TrustedInstaller removal~ what's the best way?

[lilmama59]

I've tried to take back control of permissions of my own computer and I'm its administrator as well.  All was well until I tried to delete a file and noticed "TrustedInstaller" in the error message denying my access to delete a file.  So I've tried to change permissions, but I was missing one part of the change that doesn't allow to me fully change. 

So while I researched a way to remove TrustedInstaller, I found out it was a malware???  Thinking back, I realized I was missing Malwarebyte app on my desktop and don't remember uninstalling it. I don't use my computer as much~ once or twice a month. And I was wondering why my computer was slightly slow in the past month or so.   I also have the CCleaner app as well as Avast Antivirus.
After I reinstalled Malwarebyte, I scanned my computer, and TrustedInstaller did not pop out as a malware. (However, I tried to locate the TrustedInstaller via the C drive, did NOT show up at all!)  Very strange as I've noticed that my permissions were not allowing me access to any files in the past month or so. 

I went to this website Reimage to talk about removing TrustedInstaller by using its app, but when I tried to download the app, Malwarebyte says it's a malicious site (yikes)  Heads up on this site:
https://www.2-spyware.com/review-reimage.html 

So now what? Remove TrustedInstaller by safe mode?  System Restore? 
Ok, here's the website I found in hopes that I can uninstall this virus: https://sensorstechforum.com/remove-trustedinstaller-exe-virus/
question is the SpyHunter app safe to use? 

Would appreciate some help!  TIA!
lilmama

 

[lilmama59]

PS.. there has to be a way to edit my OP...  I have Windows 10 if anyone wants to know....

[kevinf80]

Hello lilmama59 and welcome to Malwarebytes, Continue with the following: If you do not have Malwarebytes installed do the following: Download Malwarebytes version 4 from the following link: https://www.malwarebytes.com/mwb-download/thankyou/ Double click on the installer and follow the prompts. When the install completes or Malwarebytes is already installed do the following: Open Malwarebytes, select > small cog wheel top right hand corner, that will open "settings" from there select "Security" tab. Scroll down to "Scan Options" ensure Scan for Rootkits and Scan within Archives are both on.... Clsoe out the settings window, this will take you back to "DashBoard" select the Blue "Scan Now" tab...... When the scan completes quarantine any found entries... To get the log from Malwarebytes do the following:   Click on the Detection History tab > from main interface. Then click on "History" that will open to a historical list Double click on the Scan log which shows the Date and time of the scan just performed. Click Export > From export you have two options: Copy to Clipboard - if seleted right click to your reply and select "Paste" log will be pasted to your reply Text file (*.txt) - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply   Please use "Copy to Clipboard, then Right click to your reply > select "Paste" that will copy the log to your reply… Next, Download AdwCleaner by Malwarebytes onto your Desktop. Or from this Mirror   Right-click on AdwCleaner.exe and select http://i.imgur.com/Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users) Accept the EULA (I accept), then click on Scan Let the scan complete. Once it's done, make sure that every item listed in the different tabs is checked and click on the Quarantine button. This will kill all the active processes Once the cleaning process is complete, AdwCleaner will ask to restart your computer, do it After the restart, a log will open when logging in. Please copy/paste the content of that log in your next reply Next, Download Farbar Recovery Scan Tool and save it to your desktop. Alternative download option: http://www.techspot.com/downloads/6731-farbar-recovery-scan-tool.html Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version. If your security alerts to FRST either, accept the alert or turn your security off to allow FRST to run. It is not malicious or infected in any way... Be aware FRST must be run from an account with Administrator status...   Double-click to run it. When the tool opens click Yes to disclaimer.(Windows 8/10 users will be prompted about Windows SmartScreen protection - click More information and Run.) Make sure Addition.txt is checkmarked under "Optional scans"   Press Scan button to run the tool.... It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply. The tool will also make a log named (Addition.txt) Please attach that log to your reply. Let me see those logs in your reply... Thank you, Kevin....

[lilmama59]

 

I could only download MWB 4.3.0 and although it was a free download it came off as "trial"  🤔  This is a weird setup....
But here are the MWB, the AdwCleaner and the logs from FRST app:
(took me a while to figure out the AdwCleaner, but I hope I got the files quaranteed...)


Oh, and BTW, after restarted after using the AdwCleaner, I tried to save the PNG file to my desktop, and again I got this 'permission' error:

 

 

 

FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-01-2021
Ran by Lori (administrator) on LORIS-PC-2016 (HP 23-q214) (05-01-2021 20:31:38)
Running from C:\Users\Lori\Downloads
Loaded Profiles: Lori
Platform: Windows 10 Home Version 1909 18363.1256 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <3>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Cambridge Silicon Radio Ltd. -> ) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrAudioguiCtrl.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrHCRPServer.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\HarmonyUserStartup.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\TrayApplication.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\vksts.exe
(CyberLink Corp. -> ) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam6\Youcam6_webcam_camera_video.exe
(CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam6\YouCamService6.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki131064.inf_amd64_5d13f27a9a9843fa\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki131064.inf_amd64_5d13f27a9a9843fa\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki131064.inf_amd64_5d13f27a9a9843fa\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki131064.inf_amd64_5d13f27a9a9843fa\IntelCpHeciSvc.exe
(Intel(R) Software Asset Manager -> Intel Corporation) C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe
(Intel(R) Software Development Products -> ) C:\Program Files (x86)\Intel\Intel RealSense Training F200\Intel RealSense F200 Tray\Intel RealSense F200 Tray.exe
(Intel(R) Software Development Products -> Intel Corporation) C:\Program Files (x86)\Common Files\Intel\RSSDK\v4\bin\win32\notification_tool.exe
(Intel(R) Software Development Products -> Intel(R) Corporation) C:\Program Files (x86)\Common Files\Intel\RSDCM\bin\win32\RealSenseDCM.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20316.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <7>
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\EPSON Software\PMA_A\PMAService.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\spool\drivers\x64\3\E_YATIVTE.EXE

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8790264 2016-06-28] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [117352 2021-01-04] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3933496 2016-06-28] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [CsrHCRPServer] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrHCRPServer.exe [1134288 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [CsrAudioguiCtrl] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrAudioguiCtrl.exe [511696 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [CsrSyncMLServer] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe [244944 2012-03-22] (Cambridge Silicon Radio Ltd. -> )
HKLM\...\Run: [vksts] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\vksts.exe [25792 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [HarmonyUserStartup] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\HarmonyUserStartup.exe [39128 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [CSRHarmonySkypePlugin] => C:\Program Files (x86)\CSR\CSR Harmony Wireless Software Stack\CSRHarmonySkypePlugin.exe [146656 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [TrayApplication] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\TrayApplication.exe [529616 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [EPPCCMON] => C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE [442936 2020-10-22] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKLM-x32\...\Run: [PowerDVD14Agent] => C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe [795336 2015-10-01] (CyberLink Corp. -> CyberLink Corp.)
HKLM-x32\...\Run: [Intel Privacy Notification Tool] => C:\Program Files (x86)\Common Files\Intel\RSSDK\v4\bin\win32\notification_tool.exe [8809160 2015-02-06] (Intel(R) Software Development Products -> Intel Corporation)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1310720 2020-02-10] (Seiko Epson Corporation) [File not signed]
HKU\S-1-5-21-4228007683-1141738225-1575848267-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32414392 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-4228007683-1141738225-1575848267-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIVTE.EXE [416896 2017-09-22] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-4228007683-1141738225-1575848267-1001\...\Run: [EPSDNMON] => ""
HKLM\...\Print\Monitors\EPSON NX430 Series 64MonitorBA: C:\WINDOWS\system32\E_ILMHBA.DLL [120320 2011-04-20] (SEIKO EPSON CORPORATION) [File not signed]
HKLM\...\Print\Monitors\EPSON XP-6100 Series 64MonitorBE: C:\WINDOWS\system32\E_YLMBVTE.DLL [184832 2017-07-14] (Microsoft Windows Hardware Compatibility Publisher -> Seiko Epson Corporation)
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\WINDOWS\system32\enppmon.dll [500736 2016-09-14] (SEIKO EPSON CORPORATION) [File not signed]
HKLM\...\Print\Monitors\HCR Client Port Monitor: C:\WINDOWS\system32\csrportmon.dll [73416 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Print\Monitors\HP Universal Port Monitor: C:\WINDOWS\system32\hpbprtmon.dll [432648 2015-07-10] (Microsoft Windows Hardware Compatibility Publisher -> HP)
HKLM\Software\...\Authentication\Credential Providers: [{5355DA8C-FE32-49b4-A567-A67535C86592}] -> C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BLEtokenCredentialProvider.dll [2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\Software\...\Authentication\Credential Providers: [{FA076B7A-C331-48e2-9EE9-7683A553739E}] -> C:\Program Files (x86)\CyberLink\YouCam6\CLCredProv\x64\CLCredProv.dll [2015-08-18] (CyberLink Corp. -> CyberLink)
HKLM\Software\...\Authentication\Credential Provider Filters: [{FA076B7A-C331-48e2-9EE9-7683A553739E}] -> C:\Program Files (x86)\CyberLink\YouCam6\CLCredProv\x64\CLCredProv.dll [2015-08-18] (CyberLink Corp. -> CyberLink)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk [2016-07-21]
ShortcutTarget: Install LastPass FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\wruninstall.exe (Webroot Inc. -> Webroot Software, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk [2016-07-21]
ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\wruninstall.exe (Webroot Inc. -> Webroot Software, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealSense Training.lnk [2015-11-30]
ShortcutTarget: RealSense Training.lnk -> C:\Program Files (x86)\Intel\Intel RealSense Training F200\Intel RealSense F200 Tray\Intel RealSense F200 Tray.exe (Intel(R) Software Development Products -> )
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0229B55E-4F49-4281-9F7E-FA6EABFB26FC} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1741416 2020-10-11] (Avast Software s.r.o. -> Avast Software)
Task: {030284DC-1BFC-4B8A-914E-47C78C4517BB} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [1698000 2015-06-05] (Intel(R) Software -> Intel Corporation)
Task: {076549A7-4084-4E33-BA8B-225B608C7AC1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
Task: {12EC784F-6688-4BAF-A16B-6FFEADB3D76F} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-06-23] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {18D7F1EE-CA4A-4062-B2F8-0CE6859BEE5B} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe
Task: {1A71F805-EBB1-4AFD-8EB1-4862C175D577} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [1285328 2015-06-05] (Intel(R) Software -> Intel Corporation)
Task: {1B8EA02A-BB91-4370-8098-314C5BCBC326} - System32\Tasks\AdwCleaner_onReboot => C:\Users\Lori\Downloads\adwcleaner_8.0.8.exe [8447152 2021-01-05] (Malwarebytes Inc -> Malwarebytes)
Task: {1EEC99ED-0968-4381-9473-787D88E5A3B0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26896568 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {2259B0A4-6E0D-4E78-8B1B-3B511F86C532} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {28A191FC-3C70-4DC8-886D-D4A330BBA84A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {2EA37342-3034-416A-8D53-BB6ECF6D2E6C} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4621920 2021-01-04] (Avast Software s.r.o. -> AVAST Software)
Task: {39B8BC8A-1C6A-49E4-97A2-9D1CA81777B3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Critical Actions Pending => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {3F74E2A6-AECA-4FA9-A134-1DA9EAA83583} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {4DFC645E-3A70-42DD-B421-5B5F84976E7F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [135000 2020-06-22] (HP Inc. -> HP Inc.)
Task: {543A3B98-9112-45C7-99D9-6722DAEE64DD} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {60B482CF-F49D-4DA4-AD83-7FE6797EA504} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [693456 2020-12-31] (Mozilla Corporation -> Mozilla Foundation)
Task: {62D68A27-BB24-481F-862A-2CCDF09FF7A0} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec-Logon => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-06-23] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {651299A9-614F-4029-8FBB-8C40AEF3DFC6} - System32\Tasks\{D11EBAC0-E521-4D28-95DD-31B2D3DC6ECE} => "c:\program files (x86)\mozilla firefox\firefox.exe" https://ui.skype.com/ui/0/7.29.80.101/en/abandoninstall?page=tsProgressBar
Task: {7A6E2D4A-658A-427D-AA36-AF060EEAB64D} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [116584 2020-12-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {7E48AE6B-945E-403E-BB87-351DC32CA6AD} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {89D9513A-2916-4FC9-98DB-DA7ECAE1A9C2} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1149336 2020-12-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {8DD96450-D59B-481B-8923-E2F8FCCF670C} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {919C2468-21F2-4424-8BD4-9958A268F97E} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [511344 2015-06-19] (Dropbox, Inc -> )
Task: {93B4C331-502D-4CDC-A093-5FB4D202BBB6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {AAAAD55D-9FDB-49AF-BC59-1B15F083CA9F} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {AFC32CA4-9A80-4571-B590-CEFAF9D22266} - System32\Tasks\EPSON XP-6100 Series Update {38812D91-3318-4F74-A2EB-EC9CB28DB373} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSVTE.EXE [680440 2017-06-07] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Task: {B5B006F6-2437-411D-9729-8574C0FBED28} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {C6BB359A-52CE-4E33-A715-58B5F492E31D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {CE508E84-9EFF-4E7E-BFA1-7517DA3BF9D7} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam6\YouCamService6.exe [515512 2015-08-18] (CyberLink Corp. -> CyberLink Corp.)
Task: {CF617369-414B-43E7-A2AB-BD8DF6BB5C34} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
Task: {D1CC5D49-1D68-4187-8120-A675B92A5351} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe
Task: {D6C560E3-4788-42C3-BF09-2E28E0BCB416} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [116584 2020-12-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {E30D56C5-4BB8-4BB2-8145-ED0F5A6C16D0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Critical Update Pending => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {EF231F15-932A-44DC-AD3A-3DA2656CAED0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - resources updates => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\EPSON XP-6100 Series Update {38812D91-3318-4F74-A2EB-EC9CB28DB373}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSVTE.EXE:/EXE:{38812D91-3318-4F74-A2EB-EC9CB28DB373} /F:UpdateWORKGROUP\LORIS-PC-2016$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{5fc94d55-a62f-4ac2-a475-9a3a89b9e248}: [DhcpNameServer] 192.168.1.1
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION

Edge:
======
DownloadDir: C:\Users\Lori\Downloads
Edge Profile: C:\Users\Lori\AppData\Local\Microsoft\Edge\User Data\Default [2021-01-03]

FireFox:
========
FF DefaultProfile: 4yvy2fzf.default-1519797131404
FF ProfilePath: C:\Users\Lori\AppData\Roaming\Mozilla\Firefox\Profiles\4yvy2fzf.default-1519797131404 [2021-01-05]
FF Notifications: Mozilla\Firefox\Profiles\4yvy2fzf.default-1519797131404 -> hxxps://politichatter.com
FF Extension: (Facebook Container) - C:\Users\Lori\AppData\Roaming\Mozilla\Firefox\Profiles\4yvy2fzf.default-1519797131404\Extensions\@contain-facebook.xpi [2020-10-04]
FF Extension: (Emoji Keyboard - Emojis For Firefox) - C:\Users\Lori\AppData\Roaming\Mozilla\Firefox\Profiles\4yvy2fzf.default-1519797131404\Extensions\@emojikeyboard.xpi [2019-09-01]
FF Extension: (Cisco Webex Extension) - C:\Users\Lori\AppData\Roaming\Mozilla\Firefox\Profiles\4yvy2fzf.default-1519797131404\Extensions\ciscowebexstart1@cisco.com.xpi [2020-06-03]
FF Extension: (Pinterest Save Button) - C:\Users\Lori\AppData\Roaming\Mozilla\Firefox\Profiles\4yvy2fzf.default-1519797131404\Extensions\jid1-YcMV6ngYmQRA2w@jetpack.xpi [2020-12-31]
FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\Lori\AppData\Roaming\Mozilla\Firefox\Profiles\4yvy2fzf.default-1519797131404\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2020-12-31]
FF Extension: (Adblock Plus - free ad blocker) - C:\Users\Lori\AppData\Roaming\Mozilla\Firefox\Profiles\4yvy2fzf.default-1519797131404\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-12-15]
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2020-04-25] [Legacy] [not signed]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-10-11] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @webex.com/npatgpc -> C:\Program Files (x86)\Webex\npatgpc.dll [2020-04-29] (Cisco WebEx LLC -> Cisco WebEx LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Lori\AppData\Roaming\mozilla\plugins\npatgpc.dll [2020-04-07]

