Topic: May have virus
View Single Post
  #3  
Old September 6th, 2020, 06:56 PM
Jerry56 Jerry56 is offline
Senior Member
  
Join Date: Jul 2007
Posts: 1,119
Thumbs up
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-09-2020
Ran by GF (administrator) on 772285 (Dell Inc. OptiPlex 360) (06-09-2020 12:47:33)
Running from C:\Users\GF\Desktop
Loaded Profiles: GF
Platform: Windows 10 Home Version 2004 19041.450 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Dell Inc. -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAge nt.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6600\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exeScan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-09-2020
Ran by GF (administrator) on 772285 (Dell Inc. OptiPlex 360) (06-09-2020 12:42:01)
Running from C:\Users\GF\Desktop
Loaded Profiles: GF
Platform: Windows 10 Home Version 2004 19041.450 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Dell Inc. -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAge nt.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6600\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2 007.1.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12008.100 1.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-09-2020
Ran by GF (administrator) on 772285 (Dell Inc. OptiPlex 360) (06-09-2020 12:42:01)
Running from C:\Users\GF\Desktop
Loaded Profiles: GF
Platform: Windows 10 Home Version 2004 19041.450 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Dell Inc. -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAge nt.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6600\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2 007.1.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12008.100 1.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2008.9-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2008.9-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Users\GF\AppData\Local\Mozilla Firefox\firefox.exe <7>
(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6 .0.7193.518\DSAPI.exe
(Polenter - Pawel Idzikowski -> Polenter - Software Solutions) E:\Program Files (x86)\Desktop-Reminder 2\DesktopReminder2.exe

==================== Registry (Whitelisted) ==========Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-09-2020
Ran by GF (administrator) on 772285 (Dell Inc. OptiPlex 360) (06-09-2020 12:47:33)
Running from C:\Users\GF\Desktop
Loaded Profiles: GF
Platform: Windows 10 Home Version 2004 19041.450 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Dell Inc. -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAge nt.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6600\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2 007.1.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12008.100 1.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2008.9-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2008.9-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Users\GF\AppData\Local\Mozilla Firefox\firefox.exe <7>
(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6 .0.7193.518\DSAPI.exe
(Polenter - Pawel Idzikowski -> Polenter - Software Solutions) E:\Program Files (x86)\Desktop-Reminder 2\DesktopReminder2.exe

==================== Registry (Whitelisted) ===================Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-09-2020
Ran by GF (administrator) on 772285 (Dell Inc. OptiPlex 360) (06-09-2020 12:47:33)
Running from C:\Users\GF\Desktop
Loaded Profiles: GF
Platform: Windows 10 Home Version 2004 19041.450 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Dell Inc. -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAge nt.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6600\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2 007.1.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12008.100 1.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2008.9-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2008.9-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Users\GF\AppData\Local\Mozilla Firefox\firefox.exe <7>
(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6 .0.7193.518\DSAPI.exe
(Polenter - Pawel Idzikowski -> Polenter - Software Solutions) E:\Program Files (x86)\Desktop-Reminder 2\DesktopReminder2.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard Company -> Hewlett-Packard)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-1765009739-2967586476-110976745-1003\...\Run: [DesktopReminder2ByPolenter] => E:\Program Files (x86)\Desktop-Reminder 2\DesktopReminder2.exe [3210128 2018-01-22] (Polenter - Pawel Idzikowski -> Polenter - Software Solutions)
HKU\S-1-5-21-1765009739-2967586476-110976745-1003\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [29271224 2020-08-05] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1765009739-2967586476-110976745-1003\...\Run: [HP Officejet 6600 (NET)] => C:\Program Files\HP\HP Officejet 6600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP 5D12 Status Monitor: C:\WINDOWS\system32\hpinksts5D12LM.dll [332176 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Officejet 6600): C:\WINDOWS\system32\HPDiscoPM5D12.dll [741480 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2019-10-24]
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\GF\AppData\Roaming\Microsoft\Windows\Star t Menu\Programs\Startup\Monitor Ink Alerts - HP Officejet 6600 (Network).lnk [2020-01-28]
ShortcutAndArgument: Monitor Ink Alerts - HP Officejet 6600 (Network).lnk -> C:\WINDOWS\system32\RunDll32.exe => "C:\Program Files\HP\HP Officejet 6600\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN41H8R67S05RN;CONNECTION=NW;MONITOR= 1;

