C:\WINDOWS\SysWOW64\twaindsm.dll
    2020-06-07 20:32 - 2020-06-07 21:40 - 000000000 ____D C:\ProgramData\EPSON
    2020-06-07 20:32 - 2014-03-04 11:06 - 000180224 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_YLMBM1E.DLL
    2020-06-07 20:32 - 2011-03-14 11:03 - 000083968 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_YD4BM1E.DLL
    2020-06-07 20:32 - 2007-04-09 09:06 - 000010752 _____ (SEIKO EPSON CORP.) C:\WINDOWS\system32\E_GCINST.DLL
    2020-06-07 20:29 - 2020-06-07 20:40 - 000005696 _____ C:\WINDOWS\EpsonCDInstaller.INI
    2020-06-07 19:20 - 2020-06-07 19:20 - 000000000 ____D C:\Users\Steve\AppData\Local\ElevatedDiagnostics

    ==================== One month (modified) ==================

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2020-07-07 04:31 - 2020-05-24 09:32 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
    2020-07-07 00:34 - 2020-05-24 10:01 - 000004166 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{ECBE30D6-26DC-4C40-BE44-F6066490D7D9}
    2020-07-06 04:12 - 2019-03-18 21:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
    2020-07-06 03:58 - 2020-04-19 18:10 - 000000000 ____D C:\download
    2020-07-06 03:50 - 2020-04-18 20:57 - 000000000 ___RD C:\Users\Steve\OneDrive
    2020-07-06 03:49 - 2020-04-19 18:35 - 000000000 ____D C:\Users\Steve\AppData\LocalLow\Mozilla
    2020-07-06 03:48 - 2020-04-19 00:12 - 000000000 __SHD C:\Users\Steve\IntelGraphicsProfiles
    2020-07-05 23:45 - 2019-03-18 21:52 - 000000000 ___HD C:\Program Files\WindowsApps
    2020-07-05 23:45 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\AppReadiness
    2020-07-05 08:22 - 2020-04-19 00:01 - 000000000 ____D C:\Users\Steve\AppData\Local\MicrosoftEdge
    2020-07-04 20:54 - 2020-05-24 09:38 - 000000000 ____D C:\Users\Steve
    2020-07-04 20:27 - 2019-03-18 21:50 - 000000000 ____D C:\WINDOWS\INF
    2020-07-04 16:51 - 2020-04-18 23:02 - 000000000 ___RD C:\Users\Steve\Desktop\internet
    2020-07-04 16:50 - 2020-04-18 23:04 - 000000000 ___RD C:\Users\Steve\Desktop\games
    2020-07-04 12:43 - 2020-05-24 10:01 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
    2020-07-04 03:21 - 2020-05-24 10:01 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
    2020-07-04 03:20 - 2020-05-10 15:35 - 001010472 _____ C:\WINDOWS\ntbtlog.txt
    2020-07-04 03:20 - 2019-03-18 21:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
    2020-07-04 03:04 - 2020-05-24 09:32 - 000300840 _____ C:\WINDOWS\system32\FNTCACHE.DAT
    2020-07-03 09:47 - 2019-03-18 21:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
    2020-07-03 09:37 - 2020-04-18 22:48 - 000001157 _____ C:\Users\Steve\Desktop\FreeCommander XE.lnk
    2020-07-02 02:27 - 2020-04-19 22:58 - 000000000 ____D C:\DOSBox
    2020-06-30 02:01 - 2020-05-24 10:01 - 000000000 ____D C:\WINDOWS\system32\Tasks\NCH Software
    2020-06-30 02:01 - 2020-04-28 03:46 - 000000000 ____D C:\Users\Steve\AppData\Roaming\NCH Software
    2020-06-30 02:01 - 2020-04-28 03:46 - 000000000 ____D C:\Program Files (x86)\NCH Software
    2020-06-29 01:03 - 2019-03-18 21:37 - 000000000 ____D C:\WINDOWS\CbsTemp
    2020-06-28 17:52 - 2020-04-19 15:59 - 000000000 ____D C:\ProgramData\TEMP
    2020-06-28 17:43 - 2020-04-19 15:59 - 000000000 ____D C:\Users\Steve\AppData\Local\RCForb_Client_v08
    2020-06-27 18:46 - 2020-05-24 09:50 - 000840852 _____ C:\WINDOWS\system32\PerfStringBackup.INI
    2020-06-26 19:31 - 2020-04-19 16:51 - 000000000 ____D C:\games
    2020-06-26 16:42 - 2020-04-18 23:03 - 000000000 ___RD C:\Users\Steve\Desktop\audio-video
    2020-06-25 10:58 - 2020-05-24 10:01 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-222439763-1504960209-4064898973-1001
    2020-06-25 10:58 - 2020-05-24 09:38 - 000002363 _____ C:\Users\Steve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
    2020-06-24 00:26 - 2020-04-18 20:54 - 000000000 ____D C:\Users\Steve\AppData\Local\VirtualStore
    2020-06-23 15:12 - 2020-04-18 20:53 - 000001210 _____ C:\Users\Steve\Desktop\Command Prompt.lnk
    2020-06-23 11:05 - 2020-05-06 01:35 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
    2020-06-23 11:05 - 2020-05-06 01:35 - 000002260 _____ C:\ProgramData\Desktop\Google Chrome.lnk
    2020-06-22 20:43 - 2020-04-19 18:35 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
    2020-06-22 06:50 - 2020-04-19 15:09 - 000000000 ____D C:\Users\Steve\AppData\Roaming\vlc
    2020-06-22 02:19 - 2020-04-18 23:05 - 000000000 ___RD C:\Users\Steve\Desktop\text
    2020-06-22 02:19 - 2017-03-18 14:03 - 000000000 ___RD C:\Users\Steve\Desktop\accessories
    2020-06-22 02:12 - 2020-05-02 02:31 - 000000000 ____D C:\ProgramData\Wondershare
    2020-06-22 02:11 - 2020-05-02 02:30 - 000000000 ____D C:\Users\Public\Documents\Wondershare
    2020-06-22 02:11 - 2020-05-02 02:30 - 000000000 ____D C:\ProgramData\Documents\Wondershare
    2020-06-22 01:30 - 2020-04-28 03:46 - 000000000 ____D C:\ProgramData\NCH Software
    2020-06-20 04:14 - 2020-04-19 18:34 - 000000000 ____D C:\Program Files\Mozilla Firefox
    2020-06-16 15:24 - 2020-05-24 09:38 - 000000000 ____D C:\Users\Administrator
    2020-06-16 02:01 - 2020-04-18 23:05 - 000000000 ____D C:\Users\Steve\Desktop\ham radio
    2020-06-16 02:01 - 2020-04-18 23:03 - 000000000 ___RD C:\Users\Steve\Desktop\paint
    2020-06-16 02:01 - 2017-03-18 14:03 - 000000000 ___RD C:\Users\Steve\Desktop\System Tools
    2020-06-16 01:54 - 2020-04-18 23:36 - 000000000 ___RD C:\Users\Steve\Desktop\admin
    2020-06-16 01:53 - 2020-04-18 23:04 - 000000000 ____D C:\Users\Steve\Desktop\dgames
    2020-06-14 04:32 - 2020-05-03 03:54 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
    2020-06-10 23:43 - 2019-03-18 21:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
    2020-06-10 22:01 - 2020-04-18 22:48 - 000000000 ____D C:\Program Files (x86)\FreeCommander XE
    2020-06-10 21:42 - 2017-03-18 14:03 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
    2020-06-10 21:37 - 2020-04-30 18:36 - 000000000 ____D C:\Program Files\CUAssistant
    2020-06-10 20:11 - 2020-05-24 13:36 - 000000000 ___RD C:\Users\Steve\3D Objects
    2020-06-10 20:11 - 2020-04-18 20:54 - 000000000 __RHD C:\Users\Public\AccountPictures
    2020-06-10 20:06 - 2019-03-18 21:52 - 000000000 ___HD C:\Program Files\WindowsApps.tmp
    2020-06-10 16:11 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\registration
    2020-06-10 15:42 - 2019-03-18 23:20 - 000000000 ____D C:\Program Files\Windows Photo Viewer
    2020-06-10 15:42 - 2019-03-18 23:20 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
    2020-06-10 15:42 - 2019-03-18 21:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
    2020-06-10 15:42 - 2019-03-18 21:52 - 000000000 ___SD C:\WINDOWS\system32\F12
    2020-06-10 15:42 - 2019-03-18 21:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
    2020-06-10 15:42 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
    2020-06-10 15:42 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
    2020-06-10 15:42 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
    2020-06-10 15:42 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\SystemResources
    2020-06-10 15:42 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\system32\oobe
    2020-06-10 15:42 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\system32\Dism
    2020-06-10 15:42 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\system32\Com
    2020-06-10 15:42 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
    2020-06-10 15:42 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
    2020-06-10 15:42 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\bcastdvr
    2020-06-10 15:19 - 2020-04-19 15:58 - 000000000 ____D C:\ham radio
    2020-06-10 11:01 - 2019-03-18 21:37 - 000000000 ____D C:\WINDOWS\servicing
    2020-06-10 10:53 - 2020-05-24 09:36 - 002876416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
    2020-06-07 20:34 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\system32\FxsTmp