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8477080 2021-01-04] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [621728 2021-01-04] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [351848 2021-01-04] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [58048 2021-01-04] (Avast Software s.r.o. -> AVAST Software)
R2 BtSwitcherService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe [64216 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9105800 2020-12-01] (Microsoft Corporation -> Microsoft Corporation)
R2 CSRBtAudioService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe [465624 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R2 CsrBtOBEXService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe [1041616 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R2 CsrBtService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe [825032 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R2 Epson PMAService A; C:\Program Files (x86)\Epson Software\PMA_A\PMAService.exe [113144 2017-03-28] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [145224 2019-09-18] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379736 2020-08-20] (HP Inc. -> HP Inc.)
S3 Intel(R) WiDi SAM; C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-06-23] (Intel(R) Software Asset Manager -> Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-01-04] (Malwarebytes Inc -> Malwarebytes)
R2 RealSenseDCM; C:\Program Files (x86)\Common Files\Intel\RSDCM\bin\win32\RealSenseDCM.exe [3663512 2015-10-15] (Intel(R) Software Development Products -> Intel(R) Corporation)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] (CyberLink Corp. -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\NisSrv.exe [2552416 2019-08-23] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WebexService; C:\Program Files (x86)\Webex\Webex\Applications\WebExService.exe [146240 2020-04-29] (Cisco WebEx LLC -> Cisco WebEx LLC)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MsMpEng.exe [108832 2019-08-23] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 EpsonCustomerResearchParticipation; "C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe" [X]
S2 HPTouchpointAnalyticsService; "C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [36792 2021-01-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [208672 2021-01-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [332880 2021-01-04] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [247888 2021-01-04] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [97360 2021-01-04] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16832 2021-01-04] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42424 2021-01-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [176384 2021-01-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [522480 2021-01-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108928 2021-01-04] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84496 2021-01-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851256 2021-01-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [469472 2021-01-04] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [216984 2021-01-04] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326064 2021-01-04] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-09-11] (Microsoft Corporation) [File not signed]
R3 clwvd6; C:\WINDOWS\System32\drivers\clwvd6.sys [41704 2013-10-28] (CyberLink Corp. -> CyberLink Corporation)
S3 CsrBtPort; C:\WINDOWS\system32\DRIVERS\CsrBtPort.sys [2784968 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 csrpan; C:\WINDOWS\System32\drivers\csrpan.sys [39616 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 csrserial; C:\WINDOWS\system32\DRIVERS\csrserial.sys [61128 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 csrusb; C:\WINDOWS\System32\Drivers\csrusb.sys [47296 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 csrusbfilter; C:\WINDOWS\System32\Drivers\csrusbfilter.sys [23752 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2021-01-04] (Malwarebytes Corporation -> Malwarebytes)
S3 fdrawcmd; C:\WINDOWS\system32\drivers\fdrawcmd.sys [33144 2010-04-24] (Simon Owen -> simonowen.com)
R3 IntelDFUACPI; C:\WINDOWS\System32\drivers\IntelDFUACPI.sys [37888 2015-12-01] (Intel(R) Software Development Products -> Intel(R) Corporation)
R3 IXCamera; C:\WINDOWS\system32\DRIVERS\RealSenseDCM.sys [72704 2015-10-15] (Intel(R) Software Development Products -> Intel(R) Corporation)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220160 2021-01-04] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-01-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [197792 2021-01-05] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2021-01-05] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2021-01-04] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [139424 2021-01-05] (Malwarebytes Inc -> Malwarebytes)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [302808 2015-08-07] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
S3 usbscan; C:\WINDOWS\system32\DRIVERS\usbscan.sys [49152 2019-03-18] (Microsoft Corporation) [File not signed]
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [47496 2019-08-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [344288 2019-08-23] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54496 2019-08-23] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (All) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-05 20:31 - 2021-01-05 20:33 - 000032721 _____ C:\Users\Lori\Downloads\FRST.txt
2021-01-05 20:30 - 2021-01-05 20:32 - 000000000 ____D C:\FRST
2021-01-05 20:29 - 2021-01-05 20:29 - 002282496 _____ (Farbar) C:\Users\Lori\Downloads\FRST64.exe
2021-01-05 20:25 - 2021-01-05 20:25 - 000197792 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-01-05 20:25 - 2021-01-05 20:25 - 000139424 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-01-05 20:25 - 2021-01-05 20:25 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-01-05 20:23 - 2021-01-05 20:23 - 000003172 _____ C:\WINDOWS\system32\Tasks\AdwCleaner_onReboot
2021-01-05 20:14 - 2021-01-05 20:22 - 000000000 ____D C:\AdwCleaner
2021-01-05 20:14 - 2021-01-05 20:14 - 008447152 _____ (Malwarebytes) C:\Users\Lori\Downloads\adwcleaner_8.0.8.exe
2021-01-05 20:07 - 2021-01-05 20:07 - 002086424 _____ (Malwarebytes) C:\Users\Lori\Downloads\MBSetup(1).exe
2021-01-04 19:37 - 2021-01-04 19:37 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-01-04 19:37 - 2021-01-04 19:37 - 000220160 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-01-04 19:37 - 2021-01-04 19:37 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-01-04 19:37 - 2021-01-04 19:37 - 000002028 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-01-04 19:37 - 2021-01-04 19:37 - 000002028 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2021-01-04 19:37 - 2021-01-04 19:36 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-01-04 19:37 - 2021-01-04 19:36 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-01-04 19:36 - 2021-01-04 19:36 - 002086424 _____ (Malwarebytes) C:\Users\Lori\Downloads\MBSetup.exe
2021-01-04 19:32 - 2021-01-04 19:32 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-01-04 19:31 - 2021-01-04 19:32 - 002086424 _____ (Malwarebytes) C:\Users\Lori\Downloads\MBSetup-092170.092170-consumer.exe
2021-01-04 18:27 - 2021-01-04 18:27 - 000340576 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-01-04 18:27 - 2021-01-04 18:27 - 000216984 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-01-03 21:47 - 2021-01-03 21:47 - 001505848 _____ (Adobe) C:\Users\Lori\Downloads\uninstall_flash_player.exe
2020-12-31 13:49 - 2020-12-31 13:49 - 005505024 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2020-12-31 13:49 - 2020-12-31 13:49 - 004295680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2020-12-31 13:49 - 2020-12-31 13:49 - 000944128 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2020-12-31 13:49 - 2020-12-31 13:49 - 000725504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2020-12-31 13:49 - 2020-12-31 13:49 - 000710144 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2020-12-31 13:49 - 2020-12-31 13:49 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msra.exe
2020-12-31 13:49 - 2020-12-31 13:49 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WalletService.dll
2020-12-31 13:49 - 2020-12-31 13:49 - 000409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2020-12-31 13:49 - 2020-12-31 13:49 - 000339456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2020-12-31 13:49 - 2020-12-31 13:49 - 000134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\raserver.exe
2020-12-31 13:49 - 2020-12-31 13:49 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\raserver.exe
2020-12-31 13:48 - 2020-12-31 13:48 - 025445888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 022651392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 019812352 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 018038784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 008011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 007823920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 007761408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 007297536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 007008256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 006316032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 005906944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 005770856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 005099896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 005010432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 004855808 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 004608000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 004546560 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 004348936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 004129440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 003820032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 003694392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 003635712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 003525592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 003506688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 003243096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 002948920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 002737152 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 002585592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 002495264 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 002317016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 002263296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 002230240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 002045952 _____ C:\WINDOWS\system32\rdpnano.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 001996800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 001842368 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 001693696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 001615360 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 001491160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 001459712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 001421408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 001419328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 001397576 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-12-31 13:48 - 2020-12-31 13:48 - 001344512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 001306624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 001285120 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 001272160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 001216512 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 001214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe
2020-12-31 13:48 - 2020-12-31 13:48 - 001151840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 001108384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 001107456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 001098728 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 001077064 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-12-31 13:48 - 2020-12-31 13:48 - 001057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregcmd.exe
2020-12-31 13:48 - 2020-12-31 13:48 - 001012792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 001009664 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 001000960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000987136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2020-12-31 13:48 - 2020-12-31 13:48 - 000952432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000894032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000892928 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000881152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000852992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000843264 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000784016 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-12-31 13:48 - 2020-12-31 13:48 - 000775480 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2020-12-31 13:48 - 2020-12-31 13:48 - 000774144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000743936 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000699864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000693248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000692224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000672256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000656896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000614912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\CMFNVSDeviceBridge.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000548352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000540728 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000538624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000516536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000498176 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000498176 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicRuntimes.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000473592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000453944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2020-12-31 13:48 - 2020-12-31 13:48 - 000431104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000406992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000405928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000403456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprdim.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000381440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000379720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000366184 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000345568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000300704 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_AnalogShell.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000281600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000257536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000233984 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloShellRuntime.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2020-12-31 13:48 - 2020-12-31 13:48 - 000211280 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000206848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasplap.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000200008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-12-31 13:48 - 2020-12-31 13:48 - 000199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wecsvc.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000193608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000190056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logoncli.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2020-12-31 13:48 - 2020-12-31 13:48 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\net1.exe
2020-12-31 13:48 - 2020-12-31 13:48 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\HoloShellRuntime.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000172352 _____ (Microsoft Corporation) C:\WINDOWS\system32\PktMon.exe
2020-12-31 13:48 - 2020-12-31 13:48 - 000171008 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
2020-12-31 13:48 - 2020-12-31 13:48 - 000166936 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\edpcsp.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtm.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasman.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twext.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdrsvc.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2020-12-31 13:48 - 2020-12-31 13:48 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\net1.exe
2020-12-31 13:48 - 2020-12-31 13:48 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000136344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\omadmapi.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000135280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netid.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbnetlib.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbnetlib.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdSSDP.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wecutil.exe
2020-12-31 13:48 - 2020-12-31 13:48 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2020-12-31 13:48 - 2020-12-31 13:48 - 000099712 _____ (Microsoft Corporation) C:\WINDOWS\system32\FsIso.exe
2020-12-31 13:48 - 2020-12-31 13:48 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcfgutils.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000097088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PktMon.sys
2020-12-31 13:48 - 2020-12-31 13:48 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000093512 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdSSDP.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcXtrnal.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000084280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2020-12-31 13:48 - 2020-12-31 13:48 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2020-12-31 13:48 - 2020-12-31 13:48 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wecapi.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000077128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000076800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wecutil.exe
2020-12-31 13:48 - 2020-12-31 13:48 - 000073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedsbs.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unenrollhook.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wecapi.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmlocalmanagement.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gmsaclient.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\delegatorprovider.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi_passthru.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\delegatorprovider.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000021320 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi_passthru.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedssync.exe
2020-12-31 13:48 - 2020-12-31 13:48 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcXtrnal.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedssync.exe
2020-12-31 13:48 - 2020-12-31 13:48 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtprio.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2020-12-31 13:48 - 2020-12-31 13:48 - 000000357 _____ C:\WINDOWS\system32\DrtmAuth14.bin
2020-12-31 13:48 - 2020-12-31 13:48 - 000000357 _____ C:\WINDOWS\system32\DrtmAuth13.bin
2020-12-31 13:48 - 2020-12-31 13:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-12-31 13:48 - 2020-12-31 13:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-12-31 13:48 - 2020-12-31 13:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-12-31 13:48 - 2020-12-31 13:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-12-31 13:48 - 2020-12-31 13:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-12-31 13:48 - 2020-12-31 13:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-12-31 13:48 - 2020-12-31 13:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-12-31 13:48 - 2020-12-31 13:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-12-31 13:48 - 2020-12-31 13:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth18.bin
2020-12-31 13:48 - 2020-12-31 13:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth17.bin
2020-12-31 13:48 - 2020-12-31 13:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth16.bin
2020-12-31 13:48 - 2020-12-31 13:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth15.bin
2020-12-31 13:48 - 2020-12-31 13:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-12-31 13:48 - 2020-12-31 13:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-12-31 13:48 - 2020-12-31 13:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-12-31 13:48 - 2020-12-31 13:48 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-12-31 13:47 - 2020-12-31 13:47 - 009925960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-12-31 13:47 - 2020-12-31 13:47 - 007604592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 007274832 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 006526976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 006438400 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 006071392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 005112320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 005003824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 004565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-12-31 13:47 - 2020-12-31 13:47 - 004032776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2020-12-31 13:47 - 2020-12-31 13:47 - 003811328 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 003761664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 003741520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 003656192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 003374808 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 002993480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-12-31 13:47 - 2020-12-31 13:47 - 002799616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-12-31 13:47 - 2020-12-31 13:47 - 002777712 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 002776200 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 002695504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2020-12-31 13:47 - 2020-12-31 13:47 - 002564608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 002307072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 002147328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 002092336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 002023424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 001998936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 001991608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 001957528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 001950256 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 001916760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 001859072 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 001835520 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 001824768 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShell.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 001756600 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-12-31 13:47 - 2020-12-31 13:47 - 001748480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 001743688 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 001698816 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 001673568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 001668336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 001666560 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 001665192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 001653808 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 001647616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmsipc.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 001594368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 001565504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 001513360 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2020-12-31 13:47 - 2020-12-31 13:47 - 001480512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2020-12-31 13:47 - 2020-12-31 13:47 - 001478656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 001393968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 001385472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 001370112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 001366144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-12-31 13:47 - 2020-12-31 13:47 - 001307448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 001259720 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 001182248 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2020-12-31 13:47 - 2020-12-31 13:47 - 001170976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 001154968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 001101312 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 001101312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 001053120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 001048992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 001022264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvstore.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000975872 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000961024 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2020-12-31 13:47 - 2020-12-31 13:47 - 000960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000952320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000942104 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2020-12-31 13:47 - 2020-12-31 13:47 - 000935936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000911872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000899736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000894976 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000893632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000889424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000877056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2020-12-31 13:47 - 2020-12-31 13:47 - 000867840 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000862208 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000851768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000833336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000820224 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winipcsecproc.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000797976 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000793840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputHost.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2020-12-31 13:47 - 2020-12-31 13:47 - 000767984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000752040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2020-12-31 13:47 - 2020-12-31 13:47 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FlightSettings.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.FileExplorer.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000680248 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2020-12-31 13:47 - 2020-12-31 13:47 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000677088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-12-31 13:47 - 2020-12-31 13:47 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000634880 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000618296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000614912 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000607960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000606208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000603648 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000592936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000586552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2020-12-31 13:47 - 2020-12-31 13:47 - 000580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000572200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000564496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2020-12-31 13:47 - 2020-12-31 13:47 - 000551624 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000543360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000539136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000537656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000535064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000535040 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000531472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000527336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000518464 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2020-12-31 13:47 - 2020-12-31 13:47 - 000517120 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000512512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000512000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprdim.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000498176 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000492032 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000480344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000477512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-12-31 13:47 - 2020-12-31 13:47 - 000467944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000461128 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2020-12-31 13:47 - 2020-12-31 13:47 - 000456080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000455680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2020-12-31 13:47 - 2020-12-31 13:47 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000431944 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000423424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SDDS.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-12-31 13:47 - 2020-12-31 13:47 - 000398656 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000394752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskcomp.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000389952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingASDS.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000375520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000372552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2020-12-31 13:47 - 2020-12-31 13:47 - 000355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winipcfile.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000350208 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000344064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-12-31 13:47 - 2020-12-31 13:47 - 000332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2020-12-31 13:47 - 2020-12-31 13:47 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-12-31 13:47 - 2020-12-31 13:47 - 000323904 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000317952 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000309248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2020-12-31 13:47 - 2020-12-31 13:47 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000307200 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\RASMM.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000295936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2020-12-31 13:47 - 2020-12-31 13:47 - 000285568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedynos.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000260304 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoncli.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\schtasks.exe
2020-12-31 13:47 - 2020-12-31 13:47 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000247880 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000244736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpnServiceDS.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasplap.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreCommonProxyStub.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000225104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2020-12-31 13:47 - 2020-12-31 13:47 - 000222536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-12-31 13:47 - 2020-12-31 13:47 - 000222208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netplwiz.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000219648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMPushRouterCore.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-12-31 13:47 - 2020-12-31 13:47 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schtasks.exe
2020-12-31 13:47 - 2020-12-31 13:47 - 000205312 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSoftwareInstallationClient.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000188216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ifsutil.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasman.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\twext.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000179528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2020-12-31 13:47 - 2020-12-31 13:47 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtm.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\netid.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\diskpart.exe
2020-12-31 13:47 - 2020-12-31 13:47 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPTaskScheduler.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000165176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000164792 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000161648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaudite.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaudite.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvcext.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2020-12-31 13:47 - 2020-12-31 13:47 - 000149304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ulib.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000144152 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatialAudioLicenseSrv.exe
2020-12-31 13:47 - 2020-12-31 13:47 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000135280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000132424 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000131584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwbase.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000127576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\btpanui.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertPolEng.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\btpanui.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2020-12-31 13:47 - 2020-12-31 13:47 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000108872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcfgutils.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertPolEng.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2020-12-31 13:47 - 2020-12-31 13:47 - 000101704 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingFilterDS.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000094024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
2020-12-31 13:47 - 2020-12-31 13:47 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManagerApi.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000092424 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhostw.exe
2020-12-31 13:47 - 2020-12-31 13:47 - 000090944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000089344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardDlg.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\unenrollhook.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000072824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msobjs.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\msobjs.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmlocalmanagement.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000059392 _____ C:\WINDOWS\system32\runexehelper.exe
2020-12-31 13:47 - 2020-12-31 13:47 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\amsi.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskSchdPS.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmpostprocessevaluator.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncobjapi.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000051632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel.appcore.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardBi.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scfilter.sys
2020-12-31 13:47 - 2020-12-31 13:47 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2020-12-31 13:47 - 2020-12-31 13:47 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\gmsaclient.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcicda.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TaskSchdPS.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys
2020-12-31 13:47 - 2020-12-31 13:47 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2020-12-31 13:47 - 2020-12-31 13:47 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryCore.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000024792 _____ (Microsoft Corporation) C:\WINDOWS\system32\nsi.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mciwave.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mciseq.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000020144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nsi.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsregtask.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\localui.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtprio.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2020-12-31 13:47 - 2020-12-31 13:47 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2020-12-31 13:46 - 2020-12-31 13:47 - 006196736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 017790976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 007913776 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 007846632 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 006233088 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 005284328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 004685120 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2020-12-31 13:46 - 2020-12-31 13:46 - 004471296 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 004140544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 004005888 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 003735552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 003728384 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-12-31 13:46 - 2020-12-31 13:46 - 003581240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-12-31 13:46 - 2020-12-31 13:46 - 003387904 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 003265024 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 003136512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 002985472 _____ (Microsoft Corporation) C:\WINDOWS\system32\FluencyDS.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 002872320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 002712576 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-12-31 13:46 - 2020-12-31 13:46 - 002656768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 002525184 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 002505496 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 002481664 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 002466296 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 002302976 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmsipc.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 002297856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 002261848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 002138112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 002125416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 002073088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 001968128 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 001952768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 001943552 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 001841152 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 001834296 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 001816528 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 001786368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 001766400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 001751552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 001746240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 001742848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 001656920 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 001632256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 001607680 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 001588224 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 001489408 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-12-31 13:46 - 2020-12-31 13:46 - 001413728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 001385704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 001286576 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2020-12-31 13:46 - 2020-12-31 13:46 - 001285448 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvstore.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 001282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsf3gip.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 001274128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 001184256 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 001152336 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputHost.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 001150272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-12-31 13:46 - 2020-12-31 13:46 - 001127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 001096704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 001083696 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 001075200 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskbarcpl.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 001062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 001029960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2020-12-31 13:46 - 2020-12-31 13:46 - 001017656 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 001014784 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000924160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000919336 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000897536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcsecproc.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000875424 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-12-31 13:46 - 2020-12-31 13:46 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000851968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-12-31 13:46 - 2020-12-31 13:46 - 000830976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000804168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2020-12-31 13:46 - 2020-12-31 13:46 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2020-12-31 13:46 - 2020-12-31 13:46 - 000758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000737792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000733000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000716312 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000683848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000680960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000642008 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-12-31 13:46 - 2020-12-31 13:46 - 000612584 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000598576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000589408 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2020-12-31 13:46 - 2020-12-31 13:46 - 000563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-12-31 13:46 - 2020-12-31 13:46 - 000544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChxAPDS.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000523216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2020-12-31 13:46 - 2020-12-31 13:46 - 000506368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChxHAPDS.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcfile.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000500736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000480768 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreCommonProxyStub.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChtCangjieDS.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000458056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmicmiplugin.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000455680 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChtBopomofoDS.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChtHkStrokeDS.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChsStrokeDS.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChtQuickDS.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-12-31 13:46 - 2020-12-31 13:46 - 000435000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2020-12-31 13:46 - 2020-12-31 13:46 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000425056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000415816 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-12-31 13:46 - 2020-12-31 13:46 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000390144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2020-12-31 13:46 - 2020-12-31 13:46 - 000374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jpndecoder.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChxDecoder.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysFxUI.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000363128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\system32\chxinputrouter.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000344064 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedynos.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000338944 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2020-12-31 13:46 - 2020-12-31 13:46 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MtfDecoder.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000303104 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2020-12-31 13:46 - 2020-12-31 13:46 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000293176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2020-12-31 13:46 - 2020-12-31 13:46 - 000289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\jpnranker.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiCloudStore.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\netman.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ManageCI.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000246592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2020-12-31 13:46 - 2020-12-31 13:46 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-12-31 13:46 - 2020-12-31 13:46 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000214848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ifsutil.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000209208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000200704 _____ C:\WINDOWS\system32\IHDS.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\diskpart.exe
2020-12-31 13:46 - 2020-12-31 13:46 - 000185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.SharedPC.CredentialProvider.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000180024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ulib.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\trie.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.System.UserProfile.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2020-12-31 13:46 - 2020-12-31 13:46 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2020-12-31 13:46 - 2020-12-31 13:46 - 000164864 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2020-12-31 13:46 - 2020-12-31 13:46 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MTFFuzzyDS.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000147728 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\AdvancedEmojiDS.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\VocabRoamingHandler.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinAUG.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwmdmcsp.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcDecoderHost.exe
2020-12-31 13:46 - 2020-12-31 13:46 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000127080 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\DuCsps.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerApi.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Taskbar.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\chxranker.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000117064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2020-12-31 13:46 - 2020-12-31 13:46 - 000116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2020-12-31 13:46 - 2020-12-31 13:46 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MTFSpellcheckDS.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000105272 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\HashtagDS.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000104256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChtAdvancedDS.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\MTFAppServiceDS.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\drmk.sys
2020-12-31 13:46 - 2020-12-31 13:46 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\RuleBasedDS.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpnUserService.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2020-12-31 13:46 - 2020-12-31 13:46 - 000088376 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\jpninputrouter.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2020-12-31 13:46 - 2020-12-31 13:46 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\amsi.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncobjapi.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2020-12-31 13:46 - 2020-12-31 13:46 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\watchdog.sys
2020-12-31 13:46 - 2020-12-31 13:46 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransliterationRanker.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel.appcore.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmojiDS.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcicda.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2020-12-31 13:46 - 2020-12-31 13:46 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\devauthe.sys
2020-12-31 13:46 - 2020-12-31 13:46 - 000047000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2020-12-31 13:46 - 2020-12-31 13:46 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mciwave.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys
2020-12-31 13:46 - 2020-12-31 13:46 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mciseq.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicPS.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregtask.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\bindflt.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsilog.dll
2020-12-31 13:46 - 2020-12-31 13:46 - 000016144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\drmkaud.sys
2020-12-31 13:46 - 2020-12-31 13:46 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\amsiproxy.dll
2020-12-31 13:32 - 2020-12-31 13:32 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-12-31 13:23 - 2020-12-31 13:24 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-12-31 13:23 - 2020-12-31 13:24 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-12-31 13:09 - 2020-12-31 13:09 - 006244920 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2020-12-15 19:24 - 2020-12-15 19:52 - 000000000 ____D C:\Users\Lori\Desktop\Dr Gower