==================== Scheduled Tasks (Whitelisted) ============Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-09-2020
Ran by GF (administrator) on 772285 (Dell Inc. OptiPlex 360) (06-09-2020 12:47:33)
Running from C:\Users\GF\Desktop
Loaded Profiles: GF
Platform: Windows 10 Home Version 2004 19041.450 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Dell Inc. -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAge nt.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6600\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2 007.1.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12008.100 1.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2008.9-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2008.9-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Users\GF\AppData\Local\Mozilla Firefox\firefox.exe <7>
(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6 .0.7193.518\DSAPI.exe
(Polenter - Pawel Idzikowski -> Polenter - Software Solutions) E:\Program Files (x86)\Desktop-Reminder 2\DesktopReminder2.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard Company -> Hewlett-Packard)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-1765009739-2967586476-110976745-1003\...\Run: [DesktopReminder2ByPolenter] => E:\Program Files (x86)\Desktop-Reminder 2\DesktopReminder2.exe [3210128 2018-01-22] (Polenter - Pawel Idzikowski -> Polenter - Software Solutions)
HKU\S-1-5-21-1765009739-2967586476-110976745-1003\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [29271224 2020-08-05] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1765009739-2967586476-110976745-1003\...\Run: [HP Officejet 6600 (NET)] => C:\Program Files\HP\HP Officejet 6600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP 5D12 Status Monitor: C:\WINDOWS\system32\hpinksts5D12LM.dll [332176 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Officejet 6600): C:\WINDOWS\system32\HPDiscoPM5D12.dll [741480 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2019-10-24]
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\GF\AppData\Roaming\Microsoft\Windows\Star t Menu\Programs\Startup\Monitor Ink Alerts - HP Officejet 6600 (Network).lnk [2020-01-28]
ShortcutAndArgument: Monitor Ink Alerts - HP Officejet 6600 (Network).lnk -> C:\WINDOWS\system32\RunDll32.exe => "C:\Program Files\HP\HP Officejet 6600\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN41H8R67S05RN;CONNECTION=NW;MONITOR= 1;

