Jump to content

lilmama59

Members
  • Posts

    6
  • Joined

  • Last visited

Reputation

0 Neutral
  1. I'm sorry to say that the blocks are still there after all the hoops I jumped thru LOL... I still see this annoying icon when I want to change, or delete a file..
  2. Hi, sorry I haven't been around in the past few days... got sidetracked OK: To manage Passwords :- https://support.mozilla.org/en-US/kb/password-manager-remember-delete-change-and-import Next, Remove all synced data from Firefox to stop possible re-infection or exploitation. https://support.mozilla.org/en-US/questions/1037353 Those two I never have to worry because I don't save passwords in my FF and I don't have FF email to sync with anything so I 'm good Got the bookmarks squared away... After I get the FF removed and reinstalled... there's two add-ins I should be aware of...? uBlock-Origin can be installed from here: https://addons.mozilla.org/en-GB/firefox/addon/ublock-origin/ <<--- Recommended. Malwarebytes Browser Guard (Free) for Firefox: https://addons.mozilla.org/en-GB/firefox/addon/malwarebytes/ <<--- Recommended The first puzzled me, and I wondered if it's recommended or I don't have to use it? The second will be my best bet to use it in my browser I don't feel I'd need to use both.. one or the other would be enough for ME.
  3. MALWAREBYTE: 1) Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 1/4/21 Protection Event Time: 7:46 PM Log File: a9f2197e-4f08-11eb-84fb-705a0f2a33d7.json -Software Information- Version: 4.3.0.98 Components Version: 1.0.1130 Update Package Version: 1.0.35295 License: Trial -System Information- OS: Windows 10 (Build 18362.1256) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , C:\Program Files (x86)\Mozilla Firefox\firefox.exe, Blocked, -1, -1, 0.0.0, , -Website Data- Category: PUP Domain: reimageplus.com IP Address: 161.47.7.14 Port: 443 Type: Outbound File: C:\Program Files (x86)\Mozilla Firefox\firefox.exe (end) 2) Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 1/4/21 Protection Event Time: 7:46 PM Log File: 95d25ced-4f08-11eb-8485-705a0f2a33d7.json -Software Information- Version: 4.3.0.98 Components Version: 1.0.1130 Update Package Version: 1.0.35295 License: Trial -System Information- OS: Windows 10 (Build 18362.1256) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , C:\Program Files (x86)\Mozilla Firefox\firefox.exe, Blocked, -1, -1, 0.0.0, , -Website Data- Category: PUP Domain: reimageplus.com IP Address: 161.47.7.14 Port: 443 Type: Outbound File: C:\Program Files (x86)\Mozilla Firefox\firefox.exe (end) From current scan today: Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 1/6/21 Scan Time: 7:36 PM Log File: 98822930-5099-11eb-98b5-705a0f2a33d7.json -Software Information- Version: 4.3.0.98 Components Version: 1.0.1130 Update Package Version: 1.0.35357 License: Trial -System Information- OS: Windows 10 (Build 18362.1256) CPU: x64 File System: NTFS User: System -Scan Summary- Scan Type: Threat Scan Scan Initiated By: Scheduler Result: Completed Objects Scanned: 312072 Threats Detected: 0 Threats Quarantined: 0 Time Elapsed: 6 min, 24 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 0 (No malicious items detected) Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 0 (No malicious items detected) Physical Sector: 0 (No malicious items detected) WMI: 0 (No malicious items detected) (end) =========================================================== AdwCleaner: 1) # ------------------------------- # Malwarebytes AdwCleaner 8.0.8.0 # ------------------------------- # Build: 10-08-2020 # Database: 2020-12-21.1 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 01-05-2021 # Duration: 00:00:34 # OS: Windows 10 Home # Cleaned: 46 # Failed: 1 ***** [ Services ] ***** No malicious services cleaned. ***** [ Folders ] ***** Deleted C:\ProgramData\AVG_UPDATE_0117TB Deleted C:\ProgramData\AVG_UPDATE_0816TB Deleted C:\ProgramData\AVG_UPDATE_1016TB ***** [ Files ] ***** No malicious files cleaned. ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks cleaned. ***** [ Registry ] ***** Deleted HKCU\Software\APN PIP Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} Deleted HKLM\Software\AVG Secure Search ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries cleaned. ***** [ Chromium URLs ] ***** No malicious Chromium URLs cleaned. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries cleaned. ***** [ Firefox URLs ] ***** No malicious Firefox URLs cleaned. ***** [ Hosts File Entries ] ***** No malicious hosts file entries cleaned. ***** [ Preinstalled Software ] ***** Deleted Preinstalled.EpsonCustomerResearchParticipation Folder C:\Program Files\EPSON\EPSONCUSTOMERRESEARCHPARTICIPATION Deleted Preinstalled.EpsonCustomerResearchParticipation Folder C:\ProgramData\EPSON\EPSONCUSTOMERRESEARCHPARTICIPATION Deleted Preinstalled.EpsonCustomerResearchParticipation Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B26449A6-6007-4460-B4FE-C4776115BCEA} Deleted Preinstalled.HPCeement Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HPCeeScheduleForLori Deleted Preinstalled.HPRegistrationService Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP REGISTRATION SERVICE Deleted Preinstalled.HPRegistrationService Folder C:\ProgramData\HEWLETT-PACKARD\HP REGISTRATION SERVICE Deleted Preinstalled.HPRegistrationService Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D1E8F2D7-7794-4245-B286-87ED86C1893C} Deleted Preinstalled.HPSupportAssistant Folder C:\HP\SUPPORT Deleted Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP CUSTOMER FEEDBACK Deleted Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK Deleted Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT INFORMATION Deleted Preinstalled.HPSupportAssistant Folder C:\ProgramData\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK Deleted Preinstalled.HPSupportAssistant Folder C:\Users\Lori\AppData\Local\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK Deleted Preinstalled.HPSupportAssistant Folder C:\Users\Lori\AppData\Roaming\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK Deleted Preinstalled.HPSupportAssistant Folder C:\Windows\System32\config\systemprofile\AppData\Local\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK Deleted Preinstalled.HPSupportAssistant Registry HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} Deleted Preinstalled.HPSupportAssistant Registry HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Classes\CLSID\{335F9A62-FE4B-40CD-B4ED-BB4DE21DC95D} Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{335F9A62-FE4B-40CD-B4ED-BB4DE21DC95D} Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{C0ABBA07-B636-47B8-B9E1-BB96D7CD4831} Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{55065080-504F-43BB-BE00-36B80D7D39A5} Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{76272057-98E0-4DC4-AAC3-10C546C47195} Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{79C54A05-F146-4EA0-8A70-D4EFE6181E52} Deleted Preinstalled.HPTouchpointAnalyticsClient Folder C:\Program Files\HP\HP TOUCHPOINT ANALYTICS CLIENT Deleted Preinstalled.HPTouchpointAnalyticsClient Folder C:\ProgramData\HP\HP TOUCHPOINT ANALYTICS CLIENT Deleted Preinstalled.HPTouchpointAnalyticsClient Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F} Deleted Preinstalled.HPWelcome Folder C:\Program Files\HEWLETT-PACKARD\HP WELCOME Deleted Preinstalled.HPWelcome Folder C:\ProgramData\HEWLETT-PACKARD\HP WELCOME Deleted Preinstalled.HPWelcome Folder C:\Users\Lori\AppData\Local\HEWLETT-PACKARD\HP WELCOME Deleted Preinstalled.HPWelcome Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\HPWelcome Deleted Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDTANGENT GAMES Deleted Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGDF-hp-barbarians Deleted Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGDF-hp-cityofsteam Deleted Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGDF-hp-commandandconqueralliances Deleted Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGDF-hp-dinostorm Deleted Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGDF-hp-fringo Deleted Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGDF-hp-vegasworld Deleted Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGDF-hp-villagersandheroes Not Deleted Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT SOLUTIONS ************************* [+] Delete Tracing Keys [+] Reset Winsock ************************* AdwCleaner[S00].txt - [6881 octets] - [05/01/2021 20:17:24] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ########## 2) # ------------------------------- # Malwarebytes AdwCleaner 8.0.8.0 # ------------------------------- # Build: 10-08-2020 # Database: 2020-12-21.1 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Scan # ------------------------------- # Start: 01-05-2021 # Duration: 00:00:28 # OS: Windows 10 Home # Scanned: 31930 # Detected: 47 ***** [ Services ] ***** No malicious services found. ***** [ Folders ] ***** PUP.Adware.Heuristic C:\ProgramData\AVG_UPDATE_0117TB PUP.Adware.Heuristic C:\ProgramData\AVG_UPDATE_0816TB PUP.Adware.Heuristic C:\ProgramData\AVG_UPDATE_1016TB ***** [ Files ] ***** No malicious files found. ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious WMI found. ***** [ Shortcuts ] ***** No malicious shortcuts found. ***** [ Tasks ] ***** No malicious tasks found. ***** [ Registry ] ***** PUP.Optional.Legacy HKCU\Software\APN PIP PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} PUP.Optional.Legacy HKLM\Software\AVG Secure Search ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries found. ***** [ Chromium URLs ] ***** No malicious Chromium URLs found. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries found. ***** [ Firefox URLs ] ***** No malicious Firefox URLs found. ***** [ Hosts File Entries ] ***** No malicious hosts file entries found. ***** [ Preinstalled Software ] ***** Preinstalled.EpsonCustomerResearchParticipation Folder C:\Program Files\EPSON\EPSONCUSTOMERRESEARCHPARTICIPATION Preinstalled.EpsonCustomerResearchParticipation Folder C:\ProgramData\EPSON\EPSONCUSTOMERRESEARCHPARTICIPATION Preinstalled.EpsonCustomerResearchParticipation Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B26449A6-6007-4460-B4FE-C4776115BCEA} Preinstalled.HPCeement Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HPCeeScheduleForLori Preinstalled.HPRegistrationService Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP REGISTRATION SERVICE Preinstalled.HPRegistrationService Folder C:\ProgramData\HEWLETT-PACKARD\HP REGISTRATION SERVICE Preinstalled.HPRegistrationService Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D1E8F2D7-7794-4245-B286-87ED86C1893C} Preinstalled.HPSupportAssistant Folder C:\HP\SUPPORT Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP CUSTOMER FEEDBACK Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT INFORMATION Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT SOLUTIONS Preinstalled.HPSupportAssistant Folder C:\ProgramData\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK Preinstalled.HPSupportAssistant Folder C:\Users\Lori\AppData\Local\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK Preinstalled.HPSupportAssistant Folder C:\Users\Lori\AppData\Roaming\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK Preinstalled.HPSupportAssistant Folder C:\Windows\System32\config\systemprofile\AppData\Local\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK Preinstalled.HPSupportAssistant Registry HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} Preinstalled.HPSupportAssistant Registry HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} Preinstalled.HPSupportAssistant Registry HKLM\Software\Classes\CLSID\{335F9A62-FE4B-40CD-B4ED-BB4DE21DC95D} Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{335F9A62-FE4B-40CD-B4ED-BB4DE21DC95D} Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{C0ABBA07-B636-47B8-B9E1-BB96D7CD4831} Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{55065080-504F-43BB-BE00-36B80D7D39A5} Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{76272057-98E0-4DC4-AAC3-10C546C47195} Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{79C54A05-F146-4EA0-8A70-D4EFE6181E52} Preinstalled.HPTouchpointAnalyticsClient Folder C:\Program Files\HP\HP TOUCHPOINT ANALYTICS CLIENT Preinstalled.HPTouchpointAnalyticsClient Folder C:\ProgramData\HP\HP TOUCHPOINT ANALYTICS CLIENT Preinstalled.HPTouchpointAnalyticsClient Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F} Preinstalled.HPWelcome Folder C:\Program Files\HEWLETT-PACKARD\HP WELCOME Preinstalled.HPWelcome Folder C:\ProgramData\HEWLETT-PACKARD\HP WELCOME Preinstalled.HPWelcome Folder C:\Users\Lori\AppData\Local\HEWLETT-PACKARD\HP WELCOME Preinstalled.HPWelcome Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\HPWelcome Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDTANGENT GAMES Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGDF-hp-barbarians Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGDF-hp-cityofsteam Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGDF-hp-commandandconqueralliances Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGDF-hp-dinostorm Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGDF-hp-fringo Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGDF-hp-vegasworld Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGDF-hp-villagersandheroes ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ########## Those two texts from AdwCleaner might be the same, but I'd rather be safe than sorry! Hope this helps