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-05 20:32 - 2019-08-23 03:26 - 000935056 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-01-05 20:32 - 2019-03-18 20:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-01-05 20:32 - 2019-03-18 20:50 - 000000000 ____D C:\WINDOWS\INF
2021-01-05 20:31 - 2016-06-28 21:37 - 000000000 ____D C:\Users\Lori\Documents\YouCam
2021-01-05 20:28 - 2020-03-24 13:05 - 000000000 ____D C:\Users\Lori\AppData\Roaming\Messenger
2021-01-05 20:28 - 2019-02-02 23:01 - 000000000 ____D C:\ProgramData\Mozilla
2021-01-05 20:28 - 2018-01-21 08:58 - 000000000 ____D C:\Program Files\CCleaner
2021-01-05 20:28 - 2018-01-16 21:42 - 000000000 ____D C:\Users\Lori\AppData\Local\AVAST Software
2021-01-05 20:27 - 2016-11-19 10:38 - 000000000 ____D C:\Users\Lori\AppData\LocalLow\Mozilla
2021-01-05 20:26 - 2019-03-18 20:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-01-05 20:26 - 2016-06-28 21:36 - 000000000 __SHD C:\Users\Lori\IntelGraphicsProfiles
2021-01-05 20:24 - 2019-08-23 03:32 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-01-05 20:24 - 2019-03-18 20:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-01-05 20:23 - 2019-11-11 14:29 - 000000000 ____D C:\Program Files\EPSON
2021-01-05 20:23 - 2017-12-09 15:28 - 000000000 ____D C:\ProgramData\AVAST Software
2021-01-05 20:23 - 2017-11-25 19:32 - 000000000 ____D C:\ProgramData\HP
2021-01-05 20:23 - 2017-08-01 22:28 - 000000000 ____D C:\ProgramData\EPSON
2021-01-05 20:23 - 2016-06-28 21:39 - 000000000 ____D C:\Users\Lori\AppData\Roaming\Hewlett-Packard
2021-01-05 20:23 - 2016-06-28 21:39 - 000000000 ____D C:\Users\Lori\AppData\Local\Hewlett-Packard
2021-01-05 20:23 - 2015-11-30 17:28 - 000000000 ____D C:\Program Files\HP
2021-01-05 20:23 - 2015-11-30 17:24 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2021-01-05 20:23 - 2015-11-30 17:23 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2021-01-05 20:23 - 2015-11-24 18:08 - 000000000 _RSHD C:\hp
2021-01-05 20:22 - 2015-11-30 17:24 - 000000000 ____D C:\Program Files\Hewlett-Packard
2021-01-05 20:14 - 2019-08-23 03:32 - 000004162 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{2FD3278C-58E1-46E2-A4FD-4E1B420984D3}
2021-01-05 19:50 - 2019-08-23 03:14 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-01-04 19:37 - 2019-03-18 20:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-01-04 19:13 - 2019-11-11 14:48 - 000000947 _____ C:\WINDOWS\Tasks\EPSON XP-6100 Series Update {38812D91-3318-4F74-A2EB-EC9CB28DB373}.job
2021-01-04 19:12 - 2020-07-19 15:41 - 000003408 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-01-04 19:12 - 2020-07-19 15:41 - 000003184 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-01-04 19:12 - 2019-11-11 14:48 - 000003500 _____ C:\WINDOWS\system32\Tasks\EPSON XP-6100 Series Update {38812D91-3318-4F74-A2EB-EC9CB28DB373}
2021-01-04 19:12 - 2019-08-23 03:32 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-01-04 19:12 - 2019-08-23 03:32 - 000003042 _____ C:\WINDOWS\system32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2021-01-04 19:12 - 2019-08-23 03:32 - 000003040 _____ C:\WINDOWS\system32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec
2021-01-04 19:12 - 2019-08-23 03:32 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-01-04 19:12 - 2019-08-23 03:32 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4228007683-1141738225-1575848267-1001
2021-01-04 19:12 - 2019-08-23 03:32 - 000002674 _____ C:\WINDOWS\system32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec-Logon
2021-01-04 19:12 - 2019-08-23 03:32 - 000002490 _____ C:\WINDOWS\system32\Tasks\YCMServiceAgent
2021-01-04 19:12 - 2019-08-23 03:32 - 000002242 _____ C:\WINDOWS\system32\Tasks\{D11EBAC0-E521-4D28-95DD-31B2D3DC6ECE}
2021-01-04 19:12 - 2019-08-23 03:32 - 000002220 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-01-04 19:12 - 2019-08-23 03:32 - 000002172 _____ C:\WINDOWS\system32\Tasks\DropboxOEM
2021-01-04 19:12 - 2019-08-23 03:32 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2021-01-04 18:28 - 2019-08-23 03:32 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-01-04 18:27 - 2020-10-13 23:48 - 000176384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-01-04 18:27 - 2020-04-26 03:07 - 000522480 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-01-04 18:27 - 2019-01-19 02:26 - 000332880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-01-04 18:27 - 2019-01-05 10:17 - 000247888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-01-04 18:27 - 2019-01-05 10:17 - 000097360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-01-04 18:27 - 2019-01-05 10:17 - 000036792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2021-01-04 18:27 - 2018-10-10 23:00 - 000042424 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-01-04 18:27 - 2018-07-06 18:10 - 000016832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2021-01-04 18:27 - 2017-12-09 15:33 - 000851256 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-01-04 18:27 - 2017-12-09 15:33 - 000469472 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-01-04 18:27 - 2017-12-09 15:33 - 000326064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-01-04 18:27 - 2017-12-09 15:33 - 000208672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-01-04 18:27 - 2017-12-09 15:33 - 000108928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-01-04 18:27 - 2017-12-09 15:33 - 000084496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-01-03 21:56 - 2017-12-04 20:54 - 000000000 ___RD C:\Users\Lori\3D Objects
2021-01-03 21:56 - 2016-04-26 22:39 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-01-03 21:53 - 2020-12-02 16:21 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-01-03 21:53 - 2019-08-23 03:14 - 000448312 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-01-03 21:53 - 2019-03-18 20:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2021-01-03 21:53 - 2019-03-18 20:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2021-01-03 21:53 - 2016-06-28 22:03 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-01-03 21:51 - 2019-03-18 20:52 - 000000000 ____D C:\WINDOWS\TextInput
2021-01-03 21:51 - 2019-03-18 20:52 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-01-03 21:51 - 2019-03-18 20:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-01-03 21:51 - 2019-03-18 20:52 - 000000000 ____D C:\WINDOWS\SystemResources
2021-01-03 21:51 - 2019-03-18 20:52 - 000000000 ____D C:\WINDOWS\system32\setup
2021-01-03 21:51 - 2019-03-18 20:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-01-03 21:51 - 2019-03-18 20:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-01-03 21:51 - 2019-03-18 20:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-01-03 21:50 - 2019-03-18 20:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-01-03 21:50 - 2019-03-18 20:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-01-03 21:50 - 2019-03-18 20:52 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-01-03 21:50 - 2019-03-18 20:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-01-03 21:50 - 2019-03-18 20:52 - 000000000 ____D C:\Program Files\Windows Defender
2021-01-03 21:50 - 2019-03-18 20:52 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2021-01-03 21:48 - 2016-06-28 21:36 - 000000000 ____D C:\Users\Lori\AppData\Roaming\Adobe
2020-12-31 15:17 - 2019-03-18 20:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-12-31 13:58 - 2020-08-25 22:49 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2020-12-31 13:58 - 2019-03-18 20:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-12-31 13:56 - 2016-06-29 02:27 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-12-31 13:55 - 2016-06-29 02:27 - 133736600 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-12-31 13:46 - 2019-08-23 03:17 - 002876928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2020-12-31 13:31 - 2016-06-28 22:03 - 000001239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-12-31 13:27 - 2020-07-19 15:41 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-12-31 13:16 - 2019-08-23 03:20 - 000002371 _____ C:\Users\Lori\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-12-31 13:16 - 2016-06-28 21:39 - 000000000 ___RD C:\Users\Lori\OneDrive
2020-12-31 13:16 - 2015-11-30 17:24 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-12-31 13:09 - 2020-10-19 21:21 - 000842296 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-12-31 13:09 - 2020-10-19 21:21 - 000175160 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2020-12-15 19:17 - 2016-11-27 11:01 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