    ==================== Files in the root of some directories ========

    2020-05-10 01:46 - 2020-05-10 01:46 - 000007605 _____ () C:\Users\Steve\AppData\Local\Resmon.ResmonCfg

    ==================== SigCheck ============================

    (There is no automatic fix for files that do not pass verification.)

    ==================== End of FRST.txt ========================
    -------------------------------------------------------------

    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-07-2020 01
    Ran by Steve (07-07-2020 04:45:34)
    Running from D:\download\22
    Windows 10 Home Version 1903 18362.900 (X64) (2020-05-24 17:02:28)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-222439763-1504960209-4064898973-500 - Administrator - Disabled) => C:\Users\Administrator
    DefaultAccount (S-1-5-21-222439763-1504960209-4064898973-503 - Limited - Disabled)
    Guest (S-1-5-21-222439763-1504960209-4064898973-501 - Limited - Disabled)
    Steve (S-1-5-21-222439763-1504960209-4064898973-1001 - Administrator - Enabled) => C:\Users\Steve
    WDAGUtilityAccount (S-1-5-21-222439763-1504960209-4064898973-504 - Limited - Disabled)

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: ZoneAlarm Antivirus (Enabled - Up to date) {B558F217-D667-9806-B388-2B026DB849E4}
    AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: ZoneAlarm Anti-Spyware (Enabled - Up to date) {0E3913F3-F05D-9788-8938-1070163F0359}
    FW: ZoneAlarm Firewall (Enabled) {8D637332-9C08-995E-98D7-8237936B0E9F}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    µTorrent (HKU\S-1-5-21-222439763-1504960209-4064898973-1001\...\uTorrent) (Version: 3.5.5.45704 - BitTorrent Inc.)
    2.1.2.3 (HKLM-x32\...\Setup_is1) (Version: - )
    7-Zip 19.00 (HKLM-x32\...\7-Zip) (Version: 19.00 - Igor Pavlov)
    Adobe Acrobat 9 Standard - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-BA7E-000000000004}{AC76BA86-1033-F400-BA7E-000000000004}) (Version: 9.0.0 - Adobe Systems)
    Applian Director (HKLM-x32\...\Applian Director4.0.0.1) (Version: 4.0.0.1 - Applian Technologies Inc.)
    Check Point SBA (HKLM\...\{74935578-2963-4CC7-A8E6-FD56F04DF26E}) (Version: 86.6.1081 - Check Point Software Technologies Ltd.) Hidden
    DreamMail 4.6 (HKLM-x32\...\DreamMail 4.6) (Version: 4.6.9.2 - DreamStudio)
    ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.)
    Epson Customer Research Participation (HKLM\...\{B26449A6-6007-4460-B4FE-C4776115BCEA}) (Version: 1.83.0000 - Seiko Epson Corporation)
    Epson Event Manager (HKLM-x32\...\{9F205E94-9E42-4486-A92A-DF3F6CB85444}) (Version: 3.10.0061 - Seiko Epson Corporation)
    Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 3.08.00 - Seiko Epson Corporation)
    Epson PC-FAX Driver (HKLM-x32\...\EPSON PC-FAX Driver 2) (Version: - Seiko Epson Corporation)
    Epson ReadyInk Agent (A) (HKLM-x32\...\{A9B4584F-A29E-4880-97E6-1744B4AF2AF8}) (Version: 1.0.1.0 - Seiko Epson Corporation)
    EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
    EPSON Scan OCR Component (HKLM-x32\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 3.00.04 - SEIKO EPSON Corp.)
    Epson Software Updater (HKLM-x32\...\{D2D9559D-359A-4C61-B93A-FE01AE2BFB75}) (Version: 4.5.4 - Seiko Epson Corporation)
    EPSON WF-2760 Series Printer Uninstall (HKLM\...\EPSON WF-2760 Series) (Version: - Seiko Epson Corporation)
    Epson WF-2760 User’s Guide version 1.0 (HKLM-x32\...\UsersGuideEpson WF-2760 User’s Guide_is1) (Version: 1.0 - )
    EpsonNet Print (HKLM\...\{96ED1D58-440C-4345-8FEE-C4781366C67F}) (Version: 3.1.4.0 - SEIKO EPSON Corporation)
    FlightGear v2019.1.1 (HKLM\...\FlightGear_is1) (Version: - The FlightGear Team)
    FreeCommander XE (HKLM-x32\...\FreeCommander XE_is1) (Version: - Marek Jasinski)
    GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 83.0.4103.116 - Google LLC)
    Google Earth Pro (HKLM-x32\...\{7A3374DE-3D99-4BD9-9FE8-A76498632D98}) (Version: 7.3.3.7699 - Google)
    Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
    Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.2.183.39 - Google Inc.) Hidden
    HDSDR 2.80 (HKLM-x32\...\{DB200CBD-9E3E-4C72-B711-B46D6817BC51}_is1) (Version: - DG0JBJ)
    Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4358 - Intel Corporation)
    IrfanView 4.53 (32-bit) (HKLM-x32\...\IrfanView) (Version: 4.53 - Irfan Skiljan)
    ISO Opener (HKLM-x32\...\{CE235F00-F8CD-41AF-83D5-236D90E33BFB}_is1) (Version: - ISO Opener)
    LG Mobile Driver (HKLM-x32\...\{3F490D0E-3131-438C-BCF9-7549CB88DF41}) (Version: 4.5.0 - LG Electronics)
    Microsoft OneDrive (HKU\S-1-5-21-222439763-1504960209-4064898973-1001\...\OneDriveSetup.exe) (Version: 20.084.0426.0007 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
    Minimal ADB and Fastboot version 1.4.2 (HKLM-x32\...\{1901BAF7-7E78-4041-BC88-D0EE5DD1DFD9}_is1) (Version: 1.4.2 - Sam Rodberg)
    mIRC (HKLM-x32\...\mIRC) (Version: 7.55 - mIRC Co. Ltd.)
    Mozilla Firefox 77.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 77.0.1 (x64 en-US)) (Version: 77.0.1 - Mozilla)
    Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 75.0 - Mozilla)
    Music Recorder (HKLM-x32\...\{94A4AE85-9F1D-4687-953F-38371C9D1A4F}) (Version: 18.009.0 - Nero AG) Hidden
    Nero 2017 (HKLM-x32\...\{6B81BDC4-3368-4898-8F16-48962F789221}) (Version: 18.0.06100 - Nero AG)
    Nero 7 Demo (HKLM-x32\...\{84B2CF01-194D-2284-B313-F2E0D78D1033}) (Version: 7.00.1461 - Nero AG)
    Nero Info (HKLM-x32\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 18.0.0010 - Nero AG)
    Oracle VM VirtualBox 6.1.10 (HKLM\...\{0359AF05-E674-4ED4-B9FB-B77918617667}) (Version: 6.1.10 - Oracle Corporation)
    osrss (HKLM-x32\...\{1BA1133B-1C7A-41A0-8CBF-9B993E63D296}) (Version: 1.0.0 - Microsoft Corporation) Hidden
    Prerequisite installer (HKLM-x32\...\{EB511CD1-C87C-490D-A7B1-D6C47F57820F}) (Version: 18.0.0003 - Nero AG) Hidden
    RCForb (Client) v0.8 (HKLM-x32\...\RCForb (Client) v0.8) (Version: 0.8 - RemoteHams.com)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
    Replay Video Capture (HKLM-x32\...\Replay Video Capture4.2) (Version: 4.2 - Applian Technologies Inc.)
    SDR-Radio.com (V3) (HKLM-x32\...\SDR-Radio.com (V3)) (Version: - )
    SimCity 4 Deluxe Edition (HKLM-x32\...\1207664593_is1) (Version: 1.1.641 hotfix - GOG.com)
    Snagit 10 (HKLM-x32\...\{5BCC634A-58AD-42F9-B3C6-2EA52F81CF85}) (Version: 10.0.0 - TechSmith Corporation)
    Stamp ID3 Tag Editor (HKLM-x32\...\Stamp) (Version: 2.39 - NCH Software)
    TakeOwnershipPro 1.6 (HKLM-x32\...\TakeOwnershipPro_is1) (Version: - )
    tinySpell 1.9.62 (HKLM-x32\...\tinySpell_is1) (Version: - KEDMI Scientific Computing)
    Unlocker (HKLM\...\{5993C960-4E90-4A00-A2F3-D0C4020A6992}) (Version: 1.9.2 - ajua Custom Installers)
    Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
    Viscom Store Audio Capture to MP3 (HKLM-x32\...\Viscom Store Audio Capture to MP3_is1) (Version: - Viscom Software)
    VLC media player 1.1.4 (HKLM-x32\...\VLC media player) (Version: 1.1.4 - VideoLAN)
    WavePad Sound Editor (HKLM-x32\...\WavePad) (Version: 10.53 - NCH Software)
    Web Companion (HKLM-x32\...\{d0d1e40e-a2fd-409b-9781-06187c7c51a7}) (Version: 6.0.2270.4122 - Lavasoft)
    WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version: - )
    WinZip (HKLM-x32\...\WinZip) (Version: 9.0 SR-1 (6224) - WinZip Computing, Inc.)
    Wondershare DVD Creator(Build 6.2.2) (HKLM-x32\...\Wondershare DVD Creator_is1) (Version: - Wondershare Software)
    Wondershare Helper Compact 2.5.2 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.2 - Wondershare)
    YouTube Downloader 4.6.1094 (HKLM-x32\...\{A7E19604-93AF-4611-8C9F-CE509C2B286F}_is1) (Version: 4.6.1094 - HOW Inc.)
    ZoneAlarm Anti-Ransomware (HKLM-x32\...\{0B8C3231-9818-4CB9-8213-4AB839836791}) (Version: 1.002.4057 - Check Point Software) Hidden
    ZoneAlarm Antivirus (HKLM-x32\...\{F3790C3A-1015-410D-8BE1-EA48C2637BFF}) (Version: 15.6.121.18102 - Check Point Software Technologies Ltd.) Hidden
    ZoneAlarm Firewall (HKLM-x32\...\{18FE6943-D33D-42F5-99D5-0ED22F633E32}) (Version: 15.6.121.18102 - Check Point Software Technologies Ltd.) Hidden
    ZoneAlarm Free Antivirus + Firewall (HKLM-x32\...\ZoneAlarm Free Antivirus + Firewall) (Version: 15.6.121.18102 - Check Point)
    ZoneAlarm Security (HKLM-x32\...\{881E7A8C-9C4B-4D14-B390-EAFBA278CF45}) (Version: 15.6.121.18102 - Check Point Software Technologies Ltd.) Hidden