  4. I could only download MWB 4.3.0 and although it was a free download it came off as "trial" 🤔 This is a weird setup.... But here are the MWB, the AdwCleaner and the logs from FRST app: (took me a while to figure out the AdwCleaner, but I hope I got the files quaranteed...) Oh, and BTW, after restarted after using the AdwCleaner, I tried to save the PNG file to my desktop, and again I got this 'permission' error: FRST: Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-01-2021 Ran by Lori (administrator) on LORIS-PC-2016 (HP 23-q214) (05-01-2021 20:31:38) Running from C:\Users\Lori\Downloads Loaded Profiles: Lori Platform: Windows 10 Home Version 1909 18363.1256 (X64) Language: English (United States) Default browser: FF Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <3> (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe (Cambridge Silicon Radio Ltd. -> ) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrAudioguiCtrl.exe (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrHCRPServer.exe (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\HarmonyUserStartup.exe (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\TrayApplication.exe (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\vksts.exe (CyberLink Corp. -> ) C:\Program Files\CyberLink\Shared files\RichVideo64.exe (CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam6\Youcam6_webcam_camera_video.exe (CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam6\YouCamService6.exe (HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki131064.inf_amd64_5d13f27a9a9843fa\igfxCUIService.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki131064.inf_amd64_5d13f27a9a9843fa\igfxEM.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki131064.inf_amd64_5d13f27a9a9843fa\IntelCpHDCPSvc.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki131064.inf_amd64_5d13f27a9a9843fa\IntelCpHeciSvc.exe (Intel(R) Software Asset Manager -> Intel Corporation) C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe (Intel(R) Software Development Products -> ) C:\Program Files (x86)\Intel\Intel RealSense Training F200\Intel RealSense F200 Tray\Intel RealSense F200 Tray.exe (Intel(R) Software Development Products -> Intel Corporation) C:\Program Files (x86)\Common Files\Intel\RSSDK\v4\bin\win32\notification_tool.exe (Intel(R) Software Development Products -> Intel(R) Corporation) C:\Program Files (x86)\Common Files\Intel\RSDCM\bin\win32\RealSenseDCM.exe (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20316.0_x64__8wekyb3d8bbwe\HxTsr.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <7> (Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\EPSON Software\PMA_A\PMAService.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\spool\drivers\x64\3\E_YATIVTE.EXE ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8790264 2016-06-28] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [117352 2021-01-04] (Avast Software s.r.o. -> AVAST Software) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3933496 2016-06-28] (Logitech -> Logitech, Inc.) HKLM\...\Run: [CsrHCRPServer] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrHCRPServer.exe [1134288 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) HKLM\...\Run: [CsrAudioguiCtrl] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrAudioguiCtrl.exe [511696 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) HKLM\...\Run: [CsrSyncMLServer] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe [244944 2012-03-22] (Cambridge Silicon Radio Ltd. -> ) HKLM\...\Run: [vksts] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\vksts.exe [25792 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) HKLM\...\Run: [HarmonyUserStartup] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\HarmonyUserStartup.exe [39128 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) HKLM\...\Run: [CSRHarmonySkypePlugin] => C:\Program Files (x86)\CSR\CSR Harmony Wireless Software Stack\CSRHarmonySkypePlugin.exe [146656 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) HKLM\...\Run: [TrayApplication] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\TrayApplication.exe [529616 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) HKLM\...\Run: [EPPCCMON] => C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE [442936 2020-10-22] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) HKLM-x32\...\Run: [PowerDVD14Agent] => C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe [795336 2015-10-01] (CyberLink Corp. -> CyberLink Corp.) HKLM-x32\...\Run: [Intel Privacy Notification Tool] => C:\Program Files (x86)\Common Files\Intel\RSSDK\v4\bin\win32\notification_tool.exe [8809160 2015-02-06] (Intel(R) Software Development Products -> Intel Corporation) HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1310720 2020-02-10] (Seiko Epson Corporation) [File not signed] HKU\S-1-5-21-4228007683-1141738225-1575848267-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32414392 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-4228007683-1141738225-1575848267-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIVTE.EXE [416896 2017-09-22] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) HKU\S-1-5-21-4228007683-1141738225-1575848267-1001\...\Run: [EPSDNMON] => "" HKLM\...\Print\Monitors\EPSON NX430 Series 64MonitorBA: C:\WINDOWS\system32\E_ILMHBA.DLL [120320 2011-04-20] (SEIKO EPSON CORPORATION) [File not signed] HKLM\...\Print\Monitors\EPSON XP-6100 Series 64MonitorBE: C:\WINDOWS\system32\E_YLMBVTE.DLL [184832 2017-07-14] (Microsoft Windows Hardware Compatibility Publisher -> Seiko Epson Corporation) HKLM\...\Print\Monitors\EpsonNet Print Port: C:\WINDOWS\system32\enppmon.dll [500736 2016-09-14] (SEIKO EPSON CORPORATION) [File not signed] HKLM\...\Print\Monitors\HCR Client Port Monitor: C:\WINDOWS\system32\csrportmon.dll [73416 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) HKLM\...\Print\Monitors\HP Universal Port Monitor: C:\WINDOWS\system32\hpbprtmon.dll [432648 2015-07-10] (Microsoft Windows Hardware Compatibility Publisher -> HP) HKLM\Software\...\Authentication\Credential Providers: [{5355DA8C-FE32-49b4-A567-A67535C86592}] -> C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BLEtokenCredentialProvider.dll [2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) HKLM\Software\...\Authentication\Credential Providers: [{FA076B7A-C331-48e2-9EE9-7683A553739E}] -> C:\Program Files (x86)\CyberLink\YouCam6\CLCredProv\x64\CLCredProv.dll [2015-08-18] (CyberLink Corp. -> CyberLink) HKLM\Software\...\Authentication\Credential Provider Filters: [{FA076B7A-C331-48e2-9EE9-7683A553739E}] -> C:\Program Files (x86)\CyberLink\YouCam6\CLCredProv\x64\CLCredProv.dll [2015-08-18] (CyberLink Corp. -> CyberLink) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk [2016-07-21] ShortcutTarget: Install LastPass FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\wruninstall.exe (Webroot Inc. -> Webroot Software, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk [2016-07-21] ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\wruninstall.exe (Webroot Inc. -> Webroot Software, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealSense Training.lnk [2015-11-30] ShortcutTarget: RealSense Training.lnk -> C:\Program Files (x86)\Intel\Intel RealSense Training F200\Intel RealSense F200 Tray\Intel RealSense F200 Tray.exe (Intel(R) Software Development Products -> ) HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION ==================== Scheduled Tasks (Whitelisted) ============ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0229B55E-4F49-4281-9F7E-FA6EABFB26FC} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1741416 2020-10-11] (Avast Software s.r.o. -> Avast Software) Task: {030284DC-1BFC-4B8A-914E-47C78C4517BB} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [1698000 2015-06-05] (Intel(R) Software -> Intel Corporation) Task: {076549A7-4084-4E33-BA8B-225B608C7AC1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe Task: {12EC784F-6688-4BAF-A16B-6FFEADB3D76F} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-06-23] (Intel(R) Software Asset Manager -> Intel Corporation) Task: {18D7F1EE-CA4A-4062-B2F8-0CE6859BEE5B} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe Task: {1A71F805-EBB1-4AFD-8EB1-4862C175D577} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [1285328 2015-06-05] (Intel(R) Software -> Intel Corporation) Task: {1B8EA02A-BB91-4370-8098-314C5BCBC326} - System32\Tasks\AdwCleaner_onReboot => C:\Users\Lori\Downloads\adwcleaner_8.0.8.exe [8447152 2021-01-05] (Malwarebytes Inc -> Malwarebytes) Task: {1EEC99ED-0968-4381-9473-787D88E5A3B0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26896568 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd) Task: {2259B0A4-6E0D-4E78-8B1B-3B511F86C532} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-19] (Microsoft Corporation -> Microsoft Corporation) Task: {28A191FC-3C70-4DC8-886D-D4A330BBA84A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Task: {2EA37342-3034-416A-8D53-BB6ECF6D2E6C} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4621920 2021-01-04] (Avast Software s.r.o. -> AVAST Software) Task: {39B8BC8A-1C6A-49E4-97A2-9D1CA81777B3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Critical Actions Pending => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Task: {3F74E2A6-AECA-4FA9-A134-1DA9EAA83583} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-19] (Microsoft Corporation -> Microsoft Corporation) Task: {4DFC645E-3A70-42DD-B421-5B5F84976E7F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [135000 2020-06-22] (HP Inc. -> HP Inc.) Task: {543A3B98-9112-45C7-99D9-6722DAEE64DD} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe Task: {60B482CF-F49D-4DA4-AD83-7FE6797EA504} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [693456 2020-12-31] (Mozilla Corporation -> Mozilla Foundation) Task: {62D68A27-BB24-481F-862A-2CCDF09FF7A0} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec-Logon => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-06-23] (Intel(R) Software Asset Manager -> Intel Corporation) Task: {651299A9-614F-4029-8FBB-8C40AEF3DFC6} - System32\Tasks\{D11EBAC0-E521-4D28-95DD-31B2D3DC6ECE} => "c:\program files (x86)\mozilla firefox\firefox.exe" https://ui.skype.com/ui/0/7.29.80.101/en/abandoninstall?page=tsProgressBar Task: {7A6E2D4A-658A-427D-AA36-AF060EEAB64D} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [116584 2020-12-31] (Microsoft Corporation -> Microsoft Corporation) Task: {7E48AE6B-945E-403E-BB87-351DC32CA6AD} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.) Task: {89D9513A-2916-4FC9-98DB-DA7ECAE1A9C2} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1149336 2020-12-31] (Microsoft Corporation -> Microsoft Corporation) Task: {8DD96450-D59B-481B-8923-E2F8FCCF670C} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION Task: {919C2468-21F2-4424-8BD4-9958A268F97E} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [511344 2015-06-19] (Dropbox, Inc -> ) Task: {93B4C331-502D-4CDC-A093-5FB4D202BBB6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.) Task: {AAAAD55D-9FDB-49AF-BC59-1B15F083CA9F} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd) Task: {AFC32CA4-9A80-4571-B590-CEFAF9D22266} - System32\Tasks\EPSON XP-6100 Series Update {38812D91-3318-4F74-A2EB-EC9CB28DB373} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSVTE.EXE [680440 2017-06-07] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) Task: {B5B006F6-2437-411D-9729-8574C0FBED28} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Task: {C6BB359A-52CE-4E33-A715-58B5F492E31D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.) Task: {CE508E84-9EFF-4E7E-BFA1-7517DA3BF9D7} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam6\YouCamService6.exe [515512 2015-08-18] (CyberLink Corp. -> CyberLink Corp.) Task: {CF617369-414B-43E7-A2AB-BD8DF6BB5C34} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe Task: {D1CC5D49-1D68-4187-8120-A675B92A5351} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe Task: {D6C560E3-4788-42C3-BF09-2E28E0BCB416} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [116584 2020-12-31] (Microsoft Corporation -> Microsoft Corporation) Task: {E30D56C5-4BB8-4BB2-8145-ED0F5A6C16D0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Critical Update Pending => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Task: {EF231F15-932A-44DC-AD3A-3DA2656CAED0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - resources updates => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\EPSON XP-6100 Series Update {38812D91-3318-4F74-A2EB-EC9CB28DB373}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSVTE.EXE:/EXE:{38812D91-3318-4F74-A2EB-EC9CB28DB373} /F:UpdateWORKGROUP\LORIS-PC-2016$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{5fc94d55-a62f-4ac2-a475-9a3a89b9e248}: [DhcpNameServer] 192.168.1.1 HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION Edge: ====== DownloadDir: C:\Users\Lori\Downloads Edge Profile: C:\Users\Lori\AppData\Local\Microsoft\Edge\User Data\Default [2021-01-03] FireFox: ======== FF DefaultProfile: 4yvy2fzf.default-1519797131404 FF ProfilePath: C:\Users\Lori\AppData\Roaming\Mozilla\Firefox\Profiles\4yvy2fzf.default-1519797131404 [2021-01-05] FF Notifications: Mozilla\Firefox\Profiles\4yvy2fzf.default-1519797131404 -> hxxps://politichatter.com FF Extension: (Facebook Container) - C:\Users\Lori\AppData\Roaming\Mozilla\Firefox\Profiles\4yvy2fzf.default-1519797131404\Extensions\@contain-facebook.xpi [2020-10-04] FF Extension: (Emoji Keyboard - Emojis For Firefox) - C:\Users\Lori\AppData\Roaming\Mozilla\Firefox\Profiles\4yvy2fzf.default-1519797131404\Extensions\@emojikeyboard.xpi [2019-09-01] FF Extension: (Cisco Webex Extension) - C:\Users\Lori\AppData\Roaming\Mozilla\Firefox\Profiles\4yvy2fzf.default-1519797131404\Extensions\ciscowebexstart1@cisco.com.xpi [2020-06-03] FF Extension: (Pinterest Save Button) - C:\Users\Lori\AppData\Roaming\Mozilla\Firefox\Profiles\4yvy2fzf.default-1519797131404\Extensions\jid1-YcMV6ngYmQRA2w@jetpack.xpi [2020-12-31] FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\Lori\AppData\Roaming\Mozilla\Firefox\Profiles\4yvy2fzf.default-1519797131404\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2020-12-31] FF Extension: (Adblock Plus - free ad blocker) - C:\Users\Lori\AppData\Roaming\Mozilla\Firefox\Profiles\4yvy2fzf.default-1519797131404\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-12-15] FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2020-04-25] [Legacy] [not signed] FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-10-11] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @webex.com/npatgpc -> C:\Program Files (x86)\Webex\npatgpc.dll [2020-04-29] (Cisco WebEx LLC -> Cisco WebEx LLC) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Users\Lori\AppData\Roaming\mozilla\plugins\npatgpc.dll [2020-04-07] Chrome: ======= CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.) R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8477080 2021-01-04] (Avast Software s.r.o. -> AVAST Software) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [621728 2021-01-04] (Avast Software s.r.o. -> AVAST Software) R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [351848 2021-01-04] (Avast Software s.r.o. -> AVAST Software) R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [58048 2021-01-04] (Avast Software s.r.o. -> AVAST Software) R2 BtSwitcherService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe [64216 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9105800 2020-12-01] (Microsoft Corporation -> Microsoft Corporation) R2 CSRBtAudioService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe [465624 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) R2 CsrBtOBEXService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe [1041616 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) R2 CsrBtService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe [825032 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) R2 Epson PMAService A; C:\Program Files (x86)\Epson Software\PMA_A\PMAService.exe [113144 2017-03-28] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [145224 2019-09-18] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379736 2020-08-20] (HP Inc. -> HP Inc.) S3 Intel(R) WiDi SAM; C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-06-23] (Intel(R) Software Asset Manager -> Intel Corporation) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-01-04] (Malwarebytes Inc -> Malwarebytes) R2 RealSenseDCM; C:\Program Files (x86)\Common Files\Intel\RSDCM\bin\win32\RealSenseDCM.exe [3663512 2015-10-15] (Intel(R) Software