==================== Files in the root of some directories ========

2016-07-21 20:53 - 2016-07-21 20:53 - 012964920 _____ (Webroot Software, Inc.) C:\Program Files (x86)\Common Files\wruninstall.exe

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

 

ADDITIONAL TEXT:

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-01-2021
Ran by Lori (05-01-2021 20:35:33)
Running from C:\Users\Lori\Downloads
Windows 10 Home Version 1909 18363.1256 (X64) (2019-08-23 11:33:20)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-4228007683-1141738225-1575848267-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4228007683-1141738225-1575848267-503 - Limited - Disabled)
Guest (S-1-5-21-4228007683-1141738225-1575848267-501 - Limited - Disabled)
Lori (S-1-5-21-4228007683-1141738225-1575848267-1001 - Administrator - Enabled) => C:\Users\Lori
WDAGUtilityAccount (S-1-5-21-4228007683-1141738225-1575848267-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4K Video Downloader 4.4 (HKLM-x32\...\{17CEAB50-0275-4D5E-9C11-CF2963C59FA1}) (Version: 4.4.6.2295 - Open Media LLC)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated)
Angel Sound (HKLM-x32\...\{8C8FC4CE-542B-48AA-9804-539A0018C419}) (Version: 5.08.03 - )
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.10.2442 - Avast Software)
BabyLock Sampler Pack (HKLM-x32\...\BabyLock Sampler Pack) (Version:  - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.75 - Piriform)
Cisco Webex Meetings (HKLM-x32\...\{C3900048-3967-4A30-9ACF-D50E9FEB5A48}) (Version: 40.2.18.5 - Cisco Webex LLC)
CSR Harmony Wireless Software Stack (HKLM\...\{17DEA095-8EE1-49A2-AC5A-9663DB098FA9}) (Version: 2.1.63.0 - Cambridge Silicon Radio Limited.)
CyberLink PhotoDirector (HKLM\...\{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.6.7006 - CyberLink Corp.) Hidden
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.6.7006 - CyberLink Corp.)
CyberLink Power Media Player 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.2.5801 - CyberLink Corp.)
CyberLink PowerDirector 12 (HKLM\...\{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.5.4601 - CyberLink Corp.) Hidden
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.5.4601 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\{A9CEDD6E-4792-493e-BB35-D86D2E188A5A}) (Version: 6.0.2.4419 - CyberLink Corp.)
Designer's Gallery ColorWorks (HKLM-x32\...\{EA32F7BA-60B7-43EE-AFDE-95B1CAC0B459}) (Version:  - )
Designer's Gallery Studio (HKLM-x32\...\{5B466707-08E2-4FC3-8FE6-A8C07EB525BC}) (Version:  - )
Designer's Gallery Studio III Version 3.12 (HKLM-x32\...\{1B2A0C4F-27FD-44E2-8BEB-C3E2139C4C18}_is1) (Version:  - BriTon Leap, Inc.)
Dropbox 25 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 1.0.8.2 - Dropbox, Inc.)
Easy Photo Scan (HKLM-x32\...\{9E3F2EC3-7E4F-4F20-A56F-7A24D6E3D39B}) (Version: 1.00.0017 - Seiko Epson Corporation)
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.4.2 - Seiko Epson Corporation)
Epson Event Manager (HKLM-x32\...\{DBC38C08-9FB5-43A5-B6BA-EB10AC7DA570}) (Version: 3.11.0053 - Seiko Epson Corporation)
Epson E-Web Print (HKLM-x32\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION)
Epson Print CD (HKLM-x32\...\{D16A31F9-276D-4968-A753-FFEAC56995D0}) (Version: 2.50.00 - Seiko Epson Corporation)
Epson Printer Connection Checker (HKLM-x32\...\{189DE071-E0BC-4BA5-8E34-83D5ED12600B}) (Version: 3.2.0.0 - Seiko Epson Corporation)
Epson ReadyInk Agent (A) (HKLM-x32\...\{A9B4584F-A29E-4880-97E6-1744B4AF2AF8}) (Version: 1.0.2.0 - Seiko Epson Corporation)
Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version:  - Seiko Epson Corporation)
EPSON Scan OCR Component (HKLM-x32\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 3.00.04 - SEIKO EPSON Corp.)
Epson ScanSmart (HKLM-x32\...\{BF35B9D9-C4A1-40DD-B13C-46F35BD35282}) (Version: 3.5.2 - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{28C66F35-69BF-4376-BC80-4D5F4808FF3C}) (Version: 4.6.1 - Seiko Epson Corporation)
EPSON XP-6100 Series Printer Uninstall (HKLM\...\EPSON XP-6100 Series) (Version:  - Seiko Epson Corporation)
Epson XP-6100 User’s Guide (HKLM-x32\...\UsersGuideEpson XP-6100 User’s Guide_is1) (Version: 1.0 - Epson America, Inc.)
EpsonNet Print (HKLM\...\{96ED1D58-440C-4345-8FEE-C4781366C67F}) (Version: 3.1.4.0 - SEIKO EPSON Corporation)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP)
HP ESU for Microsoft Windows 10 (HKLM-x32\...\{94D0EB60-8B2F-4A80-BA74-3D312434415F}) (Version: 11.2.2 - HP)
InPixio Photo Clip 8 Demo (HKLM-x32\...\{9F45A8A5-0487-4aa6-A67E-46E103C927AD}) (Version: 8.00 - InPixio)
Intel RealSense Training (HKLM-x32\...\Intel RealSense Training) (Version: 1.16 - Intel)
Intel(R) Chipset Device Software (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 25.20.100.6446 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.2.1088 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{5DD8D7E4-87F1-4134-AD28-4228FB1A03BA}) (Version: 6.0.44.0 - Intel Corporation)
Intel(R) WiDi Software Asset Manager (HKLM-x32\...\{86905E62-645F-482E-A417-82C812ABD787}) (Version: 1.1.383 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{64FD4757-7186-4F12-9AA8-5EE809CAB282}) (Version: 17.1.1532.1814 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{f8c930bd-0a68-425f-8c11-87723d1e2c97}) (Version: 20.90.0 - Intel Corporation)
Intel® RealSense™ Depth Camera Manager Beta (x86): dptf_com (HKLM-x32\...\{C982EA5E-7331-11E5-ABE7-2C44FD873B55}) (Version: 2.2.0.52404 - Intel Corporation) Hidden
Intel® RealSense™ Depth Camera Manager F200 (HKLM-x32\...\ARP_for_prd_dcm_runtime_1.4.27.52404) (Version: 1.4.27.52404 - Intel Corporation)
Intel® RealSense™ Depth Camera Manager F200 Gold (x86): Intel® RealSense™ 3D camera IO module (HKLM-x32\...\{6C1D3280-7332-11E5-AD4E-2C44FD873B55}) (Version: 1.4.27.52404 - Intel Corporation) Hidden
Intel® RealSense™ Depth Camera Manager F200 Gold (x86): Intel® RealSense™ Depth Camera Manager Service (HKLM-x32\...\{6C1D3280-7332-11E5-B485-2C44FD873B55}) (Version: 1.4.27.52404 - Intel Corporation) Hidden
Intel® RealSense™ SDK 2014 Runtime  (x86): Core (HKLM-x32\...\{AD1C5601-1C83-41CB-A670-7F02C1D0E72A}) (Version: 4.0.0.52526 - Intel Corporation) Hidden
Intel® RealSense™ SDK 2014 Runtime  (x86): Face Tracking (HKLM-x32\...\{F6B28FF3-A81A-43FC-97D3-5D0F4B69FCF9}) (Version: 4.0.0.52526 - Intel Corporation) Hidden
Intel® RealSense™ SDK 2014 Runtime  (x86): Face Tracking: Models (HKLM-x32\...\{657FF393-C977-470E-B1C5-8235393D3C5E}) (Version: 4.0.0.52526 - Intel Corporation) Hidden
Intel® RealSense™ SDK 2014 Runtime  (x86): Hand Tracking (HKLM-x32\...\{1DA11DE3-2EC9-4DB5-9254-7644AC527476}) (Version: 4.0.0.52526 - Intel Corporation) Hidden
Intel® RealSense™ SDK 2014 Runtime  (x86): Hand Tracking: Models (HKLM-x32\...\{00BD3B4C-3D89-42EA-9E2A-14BFC9A1E3C9}) (Version: 4.0.0.52526 - Intel Corporation) Hidden
Intel® RealSense™ SDK 2014 Runtime  (x86): User Notification Tool files and components (HKLM-x32\...\{D7210241-908A-487E-91C1-6E0E9766CC39}) (Version: 4.0.0.52526 - Intel Corporation) Hidden
Intel® RealSense™ SDK 2014 Runtime (HKLM-x32\...\ARP_for_prd_rs_sdk_runtime_v4_4.0.0.112526) (Version: 4.0.0.112526 - Intel Corporation)
Intel® RealSense™ SDK Runtime (HKLM-x32\...\ARP_for_prd_rs_sdk_runtime_v6_6.0.21.6598) (Version: 6.0.21.6598 - Intel Corporation)
Intel® RealSense™ SDK Runtime Gold (x86): Core (HKLM-x32\...\{EC8ABDF0-358B-11E5-82EB-2C44FD873B55}) (Version: 6.0.21.6598 - Intel Corporation) Hidden
Intel® RealSense™ SDK Runtime Gold (x86): Data Collector (HKLM-x32\...\{E3A02E00-358B-11E5-81F8-2C44FD873B55}) (Version: 6.0.21.6598 - Intel Corporation) Hidden
Intel® RealSense™ SDK Runtime Gold (x86): Hand Tracking (HKLM-x32\...\{D74B980F-358B-11E5-B6FE-2C44FD873B55}) (Version: 6.0.21.6598 - Intel Corporation) Hidden
Intel® RealSense™ SDK Runtime Gold (x86): Hand Tracking: Models (HKLM-x32\...\{ED5C65CF-358B-11E5-9F51-2C44FD873B55}) (Version: 6.0.21.6598 - Intel Corporation) Hidden
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.13426.20404 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.66 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - )
Microsoft OneDrive (HKU\S-1-5-21-4228007683-1141738225-1575848267-1001\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23019 (HKLM-x32\...\{2883cce3-040d-45b1-a27a-07934a6d47ec}) (Version: 14.0.23019.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27027 (HKLM-x32\...\{39e28474-b67b-4209-af1b-e9ad0a83d8ca}) (Version: 14.16.27027.1 - Microsoft Corporation)
Mozilla Firefox 84.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 84.0.1 (x64 en-US)) (Version: 84.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 84.0.1.7660 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10240.29090 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.3.723.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7673 - Realtek Semiconductor Corp.)
SewIconz (HKLM\...\{D0E57EDD-E52F-49C2-91F8-38662C25B0E5}) (Version: 1.8.8 - S & S Computing)
SewWhat-Pro (HKLM\...\{00A96433-8D50-416D-B023-579690127FDA}) (Version: 4.3.6 - S & S Computing)
Speccy (HKLM\...\Speccy) (Version: 1.31 - Piriform)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-2) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-3) (Version: 1.0.33.0 - LunarG, Inc.)
Zoom (HKU\S-1-5-21-4228007683-1141738225-1575848267-1001\...\ZoomUMX) (Version: 5.4.3 (58891.1115) - Zoom Video Communications, Inc.)