    Packages:
    =========
    Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2020-06-10] (Autodesk Inc.)
    Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_6.10.5.0_x86__kgqvnymyfvs32 [2020-06-19] (king.com)
    Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.171.500.0_x86__kgqvnymyfvs32 [2020-07-01] (king.com)
    Farm Heroes Saga -> C:\Program Files\WindowsApps\king.com.FarmHeroesSaga_5.40.3.0_x86__kgqvnymyfvs32 [2020-06-25] (king.com)
    Hidden City: Hidden Object Adventure -> C:\Program Files\WindowsApps\828B5831.HiddenCityMysteryofShadows_1.35.3503.0_x86__ytsefhwckbdv6 [2020-06-19] (G5 Entertainment AB)
    Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-06-10] (Microsoft Corporation) [MS Ad]
    Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-06-10] (Microsoft Corporation) [MS Ad]
    Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.5012.0_x64__8wekyb3d8bbwe [2020-06-10] (Microsoft Studios) [MS Ad]
    MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-06-10] (Microsoft Corporation) [MS Ad]
    PicsArt - Photo Studio -> C:\Program Files\WindowsApps\2FE3CB00.PICSART-PHOTOSTUDIO_9.0.1.0_x64__crhqpqs3x1ygc [2020-07-05] (PicsArt Inc.)
    Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.136.734.0_x86__zpdnekdrzrea0 [2020-07-01] (Spotify AB) [Startup Task]
    WinZip Universal -> C:\Program Files\WindowsApps\WinZipComputing.WinZipUniversal_1.5.13516.0_x64__3ykzqggjzj4z0 [2020-06-10] (WinZip Computing)

    ==================== Custom CLSID (Whitelisted): ==============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    CustomCLSID: HKU\S-1-5-21-222439763-1504960209-4064898973-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation)
    ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
    ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat Elements\ContextMenu64.dll [2008-06-11] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
    ContextMenuHandlers1: [SnagItMainShellExt] -> {CF74B903-3389-469c-B3B6-0204D204FCBD} => C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitShellExt64.dll [2010-04-13] (TechSmith Corporation -> TechSmith Corporation)
    ContextMenuHandlers1: [TakeOwnershipMenu] -> {659E506B-0AC2-410E-A94C-A326FF199883} => C:\Program Files (x86)\TakeOwnershipPro\TakeOwnershipPro_x64.dll [2017-08-08] (Top Password Software,Inc. -> TODO: <Company name>) [File not signed]
    ContextMenuHandlers1-x32: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2003-05-15] () [File not signed]
    ContextMenuHandlers1-x32: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files (x86)\WinZip\WZSHLSTB.DLL [2004-08-16] (WinZip Computing, Inc.) [File not signed]
    ContextMenuHandlers1: [ZLAVShExt] -> {D9872D13-7651-4471-9EEE-F0A00218BEBB} => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zlavscan.dll [2019-07-25] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
    ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
    ContextMenuHandlers4: [SnagItMainShellExt] -> {CF74B903-3389-469c-B3B6-0204D204FCBD} => C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitShellExt64.dll [2010-04-13] (TechSmith Corporation -> TechSmith Corporation)
    ContextMenuHandlers4: [TakeOwnershipMenu] -> {659E506B-0AC2-410E-A94C-A326FF199883} => C:\Program Files (x86)\TakeOwnershipPro\TakeOwnershipPro_x64.dll [2017-08-08] (Top Password Software,Inc. -> TODO: <Company name>) [File not signed]
    ContextMenuHandlers4-x32: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2003-05-15] () [File not signed]
    ContextMenuHandlers4-x32: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files (x86)\WinZip\WZSHLSTB.DLL [2004-08-16] (WinZip Computing, Inc.) [File not signed]
    ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
    ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
    ContextMenuHandlers6-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
    ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat Elements\ContextMenu64.dll [2008-06-11] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
    ContextMenuHandlers6-x32: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2003-05-15] () [File not signed]
    ContextMenuHandlers6-x32: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files (x86)\WinZip\WZSHLSTB.DLL [2004-08-16] (WinZip Computing, Inc.) [File not signed]
    ContextMenuHandlers6: [ZLAVShExt] -> {D9872D13-7651-4471-9EEE-F0A00218BEBB} => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zlavscan.dll [2019-07-25] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
    ContextMenuHandlers6_S-1-5-21-222439763-1504960209-4064898973-1001: [UltraEdit] -> {b5eedee0-c06e-11cf-8c56-444553540000} => -> No File