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {15BB4F49-5D8B-4098-85E2-5D371E775B5B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MpCmdRun.exe [525032 2020-09-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4FF87F99-C15F-49E4-AF83-4038CAC1C0BD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MpCmdRun.exe [525032 2020-09-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5F5C57B8-F681-41B9-A01D-884CDE256E7C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MpCmdRun.exe [525032 2020-09-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {60DBAEE1-4F64-4103-A6C4-CEB08B4DD6F6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MpCmdRun.exe [525032 2020-09-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7C58D078-F50D-4E82-B1AE-D836B83B29A1} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-08-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {B01DE897-728F-43FC-8B4F-1E9ABD3DC494} - System32\Tasks\Mozilla\Firefox Default Browser Agent 5C6281FA84B0DF00 => C:\Users\GF\AppData\Local\Mozilla Firefox\default-browser-agent.exe [660688 2020-09-05] (Mozilla Corporation -> Mozilla Foundation)
Task: {CEE6EE8B-C445-4BFD-AD5F-71530662BE90} - System32\Tasks\HPCustParticipation HP Officejet 6600 => C:\Program Files\HP\HP Officejet 6600\Bin\HPCustPartic.exe [4119656 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
Task: {DD8DE430-8E4E-4ED7-90F2-04C344B31ECC} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistIns taller.exe [1045976 2020-07-06] (Dell Inc. -> Dell Inc.)
Task: {FC4BF792-FF67-499C-A06E-904B3210E68C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [24770744 2020-08-05] (Piriform Software Ltd -> Piriform Software Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-09-2020
Ran by GF (administrator) on 772285 (Dell Inc. OptiPlex 360) (06-09-2020 12:47:33)
Running from C:\Users\GF\Desktop
Loaded Profiles: GF
Platform: Windows 10 Home Version 2004 19041.450 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Dell Inc. -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAge nt.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6600\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2 007.1.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12008.100 1.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2008.9-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2008.9-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Users\GF\AppData\Local\Mozilla Firefox\firefox.exe <7>
(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6 .0.7193.518\DSAPI.exe
(Polenter - Pawel Idzikowski -> Polenter - Software Solutions) E:\Program Files (x86)\Desktop-Reminder 2\DesktopReminder2.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard Company -> Hewlett-Packard)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-1765009739-2967586476-110976745-1003\...\Run: [DesktopReminder2ByPolenter] => E:\Program Files (x86)\Desktop-Reminder 2\DesktopReminder2.exe [3210128 2018-01-22] (Polenter - Pawel Idzikowski -> Polenter - Software Solutions)
HKU\S-1-5-21-1765009739-2967586476-110976745-1003\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [29271224 2020-08-05] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1765009739-2967586476-110976745-1003\...\Run: [HP Officejet 6600 (NET)] => C:\Program Files\HP\HP Officejet 6600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP 5D12 Status Monitor: C:\WINDOWS\system32\hpinksts5D12LM.dll [332176 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Officejet 6600): C:\WINDOWS\system32\HPDiscoPM5D12.dll [741480 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2019-10-24]
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\GF\AppData\Roaming\Microsoft\Windows\Star t Menu\Programs\Startup\Monitor Ink Alerts - HP Officejet 6600 (Network).lnk [2020-01-28]
ShortcutAndArgument: Monitor Ink Alerts - HP Officejet 6600 (Network).lnk -> C:\WINDOWS\system32\RunDll32.exe => "C:\Program Files\HP\HP Officejet 6600\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN41H8R67S05RN;CONNECTION=NW;MONITOR= 1;

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {15BB4F49-5D8B-4098-85E2-5D371E775B5B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MpCmdRun.exe [525032 2020-09-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4FF87F99-C15F-49E4-AF83-4038CAC1C0BD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MpCmdRun.exe [525032 2020-09-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5F5C57B8-F681-41B9-A01D-884CDE256E7C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MpCmdRun.exe [525032 2020-09-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {60DBAEE1-4F64-4103-A6C4-CEB08B4DD6F6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MpCmdRun.exe [525032 2020-09-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7C58D078-F50D-4E82-B1AE-D836B83B29A1} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-08-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {B01DE897-728F-43FC-8B4F-1E9ABD3DC494} - System32\Tasks\Mozilla\Firefox Default Browser Agent 5C6281FA84B0DF00 => C:\Users\GF\AppData\Local\Mozilla Firefox\default-browser-agent.exe [660688 2020-09-05] (Mozilla Corporation -> Mozilla Foundation)
Task: {CEE6EE8B-C445-4BFD-AD5F-71530662BE90} - System32\Tasks\HPCustParticipation HP Officejet 6600 => C:\Program Files\HP\HP Officejet 6600\Bin\HPCustPartic.exe [4119656 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
Task: {DD8DE430-8E4E-4ED7-90F2-04C344B31ECC} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistIns taller.exe [1045976 2020-07-06] (Dell Inc. -> Dell Inc.)
Task: {FC4BF792-FF67-499C-A06E-904B3210E68C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [24770744 2020-08-05] (Piriform Software Ltd -> Piriform Software Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{ab9a35bc-455a-42c1-9b0c-5056609d4225}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-1765009739-2967586476-110976745-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
Handler-x32: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL [2001-01-22] (Microsoft Corporation) [File not signed]
Handler-x32: http - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler-x32: http - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler-x32: https - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler-x32: https - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler-x32: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2001-06-20] (Microsoft Corporation) [File not signed]
Handler-x32: msdaipp - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler-x32: msdaipp - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]

Edge:
======
DownloadDir: C:\Users\GF\Downloads
Edge DefaultProfile: Default
Edge Profile: C:\Users\GF\AppData\Local\Microsoft\Edge\User Data\Default [2020-09-05]
Edge DownloadDir: C:\Users\GF\Downloads
Edge StartupUrls: Default -> "hxxps://excite.com/"