Packages:
=========
Amazon -> C:\Program Files\WindowsApps\Amazon.com.Amazon_2018.519.2815.0_x64__343d40qqvtj1t [2020-02-20] (Amazon.com)
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-10] (Autodesk Inc.)
Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_830.5.128.0_x64__8xx8rvfyw5nnt [2020-12-31] (Facebook Inc) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-28] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-28] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-10-24] (Microsoft Studios) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-07-15] (Netflix, Inc.)
Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2019-05-16] (Adobe Systems Incorporated)
Simple Mahjong -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleMahjong_6.0.46.0_x64__kx24dqmazqk8j [2020-12-02] (Random Salad Games LLC)
Simple Solitaire -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_7.0.0.0_x64__kx24dqmazqk8j [2020-12-15] (Random Salad Games LLC)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4228007683-1141738225-1575848267-1001_Classes\CLSID\{B065276E-D509-4005-A891-1805713D61E3}\InprocServer32 -> C:\Program Files\S & S Computing\SewIconz\IconExt\EmbIconExt.dll (S and S Computing -> S & S Computing)
CustomCLSID: HKU\S-1-5-21-4228007683-1141738225-1575848267-1001_Classes\CLSID\{B065276E-D509-4005-A891-1805713D61E4}\InprocServer32 -> C:\Program Files\S & S Computing\SewIconz\IconExt\EmbIconExt.dll (S and S Computing -> S & S Computing)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-01-04] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-01-04] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-01-04] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-01-04] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-01-04] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki131064.inf_amd64_5d13f27a9a9843fa\igfxDTCM.dll [2019-02-17] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-01-04] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-01-04] (Malwarebytes Corporation -> Malwarebytes)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Lori\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\AmazonShopping.lnk -> C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe () -> hxxp://www.amazon.com/gp/bit/amazonbookmark.html?tag=hp2-desktop-us-20&partner=HP
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Priceline.com.lnk -> C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe () -> hxxp://www.priceline.com/?refid=PLHBC6240OPQ&refclickid=square

==================== Loaded Modules (Whitelisted) =============

2019-08-23 04:03 - 2019-08-23 04:03 - 001093120 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80U.DLL
2019-08-23 04:03 - 2019-08-23 04:03 - 000057344 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\MFC80ENU.DLL
2015-12-11 16:14 - 2015-12-11 16:14 - 004968448 _____ (Seiko Epson Corporation) [File not signed] C:\Program Files\EpsonNet\EpsonNet Print\ENSTRMAPIe.dll
2011-04-19 23:03 - 2011-04-20 06:03 - 000120320 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\WINDOWS\System32\E_ILMHBA.DLL
2016-09-14 14:31 - 2016-09-14 14:31 - 000500736 ____S (SEIKO EPSON CORPORATION) [File not signed] C:\WINDOWS\System32\enppmon.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp15-comm.msn.com/?pc=HRTE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp15-comm.msn.com/?pc=HRTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE
HKU\S-1-5-21-4228007683-1141738225-1575848267-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp15-comm.msn.com/?pc=HRTE
HKU\S-1-5-21-4228007683-1141738225-1575848267-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE
SearchScopes: HKLM -> {A7777384-5073-482B-B440-6EE162F4143B} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {A7777384-5073-482B-B440-6EE162F4143B} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-4228007683-1141738225-1575848267-1001 -> {A7777384-5073-482B-B440-6EE162F4143B} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-10-11] (Microsoft Corporation -> Microsoft Corporation)
BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C}
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2011-01-19] (Skype Technologies SA -> Skype Technologies)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 03:04 - 2019-01-03 23:47 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4228007683-1141738225-1575848267-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Lori\Desktop\saved pics\saudisunset.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "EEventManager"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{EADF8AE3-895D-4ABA-B2CC-6FCEAA93D2B6}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [{D63C1068-BDD4-4BB5-9F8C-AEB475D36144}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{ED4BF06F-3A20-40B3-9F19-8BBF8806CE76}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{E13658C7-3E22-4B77-8D5E-4B3A7E59AC08}] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe (Seiko Epson Corporation) [File not signed]
FirewallRules: [{65020E0B-FE12-4781-95B4-449CF6F2BD63}] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe (Seiko Epson Corporation) [File not signed]
FirewallRules: [UDP Query User{E77CE968-FF37-4A78-8D19-06ED1882E28F}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe (Seiko Epson Corporation) [File not signed]
FirewallRules: [TCP Query User{DB08C49D-6C04-436D-A162-302A78A9F206}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe (Seiko Epson Corporation) [File not signed]
FirewallRules: [{F9448A10-190C-426B-8B5F-0064BCF4846B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{EF90504B-68DE-4BF0-A643-7A53C5F9D57F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{2C35D708-0DDB-450D-909E-6B207851BD4F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D6AD89BB-AD00-4EBC-9563-60324D7C26D0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{26BBA07C-371A-41CA-8987-F36D30A9B518}] => (Allow) c:\Program Files\CyberLink\PowerDirector12\PDR10.EXE => No File
FirewallRules: [{8A049967-C9D2-4BAB-A331-0980EAAE4B5B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{50C83094-399D-417D-B01C-036CF1563747}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe (CyberLink Corp. -> CyberLink)
FirewallRules: [{3DF37A9B-5156-41F6-B377-CFA54FAF76CB}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{DABE66B7-2018-4ABF-895B-6FFCEA919EFF}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{EF9FA0E8-0B75-4F64-80AB-FD5D9DD13418}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVD Cinema\PowerDVDCinema.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{BFD23C28-BE5B-4153-8A2A-23BE40FAB844}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe => No File
FirewallRules: [{AA4EB704-1F33-4150-8620-291B24713888}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiAppOld.exe => No File
FirewallRules: [{208E94FB-5CA5-41F5-AAFD-9AC5AE45ED33}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\Next\WirelessDisplay.exe => No File
FirewallRules: [{D99BC69B-730C-4A67-BFBB-A11DE0E5FC05}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\SmartAgentTest.exe => No File
FirewallRules: [{8076C082-530C-4519-836A-18FA5B7E590F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E550CA19-9240-4937-8C4B-93309159A997}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{3B6FE0F7-14F2-44A9-905B-C626EA056D76}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe => No File
FirewallRules: [{C4DA171A-5DFB-425F-A60A-626B706E6375}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe => No File
FirewallRules: [TCP Query User{2C30E041-1482-40EC-AE86-1C05733743DD}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{66AC5714-66C1-4214-B38D-E471E351A14C}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{21BB9FAC-9E27-4B37-A38E-C8778EEAFF8F}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe => No File
FirewallRules: [{3623BE65-3664-4B50-AAC6-14F1503ED5FC}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (Seiko Epson Corporation) [File not signed]
FirewallRules: [{DEB85A22-2064-4B45-B0CF-F579ED7CBB6F}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (Seiko Epson Corporation) [File not signed]
FirewallRules: [{170FA79D-036B-44BD-AEB1-B4D2212B7981}] => (Allow) E:\Network\EpsonNetSetup\ENEasyApp.exe => No File
FirewallRules: [{9A8FABD3-5333-4011-8718-5AD3EF9F3B91}] => (Allow) E:\Network\EpsonNetSetup\ENEasyApp.exe => No File
FirewallRules: [{AA1D3B5F-36AE-45C1-B4F2-46CF670F3FF9}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe (Seiko Epson Corporation) [File not signed]
FirewallRules: [{8EC68AB5-36EE-4BA8-80D3-E7028A82F67C}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe (Seiko Epson Corporation) [File not signed]
FirewallRules: [TCP Query User{A4628DBF-E5D0-4623-BC8E-50DE1345B930}C:\program files\windowsapps\facebook.317180b0bb486_420.7.119.0_x64__8xx8rvfyw5nnt\app\messenger.exe] => (Block) C:\program files\windowsapps\facebook.317180b0bb486_420.7.119.0_x64__8xx8rvfyw5nnt\app\messenger.exe => No File
FirewallRules: [UDP Query User{095EBDD2-64CE-4BEE-839C-CE8ED795B659}C:\program files\windowsapps\facebook.317180b0bb486_420.7.119.0_x64__8xx8rvfyw5nnt\app\messenger.exe] => (Block) C:\program files\windowsapps\facebook.317180b0bb486_420.7.119.0_x64__8xx8rvfyw5nnt\app\messenger.exe => No File
FirewallRules: [TCP Query User{FB2ACA28-4F4D-4A4F-953F-9230B7542A29}C:\program files\windowsapps\facebook.317180b0bb486_480.5.121.0_x64__8xx8rvfyw5nnt\app\messenger.exe] => (Allow) C:\program files\windowsapps\facebook.317180b0bb486_480.5.121.0_x64__8xx8rvfyw5nnt\app\messenger.exe => No File
FirewallRules: [UDP Query User{57F11F6B-5E4A-41FF-B96C-6288E2BD25B8}C:\program files\windowsapps\facebook.317180b0bb486_480.5.121.0_x64__8xx8rvfyw5nnt\app\messenger.exe] => (Allow) C:\program files\windowsapps\facebook.317180b0bb486_480.5.121.0_x64__8xx8rvfyw5nnt\app\messenger.exe => No File
FirewallRules: [TCP Query User{0AD40F03-B186-44EA-BC47-ABD47BA488E2}C:\program files\windowsapps\facebook.317180b0bb486_500.5.130.0_x64__8xx8rvfyw5nnt\app\messenger.exe] => (Block) C:\program files\windowsapps\facebook.317180b0bb486_500.5.130.0_x64__8xx8rvfyw5nnt\app\messenger.exe => No File
FirewallRules: [UDP Query User{7632DAA6-4947-44CD-B922-4326456DAE52}C:\program files\windowsapps\facebook.317180b0bb486_500.5.130.0_x64__8xx8rvfyw5nnt\app\messenger.exe] => (Block) C:\program files\windowsapps\facebook.317180b0bb486_500.5.130.0_x64__8xx8rvfyw5nnt\app\messenger.exe => No File
FirewallRules: [{C78C3D00-FF11-44CF-9D43-7F496AF936F6}] => (Allow) C:\Users\Lori\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{E184239F-6728-482F-83F6-6F6C15F17ECB}] => (Allow) C:\Users\Lori\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{97A74C19-BB34-48D3-95DB-7BA8B09D31C3}] => (Allow) C:\Users\Lori\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [TCP Query User{F5EC0AF7-09D0-4A2F-AB05-103773F36DB5}C:\program files\windowsapps\facebook.317180b0bb486_780.5.114.0_x64__8xx8rvfyw5nnt\app\messenger.exe] => (Allow) C:\program files\windowsapps\facebook.317180b0bb486_780.5.114.0_x64__8xx8rvfyw5nnt\app\messenger.exe => No File
FirewallRules: [UDP Query User{42A5F2BF-8637-417A-81FF-8D21B7BEB004}C:\program files\windowsapps\facebook.317180b0bb486_780.5.114.0_x64__8xx8rvfyw5nnt\app\messenger.exe] => (Allow) C:\program files\windowsapps\facebook.317180b0bb486_780.5.114.0_x64__8xx8rvfyw5nnt\app\messenger.exe => No File
FirewallRules: [{945B924A-DA00-4966-A110-C0347B40EF00}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