    ==================== Codecs (Whitelisted) ====================

    ==================== Shortcuts & WMI ========================

    (The entries could be listed to be restored or removed.)

    Shortcut: C:\Users\Steve\Desktop\ham radio\SDR-Radio Tools.com\Reset Console.lnk -> C:\ham radio\sdr\sdr console\ResetConsole.bat ()
    Shortcut: C:\Users\Steve\Desktop\ham radio\SDR-Radio Tools.com\Select Identity.lnk -> C:\ham radio\sdr\sdr console\SelectIdentity.bat ()

    ==================== Loaded Modules (Whitelisted) =============

    2020-06-22 02:11 - 2016-07-21 10:54 - 000137728 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
    2020-06-22 02:11 - 2016-10-08 16:48 - 001506304 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
    2020-04-19 15:36 - 2003-05-15 14:43 - 000119808 _____ () [File not signed] C:\Program Files (x86)\WinRAR\rarext.dll
    2020-02-06 17:44 - 2020-02-06 17:44 - 000056320 _____ (Check Point Software Technologies Ltd.) [File not signed] C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\cphnt32.dll
    2020-02-06 17:48 - 2020-02-06 17:48 - 000069120 _____ (Check Point Software Technologies Ltd.) [File not signed] C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\cphnt64.dll
    2020-02-06 17:44 - 2020-02-06 17:44 - 000020480 _____ (Check Point Software Technologies Ltd.) [File not signed] C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\cphusr32.dll
    2020-02-06 17:48 - 2020-02-06 17:48 - 000019968 _____ (Check Point Software Technologies Ltd.) [File not signed] C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\cphusr64.dll
    2020-06-22 01:49 - 2019-02-21 09:00 - 000050688 _____ (Igor Pavlov) [File not signed] C:\Program Files (x86)\7-Zip\7-zip.dll
    2020-04-20 01:20 - 2015-09-08 11:31 - 000036864 _____ (KEDMI Scientific Computing) [File not signed] C:\Program Files (x86)\tinySpell\tskh1960.DLL
    2020-04-20 01:20 - 1997-01-20 23:11 - 000089088 _____ (LexSaurus Software, Inc.) [File not signed] C:\Program Files (x86)\tinySpell\wrs32.dll
    2019-07-25 10:52 - 2019-07-25 10:52 - 000986112 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\CheckPoint\ZoneAlarm\dbghelp.dll
    2003-03-19 06:14 - 2003-03-19 06:14 - 000499712 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Ahead\Lib\MSVCP71.dll
    2003-02-21 14:42 - 2003-02-21 14:42 - 000348160 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Ahead\Lib\MSVCR71.dll
    2020-05-24 09:40 - 2020-05-24 09:40 - 001093120 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed\MFC80U .DLL
    2005-10-28 16:12 - 2005-10-28 16:12 - 000774144 _____ (Nero AG) [File not signed] C:\Program Files (x86)\Common Files\Ahead\lib\NMDataServices.dll
    2005-10-28 16:26 - 2005-10-28 16:26 - 000012288 _____ (Nero AG) [File not signed] C:\Program Files (x86)\Common Files\Ahead\lib\NMIndexStoreSvrPS.dll
    2020-02-06 14:36 - 2020-02-06 14:36 - 001124352 _____ (Robert Simpson, et al.) [File not signed] [File is in use] C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\SQLite\System.Data.SQLite.dll
    2020-02-06 06:07 - 2020-02-06 06:07 - 001189888 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\x86\SQLite.Interop.dll
    2015-12-17 11:11 - 2015-12-17 11:11 - 000132096 _____ (Seiko Epson Corporation) [File not signed] C:\Program Files (x86)\EPSON Software\Event Manager\epnsm.dll
    2009-10-21 17:39 - 2009-10-21 17:39 - 000291328 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\Event Manager\LcMgr.dll
    2020-06-07 20:35 - 2019-12-16 01:00 - 000096768 _____ (Seiko Epson Corporation) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\EbpD4Fax.dll
    2020-06-07 20:35 - 2019-12-16 01:00 - 000212992 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\FUADRFIL.dll
    2020-06-07 20:35 - 2019-12-16 01:00 - 000286720 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXCFG.dll
    2020-06-07 20:35 - 2019-12-16 01:00 - 000446464 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXCSR.DLL
    2020-06-07 20:35 - 2019-12-16 01:00 - 000393216 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXLDB.dll
    2020-06-07 20:35 - 2019-12-16 01:00 - 000651264 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXTIF.dll
    2020-06-07 20:35 - 2019-12-16 01:00 - 000421888 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\FUIMGCDC.dll
    2020-06-07 20:35 - 2019-12-16 01:00 - 000278528 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\FULEPP.dll
    2020-06-07 20:35 - 2019-12-16 01:00 - 000077824 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\FUSTMMSG.dll
    2020-06-07 20:35 - 2019-12-16 01:00 - 000356352 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\FUSVCCLT.dll
    2020-06-07 20:35 - 2019-12-16 01:00 - 000065536 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\FUUSBHLP.dll
    2020-06-07 20:35 - 2019-12-16 01:00 - 000258048 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\FUVERDLG.dll
    2020-06-07 20:35 - 2019-12-16 01:00 - 000073728 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\Library\FUDEVCOM.dll
    2020-06-07 20:35 - 2019-12-16 01:00 - 000135168 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\Library\FUDRVUTL.dll
    2020-06-07 20:35 - 2019-12-16 01:00 - 000339968 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\Library\FUPRBDEV.dll
    2020-06-07 20:35 - 2019-12-16 01:00 - 000286720 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\Library\FUSNMPUT.dll
    2020-06-07 20:35 - 2019-12-15 09:00 - 000086016 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\FAX Utility\Resource\FUCMNMSG.dll
    2020-06-07 20:35 - 2019-12-15 09:00 - 000090112 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\FAX Utility\Resource\FUFAXCFGRes.dll
    2020-06-07 20:35 - 2019-12-15 09:00 - 000241664 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\FAX Utility\Resource\FUFAXRCV.dll
    2020-06-07 20:35 - 2019-12-15 09:00 - 000110592 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\FAX Utility\Resource\FUFAXSTM.dll
    2020-06-07 20:35 - 2019-12-15 09:00 - 000022016 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\FAX Utility\Resource\FULEPPRes.dll
    2020-06-07 20:35 - 2019-12-15 09:00 - 000077824 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\FAX Utility\Resource\FUPRBDEVRes.dll
    2016-09-14 14:31 - 2016-09-14 14:31 - 000500736 ____S (SEIKO EPSON CORPORATION) [File not signed] C:\WINDOWS\System32\enppmon.dll
    2020-06-07 20:35 - 2019-12-16 01:00 - 000786432 _____ (SEIKO EPSON) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\Library\ENCM.dll
    2020-06-07 20:35 - 2019-12-16 01:00 - 000278528 _____ (SEIKO EPSON) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\Library\ENNW.dll
    2020-06-07 20:35 - 2019-12-16 01:00 - 000299008 _____ (SEIKO EPSON) [File not signed] C:\Program Files (x86)\EPSON Software\FAX Utility\Library\ENUTIL.dll
    2020-05-23 03:37 - 2017-08-08 00:50 - 000132976 _____ (Top Password Software,Inc. -> TODO: <Company name>) [File not signed] C:\Program Files (x86)\TakeOwnershipPro\TakeOwnershipPro_x64.dll
    2004-08-16 09:00 - 2004-08-16 09:00 - 000005120 _____ (WinZip Computing, Inc.) [File not signed] C:\Program Files (x86)\WinZip\WZSHLSTB.DLL
    2020-06-22 02:11 - 2016-10-08 16:49 - 000708608 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll

    ==================== Alternate Data Streams (Whitelisted) ========

    (If an entry is included in the fixlist, only the ADS will be removed.)

    AlternateDataStreams: C:\ProgramData\TEMP:72CCCD14 [207]

    ==================== Safe Mode (Whitelisted) ==================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"

    ==================== Association (Whitelisted) =================

    ==================== Internet Explorer trusted/restricted ==========

    (If an entry is included in the fixlist, it will be removed from the registry.)

    IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
    IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
    IE trusted site: HKU\S-1-5-21-222439763-1504960209-4064898973-1001\...\localhost -> localhost
    IE trusted site: HKU\S-1-5-21-222439763-1504960209-4064898973-1001\...\webcompanion.com -> hxxp://webcompanion.com

    ==================== Hosts content: =========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2017-03-18 14:03 - 2020-04-30 20:43 - 000000905 _____ C:\WINDOWS\system32\drivers\etc\hosts
    127.0.0.1 applian.securesites.com
    161.58.195.155 tempdomainname.com

    ==================== Other Areas ===========================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-222439763-1504960209-4064898973-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
    DNS Servers: 192.168.1.1
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
    Windows Firewall is disabled.

    Network Binding:
    =============
    Wi-Fi: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
    Ethernet: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
    VirtualBox Host-Only Network: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (If an entry is included in the fixlist, it will be removed.)

    HKLM\...\StartupApproved\Run32: => "NeroFilterCheck"