FireFox:
========
FF DefaultProfile: 7exrey2b.default
FF ProfilePath: C:\Users\GF\AppData\Roaming\Mozilla\Firefox\Profil es\j6dcfpki.default-release-1 [2020-09-06]
FF Homepage: Mozilla\Firefox\Profiles\j6dcfpki.default-release-1 -> hxxps://www.excite.com/
FF ProfilePath: C:\Users\GF\AppData\Roaming\Mozilla\Firefox\Profil es\7exrey2b.default [2019-10-22]
FF ProfilePath: C:\Users\GF\AppData\Roaming\Mozilla\Firefox\Profil es\82zxnatg.default-release-1596329675844 [2020-09-04]
FF Plugin: @videolan.org/vlc,version=3.0.8 -> E:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR Profile: C:\Users\GF\AppData\Local\Google\Chrome\User Data\Default [2020-09-05]
CHR StartupUrls: Default -> "hxxps://www.google.com/"

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [284720 2020-06-10] (Dell Inc -> Dell Technologies Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3455536 2020-06-10] (Dell Inc -> Dell Technologies Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [294448 2020-06-10] (Dell Inc -> Dell Technologies Inc.)
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6 .0.7193.518\DSAPI.exe [965104 2020-09-05] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [36544 2020-04-17] (Dell Inc -> )
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6960640 2019-12-27] (Malwarebytes Inc -> Malwarebytes)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAge nt.exe [33240 2020-07-06] (Dell Inc. -> Dell Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\NisSrv.exe [2343112 2020-09-02] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MsMpEng.exe [128360 2020-09-02] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [35208 2020-05-26] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-12-27] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48520 2020-09-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [428256 2020-09-02] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [69856 2020-09-02] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-09-06 12:44 - 2020-09-06 12:46 - 000020156 _____ C:\Users\GF\Desktop\Addition.txt
2020-09-06 12:42 - 2020-09-06 12:48 - 000013244 _____ C:\Users\GF\Desktop\FRST.txt
2020-09-06 12:41 - 2020-09-06 12:48 - 000000000 ____D C:\FRST
2020-09-06 12:32 - 2020-09-06 12:33 - 002297344 _____ (Farbar) C:\Users\GF\Desktop\FRST64.exe
2020-09-05 15:11 - 2020-09-05 15:12 - 000416120 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-09-05 01:36 - 2020-09-05 01:36 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-09-05 01:08 - 2020-09-05 01:08 - 000000000 ____D C:\Dell
2020-09-05 01:08 - 2020-09-05 01:08 - 000000000 _____ C:\WINDOWS\invcol.tmp
2020-09-05 01:04 - 2020-09-05 01:04 - 000000000 ____D C:\ProgramData\PCDr_Backup_DBA678
2020-09-05 01:02 - 2020-09-05 15:14 - 000000000 ____D C:\ProgramData\PCDr
2020-09-05 01:02 - 2020-09-05 01:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2020-09-05 01:01 - 2020-09-05 01:01 - 000003914 _____ C:\WINDOWS\system32\Tasks\Dell SupportAssistAgent AutoUpdate
2020-09-05 01:01 - 2020-09-05 01:01 - 000000000 ____D C:\ProgramData\Dell Inc
2020-09-05 01:00 - 2020-09-05 01:07 - 000000000 ____D C:\ProgramData\Dell
2020-09-05 01:00 - 2020-09-05 01:01 - 000000000 ____D C:\Program Files\Dell
2020-09-05 01:00 - 2020-09-05 01:00 - 000000000 ____D C:\ProgramData\SupportAssist
2020-09-05 01:00 - 2020-09-05 01:00 - 000000000 ____D C:\Program Files (x86)\Dell
2020-09-05 00:59 - 2020-09-05 00:59 - 000610096 _____ (Dell Inc.) C:\Users\GF\Downloads\SupportAssistInstaller.exe
2020-09-05 00:19 - 2020-09-06 12:43 - 000000000 ____D C:\Users\GF\AppData\Local\Mozilla Firefox
2020-09-04 21:55 - 2020-09-05 15:11 - 073924608 _____ C:\WINDOWS\system32\config\SOFTWARE
2020-09-04 08:24 - 2020-09-04 08:25 - 027072192 _____ (Piriform Software Ltd) C:\Users\GF\Downloads\ccsetup570.exe
2020-08-12 05:38 - 2020-08-12 05:38 - 004819968 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2020-08-12 05:38 - 2020-08-12 05:38 - 004273664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2020-08-12 05:38 - 2020-08-12 05:38 - 001707008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2020-08-12 05:38 - 2020-08-12 05:38 - 001423360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2020-08-12 05:38 - 2020-08-12 05:38 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2020-08-12 05:38 - 2020-08-12 05:38 - 000515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2020-08-12 05:38 - 2020-08-12 05:38 - 000441856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WalletService.dll
2020-08-12 05:38 - 2020-08-12 05:38 - 000409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2020-08-12 05:38 - 2020-08-12 05:38 - 000387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll
2020-08-12 05:38 - 2020-08-12 05:38 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\syncutil.dll
2020-08-12 05:38 - 2020-08-12 05:38 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe
2020-08-12 05:37 - 2020-08-12 05:37 - 024264704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 019868160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 018766848 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 018071040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 008229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 007754752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 007596032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 007104000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 006406144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 005820416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 004880896 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 004783328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 004362832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 004307456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 003859968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 003661312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 003547280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 003333632 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-08-12 05:37 - 2020-08-12 05:37 - 002686464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 002523616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2020-08-12 05:37 - 2020-08-12 05:37 - 002520056 