31-12-2020 13:23:04 Windows Update
05-01-2021 20:22:20 AdwCleaner_BeforeCleaning_05/01/2021_20:22:20

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (01/05/2021 08:37:39 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3512,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (01/05/2021 08:24:02 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress.
.

Error: (01/05/2021 08:24:02 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]

Error: (01/05/2021 08:24:01 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress.
.

Error: (01/05/2021 08:24:01 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]

Error: (01/05/2021 08:19:14 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (13364,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (01/05/2021 08:12:07 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2272,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (01/05/2021 08:01:56 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (14524,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

System errors:
=============
Error: (01/05/2021 08:27:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The HP Touchpoint Analytics service failed to start due to the following error:
The system cannot find the file specified.

Error: (01/05/2021 08:25:25 PM) (Source: BTHUSB) (EventID: 16) (User: )
Description: The mutual authentication between the local Bluetooth adapter and a device with Bluetooth adapter address (68:5a:cf:b6:18:9b) failed.

Error: (01/05/2021 08:25:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The EpsonCustomerResearchParticipation service failed to start due to the following error:
The system cannot find the file specified.

Error: (01/05/2021 08:24:28 PM) (Source: Application Popup) (EventID: 56) (User: )
Description: ACPI5

Error: (01/05/2021 08:24:05 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\WINDOWS\system32\IntelIHVRouter04.dll

Error: (01/05/2021 08:24:05 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\WINDOWS\system32\IntelIHVRouter04.dll

Error: (01/05/2021 08:23:49 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\WINDOWS\system32\IntelIHVRouter04.dll

Error: (01/05/2021 08:23:02 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The HP Software Framework Service service terminated unexpectedly.  It has done this 1 time(s).

Windows Defender:
===================================
Date: 2019-08-25 00:01:18.674
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:JS/CoinHive.A&threatid=2147729066&enterprise=0
Name: Trojan:JS/CoinHive.A
ID: 2147729066
Severity: Severe
Category: Trojan
Path: file:_C:\ProgramData\AVAST Software\Avast\report\WebShield.txt
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Program Files\AVAST Software\Avast\AvastSvc.exe
Security intelligence Version: AV: 1.299.2771.0, AS: 1.299.2771.0, NIS: 1.299.2771.0
Engine Version: AM: 1.1.16200.1, NIS: 1.1.16200.1

CodeIntegrity:
===================================

Date: 2021-01-05 20:31:49.233
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2021-01-05 20:31:49.213
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2021-01-05 20:31:49.185
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2021-01-05 20:30:41.881
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\AVAST Software\Avast\AvastSvc.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\setup\uat_3384.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2021-01-05 20:26:35.579
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2021-01-05 20:26:35.554
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2021-01-05 20:26:34.606
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2021-01-05 20:26:34.583
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: AMI A0.06 12/24/2015
Motherboard: HP 2B45
Processor: Intel(R) Core(TM) i3-6100T CPU @ 3.20GHz
Percentage of memory in use: 57%
Total physical RAM: 8052.34 MB
Available physical RAM: 3442.58 MB
Total Virtual: 14465.89 MB
Available Virtual: 9806.74 MB

==================== Drives ================================

Drive 😄 (Windows) (Fixed) (Total:909.34 GB) (Free:832.58 GB) NTFS
Drive d: (Recovery Image) (Fixed) (Total:20.88 GB) (Free:2.69 GB) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{4dbfc245-6c45-49b9-9819-7865e125a711}\ () (Fixed) (Total:0.81 GB) (Free:0.37 GB) NTFS
\\?\Volume{838e1644-4804-4593-8331-308742b12af2}\ (SYSTEM) (Fixed) (Total:0.35 GB) (Free:0.27 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: AC914425)

Partition: GPT.

==================== End of Addition.txt =======================

[kevinf80]

Hello lilmama59,

I want to see the produced logs from Malwarebytes and AdwCleaner, not image files... The permission issue you quote is not an error, it is a safety precaution to use administrator priveleges, when you use "Continue" on the alert you can accept the alert...

For malwarebytes log, open Malwarebytes then do the following:

Click on the Detection History tab > from main interface. Then click on "History" that will open to a historical list Double click on the Scan log which shows the Date and time of the scan just performed. Click Export > From export you have two options: Copy to Clipboard - if seleted right click to your reply and select "Paste" log will be pasted to your reply Text file (*.txt) - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply   Please use "Text file (*.txt), then name the file and save to a place of choice, recommend "Desktop" then attach to reply For the AdwCleaner logs navigate to - C:\AdwCleaner\Logs inside that folder are the logs saved as text files post the recent scan and cleaner logs... I also want to see the most recent two Malwarebytes RTP detection logs, to access those do the following: Open Malwarebytes....   Click on the Detection History tab > from main interface. Then click on "History" that will open to a historical list Double click on the RTP Detection log which shows the Date and time of the scan just performed. Click Export > From export you have two options: Copy to Clipboard - if seleted right click to your reply and select "Paste" log will be pasted to your reply Text file (*.txt) - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply   Please use "Text file (*.txt), then name the file and save to a place of choice, recommend "Desktop" then attach to reply Thank you, Kevin

 

 

[lilmama59]

MALWAREBYTE:
1)

Malwarebytes
www.malwarebytes.com

-Log Details-
Protection Event Date: 1/4/21
Protection Event Time: 7:46 PM
Log File: a9f2197e-4f08-11eb-84fb-705a0f2a33d7.json

-Software Information-
Version: 4.3.0.98
Components Version: 1.0.1130
Update Package Version: 1.0.35295
License: Trial

-System Information-
OS: Windows 10 (Build 18362.1256)
CPU: x64
File System: NTFS
User: System

-Blocked Website Details-
Malicious Website: 1
, C:\Program Files (x86)\Mozilla Firefox\firefox.exe, Blocked, -1, -1, 0.0.0, ,

-Website Data-
Category: PUP
Domain: reimageplus.com
IP Address: 161.47.7.14
Port: 443
Type: Outbound
File: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

 

(end)

 

2)

Malwarebytes
www.malwarebytes.com

-Log Details-
Protection Event Date: 1/4/21
Protection Event Time: 7:46 PM
Log File: 95d25ced-4f08-11eb-8485-705a0f2a33d7.json

-Software Information-
Version: 4.3.0.98
Components Version: 1.0.1130
Update Package Version: 1.0.35295
License: Trial

-System Information-
OS: Windows 10 (Build 18362.1256)
CPU: x64
File System: NTFS
User: System

-Blocked Website Details-
Malicious Website: 1
, C:\Program Files (x86)\Mozilla Firefox\firefox.exe, Blocked, -1, -1, 0.0.0, ,

-Website Data-
Category: PUP
Domain: reimageplus.com
IP Address: 161.47.7.14
Port: 443
Type: Outbound
File: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

 

(end)

From current scan today:

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 1/6/21
Scan Time: 7:36 PM
Log File: 98822930-5099-11eb-98b5-705a0f2a33d7.json

-Software Information-
Version: 4.3.0.98
Components Version: 1.0.1130
Update Package Version: 1.0.35357
License: Trial

-System Information-
OS: Windows 10 (Build 18362.1256)
CPU: x64
File System: NTFS
User: System

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Scheduler
Result: Completed
Objects Scanned: 312072
Threats Detected: 0
Threats Quarantined: 0
Time Elapsed: 6 min, 24 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 0
(No malicious items detected)

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)

(end)

===========================================================
AdwCleaner:
1)

# -------------------------------
# Malwarebytes AdwCleaner 8.0.8.0
# -------------------------------
# Build:    10-08-2020
# Database: 2020-12-21.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    01-05-2021
# Duration: 00:00:34
# OS:       Windows 10 Home
# Cleaned:  46
# Failed:   1

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted       C:\ProgramData\AVG_UPDATE_0117TB
Deleted       C:\ProgramData\AVG_UPDATE_0816TB
Deleted       C:\ProgramData\AVG_UPDATE_1016TB

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKCU\Software\APN PIP
Deleted       HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Deleted       HKLM\Software\AVG Secure Search