    ==================== FirewallRules (Whitelisted) ================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [{0556C372-99BB-4A63-AE89-49ECBB382147}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Free Screen Recorder\Apowersoft Free Screen Recorder.exe => No File
    FirewallRules: [{BB0A04C1-BB16-433A-BCBE-741CCD8D83DB}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Free Screen Recorder\Apowersoft Free Screen Recorder.exe => No File
    FirewallRules: [{11F95C86-3AC4-4266-B30F-145EA90DBE3D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
    FirewallRules: [{4EA51804-E3A2-426E-8EFD-5CF277796D8E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
    FirewallRules: [{B26ACB43-2D0D-4517-AD77-FD62308EC0E6}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
    FirewallRules: [{61C8AC50-FBD0-48BA-9725-369CF52C9538}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
    FirewallRules: [{F51DD6C0-7296-49DF-8C25-827A5F50C1A0}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
    FirewallRules: [{239C0F74-F613-4D21-AE34-40E584044FA6}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
    FirewallRules: [{97F153B3-8FFC-4885-B19A-829690819C15}] => (Allow) C:\games\flight gear\bin\fgfs.exe () [File not signed]
    FirewallRules: [{5BB457A5-A8F8-4578-BD7D-B9604C5AA6D6}] => (Allow) C:\games\flight gear\bin\fgfs.exe () [File not signed]
    FirewallRules: [{0EB25CD1-A97E-4DA2-BDAE-E14D43962D07}] => (Allow) C:\games\flight gear\bin\fgcom.exe () [File not signed]
    FirewallRules: [{02CC6197-41E4-4B8F-826A-BE0B1237F713}] => (Allow) C:\games\flight gear\bin\fgcom.exe () [File not signed]
    FirewallRules: [{82A4B302-976B-48B1-8E6C-0AB03BE840BB}] => (Allow) C:\Program Files (x86)\Nero\Nero 2017\Nero Burning ROM\StartNBR.exe (Nero AG -> Nero AG)
    FirewallRules: [{005A8780-35C1-4FE5-9B3B-422D353F2372}] => (Allow) C:\Program Files (x86)\Nero\Nero 2017\Nero MediaHome\NMDllHost.exe (Nero AG -> Nero AG)
    FirewallRules: [{35C91EC4-8126-4AAC-92DA-D1358230DA2B}] => (Allow) C:\Program Files (x86)\Nero\Nero 2017\Nero MediaHome\MediaHome.exe (Nero AG -> Nero AG)
    FirewallRules: [{37DD73DC-B6D4-4E4B-8004-F79D9E43F711}] => (Allow) C:\Program Files (x86)\Nero\Nero 2017\Nero Burning ROM\nero.exe (Nero AG -> Nero AG)
    FirewallRules: [{BA543FD9-B875-4AFD-90CC-8BC92D3B88D8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
    FirewallRules: [{D059AD5C-EECF-47DD-8302-B1353412095E}] => (Allow) C:\Users\Steve\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
    FirewallRules: [{527C2BF9-4EE5-4D88-8034-47CEF86FF707}] => (Allow) C:\Users\Steve\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
    FirewallRules: [{9F64EBF0-A68A-473B-852E-5C05116314EB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.136.734.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
    FirewallRules: [{C13832B0-0410-4838-85EC-9DE0F29D5D6A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.136.734.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
    FirewallRules: [{8479E07C-11C3-469F-AC08-1653A46380B7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.136.734.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
    FirewallRules: [{2063C4A2-A17A-4A39-B943-D35CD6AF2955}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.136.734.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
    FirewallRules: [{3F88D1AE-CA9B-4750-B082-F5663041C935}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.136.734.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
    FirewallRules: [{5D7447CE-CCD1-4BA2-BB05-B437F7A55EF5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.136.734.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
    FirewallRules: [{E61EC45A-E8AB-4DD0-B56D-AC92423FDEE1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.136.734.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
    FirewallRules: [{F01E8F6A-F50C-4190-8EC9-911004E48639}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.136.734.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)

    ==================== Restore Points =========================

    26-06-2020 13:53:32 Scheduled Checkpoint
    29-06-2020 01:01:31 Windows Modules Installer
    04-07-2020 20:18:11 Installed Oracle VM VirtualBox 6.1.10

    ==================== Faulty Device Manager Devices ============


    ==================== Event log errors: ========================

    Application errors:
    ==================
    Error: (07/07/2020 01:53:00 AM) (Source: ESENT) (EventID: 455) (User: )
    Description: svchost (3516,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

    Error: (07/07/2020 01:46:37 AM) (Source: SideBySide) (EventID: 33) (User: )
    Description: Activation context generation failed for "C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed\MFC80 U.DLL".
    Dependent Assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",ver sion="8.0.50608.0" could not be found.
    Please use sxstrace.exe for detailed diagnosis.

    Error: (07/07/2020 01:46:37 AM) (Source: SideBySide) (EventID: 33) (User: )
    Description: Activation context generation failed for "C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed\MFC80 U.DLL".
    Dependent Assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",ver sion="8.0.50608.0" could not be found.
    Please use sxstrace.exe for detailed diagnosis.

    Error: (07/06/2020 05:15:38 AM) (Source: ESENT) (EventID: 455) (User: )
    Description: svchost (7576,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

    Error: (07/06/2020 04:19:57 AM) (Source: ESENT) (EventID: 455) (User: )
    Description: svchost (1368,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

    Error: (07/06/2020 04:05:14 AM) (Source: ESENT) (EventID: 455) (User: )
    Description: svchost (5108,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

    Error: (07/06/2020 03:57:37 AM) (Source: ESENT) (EventID: 455) (User: )
    Description: svchost (12936,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

    Error: (07/06/2020 03:50:22 AM) (Source: SecurityCenter) (EventID: 17) (User: )
    Description: Security Center failed to validate caller with error %1.


    System errors:
    =============
    Error: (07/06/2020 05:11:13 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
    Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the CPEFR service.

    Error: (07/06/2020 04:00:13 AM) (Source: DCOM) (EventID: 10001) (User: GATEWAY-LAPTOP)
    Description: Unable to start a DCOM Server: Microsoft.WindowsStore_12006.1001.1.0_x64__8wekyb3d8bbwe!App as Unavailable/Unavailable. The error:
    "2147942402"
    Happened while starting this command:
    "C:\Program Files\WindowsApps\Microsoft.WindowsStore_12006.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe" -ServerName:App.AppXc75wvwned5vhz4xyxxecvgdjhdkgsdza.mca

    Error: (07/06/2020 03:48:34 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
    Description: The server {995C996E-D918-4A8C-A302-45719A6F4EA7} did not register with DCOM within the required timeout.

    Error: (07/06/2020 01:47:11 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
    Description: The server {995C996E-D918-4A8C-A302-45719A6F4EA7} did not register with DCOM within the required timeout.

    Error: (07/06/2020 01:47:11 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
    Description: The server {995C996E-D918-4A8C-A302-45719A6F4EA7} did not register with DCOM within the required timeout.

    Error: (07/06/2020 01:47:11 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
    Description: The server {995C996E-D918-4A8C-A302-45719A6F4EA7} did not register with DCOM within the required timeout.

    Error: (07/06/2020 01:47:10 AM) (Source: DCOM) (EventID: 10010) (User: GATEWAY-LAPTOP)
    Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

    Error: (07/05/2020 11:11:43 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
    Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the CPEFR service.