Development Products -> Intel(R) Corporation) R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] (CyberLink Corp. -> ) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\NisSrv.exe [2552416 2019-08-23] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WebexService; C:\Program Files (x86)\Webex\Webex\Applications\WebExService.exe [146240 2020-04-29] (Cisco WebEx LLC -> Cisco WebEx LLC) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MsMpEng.exe [108832 2019-08-23] (Microsoft Windows Publisher -> Microsoft Corporation) S2 EpsonCustomerResearchParticipation; "C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe" [X] S2 HPTouchpointAnalyticsService; "C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe" [X] ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [36792 2021-01-04] (Avast Software s.r.o. -> AVAST Software) R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [208672 2021-01-04] (Avast Software s.r.o. -> AVAST Software) R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [332880 2021-01-04] (Avast Software s.r.o. -> AVAST Software) R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [247888 2021-01-04] (Avast Software s.r.o. -> AVAST Software) R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [97360 2021-01-04] (Avast Software s.r.o. -> AVAST Software) R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16832 2021-01-04] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software) R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42424 2021-01-04] (Avast Software s.r.o. -> AVAST Software) R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [176384 2021-01-04] (Avast Software s.r.o. -> AVAST Software) R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [522480 2021-01-04] (Avast Software s.r.o. -> AVAST Software) R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108928 2021-01-04] (Avast Software s.r.o. -> AVAST Software) R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84496 2021-01-04] (Avast Software s.r.o. -> AVAST Software) R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851256 2021-01-04] (Avast Software s.r.o. -> AVAST Software) R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [469472 2021-01-04] (Avast Software s.r.o. -> AVAST Software) R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [216984 2021-01-04] (Avast Software s.r.o. -> AVAST Software) R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326064 2021-01-04] (Avast Software s.r.o. -> AVAST Software) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-09-11] (Microsoft Corporation) [File not signed] R3 clwvd6; C:\WINDOWS\System32\drivers\clwvd6.sys [41704 2013-10-28] (CyberLink Corp. -> CyberLink Corporation) S3 CsrBtPort; C:\WINDOWS\system32\DRIVERS\CsrBtPort.sys [2784968 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) S3 csrpan; C:\WINDOWS\System32\drivers\csrpan.sys [39616 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) S3 csrserial; C:\WINDOWS\system32\DRIVERS\csrserial.sys [61128 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) S3 csrusb; C:\WINDOWS\System32\Drivers\csrusb.sys [47296 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) S3 csrusbfilter; C:\WINDOWS\System32\Drivers\csrusbfilter.sys [23752 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2021-01-04] (Malwarebytes Corporation -> Malwarebytes) S3 fdrawcmd; C:\WINDOWS\system32\drivers\fdrawcmd.sys [33144 2010-04-24] (Simon Owen -> simonowen.com) R3 IntelDFUACPI; C:\WINDOWS\System32\drivers\IntelDFUACPI.sys [37888 2015-12-01] (Intel(R) Software Development Products -> Intel(R) Corporation) R3 IXCamera; C:\WINDOWS\system32\DRIVERS\RealSenseDCM.sys [72704 2015-10-15] (Intel(R) Software Development Products -> Intel(R) Corporation) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220160 2021-01-04] (Malwarebytes Inc -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-01-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [197792 2021-01-05] (Malwarebytes Inc -> Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2021-01-05] (Malwarebytes Inc -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2021-01-04] (Malwarebytes Inc -> Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [139424 2021-01-05] (Malwarebytes Inc -> Malwarebytes) R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [302808 2015-08-07] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.) S3 usbscan; C:\WINDOWS\system32\DRIVERS\usbscan.sys [49152 2019-03-18] (Microsoft Corporation) [File not signed] S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [47496 2019-08-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [344288 2019-08-23] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54496 2019-08-23] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) (All) ========= (If an entry is included in the fixlist, the file/folder will be moved.) 2021-01-05 20:31 - 2021-01-05 20:33 - 000032721 _____ C:\Users\Lori\Downloads\FRST.txt 2021-01-05 20:30 - 2021-01-05 20:32 - 000000000 ____D C:\FRST 2021-01-05 20:29 - 2021-01-05 20:29 - 002282496 _____ (Farbar) C:\Users\Lori\Downloads\FRST64.exe 2021-01-05 20:25 - 2021-01-05 20:25 - 000197792 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys 2021-01-05 20:25 - 2021-01-05 20:25 - 000139424 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2021-01-05 20:25 - 2021-01-05 20:25 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2021-01-05 20:23 - 2021-01-05 20:23 - 000003172 _____ C:\WINDOWS\system32\Tasks\AdwCleaner_onReboot 2021-01-05 20:14 - 2021-01-05 20:22 - 000000000 ____D C:\AdwCleaner 2021-01-05 20:14 - 2021-01-05 20:14 - 008447152 _____ (Malwarebytes) C:\Users\Lori\Downloads\adwcleaner_8.0.8.exe 2021-01-05 20:07 - 2021-01-05 20:07 - 002086424 _____ (Malwarebytes) C:\Users\Lori\Downloads\MBSetup(1).exe 2021-01-04 19:37 - 2021-01-04 19:37 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2021-01-04 19:37 - 2021-01-04 19:37 - 000220160 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2021-01-04 19:37 - 2021-01-04 19:37 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2021-01-04 19:37 - 2021-01-04 19:37 - 000002028 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2021-01-04 19:37 - 2021-01-04 19:37 - 000002028 _____ C:\ProgramData\Desktop\Malwarebytes.lnk 2021-01-04 19:37 - 2021-01-04 19:36 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2021-01-04 19:37 - 2021-01-04 19:36 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys 2021-01-04 19:36 - 2021-01-04 19:36 - 002086424 _____ (Malwarebytes) C:\Users\Lori\Downloads\MBSetup.exe 2021-01-04 19:32 - 2021-01-04 19:32 - 000000000 ____D C:\ProgramData\Malwarebytes 2021-01-04 19:31 - 2021-01-04 19:32 - 002086424 _____ (Malwarebytes) C:\Users\Lori\Downloads\MBSetup-092170.092170-consumer.exe 2021-01-04 18:27 - 2021-01-04 18:27 - 000340576 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe 2021-01-04 18:27 - 2021-01-04 18:27 - 000216984 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys 2021-01-03 21:47 - 2021-01-03 21:47 - 001505848 _____ (Adobe) C:\Users\Lori\Downloads\uninstall_flash_player.exe 2020-12-31 13:49 - 2020-12-31 13:49 - 005505024 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll 2020-12-31 13:49 - 2020-12-31 13:49 - 004295680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll 2020-12-31 13:49 - 2020-12-31 13:49 - 000944128 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll 2020-12-31 13:49 - 2020-12-31 13:49 - 000725504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll 2020-12-31 13:49 - 2020-12-31 13:49 - 000710144 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll 2020-12-31 13:49 - 2020-12-31 13:49 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msra.exe 2020-12-31 13:49 - 2020-12-31 13:49 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WalletService.dll 2020-12-31 13:49 - 2020-12-31 13:49 - 000409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll 2020-12-31 13:49 - 2020-12-31 13:49 - 000339456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll 2020-12-31 13:49 - 2020-12-31 13:49 - 000134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\raserver.exe 2020-12-31 13:49 - 2020-12-31 13:49 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\raserver.exe 2020-12-31 13:48 - 2020-12-31 13:48 - 025445888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 022651392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 019812352 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 018038784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 008011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 007823920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 007761408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 007297536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 007008256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 006316032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 005906944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 005770856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 005099896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 005010432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 004855808 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 004608000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 004546560 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 004348936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 004129440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 003820032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 003694392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 003635712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 003525592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 003506688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 003243096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 002948920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 002737152 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 002585592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 002495264 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 002317016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 002263296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 002230240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 002045952 _____ C:\WINDOWS\system32\rdpnano.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 001996800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 001842368 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 001693696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 001615360 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 001491160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 001459712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 001421408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 001419328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 001397576 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2020-12-31 13:48 - 2020-12-31 13:48 - 001344512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 001306624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 001285120 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 001272160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 001216512 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 001214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe 2020-12-31 13:48 - 2020-12-31 13:48 - 001151840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 001108384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 001107456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 001098728 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 001077064 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2020-12-31 13:48 - 2020-12-31 13:48 - 001057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregcmd.exe 2020-12-31 13:48 - 2020-12-31 13:48 - 001012792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 001009664 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 001000960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000987136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe 2020-12-31 13:48 - 2020-12-31 13:48 - 000952432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000894032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000892928 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000881152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000852992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000843264 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000784016 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe 2020-12-31 13:48 - 2020-12-31 13:48 - 000775480 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe 2020-12-31 13:48 - 2020-12-31 13:48 - 000774144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000743936 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000699864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000693248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000692224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000672256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000656896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000614912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\CMFNVSDeviceBridge.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000548352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000540728 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000538624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000516536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000498176 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000498176 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicRuntimes.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000473592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000453944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe 2020-12-31 13:48 - 2020-12-31 13:48 - 000431104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000406992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000405928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000403456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprdim.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000381440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000379720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000366184 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000345568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000300704 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_AnalogShell.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000281600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000257536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000233984 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloShellRuntime.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE 2020-12-31 13:48 - 2020-12-31 13:48 - 000211280 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000206848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasplap.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000200008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe 2020-12-31 13:48 - 2020-12-31 13:48 - 000199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wecsvc.