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 002422072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 002254544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2020-08-12 05:37 - 2020-08-12 05:37 - 002113032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 001980744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 001879488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 001818568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 001719096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 001543168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2020-08-12 05:37 - 2020-08-12 05:37 - 001506616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 001352248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 001328936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 001314616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 001264128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2020-08-12 05:37 - 2020-08-12 05:37 - 001252864 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 001225640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 001117328 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 001101312 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagCpl.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 001014888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 000986624 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 000930304 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2020-08-12 05:37 - 2020-08-12 05:37 - 000913120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 000892928 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 000837120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 000804352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 000772608 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 000759784 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2020-08-12 05:37 - 2020-08-12 05:37 - 000711680 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 000685568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 000665256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2020-08-12 05:37 - 2020-08-12 05:37 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 000539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\IESettingSync.exe
2020-08-12 05:37 - 2020-08-12 05:37 - 000530440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 000526848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 000520704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 000520192 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 000517976 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2020-08-12 05:37 - 2020-08-12 05:37 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2020-08-12 05:37 - 2020-08-12 05:37 - 000468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregcmd.exe
2020-08-12 05:37 - 2020-08-12 05:37 - 000461824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2020-08-12 05:37 - 2020-08-12 05:37 - 000423224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 000421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServerClient.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 000419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 000414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 000396288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncCenter.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 000381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcpl.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 000371712 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 000367416 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Vault.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 000362064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP4SDECD.DLL
2020-08-12 05:37 - 2020-08-12 05:37 - 000360024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2020-08-12 05:37 - 2020-08-12 05:37 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 000353256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 000345600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 000343408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP4SDECD.DLL
2020-08-12 05:37 - 2020-08-12 05:37 - 000343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FrameServerClient.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapisrv.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 000309248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallControlPanel.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 000289792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BioCredProv.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 000271360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Vault.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 000265728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DxpTaskSync.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapisrv.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 000248320 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcenter.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 000247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapi32.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 000236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 000212480 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercpl.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapi32.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 000188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 000187904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcenter.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoplay.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe
2020-08-12 05:37 - 2020-08-12 05:37 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powercpl.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Dsui.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 000146944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 000131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\recovery.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 000114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdSSDP.dll
2020-08-12 05:37 - 2020-08-12 05:37 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcSpecfc.dll
==
Reply With Quote