    Windows Defender:
    ===================================
    Date: 2020-07-05 23:05:54.239
    Description:
    Windows Defender Antivirus scan has been stopped before completion.
    Scan ID: {9F1CB841-83DD-40A5-8C79-A9DD55A0E39A}
    Scan Type: Antimalware
    Scan Parameters: Quick Scan

    Date: 2020-07-05 23:00:44.532
    Description:
    Windows Defender Antivirus scan has been stopped before completion.
    Scan ID: {C7A17CE6-F80D-41E3-9E5E-31AEFD4D19A3}
    Scan Type: Antimalware
    Scan Parameters: Quick Scan

    Date: 2020-07-05 22:44:46.649
    Description:
    Windows Defender Antivirus scan has been stopped before completion.
    Scan ID: {87EB3882-CF81-4B53-91A1-4FD308ED64CA}
    Scan Type: Antimalware
    Scan Parameters: Quick Scan

    Date: 2020-07-05 22:39:36.756
    Description:
    Windows Defender Antivirus scan has been stopped before completion.
    Scan ID: {7A54C676-C01C-4593-A396-07517B2D4997}
    Scan Type: Antimalware
    Scan Parameters: Quick Scan

    Date: 2020-07-05 22:18:13.526
    Description:
    Windows Defender Antivirus scan has been stopped before completion.
    Scan ID: {7206BCC5-0CF5-4C2D-9D6C-7D110726DB2D}
    Scan Type: Antimalware
    Scan Parameters: Quick Scan

    Date: 2020-06-14 03:43:54.886
    Description:
    Windows Defender Antivirus has encountered an error trying to update security intelligence.
    New security intelligence Version:
    Previous security intelligence Version: 1.317.1296.0
    Update Source: Microsoft Update Server
    Security intelligence Type: AntiVirus
    Update Type: Full
    Current Engine Version:
    Previous Engine Version: 1.1.17100.2
    Error code: 0x80070422
    Error description: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

    Date: 2020-06-13 08:49:59.228
    Description:
    Windows Defender Antivirus has encountered an error trying to update security intelligence.
    New security intelligence Version:
    Previous security intelligence Version: 1.317.266.0
    Update Source: Microsoft Update Server
    Security intelligence Type: AntiVirus
    Update Type: Full
    Current Engine Version:
    Previous Engine Version: 1.1.17100.2
    Error code: 0x80070422
    Error description: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

    Date: 2020-05-30 09:11:37.286
    Description:
    Windows Defender Antivirus has encountered an error trying to load security intelligence and will attempt reverting back to a known-good version.
    Security intelligence Attempted: Current
    Error Code: 0x80070003
    Error description: The system cannot find the path specified.
    Security intelligence version: 0.0.0.0;0.0.0.0
    Engine version: 0.0.0.0

    CodeIntegrity:
    ===================================

    Date: 2020-07-07 03:21:37.941
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\sdk8\Amsi\amsi_plugin64.dll .e9bffbee5e89efbe274fe1573f1f6966 that did not meet the Windows signing level requirements.

    Date: 2020-07-07 03:21:37.934
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\CheckPoint\Endpoint Security\EFR\CP_AmsiProvider64.dll that did not meet the Windows signing level requirements.

    Date: 2020-07-07 03:21:37.925
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\sdk8\Amsi\amsi_plugin64.dll .e9bffbee5e89efbe274fe1573f1f6966 that did not meet the Windows signing level requirements.

    Date: 2020-07-07 03:21:37.918
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\CheckPoint\Endpoint Security\EFR\CP_AmsiProvider64.dll that did not meet the Windows signing level requirements.

    Date: 2020-07-07 03:21:37.903
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\sdk8\Amsi\amsi_plugin64.dll .e9bffbee5e89efbe274fe1573f1f6966 that did not meet the Windows signing level requirements.

    Date: 2020-07-07 03:21:37.896
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\CheckPoint\Endpoint Security\EFR\CP_AmsiProvider64.dll that did not meet the Windows signing level requirements.

    Date: 2020-07-07 03:21:37.887
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\sdk8\Amsi\amsi_plugin64.dll .e9bffbee5e89efbe274fe1573f1f6966 that did not meet the Windows signing level requirements.

    Date: 2020-07-07 03:21:37.879
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\CheckPoint\Endpoint Security\EFR\CP_AmsiProvider64.dll that did not meet the Windows signing level requirements.

    ==================== Memory info ===========================

    BIOS: Insyde Corp. V2.02 07/30/2013
    Motherboard: Gateway EA50_CX
    Processor: Intel(R) Core(TM) i3-3217U CPU @ 1.80GHz
    Percentage of memory in use: 64%
    Total physical RAM: 8010.35 MB
    Available physical RAM: 2866.88 MB
    Total Virtual: 9290.35 MB
    Available Virtual: 3598.83 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:697.62 GB) (Free:603.31 GB) NTFS
    Drive d: () (Fixed) (Total:465.76 GB) (Free:384.76 GB) NTFS
    Drive h: () (Removable) (Total:1.89 GB) (Free:1.64 GB) NTFS

    \\?\Volume{fa120db0-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS
    \\?\Volume{fa120db0-0000-0000-0000-5087ae000000}\ () (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS

    ==================== MBR & Partition Table ====================

    ==========================================================
    Disk: 0 (MBR Code: Windows 7/8/10) (Size: 698.6 GB) (Disk ID: FA120DB0)
    Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=697.6 GB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=533 MB) - (Type=27)

    ==========================================================
    Disk: 1 (MBR Code: Windows XP) (Size: 1.9 GB) (Disk ID: 0A3EEFA2)
    Partition 1: (Not Active) - (Size=1.9 GB) - (Type=07 NTFS)

    ==========================================================
    Disk: 2 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: 00001511)
    Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

    ==================== End of Addition.txt =======================
      My Computer


 

  Related Discussions
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 09:44.
Find Us




Windows 10 Forums