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000193608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000190056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logoncli.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE 2020-12-31 13:48 - 2020-12-31 13:48 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\net1.exe 2020-12-31 13:48 - 2020-12-31 13:48 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\HoloShellRuntime.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000172352 _____ (Microsoft Corporation) C:\WINDOWS\system32\PktMon.exe 2020-12-31 13:48 - 2020-12-31 13:48 - 000171008 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys 2020-12-31 13:48 - 2020-12-31 13:48 - 000166936 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\edpcsp.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtm.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasman.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twext.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdrsvc.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe 2020-12-31 13:48 - 2020-12-31 13:48 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\net1.exe 2020-12-31 13:48 - 2020-12-31 13:48 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000136344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\omadmapi.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000135280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netid.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbnetlib.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbnetlib.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdSSDP.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wecutil.exe 2020-12-31 13:48 - 2020-12-31 13:48 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl 2020-12-31 13:48 - 2020-12-31 13:48 - 000099712 _____ (Microsoft Corporation) C:\WINDOWS\system32\FsIso.exe 2020-12-31 13:48 - 2020-12-31 13:48 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcfgutils.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000097088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PktMon.sys 2020-12-31 13:48 - 2020-12-31 13:48 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000093512 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdSSDP.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcXtrnal.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000084280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys 2020-12-31 13:48 - 2020-12-31 13:48 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe 2020-12-31 13:48 - 2020-12-31 13:48 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wecapi.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000077128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000076800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wecutil.exe 2020-12-31 13:48 - 2020-12-31 13:48 - 000073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedsbs.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unenrollhook.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wecapi.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmlocalmanagement.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gmsaclient.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\delegatorprovider.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi_passthru.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\delegatorprovider.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000021320 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi_passthru.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedssync.exe 2020-12-31 13:48 - 2020-12-31 13:48 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcXtrnal.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedssync.exe 2020-12-31 13:48 - 2020-12-31 13:48 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtprio.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll 2020-12-31 13:48 - 2020-12-31 13:48 - 000000357 _____ C:\WINDOWS\system32\DrtmAuth14.bin 2020-12-31 13:48 - 2020-12-31 13:48 - 000000357 _____ C:\WINDOWS\system32\DrtmAuth13.bin 2020-12-31 13:48 - 2020-12-31 13:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin 2020-12-31 13:48 - 2020-12-31 13:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin 2020-12-31 13:48 - 2020-12-31 13:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin 2020-12-31 13:48 - 2020-12-31 13:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin 2020-12-31 13:48 - 2020-12-31 13:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin 2020-12-31 13:48 - 2020-12-31 13:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin 2020-12-31 13:48 - 2020-12-31 13:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin 2020-12-31 13:48 - 2020-12-31 13:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin 2020-12-31 13:48 - 2020-12-31 13:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth18.bin 2020-12-31 13:48 - 2020-12-31 13:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth17.bin 2020-12-31 13:48 - 2020-12-31 13:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth16.bin 2020-12-31 13:48 - 2020-12-31 13:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth15.bin 2020-12-31 13:48 - 2020-12-31 13:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin 2020-12-31 13:48 - 2020-12-31 13:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin 2020-12-31 13:48 - 2020-12-31 13:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin 2020-12-31 13:48 - 2020-12-31 13:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin 2020-12-31 13:47 - 2020-12-31 13:47 - 009925960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2020-12-31 13:47 - 2020-12-31 13:47 - 007604592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 007274832 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 006526976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 006438400 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 006071392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 005112320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 005003824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 004565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe 2020-12-31 13:47 - 2020-12-31 13:47 - 004032776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2020-12-31 13:47 - 2020-12-31 13:47 - 003811328 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 003761664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 003741520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 003656192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 003374808 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 002993480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2020-12-31 13:47 - 2020-12-31 13:47 - 002799616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2020-12-31 13:47 - 2020-12-31 13:47 - 002777712 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 002776200 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 002695504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2020-12-31 13:47 - 2020-12-31 13:47 - 002564608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 002307072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 002147328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 002092336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 002023424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 001998936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 001991608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 001957528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 001950256 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 001916760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 001859072 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 001835520 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 001824768 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShell.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 001756600 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2020-12-31 13:47 - 2020-12-31 13:47 - 001748480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 001743688 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 001698816 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 001673568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 001668336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 001666560 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 001665192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 001653808 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 001647616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmsipc.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 001594368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 001565504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 001513360 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2020-12-31 13:47 - 2020-12-31 13:47 - 001480512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys 2020-12-31 13:47 - 2020-12-31 13:47 - 001478656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 001393968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 001385472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 001370112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 001366144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2020-12-31 13:47 - 2020-12-31 13:47 - 001307448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 001259720 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 001182248 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2020-12-31 13:47 - 2020-12-31 13:47 - 001170976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 001154968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 001101312 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 001101312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 001053120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 001048992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 001022264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvstore.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000975872 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000961024 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe 2020-12-31 13:47 - 2020-12-31 13:47 - 000960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000952320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000942104 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe 2020-12-31 13:47 - 2020-12-31 13:47 - 000935936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000911872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000899736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000894976 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000893632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000889424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000877056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe 2020-12-31 13:47 - 2020-12-31 13:47 - 000867840 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000862208 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000851768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000833336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000820224 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winipcsecproc.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000797976 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000793840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputHost.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys 2020-12-31 13:47 - 2020-12-31 13:47 - 000767984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000752040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2020-12-31 13:47 - 2020-12-31 13:47 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FlightSettings.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.FileExplorer.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000680248 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe 2020-12-31 13:47 - 2020-12-31 13:47 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000677088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe 2020-12-31 13:47 - 2020-12-31 13:47 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000634880 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000618296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000614912 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000607960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000606208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000603648 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000592936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000586552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys 2020-12-31 13:47 - 2020-12-31 13:47 - 000580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000572200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000564496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe 2020-12-31 13:47 - 2020-12-31 13:47 - 000551624 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000543360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000539136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000537656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000535064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000535040 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000531472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000527336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000518464 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe 2020-12-31 13:47 - 2020-12-31 13:47 - 000517120 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000512512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000512000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprdim.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000498176 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000492032 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000480344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000477512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS 2020-12-31 13:47 - 2020-12-31 13:47 - 000467944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000461128 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys 2020-12-31 13:47 - 2020-12-31 13:47 - 000456080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000455680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys 2020-12-31 13:47 - 2020-12-31 13:47 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000431944 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000423424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SDDS.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys 2020-12-31 13:47 - 2020-12-31 13:47 - 000398656 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000394752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskcomp.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000389952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingASDS.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000375520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000372552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys 2020-12-31 13:47 - 2020-12-31 13:47 - 000355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winipcfile.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000350208 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000344064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe 2020-12-31 13:47 - 2020-12-31 13:47 - 000332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe 2020-12-31 13:47 - 2020-12-31 13:47 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys 2020-12-31 13:47 - 2020-12-31 13:47 - 000323904 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000317952 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000309248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys 2020-12-31 13:47 - 2020-12-31 13:47 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000307200 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\RASMM.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000295936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys 2020-12-31 13:47 - 2020-12-31 13:47 - 000285568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedynos.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000260304 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoncli.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\schtasks.exe 2020-12-31 13:47 - 2020-12-31 13:47 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000247880 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000244736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpnServiceDS.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasplap.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreCommonProxyStub.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000225104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys 2020-12-31 13:47 - 2020-12-31 13:47 - 000222536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe 2020-12-31 13:47 - 2020-12-31 13:47 - 000222208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netplwiz.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000219648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMPushRouterCore.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe 2020-12-31 13:47 - 2020-12-31 13:47 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schtasks.exe 2020-12-31 13:47 - 2020-12-31 13:47 - 000205312 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSoftwareInstallationClient.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000188216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ifsutil.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasman.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\twext.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000179528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2020-12-31 13:47 - 2020-12-31 13:47 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtm.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\netid.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\diskpart.exe 2020-12-31 13:47 - 2020-12-31 13:47 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPTaskScheduler.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000165176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000164792 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000161648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaudite.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaudite.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvcext.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe 2020-12-31 13:47 - 2020-12-31 13:47 - 000149304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ulib.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000144152 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatialAudioLicenseSrv.exe 2020-12-31 13:47 - 2020-12-31 13:47 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000135280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000132424 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000131584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwbase.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000127576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\btpanui.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertPolEng.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\btpanui.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys 2020-12-31 13:47 - 2020-12-31 13:47 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000108872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcfgutils.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertPolEng.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl 2020-12-31 13:47 - 2020-12-31 13:47 - 000101704 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingFilterDS.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000094024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe 2020-12-31 13:47 - 2020-12-31 13:47 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManagerApi.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000092424 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhostw.exe 2020-12-31 13:47 - 2020-12-31 13:47 - 000090944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000089344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardDlg.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\unenrollhook.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000072824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msobjs.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\msobjs.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmlocalmanagement.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000059392 _____ C:\WINDOWS\system32\runexehelper.exe 2020-12-31 13:47 - 2020-12-31 13:47 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\amsi.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskSchdPS.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmpostprocessevaluator.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncobjapi.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000051632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel.appcore.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardBi.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scfilter.sys 2020-12-31 13:47 - 2020-12-31 13:47 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe 2020-12-31 13:47 - 2020-12-31 13:47 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\gmsaclient.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcicda.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TaskSchdPS.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys 2020-12-31 13:47 - 2020-12-31 13:47 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe 2020-12-31 13:47 - 2020-12-31 13:47 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryCore.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000024792 _____ (Microsoft Corporation) C:\WINDOWS\system32\nsi.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mciwave.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mciseq.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000020144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nsi.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsregtask.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\localui.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtprio.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll 2020-12-31 13:47 - 2020-12-31 13:47 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt 2020-12-31 13:46 - 2020-12-31 13:47 - 006196736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 017790976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 007913776 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 007846632 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 006233088 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 005284328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 004685120 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2020-12-31 13:46 - 2020-12-31 13:46 - 004471296 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 004140544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 004005888 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 003735552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 003728384 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2020-12-31 13:46 - 2020-12-31 13:46 - 003581240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2020-12-31 13:46 - 2020-12-31 13:46 - 003387904 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 003265024 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 003136512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 002985472 _____ (Microsoft Corporation) C:\WINDOWS\system32\FluencyDS.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 002872320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 002712576 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2020-12-31 13:46 - 2020-12-31 13:46 - 002656768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 002525184 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 002505496 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 002481664 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 002466296 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 002302976 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmsipc.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 002297856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 002261848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 002138112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 002125416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 002073088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 001968128 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 001952768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 001943552 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 001841152 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 001834296 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 001816528 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 001786368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 001766400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 001751552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 001746240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 001742848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 001656920 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 001632256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 001607680 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 001588224 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 001489408 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe 2020-12-31 13:46 - 2020-12-31 13:46 - 001413728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 001385704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 001286576 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe 2020-12-31 13:46 - 2020-12-31 13:46 - 001285448 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvstore.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 001282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsf3gip.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 001274128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 001184256 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 001152336 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputHost.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 001150272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe 2020-12-31 13:46 - 2020-12-31 13:46 - 001127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 001096704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 001083696 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 001075200 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskbarcpl.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 001062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 001029960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys 2020-12-31 13:46 - 2020-12-31 13:46 - 001017656 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 001014784 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000924160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000919336 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000897536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcsecproc.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000875424 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2020-12-31 13:46 - 2020-12-31 13:46 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000851968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe 2020-12-31 13:46 - 2020-12-31 13:46 - 000830976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000804168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys 2020-12-31 13:46 - 2020-12-31 13:46 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe 2020-12-31 13:46 - 2020-12-31 13:46 - 000758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000737792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000733000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000716312 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000683848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000680960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000642008 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2020-12-31 13:46 - 2020-12-31 13:46 - 000612584 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000598576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000589408 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe 2020-12-31 13:46 - 2020-12-31 13:46 - 000563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2020-12-31 13:46 - 2020-12-31 13:46 - 000544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChxAPDS.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000523216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe 2020-12-31 13:46 - 2020-12-31 13:46 - 000506368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChxHAPDS.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcfile.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000500736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000480768 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreCommonProxyStub.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChtCangjieDS.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000458056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmicmiplugin.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000455680 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChtBopomofoDS.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChtHkStrokeDS.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChsStrokeDS.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChtQuickDS.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2020-12-31 13:46 - 2020-12-31 13:46 - 000435000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys 2020-12-31 13:46 - 2020-12-31 13:46 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000425056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000415816 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe 2020-12-31 13:46 - 2020-12-31 13:46 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000390144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys 2020-12-31 13:46 - 2020-12-31 13:46 - 000374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jpndecoder.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChxDecoder.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysFxUI.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000363128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\system32\chxinputrouter.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000344064 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedynos.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000338944 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys 2020-12-31 13:46 - 2020-12-31 13:46 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MtfDecoder.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000303104 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe 2020-12-31 13:46 - 2020-12-31 13:46 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000293176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys 2020-12-31 13:46 - 2020-12-31 13:46 - 000289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\jpnranker.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiCloudStore.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\netman.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ManageCI.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000246592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys 2020-12-31 13:46 - 2020-12-31 13:46 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe 2020-12-31 13:46 - 2020-12-31 13:46 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000214848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ifsutil.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000209208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000200704 _____ C:\WINDOWS\system32\IHDS.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\diskpart.exe 2020-12-31 13:46 - 2020-12-31 13:46 - 000185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.SharedPC.CredentialProvider.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000180024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ulib.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\trie.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.System.UserProfile.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe 2020-12-31 13:46 - 2020-12-31 13:46 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe 2020-12-31 13:46 - 2020-12-31 13:46 - 000164864 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe 2020-12-31 13:46 - 2020-12-31 13:46 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MTFFuzzyDS.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000147728 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\AdvancedEmojiDS.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\VocabRoamingHandler.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinAUG.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwmdmcsp.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcDecoderHost.exe 2020-12-31 13:46 - 2020-12-31 13:46 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000127080 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\DuCsps.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerApi.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Taskbar.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\chxranker.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000117064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys 2020-12-31 13:46 - 2020-12-31 13:46 - 000116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe 2020-12-31 13:46 - 2020-12-31 13:46 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MTFSpellcheckDS.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000105272 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\HashtagDS.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000104256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChtAdvancedDS.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\MTFAppServiceDS.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\drmk.sys 2020-12-31 13:46 - 2020-12-31 13:46 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\RuleBasedDS.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpnUserService.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe 2020-12-31 13:46 - 2020-12-31 13:46 - 000088376 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\jpninputrouter.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe 2020-12-31 13:46 - 2020-12-31 13:46 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\amsi.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncobjapi.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe 2020-12-31 13:46 - 2020-12-31 13:46 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\watchdog.sys 2020-12-31 13:46 - 2020-12-31 13:46 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransliterationRanker.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel.appcore.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmojiDS.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcicda.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys 2020-12-31 13:46 - 2020-12-31 13:46 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\devauthe.sys 2020-12-31 13:46 - 2020-12-31 13:46 - 000047000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2020-12-31 13:46 - 2020-12-31 13:46 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mciwave.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys 2020-12-31 13:46 - 2020-12-31 13:46 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mciseq.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicPS.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregtask.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\bindflt.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsilog.dll 2020-12-31 13:46 - 2020-12-31 13:46 - 000016144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\drmkaud.sys 2020-12-31 13:46 - 2020-12-31 13:46 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\amsiproxy.dll 2020-12-31 13:32 - 2020-12-31 13:32 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2020-12-31 13:23 - 2020-12-31 13:24 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe 2020-12-31 13:23 - 2020-12-31 13:24 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe 2020-12-31 13:09 - 2020-12-31 13:09 - 006244920 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe 2020-12-15 19:24 - 2020-12-15 19:52 - 000000000 ____D C:\Users\Lori\Desktop\Dr Gower ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2021-01-05 20:32 - 2019-08-23 03:26 - 000935056 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-01-05 20:32 - 2019-03-18 20:52 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-01-05 20:32 - 2019-03-18 20:50 - 000000000 ____D C:\WINDOWS\INF 2021-01-05 20:31 - 2016-06-28 21:37 - 000000000 ____D C:\Users\Lori\Documents\YouCam 2021-01-05 20:28 - 2020-03-24 13:05 - 000000000 ____D C:\Users\Lori\AppData\Roaming\Messenger 2021-01-05 20:28 - 2019-02-02 23:01 - 000000000 ____D C:\ProgramData\Mozilla 2021-01-05 20:28 - 2018-01-21 08:58 - 000000000 ____D C:\Program Files\CCleaner 2021-01-05 20:28 - 2018-01-16 21:42 - 000000000 ____D C:\Users\Lori\AppData\Local\AVAST Software 2021-01-05 20:27 - 2016-11-19 10:38 - 000000000 ____D C:\Users\Lori\AppData\LocalLow\Mozilla 2021-01-05 20:26 - 2019-03-18 20:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-01-05 20:26 - 2016-06-28 21:36 - 000000000 __SHD C:\Users\Lori\IntelGraphicsProfiles 2021-01-05 20:24 - 2019-08-23 03:32 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-01-05 20:24 - 2019-03-18 20:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2021-01-05 20:23 - 2019-11-11 14:29 - 000000000 ____D C:\Program Files\EPSON 2021-01-05 20:23 - 2017-12-09 15:28 - 000000000 ____D C:\ProgramData\AVAST Software 2021-01-05 20:23 - 2017-11-25 19:32 - 000000000 ____D C:\ProgramData\HP 2021-01-05 20:23 - 2017-08-01 22:28 - 000000000 ____D C:\ProgramData\EPSON 2021-01-05 20:23 - 2016-06-28 21:39 - 000000000 ____D C:\Users\Lori\AppData\Roaming\Hewlett-Packard 2021-01-05 20:23 - 2016-06-28 21:39 - 000000000 ____D C:\Users\Lori\AppData\Local\Hewlett-Packard 2021-01-05 20:23 - 2015-11-30 17:28 - 000000000 ____D C:\Program Files\HP 2021-01-05 20:23 - 2015-11-30 17:24 - 000000000 ____D C:\ProgramData\Hewlett-Packard 2021-01-05 20:23 - 2015-11-30 17:23 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard 2021-01-05 20:23 - 2015-11-24 18:08 - 000000000 _RSHD C:\hp 2021-01-05 20:22 - 2015-11-30 17:24 - 000000000 ____D C:\Program Files\Hewlett-Packard 2021-01-05 20:14 - 2019-08-23 03:32 - 000004162 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{2FD3278C-58E1-46E2-A4FD-4E1B420984D3} 2021-01-05 19:50 - 2019-08-23 03:14 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-01-04 19:37 - 2019-03-18 20:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2021-01-04 19:13 - 2019-11-11 14:48 - 000000947 _____ C:\WINDOWS\Tasks\EPSON XP-6100 Series Update {38812D91-3318-4F74-A2EB-EC9CB28DB373}.job 2021-01-04 19:12 - 2020-07-19 15:41 - 000003408 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-01-04 19:12 - 2020-07-19 15:41 - 000003184 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2021-01-04 19:12 - 2019-11-11 14:48 - 000003500 _____ C:\WINDOWS\system32\Tasks\EPSON XP-6100 Series Update {38812D91-3318-4F74-A2EB-EC9CB28DB373} 2021-01-04 19:12 - 2019-08-23 03:32 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2021-01-04 19:12 - 2019-08-23 03:32 - 000003042 _____ C:\WINDOWS\system32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 2021-01-04 19:12 - 2019-08-23 03:32 - 000003040 _____ C:\WINDOWS\system32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec 2021-01-04 19:12 - 2019-08-23 03:32 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2021-01-04 19:12 - 2019-08-23 03:32 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4228007683-1141738225-1575848267-1001 2021-01-04 19:12 - 2019-08-23 03:32 - 000002674 _____ C:\WINDOWS\system32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec-Logon 2021-01-04 19:12 - 2019-08-23 03:32 - 000002490 _____ C:\WINDOWS\system32\Tasks\YCMServiceAgent 2021-01-04 19:12 - 2019-08-23 03:32 - 000002242 _____ C:\WINDOWS\system32\Tasks\{D11EBAC0-E521-4D28-95DD-31B2D3DC6ECE} 2021-01-04 19:12 - 2019-08-23 03:32 - 000002220 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC 2021-01-04 19:12 - 2019-08-23 03:32 - 000002172 _____ C:\WINDOWS\system32\Tasks\DropboxOEM 2021-01-04 19:12 - 2019-08-23 03:32 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software 2021-01-04 18:28 - 2019-08-23 03:32 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update 2021-01-04 18:27 - 2020-10-13 23:48 - 000176384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys 2021-01-04 18:27 - 2020-04-26 03:07 - 000522480 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys 2021-01-04 18:27 - 2019-01-19 02:26 - 000332880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys 2021-01-04 18:27 - 2019-01-05 10:17 - 000247888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys 2021-01-04 18:27 - 2019-01-05 10:17 - 000097360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys 2021-01-04 18:27 - 2019-01-05 10:17 - 000036792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys 2021-01-04 18:27 - 2018-10-10 23:00 - 000042424 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys 2021-01-04 18:27 - 2018-07-06 18:10 - 000016832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys 2021-01-04 18:27 - 2017-12-09 15:33 - 000851256 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys 2021-01-04 18:27 - 2017-12-09 15:33 - 000469472 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys 2021-01-04 18:27 - 2017-12-09 15:33 - 000326064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys 2021-01-04 18:27 - 2017-12-09 15:33 - 000208672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys 2021-01-04 18:27 - 2017-12-09 15:33 - 000108928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys 2021-01-04 18:27 - 2017-12-09 15:33 - 000084496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys 2021-01-03 21:56 - 2017-12-04 20:54 - 000000000 ___RD C:\Users\Lori\3D Objects 2021-01-03 21:56 - 2016-04-26 22:39 - 000000000 __RHD C:\Users\Public\AccountPictures 2021-01-03 21:53 - 2020-12-02 16:21 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2021-01-03 21:53 - 2019-08-23 03:14 - 000448312 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2021-01-03 21:53 - 2019-03-18 20:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2021-01-03 21:53 - 2019-03-18 20:52 - 000000000 ____D C:\WINDOWS\system32\Macromed 2021-01-03 21:53 - 2016-06-28 22:03 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2021-01-03 21:51 - 2019-03-18 20:52 - 000000000 ____D C:\WINDOWS\TextInput 2021-01-03 21:51 - 2019-03-18 20:52 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2021-01-03 21:51 - 2019-03-18 20:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2021-01-03 21:51 - 2019-03-18 20:52 - 000000000 ____D C:\WINDOWS\SystemResources 2021-01-03 21:51 - 2019-03-18 20:52 - 000000000 ____D C:\WINDOWS\system32\setup 2021-01-03 21:51 - 2019-03-18 20:52 - 000000000 ____D C:\WINDOWS\system32\oobe 2021-01-03 21:51 - 2019-03-18 20:52 - 000000000 ____D C:\WINDOWS\system32\migwiz 2021-01-03 21:51 - 2019-03-18 20:52 - 000000000 ____D C:\WINDOWS\system32\Dism 2021-01-03 21:50 - 2019-03-18 20:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2021-01-03 21:50 - 2019-03-18 20:52 - 000000000 ____D C:\WINDOWS\ShellExperiences 2021-01-03 21:50 - 2019-03-18 20:52 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2021-01-03 21:50 - 2019-03-18 20:52 - 000000000 ____D C:\WINDOWS\bcastdvr 2021-01-03 21:50 - 2019-03-18 20:52 - 000000000 ____D C:\Program Files\Windows Defender 2021-01-03 21:50 - 2019-03-18 20:52 - 000000000 ____D C:\Program Files (x86)\Windows Defender 2021-01-03 21:48 - 2016-06-28 21:36 - 000000000 ____D C:\Users\Lori\AppData\Roaming\Adobe 2020-12-31 15:17 - 2019-03-18 20:52 - 000000000 ___HD C:\Program Files\WindowsApps 2020-12-31 13:58 - 2020-08-25 22:49 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2020-12-31 13:58 - 2019-03-18 20:37 - 000000000 ____D C:\WINDOWS\CbsTemp 2020-12-31 13:56 - 2016-06-29 02:27 - 000000000 ____D C:\WINDOWS\system32\MRT 2020-12-31 13:55 - 2016-06-29 02:27 - 133736600 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2020-12-31 13:46 - 2019-08-23 03:17 - 002876928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2020-12-31 13:31 - 2016-06-28 22:03 - 000001239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2020-12-31 13:27 - 2020-07-19 15:41 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2020-12-31 13:16 - 2019-08-23 03:20 - 000002371 _____ C:\Users\Lori\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2020-12-31 13:16 - 2016-06-28 21:39 - 000000000 ___RD C:\Users\Lori\OneDrive 2020-12-31 13:16 - 2015-11-30 17:24 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2020-12-31 13:09 - 2020-10-19 21:21 - 000842296 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2020-12-31 13:09 - 2020-10-19 21:21 - 000175160 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2020-12-15 19:17 - 2016-11-27 11:01 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk ==================== Files in the root of some directories ======== 2016-07-21 20:53 - 2016-07-21 20:53 - 012964920 _____ (Webroot Software, Inc.) C:\Program Files (x86)\Common Files\wruninstall.exe ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ======================== ADDITIONAL TEXT: Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-01-2021 Ran by Lori (05-01-2021 20:35:33) Running from C:\Users\Lori\Downloads Windows 10 Home Version 1909 18363.1256 (X64) (2019-08-23 11:33:20) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-4228007683-1141738225-1575848267-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-4228007683-1141738225-1575848267-503 - Limited - Disabled) Guest (S-1-5-21-4228007683-1141738225-1575848267-501 - Limited - Disabled) Lori (S-1-5-21-4228007683-1141738225-1575848267-1001 - Administrator - Enabled) => C:\Users\Lori WDAGUtilityAccount (S-1-5-21-4228007683-1141738225-1575848267-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF} AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 4K Video Downloader 4.4 (HKLM-x32\...