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted       Preinstalled.EpsonCustomerResearchParticipation   Folder   C:\Program Files\EPSON\EPSONCUSTOMERRESEARCHPARTICIPATION
Deleted       Preinstalled.EpsonCustomerResearchParticipation   Folder   C:\ProgramData\EPSON\EPSONCUSTOMERRESEARCHPARTICIPATION
Deleted       Preinstalled.EpsonCustomerResearchParticipation   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B26449A6-6007-4460-B4FE-C4776115BCEA}
Deleted       Preinstalled.HPCeement   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HPCeeScheduleForLori
Deleted       Preinstalled.HPRegistrationService   Folder   C:\Program Files (x86)\HEWLETT-PACKARD\HP REGISTRATION SERVICE
Deleted       Preinstalled.HPRegistrationService   Folder   C:\ProgramData\HEWLETT-PACKARD\HP REGISTRATION SERVICE
Deleted       Preinstalled.HPRegistrationService   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D1E8F2D7-7794-4245-B286-87ED86C1893C}
Deleted       Preinstalled.HPSupportAssistant   Folder   C:\HP\SUPPORT
Deleted       Preinstalled.HPSupportAssistant   Folder   C:\Program Files (x86)\HEWLETT-PACKARD\HP CUSTOMER FEEDBACK
Deleted       Preinstalled.HPSupportAssistant   Folder   C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted       Preinstalled.HPSupportAssistant   Folder   C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT INFORMATION
Deleted       Preinstalled.HPSupportAssistant   Folder   C:\ProgramData\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted       Preinstalled.HPSupportAssistant   Folder   C:\Users\Lori\AppData\Local\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted       Preinstalled.HPSupportAssistant   Folder   C:\Users\Lori\AppData\Roaming\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted       Preinstalled.HPSupportAssistant   Folder   C:\Windows\System32\config\systemprofile\AppData\Local\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted       Preinstalled.HPSupportAssistant   Registry   HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted       Preinstalled.HPSupportAssistant   Registry   HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted       Preinstalled.HPSupportAssistant   Registry   HKLM\Software\Classes\CLSID\{335F9A62-FE4B-40CD-B4ED-BB4DE21DC95D}
Deleted       Preinstalled.HPSupportAssistant   Registry   HKLM\Software\Wow6432Node\\Classes\CLSID\{335F9A62-FE4B-40CD-B4ED-BB4DE21DC95D}
Deleted       Preinstalled.HPSupportAssistant   Registry   HKLM\Software\Wow6432Node\\Classes\CLSID\{C0ABBA07-B636-47B8-B9E1-BB96D7CD4831}
Deleted       Preinstalled.HPSupportAssistant   Registry   HKLM\Software\Wow6432Node\\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted       Preinstalled.HPSupportAssistant   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted       Preinstalled.HPSupportAssistant   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{55065080-504F-43BB-BE00-36B80D7D39A5}
Deleted       Preinstalled.HPSupportAssistant   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{76272057-98E0-4DC4-AAC3-10C546C47195}
Deleted       Preinstalled.HPSupportAssistant   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}
Deleted       Preinstalled.HPTouchpointAnalyticsClient   Folder   C:\Program Files\HP\HP TOUCHPOINT ANALYTICS CLIENT
Deleted       Preinstalled.HPTouchpointAnalyticsClient   Folder   C:\ProgramData\HP\HP TOUCHPOINT ANALYTICS CLIENT
Deleted       Preinstalled.HPTouchpointAnalyticsClient   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}
Deleted       Preinstalled.HPWelcome   Folder   C:\Program Files\HEWLETT-PACKARD\HP WELCOME
Deleted       Preinstalled.HPWelcome   Folder   C:\ProgramData\HEWLETT-PACKARD\HP WELCOME
Deleted       Preinstalled.HPWelcome   Folder   C:\Users\Lori\AppData\Local\HEWLETT-PACKARD\HP WELCOME
Deleted       Preinstalled.HPWelcome   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\HPWelcome
Deleted       Preinstalled.WildTangentGamesBundle   Folder   C:\Program Files (x86)\WILDTANGENT GAMES
Deleted       Preinstalled.WildTangentGamesBundle   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGDF-hp-barbarians
Deleted       Preinstalled.WildTangentGamesBundle   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGDF-hp-cityofsteam
Deleted       Preinstalled.WildTangentGamesBundle   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGDF-hp-commandandconqueralliances
Deleted       Preinstalled.WildTangentGamesBundle   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGDF-hp-dinostorm
Deleted       Preinstalled.WildTangentGamesBundle   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGDF-hp-fringo
Deleted       Preinstalled.WildTangentGamesBundle   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGDF-hp-vegasworld
Deleted       Preinstalled.WildTangentGamesBundle   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGDF-hp-villagersandheroes
Not Deleted   Preinstalled.HPSupportAssistant   Folder   C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT SOLUTIONS

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [6881 octets] - [05/01/2021 20:17:24]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

2)

# -------------------------------
# Malwarebytes AdwCleaner 8.0.8.0
# -------------------------------
# Build:    10-08-2020
# Database: 2020-12-21.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    01-05-2021
# Duration: 00:00:28
# OS:       Windows 10 Home
# Scanned:  31930
# Detected: 47

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Adware.Heuristic            C:\ProgramData\AVG_UPDATE_0117TB
PUP.Adware.Heuristic            C:\ProgramData\AVG_UPDATE_0816TB
PUP.Adware.Heuristic            C:\ProgramData\AVG_UPDATE_1016TB

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.Legacy             HKCU\Software\APN PIP
PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
PUP.Optional.Legacy             HKLM\Software\AVG Secure Search

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

Preinstalled.EpsonCustomerResearchParticipation   Folder   C:\Program Files\EPSON\EPSONCUSTOMERRESEARCHPARTICIPATION
Preinstalled.EpsonCustomerResearchParticipation   Folder   C:\ProgramData\EPSON\EPSONCUSTOMERRESEARCHPARTICIPATION
Preinstalled.EpsonCustomerResearchParticipation   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B26449A6-6007-4460-B4FE-C4776115BCEA}
Preinstalled.HPCeement   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HPCeeScheduleForLori
Preinstalled.HPRegistrationService   Folder   C:\Program Files (x86)\HEWLETT-PACKARD\HP REGISTRATION SERVICE
Preinstalled.HPRegistrationService   Folder   C:\ProgramData\HEWLETT-PACKARD\HP REGISTRATION SERVICE
Preinstalled.HPRegistrationService   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D1E8F2D7-7794-4245-B286-87ED86C1893C}
Preinstalled.HPSupportAssistant   Folder   C:\HP\SUPPORT
Preinstalled.HPSupportAssistant   Folder   C:\Program Files (x86)\HEWLETT-PACKARD\HP CUSTOMER FEEDBACK
Preinstalled.HPSupportAssistant   Folder   C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Preinstalled.HPSupportAssistant   Folder   C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT INFORMATION
Preinstalled.HPSupportAssistant   Folder   C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT SOLUTIONS
Preinstalled.HPSupportAssistant   Folder   C:\ProgramData\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Preinstalled.HPSupportAssistant   Folder   C:\Users\Lori\AppData\Local\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Preinstalled.HPSupportAssistant   Folder   C:\Users\Lori\AppData\Roaming\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Preinstalled.HPSupportAssistant   Folder   C:\Windows\System32\config\systemprofile\AppData\Local\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Preinstalled.HPSupportAssistant   Registry   HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Preinstalled.HPSupportAssistant   Registry   HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Preinstalled.HPSupportAssistant   Registry   HKLM\Software\Classes\CLSID\{335F9A62-FE4B-40CD-B4ED-BB4DE21DC95D}
Preinstalled.HPSupportAssistant   Registry   HKLM\Software\Wow6432Node\\Classes\CLSID\{335F9A62-FE4B-40CD-B4ED-BB4DE21DC95D}
Preinstalled.HPSupportAssistant   Registry   HKLM\Software\Wow6432Node\\Classes\CLSID\{C0ABBA07-B636-47B8-B9E1-BB96D7CD4831}
Preinstalled.HPSupportAssistant   Registry   HKLM\Software\Wow6432Node\\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Preinstalled.HPSupportAssistant   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Preinstalled.HPSupportAssistant   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{55065080-504F-43BB-BE00-36B80D7D39A5}
Preinstalled.HPSupportAssistant   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{76272057-98E0-4DC4-AAC3-10C546C47195}
Preinstalled.HPSupportAssistant   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}
Preinstalled.HPTouchpointAnalyticsClient   Folder   C:\Program Files\HP\HP TOUCHPOINT ANALYTICS CLIENT
Preinstalled.HPTouchpointAnalyticsClient   Folder   C:\ProgramData\HP\HP TOUCHPOINT ANALYTICS CLIENT
Preinstalled.HPTouchpointAnalyticsClient   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}
Preinstalled.HPWelcome   Folder   C:\Program Files\HEWLETT-PACKARD\HP WELCOME
Preinstalled.HPWelcome   Folder   C:\ProgramData\HEWLETT-PACKARD\HP WELCOME
Preinstalled.HPWelcome   Folder   C:\Users\Lori\AppData\Local\HEWLETT-PACKARD\HP WELCOME
Preinstalled.HPWelcome   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\HPWelcome
Preinstalled.WildTangentGamesBundle   Folder   C:\Program Files (x86)\WILDTANGENT GAMES
Preinstalled.WildTangentGamesBundle   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGDF-hp-barbarians
Preinstalled.WildTangentGamesBundle   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGDF-hp-cityofsteam
Preinstalled.WildTangentGamesBundle   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGDF-hp-commandandconqueralliances
Preinstalled.WildTangentGamesBundle   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGDF-hp-dinostorm
Preinstalled.WildTangentGamesBundle   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGDF-hp-fringo
Preinstalled.WildTangentGamesBundle   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGDF-hp-vegasworld
Preinstalled.WildTangentGamesBundle   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGDF-hp-villagersandheroes

 

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

 

 

 

Those two texts from AdwCleaner might be the same, but I'd rather be safe than sorry! 

Hope this helps 

[kevinf80]

Hello lilmama59,

Thanks for those logs. I want you to male a clean install of Firefox, see if the blocks cease when completed..

Make a "Clean" install Firefox: Use the following link for instructions how to back up your bookmarks, same link can be used to import saved Bookmarks: https://support.mozilla.org/en-US/kb/export-firefox-bookmarks-to-backup-or-transfer To manage Passwords :- https://support.mozilla.org/en-US/kb/password-manager-remember-delete-change-and-import Next, Remove all synced data from Firefox to stop possible re-infection or exploitation. https://support.mozilla.org/en-US/questions/1037353 Next, Go here: http://www.mozilla.org/en-US/ download save the latest version of Firefox.. We will install this later... Next, Lets totally remove Firefox and start over. Go here: https://support.mozilla.org/en-US/kb/uninstall-firefox-from-your-computer and follow those instructions... Ensure when the uninstall completes to navigate to and delete the firefox installation folder (if present): (32-bit Windows) C:\Program Files\Mozilla Firefox (64-bit Windows) C:\Program Files (x86)\Mozilla Firefox It is essential the installation folder is removed. Re-boot your system when that is completed.... Next, To remove all remaining data and profile information... Press "Windows key + R" to open the Run box In the Run box, type in or copy and paste %APPDATA% Click OK. A Windows Explorer window will appear. In this window, choose/open in succession Mozilla > Firefox > Profiles. Select Delete on each entry in reverse, eg Profiles > Delete. Firefox > Delete. Mozilla > Delete. Re-boot your system when complete! Next, Use the Mozilla Firefox installer to reinstall your Browser.... When Firefox is installed and open select these keys together :- Ctrl - Shift - A that will access Addons manger, this gives access to find addons/extensions, use, start, stop or disable those features etc.... uBlock-Origin can be installed from here: https://addons.mozilla.org/en-GB/firefox/addon/ublock-origin/ <<--- Recommended. Malwarebytes Browser Guard (Free) for Firefox: https://addons.mozilla.org/en-GB/firefox/addon/malwarebytes/ <<--- Recommended   Does that make any difference..   Thank you,   Kevin..

[lilmama59]

Hi, sorry I haven't been around in the past few days... got sidetracked

OK:
To manage Passwords :-

https://support.mozilla.org/en-US/kb/password-manager-remember-delete-change-and-import

Next,

Remove all synced data from Firefox to stop possible re-infection or exploitation.

https://support.mozilla.org/en-US/questions/1037353
 

Those two I never have to worry because I don't save passwords in my FF and I don't have FF email to sync with anything so I 'm good
Got the bookmarks squared away...

After I get the FF removed and reinstalled...  there's two add-ins I should be aware of...?
uBlock-Origin can be installed from here: https://addons.mozilla.org/en-GB/firefox/addon/ublock-origin/ <<--- Recommended.

Malwarebytes Browser Guard (Free) for Firefox: https://addons.mozilla.org/en-GB/firefox/addon/malwarebytes/ <<--- Recommended

The first puzzled me, and I wondered if it's recommended or I don't have to use it?

The second will be my best bet to use it in my browser

I don't feel I'd need to use both..  one or the other would be enough for ME. 

 

 

[lilmama59]

I'm sorry to say that the blocks are still there after all the hoops I jumped thru LOL... I still see this annoying icon when I want to change, or delete a file..

 

[kevinf80]

Can you post a couple of logs showing what is being blocked...

[AdvancedSetup]

Due to the lack of feedback, this topic is closed to prevent others from posting here.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this topic. Other members who need assistance please start your own topic in a new thread.

Tips to help protect from infection

Thanks