\{17CEAB50-0275-4D5E-9C11-CF2963C59FA1}) (Version: 4.4.6.2295 - Open Media LLC) Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated) Angel Sound (HKLM-x32\...\{8C8FC4CE-542B-48AA-9804-539A0018C419}) (Version: 5.08.03 - ) Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.10.2442 - Avast Software) BabyLock Sampler Pack (HKLM-x32\...\BabyLock Sampler Pack) (Version: - ) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) CCleaner (HKLM\...\CCleaner) (Version: 5.75 - Piriform) Cisco Webex Meetings (HKLM-x32\...\{C3900048-3967-4A30-9ACF-D50E9FEB5A48}) (Version: 40.2.18.5 - Cisco Webex LLC) CSR Harmony Wireless Software Stack (HKLM\...\{17DEA095-8EE1-49A2-AC5A-9663DB098FA9}) (Version: 2.1.63.0 - Cambridge Silicon Radio Limited.) CyberLink PhotoDirector (HKLM\...\{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.6.7006 - CyberLink Corp.) Hidden CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.6.7006 - CyberLink Corp.) CyberLink Power Media Player 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.2.5801 - CyberLink Corp.) CyberLink PowerDirector 12 (HKLM\...\{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.5.4601 - CyberLink Corp.) Hidden CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.5.4601 - CyberLink Corp.) CyberLink YouCam (HKLM-x32\...\{A9CEDD6E-4792-493e-BB35-D86D2E188A5A}) (Version: 6.0.2.4419 - CyberLink Corp.) Designer's Gallery ColorWorks (HKLM-x32\...\{EA32F7BA-60B7-43EE-AFDE-95B1CAC0B459}) (Version: - ) Designer's Gallery Studio (HKLM-x32\...\{5B466707-08E2-4FC3-8FE6-A8C07EB525BC}) (Version: - ) Designer's Gallery Studio III Version 3.12 (HKLM-x32\...\{1B2A0C4F-27FD-44E2-8BEB-C3E2139C4C18}_is1) (Version: - BriTon Leap, Inc.) Dropbox 25 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 1.0.8.2 - Dropbox, Inc.) Easy Photo Scan (HKLM-x32\...\{9E3F2EC3-7E4F-4F20-A56F-7A24D6E3D39B}) (Version: 1.00.0017 - Seiko Epson Corporation) Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company) Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.4.2 - Seiko Epson Corporation) Epson Event Manager (HKLM-x32\...\{DBC38C08-9FB5-43A5-B6BA-EB10AC7DA570}) (Version: 3.11.0053 - Seiko Epson Corporation) Epson E-Web Print (HKLM-x32\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION) Epson Print CD (HKLM-x32\...\{D16A31F9-276D-4968-A753-FFEAC56995D0}) (Version: 2.50.00 - Seiko Epson Corporation) Epson Printer Connection Checker (HKLM-x32\...\{189DE071-E0BC-4BA5-8E34-83D5ED12600B}) (Version: 3.2.0.0 - Seiko Epson Corporation) Epson ReadyInk Agent (A) (HKLM-x32\...\{A9B4584F-A29E-4880-97E6-1744B4AF2AF8}) (Version: 1.0.2.0 - Seiko Epson Corporation) Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version: - Seiko Epson Corporation) EPSON Scan OCR Component (HKLM-x32\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 3.00.04 - SEIKO EPSON Corp.) Epson ScanSmart (HKLM-x32\...\{BF35B9D9-C4A1-40DD-B13C-46F35BD35282}) (Version: 3.5.2 - Seiko Epson Corporation) Epson Software Updater (HKLM-x32\...\{28C66F35-69BF-4376-BC80-4D5F4808FF3C}) (Version: 4.6.1 - Seiko Epson Corporation) EPSON XP-6100 Series Printer Uninstall (HKLM\...\EPSON XP-6100 Series) (Version: - Seiko Epson Corporation) Epson XP-6100 User’s Guide (HKLM-x32\...\UsersGuideEpson XP-6100 User’s Guide_is1) (Version: 1.0 - Epson America, Inc.) EpsonNet Print (HKLM\...\{96ED1D58-440C-4345-8FEE-C4781366C67F}) (Version: 3.1.4.0 - SEIKO EPSON Corporation) Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP) HP ESU for Microsoft Windows 10 (HKLM-x32\...\{94D0EB60-8B2F-4A80-BA74-3D312434415F}) (Version: 11.2.2 - HP) InPixio Photo Clip 8 Demo (HKLM-x32\...\{9F45A8A5-0487-4aa6-A67E-46E103C927AD}) (Version: 8.00 - InPixio) Intel RealSense Training (HKLM-x32\...\Intel RealSense Training) (Version: 1.16 - Intel) Intel(R) Chipset Device Software (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 25.20.100.6446 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.2.1088 - Intel Corporation) Intel(R) WiDi (HKLM\...\{5DD8D7E4-87F1-4134-AD28-4228FB1A03BA}) (Version: 6.0.44.0 - Intel Corporation) Intel(R) WiDi Software Asset Manager (HKLM-x32\...\{86905E62-645F-482E-A417-82C812ABD787}) (Version: 1.1.383 - Intel Corporation) Hidden Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{64FD4757-7186-4F12-9AA8-5EE809CAB282}) (Version: 17.1.1532.1814 - Intel Corporation) Intel® PROSet/Wireless Software (HKLM-x32\...\{f8c930bd-0a68-425f-8c11-87723d1e2c97}) (Version: 20.90.0 - Intel Corporation) Intel® RealSense™ Depth Camera Manager Beta (x86): dptf_com (HKLM-x32\...\{C982EA5E-7331-11E5-ABE7-2C44FD873B55}) (Version: 2.2.0.52404 - Intel Corporation) Hidden Intel® RealSense™ Depth Camera Manager F200 (HKLM-x32\...\ARP_for_prd_dcm_runtime_1.4.27.52404) (Version: 1.4.27.52404 - Intel Corporation) Intel® RealSense™ Depth Camera Manager F200 Gold (x86): Intel® RealSense™ 3D camera IO module (HKLM-x32\...\{6C1D3280-7332-11E5-AD4E-2C44FD873B55}) (Version: 1.4.27.52404 - Intel Corporation) Hidden Intel® RealSense™ Depth Camera Manager F200 Gold (x86): Intel® RealSense™ Depth Camera Manager Service (HKLM-x32\...\{6C1D3280-7332-11E5-B485-2C44FD873B55}) (Version: 1.4.27.52404 - Intel Corporation) Hidden Intel® RealSense™ SDK 2014 Runtime (x86): Core (HKLM-x32\...\{AD1C5601-1C83-41CB-A670-7F02C1D0E72A}) (Version: 4.0.0.52526 - Intel Corporation) Hidden Intel® RealSense™ SDK 2014 Runtime (x86): Face Tracking (HKLM-x32\...\{F6B28FF3-A81A-43FC-97D3-5D0F4B69FCF9}) (Version: 4.0.0.52526 - Intel Corporation) Hidden Intel® RealSense™ SDK 2014 Runtime (x86): Face Tracking: Models (HKLM-x32\...\{657FF393-C977-470E-B1C5-8235393D3C5E}) (Version: 4.0.0.52526 - Intel Corporation) Hidden Intel® RealSense™ SDK 2014 Runtime (x86): Hand Tracking (HKLM-x32\...\{1DA11DE3-2EC9-4DB5-9254-7644AC527476}) (Version: 4.0.0.52526 - Intel Corporation) Hidden Intel® RealSense™ SDK 2014 Runtime (x86): Hand Tracking: Models (HKLM-x32\...\{00BD3B4C-3D89-42EA-9E2A-14BFC9A1E3C9}) (Version: 4.0.0.52526 - Intel Corporation) Hidden Intel® RealSense™ SDK 2014 Runtime (x86): User Notification Tool files and components (HKLM-x32\...\{D7210241-908A-487E-91C1-6E0E9766CC39}) (Version: 4.0.0.52526 - Intel Corporation) Hidden Intel® RealSense™ SDK 2014 Runtime (HKLM-x32\...\ARP_for_prd_rs_sdk_runtime_v4_4.0.0.112526) (Version: 4.0.0.112526 - Intel Corporation) Intel® RealSense™ SDK Runtime (HKLM-x32\...\ARP_for_prd_rs_sdk_runtime_v6_6.0.21.6598) (Version: 6.0.21.6598 - Intel Corporation) Intel® RealSense™ SDK Runtime Gold (x86): Core (HKLM-x32\...\{EC8ABDF0-358B-11E5-82EB-2C44FD873B55}) (Version: 6.0.21.6598 - Intel Corporation) Hidden Intel® RealSense™ SDK Runtime Gold (x86): Data Collector (HKLM-x32\...\{E3A02E00-358B-11E5-81F8-2C44FD873B55}) (Version: 6.0.21.6598 - Intel Corporation) Hidden Intel® RealSense™ SDK Runtime Gold (x86): Hand Tracking (HKLM-x32\...\{D74B980F-358B-11E5-B6FE-2C44FD873B55}) (Version: 6.0.21.6598 - Intel Corporation) Hidden Intel® RealSense™ SDK Runtime Gold (x86): Hand Tracking: Models (HKLM-x32\...\{ED5C65CF-358B-11E5-9F51-2C44FD873B55}) (Version: 6.0.21.6598 - Intel Corporation) Hidden Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes) Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.13426.20404 - Microsoft Corporation) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.66 - Microsoft Corporation) Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - ) Microsoft OneDrive (HKU\S-1-5-21-4228007683-1141738225-1575848267-1001\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23019 (HKLM-x32\...\{2883cce3-040d-45b1-a27a-07934a6d47ec}) (Version: 14.0.23019.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27027 (HKLM-x32\...\{39e28474-b67b-4209-af1b-e9ad0a83d8ca}) (Version: 14.16.27027.1 - Microsoft Corporation) Mozilla Firefox 84.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 84.0.1 (x64 en-US)) (Version: 84.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 84.0.1.7660 - Mozilla) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10240.29090 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.3.723.2015 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7673 - Realtek Semiconductor Corp.) SewIconz (HKLM\...\{D0E57EDD-E52F-49C2-91F8-38662C25B0E5}) (Version: 1.8.8 - S & S Computing) SewWhat-Pro (HKLM\...\{00A96433-8D50-416D-B023-579690127FDA}) (Version: 4.3.6 - S & S Computing) Speccy (HKLM\...\Speccy) (Version: 1.31 - Piriform) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-2) (Version: 1.0.33.0 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-3) (Version: 1.0.33.0 - LunarG, Inc.) Zoom (HKU\S-1-5-21-4228007683-1141738225-1575848267-1001\...\ZoomUMX) (Version: 5.4.3 (58891.1115) - Zoom Video Communications, Inc.) Packages: ========= Amazon -> C:\Program Files\WindowsApps\Amazon.com.Amazon_2018.519.2815.0_x64__343d40qqvtj1t [2020-02-20] (Amazon.com) Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-10] (Autodesk Inc.) Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_830.5.128.0_x64__8xx8rvfyw5nnt [2020-12-31] (Facebook Inc) [Startup Task] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-28] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-28] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-10-24] (Microsoft Studios) [MS Ad] Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-07-15] (Netflix, Inc.) Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2019-05-16] (Adobe Systems Incorporated) Simple Mahjong -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleMahjong_6.0.46.0_x64__kx24dqmazqk8j [2020-12-02] (Random Salad Games LLC) Simple Solitaire -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_7.0.0.0_x64__kx24dqmazqk8j [2020-12-15] (Random Salad Games LLC) ==================== Custom CLSID (Whitelisted): ============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-4228007683-1141738225-1575848267-1001_Classes\CLSID\{B065276E-D509-4005-A891-1805713D61E3}\InprocServer32 -> C:\Program Files\S & S Computing\SewIconz\IconExt\EmbIconExt.dll (S and S Computing -> S & S Computing) CustomCLSID: HKU\S-1-5-21-4228007683-1141738225-1575848267-1001_Classes\CLSID\{B065276E-D509-4005-A891-1805713D61E4}\InprocServer32 -> C:\Program Files\S & S Computing\SewIconz\IconExt\EmbIconExt.dll (S and S Computing -> S & S Computing) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-01-04] (Avast Software s.r.o. -> AVAST Software) ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-01-04] (Avast Software s.r.o. -> AVAST Software) ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-01-04] (Avast Software s.r.o. -> AVAST Software) ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-01-04] (Avast Software s.r.o. -> AVAST Software) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-01-04] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki131064.inf_amd64_5d13f27a9a9843fa\igfxDTCM.dll [2019-02-17] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-01-04] (Avast Software s.r.o. -> AVAST Software) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-01-04] (Malwarebytes Corporation -> Malwarebytes) ==================== Codecs (Whitelisted) ==================== ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ShortcutWithArgument: C:\Users\Lori\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\AmazonShopping.lnk -> C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe () -> hxxp://www.amazon.com/gp/bit/amazonbookmark.html?tag=hp2-desktop-us-20&partner=HP ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Priceline.com.lnk -> C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe () -> hxxp://www.priceline.com/?refid=PLHBC6240OPQ&refclickid=square ==================== Loaded Modules (Whitelisted) ============= 2019-08-23 04:03 - 2019-08-23 04:03 - 001093120 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80U.DLL 2019-08-23 04:03 - 2019-08-23 04:03 - 000057344 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\MFC80ENU.DLL 2015-12-11 16:14 - 2015-12-11 16:14 - 004968448 _____ (Seiko Epson Corporation) [File not signed] C:\Program Files\EpsonNet\EpsonNet Print\ENSTRMAPIe.dll 2011-04-19 23:03 - 2011-04-20 06:03 - 000120320 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\WINDOWS\System32\E_ILMHBA.DLL 2016-09-14 14:31 - 2016-09-14 14:31 - 000500736 ____S (SEIKO EPSON CORPORATION) [File not signed] C:\WINDOWS\System32\enppmon.dll ==================== Alternate Data Streams (Whitelisted) ======== ==================== Safe Mode (Whitelisted) ================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) ================= ==================== Internet Explorer (Whitelisted) ========== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp15-comm.msn.com/?pc=HRTE HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp15-comm.msn.com/?pc=HRTE HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE HKU\S-1-5-21-4228007683-1141738225-1575848267-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp15-comm.msn.com/?pc=HRTE HKU\S-1-5-21-4228007683-1141738225-1575848267-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE SearchScopes: HKLM -> {A7777384-5073-482B-B440-6EE162F4143B} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKLM-x32 -> {A7777384-5073-482B-B440-6EE162F4143B} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKU\S-1-5-21-4228007683-1141738225-1575848267-1001 -> {A7777384-5073-482B-B440-6EE162F4143B} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms} BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-10-11] (Microsoft Corporation -> Microsoft Corporation) BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-15] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-15] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-15] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-15] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2011-01-19] (Skype Technologies SA -> Skype Technologies) ==================== Hosts content: ========================= (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2015-07-10 03:04 - 2019-01-03 23:47 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Other Areas =========================== (Currently there is no automatic fix for this section.) HKU\S-1-5-21-4228007683-1141738225-1575848267-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Lori\Desktop\saved pics\saudisunset.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (If an entry is included in the fixlist, it will be removed.) HKLM\...\StartupApproved\Run32: => "EEventManager" ==================== FirewallRules (Whitelisted) ================ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{EADF8AE3-895D-4ABA-B2CC-6FCEAA93D2B6}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> ) FirewallRules: [{D63C1068-BDD4-4BB5-9F8C-AEB475D36144}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd) FirewallRules: [{ED4BF06F-3A20-40B3-9F19-8BBF8806CE76}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd) FirewallRules: [{E13658C7-3E22-4B77-8D5E-4B3A7E59AC08}] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe (Seiko Epson Corporation) [File not signed] FirewallRules: [{65020E0B-FE12-4781-95B4-449CF6F2BD63}] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe (Seiko Epson Corporation) [File not signed] FirewallRules: [UDP Query User{E77CE968-FF37-4A78-8D19-06ED1882E28F}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe (Seiko Epson Corporation) [File not signed] FirewallRules: [TCP Query User{DB08C49D-6C04-436D-A162-302A78A9F206}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe (Seiko Epson Corporation) [File not signed] FirewallRules: [{F9448A10-190C-426B-8B5F-0064BCF4846B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{EF90504B-68DE-4BF0-A643-7A53C5F9D57F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{2C35D708-0DDB-450D-909E-6B207851BD4F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{D6AD89BB-AD00-4EBC-9563-60324D7C26D0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{26BBA07C-371A-41CA-8987-F36D30A9B518}] => (Allow) c:\Program Files\CyberLink\PowerDirector12\PDR10.EXE => No File FirewallRules: [{8A049967-C9D2-4BAB-A331-0980EAAE4B5B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.) FirewallRules: [{50C83094-399D-417D-B01C-036CF1563747}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe (CyberLink Corp. -> CyberLink) FirewallRules: [{3DF37A9B-5156-41F6-B377-CFA54FAF76CB}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe (CyberLink Corp. -> CyberLink Corp.) FirewallRules: [{DABE66B7-2018-4ABF-895B-6FFCEA919EFF}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe (CyberLink Corp. -> CyberLink Corp.) FirewallRules: [{EF9FA0E8-0B75-4F64-80AB-FD5D9DD13418}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVD Cinema\PowerDVDCinema.exe (CyberLink Corp. -> CyberLink Corp.) FirewallRules: [{BFD23C28-BE5B-4153-8A2A-23BE40FAB844}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe => No File FirewallRules: [{AA4EB704-1F33-4150-8620-291B24713888}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiAppOld.exe => No File FirewallRules: [{208E94FB-5CA5-41F5-AAFD-9AC5AE45ED33}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\Next\WirelessDisplay.exe => No File FirewallRules: [{D99BC69B-730C-4A67-BFBB-A11DE0E5FC05}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\SmartAgentTest.exe => No File FirewallRules: [{8076C082-530C-4519-836A-18FA5B7E590F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{E550CA19-9240-4937-8C4B-93309159A997}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{3B6FE0F7-14F2-44A9-905B-C626EA056D76}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe => No File FirewallRules: [{C4DA171A-5DFB-425F-A60A-626B706E6375}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe => No File FirewallRules: [TCP Query User{2C30E041-1482-40EC-AE86-1C05733743DD}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [UDP Query User{66AC5714-66C1-4214-B38D-E471E351A14C}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{21BB9FAC-9E27-4B37-A38E-C8778EEAFF8F}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe => No File FirewallRules: [{3623BE65-3664-4B50-AAC6-14F1503ED5FC}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (Seiko Epson Corporation) [File not signed] FirewallRules: [{DEB85A22-2064-4B45-B0CF-F579ED7CBB6F}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (Seiko Epson Corporation) [File not signed] FirewallRules: [{170FA79D-036B-44BD-AEB1-B4D2212B7981}] => (Allow) E:\Network\EpsonNetSetup\ENEasyApp.exe => No File FirewallRules: [{9A8FABD3-5333-4011-8718-5AD3EF9F3B91}] => (Allow) E:\Network\EpsonNetSetup\ENEasyApp.exe => No File FirewallRules: [{AA1D3B5F-36AE-45C1-B4F2-46CF670F3FF9}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe (Seiko Epson Corporation) [File not signed] FirewallRules: [{8EC68AB5-36EE-4BA8-80D3-E7028A82F67C}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe (Seiko Epson Corporation) [File not signed] FirewallRules: [TCP Query User{A4628DBF-E5D0-4623-BC8E-50DE1345B930}C:\program files\windowsapps\facebook.317180b0bb486_420.7.119.0_x64__8xx8rvfyw5nnt\app\messenger.exe] => (Block) C:\program files\windowsapps\facebook.317180b0bb486_420.7.119.0_x64__8xx8rvfyw5nnt\app\messenger.exe => No File FirewallRules: [UDP Query User{095EBDD2-64CE-4BEE-839C-CE8ED795B659}C:\program files\windowsapps\facebook.317180b0bb486_420.7.119.0_x64__8xx8rvfyw5nnt\app\messenger.exe] => (Block) C:\program files\windowsapps\facebook.317180b0bb486_420.7.119.0_x64__8xx8rvfyw5nnt\app\messenger.exe => No File FirewallRules: [TCP Query User{FB2ACA28-4F4D-4A4F-953F-9230B7542A29}C:\program files\windowsapps\facebook.317180b0bb486_480.5.121.0_x64__8xx8rvfyw5nnt\app\messenger.exe] => (Allow) C:\program files\windowsapps\facebook.317180b0bb486_480.5.121.0_x64__8xx8rvfyw5nnt\app\messenger.exe => No File FirewallRules: [UDP Query User{57F11F6B-5E4A-41FF-B96C-6288E2BD25B8}C:\program files\windowsapps\facebook.317180b0bb486_480.5.121.0_x64__8xx8rvfyw5nnt\app\messenger.exe] => (Allow) C:\program files\windowsapps\facebook.317180b0bb486_480.5.121.0_x64__8xx8rvfyw5nnt\app\messenger.exe => No File FirewallRules: [TCP Query User{0AD40F03-B186-44EA-BC47-ABD47BA488E2}C:\program files\windowsapps\facebook.317180b0bb486_500.5.130.0_x64__8xx8rvfyw5nnt\app\messenger.exe] => (Block) C:\program files\windowsapps\facebook.317180b0bb486_500.5.130.0_x64__8xx8rvfyw5nnt\app\messenger.exe => No File FirewallRules: [UDP Query User{7632DAA6-4947-44CD-B922-4326456DAE52}C:\program files\windowsapps\facebook.317180b0bb486_500.5.130.0_x64__8xx8rvfyw5nnt\app\messenger.exe] => (Block) C:\program files\windowsapps\facebook.317180b0bb486_500.5.130.0_x64__8xx8rvfyw5nnt\app\messenger.exe => No File FirewallRules: [{C78C3D00-FF11-44CF-9D43-7F496AF936F6}] => (Allow) C:\Users\Lori\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{E184239F-6728-482F-83F6-6F6C15F17ECB}] => (Allow) C:\Users\Lori\AppData\Roaming\Zoom\bin\airhost.exe => No File FirewallRules: [{97A74C19-BB34-48D3-95DB-7BA8B09D31C3}] => (Allow) C:\Users\Lori\AppData\Roaming\Zoom\bin\airhost.exe => No File FirewallRules: [TCP Query User{F5EC0AF7-09D0-4A2F-AB05-103773F36DB5}C:\program files\windowsapps\facebook.317180b0bb486_780.5.114.0_x64__8xx8rvfyw5nnt\app\messenger.exe] => (Allow) C:\program files\windowsapps\facebook.317180b0bb486_780.5.114.0_x64__8xx8rvfyw5nnt\app\messenger.exe => No File FirewallRules: [UDP Query User{42A5F2BF-8637-417A-81FF-8D21B7BEB004}C:\program files\windowsapps\facebook.317180b0bb486_780.5.114.0_x64__8xx8rvfyw5nnt\app\messenger.exe] => (Allow) C:\program files\windowsapps\facebook.317180b0bb486_780.5.114.0_x64__8xx8rvfyw5nnt\app\messenger.exe => No File FirewallRules: [{945B924A-DA00-4966-A110-C0347B40EF00}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) ==================== Restore Points ========================= 31-12-2020 13:23:04 Windows Update 05-01-2021 20:22:20 AdwCleaner_BeforeCleaning_05/01/2021_20:22:20 ==================== Faulty Device Manager Devices ============ ==================== Event log errors: ======================== Application errors: ================== Error: (01/05/2021 08:37:39 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (3512,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (01/05/2021 08:24:02 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress. . Error: (01/05/2021 08:24:02 PM) (Source: VSS) (EventID: 13) (User: ) Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress. ] Error: (01/05/2021 08:24:01 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress. . Error: (01/05/2021 08:24:01 PM) (Source: VSS) (EventID: 13) (User: ) Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress. ] Error: (01/05/2021 08:19:14 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (13364,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (01/05/2021 08:12:07 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (2272,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (01/05/2021 08:01:56 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (14524,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. System errors: ============= Error: (01/05/2021 08:27:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The HP Touchpoint Analytics service failed to start due to the following error: The system cannot find the file specified. Error: (01/05/2021 08:25:25 PM) (Source: BTHUSB) (EventID: 16) (User: ) Description: The mutual authentication between the local Bluetooth adapter and a device with Bluetooth adapter address (68:5a:cf:b6:18:9b) failed. Error: (01/05/2021 08:25:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The EpsonCustomerResearchParticipation service failed to start due to the following error: The system cannot find the file specified. Error: (01/05/2021 08:24:28 PM) (Source: Application Popup) (EventID: 56) (User: ) Description: ACPI5 Error: (01/05/2021 08:24:05 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY) Description: WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\WINDOWS\system32\IntelIHVRouter04.dll Error: (01/05/2021 08:24:05 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY) Description: WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\WINDOWS\system32\IntelIHVRouter04.dll Error: (01/05/2021 08:23:49 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY) Description: WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\WINDOWS\system32\IntelIHVRouter04.dll Error: (01/05/2021 08:23:02 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The HP Software Framework Service service terminated unexpectedly. It has done this 1 time(s). Windows Defender: =================================== Date: 2019-08-25 00:01:18.674 Description: Windows Defender Antivirus has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:JS/CoinHive.A&threatid=2147729066&enterprise=0 Name: Trojan:JS/CoinHive.A ID: 2147729066 Severity: Severe Category: Trojan Path: file:_C:\ProgramData\AVAST Software\Avast\report\WebShield.txt Detection Origin: Local machine Detection Type: Concrete Detection Source: Real-Time Protection Process Name: C:\Program Files\AVAST Software\Avast\AvastSvc.exe Security intelligence Version: AV: 1.299.2771.0, AS: 1.299.2771.0, NIS: 1.299.2771.0 Engine Version: AM: 1.1.16200.1, NIS: 1.1.16200.1 CodeIntegrity: =================================== Date: 2021-01-05 20:31:49.233 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements. Date: 2021-01-05 20:31:49.213 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements. Date: 2021-01-05 20:31:49.185 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements. Date: 2021-01-05 20:30:41.881 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\AVAST Software\Avast\AvastSvc.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\setup\uat_3384.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2021-01-05 20:26:35.579 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements. Date: 2021-01-05 20:26:35.554 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements. Date: 2021-01-05 20:26:34.606 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements. Date: 2021-01-05 20:26:34.583 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements. ==================== Memory info =========================== BIOS: AMI A0.06 12/24/2015 Motherboard: HP 2B45 Processor: Intel(R) Core(TM) i3-6100T CPU @ 3.20GHz Percentage of memory in use: 57% Total physical RAM: 8052.34 MB Available physical RAM: 3442.58 MB Total Virtual: 14465.89 MB Available Virtual: 9806.74 MB ==================== Drives ================================ Drive 😄 (Windows) (Fixed) (Total:909.34 GB) (Free:832.58 GB) NTFS Drive d: (Recovery Image) (Fixed) (Total:20.88 GB) (Free:2.69 GB) NTFS ==>[system with boot components (obtained from drive)] \\?\Volume{4dbfc245-6c45-49b9-9819-7865e125a711}\ () (Fixed) (Total:0.81 GB) (Free:0.37 GB) NTFS \\?\Volume{838e1644-4804-4593-8331-308742b12af2}\ (SYSTEM) (Fixed) (Total:0.35 GB) (Free:0.27 GB) FAT32 ==================== MBR & Partition Table ==================== ========================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: AC914425) Partition: GPT. ==================== End of Addition.txt =======================
  5. PS.. there has to be a way to edit my OP... I have Windows 10 if anyone wants to know....
  6. I've tried to take back control of permissions of my own computer and I'm its administrator as well. All was well until I tried to delete a file and noticed "TrustedInstaller" in the error message denying my access to delete a file. So I've tried to change permissions, but I was missing one part of the change that doesn't allow to me fully change. So while I researched a way to remove TrustedInstaller, I found out it was a malware??? Thinking back, I realized I was missing Malwarebyte app on my desktop and don't remember uninstalling it. I don't use my computer as much~ once or twice a month. And I was wondering why my computer was slightly slow in the past month or so. I also have the CCleaner app as well as Avast Antivirus. After I reinstalled Malwarebyte, I scanned my computer, and TrustedInstaller did not pop out as a malware. (However, I tried to locate the TrustedInstaller via the C drive, did NOT show up at all!) Very strange as I've noticed that my permissions were not allowing me access to any files in the past month or so. I went to this website Reimage to talk about removing TrustedInstaller by using its app, but when I tried to download the app, Malwarebyte says it's a malicious site (yikes) Heads up on this site: https://www.2-spyware.com/review-reimage.html So now what? Remove TrustedInstaller by safe mode? System Restore? Ok, here's the website I found in hopes that I can uninstall this virus: https://sensorstechforum.com/remove-trustedinstaller-exe-virus/ question is the SpyHunter app safe to use? Would appreciate some help! TIA! lilmama
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.